Subject: RISKS DIGEST 17.17 REPLY-TO: risks@csl.sri.com RISKS-LIST: Risks-Forum Digest Weds 7 June 1995 Volume 17 : Issue 17 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator <<<<< The annual RISKS Summer Slowdown has begun. >>>>> ***** See last item for further information, disclaimers, etc. ***** Contents: [Also working on big backlog] Placing the blame, Part N+1: New York City subway crash (PGN) Former IRS employee indicted (PGN) The Internet is a Dangerous Place (Mycal Johnson) Telecom records non-privacy at Ameritech (Lauren Weinstein) *California Lawyer*, June 1995 (Martin Minow) Copyright infringed via WWW? (Gregor Ronald) User-friendly E-mail systems () Re: Ariane-5 test aborted (Erling Kristiansen) Re: Drug Addicted Geniuses Built Cyberspace (Carlton Hogan) Re: New Yorker Article on The 59-Story Crisis (Bob Frankston) Compuserve addresses and a sparse name-space (Erik Corry) Europe - Central Air Traffic Control (Mike James) Re: The standard notion of a `field' (Peter Ladkin, Rob Horn) Telematic Sculpture 4 (T.S.4) Privacy Digests (PGN) Info on RISKS (comp.risks), contributions, subscriptions, FTP, etc. ---------------------------------------------------------------------- Date: Wed, 7 Jun 95 9:07:09 PDT From: "Peter G. Neumann" Subject: Placing the blame, Part N+1: New York City subway crash A NYC subway train on the Williamsburg Bridge crashed into the rear end of another train on 5 June 1995. The motorman apparently ran through a red light, and was still applying power at the time of the crash. The safety system is supposed to apply emergency brakes whenever a train runs a red light, but it seems that did not happen. (Subway officials said they had never seen that failure mode before.) So, we must add to the RISKS annals yet another case in which human error and system failure acted in combination. Here, neither of the two sets of safety measures was able to rely on the other. [Source: various news services on 6 and 7 June 1995.] ------------------------------ Date: Wed, 7 Jun 95 11:45:11 PDT From: "Peter G. Neumann" Subject: Former IRS employee indicted A former employee of the Internal Revenue Service, Walter C. Higgins of Salem, NH, has been indicted on wire-fraud charges for illegally browsing through IRS computers to gather information on Thomas Quinn, a candidate in an election for the House of Representatives. (Quinn lost the election to Martin Meehan, D-MA from Lowell; Meehan says he knew nothing about Higgins.) A current IRS employee, consumer representative Richard W. Czubinski, of Dorchester, MA, was indicted for misusing his computer access privileges to obtain information on 30 taxpayers, including members of the campaign committee of South Boston City Council President James Kelly. He apparently also accessed the tax files of a Suffolk County assistant district attorney who had unsuccessfully prosecuted Czubinski's father. Disciplinary action is being considered by the IRS. (Czubinski was also described as a sometime political candidate and a member of the Ku Klux Klan.) [Source: The Boston Globe, 3 June 1995, pp. 1 and 15.] [Recognizing the importance of preventing and monitoring both browsing and improper data modification, the IRS is making a considerable effort in its Tax Systems Modernization efforts to base the new system designs on stringent privacy and security requirements. I wish them luck! PGN] ------------------------------ Date: Wed, 7 Jun 1995 09:27:50 From: mycal@netacsys.com (Mycal!) Subject: The Internet is a Dangerous Place I just learned yesterday that the Internet is a dangerous place. It seems someone up in Canada posted a message about a bomb and made it look like I wrote the message. Well, guess what happened, I got a visit from the U.S. Secret Service. It seems that they don't quite understand the Internet and think that, just because my name and E-mail address appeared in the text of the document, I wrote it. If anyone knows of any `bomb' files that have my name on them, would you please tell me what archive they are stored at, because I didn't write them and I want my name off them? Thanx, Mycal Johnson mycal@netacsys.com ------------------------------ Date: Tue, 6 Jun 95 21:38 PDT From: lauren@vortex.com (Lauren Weinstein) Subject: Telecom records non-privacy at Ameritech In a recent issue of the TELECOM digest, it was reported that Ameritech now allows anyone to obtain bill payment information for any Ameritech line (unless blocked by specific subscriber request)--a true bonanza for snoops in general and for folks trolling for big bill customers to target for marketing. Obviously, this is a terrible policy. It is unfortunately not a unique situation. Ameritech's explanation (as reported in TELECOM) has been spouted by numerous other utilities, banks, and other entities. If a subscriber complains, they are frequently told that "hardly anyone else has complained about the system". If 1000 people complain, they may each individually be told that they're essentially the "lone wolf". The "solution" is obvious. Ameritech should return to a "random" passcode system, and allow customers who have a problem remembering the code to either choose something simple ("0000") or opt for no code at all. But such a choice of no security should be made by the individual customer--to make it the default condition for all customers is very bad policy. Experience has shown that the only effective way to deal with these types of situations is to complain loudly to the highest level you can reach. In the case of Ameritech, complaints (and suggestions for "fixing" the problem, as mentioned above) should be made to the billing supervisor level at least--better yet, speak to the managers. And while it means taking the time to put it down in written form, letters to state PUCs are *extremely* important with such matters. I'm sure there are just a *few* Ameritech subscribers reading this now. If each of you expressed your opinion (one way or another) to the PUC and Ameritech regarding their system, I suspect you could have considerable impact. --Lauren-- ------------------------------ Date: Wed, 7 Jun 1995 12:09:13 -0700 From: minow@apple.com (Martin Minow) Subject: *California Lawyer*, June 1995 *California Lawyer*, June 1995 is a "High Tech" issue that RISKS readers might find moderately interesting, if for no other reason than to see another view of the computer field. Here's a brief summary of the contents: -- An article on how software games developer Electronic Arts learned about Hollywood dealmaking. -- An article on the First Amendment and the Internet. -- How a midsize law firm incorporated computers into its "culture." -- Cybercrime "police worry about savvy criminals." -- A map of Silicon Valley with law firms identified. -- Worries about digital piracy (copying laser disks, copying documents). -- A lawyer's viewpoint of the Intel Pentium problem. -- Repetitive-motion injury problems. -- Techno Tools. Readers may also find the proliferation of computer-based legal tools interesting: as usual the advertisements are often more fascinating than the articles. A few random quotes: Electronic Arts: ``Securing the rights [to rock music] took almost as long as producing the game.'' Hate speech: ``The first time you get a first-run film sent over the Internet, you'll get lots of lawyers involved." "The First Amendment allows hate speech [on the Internet] to persist.'' Cybercrimes: ``For the most part, the computer has not introduced any new types of crimes, but it has introduced new methods, time frames, and languages for committing theft, manipulation, destruction, and espionage.'' Digital Piracy: ``Today's ability to create perfect copies over the Internet has frightened people.'' Intel: Disclosing bugs gains advantage in public-relations, but that doesn't take into account the business ramifications, including product replacement, numbers of customers, .... ``Legal ramifications are often secondary to corporate concerns.'' ``The Intel case study offers more public-relations lessons than legal ones, attorneys agree.'' ``The legal effect ... is about nil, Vendors have protected themselves with so many warranty clauses ... that they can get away with anything.'' >From California Lawyer, June 1995. 1390 Market St., Ste 1210, San Francisco, CA 94102. (415) 252-0500. The issue may be difficult to find, as I obtained the last one available at my doctor's office. Martin Minow minow@apple.com ------------------------------ Date: Wed, 7 Jun 1995 13:22:32 +1300 From: "Gregor Ronald, Wanaka, New Zealand" Subject: Copyright infringed via WWW? New Zealand Press Association carried this story on Wed 7 June 1995: INTERNET COPYRIGHT FEARS Internet users could be breaking the law every time they transfer a file from the global computer network to their own computer, said Ross Johnston, a copyright lawyer of Kensington Swan, speaking at a seminar in Wellington. He said that as well as printing copies or storing them on a computer disk, simply browsing articles on the Internet using a computer screen could be infringing the law. He described the World Wide Web part of the Internet as a giant copying machine. New Zealand's Copyright Act defines copying to include "storing the work in any medium by any means". When a computer user browses information on the Internet, an electronic copy is temporarily created in the computer's memory. Mr Johnston said a copy did not have to be permanent. Copyright specialist Ken Moon, of A.J.Park & Son, in Auckland, echoed this view: "I believe that transient copying is an infringement," he said. ------------------------------ Date: Wed, 7 Jun 1995 12:00:10 (xxT) From: [identity withheld by request] Subject: User-friendly E-mail systems Our organization has a mail system which permits a "user-friendly" addressing scheme. Mail can be addressed to either a userid or part of a user's full name. If there are multiple users with the same last name, mail to that last name will be bounced, with the bounce message listing the names, departments, and userids of all matching users. The following [sanitized] message was recently posted by someone in the Payroll department to an internal group for departmental administrators. I request that all administrators sending me XXX E-mail specifically list my user ID (XXXXX) on the E-mail address. Several E-mail messages addressed to my last name have gone to other XXXX's on the XXX system. Because both my wife and son have E-mail addresses, some of the messages have gone to them. If your request contains specific data relating to an employee, please be sure it is addressed properly. [...] ------------------------------ Date: Wed, 7 Jun 95 08:36:55 +0200 From: erling@wm.estec.esa.nl (Erling Kristiansen) Subject: Re: Ariane-5 test aborted (RISKS-17.16) The accident that caused the death of two technicians was not exactly "failure of the main cryogenic motor". I excerpt from the ESA press release: - The accident happened on May 5 in the Ariane 5 launch area at the Guiana Space Centre. - The cause of death was asphyxiation through inhalation of air having an excessively low oxygen contents. - The reduced oxygen contents was due to a major nitrogen leak into the confined structure of the umbilical mast on the launch table. - The nitrogen leak originated in a nitrogen/iced water exchanger, whose drainage plug was found to be missing. I have not seen any announcement of a delay of tests, so I cannot comment on whether, and how, that may be related to the mentioned accident. ------------------------------ Date: Mon, 5 Jun 1995 15:20:15 -0500 (CDT) From: Carlton Hogan Subject: Re: Drug Addicted Geniuses Built Cyberspace In RISKS-17.15, Daniel Frankowski comments on the moronic thrill-piece "Cyberstoned", Originally from Boston Magazine, and reprinted in the Minneapolis Star Tribune. I too noticed this offensive piece of fluff, and sent the following letter to the editor: To the Editor: "Cyberstoned", in Monday's opinion section is just the latest attempt to demonize the Internet for all of Mankind's pre-existent woes. In the last couple of months, people with no great liking or understanding of the net have cited such spectres as kiddie porn, drug dealing, and even the Oklahoma bombing as compelling reasons to dramatically limit the operation of the net, often in a ham-handed manner. Senator James Exon's (D-NE) recently defunct "Digital Decency Act" would have required all Internet providers to read and censor each of millions of messages a day. Early denizens of the Internet created a benign anarchy, where free speech was it's own best remedy. Ironically, pressure to change the net comes from newcomers, who bought a modem specifically because they heard that there was something new happening on the net. This dynamic reminds me of the process of gentrification, where artists and other fringes types will reclaim urban wasteland. Once the quality of the neighborhood improves, more genteel types move in, and systematically erase all signs of bohemia. Our response to the possibilities offered by the net should not be the neanderthal reflex of killing it because we don't understand it. Carlton Hogan, Editor, PWAlive Community Programs for Clinical Research on AIDS Statistical Center, School of Public Health, University of Minnesota, Minneapolis MN 55414 1-612-626-8899 ------------------------------ Date: Mon, 5 Jun 1995 00:33 -0400 From: Bob_Frankston@frankston.com Subject: Re: New Yorker Article on The 59-Story Crisis (RISKS-17.16) I do recommend reading the Citicorp article. The scary part is that this problems were only uncovered by accident. Also, while the idea of a 1 in 700 year event is considered far-fetched, the midwest floods, which partially recurred this year, Mt St Helen's and imply that somewhere, a very unlikely event will occur. And then there's the World Trade Center. The John Hancock building in Boston, AKA The Plywood Palace, is another example. It got that nickname because its windows were falling out and had to be replaced with plywood. Eventually the problem was solved by simply making the glass a little thicker. But the problems caused some additional attention to be paid to the building including further wind tunnel testing. The building is a flat rectangle (almost) and designers assured it wouldn't fall over on its short side. The surprise was that the building was in danger of collapsing on its long axis! Considering the height, it does make sense that the center of gravity can go far out of alignment, at least, in hindsight. The solution was to be put an active damping system at the top -- pioneered in the Citicorp building. The Citicorp article noted that the damping provides stability but not safety since the power supply is a point of vulnerability. The main lesson is that despite all the writing in this forum about proper procedures, things will go wrong. The question is not so much how to prevent problems but how to respond and recover. Prevention is only an optimization of this process and shouldn't overwhelm the process. A full discussion of this topic is a large topic in its own right, but I'll limit my self to riling the audience in this missive. As a PS, there was an article in the Sunday New York Times (May 29th) about lawyers descending upon Norplant, a long term contraceptive. The article noted that these are the same lawyers who got rich on Silicone (not to be confused with Silicon!) implants. While the Citicorp article emphasized the exemplary behavior of all those involved, reality, if anything, is becoming more problematic. Responsible behavior is often severely punished. If you take any responsibility, you might be liable for punitive damages. It is better not to investigate an area at all, than to learn of a problem and calculate the tradeoffs of dealing with it. Again, this is another topic which would take too much space to fully address in a short not. I've also got to add that I'm not a lawyer and probably don't look much like one either. ------------------------------ Date: Mon, 5 Jun 95 22:33 MET DST From: erik@kroete2.freinet.de (Erik Corry) Subject: Compuserve addresses and a sparse name-space Don Faatz relates that his boss regularly gets E-mail at his Compuserve account that is destined for somebody else whose account differs by only digit. This is another case of a namespace not being sparse enough. It is too simple to hit another real Compuserve address by hitting one wrong number. The risk could be reduced with checksum digits like those used for ISBN and credit card numbers. Other small-namespace culprits include the telephone system (especially when used by semi-automated systems like faxes) and some computer languages (changing a random piece of punctuation in a C program has a chance of resulting in a different, valid program. APL is probably much worse.) To make matters worse, he probably has to pay for the incorrectly sent mail (I have heard this is how Compuserve works, but am not sure). Erik Corry, Freiburg, Germany, +49 761 406637 erik@kroete2.freinet.de ------------------------------ Date: Mon, 05 Jun 1995 22:15:35 GMT From: Mike James Subject: Europe - Central Air Traffic Control Here in Europe we have had central Air Traffic Control for a couple of months. A few weeks back , I was on a flight from Preveza (Western Mainland Greece to London Gatwick). First the flight was delayed by an autopilot that refused to permit the flight from London earlier in the day from climbing above 10000 feet (something to do with fuel load trimming), so they had to turn back, and change the 757 for a Lockheed L1011 (impressive landing on short runway - almost aircraft carrier performance, as the runway wasn't really long enough). Then we sat in the L1011 and waited while the crew tried to: Contact Athens ATC - couldn't give a slot to take off, as Brussels was uncontactable. Contact Brussels Central ATC direct by phone - no answer. Contact London , and get their airline headquarters to phone Brussels - no answer. So we sat for 3 hours until the crew nearly ran out of hours in charge of the plane, until Brussels ATC came back on line. Question : What happens if the ATC goes off-line while you are in the air ? How does the system fall back ? Does it go off-line regularly ? -- Mike James G6IXE ------------------------------ Date: Tue, 6 Jun 1995 19:05:05 +0200 From: ladkin@techfak.uni-bielefeld.de Subject: Re: The standard notion of a `field' (Re: Horn, RISKS-17.15) Rob Horn's article in RISKS-17.16 misuses the concept of `field'. Horn was talking about commutative rings with unit. The standard definition of `field' trivially entails that a division operation is available. The integers don't form a field. However, the integers modulo p, for p a prime number, under addition and multiplication, do. Fields have been studied in mathematics for a long time, well over a century. The standard terminology is at least a half-century old. The definition is given in the following widely available texts: B. van de Waerden, Algebra, a standard reference for a half century and still in print (the oldest reference I could find today is to the 3rd edition in 1950; see p39 of the Springer German edition); S. Lang, Algebra (3rd edition p93); S. Maclane and G. Birkhoff, Modern Algebra (1967, p133); and T. Hungerford (1973, Springer edition 1980, p116). Peter Ladkin ------------------------------ Date: Tue, 6 Jun 1995 21:19:34 +0059 (EDT) From: Robert J Horn Subject: Re: The standard notion of a `field' Sorry, you're right. Somewhere along the years I did a mental slip. I should have been using the term commutative ring. I've probably left behind a few years of confused people. Actually computer integers are suffer further in that they are not actually a ring either, because there is a maximum value beyond which addition or multiplication fail. I should not have been using the term finite field, it should have been commutative ring. And my apologies to the readership. R Horn ------------------------------ Date: Thu, 07 Jun 95 19:35:55 GMT From: ts4@piis10.joanneum.ac.at Subject: Telematic Sculpture 4 (T.S.4) A mobile sculpture (length 21,8 meters, weight 1800 kg) by R. Kriesche is physically positioned in the Austrian Pavilion during the Venice Biennale. T.S.4 is driven by the data flow in the Internet, according to the ratio of the worldwide COMPUTER newsgroups versus worldwide ART newsgroups. According to this relation, T.S.4 is expected to transcross the Austrian pavilion during the time of the biennale and might even break through the wall of the pavilion. You are invited to become part of T.S.4 by: o visiting its www homepage http://iis.joanneum.ac.at/kriesche/biennale95.html o discussing T.S.4 on usenet news o sending E-mail to T.S.4 (mailto:ts4@iis.joanneum.ac.at) Your participation will slow down the movement of T.S.4 and prevent it crashing. [The risks of such an event are left as an exercise for the reader. PGN] ------------------------------ Date: Wed, 7 Jun 95 12:05:09 PDT From: "Peter G. Neumann" Subject: Privacy Digests Periodically I remind you of TWO useful digests related to privacy, both of which are siphoning off some of the material that would otherwise appear in RISKS, but which should be read by those of you vitally interested in privacy problems. RISKS will continue to carry general discussions in which risks to privacy are a concern. * The PRIVACY Forum Digest (PFD) is run by Lauren Weinstein. He manages it as a rather selectively moderated digest, somewhat akin to RISKS; it spans the full range of both technological and non-technological privacy-related issues (with an emphasis on the former). For information regarding the PRIVACY Forum, please send the exact line: information privacy as the BODY of a message to "privacy-request@vortex.com"; you will receive a response from an automated listserv system. To submit contributions, send to "privacy@vortex.com". * The Computer PRIVACY Digest (CPD) (formerly the Telecom Privacy digest) is run by Leonard P. Levine. It is gatewayed to the USENET newsgroup comp.society.privacy. It is a relatively open (i.e., less tightly moderated) forum, and was established to provide a forum for discussion on the effect of technology on privacy. All too often technology is way ahead of the law and society as it presents us with new devices and applications. Technology can enhance and detract from privacy. Submissions should go to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. There is clearly much potential for overlap between the two digests, although contributions tend not to appear in both places. If you are very short of time and can scan only one, you might want to try the former. If you are interested in ongoing detailed discussions, try the latter. Otherwise, it may well be appropriate for you to read both, depending on the strength of your interests and time available. PGN ------------------------------ Date: 24 March 1995 (LAST-MODIFIED) From: RISKS-request@csl.sri.com Subject: Info on RISKS (comp.risks), contributions, subscriptions, FTP, etc. The RISKS Forum is a moderated digest. Its USENET equivalent is comp.risks. Undigestifiers are available throughout the Internet, but not from RISKS. SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) on your system, if possible and convenient for you. BITNET folks may use a LISTSERV (e.g., LISTSERV@UGA): SUBSCRIBE RISKS or UNSUBSCRIBE RISKS. U.S. users on .mil or .gov domains should contact (Dennis Rears ). UK subscribers please contact . Local redistribution services are provided at many other sites as well. Check FIRST with your local system or netnews wizards. If that does not work, THEN please send requests to (which is not yet automated). SUBJECT: SUBSCRIBE or UNSUBSCRIBE; text line (UN)SUBscribe RISKS [address to which RISKS is sent] CONTRIBUTIONS: to risks@csl.sri.com, with appropriate, substantive Subject: line, otherwise they may be ignored. Must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. PLEASE DO NOT INCLUDE ENTIRE PREVIOUS MESSAGES in responses to them. Contributions will not be ACKed; the load is too great. **PLEASE** include your name & legitimate Internet FROM: address, especially from .UUCP and .BITNET folks. Anonymized mail is not accepted. ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. Relevant contributions may appear in the RISKS section of regular issues of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise. All other reuses of RISKS material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy, publications using RISKS material should obtain permission from the contributors. RISKS can also be read on the web at URL http://catless.ncl.ac.uk/Risks Individual issues can be accessed using a URL of the form http://catless.ncl.ac.uk/Risks/VL.IS.html (Please report any format errors to Lindsay.Marshall@newcastle.ac.uk) RISKS ARCHIVES: "ftp unix.sri.comlogin anonymous[YourNetAddress] cd risks or cwd risks, depending on your particular FTP. Issue J of volume 17 is in that directory: "get risks-17.J". For issues of earlier volumes, "get I/risks-I.J" (where I=1 to 16, J always TWO digits) for Vol I Issue j. Vol I summaries in J=00, in both main directory and I subdirectory; "bye" I and J are dummy variables here. REMEMBER, Unix is case sensitive; file names are lower-case only. =CarriageReturn; UNIX.SRI.COM = [128.18.30.66]; FTPs may differ; Unix prompts for username and password. Also ftp bitftp@pucc.Princeton.EDU. WAIS repository exists at server.wais.com [192.216.46.98], with DB=RISK (E-mail info@wais.com for info) or visit the web wais URL http://www.wais.com/ . Management Analytics Searcher Services (1st item) under http://all.net:8080/ also contains RISKS search services, courtesy of Fred Cohen. Use wisely. ------------------------------ End of RISKS-FORUM Digest 17.17 ************************