Subject: RISKS DIGEST 17.35 RISKS-LIST: Risks-Forum Digest Friday 15 September 1995 Volume 17 : Issue 35 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator ***** See last item for further information, disclaimers, etc. ***** Contents: Air Traffic Control Computers Down in Chicago (Scott Lucero) 911 call-box scams in California (PGN) Is it possible to live without risks? (Paul Robinson) At some schools, Windows 95 gets an 'F' (Simson L. Garfinkel) French card tricks (Roger MacNicol via others) WWW access monitored (Moss-Jusefowytsch OEG) SSNs for E-mail addresses! (James W. O'Toole Jr.) NIST Crypto Workshop Web Page (Lance J Hoffman) Compuserve Mailer Risks (Barak Pearlmutter) Phone-call logging (Thomas Tonino) Re: Initiative for better Usenet discussions (Fred Gilham) Re: Netscape security (Timothy Hunt) Microsoft, viruses, and installation disks (Andrew J Klossner) Yet Another Bank Error (Philip H. Smith III) Re: Bogus check for $95,000 (Brian Hoffman, Jonathan Kamens, Matthias Urlichs) ABRIDGED info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Wed, 13 Sep 95 10:20:15 EST From: "lucero" Subject: Air Traffic Control Computers Down in Chicago CNN reported that ATC primary computers and their backup went down for several hours the morning of 12 Sep 1995 in Chicago. Schedule delays of over an hour were common. Channel 9 local news in Washington, DC, reported collision alarms going off when an American Eagle plane and private jet came within 3.5 miles of each other during the downtime. Scott Lucero [The Fremont/Oakland ATC Airport Surveillance Radar system ASR 9 failed TWICE on 13 Sept, when a microwave comm link malfunctioned. Source: San Francisco Chronicle, 14 Sep 1995, p. C 16. See RISKS-17.24,25,26 for other recent problems at that center. PGN] ------------------------------ Date: Wed, 13 Sep 1995 12:54:26 -0700 From: "Peter G. Neumann" Subject: 911 call-box scams in California Two Oakland men have apparently been ripping off (literally and figuratively) freeway emergency call boxes, reverse-engineering the serial numbers, and programming them into cellular phones, which they either sold or used themselves. More than $40,000 in cellular-phone calls (some from New York) were attributable to those serial numbers. About 200 call boxes worth $250,000 were involved (mostly in Alameda County). The remaining call boxes have now been reprogrammed to be able to dial only 911, which might end that scam --- unless they can be subsequently re-reprogrammed... [Source: An article by Erin Hallissy, _San Francisco Chronicle_, Peninsula Edition, 13 Sep 1995, page A15.] ------------------------------ Date: Wed, 13 Sep 1995 12:22:47 EDT From: Paul Robinson Subject: Is it possible to live without risks? [The following item is an excerpt from Paul's forthcoming book, "The Gatekeeper: The Gate Contracts" and seems very appropriate for inclusion in RISKS. PGN] "George, is it possible to live without taking risks? I mean, without taking any risk at all." "No." "Why?" "Because almost everything we do has some danger to it, even if it's a small one." "Exactly. Every time you get up, there is a risk that termites have eaten holes in the floor and it's no longer strong enough to hold you, or you might slip in the bathtub, or that you might get hit by a car crossing the street, or your deodorant might be too strong and give you a bad rash for a while. "For most things we do, there is a tiny, infinitesimal risk of death or injury. For some things, the risk is higher. The range of risks run from the chance of dying from a heart attack, due to strain caused as a direct result of moving your arm, while brushing your teeth, being nil, all the way to stepping into an operating blast furnace, the risk of death being certainty. Usually we do not weigh the risk, because it is too insignificant to matter. But if there is a significant risk, you must decide if you can afford the cost. Got me so far?" "Yes." "Risks do not always involve life and death issues. Every action you take has some risks involved. When we have to do something about those risks, we call that the consequences surrounding the action. Nonetheless, it is important that people understand that actions have consequences, and that they must take responsibility for their actions. This means they are acting in a manner that shows them to be responsible people. "All human misery stems from one cause, and one cause only: someone not taking responsibility for their actions. The result of this directly causes that responsibility to be borne by someone else, or that their default caused the responsibility to not be borne by anyone, and the consequences of that decision indirectly causes someone else to bear the consequences of their act, and they suffer for other people's irresponsibility. "In any undertaking, as long as you consider the what the consequences of your actions are, and are willing to take responsibility for them, and are in fact capable of taking on those consequences, then you are acting in a responsible manner. You are still acting in a responsible manner even if you find out you were wrong either way, as long as you took into consideration all outcomes that could, by any reasonable analysis of the matter, be expected from those actions." - George Green and Dr. Hugo Sign, in Paul Robinson's "The Gatekeeper: The Gate Contracts" Paul Robinson President/General Manager Tansin A. Darcos & Company/TDR, Inc. ------------------------------ Date: Thu, 14 Sep 1995 23:05:48 -0400 From: simsong@vineyard.net (Simson L. Garfinkel) Subject: At some schools, Windows 95 gets an 'F' New Software Is Blamed for Networking Problems at a Few Universities By SIMSON L. GARFINKEL, Special to the Mercury News (C) 1995, Simson L. Garfinkel Permission granted for electronic redistribution on the Internet Microsoft's new Windows 95 operating system is playing havoc with the computer networks at a few of the nation's universities, prompting at least one university to issue a policy restricting students and faculty from running Windows 95 on its computer network. University administrators say problems have occurred when a user running Windows 95 connects that machine to a network running the Novell Netware operating system, one of the most popular versions for allowing a group of computers to operate collectively, or over a ''network.'' Windows 95 has a new network feature that allows computer users to share information stored on each other's computers. The problem, according to people who have worked with the software, is that a computer running Windows 95 can be configured to masquerade as an organization's Novell Netware server, or centralized ''control'' computer. When that occurs, the computers trying to talk with the server shut down, or ''crash,'' university officials say. Utah State University already has instituted a policy forbidding its students and staff from using a specific type of Netware networking feature that's built into Windows 95. ''We have published a policy that we will come and break your kneecaps if you do this, so please don't,'' said Joe Doupnik, a professor of electrical engineering at Utah State University in Logan, Utah. Besides Utah State, representatives from the University of Kansas and some other institutions have reported similar problems. So far, no corporations have reported any troubles with the popular new operating system, according to a Microsoft spokesman. That suggests, according to computer experts, that it is only in less regulated environments -- such as college campuses -- where there may be problems. At larger corporations, the computer network is closely managed by experts who would know how to avoid the traps that could lead to the woes being experienced at some universities. The problem reported by the universities has to do with the inner workings of Novell's Netware operating system. Under normal circumstances, when a desktop computer running Novell's client software is turned on, one of the first things that the computer does is send a request out on the network for the nearest Novell server, said Doupnik. Under normal circumstances, the nearest Netware server responds to this request and tells the client computer how to go about accessing files on the organization's local area network. But when a Windows 95 computer configured to act like a server is attached to the same network, Doupnik said that computer can respond first. The result is that the person who has requested information from the network ends up with an unresponsive, or dead, computer. For the user running a computer with the Windows 95 operating system, nothing appears to be wrong. Microsoft, meanwhile, denies that the problem exists. ''We have done extensive testing with Novell's products,'' said Mike Conte, a group manager with Microsoft's Personal Systems Division. ''There was an issue . . . during the beta [test period], but actually the problem has been fixed for months. ''Normally, people won't encounter this issue at all, because it won't be turned on,'' Conte said, referring to the program that turns on the specific networking function. If users do turn it on, he said, they need to specify a ''preferred network'' for Novell Netware clients to use. Windows 95 will then automatically send the client's requests to the appropriate Netware server. But computer system administrators -- and Novell itself -- disagree. Novell and Microsoft are competitors in the lucrative networking software market. William Donahoo, director of product marketing at Novell, said his company has offered to work with Microsoft, but the Washington-based king of desktop operating systems has rebuffed Novell's overtures. ''We have several license programs and computability testing programs,'' Donahoo said. ''They have not wanted to participate. They have wanted to do it on their own.'' Donahoo said there is a way for system administrators to prevent system crashes, but representatives from the universities say they have been unable to resolve the problem. For example, Michael McGinnis, a network consultant at the University of Kansas in Lawrence, said a student at that university on Friday caused havoc on the network system when he tried to hook up to the network after he had installed Windows 95. McGinnis said it took him and two other computer consultants three hours to track down the culprit. ''I have had the problem, and I have gotten e-mail messages from system administrators at three other universities who have seen the problem,'' McGinnis said. McGinnis called Microsoft for technical support. ''I spent an hour on the phone, and couldn't get to anyone at Microsoft who knew anything about this problem. I talked to one tech support guy who said he didn't know of any such problem. He gave me a phone number of another Windows 95 Networking Support Group at Microsoft. I have not called them yet, because I didn't have authorization to spend $35.'' About this last point, McGinnis is particularly resentful. ''We bought 375 copies and they won't let me talk to a tech support person unless I pay them.'' ------------------------------ Date: Wed, 12 Apr 1995 18:10:37 -0700 (PDT) From: harry@starbase.sj.unisys.com Subject: French card tricks [This came from harry via a long chain of senders (Bostic, Cate III, Olsen). It seems worthy of RISKS in light of various recent developments. PGN] >From alt.folklore.computers I heard this story from someone who worked for a French company, they had a problem with a program on punched cards written for them by a US subsidiary. The programs never worked when loaded in France but the US systems house swore blind that they did at their end. Eventually, in exasperation, someone followed the working set of cards from the US to France. At French customs, they observed a customs official remove a few cards at random from the deck. Apparently, the french customs are entitled to remove a sample from any bulk item (such as grain), so a few cards from a large consignment shouldn't matter, should it? [Later posts by Joe Morris and Tom Rauschenback confirmed the story. Mr. Morris said that the company was Oak Ridge National Labs, and the cards contained unclassified data. Mr. Rauschenback said that the story originally came from him. RMacN] -- Roger MacNicol (uvmark!roger@merk.com) [Perhaps a more up-to-date version of this would involve physical random samples from bulk storage. PGN] ------------------------------ Date: 13 Sep 1995 09:16:00 +0100 From: rseoeg@site33.ping.at (Moss-Jusefowytsch OEG) Subject: WWW access monitored Unknown to many web browsers, records are kept of who has accessed web sites. The risk: someone might publicize what you have accessed. This was excerpted from alt.current-events.clinton.whitewater: from The Washington Weekly (http://www.federal.com) It has come to my attention that several dissident sites on the World Wide Web have been visited by White House computers this week. Apparently, all information regarding Whitewater, Foster, and Mena has been transferred to White House computers. Specifically, the sites, "Washington Weekly" (http://www.federal.com), "The Whitewater Scandal Home Page" (http://www.cs.dartmouth.edu/~crow/whitewater/) "Whitewater & Vince Foster" (http://www.cris.com/~dwheeler/n/whitewater/whitewater-index.html) have been visited by White House computers ist1.eop.gov, ist6.eop.gov, ist7.eop.gov, and gatekeeper.eop.gov between August 28 and August 31, and a total of 128 files have been transferred to those White House computers. For all sites, this constitutes a significant increase over previous access by White House computers. ------------------------------ Date: Thu, 14 Sep 95 18:15:37 EDT From: james@sparta.lcs.mit.edu (James W. O'Toole Jr.) Subject: SSNs for E-mail addresses! At Villanova University, the Internet E-mail addresses assigned to undergraduates consist of the student's Social Security Number, as in 123456789@ucis.vill.edu . I haven't seen SSNs as E-mail addresses before, and I figure ... maybe other people would tell Villanova and any other schools that are doing this to stop. However, a message sent to postmaster@ucis.vill.edu inquiring about this policy produced no response. ------------------------------ Date: Thu, 14 Sep 95 19:52:32 -0700 From: Lance J Hoffman Subject: NIST Crypto Workshop Web Page There is a great collection of the documents from the recent NIST workshop on encryption, including the U.S. Government's straw man proposal and industry reactions at http://www.isse.gmu.edu/~pfarrell/nistmeeting.html Pat Farrell really put a lot of relevant information together, including the government documents and various prepared and informal statements by various players. Lance Hoffman ------------------------------ Date: Wed, 13 Sep 1995 10:13:13 -0400 From: Barak Pearlmutter Subject: Compuserve Mailer Risks There have been articles recently in hip computer magazines about how the in crowd is getting Compuserve and AOL accounts even though they have "regular" E-mail addresses, because these services guarantee reliable and timely E-mail transfer. After receiving an erroneous error message about an address from postmaster@dcgw01.compuserve.com, I replied they (1) look into the matter, and (2) fix their mail transfer agent so problem reports are sent to the REPLY-TO: or FROM: fields in preference to the SENDER: field they currently erroneous use. The following automatic response did not enhance my confidence in Compuserve as a provider of reliable E-mail services. Date: 13 Sep 95 04:18:10 EDT *** From: Electronic Postmaster Comments: Returned from: CompuServe Postmaster Message-Type: Delivery Report To: Subject: Undeliverable message *** ? Invalid receiver address: POSTMASTER@DCGW01.COMPUSERVE.COM Your message could not be delivered as addressed... [Compuserve seems to be having other problems as well. I responded yesterday to a piece of mail from an address that has always worked in the past, and got back message from the postmaster that the address I had used was invalid, although the specified address in fact was NOT the address I had used -- it had additional fields that *COMPUSERVE* had prepended to "compuserve.com". PGN] ------------------------------ Date: Wed, 13 Sep 95 22:01:47 +0200 From: ttonino@bio.vu.nl (Thomas Tonino) Subject: Phone-call logging On BBC (British TV) I just heard a claim that the government logs all international calls made. Not only the numbers called are stored, but also the actual contents of conversations which were claimed to be stored for 90 days. There is an automatic keyword check that alerts a real human in case of 'offensive words'. I bet they were right thinking 'massive amounts of computer ...' were needed for this. It might be interesting to know what other countries do in this area, and whether this is as true as I heard it or not. Thomas ------------------------------ Date: Wed, 13 Sep 1995 08:49:57 -0700 From: Fred Gilham Subject: Re: Initiative for better Usenet discussions (Meyers, RISKS-17.34) I read the article on SELF-DISCIPLINE. While I agree with the basic thrust of it, I feel that it is too organized and legalistic. The kinds of things that are addressed in this proposal need to be internalized; they need to be second-nature. I also would not be surprised to see news.discipline, if created, become subject to endless wrangling about questions like whether posting A is really following the rules or not. On the other hand I like Tom Van Vleck's guidelines (cited at the end of Bertrand Meyer's SELF-DISCIPLINE www page). I think one way to internalize good behavior is to read moralizing preachments like Van Vleck's over and over. Eventually some of it sinks in and BECOMES second-nature. The basic problem, in my view, with Usenet news is that people have stopped thinking of the person at the other end of the wire as a human being. I think it's the same (technologically induced) depersonalization we experience behind the wheel of an auto. The will to power takes over. ------------------------------ Date: Wed, 13 Sep 1995 13:32:32 +0100 (BST) From: timothyh Subject: Re: Netscape security (Sommerfeld, RISKS-17.29) People only tend to encrypt what they consider to be `valuable' data. This means that the cracker can say `oh look... encrypted data, must be valuable' and so has a go at it. If people encrypted communications as a matter of course, the return on investment would be far lower, as the cracker would decrypt a lot of `valueless' data. To suggest a parallel, if people routinely send messages in snailmail using postcards, wouldn't you at least be a little inquisitive about the contents of a sealed envelope? Timothy Hunt, System Admin Support Engineer, UnipalmPIPEX, 216 The Science Park Cambridge CB4 4WA, U.K. +44 (0)1223 250122 timothyh@pipex.net ------------------------------ Date: Wed, 13 Sep 95 09:51:09 PDT From: andrew@pogo.wv.tek.com (Andrew J Klossner) Subject: Microsoft, viruses, and installation disks "A Microsoft spokeswoman says ... users who install the program via floppy disk should ... set the write-protect tab on their program disks before installing them." Most Microsoft programs *require* that one of the floppy disks be write-enabled. Microsoft Word, Excel, and Project for Windows 3.1, among others, record the owner's name and company on one disk during the first installation, and subsequent installations from the same set of disks will report the same name and company. This seems to be an anti-piracy move. If the floppy is not writable, installation fails. -=- Andrew Klossner (andrew@pogo.wv.tek.com) ------------------------------ Date: Wed, 13 Sep 95 06:28:05 EDT From: PHILS@RELAY.RELAY.COM (Philip H. Smith III, (703) 506-0500) Subject: Yet Another Bank Error Apropos of Patrick Combs' $95,093.35 junk check follies, a bank in Chicago reported a $520,000 deposit to the account of Glenn Turner's late mother. He thought it was a mistake, checked with the bank, who reported it was not an error. After three weeks, he started spending it, racking up $189,000 in expenditures. Now a SECOND bank, the one that made the mistake, is suing him for the money back. His lawyer says that bank should be accountable; based on reading the information Combs discovered on his odyssey, that appears to be likely. The RISK is an old one: reliance on systems over common sense. In this case, since his mother had died, Mr. Turner might reasonably be able to claim that he didn't know every detail of her finances and thus was able to reasonably assume that, since the bank had verified the deposit, it was legit. Some details at http://www.cnn.com/US/Fringe/09-07/am/ ...phsiii P.S. to W.F. Linke: Have you read the information at the URL listed? I would have agreed with your distress until I did; assuming that Mr. Combs' actions continue to back his words, his only evil (such as it is) seems to consist of having started the whole thing as a (minor) prank. ------------------------------ Date: Wed, 13 Sep 1995 11:05:53 -0500 From: /G=Brian/S=Hoffman/OU1=0106006@mhs-mc.attmail.com Subject: Re: Bogus check for $95,000 (Linke, RISKS-17.34) Bill Linke said he thought the person who deposited this check was a thief and should be treated as such. While he has a point, the fact that Mr Combs has not spent the money (as he reports) tempers my opinion of him as a thief and makes me want to point a finger at the company that issued the 'check.' IMO he did not pass a bad check - he deposited a check that "met all nine of the legal criteria for a valid bearer document." If that is not intent to deceive (i.e. fraud) I don't know what is. I think the company that issued this check should be slammed for the 95k. Then maybe the torrents of sleazy junk mail I receive weekly would slow down. ------------------------------ Date: Wed, 13 Sep 1995 16:03:44 +0200 From: Jonathan Kamens Subject: Re: Bogus check for $95,000 (Linke, RISKS-17.34) > so, morally he is a thief, regardless of what a lawyer might make of it. I have to disagree. I believe that what Combs has done is a form of civil disobedience, not against the government per se, but against a system which clearly has flaws which need to be addressed, and which may very well be addressed as a result of his actions. In particular, if the check he deposited was in fact legally negotiable, then the Federal check clearinghouse should not have rejected it (or, going back further, the company that sent out the mass mailing should not have sent out a negotiable check). If the check was *not* negotiable, then that should have been caught by Combs' bank or by the regional check clearinghouse which allowed the check to clear. Letting a $95,000 check of questionable validity clear is not a minor problem, it's a *major* problem (before disputing that, stop to think for a minute if you really think your bank would catch it if a crooked cashier at the grocery store made a copy of one of your checks and used the resulting information to forge another check on your account for a large amount of money). Without something like what Combs did, I'm quite certain that the banks and check clearinghouses would simply continue to ignore the problem for as long as they can. A basic principle of civil disobedience is that those who engage in it aren't supposed to profit from it. So, you're right, it's not OK for Combs to say, "Nyah, nyah, you missed the deadline, so I'm going to keep the money!" However, so far, that isn't what he has done. He has kept the cashier's check in a safe-deposit box, while trying to get people with authority to acknowledge that the error occurred and do something to ensure that the same error doesn't happen again. Therefore, as long as the bank and/or the clearinghouse system refuse to concede that they screwed up and to specify in detail what they've done to prevent such screwups in the future, I think that Combs should leave that check sitting in the safe-deposit box (except, of course, that he should take it out, cash it, and put the money into a new cashier's check periodically, so that the check doesn't expire). Combs (and, more generally, we the consumers) have no leverage on The System to force it to fix itself, unless we can wield the threat of hitting it in the pocketbook, and that's what Combs is doing. Jonathan Kamens ------------------------------ Date: Wed, 13 Sep 95 20:56 MET DST From: urlichs@gate.noris.net (Matthias Urlichs) Subject: Re: $95000 withdrawn from bank (Alan Wexelblat, RISKS-17.32) Since he has the $95000 on a cashier's check that hasn't been cashed yet, the bank still has the actual money. The legal quirks are there to protect people from each other should one of them try to defraud the other. That they also work in quite interesting ways otherwise is another matter. If I were he, I'd return the check -- IF the bank actually takes steps to make sure this nonsense doesn't happen again. The info on his Web page says he met with one of the Bank's lawyers a week ago and they reached some kind of agreement (bank gets the check in return for complying with a list of demands or whatever -- the Web page didn't specify). We'll see what happens next. I've asked him via E-mail to clarify what these "ten things [he] wanted" are. Anyway, and again IMHO, it's a Good Thing that this mistake actually hurts the bank. That's a good way to improve the odds that it won't happen again. (I was going to write "make sure" instead of "improve the odds" at first, but common sense prevailed...) Matthias Urlichs Schleiermacherstra_e 12 90491 N|rnberg (Germany) 42 Consulting+Networking+Programming+etc'ing urlichs@smurf.noris.de ------------------------------ Date: 6 September 1995 (LAST-MODIFIED) From: RISKS-request@csl.sri.com Subject: ABRIDGED info on RISKS (comp.risks) The RISKS Forum is a moderated digest. Its USENET equivalent is comp.risks. SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) on your system, if possible and convenient for you. BITNET folks may use a LISTSERV (e.g., LISTSERV@UGA): SUBSCRIBE RISKS or UNSUBSCRIBE RISKS. [...] DIRECT REQUESTS to (majordomo) with one-line, SUBSCRIBE (or UNSUBSCRIBE) [with net address if different from FROM:] INFO [for further information] CONTRIBUTIONS: to risks@csl.sri.com, with appropriate, substantive Subject: line, otherwise they may be ignored. Must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. [...] ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. Relevant contributions may appear in the RISKS section of regular issues of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise. RISKS can also be read on the web at URL http://catless.ncl.ac.uk/Risks RISKS ARCHIVES: "ftp unix.sri.comlogin anonymous[YourNetAddress] cd risks or cwd risks, depending on your particular FTP. [...] [Back issues are in the subdirectory corresponding to the volume number.] Individual issues can be accessed using a URL of the form http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue] ftp://unix.sri.com/risks [if your browser accepts URLs.] ------------------------------ End of RISKS-FORUM Digest 17.35 ************************