RISKS-LIST: RISKS-FORUM Digest Wednesday 28 June 1989 Volume 8 : Issue 85 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Air Force satellite positioning system cracked (Dave Curry) Loose wire caused Clapham train crash (Jon Jacky) London firms reportedly offer amnesty to ``hacker thieves'' (Ken Berkun via Jon Jacky) Re: Microcomputers in the operating theater (Jon Jacky, Diomidis Spinellis) Don't celebrate big tax refund too quickly (David Sherman) Reading meters and gauges by robot in nuclear power plants (Robert Cooper) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome. * RISKS MOVES SOON TO csl.sri.com. FTPable ARCHIVES WILL REMAIN ON KL.sri.com. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line (otherwise they may be ignored). REQUESTS to RISKS-Request@CSL.SRI.COM. FOR VOL i ISSUE j / ftp KL.sri.com / login anonymous (ANY NONNULL PASSWORD) / get stripe:risks-i.j ... (OR TRY cd stripe: / get risks-i.j ... Volume summaries in (i.j)=(1.46),(2.57),(3.92),(4.97),(5.85),(6.95),(7.99). ---------------------------------------------------------------------- Date: Wed, 21 Jun 89 22:43:43 -0700 From: davy@riacs.edu Subject: Air Force satellite positioning system cracked Taken from the San Jose Mercury News, 6/21/89 (from the Kansas City Star): Teen hacker hits satellite guide system A 14-year-old Prarie Village, Kan., boy, using a small home computer, cracked an Air Force satellite-positioning system and browsed the confidential files of at least 200 companies, officials say. The teen-ager, a computer hacker since the age of 8, apparently did not dam- age the computer systems he easily entered during the past six months. He hoped to use his know-how to persuade the companies to hire him as a computer security consultant, police said. At least two military investigators and representatives of several companies, including Hewlett-Packard Co. of Palo Alto, showed up at a meeting this month in Johnson County to try to find out how he did it. Dialing unauthorized long-distance access codes, authorities say, the teen- ager linked his Apple computer with systems throughout the country. He spec- ialized in cracking the H-P 3000, a Hewlett-Packard minicomputer widely used by businesses and the federal government. At one point, authorities say, he gained access to an unclassified Air Force computer system. [Other than in the first paragraph, there's no more mention of what, if anything, the kid did to the satellite positioning system. The comment that he was hoping to be hired seems intriguing to me; I wonder if there's now a wave of "interview by cracking" starting up? --Dave] ------------------------------ Date: 23 Jun 1989 11:59:16 EST From: JON.JACKY@GAFFER.RAD.WASHINGTON.EDU Subject: Loose wire caused Clapham train crash Here are excerpts from IEEE INSTITUTE, May 1989, p. 4: ``British train accidents signal systemic problems'' by Fred Guterl and Erin E. Murphy ... Sloppy installation caused (a) recent fatal train accident..., according to Britrail, the state-run railway system ... On Dec. 12 at the busy Clapham junction in south London, ... one commuter train plowed into the back of another, killing 35 and injuring almost 100. ... In that accident, according to British Rail, the evidence found so far points to an installation error made a few years ago, when British Rail replaced the older electromagnetic switches in its signalling system at Clapham. ... during this process an equipment room wire from an old switch was not properly removed and came into contact with the new electromagnetic signaling system. The signaling system regulates the movement of a train from one section of track to another. ... The presence of current indicates both that the next section of track is unoccupied and what the next signal's setting is. ... At Clapham, the loose wire directly operated the signal, overriding the checks in the system and causing the signal to turn green. The signaling system was thought to be fail-safe because a short circuit would simply cause a red light. ... The worker who has taken responsibility for leaving the wire loose testified in the inquiry that on that day he had worked more than 12 hours with only a 5-minute break ... - Jon Jacky, University of Washington ------------------------------ Date: 23 Jun 1989 12:09:06 EST From: JON.JACKY@GAFFER.RAD.WASHINGTON.EDU [Originally from Ken Berkum} Subject: London firms reportedly offer amnesty to ``hacker thieves'' [This comes to me from a friend who lives in Hong Kong. - Jon Jacky] From: kenberkun%hgovc.DEC@decwrl.dec.com (Ken Berkun) Reported in the June 12, 1989 South China Morning Post, apparently reprinted from the London Times, retyped by me, without permission. Headline: "Worried firms pay hush money to 'hacker' thieves" By Richard Caseby Firms in the City of London are buying the silence of hackers who break into their computers and steal millions of pounds. At least six London firms have signed agreements with criminals, offering them amnesties if they return part of the money. The firms fear that if they prosecute they will lose business when customers learn that their computer security is flawed. In several of the case the losses exceeded 1 million pounds but only a tenth of the total was returned. The Computer Industry Research Unit (CIRU) which uncovered the deals and which is advising the Department of Trade and Industry in data security, believes the practice of offering amnesties is widespread. "Companies who feel vulnerable are running scared by agreeing to these immoral deals. Their selfishness is storing up serious problems for everyone else," said Peter Nancarrow, a senior consultant. Police have warned that deals struck with criminals could possibly lead to an employer being prosecuted for perverting the course of justice. Detective Inspector John Austin, of Scotland Yard's computer fraud squad, said: "Employers could find themselves in very deep water by such strenuous efforts to protect the credibility of their image." Legal experts say the firms are mking use of section five of the Criminal Law Act 1967 which allows them to keep silent on crimes and privately agree on compensation. However, an employer becomes a witness to the offence by taking evidence from a criminal when the deal is drawn up. Hackers steal by electronically transferring funds or by programming a computer to round off all transactions by a tiny amount and diverting the money to a separate account. In one case, an assistant programmer at a merchant bank diverted 8 million pounds to a Swiss bank account and then gave back 7 million in return for a non-disclosure agreement portecting him against prosecution. Such thefts have spread alarm throughout the City, with consultants offering to penetrate the computer networks of banks and finance houses to pinpoint loopholes before a hacker does. The biggest contracts cost up to 50,000 pounds and can involve a four month investigation in which every weakness is explored. Detectives have found that computer security at many City institutions is riddled with loopholes. A City of London police operation, codenamed Comcheck, revealed wide spread weaknesses. Firms were asked to track the number of unauthorized logons over Easter bank holiday. Some companies unable to tell whether hackers had penetrated their network, while others lacked any security defences. In addition to theft, companies are vulnerable to blackmail. Hackers can threaton to sabotage computers by inserting "viruses" and "logic bombs" - rogue programs which can paralyse a system. This type of threat has prompted the offer of a new insurance policy underwritten by Lloyd's which specifically covers viruses and other computer catastrophes. ------------------------------ Date: 23 Jun 1989 13:01:44 EST From: JON.JACKY@GAFFER.RAD.WASHINGTON.EDU Subject: Re: Microcomputers in the operating theater There are computer-controlled drug infusion devices on the market; they are definitely not hobbyist items. IVAC Corporation of San Diego has made several presentations at technical meetings recently about a new product of theirs called the Titrator (registered trademark) Sodium Nitroprusside Closed Loop Module, which began development in 1981 and was finally approved by the FDA in December, 1987. The FDA began regulating medical device software in 1987. IVAC believes its device was the first to be reviewed by the FDA under the new regulations. Two papers about their experience appear in PROCEEDINGS ON THE ENGINEERING OF COMPUTER-BASED MEDICAL SYSTEMS, June 8-10, 1988, Minneapolis, Minnesota, published by the IEEE Computer Society: ``The travail involved in getting FDA approval --- an overview of what it took to get FDA approval of a medical device with computer technology (a recent experience)'' by Albert Paul, pps. 28--29, and ``Failsafe design of closed loop systems'' by Alvis J. Somerville, pps. 23--27. - Jonathan Jacky, University of Washington ------------------------------ Date: Thu, 22 Jun 89 10:37:41 +0200 From: Diomidis Spinellis Subject: Re: Microcomputers in the operating theatre Keith Emanuel, brings up the question of responsibility in the case of a microcomputer malfunction. I remember that National Semiconductor data sheets used to have a warning to the effect that the component described should not be used on any life critical application without prior written permission from the company. They defined a life critical application as one whose malfunction or failure to operate could cause human deaths or injury. I have not seen such a warning in data sheets of other manufacturers, so it is probable that this problem has a precise legal answer. Diomidis Spinellis, European Computer Industry Research Centre (ECRC). ------------------------------ Date: Tue, 27 Jun 89 14:48:07 EDT From: dave@lsuc.on.ca (David Sherman) Subject: Don't celebrate big tax refund too quickly Toronto Star, June 27, 1989, page B3: About 6,000 people across Canada have received extra-large refunds after filing their 1988 income tax returns, and must return the excess. Clyde King, spokesman for Revenue Canada's Toronto office, said yesterday the people affected pay quarterly tax instalments. These taxpayers, the self-employed and some retired people, must pay the instalments because they're not subject to withholding at source on the bulk of their income. King said that in some cases Revenue Canada's computer in Ottawa added the first-quarter 1989 tax instalment to the 1988 refund due, resulting in the excessive refund. Though about 70,000 people were affected, the error was caught in all but about 6,000 cases before the cheques were sent. In many cases, taxpayers have contacted Revenue Canada and sent back the excess. Eventually the others will be sent letters of explanation and asked for the return of the money." [Comment 1: I like the "Revenue Canada's computer added" part. People don't create bugs, computers create bugs.] [Comment 2: one hopes that as well as fixing the bug, they have correctly fixed the accounts of people whose 1989 instalments may not have been credited properly as of the date due...] David Sherman, Tax Lawyer, Toronto ------------------------------ Date: 28 Jun 89 21:16:31 GMT From: rcbc@honir.cs.cornell.edu (Robert Cooper) Subject: Reading meters and gauges by robot in nuclear power plants. The June issue of IEEE Computer Magazine contains an article on a robot vision system which reads analogue and digital meters, lights, and determines valve, slider and switch positions: "A Vision System for Robotic Inspection and Manipulation" M. Trivedi, C. Chen, and S. Marapane Computer Magazine, June 1989, p. 91.