Subject: RISKS DIGEST 16.24 REPLY-TO: risks@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Thursday 14 July 1994 Volume 16 : Issue 24 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator ***** See last item for information on RISKS (comp.risks) ***** Contents: Quoth the Maven, Livermore! (porno repository) (PGN) "DUMB FROGS AHEAD" (Tom Zmudzinski) Digital display boards on highways (Jason Hanson) Mailers that add "Company Confidential" (Paul Szabo) Scams (Phil Agre) Re: Secure use of Internet (Tom Patterson) Re: Shopping Risks... (Philip H. Smith III) Re: Brock Meeks article on Clipper (Jerry Leichter) Cellular phone risks/privacy (Phillip Brown) Literary treatment of street-corner cameras (Scott Dorsey) Teletext (Bob Richardson, Clive D.W. Feather, Bob Frankston) Re: Laptop Danger (Bob Frankston, Joe Chew, Lars-Henrik Eriksson, Tony Abo) Info on RISKS (comp.risks), contributions, subscriptions, FTP, etc. ---------------------------------------------------------------------- Date: Wed, 13 Jul 94 13:31:25 PDT From: "Peter G. Neumann" Subject: Quoth the Maven, Livermore! Lawrence Livermore National Laboratory (one of the U.S.'s three nuclear weapons labs) has had one of its unclassified Internet computers hacked to provide a repository for 2 Gigabytes of pornographic images, storing over 1000 pictures. (You thought a picture is worth 1000 words? In this case it is worth 2000 kilobytes, i.e., 2 megabytes each.) This was reported in a Los Angeles Times article by Adam S. Bauman (appearing in the San Jose Mercury, 12 July 1994, front page); the Times article also noted that the Software Publishers Association and the FBI are tracking something like 1600 B-boards that contain pirated software. [Thanks to Nachum Shacham for bringing in the clipping.] ------------------------------ Date: Thu, 14 Jul 94 15:27:41 EST From: "Tom Zmudzinski" Subject: "DUMB FROGS AHEAD" This is one for the Highway, not the I-way (Information Dirt Road): On 2 July 1994, on Route 29 in Virginia, one of those roadside variable message electronic signs was reported as flashing: "DUMB FROGS AHEAD" This wasn't a case of someone fat-fingering "dense fog ahead". Some prankster(s) had gotten access to the controls and had a little fun confusing the public. Stacy Pruitt, spokesbeing for Virginia Department of Transportation (VDOT), was quoted in the Washington Post as saying, "We think someone got in there during the night. What is mysterious is that it takes a password to sign onto the system. We're calling it 'highway hacking'." VDOT officials reported that the security box (on the back of the unit) was left unlocked, allowing physical access to the keyboard. Obviously, the so-called highway hacker(s) could have concocted a far more dangerous prank (the mind boggles!) but that merely begs the REAL question: How do you tell the smart frogs from the dumb ones? Tom Zmudzinski [Unreformed Paronomasiac] ZmudzinT@CC.IMS.DISA.MIL CAUTION! INCORRIGIBLE PUNSTER! PLEASE DON'T INCORRIGE! [A chunk of the 13 July 1994 Washington Post article (which appeared in the "Dr. Gridlock" column about local auto and traffic issues) was sent to RISKS by marc@sti.com (Marc Pawliger), with the Subject line "FROGGY BOTTOM". As I try not to use copyrighted material in its entirety (although I sometimes FROGETTE, as in the case of the amusing "TOUCH-TOE" [sic!] item "Risks of REDIAL" in RISKS-16.21), I have in this case chosen Tom's adaptation. I TOAD the line on this one. TOUCH-TOAD or TOUCH-TOED? "This carflee tastes like ZMUD to me!" "It should. It was GROANED this morning." PGN] ------------------------------ Date: Thu, 14 Jul 1994 16:40:04 -0500 (CDT) From: jhanson@cs.wisc.edu (Jason Hanson) Subject: Digital display boards on highways Often when driving, one is confronted with those big digital display boards that warn of impending traffic conditions. On top, there always appears to be a cellular antenna. Am I correct in thinking that there is a modem on the cellular "line"? The risks are somewhat obvious - one could call and change the message! While "COP AHEAD - SLOW DOWN" would be a bit amusing, a change from "BRIDGE OUT AHEAD" to "WEST HIGH RULEZ" would be disastrous. Jason J. Hanson, Univ. of Wisc., 22 Langdon Street #220 Madison, WI 53703-1344 (608) 256-1004 Ham: N9LEA (Extra) jhanson@yar.cs.wisc.edu ------------------------------ Date: Thu, 14 Jul 94 17:42:01 PDT From: szabop@tualatin.pen.tek.com (Paul Szabo) Subject: Mailers that add "Company Confidential" I received an e-mail that was distributed over a large mail-group today. It had a line, just below the "Subject" line, that read: > Sensitivity: Company-Confidential There are several RISKS here: 1) Misuse of this label can cause your company problems when it comes time to sue someone for stealing confidential information. This label should mean what it says in order to be valid in court. My company has told the employees several times to use this label ONLY for actual confidential material, for this reason. 2) It did not say which company the material was confidential for. It would not be a valid in court on actual confidential material because the company's name is not mentioned. 3) The person who sent this message is not paying attention to lines that their mailer adds. Lesson: Learn how your mailer works! Paul Szabo, Test Engineer, Tektronix Test and Measurement, Beaverton, OR 503-627-5811 ------------------------------ Date: Wed, 13 Jul 1994 18:13:59 -0700 From: Phil Agre Subject: Scams The 24 June 1994 issue of The Wall Street Journal contains a long article about a wave of "fax scams" that has been emanating from Nigeria. People receive quasi-official-looking faxes with elaborate stories about money that needs to be parked in their bank accounts for short periods, with large profits promised. The recipients of these faxes, of course, start dreaming of big bucks. Just before the deal is closed a temporary "hitch" arises, requiring the person to send over some money or goods to bribe a government official. Needless to say, the money and goods are never seen again. Part of what makes these scams so effective is that the scammers manage to come up with enough personal information about the victim to play on his or her weak points and make the faxed "documents" more compelling. The scam requires faxes rather than just airmail because the parties need to exchange increasing numbers of faxes as things get more complicated, and speed presumably helps keep doubt from setting in. The article says: Nigerian scam artists have claimed so many victims in Texas that the Nigerian soccer team and its fans have received a less-than-enthusiastic welcome at the World Cup games there. In Addison, the Dallas suburb where the Nigerian team is practicing, a local newspaper quoted the police chief warning restaurateurs to beware of Nigerians bearing credit cards. After outraged Nigerians called for his resignation, the chief said his remarks had been misinterpreted. The full reference is: Geraldine Brooks, How a recurring scam cost an accountant and his wife $54,000, The Wall Street Journal, 24 June 1994, pages A1, A6. The Risk, of course, is not specific to faxes. When communications are cheap and personal information is readily available, scams like these can readily cross borders, so that criminal communications can originate in "off-shore" locations where they are not likely to be punished. Just think what will be possible when global broadband communications become widely available. Phil Agre, UCSD ------------------------------ Date: Mon, 11 Jul 1994 09:39:17 -0600 From: patterson@mcc.com (Tom Patterson) Subject: Re: Secure use of Internet (RISKS-16.22) Re: Mosaic risks (Levine, RISKS-16.22) At the RISK of sounding like a commercial, "Mosaic" (a brand-name for the generic World Wide Web (Web) technology) is and has been available in privacy and integrity enhanced versions from the MicroElectronics and Computer Technology Corporation (MCC - my employer). MCC EINet has secured Web client versions on Mac and Windows, as well as Unix servers. Web is the latest in a series of internet products that MCC has secured, including WAIS and FTP. We also maintain commercial grade access control and key servers on the network, available to any registered user. The two most obvious RISKS in an internet Web environment are the authentication of the user and the server. Just as a user must authenticate to a server, responsible users will want non-reputable evidence that the server is what it says it is. This two-way authentication process is fully deployed today. And before everyone responds, we agree that their are many more RISKS, and secured clients and servers are only part of our system, which includes an internet security plan, risk analysis, fully integrated firewalls, and transparent encryption. Re: Fraud on the Internet (Rowley, RISKS-16.22) ... Your reaction is naive. The short answer is yes. The internet is a wonderful collection of networks of all shapes and sizes, for many purposes. There is no reason to try to impose additional rules and regulations on it. What is happening, however, is that as commercial entities are looking to make use of it, they want additional security features in place. If a company puts in links to the internet with a firewall and authenticating server, that does not 'require' the rest of the users to change anything. It just means that one organization is making use of an advanced technology in a safe and secure manor. Tom Patterson, Director, INFOSEC, MCC patterson@mcc.com ------------------------------ Date: Wed, 13 Jul 94 08:14:49 EDT From: PHILS@RELAY.RELAY.COM (Philip H. Smith III, (703) 506-0500) Subject: Re: Shopping Risks... (RISKS-16.21) A minor but (mildly?) interesting bar-code risk lies in coupons which are part of the packaging of products. The manufacturers have figured out that they shouldn't put barcodes on those which appear on the outside of packaging, lest the store pay you for taking the product (although this means that the scanner cannot verify that you bought the necessary product when redeeming the coupon), but continue to put barcodes on those which appear *inside* the product. In the case of Healthy Choice frozen fake eggs, the coupon happens to be on the inside, but *opposite the normal product bar-code*. I found myself paying for 2 products instead of paying for one and cashing a coupon, when the checker scanned the wrong side of the coupon! Hardly earth-shattering, but a nice gotcha. ...phsiii ------------------------------ Date: Wed, 13 Jul 94 16:00:56 EDT From: Jerry Leichter Subject: Re: Brock Meeks article on Clipper It's Silvio M*i*cali. Meeks got it consistently wrong throughout his article, and unfortunately now even extracts are repeating the mastake. :-) -- Jerry [Your moderator knew that also, and somehow neglected to fix it. PGN] ------------------------------ Date: Thu, 14 Jul 1994 18:01:30 -0400 From: "Brown, Phillip" Subject: Cellular phone risks/privacy One more contribution on the use and abuse of cellular phone technology, if the forum can tolerate it. As a technology planning engineer in the trade, I find the amount of ignorance-fueled fear of telephony and the vast amount of misinformation on cellular telephony in particular to be a source of constant amusement (but hey, I'm easily amused :). I'll address some specific remarks from earlier contributions first, then raise the noise floor another few dB with my own views. Willis H. Ware writes: >If cells get smaller in the future, then the precision of location will >increase ... In a subsequent issue of Risks, Lauren Weinstein writes: >If you read your phone bill inserts carefully, you may have already > received a notice allowing you to choose whether or not you want your > called number information released to VENDORS of telecommunication services! The concern about monitoring is justified only up to a point -- remember, the only reason for this information to be saved is because it has value to someone. Wireline telcos long ago abandoned detailed billing, and today don't even retain that information unless required by a government agency; the cost of collecting and storing this tidal wave of data is still too prohibitive to make it useful on an everyday basis (this is a situation I don't see changing in the foreseeable future, either). The cellular phone industry, on the other hand, has employed detailed billing from its infancy, for reasons driven both by customer needs (why did this call cost so much?) and economies of scale (the processing needs have been orders of magnitude smaller than what is required by our wireline brethren, and at the same time the silicon revolution has made low to midrange computing power cheap -- many smaller cellular phone companies still do billing on a single PC!). So, for instance, seeing LA reporters with copies of OJ's cellular phone bill are no surprise at all, given that the information is readily at hand and the weakest security link in a system is usually the human operator. For all the high tech, gee whiz methods of obtaining cellular phone IDs, the most common way is still for unscrupulous sorts to bribe or blackmail company insiders into sharing lists of valid subscribers. In the case of a large company like AirTouch (or my own), a corruptible someone with access to subscriber data can probably also get billing data. Robert Morrell, Jr. and Bob Frankston pointed out different aspects of the risks of eavesdropping on cellular phone conversations (Mr. Morrell made the point that it is incumbent upon the user to ascertain and protect his level of privacy, and Mr. Frankston pointed out the fallacy of comparing wired and wireless technologies from a privacy perspective). The so-called security of the wired telephone is conceptually similar to "security through obscurity" in that it is the medium itself that makes listening to an otherwise unencoded communication difficult. It is something that virtually no phone user has thought about but takes for granted anyhow. I could agree with Mr. Morrell's extreme-sounding position if there was some assurance that once the user body was educated about the risk and began demanding truly secure communication (which I believe will happen eventually) the option was still available. Right now the US government is trying to usurp the issue while the body politic is still ignorant, and I see that as a violation of the public trust. BTW, several companies make scramblers for analog cellular phones (which work in conjunction with a companion device on the target phone, either wired or compatible cellular). The big drawback to these is that they must do most of their cryptographic work in the frequency domain, and 3300 Hz is not a lot of bandwidth to play in. On the general issue of location tracking, I think the greater concern should be with real-time monitoring. I can sit at my desk today and find out which cell sites in our network any given phone number has placed calls on for the last 24 hours (after which time the data is rolled off into oblivion but continues to be available offline in printed detailed billing reports). But, as has already been correctly pointed out, this information is highly imprecise. Triangulation can be employed with a greater degree of precision (within a few hundred feet at best), but not consistently enough to be reliable. Data from technologies such as GPS must be transmitted in-band, so it is useless to the phone company unless the receivers are integrated into the network. However, I can't -- and probably won't ever be able to -- get any of the same information from a competitor, because that type of data is highly competitive in nature. No competing carriers will share that information with one another, nor will they be enthusiastic about providing the data to a clearinghouse where it might be generally accessible. So in this case competition is our friend. In any event, every large cellular carrier is already performing real-time network monitoring, and using called number information to get to the weak human link is probably more effective for law enforcement anyhow. Phil Brown GTE Mobilnet pdb540@gtehq7.mail4.gtemc.sprint.com ------------------------------ Date: Thu, 14 Jul 1994 13:26:55 -0400 From: Scott Dorsey Subject: Literary treatment of street-corner cameras I believe the first instance I can think of is Orwell's novel 1984, although I would not be surprised that the idea predated that as well. I do recall having seen 1930s Gene Autry serials in which the evil mole-men placed television transmitters throughout an unsuspecting town. --scott ------------------------------ Date: Wed, 13 Jul 1994 17:04:07 -0700 (PDT) From: Bob Richardson Subject: Teletext (Closed Caption) Methods (Stern, RISKS-16.23) Michael Stern writes in RISKS-16.23 about an alarming number of errors in a closed-captioned news program, and wonders if these are induced by faulty voice-recognition systems or spell-checker bugs. The truth is far simpler. Many live programs (such as news) are live-captioned by a service provider. In other words, a live human stenographer listens in (and usually views) the program while it is being broadcast, and types along as best as they can keep up. This is a somewhat outdated method when it comes to news, but many stations still use it, and it is quite error-prone. This is probably what happened in the reported case. More modern newsrooms with integrated teleprompting/news composition software, have the newsroom computer automatically generate live close-captioning data from the teleprompter display. So the home viewer actually gets to see the news slightly before the anchor reads it off the display. The problem here is that commentary from persons on screen, such as people live in the field, must still be provided manually or not at all. Some stations elect to caption the news program after it has aired, then re-broadcast it during the late-night hours. The problem here, of course, is that hearing-impaired viewers aren't able to get the news until hours after everyone else. Bob Richardson, OmiCo Industries bob@csos.orst.edu PO Box 1404 Corvallis, OR 97339 503-758-5018 ------------------------------ Date: Thu, 14 Jul 1994 09:00:31 +0100 (BST) From: "Clive D.W. Feather" Subject: Teletext run amok (Stern, RISKS-16.23) Unlike most programmes, teletext conversion of the news is done live. As I understand it, a typist transcribes what the newsreader is saying using a special phonetic keyboard (like those devices you sometimes see being used in Parliamentary Committees or Congress). This is linked to a computer, which makes a "best guess" at the corresponding words and outputs the teletext directly. Obviously there is no time to correct errors. Clive D.W. Feather, Santa Cruz Operation, Croxley Centre, Hatters Lane, Watford WD1 8YN, UK clive@sco.com +44 923 816 344 Fax: +44 923 210 352 | ------------------------------ Date: Thu, 14 Jul 1994 21:39 -0400 From: Bob_Frankston@frankston.com Subject: Re: Teletext run amok It's interesting that one looks for a high tech explanation for these errors. Many Risks readers seem to forget that we already have a fairly reliable speech to text system. I presume that the TV stations use the same kind of system that one encounters when using the text to speech mechanism that is employed in the page networks. This is an efficient system that runs on 2000 to 3000 calories a day and can handle a wide variety of speech. A human. Unlike the paging systems which allow the typist to confirm the message (though I do get messages like my wife's request that I buy some "weak germ"), the TV systems require someone to type at a furious pace without any chance to correct or think. It's surprising how few errors occur. Wait for the story on Unix. ------------------------------ Date: Thu, 14 Jul 1994 21:39 -0400 From: Bob_Frankston@frankston.com Subject: Re: Laptop Danger for Airplanes Is it too much to expect that when airlines find problems with laptop computers they report which ones? It is possible that particular manufacturer's machines are out of compliance. As part of assuring safety, it would be worthwhile to report the brands to the FCC rather than just condemning all devices. As to lavatories, is it indeed worth risking an aircraft because one passenger is in the lavatory without a seatbelt on? ------------------------------ Date: 14 Jul 1994 21:51:45 GMT From: JTCHEW@lbl.gov (Ad absurdum per aspera) Subject: Re: Laptop danger for airplanes (Martin, RISKS-16.23) I hate to second-guess somebody who probably used the available information and did what he thought was best, but... jumpin' jehoosephat! Rather than violate procedures by taking off with somebody in the potty, he came within a "few feet" of re-enacting Tenerife on at least one occasion, maybe more? Not all RISKS involve computers... --Joe ------------------------------ Date: Thu, 14 Jul 94 08:46:36 +0200 From: lhe@sics.se Subject: Re: Laptop Danger for Airplanes (Martin, RISKS-15.23) I recently saw the Flight Safety Department of the Swedish CAA comment on interference by the use of cellular phones. In one instance, operating a cellular phone caused the aircraft transponder to stop replying to interrogations from ground secondary radar stations. When the phone was turned off the transponder replied normally again. The FSD speculates that transmissions from the cellular phone on frequencies close to the interrogation frequency of the transponder had caused the sensitivity of the transponder receiver (which is automatically adjusted) to be reduced to the point where it could no longer receive interrogations. Neither the cellular phone type (NMT or GSM) nor the aircraft type was given. (PS. A "transponder" is a device that provides ground radar stations with coded replies that identifies the aircraft and gives information about its altitude.) Lars-Henrik Eriksson, Swedish Institute of Computer Science, Box 1263 S-164 28 KISTA, SWEDEN lhe@sics.se (intn'l): +46 8 752 15 09 ------------------------------ Date: Wed, 13 Jul 94 19:28:36 -0700 From: Tony Abo Subject: re: Laptop Danger for Airplanes (RISKS-16.23) I may not be as up on this issue as I should be. I do however fly fairly often, and have become aware of the subject of interference to in-flight instruments by electronic devices being used by passengers, and the rules regarding the use of electronic devices. It is clear that there is plenty of circumstantial evidence reported by flight crews of this phenomenon. When this first became an issue my understanding was that no one was sure that there was any link between the electronic devices and the occurrences, however for safety's sake, the restrictions were being instituted. What I don't understand is why after all this time there isn't more substantial data available. How hard would it be to reproduce the problem? Certainly if one such device can cause a problem, then a cabin full of devices, which can be switched on and off in a controlled experiment should yield some measurable effect. Has something like this been done already? Has this been done without being able to reproduce the problem? It isn't that I don't believe there is a problem. It just seems to me that the kind of evidence I've seen reported does not help pinpoint the problem. Therefore, the restrictions on the electronic devices may inconvenience travelers without diminishing any risk. Or perhaps once the effect can be reproduced and isolated, alterations could be made to shield the instrumentation from the effect. This would be a far more effective approach than expecting a few flight attendants to police an entire cabin full of potential abusers. Also, if the phenomena are caused by other unidentified sources, then there is certainly a risk that too much attention to this theory could be diverting attention from the real cause of the potentially disastrous occurrences. ------------------------------ Date: 31 May 1994 (LAST-MODIFIED) From: RISKS-request@csl.sri.com Subject: Info on RISKS (comp.risks), contributions, subscriptions, FTP, etc. The RISKS Forum is a moderated digest. Its USENET equivalent is comp.risks. Undigestifiers are available throughout the Internet, but not from RISKS. SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) on your system, if possible and convenient for you. BITNET folks may use a LISTSERV (e.g., LISTSERV@UGA): SUBSCRIBE RISKS or UNSUBSCRIBE RISKS. U.S. users on .mil or .gov domains should contact (Dennis Rears ). UK subscribers please contact . Local redistribution services are provided at many other sites as well. Check FIRST with your local system or netnews wizards. If that does not work, THEN please send requests to (which is not automated). CONTRIBUTIONS: to risks@csl.sri.com, with appropriate, substantive Subject: line, otherwise they may be ignored. Must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. PLEASE DO NOT INCLUDE ENTIRE PREVIOUS MESSAGES in responses to them. Contributions will not be ACKed; the load is too great. **PLEASE** include your name & legitimate Internet FROM: address, especially from .UUCP and .BITNET folks. Anonymized mail is not accepted. ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. Relevant contributions may appear in the RISKS section of regular issues of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise. ARCHIVES: "ftp crvax.sri.comlogin anonymousYourName cd risks: Issue j of volume 16 is in that directory: "get risks-16.j". For issues of earlier volumes, "get [.i]risks-i.j" (where i=1 to 15, j always TWO digits) for Vol i Issue j. Vol i summaries in j=00, in both main directory and [.i] subdirectory; "dir" (or "dir [.i]") lists (sub)directory; "bye" logs out. CRVAX.SRI.COM = [128.18.30.65]; =CarriageReturn; FTPs may differ; UNIX prompts for username, password; bitftp@pucc.Princeton.EDU and WAIS are alternative repositories. See risks-15.75 for WAIS info. To search back issues with WAIS, use risks-digest.src. With Mosaic, use http://www.wais.com/wais-dbs/risks-digest.html. FAX: ONLY IF YOU CANNOT GET RISKS ON-LINE, you may be interested in receiving it via fax; phone +1 (818) 225-2800, or fax +1 (818) 225-7203 for info regarding fax delivery. PLEASE DO NOT USE THOSE NUMBERS FOR GENERAL RISKS COMMUNICATIONS; as a last resort you may try phone PGN at +1 (415) 859-2375 if you cannot E-mail risks-request@CSL.SRI.COM . ------------------------------ End of RISKS-FORUM Digest 16.24 ************************