Subject: RISKS DIGEST 9.97 REPLY-TO: risks@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Wednesday 30 May 1990 Volume 9 : Issue 97 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: The C3 Legacy, Part 6: Feedback (Les Earnest) Re: You Think YOU Have Trouble with Your Telephone Company? (Rodney Hoffman) Right to Privacy, Public Funds, and the 2600 (Bob Estell) Re: Steve Jackson Games & A.B. 3280 (Chuq Von Rosbach) Re: ATMs robbed with no signs of tampering (Bob Campbell) Re: ATMs robbed in Trump Castle (Avi Belinsky) Re: Secure UNIX Infected? (Mark Gabriele) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line (otherwise they may be ignored). REQUESTS to RISKS-Request@CSL.SRI.COM. TO FTP VOL i ISSUE j: ftp CRVAX.sri.comlogin anonymousAnyNonNullPW cd sys$user2:[risks]get risks-i.j Vol summaries in risks-i.00 (j=0). ALL CONTRIBUTIONS ARE CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. ---------------------------------------------------------------------- Date: 30 May 90 1036 PDT From: Les Earnest Subject: The C3 Legacy, Part 6: Feedback [My apologies for the gap in this series -- I'm running for City Council currently and don't seem to have enough spare cycles. -Les] Was there ever a command and control system that worked? My opening remark in RISKS 9.80 was: "Of the dozens of command and control system development projects that were initiated by the U.S. Air Force in the early 1960s, none appeared to perform its functions as well as the manual system that preceded it." Gene Fucci, who worked on the Air Force satellite surveillance programs as a project engineer on SAMOS and later as Field Force Test Director of MIDAS, found my remarks "somewhat distorted" in that he believes the satellite command and control systems worked well. I will plead relative ignorance of those systems, but note that they were called just "control systems" until "command and control" became a buzzword in the early 1960s. I do not wish to take the position that all systems to which the term "command and control" or "command-control- communications" was eventually applied were failures -- just that all of the dozens that I knew of were failures. SAGE revisited Some of the earlier C3 Legacy postings on SAGE have found their way via a circuitous route to an old friend of mine, Phil Bagley, who also helped design that system. Phil has now sent me snail-mail that takes a different view of that program, as follows. "I think that you have discovered what is behind the curtain. In case you haven't, let me tell you my view. The motivation behind a big military electronic system such as SAGE or BMEWS is _not_ to have it work. It is just to create the _illusion_ that the sponsor is doing his job, and perhaps peripherally to provide an opportunity to exercise influence. Lincoln Lab and MITRE had no motivation to point out the obvious -- that the emperor had no clothes. If you had asked a responsible think tank who had no stake in the outcome how to deal most effectively with the issues, you would have recommendations very different from those that guided the electronic systems developments. "Now it wasn't all for naught. Out of SAGE, computer technology got a big boost. IBM learned how to build core memories and made a lot of money building machines with core memories. Lots of people like you and me got good systems and programming training (I still write programs). Ken Olson learned how to design digital equipment and ultimately gave the world a few billion dollars worth of Vaxes. "The moral of all this is: When things appear not to make sense you very probably are looking at it from the `wrong' point of view. Another way to say it: It's pretty hard to fool Mother Nature, so if it appears that she is being fooled, try to find a point of view which doesn't imply that she's being fooled." While Phil and others may be comforted by this view, I will argue that it amounts to nothing more than "Whatever is, is right," which grates on my rationalist soul. I believe that if a comparable amount of government money had been invested in research, or on a more tractable application, that computer technology would have advanced much more quickly than actually happened. I believe that as soon as MIT and MITRE engineers figured out that they had designed an unworkable system, they had an ethical obligation to point that out to their sponsors. Instead they (we) helped perpetuate the myth that it worked so that we could continue in our beloved technological lifestyle. Phil's mention of Ken Olson reminds me that we gave a going-away party for him and Harlan Anderson at the MIT Faculty Club when they left to form their company to make transistorized digital modules based on experience in building the TX-0 and TX-2 computers at Lincoln Lab. We told them that they could have their old jobs back after their start-up went belly-up, as we all expected. In fact, that reportedly came rather close to happening more than once in the first couple of years, but somehow DEC squeeked through and grew a bit. Requiem: the SAIL computer, which would have reached the grand old age of 25 next week, is slated to retire tonight and die in the near future. It has provided an intellectual home for a very productive generation of researchers and will be remembered fondly. (Next part: the Foggy Bottom pickle factory) -Les Earnest (Les@Go4.Stanford.edu) ------------------------------ Date: 30 May 90 12:58:31 PDT (Wednesday) From: Rodney Hoffman Subject: You Think YOU Have Trouble with Your Telephone Company? [Admittedly tangential, but fun....] [Oh, yes, this is a VERY OLD shaggy dog story, but worth retelling. It might even have appeared in RISKS before, but I don't recall it. On the other hand, this time I do not feel like grepping my way through the archives. Apologies to those of you to whom it rings true. PGN] Donald Wechsler's story in RISKS 9.96 (about the Lhasa apso which may have learned to dial 911) reminded me of one of my favorite stories. I found it in "Computers and Society Digest", Number 39, Tuesday, September 9th 1986. As you can see below, it is said to have originated in 1977. . . . . . . . . . . . . . . . . . . . . . . . . Date: Mon, 8 Sep 86 16:03:35 PDT From: Dave Taylor Subject: Interesting Phone Calls AN UNUSUAL TELEPHONE SERVICE CALL This story was related by Pat Routledge of Winnepeg, ONT about an unusual telephone service call he handled while living in England. It is common practice in England to signal a telephone subscriber by signaling with 90 volts across one side of the two wire circuit and ground (earth in England). When the subscriber answers the phone, it switches to the two wire circuit for the conversation. This method allows two parties on the same line to be signalled without disturbing each other. This particular subscriber, an elderly lady with several pets called to say that her telephone failed to ring when her friends called and that on the few occasions when it did manage to ring her dog always barked first. Torn between curiosity to see this psychic dog and a realization that standard service techniques might not suffice in this case, Pat proceeded to the scene. Climbing a nearby telephone pole and hooking in his test set, he dialed the subscriber's house. The phone didn't ring. He tried again. The dog barked loudly, followed by a ringing telephone. Climbing down from the pole, Pat found: a. Dog was tied to the telephone system's ground post via an iron chain and collar b. Dog was receiving 90 volts of signalling current c. After several jolts, the dog was urinating on ground and barking d. Wet ground now conducted and phone rang. Which goes to prove that some grounding problems can be passed on. This anecdote excerpted from Syn-Aud-Con Newsletter, Vol 4, No 3, April 1977. ------------------------------ Date: 30 May 90 08:41:00 PDT From: "FIDLER::ESTELL" Subject: Right to Privacy, Public Funds, and the 2600 [RISKS-9.95] There is a dual standard of conduct, of ethics, for managing money: One for private funds, and another, higher standard for "public money." All of us who spend public money, collect it, live on it, are called to an ethic described, by Shakespeare I believe, for Caesar's wife, to be "above suspicion." The rule is simple: If you choose to live by your wits, and to be "sharp" in your professional practices [i.e., bend rules that are flexible, cut corners that "don't seem to matter"], then do it with private funds. The backbone of the InterNet is publicly funded. Period. Many of the host computers on the InterNet are publicly funded. Thus, I have always assumed that the traffic was monitored from time to time. Some of us have taken advantage of that to bring issues to the attention of the monitors, without having to find explicit US Mail addresses for them. All who benefit from the privilege - "PRIVILEGE," NOT "RIGHT" - of spending public money must be even more prudent with that public money than with our private funds. So many have gotten "the top of the line model" because it was available; in private life - REAL life - we often choose some lesser model, because it is prudent to compromise. [Else we would all be driving Cadillac, BMW, Mercedes, Mazda, or some other very fine automobiles, instead of the Fords and Chevrolets and other good, but not excellent, cars we do.] I recently wrote a US Senator with an idea for capital gains tax breaks. In part, I suggested that the US make intelligent decisions about which industries to encourage, rather than offering tax benefits for any investment held over some period of time. An approximate quotation of my rational summarizes my belief: " We should probably not give capital gains tax breaks for investments in Jack Daniels, and Playboy. I may choose to spend my private dollars that way, but I don't want my tax dollars spent that way." The US Mail (postal service), once part of government, is now said to be a "private corporation" with some special management by the executive branch, with Congressional oversight - but different in kind and degree from either the old or new "AT&T." In any case, users are said to pay, at the time, for services rendered, one letter or parcel at a time. Even so, there are regulated - forbidden - uses of the mails, aside from and in addition to the privacy aspects. We must appreciate the old maxim that "Your right to swing your fist ends at the tip of my nose." The 2600 gang needs to understand the computer corollary of that; and, as they say, we all need to understand the risk that nontechnical zealots will over legislate to protect their noses. Bob ------------------------------ Date: 30 May 90 05:15:22 GMT From: chuq@Apple.COM Subject: Re: Steve Jackson Games & A.B. 3280 (Sherwood, RISKS-9.96) A couple of points that aren't in this report. According to reports I've seen elsewhere, the person working on for Jackson Games was a former Legion of Doom member, who was also working on a book of interviews of Doom members. If what I just said actually is true, having a known hacker writing a 'manual' on hacking, even a fictional one, is something the Secret Service would want to keep an eye on -- imagine, for instance, that the fictional game instructions are actually true and the supplement was published as a way of passing them around in a covert way. Now, everything I've heard indicates this isn't what happened: it really is fictional material. But it's an interesting concept in theory. > The amorphous nature of the raid is what is most frightening to me. Does >this raid indicate that those who operate bulletin board systems as individuals >are at risk for similar raids if someone posts "hacking" information on their >computer? If you're running a BBS that's supporting a group of system crackers, you are, at least, contributory to felony crimes. Sure you should worry about someone knocking on your door. A BBS that's on the up-and-up should have no worries, though. >Or does it indicate that games which involve "hacking" are subject >to searches and seizures by the federal government? Does it indicate that >writing about "hacking" exposes one to the risk of a raid? It seems that this >raid goes over the line of protecting society and has, instead, violated the >freedom of its citizenry. Not if the Legion of Doom angle is true. This is not to imply that Steve Jackson or Jackson games was at all involved with any Doomers, but moire likely stuck in the middle. Chuq Von Rospach <+> chuq@apple.com <+> [This is myself speaking] ------------------------------ Date: Wed, 30 May 90 17:04:59 pdt From: Bob Campbell Subject: Re: ATMs robbed with no signs of tampering I recently had a chance to inspect the back of an automated teller while conducting some business with the human teller that works part-time on site. It was divided into three sections, the computer, the records and the money. I noticed that one section had both combination and key locks and was informed that it contained the money. The section housing the computer was defended by a simple key lock. I pointed out that Hewlett Packard was filled with people who design and build computers as well as equipment to monitor and test computers she noted that her teenage son thought it was a risk, but the bank considered the money quite safe. Now if the lock manufacturer can make a key from lock number and type . . . Bob Campbell, Hewlett Packard ------------------------------ Date: Wed, 30 May 90 10:44:02 EDT From: abelinsk@sunee.waterloo.edu (Avi Belinsky) Subject: ATMs robbed in Trump Castle (Re: RISKS-9.96) >"`It was a legal access. It was not forced open. The system was ^^^^^ >compromised,' O'Brien said." Legal in the syntactic sense perhaps, but surely not in the legal sense. Yet another example of when computer jargon crosses the boundary into everyday speech. Avi ------------------------------ Date: Wed, 30 May 90 15:20:14 EDT From: gabriele@riverdale.toronto.edu (Mark Gabriele) Subject: Re: Secure UNIX Infected? (Bellovin, RISKS-9.96) smb@ulysses.att.com writes: > There's a world of difference between, say, ``B1- certifiable'' -- which > generally means a feature list -- and ``B1 certified.'' I'd like to state for the record that what the NCSC does is NOT product "certification", but product "evaluation". Certification refers to a specific site being approved (usually by an authority referred to as a DAA, or Designated Accrediting Authority) as "B1 (or whatever digraph) secure". This certification may be contingent upon posting armed guards at every door to identify users instead of including a user authentication mechanism in the system, or any other restrictions the DAA feels are appropriate. An NCSC evaluation, on the other hand, is based upon the TCSEC requirements exclusively. A product must meet all of the requirements for a candidate class in order to receive that rating; there is no bargaining with the requirements based upon the judgement of a DAA. Thus, an *evaluation* of a system is generally more stringent than a certification, because the evaluation process tends not to allow a procedural correction for a deficiency in the hardware and software elements of the system. Mark Gabriele (gabriele@hub.toronto.edu) ------------------------------ End of RISKS-FORUM Digest 9.97 ************************