precedence: bulk
Subject: Risks Digest 20.54
RISKS-LIST: Risks-Forum Digest Sunday 15 August 1999 Volume 20 : Issue 54
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <URL:
http://catless.ncl.ac.uk/Risks/20.54.html>
and at ftp.sri.com/risks/ .
Contents:
MCI WorldCom frame-relay network problems (PGN)
"Spy Who Messaged Me" -- now playing at Microsoft! (NewsScan)
High-flying hijinks: canine passenger sinks teeth into plane (Paul Costalas)
Risks of the modern train (Ben Hutchings)
Car won't start if payments are delinquent (Daniel P. B. Smith)
Salary payment diskettes intercepted and manipulated (Peter Fokker)
Risks of Internet Explorer 5 (Lloyd Wood)
Refrigerator gasket frozen out (Ted Lee)
Y2K upgrade went 'horribly wrong', admits utility giant (Doneel Edelson)
Government: Lessening risks through encryption (Alan DeKok)
Having private services such as voicemail on shared phones (David Crooke)
Re: NCIC 2000 (Stephen Fairfax)
Computers, Freedom, and Privacy: CFP for CFP (Bruce R Koball)
Abridged info on RISKS (comp.risks)
----------------------------------------------------------------------
Date: Sat, 13 Aug 1999 10:12:17 PDT
From: "Peter G. Neumann" <
[email protected]>
Subject: MCI WorldCom frame-relay network problems
Almost one-third of MCI WorldCom's long-distance frame-relay network
customers experienced difficulties, beginning on 5 Aug 1999, apparently as a
result of a Lucent software and hardware during a network upgrade. (AT&T
had a similar outage in April 1999.) The Chicago Board of Trade trading
system failed, and problems there persisted into the following week. ATMs
(teller machines) were rendered inoperative. [We await a more definitive
analysis than could be gleaned from the various media reports.]
------------------------------
Date: Fri, 13 Aug 1999 08:11:18 -0700
From: "NewsScan" <
[email protected]>
Subject: "Spy Who Messaged Me" -- now playing at Microsoft!
In the middle of the Microsoft-AOL battle over Microsoft's attempt to clone
AOL's Instant Messaging system (which allows users to chat over the
Internet), an unidentified "overpassionate" Microsoft employee has
embarrassed the company by getting caught in a little industrial espionage.
The rogue spy, whom Microsoft has acknowledged to be almost certainly one
of its employees, falsely alleged in a message sent under a bogus identity
that the AOL program contains an error responsible for creating a security
vulnerability. (*The New York Times*, 13 Aug 1999)
http://www.nytimes.com/library/tech/99/08/biztech/articles/13soft.html
[NewsScan Daily, 13 August 1999; reproduced with permission.
To subscribe or unsubscribe to NewsScan Daily, send an e-mail message to
[email protected] with 'subscribe' or 'unsubscribe' in subject line.]
------------------------------
Date: Fri, 6 Aug 1999 17:33:03 -0400
From:
[email protected]
Subject: High-flying hijinks: canine passenger sinks teeth into plane
Read the full story at the address below:
http://www.phillynews.com/inquirer/99/Aug/06/national/DOG06.htm ["Spread
the news" is a service of Philadelphia Online
http://www.phillynews.com]
This is a very interesting story about how a dog in the cargo bay was able
to free itself and almost bring down a 767. The dog had managed to "gnaw
into wires" that affected the landing gear, flaps, and cockpit warning
lights.
They are trying to figure out how the dog got out of its cage. I wonder if
anyone is focusing on why the wires were accessible to the animal. I am not
an aviation expert, but could the wires be accidentally cut by a sharp edge,
etc.? Why aren't the wires better protected?
Or is this the act of an angry animal striking out at the owners who
neutered him?
Paul J. Costalas <
[email protected]>
[Perhaps the dog was tired of listening to all that electrical energy
flowing, and was a wire-heard terrier? PGN]
------------------------------
Date: Fri, 6 Aug 1999 23:11:08 +0100
From: Ben Hutchings <
[email protected]>
Subject: Risks of the modern train
I was quite impressed by the apparent quality of the new rolling stock of
the Anglia train I caught from Ely last Friday evening.
This changed somewhat when I realised that although it was getting dark
outside there were no lights on in my carriage. I turned on the back-light
of my palm computer and continued to use it. Then, a few minutes later, I
felt the need to use the lavatory. When I turned around to walk up the
train, I saw that the next carriage was properly lit. In the lavatory there
was no light - and no flush, no water and no hand-drier. This is because
they all relied on electronic sensors. Furthermore, the doors to the next
carriage were also inoperative! Thankfully, the announcement system and the
doors to the outside did work.
I moved up the train at the next station and found another lavatory. This
one was designed for use by wheelchair users (as well as the able-bodied).
The door is operated by yet more electronic switches - an open/close button
and a lock button with a indicator. There are no instructions explaining
what these do - just those labels. The open/close button works as I
expected. By observation I deduced that the indicator is unlit when the
door is open, flashing when it is closed but unlocked, and constantly lit
when it is locked. The lock button takes the door from the closed state to
the locked state or from the locked state to the open state. This behaviour
does not seem very intuitive to me, and I have dealt with some fairly arcane
interfaces! It was not until I left the lavatory that I understood that I
had not successfully locked it.
I overheard two members of the train staff talking about the problems of the
train. One described a potential denial-of-service in this toilet. It is
apparently possible to put the door in the locked state by pressing the lock
button while it is closing; this means that an attacker can press both
buttons and leave before the door has completely closed. However, the door
closes shortly after an occupant leaves, and this leads me to suspect that
there is an IR presence detector within the lavatory that affects the door
behaviour.
------------------------------
Date: Sat, 14 Aug 1999 12:01:29 -0400 (EDT)
From: "Daniel P. B. Smith" <
[email protected]>
Subject: Car won't start if payments are delinquent
*The Boston Globe*, 14 Aug 1999, p.3, carries an AP story. A Detroit auto
dealer sold cars to people with bad credit containing "a high-tech dashboard
device that prevents cars from starting if the customer is delinquent on
payments." The story says that "customers get a six-digit code when they
pay their bills every week. If they punch the proper code into the device,
the car can be started. If more than a week passes without a new code, the
car will not start."
Two customers contend that the "On-Time Device" shut off their cars _while
driving_ and are suing.
The RISK here is that computer technology is enabling the invention and
_rapid_ proliferation of _new_ machinery which is intended to directly and
physically enforce policy. From a technical standpoint, the device is not
very different from the aftermarket antitheft device I installed on my own
car, which similarly a) uses digital technology, and b) interferes with
the starting circuits. I worry about its reliability, of course. The big
difference is that an ignition lock malfunction puts the _purchaser_ at
risk, so presumably market forces would work to insure reliability. The
"On-Time Device" puts someone _other_ than the device's purchaser at risk.
Daniel P. B. Smith <
[email protected]>
------------------------------
Date: Fri, 06 Aug 1999 06:32:34 +0100 (CET)
From:
[email protected] (Peter Fokker)
Subject: Salary payment diskettes intercepted and manipulated
My local newspaper (NRC/Handelsblad, 5 August 1999) reports about a
successful way to steal money by intercepting diskettes with payment
information that are sent - by mail or via a courier service - to the bank
subsidiary (Interpay) that handles this kind of payments for all banks here
in The Netherlands.
The intercepted diskettes were "cracked" and the swindlers changed one or
more destination bank account numbers and amounts, "repaired" the diskettes
and sent them to Interpay as if nothing happened.
Some twenty people have been arrested. The damages, "a few million NLG" (1
USD = 2 NLG), for the bank's customers have been compensated by the bank. It
is unclear where the diskettes were intercepted (NL Postal services, the
courier or within Interpay). Interpay and the combined banks have announced
measures for better protection of these diskettes and the transportation
thereof.
The RISKS are obvious. I would say: be very concerned when someone tells you
that "the cheque is in the mail".
--Peter Fokker
------------------------------
Date: Fri, 6 Aug 1999 16:09:51 +0100 (BST)
From: Lloyd Wood <
[email protected]>
Subject: Risks of Internet Explorer 5
http://msdn.microsoft.com/workshop/essentials/versions/ICPIE5.asp
To pick one example from that page:
AutoComplete speeds the collection of demographic information by
making it easier to fill out online forms. AutoComplete provides a
drop-down list of items that the user has previously entered in a
particular text box on a Web page. When the user selects the item,
it is automatically put into the field (except for password fields).
The feature is very useful on its own, but its real power shines
through when the benefit is transferred between Web sites. Once you
mark your input tags with AutoComplete attributes, your users won't
have to retype common elements -- such as names, telephone numbers,
and e-mail addresses -- because they will have already filled in
this information on someone else's site. Internet Explorer stores
the form field entries in a secure, client-side store.
1. Don't let anyone else use Internet Explorer 5 on your machine.
They might get ideas when filling in forms, and use your personal
information instead of typing in their own.
2. client-side is not necessarily secure, as has been previously
demonstrated many times.
3. This assumes that password fields are indicated as such; a
risk in itself.
<
[email protected]>PGP<
http://www.ee.surrey.ac.uk/Personal/L.Wood/>
------------------------------
Date: Wed, 11 Aug 1999 08:32:00 -0500
From:
[email protected]
Subject: Refrigerator gasket frozen out
Seeing the item in RISKS-20.53 about a cellphone endangering a plane
reminded me of a recent incident that gave me pause to realize that
sometimes people may take reasonable precautions. The magnetic gasket on
our refrigerator is wearing out so I called around the local appliance parts
shops to find one. It turns out that even though (or perhaps because) it is
a major brand, there are so many variations they aren't stocked locally
(Minneapolis) and it had to be shipped from a Chicago warehouse. I was told
I did *not* have the option of air freight or express: it had to go surface
because it was regarded as hazardous cargo. I assume that is because it is
essentially one big magnet that there is concern it might interfere with
navigation -- but does anyone actually know of an incident or two that might
have given rise to that concern? After all, modern planes don't use
magnetic compasses anymore, it ain't *that* strong a magnet, and I can't
think that its motion in the belly of the plane would generate strong enough
radio waves to be of concern.
Ted Lee
------------------------------
Date: Thu, 12 Aug 1999 16:55:51 -0400
From: "Edelson, Doneel" <
[email protected]>
Subject: Y2K upgrade went 'horribly wrong', admits utility giant
London Electricity has admitted its Y2K upgrade for 400,000 prepayment
customers (costing 2 million pounds) went ``horribly wrong'', leaving 2000
customers without power and light for days, and another 2000 having
``difficulties''. The process of providing new Rechargeable Powerkeys to
customers was in progress, but for a fourth of the clients the payment
credit did not get transferred or their meters were corrupted. A similar
upgrade in Sussex was done at the same time, which compounded the problems.
[Source: Mike Simons, *Computer Weekly News*, 12 August 1999; PGN-ed]
------------------------------
Date: Tue, 10 Aug 1999 08:50:50 -0400
From: Alan DeKok <
[email protected]>
Subject: Government: Lessening risks through encryption
This is one of the happier risks related items I've seen in a while. The
local provincial government has actually *recommended* the use of encryption
to secure e-mail.
http://www.wired.com/news/news/politics/story/21140.html
While the US Congress recoils in horror at the prospect of a
population armed with cryptographic tools, a government department in
Ontario wants to make it clear that encryption is good.
More than that, in a paper released Thursday, the Ontario Information
and Privacy Commission said it wants everyone to learn to use encryption.
The paper is available at:
http://www.ipc.on.ca/Web_site.ups/MATTERS/SUM_PAP/PAPERS/encrypt.htm
Some good quotes from the Introduction:
Does it really matter who reads your e-mails? If the answer is no,
then e-mail encryption could be a potentially cumbersome
luxury. However, if you e-mail sensitive, personal, or business
information, then encryption is likely a necessity. [...]
Those people who use some form of encryption system relax comfortably
at their keyboards. Nonetheless, they feel a cold chill each time
someone reports a new security hole. Some holes are found in the
encryption tools. More often though, the application that uses the
encryption tool has bugs. Internet browser applications are prone to
this due to their large size and complexity. While the cryptographic
component might remain secure, back door bugs to the application can
nullify the value of the e-mail encryption.
------------------------------
Date: Sat, 07 Aug 1999 00:03:09 -0500
From: David Crooke <
[email protected]>
Subject: Having private services such as voicemail on shared phones
Many hotels now offer phones in rooms with services such as voicemail. I
checked into one such establishment recently, and was surprised to find a
message already waiting as I always use a mobile phone when travelling.
Needless to say, the message turned out to be for someone else, presumably
the previous occupant, and was somewhat (ahem) personal in content, and I
hastily deleted it.
When I returned the following evening the message light was on again, the
voicemail software having seemingly requeued the message. This went on all
week, and I presume will be causing blushes for some time.
David Crooke, Austin TX, USA. +1 (512) 656 6102
"Open source software - with no walls and fences, who needs Windows and Gates?"
------------------------------
Date: Thu, 12 Aug 1999 19:39:12 -0400
From: Stephen Fairfax <
[email protected]>
Subject: Re: NCIC 2000 (Fenner, RISKS-20.53)
>5) One wonders how long it will be until this system will be used as a
>method of collecting and storing fingerprints on citizens not convicted--or
>even charged with--any crime.
That particular RISK predates the NCIC 2000 system.
A Massachusetts law effective October, 1998 requires all owners of firearms
to report to their local police stations for full 10-print fingerprints and
digital mug shots. The fingerprints and mug shots are forwarded (by law)
to the Criminal History Systems Board. This agency "serves as the hub for
information services for the law enforcement and criminal justice
communities." (see
http://www.magnet.state.ma.us/chsb/about.htm) The same
agency provides access to the FBI NCIC and to all 49 state criminal justice
databases. While the web page does not go into details, does any long time
RISKS reader doubt that the access is reciprocal? What are the RISKS
associated with having the de facto equivalent of a criminal record?
What is particularly ironic about the new licensing requirement is that
(legal) firearms ownership has long been limited to those persons who have
no criminal record. Thus, the statute mandates the collection and
dissemination of fingerprints from people who are known to have committed no
crime.
Stephen Fairfax <
[email protected]>
------------------------------
Date: Thu, 12 Aug 1999 13:48:26 -0700 (PDT)
From: Bruce R Koball <
[email protected]>
Subject: Computers, Freedom, and Privacy: CFP for CFP
The Tenth Conference on Computers Freedom and Privacy
CFP2000: CHALLENGING THE ASSUMPTIONS
http://www.cfp2000.org
The Westin Harbour Castle Hotel
Toronto, Ontario, Canada
April 4-7, 2000
The Program Committee of the Tenth Conference on Computers, Freedom,
and Privacy (CFP2000) is seeking proposals for conference sessions and
speakers.
We are seeking proposals for tutorials, plenary sessions, workshops,
and birds-of-a-feather sessions. We are also seeking suggestions for
speakers and topics. Sessions should present a wide range of thinking
on a topic by including speakers from different viewpoints. Complete
submission instructions appear on the CFP2000 web site at
http://www.cfp2000.org/submissions/. All submissions must be received
by October 15, 1999. The CFP2000 Program Committee will notify
submitters of the status of their proposals by December 3.
Workshop on Freedom and Privacy by Design (first day of CFP 2000)
Complete submission instructions are available at
http://www.cfp2000.org/workshop/
Program Chair: Lorrie Cranor, AT&T Labs-Research
FOR MORE INFORMATION VISIT
http://www.cfp2000.org/
------------------------------
Date: 23 Sep 1998 (LAST-MODIFIED)
From:
[email protected]
Subject: Abridged info on RISKS (comp.risks)
The RISKS Forum is a MODERATED digest. Its Usenet equivalent is comp.risks.
=> SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent)
if possible and convenient for you. Alternatively, via majordomo,
SEND DIRECT E-MAIL REQUESTS to <
[email protected]> with one-line,
SUBSCRIBE (or UNSUBSCRIBE) [with net address if different from FROM:] or
INFO [for unabridged version of RISKS information]
.MIL users should contact <
[email protected]> (Dennis Rears).
.UK users should contact <
[email protected]>.
=> The INFO file (submissions, default disclaimers, archive sites,
copyright policy, PRIVACY digests, etc.) is also obtainable from
http://www.CSL.sri.com/risksinfo.html ftp://www.CSL.sri.com/pub/risks.info
The full info file will appear now and then in future issues. *** All
contributors are assumed to have read the full info file for guidelines. ***
=> SUBMISSIONS: to
[email protected] with meaningful SUBJECT: line.
=> ARCHIVES are available:
ftp://ftp.sri.com/risks or
ftp ftp.sri.com<CR>login anonymous<CR>[YourNetAddress]<CR>cd risks
[volume-summary issues are in risks-*.00]
[back volumes have their own subdirectories, e.g., "cd 19" for volume 19]
or
http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue].
PostScript copy of PGN's comprehensive historical summary of one liners:
illustrative.PS at ftp.sri.com/risks .
------------------------------
End of RISKS-FORUM Digest 20.54
************************
