RISKS-LIST: RISKS-FORUM Digest Sunday 24 April 1988 Volume 6 : Issue 67 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Prestel case concluded (Peter Dickman, M. Douglas McIlroy) Mysterious British Death Toll at 10 -- another computer engineer dead (PGN) SDI feasibility and the OTA report (PGN) Trustworthiness of time-stamps (PGN) KAL 007 once again Military Aircraft Crashes in Germany (Michael Wagner) BIX Ad (Risks of US Mail) (Fred Baube) "Momentum" of engineering projects (Charles H. Buchholtz) Viruses at Customs (Robert Slade) Viruses -- SCIENCE and Computers&Society (Howard Israel) RISK! in Datamation (Jim Horning) Re: Engine explosions due to overspeed, crew stupidity [Unverified] (Joseph Nathan Hall) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, nonrepetitious. Diversity is welcome. Contributions to RISKS@CSL.SRI.COM, Requests to RISKS-Request@CSL.SRI.COM. For Vol i issue j, ftp kl.sri.com, get stripe:risks-i.j ... . Volume summaries in (i, max j) = (1,46),(2,57),(3,92),(4,97),(5,85). ---------------------------------------------------------------------- Date: 24 Apr 88 01:08:39 +0100 (Sunday) From: Peter Dickman Subject: Prestel case concluded Organisation: University of Cambridge Computer Laboratory Overseas readers of the article below should note that: The House of Lords is the final court of appeal as well as (the unelected) half of the legislature in the UK. Five 'Law Lords' (usually ex-judges and the like) will sit in judgement on cases that get that far. Legal precedents can be set in the courts when it comes to interpreting the law, hence Lord Lane's comments in what follows: the judges can decide if the existing Forgery Acts apply to passwords etc but cannot spontaneously make up a new law to cover the problem in question. Prestel is a dial-up electronic mailing system. The Duke of Edinburgh is Prince Philip (the spouse of the Queen) - this case therefore gained some notoriety, at the time, in the tabloid press because of its 'Royal connection'. [And the mailbox was not really his private mailbox, but rather a demonstration mailbox for him, according to private communication to PGN from someone at Prestel.] = = = = = = = = = = = = = = = = = = = = = = Reprinted without permission from 'The Guardian', London 22 April 1988: COMPUTER HACKERS WIN TEST CASE The House of Lords yesterday ruled that the two computer "hackers" who broke into British Telecom's Prestel computer information service were not guilty of forgery. In what was regarded as a test case, five Law Lords unanimously upheld a Court of Appeal ruling that accountant Stephen Gold and computer magazine editor Robert Schifreen had gained access to the data bank by a "trick" which was not a criminal offence. Mr Gold, of Watt Lane, Sheffield, and Mr Schifreen, of Edgeware Gardens, Edgeware, North-West London, had used micro-computers to gain entry to Prestel computers in 1984. They made unauthorised alterations to data and charged account-holders without their knowledge. Mr Schifreen was said to have got into the Duke of Edinburgh's Prestel messages file and left messages. "They were not terribly interesting," he said. They were mostly about the birth of Prince William. Lord Brandon of Oakbrook said: "Their object in carrying on these activities was not so much to gain any profit for themselves as to demonstrate their skill as hackers. It never occurred to them that they might be committing any offence under the Forgery and Counterfeiting Act, 1981." In the Appeal Court, Lord Lane, the Lord Chief Justice, had said: "Their conduct amounted in essence to dishonestly gaining access to the relevant Prestel data bank by a trick. That is not a criminal offence. If it is thought desirable to make it so that is a matter for the legislature rather than the courts." Lord Brandon said that he shared Lord Lane's view that the prosecution was an attempt to "force the facts of the case into the language of an act not designed to fit them." The men had been convicted of nine offences at Southwark crown court in 1986. Last year they successfully overturned that ruling. Lords Keith of Kinkel, Templeman, Oliver and Goff agreed in dismissing the prosecution's appeal against the Court of Appeal's ruling. Afterwards Mr Schifreen said: "I knew from the start that the Forgery Act is not designed to apply to unauthorised access to computers." ------------------------------ Date: Sun, 24 Apr 88 08:40:18 EDT From: doug%alice@research.att.com Subject: Prestel case concluded [Doug McIlroy happened to be in London that day. Here are some excerpts from his message. PGN] London Times, Page 1, April 22: The courts held that the prosecution had to prove that the hackers had made a "false instrument" which they intended to pass off as genuine. But this thesis was absurd because one and the same machine served as both instrument and dupe. [Turing hoist on his own petard.] The facts of the case did not fit the language of the act. The two hackers had wanted to prove their skill, rather than to gain any benefit. The Times also observed that hacking for gain or to inflict damage can be construed as an offense, such as fraud or malicious damage, and that a commission is studying whether a bill is needed to stop hacking for amusement. ------------------------------ Date: Sun 24 Apr 88 15:41:02-PDT From: Peter G. Neumann Subject: Mysterious British Death Toll at 10 -- another computer engineer dead The total is now 10 of British scientist involved in defense work who have died under mysterious circumstances in the past two years. Russell Smith, 23, assistant scientific officer at ultrasecret UK Atomic Research Energy Plant in Harwell, was ruled to have killed himself on 2 February 1988 by jumping from a cliff. Trevor Knight, 52, was found dead in his car in March 1988. He worked for the Marconi defense firm, as did several of the previous dead scientists. Most of the 10 mysterious deaths resembled suicides, but only three cases were actually ruled so by inquests. [Source: San Francisco Chronicle, 22 April 1988, p. A30. Previous cases were noted in earlier RISKS.] ------------------------------ Date: Sun 24 Apr 88 15:28:43-PDT From: Peter G. Neumann Subject: SDI feasibility and the OTA report Today's Washington Post and AP wires have some more info on the unpublished congressional report that the system would likely "suffer a catastrophic failure" the first time (and only) time it was used. The OTA report cautioned that the sheer complexity suggested that "there would always be unresolvable questions about how dependable ... (the computer) software was." ... "extrapolating from past experience ... it appears to OTA that the complexity of (ballistic missile defense), the uncertainty ... of the requirements it must meet, and the novelty of the technology it must control would impose a significant probability of software-induced catastrophic failure in the system's first real battle." (The Post, quoting the report) ------------------------------ Date: Sun 24 Apr 88 17:02:24-PDT From: Peter G. Neumann Subject: Trustworthiness of time-stamps In a classical asynchronous-attack scam (somewhat similar to the time-of-check- to-time-of-use [TOCTTOU] perpetrations), fourteen postal employees and three associates in NY City were accused of using insider knowledge to postmark their envelopes on time in the 1987 Super Bowl "Pick the Score" contest, and then stuff in the actual final score: NY Giants 39, Denver 20. Only 167 entries had the exact score, and at least 107 of those came from insiders. Selected randomly from those entries, there were 14 contest winners -- 8 of whom apparently won through fraudulent means, collecting $85,000 out of the $100,000 awarded. The tip-off came when the $50,000 grand prize winner had a fight with her postal employee boyfriend, and reported the scam. [Source: New York Times, 20 April 1988, p.1] The implications on the opportunities to fake on-line computer time-stamps are self-evident. ------------------------------ Date: Fri 22 Apr 88 10:52:27-PDT From: Peter G. Neumann Subject: KAL 007 once again The 9 April 1988 issue of the Washington Post carried a news item on the shoot-down of KAL Flight 007. A KAL pilot said that the pilot of the downed plane may have been the indirect victim of his autopilot computer. He asserted that KAL pilots had previously been reprimanded for having to return to their take-off point to correct an autopilot error. This involved an expensive fuel dumping in each case. The autopoilot is designed so that if one of its three computers disagrees, or the crew enters the trip coordinates (start and ending) incorrectly, the aircraft must return to its starting point (!!) so that the data can be re-entered. It has been suspected that the pilot of KAL 007 entered incorrect course data, but did not take action to correct the error, so as to avoid punishment. [For those of you new to this problem, the most plausible theory thus far seems to be that the copilot had inadvertently left the autopilot set on HDG 246 instead of switching to INERTIAL when passing over the outbound checkpoint, at which point they should have changed course.] ------------------------------ Date: Fri, 22 Apr 88 14:30 From: Michael Wagner +49 228 8199645 Subject: Military Aircraft Crashes in Germany I haven't seen this reported in RISKS, so I thought I'd pass it along. In the last 3 weeks, 3 military aircraft have crashed in Germany. All were practicing low-flying maneuvers at the time. Two were F-16s; one was a Mirage. The press says that, in each case, a much worse disaster was only narrowly avoided (I can't judge how accurate this is). The crashes occured just down the flight path from: a nuclear generating station, a munitions dump, and an inhabited village. It seems that many air forces use the Eiffel and Hunsruck areas (not far from me, actually, as the jet flies!) as practice areas for low-flying missions (presumably because it's so challenging). The German government is reported to be considering disallowing or restricting such flights in future. In all, 35 military aircraft have fallen out of the skies here since 1960. I have no idea how this compares with other countries. Michael ------------------------------ Date: Fri, 22 Apr 88 14:07:11 -0500 From: Fred Baube Subject: BIX Ad (Risks of US Mail) I just got an offer in the mail to try BIX. The mailing includes a BIX login name, in the same impression as my name and address, so I presume the login name is associated with me. They say that should I cancel, I'll be billed only for access time. What's to stop someone from fishing the card out of the trash ? if I use the offer, can I claim that as an excuse not to pay ? These are familiar issues I'd think, it's just that the delivery system they use is prone to abuse. I do not believe that I am under any obligation to shred, burn, or otherwise render unreadable unsolicited mail. ------------------------------ Date: Fri, 22 Apr 88 18:33:53 edt From: chip@eniac.seas.upenn.edu (Charles H. Buchholtz) Subject: "Momentum" of engineering projects Rob Horn brought up an interesting issue when he spoke of the momentum that a project gathers, which prevents it from changing direction when objections are raised. I have an understanding with my supervisors which, among other things, serves as a governor on a projects momentum. When I first begin working, I (metaphorically) give my supervisor a number of tokens, "good for one emergency each". My supervisor also receives tokens at a given rate per year. One token is "spent" each time I am asked to do something outside usual practice. "It's an emergency! Can you come in on the weekend and finish it?" - one token. "I know it's not clean, and not documented, but we need a fast and dirty fix!" - one token. The theory is that occasional emergencies are unavoidable, but constant emergencies are poor planning; the tokens provide a method of determining which is the case. On a few occasions my supervisor has decided, "it's not such an emergency, after all", to save the token for a *real* emergency. The number of tokens provided, and the definition of an "emergency", can vary according to the company and individuals involved. I have noticed that this system motivates supervisors not to make commitments that can't be met without "cutting corners". ---Chip ------------------------------ Date: Wed, 20 Apr 88 07:43:16 PDT From: Robert_Slade@mtsg.ubc.ca Subject: Viruses at Customs I am still working on the virus file (cf volume 6 number 45). It is now longer than 360K and so will be archived and shipped with a copy of PKXARC (if you use it etc.) However, the means of distribution to the States is through my wife, who runs a theological college in Vancouver. American mail is stamped with US postage and taken to border towns in Washington where some of the American students live and work. Often there are challenged at the border as to what they are carrying. What with all the concerns over technology transfer and so forth, I can just see the conversation between the hapless student (my wife told him he was carrying a file of virus material) and the customs agent ("...you're trying to bring *what* into the country?") If some of you don't get your disks back, contact customs and immigration. (Come to think of it, we haven't seen Russ since he took that last set of disks down last week...) ------------------------------ Date: Mon, 18 Apr 88 18:11 EDT From: Howard Israel Subject: Viruses There is an article in "SCIENCE", Vol 240, 8 April 1988, pg 133-4 (News & Commentary Section) by Eliot Marshall about viruses: "The Scourge of Computer Viruses". This article among other things, says that "Computers & Security" April issue is devoted to the subject of viruses. AT&T Bell Laboratories, Whippany, NJ ------------------------------ Date: 19 Apr 1988 1457-PDT (Tuesday) From: horning@src.dec.com (Jim Horning) Subject: RISK! [DATAMATION -- more] The cover of the April 15, 1988 DATAMATION features the teaser "RISK! A new, potentially dangerous element has been introduced into global markets and businesses. The very same information systems that have enabled both to flourish in the 1980s could cause them to perish in the '90s. In a world of highly distributed pc power, complex networks, and database systems, risk has become the third factor in the IS equation." The cover story itself ends with "If you think today's vulnerabilities are going to be tough to cope with, wait until tomorrow." [...] Jim H. ------------------------------ Date: Sun, 24 Apr 88 20:54:07 EDT From: jnh@ece-csc.ncsu.edu (Joseph Nathan Hall) Subject: Re: Engine explosions due to overspeed, crew stupidity [Unverified] I don't have the particulars of the following event, although I could probably come up with them if necessary ... I remember hearing a story about a cockpit wager where one member of the crew asserted that the autopilot got its engine speed (or something similar) info directly from the speed sensor, while another member of the crew disagreed and said that the autopilot got its info from the RPM gauge circuit. They decided to test this out in flight (this was a commercial airliner) by shutting off one of the RPM gauges at the breaker ... Sure enough, the autopilot got the message that the engine had slowed down dramatically (to 0 RPM) and so it increased fuel flow. Shortly the engine oversped and stalled, blew up, and sent a blade through the cabin. The story goes that everything went fine until a woman began screaming hysterically, saying that the man who had been sitting next to her in the window seat had just *vanished*, seatbelt and all, through the 1-1/2 foot hole in the cabin wall ... The details probably aren't correct -- it's been a while since I heard this -- but the spirit of the thing is. -joseph hall ------------------------------ End of RISKS-FORUM Digest ************************