Subject: RISKS DIGEST 9.90 REPLY-TO: risks@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Thursday 10 May 1990 Volume 9 : Issue 90 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: The Mayor and the EMail (John Markoff) Democratic bug in AppleLink! (Hector Rojas) `Hacker' alters phone services (David G. Novick) Re: A funny thing happened at the lottery office (Mike Beede, Emmett Hogan) Risk of Unauthorized Access to TRW Credit Database (Larry Lippman) Unusual traffic light behaviour (Andy Coombes) High School Boy's Story was a Fake (Yoshio Oyanagi) More about Sharp's Viri in Japan (Yoshio Oyanagi) ARMY wants computer viruses for battlefield use (Gary McClelland) A-320 avionics malfunctions (Vic Riley) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line (otherwise they may be ignored). REQUESTS to RISKS-Request@CSL.SRI.COM. TO FTP VOL i ISSUE j: ftp CRVAX.sri.comlogin anonymousAnyNonNullPW cd sys$user2:[risks]get risks-i.j . Vol summaries now in risks-i.00 (j=0) ---------------------------------------------------------------------- Date: Mon, 7 May 90 18:34:43 -0500 From: markoff@nisc.nyser.net (John Markoff) Subject: The Mayor and the EMail From The New York Times, May 4, 1990, Friday, Late Edition - Final Section A; Page 12, Column 3. In Colorado, a Furor Over Computer Mail (By JOHN MARKOFF) For more than a year, the Mayor of Colorado Springs read the electronic messages about city business that members of the City Council sent to one another from computers at their homes. The disclosure of the Mayor's mail perusal has not only touched off a bitter political dispute in the city but has also put a spotlight on problems in reconciling advances in computer technology with laws on open meetings, public records and personal privacy. The Mayor, Robert Isaac, has defended his actions, saying he monitored the council members' messages because he was concerned that they were using the system to hold illegal caucuses. Under Colorado law, City Council business, with a few exceptions, must be conducted at public forums. 'Public vs. Private Conflict' ''It's a good example of public versus private conflict in the face of new technology,'' said Carol Gould, a professor at the Stevens Institute of Technology, who has studied the ethical implications of computer networks. ''It's a problem that computer technology exacerbates, and it points to the importance of designing systems that distinguish between private communications and open public discussions.'' More broadly, the case has raised concern that actions like those of Mayor Isaac could undermine public trust in computerized technology designed to promote efficiency in civic affairs and to allow more residents to participate in their local government. ''It's serious,'' said Marc Rotenberg, national director of the Computer Professionals for Social Responsibility, an advocacy group. ''Because users of electronic mail systems should have a fundamental expectation of confidentiality, when that expectation is breached, the value of the network is undermined and a chilling effect on future use is likely to result.'' Some City Council members said that even if the Mayor's actions were legal, they undermined the political system. ''I did not know the Mayor was reviewing our mail,'' said Mary Lou Makepeace, a Council member. ''At the very least, it's bad manners.'' But at least two of the nine members said they had been aware that the Mayor had access to computer printouts of messages stored in the system. Only six members of the Council were using the computer system. $22,000 Computer System At the heart of the dispute is a computer system the Council purchased in November 1988. The $22,000 system included portable computers for Council members to permit them to send and receive electronic messages while they were away from the city offices. The base computer in the city offices also enabled officials to post public notices that city residents could see by calling the system. The Mayor's ability to monitor the messages was curtailed in February after several members of the Council became curious about his knowledge of issues that had been discussed on the computer. After they raised the issue, City Manager Roy Pederson decided the messages were as private as telephone calls and should therefore be read only by those to whom they were addressed. He ordered that a city secretary stop making copies of the messages from the base computer at the city offices. The Mayor confirmed that he had been reading the messages by complaining to the Council later that his access to them had been cut off. Mayor Isaac, who will become president of the United States Conference of Mayors in June, said he thought the Council members understood that all the messages sent on the computers could be read by anyone with access to the system. He Seeks Public Access Mayor Isaac told the Council that he had received copies so he would know what everyone on the Council was talking about. He said he believed that each Council member should see copies of the materials and that they should be open to the news media as well to make sure the Council was complying with the state law on conducting business in public. The Mayor also said he believed that the information on the computer, including the Council members' messages, should be accessible to the public. ''It's still an issue at this point,'' said Wayne Fisher, a Council member who says he is considering filing a complaint with the Federal Bureau of Investigation under the 1986 Federal Electronic Communications Privacy Act. ''Several times on the system I sent messages to other Council members that said, 'Boy, am I glad the Mayor can't read this.' '' The law requires operators of public electronic communications systems to protect the privacy of messages on their system. The law distinguishes betweeen public systems and those that are for private use. But the law also places some restrictions on privately maintained systems. Violations carry a maximum penalty of five years in prison. Until recently Mr. Isaac, a three-term Republican, was considering running as a Republican candidate for governor, but he decided not to enter the primary. He said his decision to withdraw was not related to the electronic mail controversy. Mayor Opposed the System But Mayor Isaac said he believed the issue was being used for attacks by Democratic politicians. ''I personally don't think we ought to be paying tax money for private telecommunications,'' said Mr. Isaac, who had opposed purchasing the computer system. The City Attorney, James Colvin, who is now reviewing the city's policy regarding the use of the electronic mail system, said he did not believe that the Mayor's actions had violated the communications privacy law. But legal experts said it was possible the law had been violated. ''I think that he could be in some trouble,'' said John Podesta, a consultant in the District of Columbia, who formerly served as legal counsel to Senator Patrick J. Leahy, Democrat of Vermont, the principal sponsor of the communications law. Mr. Podesta said he was concerned that the Colorado Springs controversy would cause other cities to think twice about relying on similar computer systems. ''People are going to worry that if they plug into these systems it will be like bringing Big Brother into their households,'' he said. ------------------------------ Date: 08 May 90 19:17 GMT From: LAICHI.SPT@AppleLink.Apple.COM (Axis, Hector Rojas, Chile,ICC) Subject: Democratic bug in AppleLink! There is a peculiar bug in the AppleLink application which, taking into account the country in which I currently live (Chile) made me sit up and grin. (The AppleLink application is a nice front end for Apple Computer's worldwide electronic mail and bulletin board system.) This is the bug: 1 Write a new memo and save it using the name "General". 2 Quit to the Finder or switch to it if you're using MultiFinder. 3 Now try to find the file "General". It's not there! This problem occurs in both AppleLink version 4 and version 5. I don't have a copy of version 5.1, so I can't tell if it happens there as well. The problem is repeatable 100%. A document that is supposedly saved as "General" will cause some disk activity as if it is being saved, but you will never find anything on your disk. As far as I only it only happens with documents saved as "General". You can imagine how baffled I was the first time it happened to me, just after finishing a lengthy letter. I looked all over the place using disk utilities, searching utilities, etc. (no, you hackers out there: the file is not "invisible" either). It was gone. However, after a while the logic behind the "General's disappearing act" dawned on me: some of you may remember that only two months ago, Chile's former dictatorial regime, headed by General Augusto Pinochet, was replaced by the democratically elected president Patricio Aylwin. So remember from now on: General will always disappear :) -- Thomas Fruin Apple Chile AppleLink: LAICHI.SPT (laichi.spt@applelink.apple.com) Internet: tafruin@heraldo.apple.cl ------------------------------ Date: Tue, 8 May 90 09:46:06 -0700 From: "David G. Novick" Subject: `Hacker' alters phone services The Spring, 1990, issue of Visions, the Oregon Graduate Institute's quarterly magazine, has an interesting article on a man who broke into telephone computers, creating the kinds of disruptions that have been discussed lately on RISKS. The programmer, named Corey Lindsly, lives in Portland, OR. He was eventually arrested and pled guilty to a felony count of stealing long-distance phone service. Here is an excerpt. --David Confessions of a Computer Hacker by Michael Rose Visions (Oregon Graduate Institute quarterly magazine) Spring, 1990 ... Perhaps the most disturbing part of Lindsly's adventures was his penetration of AT&T Switching Control Center Systems. These sensitive computers support long distance telephone service. System administrators for 17 of these computers spent over 520 hours mopping up Lindsly's damages. According to [AT&T New Jersey manager of corporate security Allen] Thompson, Lindsly could have "severely disrupted" the nations's telephone service. Lindsly, however, bristles at the suggestion of his doing potentially dangerous stunts. Anything beyond harmless pranks is "beneath the hacker ethic and uncouth," he says. He does admit to disconnecting phones, changing billing status, and adding custom calling features. He also likes to convert residential lines to coin class service, so when the unwitting homeowner picked up his phone, a recorded voice would tell him to deposit 25 cents. "Swapping people's phone numbers ... now that was great trick," he recalls, with obvious amusement. "You would have your next door neighbor's number and he would have yours, and people would call you and and ask for your neighbor, and vice versa, and everyone's getting totally confused." ------------------------------ Date: Mon, 7 May 90 09:20:17 CDT From: beede@SCTC.COM (Mike Beede) Subject: Re: A funny thing happened at the lottery office (RISK-9.89) >When a man visited the Minnesota lottery office with a winning ticket worth >$1000, employees looked through his records and found he owed the state that >amount - and more. So he was handed a cheque for $0.00 - and a tax form. Completely true, and has happened a number of times already. The amounts mentioned in local papers range up to the maximum $5,000 prize. Quite a lot of controversy about introducing a state lottery here -- a columnist made an interesting observation: this is the first time the state of Minnesota (known as a very high-tax state) has ever offered a tax break based on intelligence. I guess I agree -- the payout is something like 12.5 cents on the dollar. With a max of 5 grand, it takes a real dweeb to blow anything on a ticket. Of course, they are selling millions per week . . . . Innumeracy runs rampant. Mike Beede, Secure Computing Technology Corp 1210 W. County Rd E, Suite 100, Arden Hills, MN 55112 (612) 482-7420 ------------------------------ Date: Mon, 07 May 90 13:44:30 -0700 From: Emmett Hogan Subject: Re: Lottery (RISKS-9.89) This is true. If you win any lottery amount for which you must go to the lottery office to collect (usually $1,000 and up) they will check you records for: 1) Outstanding Taxes Owed. 2) Gov't supported loans which are in arrears (i.e. delinquent or defaulted STUDENT loans) 3) Any fines (parking, traffic, etc) owed. 4) Basically any outstanding money owed to the gov't. (Provided it is in collections) and take that out of your winnings. I had a friend who had won $1,000 in the Virginia lottery but had several thousand dollars in delinquent student loans, so he had to find a very good friend, who didn't owe the gov't money, and whom he trusted ALOT to go pick up the money. Emmett Hogan Computer Science Lab, SRI International [Further contribution from david paul hoyt steve@jhereg.Minnetech.MN.ORG (Steve Peterson).] ------------------------------ Date: 8 May 90 14:41:50 EDT (Tue) From: larry@kitty.UUCP (Larry Lippman) Subject: Risk of Unauthorized Access to TRW Credit Database Ever wonder how TRW access information gets "discovered"? TRW dialup access is still notoriously unsecure, and any employee in the credit office of a legitimate TRW subscriber (like a major retail store) can obtain in a matter of minutes access information which would allow any third party with a PC to spoof the legitimate TRW subscriber. During the 1970's when many TRW subscribers were still using ASR-33 teletype machines to access the TRW database, the lack of security was appalling. Typically, a TRW subscriber would encode credit request information for one or more customers while the ASR-33 was offline; i.e., they would punch a paper tape. The TRW access code (common to a local area) and subscriber identification number was encoded in the answerback drum of the ASR-33. The first part of the paper tape consisted of this punched information when the answerback was triggered by the operator entering a CTRL-E, which was the first step in preparing the paper tape. A measly two-character "security check" was then entered by hand. This two-character "security check" often remained the same for the better part of a year. After the tape was prepared it was placed in the ASR-33 reader and the local access number dialed. Following printing of the reports, the paper tape was discarded - usually without regard to security. Anyone rummaging through a dumpster who got their hands on even ONE paper tape would obtain all the access information necessary to spoof the target store. But wait... it gets *worse*... The two-character "security check" code was also openly printed on any resultant credit report! And any customer who asked to see their credit report (a not unusual or unreasonable request, if made under appropriate circumstances), and who knew where to look could obtain the subscriber identification and security check code for the target store. Short of implementing a hardware encryption or other security device whose physical presence is necessary and whose encryption and/or authentication keys cannot be readily extracted, the risk of unauthorized access to the TRW Credit Database will remain significant. Larry Lippman @ Recognition Research Corp. a ------------------------------ Date: 9 May 1990 08:59:37 GMT From: andyc@minster.york.ac.uk Subject: Unusual traffic light behaviour As I was driving through York last night, I came to a set of traffic lights which were red-amber (for non-British readers, the British traffic lights work on a sequence of red, red-amber, green, amber, red). A driver in front of us had stopped at these lights (which is slightly unusual, most UK drivers seem to take red-amber as meaning 'go', although you are supposed to wait until the lights go green). After waiting at the lights for twenty seconds or so, it became apparent that the lights weren't going to change (they normally stay red-green for 1.2 seconds, if my memory serves me correctly), so the driver drove on, and we followed him. Traffic controllers in the UK are based around a microprocessor controlling up to 16 or 32 'phases' (i.e. different sets of lights). In addition to software protections, a hardware interlock is provided to ensure that no two conflicting phases go green at the same time. However there is only software preventing other failures. In York there is also a traffic control centre, which can alter traffic light timings, and other parameters (the controller software cannot, however, be altered). A possible scenario of what happened is that the register containing the time of the red-amber state became altered from 6 to some larger time step (the timings go up in steps of 0.2 seconds). The implications of this are slightly worrying: green lights on one phase with red-amber on a conflicting phase. The above information is based on my employment with a company who makes traffic controllers, and may be incorrect in places, but is mostly correct. Andy Coombes, Department of Computer Science, University of York, Heslington, YORK ------------------------------ Date: Mon, 7 May 90 18:36:54+0900 From: Yoshio Oyanagi Subject: High School Boy's Story was a Fake (Sharp Virus) I posted a news about two kinds of virus Namba I and Namba II on Sharp X68000. During the long vacation of Japan (so called Golden Week, until May 6) the story of a high school boy about making the virus with fourty people according to the request of a client turned to be a fake. Asahi Shinbun newspaper on its May 4 issue printed an apology for making trouble to many people with the unfounded story. It remains a mystery who made the two viruses and how the game software was contaminated by them. Yoshio Oyanagi (Univ. of Tsukuba) ------------------------------ Date: Thu, 10 May 90 19:28:13+0900 From: Yoshio Oyanagi Subject: More about Sharp's Viri in Japan Artdink Inc. is now distributing the vaccine against the virus which was contained in the simulation game software "FAR SIDE MOON". It says that the virus in question is attached to the battery backed-up area of the SRAM of X68000 and if the system is booted by a floppy without the protect seal, the floppy is contaminated. It is named "NX68K IPL V1.02". The effect of the virus is it will destroy the data on the floppy after July this year. This virus started to prevail among X68000 users last December. Artdink started to sell "FAR SIDE MOON" for X68000 on April 13 (Friday !!!!). 3200 sets have been sold before calling back due to the virus. Not all the articles are contaminated, only those in limited lots. This software consists of three floppies, among which only game disk is contaminated while system and data disks are not. If a user boots the dirty floppy according to the manual, the virus is not transfered to the SRAM. The vaccine, named "DOCTOR" was written by the editorial office of the journal "Oh! X" for X68000 users. It initializes the SRAM and make it immune and it kills the virus on the floppy. However, it is effective only to two viri V1.02 and V1.05. Yoshio Oyanagi (Univ. of Tsukuba) ------------------------------ Date: 7 May 90 13:09:00 MDT From: "Gary McClelland" Subject: ARMY wants computer viruses for battlefield use (Gary McClelland) The Boulder, CO Sunday Camera for May 6, 1990 reports [in a box of "National Briefs" attributed to unnamed "Camera wire services"] Army considers computer virus as weapon: The U.S. Army is looking for help to develop the seeds of new-age germ warfare: It wants business to help it turn computer "viruses" into military weapons. Experts predict the viruses, if successfully developed, could be used to wreak havor on the increasing number of computers in the battlefield. The destructive computer programs, which have increasingly damaged commercial and research computer systems in the past four years, could be used to disrupt military communications, impede the control of weapons and feed misleading data to enemy commanders. The viruses could also be used to alter the programming of crucial communications satellites serving combat units, the experts said. The Army is soliciting bids from small businesses to determine the feasibility of using computer viruses in warfare. And it is willing to pay as much as $550,000 to a company that comes up with a plan for creating the programs -- and figures out how to use military radio systems to introduce them into enemy computers. [No mention of a comparable RFP to protect the Army's computers against the same fate.] Gary McClelland gmcclella@clipr.colorado.edu [Also noted by jwm@stdc.jhuapl.edu (Jim Meritt)] ------------------------------ Date: Tue, 8 May 90 15:18:02 CDT From: riley@src.honeywell.com (Vic Riley) Subject: A-320 avionics malfunctions An Associated Press story in the May 7 St. Paul Pioneer Press says that Northwest Airlines is having recurring problems with its A-320 flight control systems. "Northwest has sent pilots a bulletin advising them of possible problems following 'a recent series of events related to suspected failures' in the cockpit computer system." Northwest is reportedly involved in discussions with the FAA and Airbus to prevent and correct the problems. The rest of the report contains quotes and so forth maintaining that none of the failures has endangered passengers, and that such failures are normal "when you're breaking in an aircraft". No explanation of exactly what types of failures or anomalies have been observed. ------------------------------ End of RISKS-FORUM Digest 9.90 ************************