precedence: bulk
Subject: Risks Digest 20.88
RISKS-LIST: Risks-Forum Digest Sunday 14 May 2000 Volume 20 : Issue 88
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <URL:
http://catless.ncl.ac.uk/Risks/20.88.html>
and by anonymous ftp at ftp.sri.com, cd risks .
Contents:
Love Letter Worm, CERT Advisory CA-2000-04 (CERT)
Mainstream media get a clue about Microsoft security (Russ Cage)
Peacefire: Eudora "Stealth Attachment" Security Hole Discovered
(Bennett Haselton)
Netscape Navigator Improperly Validates SSL Sessions, CERT Advisory CA-2000-05
(CERT)
FBI gun-check computer crashes (Declan McCullagh)
Risk: Selective denial of GPS signals (Mike Fisk)
Phone fault sparks sausage frenzy (Ian Simpson)
Network trashcan (Conrad Heiney)
Stupid appliance ideas (Lloyd Wood)
netzero: defenders of the free world? (Laurentiu Badea)
Re: Security experts discover rogue code in Microsoft software (Russ Cooper)
Re: Encryption code protected by First Amendment (Terry Carroll)
Re: Hotmail wants to know... (Jon Ribbens)
Re: No, Virginia (Mark Brader)
Abridged info on RISKS (comp.risks)
----------------------------------------------------------------------
Date: Thu, 4 May 2000 20:43:48 -0400 (EDT)
From: CERT Advisory <
[email protected]>
Subject: Love Letter Worm, CERT Advisory CA-2000-04
[Always check the CERT Web site for updates on any CERT Advisory that
is included in RISKS. This item is a starkly abridged version of the
original Advisory 2000-04. Subsequent to the first appearance of
ILOVEYOU, there have been numerous copycat variants, and assessments
of damage on the order of many billion dollars.]
[HOWEVER, please take a look at my written testimony on ILOVEYOU and
its wider implications, which I submitted to the House Science Committee
Subcommittee on Technology on 10 May 2000, Risks in Our Information
Infrastructures: The Tip of a Titanic Iceberg Is Still All That Is
Visible --
http://www.csl.sri.com/neumann/house00.html
PGN]
CERT Advisory CA-2000-04 Love Letter Worm
Original release date: May 4, 2000
Last revised: --
Source: CERT/CC
Systems Affected
* Systems running Microsoft Windows with Windows Scripting Host enabled
Overview
The "Love Letter" worm is a malicious VBScript program which spreads
in a variety of ways. As of 2:00pm EDT(GMT-4) May 4, 2000 -- the CERT
Coordination Center has received reports from more than 250 individual
sites indicating more than 300,000 individual systems are affected. In
addition, we have several reports of sites suffering considerable
network degradation as a result of mail, file, and web traffic
generated by the "Love Letter" worm.
I. Description
You can be infected with the "Love Letter" worm in a variety of ways,
including electronic mail, Windows file sharing, IRC, USENET news and
possibly via webpages. Once the worm has executed on your system, it
will take the actions described in the Impact section.
Electronic Mail
When the worm executes, it attempts to send copies of itself using
Microsoft Outlook to all the entries in all the address books. The
mail it sends has the following characteristics:
* An attachment named "LOVE-LETTER-FOR-YOU.TXT.VBS"
* A subject of "ILOVEYOU"
* A body which reads "kindly check the attached LOVELETTER coming
from me."
People who receive copies of the worm via electronic mail will most
likely recognize the sender. We encourage people to avoid executing
code, including VBScripts, received through electronic mail regardless
of the sender without firsthand prior knowledge of the origin of the
code.
Internet Relay Chat
When the worm executes, it will attempt to create a file named
script.ini in any directory that contains certain files associated
with the popular IRC client mIRC. The script file will attempt to send
a copy of the worm via DCC to other people in any IRC channel joined
by the victim. We encourage people to disable automatic reception of
files via DCC in any IRC client.
Executing Files on Shared File Systems
When the worm executes, it will search for certain types of files and
replace them with a copy of the worm (see the Impact section for more
details). Executing (double clicking) files modified by other infected
users will result in executing the worm. Files modified by the worm
may also be started automatically, for example from a startup script.
Reading USENET News
There have been reports of the worm appearing in USENET newsgroups.
The suggestions above should be applied to users reading messages in
USENET newsgroups.
II. Impact
When the worm is executed, it takes the following steps:
Replaces Files with Copies of the Worm
When the worm executes, it will search for certain types of files and
make changes to those files depending on the type of file. For files
on fixed or network drives, it will take the following steps:
* For files whose extension is vbs or vbe it will replace those
files with a copy of itself.
* For files whose extensions are js, jse, css, wsh, sct, or hta, it
will replace those files with a copy of itself and change the
extension to vbs. For example, a file named x.css will be replaced
with a file named x.vbs containing a copy of the worm.
* For files whose extension is jpg or jpeg, it will replace those
files with a copy of the worm and add a vbs extension. For
example, a file named x.jpg will be replaced by a file called
x.jpg.vbs containing a copy of the worm.
* For files whose extension is mp3 or mp2, it will create a copy of
itself in a file named with a vbs extension in the same manner as
for a jpg file. The original file is preserved, but its attributes
are changed to hidden.
Since the modified files are overwritten by the worm code rather than
being deleted, file recovery is difficult and may be impossible.
Users executing files that have been modified in this step will cause
the worm to begin executing again. If these files are on a filesystem
shared over a local area network, new users may be affected.
Creates an mIRC Script
While the worm is examining files as described in the previous
section, it may take additional steps to create a mIRC script file. If
the file name being examined is mirc32.exe, mlink32.exe, mirc.ini,
script.ini or mirc.hlp, the worm will create a file named script.ini
in the same folder. The script.ini file will contain:
[script]
n0=on 1:JOIN:#:{
n1= /if ( $nick == $me ) { halt }
n2= /.dcc send $nick DIRSYSTEM\LOVE-LETTER-FOR-YOU.HTM
n3=}
where DIRSYSTEM varies based on the platform where the worm is
executed. If the file script.ini already exists, no changes occur.
This code appears to define a script such that whenever the user joins
a channel in IRC, a copy of the worm will be sent to others on the
channel via DCC. The script.ini file is created only once per folder
processed by the worm.
Modifies the Internet Explorer Start Page
If the file <DIRSYSTEM>\WinFAT32.exe exists, the worm sets the
Internet Explorer Start page to one of four randomly selected URLs.
These URLs all refer to a file named WIN-BUGSFIX.exe, which presumably
contains malicious code. The worm checks for this file in the Internet
Explorer downloads directory, and if found, it is added to the list of
programs to run at reboot. The Internet Explorer Start page is then
reset to "about:blank". Information about the impact of running
WIN-BUGSFIX.exe will be added to this document as soon as it is
available.
Send Copies of Itself via E-mail
The worm will attempt to use Microsoft Outlook to send copies of
itself to all entries in all address books as described in the
Description section.
Other Modified Registry Keys
In addition to other changes, the worm updates the following registry
keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\MSKernel32
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\Win32DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\WIN-BUGSFIX
HKCU\Software\Microsoft\Windows Scripting Host\Settings\Timeout
HKCU\Software\Microsoft\Internet Explorer\Main\Start Page
HKCU\Software\Microsoft\WAB\*
III. Solution
Update Your Anti-Virus Product [...]
Disable Windows Scripting Host [...]
Disable Active Scripting in Internet Explorer [...]
Disable Auto-DCC Reception in IRC Clients [...]
Filter Virus in E-Mail [...]
Sendmail [...]
PostFix [...]
Procmail [...]
Exercise Caution When Opening Attachments [...]
Appendix A. Anti-Virus Vendor Information [...]
[The full Advisory as updated is available from:
http://www.cert.org/advisories/CA-2000-04.html]
CERT/CC Contact Information
E-mail:
[email protected]
Phone: +1 412-268-7090 (24-hour hotline)
Fax: +1 412-268-6989
Postal address:
CERT Coordination Center
Software Engineering Institute
Carnegie Mellon University
Pittsburgh PA 15213-3890
U.S.A.
CERT personnel answer the hotline 08:00-20:00 EST(GMT-5) / EDT(GMT-4)
Monday through Friday; they are on call for emergencies during other
hours, on U.S. holidays, and on weekends.
Conditions for use, disclaimers, and sponsorship information [...]
Copyright 2000 Carnegie Mellon University.
[PGN-ed for RISKS.]
------------------------------
Date: Fri, 5 May 2000 10:01:20 -0700 (PDT)
From: Russ Cage <
[email protected]>
Subject: Mainstream media get a clue about Microsoft security
In the flurry of news about the LoveBug virus, this article stands out:
http://news.bbc.co.uk/low/english/sci/tech/newsid_737000/737396.stm.
It represents one of the first mainstream media pieces to note that
the problem with computer viruses is enabled by Microsoft's designs
and wouldn't exist without them.
``Peter Sommer... told BBC News Online that Microsoft created these by
building in to their software the tools needed to customize applications.
Microsoft customers are going to have to ask the company to review very
carefully the level of functionality that they are putting into their
systems. [...] One has got to ask why products are put out which contain
these programming languages, which may be of use to perhaps only 3 to 4% of
the customers but for everyone else presents a considerable threat. [...]
These features are also very difficult to turn off. The lesson from Love Bug
is that people must be able to kill off this programming functionality
within applications programs."
Other experts from virus companies are quoted as deflecting the blame from
Microsoft, but their business interests depend on there being viruses to
stop. If the Windows security model made it very difficult for viruses to
propagate, these companies would probably not exist any more.
------------------------------
Date: Thu, 27 Apr 2000 18:35:39 -0500
From: Bennett Haselton <
[email protected]>
Subject: Peacefire: Eudora "Stealth Attachment" Security Hole Discovered
Peacefire has discovered a security hole in all versions of Eudora mail for
Windows, that can allow a hacker to execute code on a user's machine, by
sending the user e-mail and having them click on a link:
http://www.peacefire.org/security/stealthattach/
(For example, a Eudora user would see this message with the URL above made
into a hyperlink so that you can click on it and load it into your browser.
Using the "stealth attachment" security exploit, you can force code to run
on the user's machine when they click on the link. Don't worry, *this*
message is safe :-) But you can go to the above URL and request a
"demonstration mail" to be sent to you.)
Security holes that allow you to run code on a remote user's machine just by
sending them e-mail, are extremely dangerous -- a hacker could use this to
steal or erase any classified data on a remote user's hard drive, even if
that user were behind a corporate firewall and had anti-virus software
running. A virus writer could use the exploit to write a virus that could
spread to almost all Eudora users -- numbering in the millions -- and
potentially do hundreds of millions of dollars' worth of damage. (Unlike
most such tricks, this exploit does not require the user to do anything
"naive", like run an .exe that is sent to them as an attachment.) USA Today
reported last year on the "BubbleBoy" virus, which similarly used a security
hole in Microsoft Outlook to cause code to run on a user's machine, simply
by reading an e-mail message:
http://www.usatoday.com/life/cyber/tech/ctg633.htm
Unfortunately, unlike the security hole that Peacefire discovered last
week:
http://www.peacefire.org/security/jscookies/
http://news.cnet.com/news/0-1005-200-1717169.html
http://www.zdnet.com/zdnn/stories/news/0,4586,2553337,00.html
http://www.ntsecurity.net/go/load.asp?iD=/security/netscape2.htm
this security hole doesn't involve any cool industry buzzwords like
"javascript" or "cookies". This one just involves -- *YAWN* --
e-mail. That is, like, *so* 20th-century. Sorry if this is inconvenient
for journalists writing about this stuff :-)
[email protected] (425) 649 9024
http://www.peacefire.org
------------------------------
Date: Fri, 12 May 2000 15:06:11 -0400 (EDT)
From: CERT Advisory <
[email protected]>
Subject: Netscape Navigator Improperly Validates SSL Sessions, CERT Advisory CA-2000-05
CERT Advisory CA-2000-05
Netscape Navigator Improperly Validates SSL Sessions
Original release date: May 12, 2000
Source: ACROS, CERT/CC [...]
Systems Affected
* Systems running Netscape Navigator 4.72, 4.61, and 4.07. Other
versions less than 4.72 are likely to be affected as well.
Overview
The ACROS Security Team of Slovenia has discovered a flaw in the way
Netscape Navigator validates SSL sessions.
[The complete CERT Advisory is available from:
http://www.cert.org/advisories/CA-2000-05.html
PGN-ed for RISKS]
------------------------------
Date: Sat, 13 May 2000 11:51:37 -0400
From: Declan McCullagh <
[email protected]>
Subject: FBI gun-check computer crashes
http://www.wired.com/news/print/0,1294,36310,00.html
The FBI's Interstate Identification Index database system crashed on 11 May,
preventing background checks of some 100,000 would-be gun purchasers who
have to be vetted by the National Instant Check System. The crash also
prevented use of the Integrated Automated Fingerprint Identification System
associated with the National Crime Information Center NCIC 2000. Service
expected to return on 14 May. [The U.S. General Accounting Office notes
that NICS was offline for 215 hours from November 1998 to November 1999.
[PGN-ed]
------------------------------
Date: Mon, 1 May 2000 17:44:03 +0000 (GMT)
From: Mike Fisk <
[email protected]>
Subject: Risk: Selective denial of GPS signals
President Clinton announced today that the US government will no longer use
its "Selective Availability" feature to degrade the precision of
measurements possible with civilian (and non-US government) Global
Positioning System (GPS) receivers. One of the concerns cited in the
announcement is the ability to use GPS for emergency response and other
critical, civilian uses.
It is also stated that one of the reasons the US is comfortable making this
change is that it has "demonstrated the capability to selectively deny GPS
signals on a regional basis when our national security is threatened."
The risks: Will this lead to more dependence on a system that may be made
unavailable at any time? For example pilots, outdoor enthusiasts, and
rescue services all use GPS for routine navigation. If that signal was
suddenly made unavailable, would these people still have the necessary
skills to navigate using non-GPS techniques such as map and compass and
terrestrial radio beacons? What about fail-over in automatic computer
systems (such as autopilots) that depend on GPS?
The full announcement is available at the following URL:
http://www.igeb.gov/sa/potus.txt
Mike Fisk, RADIANT Team, Network Engineering Group, Los Alamos National Lab
See
http://home.lanl.gov/mfisk/ for contact information
------------------------------
Date: Thu, 4 May 2000 18:54:25 +0100
From: "Ian Simpson" <
[email protected]>
Subject: Phone fault sparks sausage frenzy
Alison Mckenzie, of Peterhead, in Aberdeenshire, phoned a 24-hour
environmental services helpline after a chorizo sausage she had bought
turned out to be green. As a result of a British Telecom system fault, the
call was automatically forwarded to police service voicebanks, but also in
text form to every BT pager number beginning with 01426.
[Not green with envy, and certainly not environmentally green.
Mayhaps it was an Irish chorizo? As usual, the wurst is yet to come.
PGN-ed from Ian's sources,
http://news2.thls.bbc.co.uk/hi/english/uk/scotland/newsid%5F735000/735531.stm
http://www.thisisnorthscotland.co.uk/scripts/edarticle-p.asp?
section=National+news&ID=29726&source=NAT]
------------------------------
Date: Fri, 28 Apr 2000 15:22:28 -0700
From: "Conrad Heiney" <
[email protected]>
Subject: Network trashcan
A friend of mine works for [Huge Corporation], where security is frequently
announced as being imperative. The operating system of choice is Windows NT,
and much work is shared on a networked "drive" type share. This "drive" has
a trashcan icon on it.
Fishing in said network trashcan results in the discovery of all sorts of
information, including Word documents with draft policies, the home
addresses of top executives, financial information, etc.
The RISK here is that people expect something that looks like a trashcan to
behave like one, and behave accordingly. The Memory Hole has become a
security hole.
-- Conrad Heiney
[email protected] http://fringehead.org/
[Ah, yes, that is just like your home trashcans. Publically
available. You have no idea what dumpster diving can go on
after you put something in it. Don't forget all the deleted stuff
still in the Word file. You need a bit shredder. Cryptography?
Still maybe not enough, but closer. PGN]
------------------------------
Date: Sun, 7 May 2000 00:32:36 +0100 (BST)
From: Lloyd Wood <
[email protected]>
Subject: Stupid appliance ideas
Of late, there has been a surge in interest in networking domestic
appliances. Electrolux and Whirlpool plan ScreenFridges, where you can see
recipes and order food. Ariston has a washing machine with a built-in modem
which can telephone automatically for software upgrades for the programme
controller.
And now there's BT, with:
http://www.telegraph.co.uk/et?ac=000111464113065&pg=/et/00/5/7/ntac07.html
where domestic appliances are chipped and authorised for use by a home
management centre phoning your insurance company.
The failure modes here are legion. Move house, and discover that your
appliances no longer work while you enter a protracted discussion with your
insurance company to authorise your home management centre in its new
location (no doubt necessary to prevent the home management centre from
being stolen). Have your home management centre crash [Ariston has proposed
its kitchen centre be run on Windows CE], and watch it take out your entire
kitchen, denying you service in the process.
Not so much white goods ideas, as white jacket ideas. It's a recipe
for disaster.
plumb and play. hah.
<
[email protected]>PGP<
http://www.ee.surrey.ac.uk/Personal/L.Wood/>
------------------------------
Date: 29 Apr 2000 17:19:10 -0700
From: Laurentiu Badea <
[email protected]>
Subject: netzero: defenders of the free world?
The "Terms and Conditions" you must accept to use the "free" NetZero service
include giving up your privacy among other "minor" things:
1) obligation on your part to fill out with real information all
questionnaires and survey forms they send;
2) allowing NetZero to learn your browsing habits by tracking all the websites
you visit and compile, sell and USE that information.
They say personal identifying info won't be disclosed but just the simple
fact that they store it on their system where is available to anybody who
could lawfully or not access it, is a problem. Let alone they don't exclude
themselves from using it so it is possible for them to target you directly.
3) you cannot disable cookies, bypass their ad program (meaning that you can't
install firewalling software that would block the ad stream)
4) you allow them to alter your e-mail messages by adding advertising which
you cannot remove or obscure (not unusual);
5) the most ridiculous note is that the whole agreement can be changed at any
time by posting them on their website, and require you to check them every
time before you "use the service", and not use it if you don't agree. Let
alone the impossibility of this (how can you browse their website without
already being connected, thus using the service), it puts an unreasonable
burden on the user. How many will remember the original contract and check
the new one for differences, I doubt they would post a "diff" file there :-)
Laurentiu Badea
------------------------------
Date: Mon, 1 May 2000 08:51:05 -0400
From: Russ <
[email protected]>
Subject: Re: Security experts discover rogue code in Microsoft software
It's extremely important to clarify this "Netscape engineers are weenies!"
story.
For a variety of reasons, one of which being my own quotes in the original
*Wall Street Journal* article on this issue, the public has been overly
warned against an extremely limited threat... while the real threat from the
dvwssr.dll has been largely ignored by the media.
First, clarification of the "secret backdoor password" threat. The
possibility that the string above could be used to access the source of
Active Server Page (.asp) web files, or configuration files known as .asa,
is entirely dependent on the permissions configured on an IIS web server.
By default, no access can be gained. If permissions are mis-configured,
allowing anonymous read access to the files (they should be permissioned for
anonymous *execute*, not read), then there is a way that the obfuscation
could permit access. It should be noted that with such a mis-configured
system, numerous other access methods would be available also.
The important story overlooked was a discovery by CORE-SDI later in the
evening after the backdoor story had run virtually everywhere.
CORE-SDI, not more than 8 hours after first looking at the dvwssr.dll, was
able to published details on a buffer overrun in that .dll that could permit
a DoS of IIS boxes. By some other machinations (including moving the file to
a directory where it would not normally be found), they were able to execute
arbitrary code on the attacked box.
Everyone, RFP (who's advisory caused the original stir), CORE-SDI, and
Microsoft advised that the dvwssr.dll simply be deleted (from all of its
locations) in order to remedy the potential problem(s).
While this particular program had minimal use in its lifetime, the fact that
a static password (used for obfuscation, not entry) was even present should
not be understated. This program has survived numerous Q&A cycles and, if we
believe that source code for NT has been available at some 30+ U.S.
Universities for years, numerous code reviews.
Of interest to RISKS readers should be the fact that MS was, presumably,
unaware that it was using obfuscation for security in that program.
Russ - NTBugtraq Editor
"dot-age" (as in "we're in the dot-age") = senility (source Webster's)
------------------------------
Date: Fri, 28 Apr 2000 19:57:23 -0700 (PDT)
From: Terry Carroll <
[email protected]>
Subject: Re: Encryption code protected by First Amendment
On Wed, 05 Apr 2000, "NewsScan" wrote:
> A federal appeals court in Ohio has ruled that encryption software code is
> protected by the First Amendment because such code is a means of
> communication between computer programmers.
For those who want to read the court's opinion itself, it's online at
the Sixth Circuit Court of Appeals website. The URL is
<
http://pacer.ca6.uscourts.gov/cgi-bin/getopn.pl?OPINION=00a0117p.06>; a
PDF-formatted file (in two-up form intended for publication as a slip
opinion, so the pagination may look odd to you) is at
<
http://pacer.ca6.uscourts.gov/opinions.pdf/00a0117p-06.pdf>.
The citation is Junger v. Daley, No. 98-4045 (6th Cir. Apr. 4, 2000).
The opinion is only 8 pages long, most of which simply relates the facts,
discusses the standard of appellate review, or states the restates resulting
order. The analysis of source code as speech is remarkably short, on page
7, the gist of which is:
The Supreme Court has expressed the versatile scope of the First
Amendment by labeling as "unquestionably shielded" the artwork of
Jackson Pollack, the music of Arnold Schoenberg, or the Jabberwocky
verse of Lewis Carroll. ... Though unquestionably expressive, these
things identified by the Court are not traditional speech.
Particularly, a musical score cannot be read by the majority of the
public but can be used as a means of communication among musicians.
Likewise, computer source code, though unintelligible to many, is the
preferred method of communication among computer programers [sic].
Because computer source code is an expressive means for the exchange
of information and ideas about computer programming, we hold that it
is protected by the First Amendment.
Terry Carroll, Santa Clara, CA <
[email protected]> "The United States is
located in the District of Columbia." Uniform Commercial Code s. 9-307(h)
------------------------------
Date: Mon, 1 May 2000 20:28:41 +0100
From: Jon Ribbens <
[email protected]>
Subject: Re: Hotmail wants to know... (Richards, RISKS-20.87)
>The proof of adult status required? A credit card number.
>1) I refuse to give my credit card number for a non-purchase reason.
You may well find that your credit card Terms and Conditions forbid you
from giving your credit-card number to anyone for any reason other than
making a purchase. Mine do.
Jon Ribbens /
[email protected]
------------------------------
Date: Fri, 28 Apr 2000 21:21:59 -0400 (EDT)
From:
[email protected] (Mark Brader)
Subject: Re: No, Virginia (Burstein, RISKS-20.86)
Danny Burstein writes:
> Permit me to point out that the famous letter, from Virginia O'Hanlon, was
> first printed in the *New York Sun* of 21 September 1897.
And in the letter, Virginia quotes her father as saying "if you see it in
the Sun, it's so".
The New York Sun is also the paper where a series of six articles in August
1835 told how astronomer John Herschel, using a great telescope of new (and
in fact impossible) design in South Africa, had observed amazing geological
formations and a great variety of life-forms on (and flying above) the
surface of the Moon...
Of course, this message is off-topic. Questions such as how to determine
which information source to trust have no Risks relevance whatever. :-)
Mark Brader "Never trust anybody who says 'trust me.'
Toronto Except just this once, of course." John Varley, "Steel Beach"
------------------------------
Date: 13 Dec 1999 (LAST-MODIFIED)
From:
[email protected]
Subject: Abridged info on RISKS (comp.risks)
The RISKS Forum is a MODERATED digest. Its Usenet equivalent is comp.risks.
=> SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent)
if possible and convenient for you. Alternatively, via majordomo,
SEND DIRECT E-MAIL REQUESTS to <
[email protected]> with one-line,
SUBSCRIBE (or UNSUBSCRIBE) [with net address if different from FROM:] or
INFO [for unabridged version of RISKS information]
.MIL users should contact <
[email protected]> (Dennis Rears).
.UK users should contact <
[email protected]>.
=> The INFO file (submissions, default disclaimers, archive sites,
copyright policy, PRIVACY digests, etc.) is also obtainable from
http://www.CSL.sri.com/risksinfo.html ftp://www.CSL.sri.com/pub/risks.info
The full info file will appear now and then in future issues. *** All
contributors are assumed to have read the full info file for guidelines. ***
=> SUBMISSIONS: to
[email protected] with meaningful SUBJECT: line.
=> ARCHIVES are available:
ftp://ftp.sri.com/risks or
ftp ftp.sri.com<CR>login anonymous<CR>[YourNetAddress]<CR>cd risks
[volume-summary issues are in risks-*.00]
[back volumes have their own subdirectories, e.g., "cd 19" for volume 19]
http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue].
http://the.wiretapped.net/security/textfiles/risks-digest/
PostScript copy of PGN's comprehensive historical summary of one liners:
illustrative.PS at ftp.sri.com/risks .
------------------------------
End of RISKS-FORUM Digest 20.88
************************
