Subject: RISKS DIGEST 17.64 RISKS-LIST: Risks-Forum Digest Tuesday 16 January 1996 Volume 17 : Issue 64 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator ***** See last item for further information, disclaimers, etc. ***** Contents: "Realty Listing Debacle: Glitches disable new online system" (Jeffrey Mogul) Risks of automated software generation (Victor Yodaiken) Close Call at JFK Airport (Scott Lucero) Huge Windows 95 security hole!!!! (Olcay Cirit) Galileo enters safe mode (Martin Minow) Little Brother is watching you... (Henry G. Baker) Risks of "secure" documents containing executed code (Henry J. Cobb) "The Computer User's Survival Guide" by Stigliani (Rob Slade) Re: A glitch in time shaves NIST (Andrew Kowalczyk) Fraud by manipulated cash dispensers in Germany (Michael Fehr) Re: Robert Anton Wilson (Joseph N. Hall) ABRIDGED info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Mon, 15 Jan 96 13:21:01 PST From: Jeffrey Mogul Subject: "Realty Listing Debacle: Glitches disable new online system" The *San Francisco Chronicle* reported on 13 January 1996 that the San Francisco Association of Realtors had switched computer systems, resulting in serious problems for many of their users (some of whom were reduced to using the printed listings book, which comes out only once a week). According to the Chron, The members were promised faster computer response time, hourly listing updates and high-resolution color photos of listed homes, rather than the low-resolution black-and-white photos provided by the old system. Even before I had read much of the story, I wondered if they had tried running both systems at once for a transition period. The article is ambiguous on that point; it reported that Georgeanne Bezille, the association's systems manager, had said: the new system had been running on a test basis for three months, and that members were encouraged to try it. ``We had been warning them that if they had a certain version of software they should come in and upgrade,'' she remarked, but she said many didn't bother. but: that running the old and new systems simultaneously would have been impractical, because it would have required too many extra lines and modems. My guess is that most of the users didn't bother to try the test system because there was no clear incentive for them to do so. Also, it may have been that the very people who were technology-freaks enough to try the test system were the ones who least needed to try it. While Bezille "blamed part of the problem on Pacific Bell which, she said, incorrectly wired some lines at the association's end of the computer system" (Pacific Bell's testing found no faults with the lines), Some members also must share the blame, Bezille said, because they didn't follow the procedures outlined in the user's manual, which differ significantly from procedures under the old system. Is this "blaming the victim" for a system design that did not include an interactive transition mechanism? It may also be that the new system is simply hard to use. The association "has hired 20 technicians to visit real estate offices that are having trouble." However, one agent complained that the two technicians sent to his office ``didn't know what they were doing -- they had a book they were looking at, trying to figure it out.'' If the "technicians" cannot figure it out, why should one expect a non-technical user to be successful? -Jeff ------------------------------ Date: 14 Jan 1996 07:14:43 GMT From: yodaiken@chelm.cs.nmt.edu (Victor Yodaiken) Subject: Risks of automated software generation I've been noticing the increasing popularity of systems that claim to generate real-time programs from simulations or very high level environments. For example, it is possible to generate programs for some DSPs from MatLab simulations and I've seen several examples of engineers using LabView for real-time control of things that might explode. Anyone out there know of any studies on the reliability of such systems? My initial reaction is that I don't want to be anywhere near anything more dangerous than a logic analyzer if it is controlled by, say Labview under Windows. ------------------------------ Date: Mon, 15 Jan 96 16:17:47 EST From: "lucero" Subject: Close Call at JFK Airport The Washington Post reported a close call at JFK airport in New York City on 5 Jan 96. American flight 153 and Delta flight 153 were poised for takeoff on different runways. American flight 1190 was landing. The departure controller gave American 153 clearance to takeoff, but Delta 153 thought the clearance was meant for them and started down the runway, narrowly missing the landing American jet. "We were about 10 seconds away from a major airline collision on the runway," said the president of the air traffic controllers' local at JFK. "It was absolutely hair-raising.' I see two RISKS in this incident: 1) not designing systems to recognize these potentially confusing situations, and 2) a risk similar to that encountered with area codes and IP addresses: a growing number of customers in a limited address space. As airports get busier, mistaken identity incidents like this could happen more often. Scott Lucero ------------------------------ Date: Sat, 13 Jan 96 20:02:15 PST From: olcay@libtech.com (olcay cirit) Subject: HUGE WINDOWS 95 SECURITY HOLE!!!! I've just discovered a huge security hole in Windows 95 that affects ALL 32-bit virus scanning programs. The hole prevents A/V programs from accessing specially named files. To understand how it works, you have to know a little bit about how DOS works: In DOS, when a file is deleted, the first character in the file name is overwritten with ASCII character 229, and it is removed from the File Allocation Table (FAT). DOS does lets you use ASCII 229 as the first character of filenames and directories without any problems, though. With windows 95, however, if it detects that the first character of any file or directory is ASCII 229, it will tell you that the file does not exist, even though this is not true. I tested out McAfee's latest ViruScan 95, and it could not access infected files in directories starting with ASCII 229. Additionally, files starting with ASCII 229 that were infected came up as uninfected. It is interesting to note that old DOS-based scanners still work. Potential RISKS include: * Viruses that have specially named data files to prevent detection * Viruses that store a copy of themselves in a protected directory and infect from there. NOTE that this appears to be a problem with Windows 95, not the virus scanners. Specifically, the built-in file querying routines. I can't think of any workable solutions to the problem offhand. Olcay Cirit -- olcay@libtech.com http://www.libtech.com/olo2.html ------------------------------ Date: Mon, 15 Jan 1996 14:20:43 -0800 From: Martin Minow Subject: Galileo enters safe mode (From http://www.jpl.nasa.gov/files/status/gl960109.txt) "... While the spacecraft was preparing for a change in orientation to keep its low-gain antenna pointed toward Earth, its onboard computer encountered a conflict with a relic of special fault-protection software sent to the spacecraft before its Jupiter arrival in December. That conflict prompted it to enter the safe mode." This was described as a minor incident, and the engineers restarted scheduled transmission. It's not really worth a "Risks" mention, except to note (a) that fault-protection software can cause crashes by itself and (b) that NASA/JPL is able to design for fault-tolerance, remote diagnostic, and repair. Martin Minow minow@apple.com ------------------------------ Date: Sat, 13 Jan 1996 14:34:02 -0800 (PST) From: hbaker@netcom.com (Henry G. Baker) Subject: Little Brother is watching you... I had occasion to search the web for a company name today on one of the web searchers, and in addition to the usual stuff, I came up with a mention of the company's internet address in a xferlog-type file listing the downloads of calendar-type pictures of (ahem) actresses. I guess if you want to access stuff like this, don't do it from your company's IP address. The site manager at the other end may not be CERT-ified. Or even if he is, he may be interested in greenmail. Henry Baker www/ftp directory: ftp.netcom.com:/pub/hb/hbaker/home.html ------------------------------ Date: Sun, 14 Jan 96 05:14:45 -0800 From: "Henry J. Cobb" Subject: Risks of "secure" documents containing executed code. I was going to make this the shortest RISK ever: Spotted above the banner of the Feb 96 C/C++ User Journal: "QUAD-PRECISION Math for ERROR-FREE APPS" But then I noticed this comment from Tim Parker in the Jan 11th RISKs: >2) develop a standard code wrapper scheme to provide authentication and >certification - Authentication (ala PGP) to verify that the file wasn't >altered after the creator created it - and that the creator is really the >creator) The problem in the Win-Word case is that the creator of the document that gave you the virus did not intend to send it. Your computer reads the document, verifies the public-key, executes the code, installs the virus and then proceeds to send out authenticated copies of the virus with each document you send. At the very best, this would only give you an audit trail. (Doubtlessly compromised by the action of the virus itself) If any of the data on any of your systems has the slightest value, then it's time to take a good look at the track record of your software suppliers at keeping data safe. (If you don't like what you see, vote with your pocketbook, I have) ------------------------------ Date: Fri, 12 Jan 1996 17:54:09 EST From: "Rob Slade" Subject: "The Computer User's Survival Guide" by Stigliani BKCMUSRG.RVW 951205 "The Computer User's Survival Guide", Joan Stigliani, 1995, 1-56592-030-9, U$21.95/C$31.95 %A Joan Stigliani %C 103 Morris Street, Suite A, Sebastopol, CA 95472 %D 1995 %G 1-56592-030-9 %I O'Reilly & Associates, Inc. %O U$21.95/C$31.95 800-998-9938 707-829-0515 fax: 707-829-0104 nuts@ora.com %P 296 %T "The Computer User's Survival Guide" Like the earlier "Zap" (cf. BKZAP.RVW), this book covers the various physical ills that can be related to computer use. Stigliani covers the basics, RSI (repetitive strain injury) eyestrain, stress and EMF (electromagnetic fields). More research has gone into this work than went into "Zap", and the bibliography gives a good, broad sampling of related literature (if not, sometimes, the best in a given field). Throughout the book there are practical exercises that can help the normal user deal with complaints. In the Preface, Stigliani recommends the book to managers and business people. This advice makes a lot of sense, since managers have much more control over the work environment in the office. Unfortunately, but in line with many other similar works, she fails to provide justification and background which would allow business owners to make a business case for committing the resources necessary to reorganize the workspace, and purchase more "healthy" equipment. In addition, business people may be uncomfortable to find some suggestions (such as the exhortation to ameliorate the effects of EMF by using crystal pendants) and the general tone of the writing to be a bit "New Age". It would be a mistake to see the book as "flaky" because of this minor predilection: the important parts of the book are thoroughly researched and well supported. Practical help for users, a useful guide for managers and a good introduction for health practitioners. copyright Robert M. Slade, 1995 BKCMUSRG.RVW 951205 roberts@decus.ca rslade@vanisl.decus.ca Rob.Slade@f733.n153.z1.fidonet.org Author "Robert Slade's Guide to Computer Viruses" 0-387-94311-0/3-540-94311-0 ------------------------------ Date: Mon, 15 Jan 1996 09:09:48 -0600 From: Andrew Kowalczyk Subject: Re: A glitch in time shaves NIST(Huey, RISKS-17.63) I checked the NIST gopher server (gopher-server.nist.gov) and found press releases about the leap second. This is the 20th time they have done this so they should have understood the issues involved. It has been done on June 30 as well as Dec 31 in the past. (UTC is "Coordinated Universal Time" in French.) There was nothing explaining the foul-up, bit I did notice a companion article that Curt W. Reimann, first director of the Malcolm Baldrige National Quality Award, is retiring from federal service. Perhaps this had something to do with it! ;) > From the Press Release: > This year's leap second will be inserted at 23:59:60 UTC on Dec. > 31, 1995. That's the scientific way to say it will happen just before 7 > p.m. EST on New Year's Eve. The last minute of the old year will > actually be 61 seconds long, and thus the new year will start a second > later than it would without the leap second. Clearly, a legitimate time of 23:59:60 flies in the face of every date/time string validation routine ever written. [Too many of you to note individually had comments on this topic. THANKS! PGN] ------------------------------ Date: 14 Jan 1996 20:15:00 +0100 From: joey@newswire.de (Michael Fehr) Subject: Fraud by manipulated cash dispensers in Germany I would like to tell you what I read in the "Rheinische Post", a German newspaper, on 12 Jan 1996. I hope that I am able to translate it correctly. It seems that at least 100 owners of an "Eurocheque Card" (EC-Card), a card that one can use at each cash dispenser in Europe (not a credit card), were the victims of a fraud. The people who committed the crime stole about DM 400,000 (about US$ 270,000) from their accounts. The investigators think that they had manipulated two cash dispensers of the "Deutsche Bank", the biggest German bank, in a way that allowed them to get access both to the data on the EC-cards and the Personal Identification Numbers (PINs). Then they must have copied the data to blank cards. This happened near the border to the Netherlands and the criminals went there in order to withdraw the maximum amount of 1,000 "Gulden" (about US$ 750) per day. They did so for several days and were not arrested yet. The customer's damage will be compensated by an insurance, the "Deutsche Bank" announced. They also said that this did not happen for the first time. Other banks' cash dispensers had been manipulated before, too. How can it be possible that a bank's cash dispenser is manipulated that way? I've thought of "faked" cash dispensers before, too, but real ones? Michael Fehr, Student of business management at the Heinrich-Heine-University, Duesseldorf, Germany ------------------------------ Date: Mon, 15 Jan 1996 05:26:29 -0700 From: joseph@cscaper.com (Joseph N. "Moof-in'" Hall) Subject: Re: Robert Anton Wilson (Giles, RISKS.17-63) Right general idea, anyway ... it was Schrodinger's Cat III: The Homing Pigeons. E.g.: "[...] How would you feel after Potter Stewarting for four hours?" "Tired." Wilson's most notable books (the Schrodinger's Cat Trilogy and the Illuminatus! Trilogy) cover topics near and dear to the hearts of RISKS readers--as well as readers who are simply paranoid. In Wilson's fiction, governments, corporations and institutions in general are run, or manipulated, by people who unashamedly put self interest ahead of all other goals. In other words, everybody acts like the greedy, sneaky bastard you fear he or she might be. Maybe the books are not realistic ... but they sometimes ring truer than the sayings of the Watergate-era governments that inspired them. Or even present-day governments. Conspiratorialists and others who just find this sort of thing entertaining should also try out Steve Jackson's Illuminati card game. Of course Steve Jackson can tell you about the RISKs of tangling with the government .... Joseph N. "Moof-in'" Hall Proprietor, 5 Sigma Productions, P.O.Box 6250 Chandler AZ 85246 joseph@5sigma.com http://www.5sigma.com/joseph/Joseph.html ------------------------------ Date: 11 January 1996 (LAST-MODIFIED) From: RISKS-request@csl.sri.com Subject: ABRIDGED info on RISKS (comp.risks) The RISKS Forum is a moderated digest. Its USENET equivalent is comp.risks. SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) on your system, if possible and convenient for you. BITNET folks may use a LISTSERV (e.g., LISTSERV@UGA): SUBSCRIBE RISKS or UNSUBSCRIBE RISKS. [...] DIRECT REQUESTS to (majordomo) with one-line, SUBSCRIBE (or UNSUBSCRIBE) [with net address if different from FROM:] INFO [for further information] CONTRIBUTIONS: to risks@csl.sri.com, with appropriate, substantive Subject: line, otherwise they may be ignored. Must be relevant, sound, in good taste, objective, cogent, coherent, concise, nonrepetitious, and without caveats on distribution. Diversity is welcome, but not personal attacks. [...] ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. Relevant contributions may appear in the RISKS section of regular issues of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise. RISKS can also be read on the web at URL http://catless.ncl.ac.uk/Risks RISKS ARCHIVES: "ftp ftp.sri.comlogin anonymous[YourNetAddress] cd risks or cwd risks, depending on your particular FTP. [...] [Back issues are in the subdirectory corresponding to the volume number.] Individual issues can be accessed using a URL of the form http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue] ftp://unix.sri.com/risks [if your browser accepts URLs.] ------------------------------ End of RISKS-FORUM Digest 17.64 ************************