Subject: RISKS DIGEST 12.72 REPLY-TO: risks@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Tuesday 31 December 1991 Volume 12 : Issue 72 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Airbus Fuel monitoring; tanks shown full when they were not (John Van Voorhis) Recent Novell Software Contains a Hidden Virus (John Markoff) Has anybody ever been spoofed on the wide network? (George Michaelson) Re: Whole Earth Review Questions Technology (Tom White) The Whole Earth is greater than the sum of its parts (Re: Jerry Mander) (PGN) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line. Others may be ignored! Contributions will not be ACKed. The load is too great. **PLEASE** INCLUDE INTERNET FROM: ADDRESS, especially .UUCP domain folks. REQUESTS please to RISKS-Request@CSL.SRI.COM. For vol i issue j, type "FTP CRVAX.SRI.COMlogin anonymousAnyNonNullPW CD RISKS:GET RISKS-i.j" (where i=1 to 12, j always TWO digits). Vol i summaries in j=00; "dir risks-*.*" gives directory; "bye" logs out. The COLON in "CD RISKS:" is essential. "CRVAX.SRI.COM" = "128.18.10.1". =CarriageReturn; FTPs may differ; UNIX prompts for username, password. ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. Relevant contributions may appear in the RISKS section of regular issues of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise. ---------------------------------------------------------------------- Date: Fri, 27 Dec 1991 15:53:18 GMT From: john@chsun1.spc.uchicago.edu (John Van Voorhis) Subject: Airbus Fuel monitoring; tanks shown full when they were not A few weeks ago I flew on an A320 for the first time. Overall the flight was fine; however, we were delayed at the gate while the ground crew tried to fuel the plane. It seems that the computer that ran the the fuel pump onboard the aircraft would not pump in any more fuel, even though the tanks were not full. I do not know how they managed to do it, but eventually they did load on enough fuel to get us from Chicago to Phoenix. Does anyone know how this system works? What happens if the flight or ground crews are careless and just let the computers tell them what is going on? It did not make me feel very safe. John Van Voorhis, Chapin Hall Center, 1155 E 60th St Chicago, IL 60637 (312) 753-5983 john@chsun1.spc.uchicago.edu ------------------------------ Date: Mon, 30 Dec 91 13:16:29 PST From: "John Markoff" Subject: Recent Novell Software Contains a Hidden Virus By JOHN MARKOFF (from the New York Times, 20 Dec 1991) The nation's largest supplier of office-network software for personal computers has sent a letter to approximately 3,800 customers warning that it inadvertently allowed a software virus to invade copies of a disk shipped earlier this month. The letter, sent on Wednesday to customers of Novell Inc., a Provo, Utah, software publisher, said the diskette, which was mailed on Dec. 11, had been accidentally infected with a virus known by computer experts as "Stoned 111." A company official said yesterday that Novell had received a number of reports from customers that the virus had invaded their systems, although there had been no reports of damage. But a California-based computer virus expert said that the potential for damage was significant and that the virus on the Novell diskette frequently disabled computers that it infected. 'Massive Potential Liabilities' "If this was to get into an organization and spread to 1,500 to 2,000 machines, you are looking at millions of dollars of cleanup costs," said John McAfee, president of McAfee & Associates, a Santa Clara, Calif. antivirus consulting firm. "It doesn't matter that only a few are infected," he said. "You can't tell. You have to take the network down and there are massive potential liabilities." Mr. McAfee said he had received several dozen calls from Novell users, some of whom were outraged. The Novell incident is the second such case this month. On Dec. 6, Konami Inc., a software game manufacturer based in Buffalo Grove, 111. wrote customers that disks of its Spacewrecked game had also become infected with an earlier version of the Stoned virus. The company said in the letter that it had identified the virus before a large volume of disks had been shipped to dealers. Source of Virus Unknown Novell officials said that after the company began getting calls earlier this week, they traced the source of the infection to a particular part of their manufacturing process. But the officials said they had not been able to determine how the virus had infected their software initially. Novell's customers include some of nation's largest corporations. The software, called Netware, controls office networks ranging from just two or three machines to a thousand systems. "Viruses are a challenge for the marketplace," said John Edwards, director of marketing for Netware systems at Novell. "But we'll keep up our vigilance. He said the virus had attacked a disk that contained a help encyclopedia that the company had distributed to its customers. Servers Said to Be Unaffected Computer viruses are small programs that are passed from computer to computer by secretly attaching themselves to data files that are then copied either by diskette or via a computer network. The programs can be written to perform malicious tasks after infecting a new computer, or do no more than copy themselves from machine to machine. In its letter to customers the company said that the Stoned 111 virus would not spread over computer networks to infect the file servers that are the foundation of networks. File servers are special computers with large disks that store and distribute data to a network of desktop computers. The Stoned 111 virus works by attaching itself to a special area on a floppy diskette and then copying itself into the computer's memory to infect other diskettes. But Mr. McAfee said the program also copied itself to the hard disk of a computer where it could occasionally disable a system. In this case it is possible to lose data if the virus writes information over the area where a special directory is stored. Mr. McAfee said that the Stoned 111 virus had first been reported in Europe just three months ago. The new virus is representative of a class of programs known as "stealth" viruses, because they mask their location and are difficult to identify. Mr. McAfee speculated that this was why the program had escaped detection by the company. Steps Toward Detection Novell has been moving toward adding new technology to its software to make it more difficult for viruses to invade it, Mr. Edwards said. Recently, the company licensed special digital-signature software that makes it difficult for viruses to spread undetected. Novell plans to add this new technology to the next major release of its software, due out at the end of 1992. In the past, courts have generally not held companies liable for damages in cases where a third party is responsible, said Susan Nycum, a Palo Alto, Calif., lawyer who is an expert on computer issues. "If they have been prudent it wouldn't be fair to hold them liable," she said. "But ultimately it may be a question for a jury." [Also noted by Werner Uhrig ] ------------------------------ Date: Fri, 20 Dec 91 11:16:44 +1100 From: George Michaelson Subject: Has anybody ever been spoofed on the wide network? In a mailing list for some X.400 s/w development, the `trustedness' of callers into mail has been raised. There certainly seems to be a feeling that SMTP, in not performing any 'application-level' checks like a password, or some of the 3rd party verification thingies like kerberos is left only with reverse-address lookup to verify who and where the sender system really is. X.400 provides for a password exchange between the communicating systems, and also includes a 'turn around' mechanism that permits an inbound caller to switch to being fed outbound queued material. SMTP provides an analogous 'TURN' command, but few of the current implementations support it. Thus X.400 developers are choosing to see this 'two way alternate' mode as a potential security hole, and thus do not implement it. I don't disagree that a potential hole does exist, but I am interested if anybody in the wider community, especially the Internet and members of PTT provided communities over X.25, is aware of EVER having been hit in this way operationally, by somebody 'spoofing' another machines address and thus forging (in some sense) who they are. I say operationally since many of us at one time or another may have deliberately set a machine to forge somebody elses IP or X.25 address, eg during an extended downtime to provide coverage. X.25 switches are certainly capable of changing both sender and recipient addresses in processing packets IP routers can also do this sort of thing. I do not belive that the 'wider community' has ever yet been hit by an attack where a PTT provided service like X.25, let alone a distributed and self-administered network like the Internet, permitted the sender to mis-represent their network address. end-user identity, doubtless has been compromised countless times. machine-address or network address, I am not so sure has been abused in the wider network. The holes are pretty obvious. On campus, nobody can really be trusted. Off campus the best you know is the major network-number must be being routed validly, and hence you know a general 'pool' of addresses the real machine could be from. In X.25, subaddressing can provide similar levels of networking, so you can really only know who is sending the packets to a resolution that matches the PTT billing policy! I also believe the security risk is identical inbound and outbound: classically people discussing this issue seem to assume 'you' opening a call to 'them' is more trustworthy. I deny this, and say both are equally risky. I would love to see a general discussion of this, perhaps headers in news need to be re-worked to a more appropriate newsgroup. However I would also like to try and find out if on an operational network, providing a service like e-mail using SMTP and related protocols, if ANYBODY has been knowingly compromised in this way. I will collate any replies e-mailed to me direct, respecting any request for privacy. Simply being told such an attack HAS taken place will be sufficient if you don't want to go into details. George Michaelson, The Prentice Centre, University of Queensland QLD Australia 4072 +61 7 365 4079 ------------------------------ Date: Fri, 27 Dec 91 21:17:17 pst From: well!tomwhite@apple.com (Tom White) Subject: Whole Earth Review Questions Technology Thanks for the invitation to let readers in the RISKS Forum learn about the unique gathering of writers that Whole Earth Review has brought together to question technology. Avid online readers can access selected articles from Mead, Dialog and BRS. WHOLE EARTH REVIEW to Readers: Question Technology (while we still have the chance) Sausalito, CA -- The Winter 1991 issue of WHOLE EARTH REVIEW, the "Access to Tools" quarterly suppplement to the WHOLE EARTH CATALOG, questions the political, economic, social and physical effects technology has on our lives. WHOLE EARTH REVIEW also questions its fundamental assumption that providing access to tools is a good and noble enterprise. Is technological innovation invariably beneficial? Do we control new technologies or do they control us? Will books and libraries become obsolete? These are some of the questions that authors in this special issue attempt to answer. Editor-in-Chief Howard Rheingold writes in the introduction: "Perhaps our readers will be inspired to create new tools for thinking about tools." Among the authors showcased are Jerry Mander, whose book "In the Absence of the Sacred" is excerpted at length in the lead article; Howard Levine, former director of the National Science Foundation's Public Understanding of Science Program; Langdon Winner, a political theorist and author; Patricia Glass Schuman, president of the American Library Association and of Neal-Schuman Publishers; Linda Garcia, a project director and senior analyst at the Office of Technology Assessment; Gary T. Marx; Ivan Illich; Amory and Hunter Lovins of the Rocky Mountain Institute. For the past two decades WHOLE EARTH REVIEW has provided its readers "access to tools" -- practical information about technologies ranging from manual post-hole diggers to virtual-computer systems. Subscription price is $27 for four issues, add $6 foreign. No advertising accepted. Copyright 1991, POINT. Permission granted to redistribute freely. Whole Earth Review, PO Box 38, Sausalito, CA 94966 CONTACT: Tom White (415) 332-1716: E-mail:tomwhite@well.sf.ca.us ------------------------------ Date: Mon, 30 Dec 91 13:16:29 PST From: "Peter G. Neumann" Subject: The Whole Earth is greater than the sum of its parts (Re: Jerry Mander) Long ago I read an earlier counter-culture book by Jerry Mander, Four Arguments for the Elimination of Television (Wm Morrow, NY 1978). In PGN's book chapter "Psychosocial Implications of Computer Software Development and Use: Zen and the Art of Computing" (in Theory and Practice of Software Technology, D. Ferrari, M. Bolognani, and J. Goguen (eds), North-Holland, 1983), I included and discussed the following quote from that Mander book, which in retrospect seems highly relevant to RISKS: Human beings no longer trust personal observation, even of the self-evident, until it is confirmed by scientific or technological institutions; human beings have lost insight into natural processes that are now exceedingly difficult to observe. I also summarized Mander's enumeration of eight conditions for the flowering of autocracy and the degeneration of human individuality (loc.cit.), which also seem relevant here... By the way, HAPPY NEW YEAR to all RISKS READERS. I presume that in the coming year we will see lots more of the same stuff that has concerned RISKS for the past 6.5 years! PGN ------------------------------ End of RISKS-FORUM Digest 12.72 ************************