precedence: bulk Subject: Risks Digest 20.69 RISKS-LIST: Risks-Forum Digest Thursday 16 December 1999 Volume 20 : Issue 69 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at and by anonymous ftp at ftp.sri.com, cd risks . Contents: Biryukov and Shamir cryptanalysis of A5/1 GSM privacy algorithm (Matt Blaze) Debit-card fraud in Canada (Steven M. Bellovin) Croydon Tramlink: those signalling problems in full (Clive D.W. Feather) Computer technology at the end of the 20th century (David Sedlock) On the Internet nobody knows your five identities (NewsScan) More CERT Advisories on buffer overflows (PGN) Re: No bounds checking in Microsoft RTF controls (R A Downes, Mark Brader) Macros in RTF files (Tom Hill) Y2K-related viruses (PGN) Power-out in Y2K test (Debora Weber-Wulff) Risks of Y2K overreaction (Steven Huang) Top 10 Risks search queries (Lindsay Marshall) Go to jail - go directly to jail ... (Martyn Thomas) According to Alta Vista, everything is for sale... (Daniel P. B. Smith) Quicken's no-undo interface design (Timothy Prodin) Risks of webbed e-mail and cookies (Lloyd Wood) Windows98 censoring word processing apps (Eric Wagoner) Re: Crack in GSM cell-phone encryption scheme (Boyd Roberts) Re: DVD encryption (Brad Ackerman) Re: Why computers are insecure (Durwin Sharp) *Absent* source code now available (Avi Rubin) CFP, 23rd National Information Systems Security Conference (Ed Borodkin) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Thu, 09 Dec 1999 15:02:57 -0500 From: Matt Blaze Subject: Biryukov and Shamir cryptanalysis of A5/1 GSM privacy algorithm As RISKS readers probably already know, Alex Biryukov and Adi Shamir announced that they have a practical cryptanalytic attack against the A5/1 algorithm (which is the "strong" GSM privacy cipher). (Actually, the attack is against the version of A5/1 published at www.scard.org, which may differ from the version deployed in various actual GSM systems). I've gotten permission from Adi Shamir to distribute a draft of the Biryukov/Shamir A5/1 attack paper, so it's now available (in PostScript format) on my web site: Assuming the Biryukov/Shamir attack against A5/1 works against the fielded version of the algorithm, routine, over-the-air monitoring of GSM traffic by even modestly-funded eavesdroppers should be considered a serious and realistic threat. This attack should represent another nail in the coffin for security systems designed in secret and not subjected to the scrutiny of the community. Had the A5/1 designers published their scheme in the open literature instead of trying to keep it secret, this weakness would likely have been discovered much sooner, perhaps before the cipher had actually been used to protect real traffic. One of the first lessons we teach cryptology students is that secret algorithms are a bad idea. Unfortunately, there are still people designing important systems who don't seem to grasp this basic principle. ------------------------------ Date: Fri, 10 Dec 1999 22:12:27 -0500 From: "Steven M. Bellovin" Subject: Debit-card fraud in Canada According to the *Toronto Globe and Mail* (10 Dec 1999), a massive debit-card fraud operation has been detected in Canada. It involves doctored swipe readers that record and transmit the mag stripe information; they also record the PIN entered on the keypad. The operation is allegedly being run by organized crime. The article noted that earlier schemes involved double-swiping (a recent news story in New York had someone arrested who used a suitably-modified PalmPilot for that), plus shoulder-surfing or concealed cameras to capture the PIN. For details, see http://www.globeandmail.com/gam/National/19991210/UDEBIN.html --Steve Bellovin ------------------------------ Date: Mon, 13 Dec 1999 21:01:02 +0000 From: "Clive D.W. Feather" Subject: Croydon Tramlink: those signalling problems in full The opening of the new tram system in Croydon has been delayed due to a signalling problem. A poster on a UK newsgroup reports that the problem was a little unusual: > When a tram was approaching traffic lights, the lights would automatically > be set to red for other traffic flows: unfortunately, the lights were not > reverting to green after the tram had passed, so a single tram passing > once around the town centre would gridlock the roads for the rest of the > day. Clive D.W. Feather, Demon Internet Ltd. Tel: +44 20 8371 1138 ------------------------------ Date: Tue, 14 Dec 1999 14:14:27 +0100 From: "David Sedlock" Subject: Computer technology at the end of the 20th century I think this quote from Bill Bryson's "Notes from a Big Country" pretty much sums up computer technology at the end of the 20th century. I believe that Bill would allow us this "fair use" of his words. "For a long time it puzzled me how something so expensive, so leading edge, could be so useless, and then it occurred to me that a computer is a stupid machine with the ability to do incredibly smart things, while computer programmers are smart people with the ability to do incredibly stupid things. They are, in short, a perfect match." David Sedlock ------------------------------ Date: Tue, 14 Dec 1999 08:43:55 -0700 From: "NewsScan" Subject: On the Internet nobody knows your five identities Montreal software company Zero-Knowledge Systems (www.freedom.net) is now marketing software that will allow a person to use five different anonymous and untraceable identities on the Internet, preventing companies or agencies from using technology to track people's buying habits or other personal information. Of course, such software will also "make it a little more difficult to trace wrongdoers," as the National Association of Chiefs of Police makes clear. But privacy advocate Jason Catlett counters: "Anonymous speech is inconvenient and sometimes has bad consequences, but if you removed it we would be living in a very dangerous world." Zero-Knowledge says that spammers would not be aided by their technology, because a user of the software will be able to send only a small number of anonymous e-mail messages. [AP/*San Jose Mercury News*, 13 Dec 1999, http://www.sjmercury.com/svtech/news/breaking/ap/docs/1184635l.htm; NewsScan Daily, 14 Dec 1999, reprinted with permission] [Note that Canada's policies regarding crypto differ from those in U.S., so this product is generally freely exportable. PGN] ------------------------------ Date: Mon, 13 Dec 1999 15:59:13 -0800 (PST) From: "Peter G. Neumann" Subject: More CERT Advisories on buffer overflows The spate of security problems related to buffer overflows seems to continue unabated. Two recent CERT Advisories may be of particular interest to RISKS readers. CERT Advisory CA-99-15 Buffer Overflows in SSH Daemon and RSAREF2 Library CERT Advisory CA-99.16 Buffer Overflow in Sun Solstice AdminSuite Daemon sadmind CERT publications and other security information are available from http://www.cert.org/ Email: cert@cert.org Phone: +1 412-268-7090 (24-hour hotline) Fax: +1 412-268-6989 Postal address: CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh PA 15213-3890 U.S.A. ------------------------------ Date: Wed, 08 Dec 1999 19:24:45 +0000 From: main@radsoft.net (R A Downes) Subject: Re: No bounds checking in Microsoft RTF controls A number of people have written and asked about the RTF utility, when it would be ready, if it ever would be ready, etc. Well now it is ready, and it can be downloaded at: http://32bit.bhs.com/download.asp?filename=Rtfboom5%2EZIP It's only about 10KB, so it should go rather fast. The program acts as a filter, but you have to "drop" your suspect files on it. All is revealed within the HTML documentation in the ZIP file. RA Downes, Radsoft Laboratories http://www.radsoft.net ------------------------------ Date: Wed, 15 Dec 1999 01:43:53 -0500 (EST) From: msb@vex.net (Mark Brader) Subject: Re: No bounds checking in Microsoft RTF controls (Meeroh, Risks-20.68) >> ... I mean, this is very _basic_ programming, isn't it? >> for (cp = buf; cp < buf + BUFSIZE; cp++) ... > [This] code fails in the subtle case when buf + BUFSIZE extends past the > end of the address space. Note that the ANSI C guarantee that you should > be able to compute the address of the first element beyond the end of a > named array doesn't apply if buf is dynamically allocated. ... yet almost > every programmer I've seen uses the same idiom for both cases. > ... (See Writing Solid Code by Steve Maguire, p 132.) And so they should, because this claim is simply wrong. The standard's guarantee that buf + BUFSIZE provides a valid (though undereferenceable) pointer "one past the last element" is independent of how the space is allocated, and this has not changed as the standard has been updated. The limitations on addition involving pointers are specified in section 3.3.6 of the original ANSI C standard, 6.3.6 of the first ISO version, and 6.5.6 of the new standard; in all cases the wording refers to an "array object". "Object" essentially just means a region of data storage (defined in section 1.6/3.14/3.14), and dynamically allocated space can certainly be accessed as an array (see section 4.10.3/7.10.3/7.20.3). I suspect that Maguire misunderstood the standard's phrase "array object" and thought it meant what Meeroh calls a "named array". Mark Brader, Toronto, msb@vex.net ------------------------------ Date: Wed, 15 Dec 1999 11:07:05 -0800 From: Tom Hill Subject: Macros in RTF files (re: Stewart, RISKS-20.68) > >We'll pass CVs internally across to other "more sensitive" machines in .rtf > >format (using rtf avoids Word-type macro viruses). Be careful about your assumptions. If you save a Microsoft Word document as a .doc file, and then change the extension to .rtf, word will still open it, macros and all. Word is apparently smart enough to figure out the actual format of the file, and react accordingly. The risk is that your users may assume that it is ok to open any attachment with an extension of ".rtf", since RTF files are 'safe'. Or your firewall may not filter out pseudo-rtf files for the same reason. I'm using word 97, on Windows. I didn't test this with an auto-run macro, just verified that the macro warning message came up when I opened the file with the ".rtf" extension which contained the macro. (Note: You might want to turn on macro warnings from the tools menu/options/general/macro virus protection, if you haven't already.) Tom P.S. I did understand that apparently Ross was discussing the case where they do the conversion to RTF themselves, and so won't have this problem, but I still thought the risk worth noting. [Lots of folks noted this one as well. PGN] ------------------------------ Date: Wed, 8 Dec 1999 14:36:03 -0500 (EST) From: "Peter G. Neumann" Subject: Y2K-related viruses Y2K seems to be a spawning ground for security attacks. W95.Babylonia is a virus masked as a Y2K fix. It has the ability to update itself remotely, and spreads through autodownloads in Microsoft chat-room software or e-mail. Other viruses posing as Y2K upgrades have also been reported. [Source: Self-updating virus spreads on Internet, AP item, 8 Dec 1999; Courtesy of Sam Kasseman] ------------------------------ Date: Tue, 14 Dec 1999 13:07:36 +0100 From: Debora Weber-Wulff Subject: Power-out in Y2K test The Berlin newspaper "tageszeitung" from Dec. 11, 1999 reports on a Y2K test conducted at the federal Department of Justice. The workers had been asked to not use their computers from 14.00 on Friday. Good thing, since the tests managed to shut down the power in the building. No one wants to make an official statement on the subject, since the official German policy is that "Everything is going to be all right". http://www.taz.de/tpl/1999/12/11/a0131.fr/text?re=ba for those who read German "Millennium-Bug im Justizministerium" Prof. Dr. Debora Weber-Wulff, Technische Fachhochschule Berlin weberwu@tfh-berlin.de, http://www.tfh-berlin.de/~weberwu/ ------------------------------ Date: Wed, 8 Dec 1999 14:59:17 -0500 From: "Steven Huang" Subject: Risks of Y2K overreaction The human element of widely published risks like the Y2K problem has seen some coverage in RISKS, but seems to have been limited to predictions. The *Philippine Daily Inquirer* and Associated Press report that a 61-year old retired government engineer, fearing the Y2K bug, withdrew his life savings of PHP2.8 million (about US$69,000). Ten days later, four men slipped into his house and robbed him of his savings, plus some PHP300,000 (about US$7,400) worth of jewelry. This is a large amount of money in the Philippines, worth about a decent-sized new house outside the city. First of all, it appears that the banking industry's assurances were insufficient to calm this educated man's fears. Secondly, even if you don't trust the banks, it's probably sufficient to convert the savings to cash (or better yet, cashier's check or manager's check) and put it away in a safe deposit box at your bank. Was information about the Y2K bug spread so poorly that an educated grown man was so scared he ignored a much more conventional Risk? Steven Huang Hughes Network Systems, 11717 Exploration Lane, Germantown, MD 20876 MobileSat (240) 453-2357 ------------------------------ Date: Thu, 16 Dec 1999 14:12:40 +0000 (GMT) From: Lindsay.Marshall@newcastle.ac.uk Subject: Top 10 Risks search queries 10 hacking 9 ariane 8 virus 7 airbus 6 GPS 5 ATM 4 software failure 3 year 2000 2 Y2K 1 y2k Aren't we all so predictable! http://catless.ncl.ac.uk/Lindsay ------------------------------ Date: Sun, 12 Dec 1999 23:41:25 -0000 From: "Martyn Thomas" Subject: Go to jail - go directly to jail ... A recent Spam e-mail called "free world site" gave me a shock. In Outlook 98, simply selecting the message (to delete it) executed the HTML it contained, which used the OpenWindow function to connect to a remote Web site. The risk? In the UK, according to the BBC radio news, several people have recently been arrested "in co-ordinated raids across the country" for downloading child pornography from the Internet. They were apparently found by monitoring Net traffic, and part of the evidence against them is the record of web-sites visited "automatically stored on their computer's hard disk". Then again, there's all the other things you can do with HTML. Martyn Thomas, Holly Lawn, Prospect Place, Bath BA2 4QP UK 01225 335649 ------------------------------ Date: Mon, 13 Dec 1999 21:00:34 -0500 From: "Daniel P. B. Smith" Subject: According to Alta Vista, everything is for sale... I did an Alta Vista search on the phrase "priesthood of all believers" and was somewhat surprised when Alta Vista invited me to: "Comparison Shop! - Find products and compare prices for 'Priesthood of all believers'" I tried "members of Congress" and, sure enough... "Comparison Shop! - Find products and compare prices for members of Congress" A search on "Love," as expected, invited me to "Comparison Shop! - Find products and compare prices for love" but it also said: AltaVista knows the answers to these questions: Am I in love? "Daniel P. B. Smith" Lifetime address dpbsmith@mit.alum.edu ------------------------------ Date: Tue, 7 Dec 1999 16:55:43 -0500 From: "Prodin, Timothy (T.R.)" Subject: Quicken's no-undo interface design (Re: Welsh, RISKS-20.67) > It does not even have the "Undo" feature which, starting in word > processors and text editors, has come to be expected in all well-written > Windows applications. As it shouldn't. Consider that Quicken has designed their register to behave exactly like a real pen and ink ledger. When entries are made in an old-fashioned ledger; they are immediately committed, by the virtue of writing the the registry entry. If a mistake is made, you must void the transaction - you can't undo it. In this case, Quicken has done the right thing. A bank ledger is not a word processing document; and therefore it should not have the same interactions that word processors have. [We received a slew of messages on this topic, plus a few snide remarks on the oxymoronicism of "well-written Windows applications". PGN] ------------------------------ Date: Thu, 9 Dec 1999 00:55:25 +0000 (GMT) From: Lloyd Wood Subject: Risks of webbed e-mail and cookies A while back, I received a couple of free e-mail accounts on ZDNet Mail, which has previously been mentioned in RISKS [McGlothlen, R-19.74]. A while after that, ZDNet Mail become ZDNetOnebox, with a completely new database system and a new interface, requiring javascript enabled to do something as get help to find out why something as simple as deleting mail doesn't work (because you haven't got javascript on, of course - a risk in itself). I now have some US phone, fax and voicemail facility I'll never use either too. Both accounts were migrated to this new interface. A redirect from www.zdnetmail.com to www.zdnetonebox.com was implemented, but I'd never gotten around to updating my bookmarks. ZDNet Onebox uses session management with cookies. Imagine my surprise, after accessing one account, selecting the menu entry corresponding to www.zdnetmail.com from my browser's bookmarks menu, and logging in with name and password for the second account, on being presented with the contents of the mailbox of the _first_ account. Risks lie in assuming that only one person uses a browser session, that that person will be able to sign off to force the end of the session, and that session information is more important than any user-supplied information that overrides and cancels it. (If I update my bookmarks, I'll see the mailbox contents immediately, without the chance to login. some risks of assumption and complexity here.) The other associated risk with ZDNet Onebox is the constant stream of Jesse Berst e-mails that I'd swear blind I never signed up for. ... but hey, at least it's not Hotmail, right? PGP ------------------------------ Date: Wed, 8 Dec 1999 11:40:36 -0500 From: "EricWagoner" Subject: Windows98 censoring word processing apps A friend of mine recently bought a new Gateway computer for his family. He's a playwright and an English professor, and so does plenty of writing. The computer came pre-installed with Microsoft Word 97, which he was beginning to get comfortable with. He told me the other day that he was having a problem he needed help with -- he was writing a script that contained a character with a mild potty mouth, but every time he wrote the "S-word", it got instantly replaced with XXXX. What's worse, in another script, a period piece with archaic English, MS Word would replace those four letters with XXXX even if they were parts of two different words, such as "'Tis hit!". These four letters show up surprisingly often in English of a few hundred years ago, and this was driving him crazy. I thought it was a simple matter of setting the auto-correct feature in MS Word, that maybe cuss words were now censored by default. I told him how to disable the feature, or at least how to remove those letter combinations from the lists. He told me a few days later that it didn't help, that even with auto-correct completely shut off he was still plagued with XXXXs in his scripts. I told him I'd gladly come over and take a look. When I did, I found he was correct, that I had told him wrong. I scoured Word for some kind of "child protection" feature, but could find nothing anywhere. Out of curiosity more than anything, I opened WordPad and tried to type the word, and it was instantly replaced with XXXX. I opened NotePad, and again XXXX. I realized then that it was a global Windows 98 setting and had nothing at all to do with Word. In the control panel, I looked in Users, Accessibility Options, and anywhere else I could think to look for child protection features, and came up blank. Finally, I noticed that in the Start menu was the item "Log Off DEFAULT". It struck me that in all the many times he and his family had booted up the computer since he bought it, no one had logged into Windows under their own name, that everyone was using the DEFAULT user. I restarted Windows and logged in as "eric". All of the XXXXing was gone, and I was free to type what I wished. I logged on again as DEFAULT, and censoring began anew. I gave him the solution, and he was happy. I've now scoured the web for some mention of this "feature" but have found nothing. I tried logging on as DEFAULT on my own computer, and when Windows started I got an error (advpack not started -- missing dll -- something like that), so it seems that this may be something built in by Microsoft for some reason. The only thing I can guess is maybe it's for store floor models so some kid can't go leaving dirty graffiti on the screens. Of course, Gateway sells direct by mail-order, so that's not an issue here. Anyone ever heard of this before? Certainly, real professional work was being prevented by this seemingly undocumented feature. Interestingly, very few words were censored in this way. I could be plenty raunchy with nary an interference, but say the "S-word" or what CAP calls the "most foul of foul" words, and I was silenced. Eric Wagoner http://www.partnersoft.com Partner Software; Kestrel's Nest Weblog http://www.athens.net/~ewagoner [And all that XXXXing is likely to get THIS issue censored! PGN] ------------------------------ Date: Thu, 9 Dec 1999 13:00:39 +0100 From: boyd.roberts@ca-indosuez.com Subject: Re: Crack in GSM cell-phone encryption scheme an Omnipoint executive says, "What they're describing is an academic exercise that would never work in the real world. What's more, it doesn't take into account the fact that GSM. calls shift frequency continually, so even if they broke into a call, a second later it would shift to another frequency, and they'd lose it." Yes, there is frequency hopping, but it is slow -- and that it is not significant with respect to the modulation (i.e., the 600us bursts every 1.2ms). The 'executive' admits just that; 1 second is insignificant when compared to the 600us bursts. The frequency hopping may not be turned on. The hopping sequence can be learned over the radio link from the BTS. I forget if this is in the clear or encrypted with A5 during an exchange with the BTS. I don't think it really matters whether it's in the clear on the BCCH or encrypted with A5; once A5 is cracked all bets are off, provided you can do it in real time. It appears they can. I've had this discussion before with people that you can't build a GSM scanner. Each time I've picked up my mobile and said 'What's this? It's a GSM scanner'. It has a few clues about where to look, but now it would appear that everybody can get them. Boyd Roberts boyd.roberts@ca-indosuez.com ------------------------------ Date: 11 Dec 1999 23:13:44 -0500 From: bsa3@cornell.edu (Brad Ackerman) Subject: Re: DVD encryption (Graifer, RISKS-20.67) > ... They have failed at this by opting for security by obscurity and not > employing the publicly reviewed techniques. This isn't quite the issue. No matter what protocols or algorithms are used, fully working copy protection (barring armed guards stationed at the playback device) is impossible. Every DVD player must be able to decrypt and play the DVD with no additional information, which means that no matter how strong the actual encryption is, the key must always be available to anyone who cares to look. Unless the decryption is implemented in tamper-proof hardware, the resources required for key extraction are well within the range of "casual pirate[s]." Of course, since such hardware is not known to exist, and would be far too expensive for consumer devices if it did, the studios will just have to live with easily copyable media, as the software industry has been doing for some time. Brad Ackerman N1MNB bsa3@cornell.edu ------------------------------ Date: Thu, 9 Dec 1999 07:54:51 -0600 From: durwin@exxon.com Subject: Re: Why computers are insecure (Schneier, RISKS-20.67) Much worse, it applies to physical sciences as well. I first ran across this idea many years ago reading Karl Popper, The Logic of Scientific Discovery. His basic premises are: - Physical "laws" are actually hypotheses stated in a manner that allows independent testing of specific physical (observable) phenomena. - No matter how often a hypothesis is tested, it can never be proven. It only takes one contrary observation to invalidate a hypothesis that had previously been accepted. A useful anecdote relates to the amount of "proof" provided for Newtonian physics over many years -- until Einstein said, "wait a minute, this doesn't work and I have a different hypothesis". In order to conduct our daily lives, we have to accept many hypotheses that have been corroborated, but not proven -- as Newtonian physics, they are good enough for our normal use. As our knowledge and understanding grows, some "laws" may fall to new understanding (read: hacks) while others survive to fall another day. The set of hypotheses we choose to accept as "laws" is determined by the level of risk we are willing to assume, in the world and in security. DURWIN SHARP, Exxon Mobil Corporation, P. O. Box 4276, Houston, TX 77210-4276 USA 1-713.656.6969 durwin@exxon.com ------------------------------ Date: Fri, 10 Dec 1999 00:35:57 GMT From: rubin@research.att.com (Avi Rubin) Subject: *Absent* source code now available We are pleased to announce the public release of the Absent, secure remote access system. A description, the paper, and the code are available at http://www.research.att.com/projects/absent Absent is a system for secure remote access to the internal web from outside. It addresses the problem of secure remote access to a site's internal web server from outside the firewall. The goal is to give authorized users access to sensitive information, while protecting the information from others. We implemented our solution using a one-time password scheme for client authentication and SSL for confidentiality. Our main design considerations were security, performance, ease of use, availability, and scale. We were further constrained by the desire to leave our firewall and local infrastructure unchanged. Christian Gilmore, Dave Kormann, Avi Rubin AT&T Labs - Research ------------------------------ Date: Tue, 14 Dec 1999 14:55:26 -0500 From: "Ed Borodkin" Subject: CFP, 23rd National Information Systems Security Conference CALL FOR PAPERS, PANELS, TUTORIALS, AND WORKSHOPS Co-sponsored by the National Computer Security Center and National Institute of Standards and Technology Week of 16-20 Oct 2000, Baltimore Convention Center, Baltimore, MD The National Information Systems Security Conference welcomes papers, panels, tutorials, and workshops on all topics related to information systems security. Our audience represents a broad range of information security interests spanning government, industry, commercial, and academic communities. See http://csrc.nist.gov/nissc/call.htm for instructions on sending your submissions. Ed Borodkin, Program Director, NISS Conference http://csrc.nist.gov/nissc/ ------------------------------ Date: 13 Dec 1999 (LAST-MODIFIED) From: RISKS-request@csl.sri.com Subject: Abridged info on RISKS (comp.risks) The RISKS Forum is a MODERATED digest. Its Usenet equivalent is comp.risks. => SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) if possible and convenient for you. Alternatively, via majordomo, SEND DIRECT E-MAIL REQUESTS to with one-line, SUBSCRIBE (or UNSUBSCRIBE) [with net address if different from FROM:] or INFO [for unabridged version of RISKS information] .MIL users should contact (Dennis Rears). .UK users should contact . => The INFO file (submissions, default disclaimers, archive sites, copyright policy, PRIVACY digests, etc.) is also obtainable from http://www.CSL.sri.com/risksinfo.html ftp://www.CSL.sri.com/pub/risks.info The full info file will appear now and then in future issues. *** All contributors are assumed to have read the full info file for guidelines. *** => SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line. => ARCHIVES are available: ftp://ftp.sri.com/risks or ftp ftp.sri.comlogin anonymous[YourNetAddress]cd risks [volume-summary issues are in risks-*.00] [back volumes have their own subdirectories, e.g., "cd 19" for volume 19] or http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue]. Also, new AUSTRALIAN archive http://mirror.aarnet.edu.au/risks/ PostScript copy of PGN's comprehensive historical summary of one liners: illustrative.PS at ftp.sri.com/risks . ------------------------------ End of RISKS-FORUM Digest 20.69 ************************