precedence: bulk Subject: Risks Digest 20.09 RISKS-LIST: Risks-Forum Digest Friday 27 November 1998 Volume 20 : Issue 09 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at http://catless.ncl.ac.uk/Risks/20.09.html and at ftp.sri.com/risks/ . Contents: German stock exchange bond futures goof (Chris Brand) Palo Alto 911 system crash (PGN) Security risks delay online registration system (Chenxi Wang) Internet speech is "on the record" (Martin Minow) Organized mail theft in Seattle (Jon Becker) Risks of being ostentatious when embezzling (Mich Kabay) New Zealand: Pledge on destroyed net sites (Mich Kabay) Frames security hole (Lindsay Marshall) Internet Explorer 4.01 Son of Curatango cut-and-paste flaw (PGN) 100-year-old woman "too old to vote" (Michael Zastre) Naming Swedish Names on the Internet (Martin Minow) REVIEW: "Cryptography and Network Security", William Stallings (Rob Slade) REVIEW: "Java Cryptography", Jonathan Knudsen (Rob Slade) DCCA-7 preliminary program (Mike Reiter) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- From: Chris Brand Subject: German stock exchange bond futures goof Date: Thu, 19 Nov 1998 16:36:14 -0800 >From the Electronic Telegraph (http://www.telegraph.co.uk:90), 19 Nov 1998: A junior trader cost his employers an estimated 10 million pounds yesterday after a training exercise went disastrously wrong and he ended up taking part in an 11.5-billion-pound transaction. The trader, who is believed to work for a German financial institution, pressed the wrong buttons on his computer and caused panic on dealing floors in the City. Screens flashed up with the news that someone wanted to sell 130,000 German bond futures contracts, worth in excess of #11.5 billion. [...] The German-based trader's employers are contractually obliged to carry out the transaction, and will be forced to buy futures contracts in the open marketplace to complete it. One banker said: "His employers must have extremely lax controls. A trade that size should have sent alarm bells ringing." [...] German bond futures are now predominantly traded on Eurex, a German-based electronic exchange, on which traders say it is relatively easy to enter the dealing programme instead of the training simulation programme. [...] Chris [also noted by Nathaniel Borenstein and "Koblizek, Vaci" . PGN] ------------------------------ Date: Mon, 23 Nov 98 8:48:56 PST From: "Peter G. Neumann" Subject: Palo Alto 911 system crash Palo Alto's 911 emergency system crashed on 11 Nov 1998 when the backup power supply (UPS with batteries) failed, but the phone calls were successfully switched over to the Santa Clara County center in San Jose within 45 seconds. In this case, the backup had a backup. However, the outage also knocked out the city's main police and fire department radio transmitters for about 45 minutes, the backup for which uses walkie-talkies. [Source: *Palo Alto Daily News*, 12 Nov 1998, p.6, via Glenn Story] ------------------------------ Date: Fri, 20 Nov 1998 09:30:36 -0500 (EST) From: Chenxi Wang Subject: Security risks delay online registration system Reported on *The Cavalier Daily* (20 Nov 1998), officials at the University of Virginia decided to delay activating the online registration system because of security concerns associated with the NT operating system. This system will allow students to register for classes over the internet, and will serve in addition to the phone-based system now in use. Security problems with the online system, according to the article, involved malfunctioning features that allowed access to student information without a PIN and a Social Security Number. Chenxi Wang ------------------------------ Date: Tue, 24 Nov 1998 22:30:08 -0800 From: Martin Minow Subject: Internet speech is "on the record" The current issue of Salon Magazine has an interesting article on the permanence of the net by J.D. Lasica . titled "The Net Never Forgets." (This URL will direct you to the current article, but Salon archives its "back issues".) The content will probably not surprise Risks readers, but might be worth reading for the range of issues Lasica raises. "Once, words were spoken and vanished like vapor in the air; newsprint faded and turned to dust. Today, our pasts are becoming etched like a tattoo into our digital skins." Martin Minow P.S.: For at least 10 years, I've recommended "never post anything you don't want to see on your resume." ------------------------------ Date: Wed, 25 Nov 1998 00:38:01 -0800 From: Jon Becker Subject: Organized mail theft in Seattle An Associated Press item reported on the compromise of the single master key being used for tens of thousands of streetside and apartment mailboxes in the Seattle area, and the massive theft of U.S. postal mail. A ring of at least bandits is suspected of nightly raids. Voting officials urged voters to go straight to post offices with their absentee ballots. [Source: Letterless in Seattle -- region struck by mail thieves, *USA Today*, 24 Nov 1998,www.usatoday.com; PGN Abstracting] [I may never mail anything again. Jon] [Another terrible example of the one-key-fits-all theory, which of course has its implications for the use of master keys and escrowed keys in cryptography and digital commerce. PGN] ------------------------------ Date: Wed, 25 Nov 1998 07:49:36 -0500 From: Mich Kabay Subject: Risks of being ostentatious when embezzling In Gloucestershire, England, 32-year-old Martin Keys was convicted on 19 Nov 1998 of using data diddling to enter fraudulent orders for chocolate bars -- 500,000 pounds (~US$830,000) worth. A co-conspirator would take possession of large loads of Mars Bars and other treats and return part of the profits to Keys. Keys lived far beyond his official means as a shift supervisor and fabricated a series of preposterous stories to account for why he was rich enough to drive a new Saab, travel to the Caribbean and purchased an expensive new home for his girlfriend. M. E. Kabay, PhD, CISSP / Director of Education ICSA, Inc. [Also bad: Mars-ter Keys. He should have been named Mars-ton Keys. PGN] ------------------------------ Date: Sun, 22 Nov 1998 07:54:14 -0500 From: Mich Kabay Subject: New Zealand: Pledge on destroyed net sites Follow-up on previous IHug story: *New Zealand Herald* 20 Nov 1998 The Internet Group says most of the Web sites destroyed by a hacker this week will be restored by Monday. A director, Nick Wood, said only five commercial customers had so far reported losing a complete site. Most customers had a back-up which they were reinstalling. Electronic commerce sites were on another server. The company, usually known as IHug, believes an Auckland man used a sub-program in a customer's site to access the homepages server, and deleted about a third of the files. About 4500 sites were affected. ------------------------------ Date: Fri, 20 Nov 1998 12:27:16 +0000 (GMT) From: Lindsay.Marshall@newcastle.ac.uk Subject: Frames security hole There is a description and demo of a security hole with frames in web browsers at http://www.securexpert.com/framespoof/start.html - there is a version that works without javascript enabled as well. http://catless.ncl.ac.uk/Lindsay ------------------------------ Date: Fri, 27 Nov 98 10:33:11 PST From: "Peter G. Neumann" Subject: Internet Explorer 4.01 Son of Curatango cut-and-paste flaw BugNet earlier reported the so-called Cuartango Hole in Internet Explorer 4.01 and Windows 98. Microsoft has now issued a security bulletin on a variant thereof that exists despite the earlier patch. In essence, the cut-and-paste function bypass IE4 security. A new patch now exists. [Source: An article by Bruce Brown in MSNBC, 23 Nov 1998: http://www.zdnet.com/zdnn/stories/news/0,4586,2168253,00.html] ------------------------------ Date: Fri, 27 Nov 1998 11:13:14 -0800 (PST) From: Michael Zastre Subject: 100-year-old woman "too old to vote" The Quebec '98 election Website reported on 27 Nov 1998 that several elderly residents in a Montreal nursing home are ineligible to vote in Monday's provincial election. One of these is a 100-year-old woman. The chief returning officer for the riding sees no reason why they can't vote, but he is prevented by law from giving the woman back her right. http://www.quebec98.cbc.ca/news/fullstory/F04.html (link may go stale) I would guess the problem is a Misinterpretation of Dates bug in the Electoral Office software, but there could be other reasons for the centenarian's plight. However, what is RISKy about this story is the part that existing legislation might play in exacerbating the fallout from MoD/Y2K related failures. It is one thing for a computer to remove the right-to-vote from the young at heart aged 100+, but quite another to have legislation that inadvertently *forbids* a bureaucrat to fix the resulting mess; a computer system creates a situation for which a piece of legislation must be applied (e.g., withdrawing a citizen's civil right), but in a context never envisioned by lawmakers. Mike Zastre [Note added in archive: This is incorrect. See RISKS-20.10. PGN] ------------------------------ Date: Thu, 26 Nov 1998 23:31:52 -0800 From: Martin Minow Subject: Naming Swedish Names on the Internet A recent RISKS-20.05 article by Jacob Palme, archived at noted that a new Swedish law made it illegal to name an individual by name on the Internet. According to an article in the Swedish Newspaper Svenska Dagbladet's web page, people who name individuals without their permission need not fear prosecution. "I intend to take a liberal interpretation of the law and use some common sense" said the Data Inspectorate's chief, Ulf Wideback. ... "But, if someone posts personal information that is sensitive, we will act." he noted. The Personal Information Law follows an EU directive that predates the Internet's recent growth. Ulf Wideback understands that people may believe that the law has strange consequences for Internet users. Martin Minow, minow@pobox.com ------------------------------ Date: Mon, 23 Nov 1998 11:10:07 -0800 From: "Rob Slade, doting grandpa of Ryan and Trevor" Subject: REVIEW: "Cryptography and Network Security", William Stallings BKCRNTSC.RVW 981010 "Cryptography and Network Security", William Stallings, 1999, 0-13-869017-0 %A William Stallings ws@shore.net %C One Lake St., Upper Saddle River, NJ 07458 %D 1999 %G 0-13-869017-0 %I Prentice Hall %O +1-201-236-7139 fax: +1-201-236-7131 betsy_carey@prenhall.com %P 569 p. %T "Cryptography and Network Security: Principles and Practice 2nd edition" This book is intended to serve both as a textbook for an academic course of study, and as a self-study and reference guide for practicing professionals. The material has been extended to emphasize encryption and its central position in network protection. The structure and flow have been reorganized with both classroom use and solo instruction in mind, and additional teaching material, such as additional problems, have been added. Chapter one is an introduction to the topics to be covered. In a practical way it outlines the concerns involved in the phrase computer security, and the priorities occasioned by the networked nature of modern computing. There is also an outline of the chapters and sequence in the rest of the book. While the text does note that cryptographic techniques underlie most of current security technologies this is only done briefly. Examples in the major categories listed would help explain this primary position. Part one deals with conventional, symmetric, encryption and the various methods of attacking it. Chapter two covers the historical substitution and transposition ciphers. Symmetric block ciphers are discussed in chapter three, illustrated by an explanation of DES (Data Encryption Standard). The additional conventional algorithms of triple DES, IDEA (International Data Encryption Algorithm), and RC5 are reviewed in chapter four. The use of conventional encryption for confidentiality is outlined in chapter five. Part three looks at public-key encryption and hash functions. Chapter six introduces public-key encryption and its uses in confidentiality, authentication, and key management and exchange. Number theory is the basis of these modern algorithms, so some basic mathematical concepts are outlined in chapter seven. Digital signatures and message authentication is introduced in some detail in chapter eight. The algorithms themselves are explained in chapter nine, including MD5 (Message Digest algorithm), SHA (Secure Hash Algorithm), and others. Protocols using digital signatures are described in chapter ten. Part three takes this background material and relates its use in security practice. Chapter eleven looks at authentication, concentrating on Kerberos and X.509. The examples of e-mail security systems given in chapter twelve are PGP (Pretty Good Privacy) and S/MIME (Secure/Multipurpose Internet Mail Extension). Security provisions for the Internet Protocol (IP) itself are reviewed in chapter thirteen. Web security, in chapter fourteen, again concentrates on protocol level matters, but also discusses the SET (Secure Electronic Transaction) standard at the application level. Part four outlines general system security. To the general public the primary concern of security is to deal with intruders and malicious software, so it may seem odd to the uninitiated to find that both of these subjects are lumped together in chapter fifteen. Chapter sixteen finishes off the book with a description of firewalls and the concept of trusted systems that they rely on. Each chapter ends with a set of recommended readings and problems. Many chapters also have appendices giving additional details of specific topics related to the subject just discussed. For the instructor, student, and professional, this work provides thorough coverage, clear explanations, and solid information. copyright Robert M. Slade, 1998 BKCRNTSC.RVW 981010 rslade@vcn.bc.ca rslade@sprint.ca robertslade@usa.net p1@canada.com Find virus and book info at http://www.victoria.tc.ca/techrev/rms.html ------------------------------ Date: Tue, 17 Nov 1998 10:06:21 -0800 From: "Rob Slade" Subject: REVIEW: "Java Cryptography", Jonathan Knudsen BKJAVCRP.RVW 981018 "Java Cryptography", Jonathan Knudsen, 1998, 1-56592-402-9, U$29.95/C$42.95 %A Jonathan Knudsen %C 103 Morris Street, Suite A, Sebastopol, CA 95472 %D 1998 %G 1-56592-402-9 %I O'Reilly & Associates, Inc. %O U$29.95/C$42.95 800-998-9938 fax: 707-829-0104 nuts@ora.com %P 372 p. %T "Java Cryptography" This book is intended to teach experienced Java programmers how to add cryptographic elements to their applications. The text is not intended to teach encryption algorithms, basic Java programming, or the overall Java security model: there are other books that fulfill those functions. There is one other limitation: much of the book relies on the Java Cryptography Extensions (JCE) which are only available to those in the United States and Canada (nudge, nudge, wink, wink). Chapter one lists some fundamentals of encryption and the relationship to security. There are also a couple of programs right off the bat that will let you explore message digests, and encrypting and decrypting messages. The basics of confidentiality, authentication, and some major cryptographic algorithms are outlined in chapter two. The explanations are quite terse, but not out of line with the aim of the book. Java Security Architecture (JCA) is explained in chapter three, along with a quick overview of the API (Application Programming Interface) and SPI (Service Provider Interface). Chapter four introduces Java's own pseudo-random number generator, plus programming for key seeds from keyboard timing. Key management, in chapter five, is somewhat weak. The APIs only deal with hierarchical key certification, but this may simply be an example of Knudsen dealing strictly with the language, and leaving the concepts to others. I was, however, bemused at some passages that may have suffered from a lack of copy editing: for example, one section that seemed to confuse production of Message Authentication Codes with working on Macintosh computers. Authentication of various types is covered quite well in chapter six. Chapter seven's guide to encryption covers details not normally dealt with in cryptography texts because it must handle all matters related to getting an encryption algorithm to actually function in an application. Chapter eight gives enough detail about signed applets to prove that they are going to be browser specific for a while. Security provider programming is covered in chapter nine, using the ElGamal algorithm as an example. A sample application is created using an encrypted version of the talk utility in chapter ten. An e-mail application is created in chapter eleven using th provider previously generated in chapter nine. Chapter twelve closes off by looking at security design for the system overall. Appendices review BigInteger arithmetic in Java, the Base64 encoding scheme (an option for converting binary objects to text characters for e-mailing), Java archive files, Javakey, and a quick reference for the Java cryptography classes as covered in the book. Knudsen states that the book is written, as far as possible, without assuming any prior knowledge of cryptography. In this aim he succeeds rather well. The programmer with no background in encryption can still add a reasonable layer of security to his or her application. Those who study further, of course, will be able to ensure a higher level of protection and reliability. copyright Robert M. Slade, 1998 BKJAVCRP.RVW 981018 rslade@vcn.bc.ca rslade@sprint.ca robertslade@usa.net p1@canada.com ------------------------------ Date: Fri, 27 Nov 1998 11:02:38 -0500 From: Mike Reiter Subject: DCCA-7 preliminary program Seventh IFIP International Working Conference on Dependable Computing for Critical Applications (DCCA-7) The Fairmont Hotel San Jose, California, USA January 6-8, 1999 IFIP Working Group 10.4 on Dependable Computing and Fault Tolerance + ... [Abridged for RISKS. PGN] Early Registration deadline 6 Dec 1998. Full info and online (secure) registration form is available at or from registration@sei.cmu.edu. Wednesday January 6, 1999 9 am: Assessment of COTS Components * The Taxonomy of Design Faults in COTS Microprocessors by Algirdas Avizienis and Yutao He of UCLA, USA * Assessment of COTS Microkernels by Fault Injection by J.-C. Fabre, F. Salles, M. Rodriguez-Moreno, and J. Arlat of LAAS, France 11am: Coping with COTS * Minimalist Recovery Techniques for Single Event Effects in Spaceborne Microcontrollers by Douglas W. Caldwell and David A. Rennels of UCLA, * Building Fault-Tolerant Hardware Clocks from COTS Components by Christof Fetzer and Flaviu Cristian of UCSD, USA 2pm: Formal Methods * A methodology for proving control systems with Lustre and PVS by S. Bensalem, P. Caspi, C. Parent-Vigouroux, and C. Dumas, D. Pilaud, VERIMAG, France * Prototyping and Formal Requirement Validation of GPRS: A Mobile Data Packet Radio Service for GSM by Luigi Logrippo, Laurent Andriantsiferana, and Brahim Ghribi of University of Ottawa, Canada * Formal Description and Validation for an Integrity Policy Supporting Multiple Levels of Criticality by A. Fantechi, S. Gnesi, and L. Semini of Universite di Firenze, Italy 4:30pm: Distributed Systems * Proteus: A Flexible Infrastructure to Implement Adaptive Fault Tolerance in AQuA by Chetan Sabnis, Michel Cukier, Jennifer Ren, William H. Sanders, David E. Bakken, and David Karr of University of Illinois and BBN, USA * Improving Performance of Atomic Broadcast Protocols Using the Newsmonger Technique by Shivakant Mishra and Sudha M. Kuntur of University of Wyoming, USA Thursday January 7, 1999 9am: Time-Triggered Architecture * The Transparent Implementation of Fault Tolerance in the Time-Triggered Architecture by Hermann Kopetz and Dietmar Millinger of TU Vienna, Austria * Formal Verification for Time-Triggered Clock Synchronization by Holger Pfeifer, Detlef Schwier, and Friedrich W. von Henke of University of Ulm, Germany 11am: Fault Tolerance and Safety * PADRE: A Protocol For Asymmetric Duplex Redundancy by Didier Essame, Jean Arlat, and David Powell of LAAS, France * Experimental Validation of High-Speed Fault-Tolerant Systems Using Physical Fault Injection by R.J. Martinez, P.J. Gil, G. Martin, C. Perez, and J.J. Serrano of the University and Politecnica of Valencia, Spain 2pm: Models of Partitioning for Integrated Modular Avionics * A Model of Cooperative Noninterference for Integrated Modular Avionics by Ben L. Di Vito of ViGYAN/NASA Langley, USA * Invariant Performance: A Statement of Task Isolation Useful for Embedded Application Integration by Matthew M. Wilding, David S. Hardin, and David A. Greve of Collins Commercial Avionics, USA * A Model of Non-Interference for Integrating Mixed-Criticality Software Components by Bruno Dutertre and Victoria Stavridou of SRI International, USA 4:30pm: Dependability Evaluation * Dependability Modeling and Evaluation of Phased Mission Systems: a DSPN Approach by Ivan Mura, Andrea Bondavalli, Xinyu Zang, and Kishor Trivedi of University of Pisa and CNUCE/CNR, Italy, and Duke University, USA * Dependability Evaluation using a Multi-Criteria Decision Analysis Procedure by Divya Prasad and John McDermid of the University of York, UK Friday January 7, 1999 9am: Panel: Certification and Assessment of Critical Systems 11:30am: Probabilistic Guarantees * Probabilistic Scheduling Guarantees for Fault-Tolerant Real-Time Systems by A. Burns, S. Punnekkat, L. Strigini and D. R. Wright of the University of York and City University, UK * Fault Detection for Byzantine Quorum Systems by Evelyn Pierce, Lorenzo Alvisi, Dahlia Malkhi, and Michael Reiter of University of Texas at Austin, and Bell Laboratories, USA Phone: 412-268-7388 (inquiries only) Fax: 412-268-7401 E-Mail: registration@sei.cmu.edu General Chair: Charles B. Weinstock, Software Engineering Institute, USA Program Chair: John Rushby, SRI International, USA ------------------------------ Date: 23 Sep 1998 (LAST-MODIFIED) From: RISKS-request@csl.sri.com Subject: Abridged info on RISKS (comp.risks) The RISKS Forum is a MODERATED digest. Its Usenet equivalent is comp.risks. => SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) if possible and convenient for you. Alternatively, via majordomo, SEND DIRECT E-MAIL REQUESTS to with one-line, SUBSCRIBE (or UNSUBSCRIBE) [with net address if different from FROM:] or INFO [for unabridged version of RISKS information] .MIL users should contact (Dennis Rears). .UK users should contact . => The INFO file (submissions, default disclaimers, archive sites, copyright policy, PRIVACY digests, etc.) is also obtainable from http://www.CSL.sri.com/risksinfo.html ftp://www.CSL.sri.com/pub/risks.info The full info file will appear now and then in future issues. *** All contributors are assumed to have read the full info file for guidelines. *** => SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line. => ARCHIVES are available: ftp://ftp.sri.com/risks or ftp ftp.sri.comlogin anonymous[YourNetAddress]cd risks [volume-summary issues are in risks-*.00] [back volumes have their own subdirectories, e.g., "cd 19" for volume 19] or http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue]. PostScript copy of PGN's comprehensive historical summary of one liners: illustrative.PS at ftp.sri.com/risks . ------------------------------ End of RISKS-FORUM Digest 20.09 ************************