Issue 21.00

  • Info on RISKS (comp.risks), contributions, subscriptions, FTP, etc.
  • SUMMARY OF RISKS VOLUME 21 (15 August 2000 -- ) (NOTE: This summary is archived in ftp file risks-21.00 at ftp.sri.com, cd risks, and is also at http://catless.ncl.ac.uk/Risks/21.00.html.)
  • Issue 21.01

  • Russian nuclear sub trapped on bottom of Barents Sea (Keith A Rhodes)
  • Risks of train doors: Sydney (Simon Carter)
  • Admissions mixup leaves Northeastern University struggling (Daniel P. B. Smith)
  • Not so smart weapons in Kosovo (Lord Wodehouse)
  • Private phone records on Web (Kevin L. Poulsen)
  • Barclays Internet-banking security-glitch following software upgrade (Pete Morgan-Lucas)
  • Security hole in Netscape (NewsScan)
  • The Pentagon worries that spies can see its computer screens (Gregory F. March)
  • Online gambler goes to prison (NewsScan)
  • County blew $38 million on canceled payroll system! (Joan Brewer)
  • Delays in the new UK Air traffic control system (Ursula Martin)
  • Microsoft vulnerabilities, publicity, and virus-based fixes (Bruce Schneier)
  • REVIEW: "NT 4 Network Security", Strebe/Perkins/Moncur (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.02

  • Hoaxes: When will they learn? (Dave Farber)
  • NY State's running out of fingerprint IDs (Danny Burstein)
  • Mobile phone malware on i-mode in Japan (Kevin Connolly)
  • Firepower via Web interface (Anatole Shaw)
  • Sydney Airport baggage system fails for second time in five days (Stellios Keskinidis)
  • Airline E-Ticket risks (Paul Wallich)
  • Risks on public transit: mechanical and human failures in Toronto (Stephen van Egmond)
  • Bangkok robot security guard (Torrey Hoffman)
  • Professor stole 40 student SSNs and IDs to get credit cards (Joan L. Brewer)
  • Kaiser Permanente medical e-mails go astray (Sheri Alpert)
  • Wake up, your TV is talking to your bracelet (NewsScan)
  • SSL Server Security Survey (Monty Solomon)
  • *The Globe and Mail* Web site exposing search-engine log file (Esteban Gutierrez-Moguel)
  • Blocked e-mail and Web sites (PGN)
  • Major security hole in new online organizer service (Paul van Keep)
  • Hackers breach Firewall-1 (PGN)
  • GAO says EPA's computer security is "riddled" with weaknesses (Declan McCullagh)
  • Bruce Schneier's Secrets and Lies (PGN)
  • Software Risk Management Conference ISACC (Gary McGraw)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.03

  • New security vulnerability: 13-year-old 'r00ts' popular polynomial (Leonard Richardson)
  • Pretty Good Bug found in Windows versions of PGP (Declan McCullagh)
  • Two cables (Doneel Edelson)
  • Four of the 13 root servers used by Network Solutions (Dave Farber)
  • Court says FBI has been given too much wiretap power (NewsScan)
  • "Free" e-mail accounts and passwords exposed for a month (Peter Kaiser)
  • Hotmail blows it badly? (Jay R. Ashworth)
  • Possible Y2K bug strikes UK Egg Bank (Ralph Corderoy)
  • More risks of filtering software (David Goddard)
  • Risks of Eurdora 4.x (David Sedlock)
  • "Verify your age with a credit card": more than $188M fraud (Lenny Foner)
  • Re: Airline E-tickets (Adam Shostack)
  • Re: Hoaxes: when will they ever learn (Eric Murray)
  • Re: SSL Server Security Survey (Sean Eric Fagan)
  • Re: mechanical and human failures in Toronto (Mark Brader)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.04

  • Identity theft (PGN)
  • Government computers at risk (NewsScan)
  • Satellite system outage hits Associated Press (Keith A Rhodes)
  • Puerto Rican capital without power (Doneel Edelson)
  • New Pentium III chip recalled (NewsScan)
  • CSX crew spots problem signal, averts collision (Chuck Weinstock)
  • F-117 stealth fighter in near-miss with UAL jet (PGN)
  • Fake air controllers alert in UK (Joe McCauley)
  • Swissair 111, TWA 800, and Electromagnetic Interference (Fred Ballard)
  • D.01: off by x100 stock prices (Bob Blakley)
  • Western Union Web site hacked (Keith A Rhodes)
  • FBI arrests Emulex hoax suspect in Calif. (NewsScan)
  • Glitch at Amazon.com exposes e-mail addresses (Keith A Rhodes)
  • Windows NT/2000 "Lock Computer" allows palm sync (Avi Rubin)
  • 1,000 system updates??? (Scott Rainey)
  • Risks of partially updated Web pages (Daniel P.B. Smith)
  • Re: Major security hole ... (Chris Adams, Michael Loftis)
  • Re: Your TV is talking to your bracelet (George Weaver)
  • PFIR statement on government interception of Internet data (Lauren Weinstein)
  • REVIEW: "Big Book of IPsec RFCs", Pete Loshin (Rob Slade)
  • 2001 IEEE Security and Privacy Symposium (Jon Millen)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.05

  • Qualcomm CEO's laptop vanishes, containing corporate secrets (NewsScan, David Lesher)
  • Computers shut down aircraft engines in flight (Mike Beims)
  • Russian troops block power shutoff (Doneel Edelson)
  • OPEC site hacked (Mike Hogsett)
  • Navy carrier to run Win 2000 (Mike Ellims)
  • Re: Windows NT/2000 palm sync (Avi Rubin)
  • Re: Identity theft (Carl Ellison)
  • Re: D.01: Off by x100 (Terry Carroll)
  • Re: New Pentium III chip recalled: typo (Gideon Yuval)
  • Risks of using HTML Mail and HTTP proxy "censorware" together (Dan Birchall)
  • Concorde crash report (Peter Kaiser)
  • Computerized air-conditioning risks (Pere Camps)
  • ``Netspionage'' is the real security threat on the Net (NewsScan)
  • Hackers offered $10,000 bait (NewsScan)
  • A subtle fencepost error in real life (Andrew Koenig)
  • New credit-card solution? (Joshua M Bieber)
  • Reconstructing Privacy - Conference Announcement (Gene N Haldeman)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.06

  • Australian online voting scores: no oohs 'n Oz? (Garry Allen)
  • Youthful toothful (PGN)
  • Concorde Problem Visibility (Peter B. Ladkin)
  • Re: Concorde crash report (Zygo Blaxell)
  • Ostrich Farming? (Pat St-Arnaud)
  • Pentagon security gate goof, again (PGN)
  • U.Wisconsin alters photo to add "diversity" to student body (PGN)
  • Why software fails (Mike Lewis)
  • Filtering, censorship, silence: Who owns the language? (Richard Schroeppel)
  • Re: Decimalization and Ford Stock Splits (Timothy Prodin)
  • Re: Identity theft (Martin Minow)
  • Re: Qualcomm CEO's laptop vanishes (Camillo Sars)
  • Re: Risks of using HTML Mail and HTTP proxy "censorware" together (J.D. Abolins)
  • Artificial Intelligence strikes again (Rodger Whitlock)
  • SBC Calling Card PIN (Conrad Heiney)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.07

  • California DMV fosters identity theft? (PGN)
  • Single points of failure and backup plans (William P.N. Smith)
  • Control of Olympics news coverage (NewsScan)
  • Tighter security poses a security threat (Ray Randolph)
  • Cochise County election computer errors (Nicky L. Sizemore)
  • The risk of identity theft (Amrith Kumar)
  • De Fault is in Default (Charlie Shub)
  • Re: AI strikes again (Perry Bowker, Zygo Blaxell)
  • REVIEW: "CyberShock", Winn Schwartau (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.08

  • 50 million adults at risk for 'net illiteracy' (NewsScan)
  • China announces new rules for Internet content (NewsScan)
  • Italian police stop digital bank robbery (Meine van der Meulen)
  • Computer-related sewage release into Massachusetts Bay (Jonathan Drummey)
  • ISP whacks game fan with $24,000 bandwidth fine (Doneel Edelson)
  • I've been dropped from a life-time membership (Leonard X. Finegold)
  • Carnivore review team information leaked (PGN)
  • What Bloatware is Not (Rick Downes)
  • EMI, TWA 800 and Swissair 111 (Peter B. Ladkin)
  • ABC newsradio network blocked during Olympics (Phillip Musumeci)
  • The need for functioning IT environments (Thomas Roessler)
  • Re: Why software fails (Jurek Kirakowski)
  • Intel hasn't learned... (Steve Bellovin)
  • Test Practitioner Syllabus: 17 Oct deadline for comments (Dorothy Graham)
  • REVIEW: "Storming Heaven", Kyle Mills (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.09

  • Air-traffic control woes (PGN)
  • Aviation near-crashes in Kathmandu (Phil Carmody)
  • Typo + "strange glitch" = private files world-readable (Michael Froomkin)
  • Risks of an `uninterruptible power supply' (Ross Anderson)
  • How to upset your customers (John Pettitt)
  • Did I *really* request my password in plaintext? (Matt Stupple)
  • Over capacity @Home (Dave Isaacs)
  • Minister racks up $50,000 phone bill (Fergus Henderson)
  • EZ-Pass discovers risk of sending URLs instead of actual text (danny burstein)
  • Yet another daylight savings time problem... (Gordon Henderson)
  • I'm falling back, and I can't get up. (Richard Glover)
  • Worm risk multiplier (Jeremy)
  • Re: Carnivore review team information leaked (Rob Warnock)
  • Re: AI strikes again (Chris Meadows, Marcos)
  • Re: U. Wisc altered photographs: They're not the only ones (Fredric L. Rice)
  • Re: 50 million adults at risk for `net illiteracy' (K Parker)
  • CFP: Risk Assessment & Policy Assoc. International Conference (John M. Gleason)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.10

  • Pennsylvania county wins $1M for faulty computer voting machines (David Banisar)
  • Thoughts on computers in voting (Douglas W. Jones)
  • Security of electronic voting in public elections (Avi Rubin)
  • Saturn made a bad assumption in my engine (William Colburn)
  • I crashed because my phone was ringing (Scott Gregory)
  • Unplanned roll in NASA's X-38 (James H. Paul)
  • *Lack* of barcode causes train to trap passengers (Jeff Stieglitz)
  • No security in Internet-connectable laboratory instrument controller (Stephen D. Holland)
  • Risk of using 'meaningful' file names (Charles Bryant)
  • Re: Typo+"strange glitch"=private files world-readable (Steve Summit)
  • REVIEW: "Virus Proof", Phil Schmauder (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.11

  • Did a human factors problem affect the U.S. presidential election? (Steve Bellovin)
  • More on Florida in this and previous elections (PGN)
  • E-voting as a panacea for Florida count? (Jeremy Epstein)
  • CNN: E-voting could have prevented U.S. election chaos (Evan McLain)
  • "REALITY RESET": "Hacking the Vote" (Lauren Weinstein)
  • Web sites report exit poll results before networks do (NewsScan)
  • Political dirty tricks, cyber-style (NewsScan)
  • Vote auction Web site moves operations overseas (NewsScan)
  • UK air-traffic control problems (PGN)
  • Indianapolis FAA route center running on generators for a week (Nathan Brindle)
  • Raccoon power outage over the weekend (Dan Ellis)
  • Researchers able to defeat digital music security measures (NewsScan)
  • Verisign and MS authenticode (Carl Byington)
  • Microsoft Web site vandalized (NewsScan)
  • The latest in anti-spam technology (Greg Compestine)
  • Re: EMI, etc. (Pete Mellor)
  • 2001 USENIX Annual Technical Conference - Call For Papers (Andrea Galleni)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.12

  • Sanity in the Election Process (Lauren Weinstein and Peter Neumann)
  • Statement by Don A. Dillman on Palm Beach County Florida Ballot (Rob Kling)
  • Florida vote counts (PGN)
  • The end of the Multics era (PGN)
  • Excessive bounce activity and lost messages (PGN)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.13

  • Perspective on election processes (PGN)
  • A better election process? (Dave Stringer-Calvert)
  • Australian Internet cable severed (Dave Farber)
  • CIA secret chat room investigated (PGN)
  • McAfee VirusScan update crashes Windows (PGN)
  • Ticking time bomb in buffer overflow (Jonathan Hayward)
  • Re: The end of the Multics era (Tom Van Vleck)
  • I am glad about the quality of my driver's license photo (Joel Garry)
  • Re: Engine cutouts (Paul Nowak)
  • REVIEW: "Practical Firewalls", Terry William Ogletree (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.14

  • Internet and Electronic Voting (PGN Rebecca Mercuri Lauren Weinstein)
  • Re: Perspective on election processes (Ben Laurie)
  • Arizona Motor Vehicle counterfeiting rings (Paul Nowak)
  • Seattle Hospital Hacked (Lauren Gelman)
  • A new Chinook inquiry? (Mike Ellims)
  • Another Osprey crash (PGN)
  • Space Station risks (Ben Hines)
  • comp.risks considered harmful -- by some (Thomas Roessler)
  • REVIEW: "Hack Proofing Your Network", Ryan Russell et al. (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.15

  • Wells Fargo computer network outage (PGN)
  • ATM network for voting: a non-starter (David Jefferson)
  • Re: Voting by machine (Fred Cohen)
  • Alaska Airlines flight 261 (Jim Horning)
  • NY State DMV canceling auto registrations (Danny Burstein)
  • Another DMV Break-in, in Oregon (PGN)
  • Healthcare data bank contains inaccurate and flawed information (Mike Beims)
  • Germany to rely on on-board diagnostics for vehicle emission checks (Bernd Felsche)
  • High reliability (Adam Shostack)
  • Electrocution leads to more deaths (Martin Minow)
  • Spam as a denial of service attack? (Steve Bellovin)
  • Re: Seattle Hospital Hacked (Lynda Ellis)
  • Computers, Freedom, and Privacy CFP2001 Call for Participation (HIIP)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.16

  • Power cut blocks emergency calls (Stuart Lamble)
  • Important message from egghead.com CEO (Egghead.com)
  • Security advisories becoming less open? (Chris Adams)
  • Another tidbit about the new Microsoft advisory format (Richard M. Smith via Brian)
  • Making something look hacked when it isn't (Richard J. Barbalace)
  • The risk of a seldom-used URL syntax (Rob Warnock)
  • Intelligence risks of e-mail auto-responses (Dan Birchall)
  • Re: Voting by machine (Tony Finch)
  • Re: ATM network for voting: a non-starter (Jeremy Epstein, Barry Margolin, Bill Stewart)
  • Re: High Reliability (Matt Jaffe)
  • Re: Another DMV Break-in, in Oregon (Simson L. Garfinkel)
  • Re: Seattle Hospital Hacked (Todd Wallack, Kevin L. Poulsen, Jonathan Thornburg)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.17

  • Martin Minow (PGN)
  • Australian Ansett B767 fleet grounded due to maintenance breaches (Mike Martin)
  • Interference forces RAF to abandon ILS (David Kennedy)
  • Risks of automatic firmware upgrades (Marc Roessler)
  • IBM and Intel push copy protection into ordinary disk drives (John Gilmore)
  • CERT's ActiveX security report (Richard M. Smith)
  • Privacy/quality risks in Quicken Online Billing (Clay Jackson)
  • Credit report lists ex-spouse's address (Beth Roberts)
  • Wanna know my salary ? (John C Haselsberger)
  • Re: Spam as a denial of service attack? (Steve Wildstrom)
  • Armageddon scenario near-miss (Scott Rainey)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.18

  • Revenge of Y2K, Norwegian trains halted 31 Dec 2000 (Jan L)
  • 7-Eleven unable to process credit cards since 1 Jan 2001 (Steve Hutto)
  • Y2K+1 bug in Sharp Organizer? (Philip Berman)
  • Power cut hits hundreds of millions in India (Edelson Doneel)
  • Repeated computer outages for Swedish bank (Ulf Lindqvist)
  • Telephone outage caused by water-main break (Glenn C. Lasher Jr.)
  • Computer blamed for Russian rocket crash (Peter Neumann)
  • Chinook: key facts ignored by those who want to clear pilots (John O'Connor)
  • CIOs: "What, Me Worry?" (NewsScan)
  • Automatic firmware upgrades in home electronics (Andrew Klossner)
  • Hackers hack science exam (Winn Schwartau)
  • Re: Seattle Hospital Hacked (Daniel Theunissen)
  • Re: IBM and Intel push copy protection ... (Patrick P Gelsinger)
  • Re: IMPORTANT MESSAGE FROM EGGHEAD.COM CEO (Gary Lawrence Murphy)
  • Re: The risk of a seldom-used URL syntax (Crispin Cowan)
  • The top 10 privacy stories of 2000 (Richard M. Smith)
  • Stefan Brands: PKI, digital certificates, and privacy (PGN)
  • Submission Deadline for USENIX Security Symposium, 1 Feb 2001 (Monica Ortiz)
  • Call For Papers - RAID'2001 (Giovanni Vigna)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.19

  • Security at UK nuclear power stations (Brian Randell)
  • Re: Revenge of Y2K, Norwegian trains halted 31 Dec 2000 (Bob Dubery)
  • Motorola flex non-non-non-leap year (Dan Jacobson)
  • Millennium error in Postscript calendar (Eric Lindsay)
  • Two satellite failures (Peter B. Ladkin)
  • Teen intercepts MD's pages, makes medical orders (Terry Carroll)
  • Dutch Railways to introduce electronic access/ID card (Marcus de Geus)
  • Risks of "upgrades" and network-centric applications (Jay R. Ashworth)
  • Re: Chinook (Phil Payne, Ryan O'Connell)
  • Re: CIOs: "What, Me Worry?" (Mark Hull-Richter)
  • Re: Egghead.com (Jonathan Kamens, Mark Hull-Richter)
  • Re: Y2K+1 bug in Sharp Organizer (Philip Berman, Jonathan Kamens)
  • Re: IBM and Intel push copy protection (David Collier-Brown)
  • Security white paper (Gene Spafford)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.20

  • Dell, Unisys and Microsoft -- DUMvoting 1.0! (Gene N Haldeman)
  • San Francisco Airport radar phantom flights (PGN)
  • Cell phone in luggage alarms avionics (David Kennedy)
  • Testimony before the U.S. Civil Rights Commission (Douglas W. Jones)
  • No human finger will actually pull a trigger... (Daniel P. B. Smith)
  • Swiss debit-card system broke down (Andre Oppermann)
  • Subject: Re: The Chinook Crash (Peter B. Ladkin, Mike Beims)
  • Armchair Chinook RISKS analysis is misplaced (Nathan K. Pemberton)
  • Since when is Northern Ireland considered a war zone? (Chris Warwick)
  • Oregon Jurors summoned for 1901 (Aydin Edguer)
  • Y2K bug in Millennium clock (Mike Palmer)
  • Re: 54 weeks in a year? ('o-Dzin Tridral, Paul van Keep)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.21

  • RISKS moved to new mail server and list server program (Mike Hogsett)
  • Look ahead + Cache == oops (Lindsay Marshall)
  • QP -> UL? (Mark Brader)
  • Osprey: A Spree? Us pray? (PGN)
  • Travelocity exposes customer information (Monty Solomon)
  • Network Solutions exposes e-mail addresses (Name withheld by request)
  • Microsoft websites blacked out -- but what happened? (Declan McCullagh)
  • 401k mixup (Jeremy Epstein)
  • Risks of owning a cute domain name (Griffith)
  • Interesting Web risk (Lindsay F. Marshall)
  • Re: Organiser Bugs (Peter B. Ladkin)
  • Two-billion-dollar theft (S Harris)
  • Another Y2K+1 glitch -- sorta (George C. Kaplan)
  • Re: Millennium error, or "something like that" (Amos Shafir)
  • Re: 54 weeks in a year? (Espen Andersen, Bob Dubery, Markus Kuhn, Stan Sieler)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.22

  • Software crash hits Canadian grocery chain (Aaron PooF Matthews)
  • Aircraft had near-miss in Finland (Michael Walsh)
  • UK Trials of GPS controlled car speeds (Steve Loughran)
  • Theft of vehicle leads to robbery at home (D. Joseph Creighton)
  • Bank robber nabbed by GPS (Roger H. Goun)
  • B of A Visa Y2K glitch? (Ethan McKinney)
  • Risks of shortcuts in user interfaces (Austin Donnelly)
  • Cross-site scripting still a threat (Michael Sims)
  • HotMail blocking users from e-mailing Peacefire (Bennett Haselton)
  • Network vandal attacks Microsoft sites (NewsScan)
  • Hacker indicted for network vandalism (NewsScan)
  • Sex-offender Web sites are insecure (Monty Solomon)
  • Remote disabling of satellite TV receiver smart cards (Jeremy Epstein)
  • Shoppers seize unauthorized discounts at Macys.com (Monty Solomon)
  • Re: Palm Pilot Security (Mitch James via Dave Stringer-Calvert)
  • Clone phones with help from AT&T (Nikita Borisov)
  • Re: Chinook (Lloyd Wood, Ken Garlington)
  • Expanding on an urban legend (Danny Burstein)
  • Re: "Security holes protect your equipment from theft" (Daniel P. B. Smith)
  • Re: Risks of mail auto-reply (Jerrold Leichter)
  • Hotmail declines to accept new users with reserved words in last names (Robert Rossa)
  • ACM1 Message for RISKS Subscribers (Lillian Israel)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.23

  • Satellite strike blows away DirectTV pirates (PGN)
  • Senators critical of videogame violence (NewsScan)
  • Could someone die from spam/relay rape? (Sanner)
  • Hackers hit U.S., U.K., Australian government sites (Keith A Rhodes)
  • Risks of pharmacy computer systems (Isaac Hollander)
  • Receipts for Voting Machines (Douglas W. Jones)
  • Flight data recorder in your car's airbag (David Collier-Brown)
  • Re: Aircraft had near-miss in Finland (Michael Walsh)
  • Re: The Chinook Crash (Simon Pickin)
  • Re: Organiser Bugs (Tyler, Mike Cepek)
  • Re: Risks of owning a cute domain name (Terry Carroll)
  • Seeing Y2K bugs everywhere (Andrew Klossner)
  • Re: 54 weeks in a year? (Lawrence K. Chen, Nick Brown))
  • Re: UK Trials of GPS controlled car speeds (Derek Ziglar, Brian Clapper, Andres Zellweger, Harlan Rosenthal, Peter Houppermans)
  • Symposium on Requirements Engineering for Information Security (Gene Spafford)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.24

  • Calligraphy, computers, and Chinese culture (NewsScan)
  • Lost pet fees cost Toronto $700,000 (Perry Bowker)
  • Network Solutions Sells Out -- Domain Info For Sale to Marketers (Lauren Weinstein)
  • Hacker defends his vandalism, blames the victims (NewsScan)
  • AnnaKournikova worm (rcooper)
  • It's the wolf! It's the wolf! (David G. Bell)
  • Osprey crash involved "software fault" (Peter B. Ladkin)
  • Privacy on New Zealand golf Web site (Gavin Treadgold)
  • Risks of outsourcing: you can bank on it! (Cris Pedregal Martin)
  • Microsoft Hotfix undoes previous good (Graham Bell)
  • SiteGuest.com: Unauthorized e-mail address capture whilst browsing (Stewart C. Russell)
  • The very friendly skies of United? (Steve Bellovin)
  • Risks inside my Jan 2001 American Express bill (Thomas Maufer)
  • Domain name mismatch family feud (James Ryan)
  • RISKS of anticipating computer problems (Eric Nickell)
  • Satellite strike blows away DirectTV pirates (Serguei Patchkovskii)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.25

  • Millennium bug in travel agent system (Debora Weber-Wulff)
  • Again: German government plans extensive surveillance (Stefan Kelm)
  • Are free ISPs free? Juno says users must donate processor time (Lenny Foner)
  • The old ones are the best ones: Hidden info in MS Word documents (Paul Henry)
  • Modem misdialing seemingly at random (Chiaki Ishikawa)
  • On paper-size standards (Andrew Klossner)
  • More on the Friendly Skies of United (Steve Bellovin)
  • Re: Risks inside my Jan 2001 American Express Bill (Paul Green)
  • Re: SiteGuest unauthorized address capture (Jean-Jacques Quisquater)
  • Re: Organiser Bugs (Dennis Parslow, Peter B. Ladkin)
  • Re: It's the wolf! It's the wolf! (Martin Jost, Andrew Jackson)
  • When will they EVER learn? (Geoff Kuenning)
  • REVIEW: "Building Internet Firewalls", Zwicky/Cooper (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.26

  • Smart bombs miss again (Lord Wodehouse)
  • Air gaps (Bruce Schneier)
  • Bibliofind exposes lots of credit card data they shouldn't have had (Lenny Foner)
  • TurboTax potential overstatement of gross income (Richard Mason)
  • Risks of buggy cell phone networks (Kragen)
  • SETI@Home felled by a Single Point of Failure (Malcolm Pack)
  • Passwords don't protect Palm data, security firm warns (Yves Bellefeuille)
  • Risks of laptop anti-theft devices (Tony Yip)
  • Where does NAVSTAR say we are, again? (James Paul)
  • Beware assumptions about keyboard layouts... (Perry Pederson)
  • Re: On paper-size standards (Gideon Sheps)
  • REVIEW: "Tangled Web", Richard Power (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.27

  • Stockholm power outage hits high-tech companies (Ulf Lindqvist)
  • New USB Army 'Land Warrior' tech connects the next cybertoys (Bob Frankston)
  • In Japan, do trains check for drivers? (Joyce K Scrivner)
  • UCITA implements DoS and DDoS Vulnerabilities (Warren Pearce)
  • Moon-landing-hoax hoax (Dave Stringer-Calvert)
  • Mistaking list for scalar context brings cops (Jamie McCarthy)
  • Fairfax, VA Police records public (Dan Graifer)
  • Risks of would-be copper thieves (Gregory Soo)
  • Yahoo! Mail translates attachments (Bob Frankston)
  • More on Bibliofind (Lenny Foner)
  • Re: Air Gaps (M.S. Jaffe)
  • Re: Smart bombs miss again (Dave Aronson, Randy Davis)
  • Re: NAVSTAR (PGN)
  • Re: SETI@Home felled by a single point of failure (George C. Kaplan, Mary Schafrik)
  • Re: When will they EVER learn? (Gideon Sheps)
  • Re: Palm passwords aren't... (Peter Houppermans)
  • Don't risk missing the Parnas Symposium at ICSE 2001! (David Weiss)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.28

  • Aasta train crash might have been caused by a safety-critical error (Anton Setzer)
  • Lax security found in IRS electronic filing system (Dave Stringer-Calvert)
  • Dow Jones Industrial Average reported at 0.20 (Lindsay F. Marshall)
  • More on the importance of safeguarding private crypto keys (David Kennedy)
  • Risks of self-induced false alarms (Graystreak)
  • Using automation software without accounting for possible scenarios (Tony Yip)
  • Another "secure" e-book seems unlikely (Moz)
  • The risks of accidentally becoming a customer for life (Jim Youll)
  • NSF study: "Internet Voting is no 'Magic Ballot'" (Terry Carroll)
  • On-line elections (Sarr Blumson)
  • Smart Bombs - Old Story (Bruce E. Wampler)
  • Re: Smart bombs miss again (Richard Schroeppel, Christophe Augier, Pekka Pihlajasaari, Michael Nelson, Bill Stewart, Wm. Randolph Franklin)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.29

  • Identity theft: Forbes-ing a head?
  • Indiana University penetration raises fears of identity theft (Keith A Rhodes)
  • Serious new CA Drivers License ID RISK (Peter V. Cornell)
  • Faulty radar prompts FAA inspections and remediations (Keith A Rhodes)
  • Bogus Microsoft Corporation digital certificates from Verisign (Jeff Savit)
  • Your PGP E-Hancock can be forged (Monty Solomon)
  • Czech PGP flaw tech details (David Kennedy)
  • Politically correct: DoE is slow to warn of computer virus (David Farber)
  • Nokia cell phone trivially easy to unlock (Eric Hanchrow)
  • Hacker sentenced to hacking (Jeremy Epstein)
  • Government, school sites link to porn (Dave Stringer-Calvert)
  • Yahoo! Mail translates attachments (Matt Curtin)
  • Re: Air gaps (Fred Cohen)
  • Re: MIT/Caltech voting study (Paul Terwilliger)
  • German armed forces ban MS software, citing NSA snooping (Pete McVay)
  • MS Word: Ohm, SaveAs Watt (Kevin Rolph)
  • Workshop CfP: Security and Privacy in Digital Rights Management 2001 (Tomas Sander)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.30

  • Electronic tax filing problems blamed on 'user error' (PGN)
  • Cyber surfers caught by fishing nets (Tin Tin)
  • RISKS of rodent teeth (Gregory Soo)
  • Identity Theft -- a personal experience (name withheld)
  • Re: California Drivers License as ID for banks (John McCalpin)
  • Re: "Internet Voting is no 'Magic Ballot'" (Douglas W. Jones)
  • Verisign certificates problem (Roy Sinclair)
  • When security is based on trust (Michael Sinz)
  • Re: Aasta train crash ... safety-critical error (Tor-Einar Jarnbjo, Dave Aronson)
  • IEEE *Software* Special Issue on Building Software Securely (Anup Ghosh)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.31

  • Windows 2000 source code (Mark Thorson)
  • Foot-and-mouth virus propagation (PGN)
  • Upcoming time-change risks (Alan Wexelblat)
  • More self-inflicted defense difficulties (PGN)
  • Classification of the Three Mile Island accident (Andrew Raybould)
  • Re: German armed forces ban MS software (Ralf Bendrath)
  • What they can do with your SSN (Ian Macky)
  • Re: Serious new California drivers license ID risk (Tom Goltz, John Noble)
  • Book: Security Engineering, Ross Anderson (PGN)
  • Invitation to the First "PFIR Future of the Internet Workshop" (Lauren Weinstein)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.32

  • Future Mac Viruses? (PC Rescue)
  • The cost of Windows virus (Joaquim Baptista)
  • Risks of auto-updating software (Alan Wexelblat)
  • Dutch police fight cell theft with text 'bombs' (Thomas Dzubin)
  • Cellphone text bombs (Conrad Heiney)
  • Approved posts to large listservs (Paul Hessels)
  • MSN "upgrade" creates long-distance calling (Steve Holzworth)
  • Re: Hidden info on MS Word documents (Joaquim Baptista)
  • Hidden highway robbery within Terms of Use contracts? (Michael Sinz)
  • EoExchange shuts down services without warning, customer data lost (Derek Ziglar)
  • Re: "Internet Voting is no 'Magic Ballot'" (Jay R. Ashworth, Jurek Kirakowski)
  • Re: Bogus Microsoft Corporation digital certificates (Peter da Silva, WBH)
  • Re: Verisign certificates problem (Camillo Sars)
  • Re: Aasta train crash (Dag-Erling Smorgrav)
  • Re: Serious new CA Drivers License ID RISK (Jim Horning, John Rickenbrode)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.33

  • Software direct cause of December 2000 Osprey crash (Peter B. Ladkin)
  • Computer cords used in escape from police custody (Ulf Lindqvist)
  • WRQ/Reflection and DST (Marc W. Mengel)
  • Dutch government report on privacy (Peter Fokker)
  • Proposed "open" development of voter data standards launched (David Marston)
  • Re: MS Word: Ohm, SaveAs Watt (Markus Peuhkuri)
  • Re: Windows 2000 source code (Dave Aronson)
  • Re: April Fools items (Ursula Martin)
  • Re: When security is based on trust (Ken Cox)
  • What's in you server room? (Audun Arnesen Nordal)
  • Re: tax returns (Wendy Grossman, Paul Ward)
  • Re: identity theft (Chris Viles)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.34

  • MIT'S cathedral of learning: online and free (NewsScan)
  • Modern Times, II (jhaynes)
  • Careful with that e-mail! (Lord Wodehouse)
  • Risks of appearing in rec.humor.funny (Jim Griffith)
  • Re: Risks of auto-updating software (L. P. Levine)
  • More on Yahoo mail's anti-virus attachment translation (Kirrily Skud Robert)
  • Re: Bogus Microsoft Corporation digital certificates (Nick Brown)
  • Summertime blues (Lord Wodehouse)
  • Re: Upcoming time-change risks (Derek Ziglar)
  • Another Silly Date Problem (Peter B. Ladkin)
  • Re: Dutch police fight cell theft ... (Zygo Blaxell, Christian Bartsch)
  • Re: Cellphone text 'bombs' (Peter Chuck)
  • Re: Future Mac Viruses? (Craig S. Cottingham, Paul Hessels)
  • Re: "Internet Voting is no 'Magic Ballot'" (Julian White, Jay R. Ashworth)
  • Bathtub Burnout (Rebecca Mercuri)
  • Auto-updating and ReplayTV (Alan Wexelblat)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.35

  • Reliance on Automation "Top Risk" (Peter B. Ladkin)
  • Kew Public Records Office data input problem (Pete Mellor)
  • Never rely entirely on technology... (Peter Houppermans)
  • You've Got Mail ... From The Admissions Office! (David Tarabar)
  • Server 54, Where Are You? (Jack Burke)
  • Hi-tech toilet swallows woman (Gareth Randell)
  • Denial of Tax Service (Rebecca Mercuri)
  • E-mail address ID theft (A.E. Brain)
  • Sabotaged phone lines + stolen credit cards = safety in theft (Simon Carter)
  • Security flaw found in Alcatel's high-speed modems (Monty Solomon)
  • Alcatel admits more than they meant to (Mike Bristow)
  • Web-enabled air conditioners (Alpha Lau)
  • Risks of sorting time alphabetically (Marcos H. Woehrmann)
  • Using Palm VII's to give traffic tickets (Ian Jordan)
  • More on UCITA (Warren Pearce)
  • Re: Aasta Train Crash (Magne Mandt, Merlyn Kline)
  • Re: Risks of Hidden highway robbery ... (Will Fletcher)
  • Viewers lament incredible shrinking Ultimate TV (Monty Solomon)
  • Do prescription records stay private when pharmacy stores are sold? (Monty Solomon)
  • New flashlight sees through doors as well as windows (Monty Solomon)
  • Windows patchwork (Jay Levitt)
  • REVIEW: "Securing Windows NT/2000 Servers for the Internet", Norberg (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.36

  • Computer system crash stalls D.C. Metro (PGN)
  • UPS Shutdown (Kent Borg)
  • Trial by CCTV (M Taylor)
  • Risks of fabricating funny data (Bill Hopkins)
  • Foreign Flimflam (Keith A Rhodes)
  • Wireless Spam (NewsScan)
  • Slack goes when California DMV gains access to SSA database (Elizabeth Weise)
  • U.S. Government cyberdefense lacking (Dave Stringer-Calvert)
  • Errors in AFFX GeneChip Database (Gregory Soo)
  • 35,000-pound hacking challenge cracked (Jay Anantharaman)
  • Microsoft's wonderful solution for Outlook security (Dave Stringer-Calvert)
  • Re: Amtrak 'Sharing' Information With D.E.A. (John Noble)
  • Re: Aasta train crash (Dag-Erling Smorgrav)
  • Re: V-22: Titanium properties (Edwin M. Culver)
  • Bathtub Burnout (Jan Verbrueggen)
  • Re: Hidden highway robbery within ... contracts? (Norman Gray)
  • Risks of using filtering proxies (Marc Roessler)
  • Power safety (Marcus L. Rowland)
  • First Workshop on Information Security System Rating and Ranking (Jack Holleran)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.37

  • Microsoft Is Set to Be Top Foe of Free Code (David Farber)
  • DMCA: It's Like ... an Analogy Fest! (Monty Solomon)
  • Recording industry threatens researcher with lawsuit (NewsScan)
  • Hack attacks from China? (NewsScan)
  • Space Station software problems predicted four years ago (Philip Gross)
  • Incompatibility shuts down Xerox corporate network (Nelson H. F. Beebe)
  • Destia shuts down service (Doneel Edelson)
  • Mobile phones to prevent car theft? (Yerry Felix)
  • CNN censors profane Webby nominee (Jim Griffith)
  • Another problem with the DNS (Bob Frankston)
  • MS security updates infected with virus (Dave Stringer-Calvert)
  • Microsoft error message (Jean-Jacques Quisquater)
  • Using calendar reminder service to remember anniversary of sad event (Elinsky)
  • Risks of Net-connected appliances (Robert J. Woodhead)
  • Re: MSN "upgrade" creates long distance calling (Steve Holzworth)
  • The follow-on to James Bamford's *Puzzle Palace* (David Farber)
  • Definitions for Hardware and Software Safety Engineers (Meine van der Meulen)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.38

  • Partial Causal Analysis of the December 2000 Osprey Accident (Peter B. Ladkin)
  • Lucent workers charged with selling secrets to Chinese (NewsScan)
  • Citibank's meaningless privacy notice (Vassilis Prevelakis)
  • Fox... hen house... (Hendrik)
  • Bluetooth risks airline safety? (Tom Worthington)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.39

  • U.S. Air Force blasts Outlook security patch (Yves Bellefeuille)
  • Univ. Virginia prof uses computer to catch cheaters (Richard Kaszeta)
  • Potential timestamp overflow on 9 Sep 2001 (Don Stokes)
  • Excel-lent leaks (Christophe Augier)
  • Foolish wireless network access policies and spam engines (Thor Lancelot Simon)
  • Cops say teen concocted radio calls (Steve Hutto)
  • The RISKS spam crossover has finally taken place! (RISKS)
  • DMV screws up on licenses (PGN)
  • To drive or to avoid identity theft: mutually exclusive? (Brett Glass)
  • Re: Recording industry threatens researcher (Douglas W. Jones)
  • 16th Annual Software Engineering Symposium 2001 (Carol Biesecker)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.40

  • Word file turns into two disjoint texts (Clive Page)
  • Check everyone's Vodafone voicemail (Andrew Goodman-Jones)
  • Car 54, where are you? (David Lesher)
  • Euro risks, part 1 (Paul van Keep)
  • Euro risks, part 2 (Paul van Keep)
  • Thieves R Us (Mike Godwin via Dave Farber)
  • Re: Citibank's meaningless privacy notice (Zygo Blaxell)
  • Re: Using calendar reminder service ... (Nikita Borisov)
  • Re: MSN "upgrade" creates long distance calling (Bob Frankston)
  • Risks of not monitoring field-deployed systems (John Connor)
  • Re: UPS Shutdown (Diomidis Spinellis, Chris Smith)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.41

  • A Hard Left-Cruise Ship's Autopilot blamed for sharp turns (Kelly Bert Manning)
  • Another backhoe reminder (Bernd Felsche)
  • New Bell Canada service: free calls (Dave Isaacs)
  • The Faith-Based Missile Defense (What's New via David Farber)
  • Time to bury proposed software law (Dan Gillmor via Monty Solomon)
  • NZ Electoral Web Site (Richard A. O'Keefe)
  • Osprey, cont'd (Peter B. Ladkin)
  • Our software is *never* wrong (Erann Gat)
  • Risks in scuba equipment (Carl Page)
  • More on that college network/spam (Danny Burstein)
  • Apple Powerbook 'bomb' shuts Burbank airport (Monty Solomon)
  • Re: Space Station software problems predicted four years ago (Bob Frankston)
  • The new Taiwan $1000 bill got the globe backwards (Dan Jacobson)
  • Police frequencies and fake calls (William Colburn)
  • Power safety (Marcus L. Rowland)
  • Ship to Internet (Donn Parker)
  • 2002 ACM Symposium on Applied Computing: SAC '2002 (Cliff Jones)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.42

  • Thought-provoking book on software: David Parnas (Jim Horning)
  • Software Engineering, Dijkstra, and Hippocrates (Michael L. Cook)
  • Lost train (Debora Weber-Wulff)
  • Aimster vs. the recording industry (NewsScan)
  • Converting Pi to binary: DON'T DO IT! (Keith F. Lynch via Russ Perry Jr.)
  • ``The Wind Done Gone'' ban done gone -- with abandon, gone (PGN)
  • FBI arrests dozens for Internet fraud (NewsScan)
  • What they know or don't know about you! (Monty Solomon)
  • EU considers retaining *all* telecom traffic (Dave Weingart)
  • CERT subjected to "just another attack" (NewsScan)
  • Great DoS attack for cell phones (Robert Moskowitz)
  • Office XP modifies what you type: Peter Deegan in Woodyswatch (via Jonathan Arnold)
  • Weatherbug (James Garrison)
  • 37% of programs used in business are pirated (NewsScan)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.43

  • Xcel Energy wants to close Denver call center (William Kucharski)
  • Topeka KS water treatment outage (Jerry James)
  • WA public schools switching to risky new system? (Phil Kos)
  • The World Bank meets on the Internet (Andres Silva)
  • Eurocops want seven-year retention of all phone, Net traffic (Hawkins Dale)
  • McDonald's testing cashless payments (NewsScan)
  • Re: The Faith-Based Missile Defense (Brian Clapper)
  • Re: Parnas's book on software (John Graley)
  • Bugless = utopia (Andrew Fleisher)
  • Another fear of Risks (Bob Frankston)
  • Re: Word file turns into two disjoint texts (Jeanne Sheldon)
  • REVIEW: "Demystifying the IPsec Puzzle", Sheila Frankel (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.44

  • House Science Committee hearings on voting systems (Douglas W. Jones)
  • Swimming-pool changing cubicles (Alan Barclay)
  • Insurer considers Microsoft NT high-risk (Oleg Broytmann)
  • UK Government Gateway blocks non-MS browsers (Chatan Mistry)
  • The risks of clueless marketing (Greg Searle)
  • Computer-generated mail -- too easy to fake? (David G. Bell)
  • Forgery attempt -- risk of identity theft (David Lesher)
  • Sex-offender database risks (RISKS)
  • Crash leaves disabled riders stranded (Jeremy Epstein)
  • BT upgrade: The best laid plans... (John Sullivan)
  • Re: Software Engineering, Dijkstra, and Hippocrates (Scot Wilcoxon, Richard I Cook)
  • Re: EU considers retaining *all* telecom traffic (Michael Weiner)
  • Re: NZ Electoral Web Site (Richard A. O'Keefe)
  • Re: Another Backhoe Reminder (Arthur Marsh)
  • Re: WeatherBug and Gator (David Crooke)
  • Re: 37% of programs used in business are pirated (Jurek Kirakowski, Merlyn Kline)
  • More SMS SPAM (Simon Waters)
  • Re: Lost train (Mark Brader)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.45

  • Ed Felten and researchers sue RIAA, DoJ over right to publish (Declan McCullagh)
  • Billboard error message (Phil Agre)
  • California bill prohibits online gambling (Jim Griffith)
  • Dutch government to act against virtual child pornography (Marcus de Geus)
  • Payday delayed by one day in Belgium (Kris Carlier)
  • Mobile phones to manage truancy - and other free publicity (Nick Brown)
  • Inevitability of risks (Mick Topping)
  • Re: The Faith-Based Missile Defense (S. Alexander Jacobson)
  • Re: Eurocops want seven-year retention of all phone, Net traffic (Morten Norman)
  • Re: Our software is *never* wrong (Scott E. Preece)
  • WSJ/Word change tracking/"MS Tool Lifts Veil on Spin" (Daniel P. B. Smith)
  • Re: Word file turns into two disjoint texts (Lloyd Wood)
  • Steve Gibson: Windows XP Vulnerable; Big ISPs just don't care (Chris Meadows)
  • Re: Office XP modifies what you type (Bear Giles, LShaping)
  • Re: "Hacker Insurance" charges higher rates for Windows systems! (Elana)
  • Re: UK Government Gateway blocks non-MS browsers (David G. Bell)
  • 10th USENIX Security Symposium (Tiffany Peoples)
  • Announcement - 16th Annual Software Engineering Symposium 2001 (Carol Biesecker)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.46

  • Another NY Stock Exchange outage (PGN)
  • California power grid hacked (PGN)
  • PC parrot drives firemen crazy (Merlyn Kline)
  • Computer reports unreported wreck (Chris Norloff)
  • U.K. plans mandatory IP indoctrination for children (Cluebot via Declan McCullagh)
  • Re: Billboard error message (Robert Meineke, Rick Prelinger, John Dallman)
  • Re: Risks of clueless marketing (Jamie McCarthy)
  • Re: Steve Gibson: Windows XP Vulnerable; Big ISPs just don't care (Mike Nuss)
  • Re: Steve Gibson's report and Windows XP "Vulnerabilities" (David Crooke)
  • They're at it again: Internet Explorer Smart Tags in WinXP (Stef Maruch)
  • Re: Office XP modifies what you type (Andy Newman, Jay Jennings)
  • Microsoft, 'Mitigating Factors' and Public Relations (Jackson Ratcliffe)
  • Broken shopping carts (Steve Loughran)
  • How to avoid Internet interruption at AAS meeting (Clive Page)
  • There's no such thing as software `piracy' (Fred Gilham)
  • Re: Another fear of Risks (James K. Huggins)
  • Re: McDonald's testing cashless payments (Jeffrey Jonas, John R Levine)
  • Credit where it isn't due (William Paul Fiefer)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.47

  • Computer train trauma (Lord Wodehouse)
  • Elevator emergency override drowns woman (Daniel Norton)
  • ATM network center flooded (Daniel Norton)
  • Supreme Court ruling on thermal-imaging scanners (PGN)
  • And you thought Keith Lynch was kidding! (PGN)
  • DoD declares unclassified hard drives no longer need be destroyed (PGN)
  • Risks of URL-forwarding services (Justin Mason)
  • New technology for sneaky advertising (Greg Searle)
  • ScanMail's "sophisticated" filtering blocks PRIVACY Forum Digest (Lauren Weinstein)
  • Risks of heuristics and marketers (Dan Birchall)
  • Re: Dutch government to act against virtual child pornography (George Dinwiddie)
  • Security notice for recent EarthBrowser purchasers (Matt Giger via Ben Laurie)
  • Excel date munging: what a difference --four years and-- a day makes (Tom Walker)
  • Dead men produce no documentation (Kirt Dankmyer)
  • REVIEW: "Inside Internet Security", Jeff Crume (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.48

  • Unexpected network congestion: remote consequences of Seti@Home (Steve Loughran)
  • Site puts private cell calls on Web (Bruce Hamilton)
  • European Commission "Net-security" site invaded by hackers (Declan McCullagh)
  • Formula 1's string of control-system failures (Stellios Keskinidis)
  • A320 Incident (Peter B. Ladkin)
  • Re: Computer train trauma (Philip Nasadowski)
  • Lincolnshire University offers first course on rail disasters (Tom Van Vleck)
  • NYSE: "Throw up your hands and reboot" (Chris Norloff)
  • Re: Billboard error messages (David M Chess)
  • Response to LWN's statement about Linux security costs (Kevin Postlewaite via Gerrit Muller)
  • Windows XP adds its own links (George C. Kaplan)
  • Re: Office XP modifies what you type (Andy Newman, Gerard A. Joseph)
  • Re: Steve Gibson's and Windows XP (Chris Dodd)
  • Re: The risks of clueless marketing (Tony Martin-Jones)
  • Re: And you thought Keith Lynch was kidding! (Phil Carmody, Paul Ward, Ken Knowlton)
  • On the deceptiveness of pop-under ads (ocschwar)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.49

  • Passive radar? Removing the cloak of invisibility (What's New via Dave Farber)
  • Therac Returns: Data-entry errors kill five patients in Panama (Allan Noordvyk)
  • WashingtonPost.com real estate database (Nick Laflamme)
  • ebates.com installs Java program on users computer (Bill Tolle)
  • Risks of peer-to-peer in the office (Alpha Lau)
  • PCs used as cash registers (Nick Brown)
  • Software "worm" searches your computer for pornography (NewsScan)
  • Conflicting sensors placed on different parts of the line (Robert Gordon)
  • New world disorder? (Mike Coleman)
  • Security vulnerability databases (Uwe Ohse)
  • Yet another e-commerce error (Leonard Erickson)
  • Re: PC parrot: telephone bird vs. real phone ring (Dan Jacobson)
  • Re: Banning virtual forms of entertainment ((Gerard A. Joseph)
  • Re: Formula 1's string of ... failures (Bob Dubery, Chris Kantarjiev)
  • The magic, fast-food, wand (Rob Slade)
  • QWE2001: Call for Papers and Presentations (SR/Institute)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.50

  • Microsoft bug causing serious nuclear risk? (Dudi Feuer, Michael D. Levi, John Lowry)
  • Fiji has to relive Y2K? (James Paul)
  • Intruder crashes United Arab Emirates' only ISP (Dave Stringer-Calvert)
  • $480,000,000 for sending 9 parcels (Mark Brader)
  • Uncleared disk space and MSVC (David Winfrey)
  • Berlin Bank shows sensitive information (Debora Weber-Wulff)
  • Power outage means wheel chairs on the go (Ray Todd Stevens)
  • Electoral fraud (Tony Finch)
  • Risks in inept election fraud (knhaw)
  • Yet another e-mail filter effect (Jurjen N.E. Bos)
  • Re: Billboard error message (Ben Morphett, Markus Peuhkuri)
  • REVIEW: "Fundamentals of Network Security", John E. Canavan (Rob Slade)
  • 16th Annual Software Engineering Symposium 2001 (Carol Biesecker)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.51

  • CD-eating fungus amongus (Gary Stock)
  • The computer is taking over the train (Hanan Cohen)
  • Trains Ain't Planes, it's plain to see (Daniel P Dern)
  • Eli Lilly e-mail snafu reveals identities of Prozac users (Jeremy Epstein, Allan Noordvyk)
  • Brownouts take out computers in Livermore (Fred Cohen)
  • Phoenix BIOS phones home? (Merlyn Kline)
  • Hacked caller ID? (Alexandre Pechtchanski)
  • Anatomy of an Internet scam (NewsScan)
  • Who watches the watchdog? (Gary Barnes)
  • Autoresponder goes haywire (Joshua M Bieber)
  • Auto-banner ads (Mark Richards)
  • Microsoft pulls controversial Smart-Tag feature (NewsScan)
  • Yearly siren test ... (Marco Frissen)
  • 4 to 6 *million* votes uncounted in 2000 election (PGN)
  • US Voting Systems Standards - available for public comment (Thom Wysong)
  • Re: Electoral fraud (David Hedley, Lindsay Marshall)
  • Re: WashingtonPost.com real estate database (Tramm Hudson)
  • Re: Uncleared disk space and MSVC (John Sullivan, Peter da Silva)
  • Re: The risks of clueless marketing (Toby Riddell)
  • 10th USENIX Security Symposium (Tiffany Peoples)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.52

  • Subject: Re: WashingtonPost.com real estate database (PGN)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.53

  • Dashboard can fire water at sleepy drivers (John Arundel)
  • Polarized sunglasses and car LCD displays don't mix (Henry Baker)
  • Missile defense test radar glitch (PGN)
  • Historical Risk: KORD, and N-1 Engine Failures (Ami Abraham Silberman)
  • Software gives erroneous air navigation reading (Bill Hopkins)
  • Even a fatal error can't kill it (Jim Haynes)
  • Gaffe gives away minister's secrets (Paul Cornish)
  • SSL encryption that isn't (Ron)
  • FBI arrests Russian hacker visiting U.S. for alleged DMCA breach (Declan McCullagh)
  • Savings Bank software upgrade goes awry (Jonathan Kamens)
  • Risk when using "Cut and Paste" (Enrique G. Sauer)
  • Re: The computer is taking over the train (Mark Lomas)
  • Re: Unexpected network congestion: remote consequences of Seti@Home (Eric J. Korpela)
  • Re: "It's public data, so why not a public database"? (Geoff Kuenning)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.54

  • Tunnel fire derails Internet service (NewsScan)
  • Calendar software and departed employee (Lawrence Kestenbaum)
  • U.S. Tax refund inspires Home Depot snail-mail spam (Dawn Cohen)
  • Renewal of digital certificate impeded by secure passphrase (Philip Bragg)
  • Security system update leads to insecurity (Bob Van Cleef)
  • Did download failures increase Code Red's success? (Scott Renfro)
  • "This e-mail doesn't contain any viruses" (Aaro J Koskinen)
  • The risks of moving and identity theft (Harry Erwin)
  • Concerns for identity theft are often unheeded (Monty Solomon)
  • What a gas! (William Paul Fiefer)
  • "Know Your Customer" USPS style (Alex Wexelblat)
  • US Airways credit-card snafu (Jed Graef)
  • Bad domain name? (Gene Wirchenko)
  • Banking and Internet broadcast technologies (Daniel Chalef)
  • Re: Polarized sunglasses and LCD frustration (Stephen A. Boyd)
  • Re: Even a fatal error can't kill it (Phil Anderson)
  • Re: SSL encryption that isn't (Jacob Ofir)
  • MSN security upgrade forces new e-mail address (Ami A. Silberman)
  • ISW-2001 - Call for Participation (Howard Lipson)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.55

  • Oxygen tank kills MRI exam subject (PGN)
  • Software is called capable of copying any human voice (PGN)
  • Software safeguards prevent Solar Sail from separation? (Stanislav Shalunov)
  • Firefighter's phone lines disrupted because of a SMS hoax (Stanislav Meduna)
  • New results on WEP (Adi Shamir via Matt Blaze)
  • FBI hit with Sircam virus that distributes files on your HD (Declan McCullagh)
  • Super-accurate atomic clock hates Sundays (Ken Knowlton)
  • Risks of relationships online (Gary Stock)
  • Apple DNS Entry hacked (Greg Searle)
  • University of Pennsylvania cable cut (Rebecca Mercuri)
  • Cell phones overload 911 in Denver (Richard J. Barbalace)
  • Qwest Wireless erroneously overbills customers by thousands of dollars (Richard Kaszeta)
  • Re: FBI arrests Russian hacker visiting U.S. for alleged DMCA breach (Bill McGonigle)
  • More on the risk of moving and identity theft (Harry Erwin)
  • REVIEW: Bruce Schneier, "Secrets and Lies: Digital Security in a Networked World (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.56

  • NASA data from 1970s lost due to "forgotten" file format (Aaron Dickey)
  • Motorola Stock Drops 99.95%! (Daniel Norton)
  • JDS Uniphase quarterly results hacked? NO! (Dave Isaacs)
  • Freeware app to retrieve passwords from Internet Explorer (Lyle H. Gray)
  • Totally Hip with spyware (Michael F. Maggard)
  • Medical records via e-mail (William Colburn)
  • AS IF: draft-ietf-dnsext-ad-is-secure-03.txt (John Gilmore)
  • Microsoft's PGP keys don't verify (Brian McWilliams)
  • Telling all to the police (Norm deCarteret)
  • Identity theft (Jack Holleran)
  • Risks of profanity filtering (Paul Bissex)
  • Car-door lock remote control activates another car's alarm (Mark Brader)
  • S-not-SL (Mike Albaugh)
  • Re: MSN security upgrade forces new e-mail address (Robert J. Woodhead)
  • No Appleplexy needed (Dave Stringer-Calvert)
  • Re: Autoresponder goes haywire (Richard Johnson)
  • Re: Erroneous air navigation reading (Mike James)
  • Re: Polarized sunglasses and LCD frustration (Chris J Dixon)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.57

  • WEP insecurity (Avi Rubin)
  • European Union strives for openness (Stephen A. Boyd)
  • WinXP blocks some versions of some programs (B. Elijah Griffin)
  • Cyanide for Code Red (Jeremy)
  • I am virus generator? (Bob Frankston)
  • AT&T Worldnet exposes all user passwords (Una Smith)
  • Password changes -- SIGH! (Jim Horning)
  • The risks of online order tracking (Darryl Smith)
  • Mixing advertising and credit-card activation (Bob Green)
  • Techs must report child pornography (Brien Webb)
  • Re: Dutch government and virtual child pornography (Christian Reiser)
  • Re: Super-accurate atomic clock hates Sundays (Phil Kos)
  • What is your area code, really? (Andrew Koenig)
  • Online advertising: Fraud, false positives and a novel DOS attack (John O'Connor)
  • Re: Even a fatal error can't kill it (Terry Brugger, Joe Thompson, John M. Hayes)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.58

  • Half of Norway's banks offline for a week: erroneous keystroke (Nicolai Langfeldt)
  • Danish police break "Safeguard" encryption program in tax case (Bo Elkjaer and Jay D. Dyson via Declan McCullagh)
  • E-Divorce banned in Singapore (Dave Stringer-Calvert)
  • Omron uses GPS to catch a car thief (Monty Solomon)
  • Corrupt Michigan cops abuse police database to stalk, harass (Ed Walker via Declan McCullagh)
  • OT: rot13, practical uses of (Joe Manfre)
  • GA scholarship info exposed (Rachel Slatkin)
  • DoCoMo and thttpd: i-mode DDoS attack! (Jef Poskanzer via Dug Song)
  • Low-grade cryptography (Gene Wirchenko)
  • Automated traffic-camera system has flaws (Dave Kinswa)
  • Risks of the Passport Single Signon Protocol (Monty Solomon)
  • Hotmail catches Code Red (Brian McWilliams via Dave Farber)
  • Toll Road Transponders used to steal food at McDonald's (Arthur Kimes)
  • More Adobe plastering (Peter Wayner)
  • Re: WinXP blocks some versions of some programs (Michael Loftis)
  • Workshop on Trustworthy Elections (David Chaum)
  • REVIEW: "Computer Security Handbook", Hutt/Bosworth/Hoyt (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.59

  • Laser eye surgery (Henry Baker)
  • "You Can't Hide Those Lying Eyes in Tampa" (Adam Shostack)
  • The Internet park bench (Richard Jay Solomon via Dave Farber)
  • PDF backward compatibility failures (Marc Auslander)
  • A lucrative fiasco (Brian Randell)
  • Risks of automatic verification (Geoff Kuenning)
  • Possibility of a Warhol Worm: Complete infection in 15 minutes! (Nicholas C. Weaver)
  • Adobe clarification on spyware article (Gunar Penikis)
  • Danish police: Safeguard Easy not broken; passwords were weak (Bo Elkjaer)
  • Re: OT: rot13, practical uses of (Rich Wales)
  • Re: Georgia scholarship info exposed (Phil Kos)
  • Re: Freeware app to retrieve passwords from Internet Explorer (Marc Roessler)
  • Mutual authentication - not! (Michael Bacon)
  • Re: What is your area code, really? ((Declan McCullagh)
  • Is your phone bill private? Think again... (Ted Lee)
  • Re: Firefighter's phone lines disrupted ... SMS hoax (Stanislav Meduna)
  • Caller ID "hack" not a hack at all (William Kucharski)
  • ANI is NOT Caller ID (Danny Burstein)
  • DoCoMo thttpd is not all.net thttpd (Fred Cohen)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.60

  • Heart-device recalls (PGN)
  • Runway incursions (Andres Zellweger)
  • Cingular wireless goes down in heat wave (PGN)
  • Swisscom Mobile breaks down for 10 hours (Andre Oppermann)
  • Marines face charges in Osprey records falsifications (PGN)
  • Woman stalked by Michigan cop via police databases is murdered (Declan McCullagh)
  • Video crypto standard cracked? (Monty Solomon)
  • Free hotel reservations canceled (Steve Bellovin)
  • Interstate car tags to be photographed and tracked (Steve Holzworth)
  • Hacked caller ID? (Andrew Hilborne)
  • Risks of letting MS not-so-Hotmail do your junk filtering... (Michael Loftis)
  • GPS-guide in car going nuts? (Martin Schulze)
  • The risks of not verifying e-mail addresses (Doug Winter)
  • Re: Mixing advertising and credit-card activation (Sam Garst, Joel Garry)
  • REVIEW: "The Internet Security Guidebook", Juanita Ellis/Timothy Speed (Rob Slade)
  • Dependability and "Open Source" development (Cliff Jones)
  • CFP2002: Call for Proposals (Lance J. Hoffman)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.61

  • Censorship in action: why I don't publish my HDCP results (Niels Ferguson)
  • Florida relies on students, not experts (Adam Shostack)
  • PDAs increasingly vulnerable to hackers (Monty Solomon)
  • Welland Canal Bridge runs into ship (Chris Smith)
  • U.S. Web sites fall short of global privacy standards (NewsScan)
  • DejaGoogle rides again (Dave Weingart)
  • Risks to lose sleep over (Mike Knell)
  • Re: AT&T Worldnet exposes all user passwords (Dylan Northrup, Mike Tuffs)
  • Telephone "*" codes (Alan Miller)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.62

  • Oklahoma whistleblower asked to accept felony conviction (Deborah Weisman)
  • Follow-up on Oklahoma whistleblower (PGN)
  • Wireless security vulnerabilities (PGN)
  • AirSnort! (PGN)
  • Kaiser Permanente (identity withheld by request)
  • Air Force officer mails confidential information to all cadets (Jim Griffith)
  • Re: Avoiding prosecution of the DMCA (David Petrou, Fred Cohen)
  • Re: Why I don't publish my HDCP results (Bill Weitze, David Gillett)
  • Re: rot13 (Mike Perry)
  • Hack the vote? Not in Broward County! (James Paul)
  • Re: Runway incursions (Bill Hopkins)
  • Code Red 9? Code Crimson (Alistair McDonald)
  • AT&T - the computer MUST be right! (Sharon Mech)
  • Re: DejaGoogle rides again (Geoffrey Leeming)
  • Re: Risks of automated junk/spam filters (AlphaLau)
  • Yet another MS Hotmail risk (Kimmo)
  • REVIEW: "SSL and TLS", Eric Rescorla (Rob Slade)
  • Dependable Systems and Networks DSN-2002 Call for Contributions (Anup Ghosh)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.63

  • The Heavens at War: NMD assessed (Pete Mellor)
  • SDI chief says system may not be reliable (PGN)
  • Federal tax returns missing in Pennsylvania (PGN)
  • Hotmail hackable with one line of code (NewsScan)
  • Even dead people use Microsoft software (Jeremy Epstein)
  • More interesting MS certificates (Stuart Prescott)
  • Directory service based on car license plate (Ulf Lindqvist)
  • Re: Air Force office mails confidential information ... (Jay D. Dyson)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.64

  • Temelin nuclear plant software problem (Pete Mellor)
  • Blame the victim: vandalized Web sites may be liable for damages (NewsScan)
  • More risks when driving (Martin Cohen)
  • Risks of "pre-owned" computers (Nick Brown)
  • Microsoft Reader e-books broken (David Farber)
  • AOL silently dropping mail (Simon Waters)
  • eBay fails to protect email addresses of users (Vassilis Prevelakis)
  • Re: Avoiding prosecution of the DMCA (A J Stiles)
  • Risks and madness on the BT Cellnet site (Mike Perry)
  • Not such an equal opportunity (Bill Lamb)
  • Re: Code Red 9? Code Crimson (Bob Frankston)
  • Risks of outsourced check verification (Peter Simpson)
  • Can't hold room, but can bill (Sandy Antunes)
  • Caller ID vs. ANI confusion, again (William Kucharski)
  • Re: Mixing advertising and credit-card activation (John Clarke)
  • REVIEW: "Information Security Management Handbook", Tipton/Krause (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.65

  • More about Star Wars 2: "Letter from America" (Pete Mellor)
  • The Heavens at War: NMD assessed (Leonard Erickson)
  • Getting the Facts Out - Announcing "FACT SQUAD" (Lauren Weinstein)
  • Citibank ATM network outage (Joshua L. Weinberg)
  • France Telecom inadvertent disclosure blamed on "computer error" (Peter Campbell)
  • Photo tickets dismissed in San Diego (Jim Griffith)
  • Web filter considered harmful (Thomas Roessler)
  • Early morning phone call angers citizens (Barry Hurwitz)
  • New software lets managers search e-mail (Jonathan Leffler)
  • Consumer Reports password policy risks (Bill Bumgarner)
  • Norton Personal Firewall (Ben Laurie)
  • Solar parking meters are a bad idea in wet Britain (David Mediavilla Ezquibela)
  • Sacramento woman denied $2.8 million jackpot (Max)
  • Accidental disclosure (Gene Spafford)
  • Re: Air Force office mails confidential information (Maj. John Robinson)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.66

  • 11 September 2001 in retrospect (PGN)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.67

  • Aftermath of 11 September 2001 (PGN)
  • GAO reports on terrorism (Monty Solomon)
  • Warding off cyberterrorist attacks (NewsScan)
  • Hackers face life imprisonment under 'Anti-Terrorism' Act (Monty Solomon)
  • Gartner "Nimda Worm shows you can't always patch fast enough" (Alistair McDonald)
  • Hacker re-writes Yahoo! news stories (Gary Stock)
  • YAHA: Yet Another Hotmail Attack (Alistair McDonald)
  • Hackers and others win big in Net casino attacks (Ken Nitz)
  • Creator of Kournikova virus gets 150 hours of community service (Abigail)
  • "Good Samaritan" hacker pleads guilty to breaking and entering (Declan McCullagh)
  • U.S. court shuts down deceptive Web sites (Jim Griffith)
  • Report on vulnerabilities of GPS (Joseph Bergin)
  • All public hospitals in Gothenburg Sweden Crippled by nimda (Peter Håkanson)
  • Y2K flaw blamed for Down's Syndrome test errors (Les Weston)
  • Re: Oxygen tank kills MRI exam subject (PGN)
  • E-voting in Australia (Tony Jones)
  • Australians voice anger over online spying (Monty Solomon)
  • World Trade Center in RISKS (Jay R. Ashworth)
  • We only reveal a few digits of your account number, don't worry (Dan Jacobson)
  • X-ray machine risk (Asa Bour)
  • Increasing RISKS of UPPER CASE (Stuart Prescott)
  • 2002 USENIX Annual Technical Conference - Call for papers (Ann Tsai)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.68

  • Rocket plunges into Indian Ocean (PGN)
  • New interest in network security (NewsScan)
  • Another unitary transformation (Rodney Polkinghorne)
  • AOPA's TurboMedicalsm eases medical application process (Richard Glover)
  • Ham radios in the aftermath of 11 September 2001 (Richard Murnane)
  • 11 Sep 2001: Risks of electronic surveillance (Gisle Hannemyr)
  • Re: "The Risks Are Obvious" (Amos Shapir)
  • Risks of bogus e-mail addresses "FROM: ObL" (Peter Wayner)
  • Remote control of airliners (Steve Bellovin)
  • Re: Oxygen tank kills MRI exam subject (Leonard X. Finegold)
  • MS Front Page 2002 Licence Agreement (Alistair McDonald)
  • Re: Creator of Kournikova virus gets 150 hours ... (Gene Berkowitz)
  • Re: Hacker re-writes Yahoo! (Mark Hull-Richter)
  • Trusted Computing, and Embedded and Hybrid Systems - new NSF programs (Wm Randolph Franklin)
  • Computer Security Applications Conference + Advance Program (Jay Kahn)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.69

  • New class of wireless attacks (Gary McGraw)
  • Reducing risks to hospital patients (Mike Martin)
  • Ukraine missile apparently downs Russian airliner (Hanan Cohen)
  • SirCam redux (Gavin Scott)
  • A risk from Excel and Outlook (Will Middelaer)
  • Outlook for Thanksgiving (Patrick Lincoln)
  • Billion-seconds bug (Massimo Dal Zotto)
  • Risks of undocumented 'standards' (Lloyd Wood)
  • Re: Ham radios in the aftermath of 11 September 2001 (Todd Jonz, Mitch Collinsworth)
  • Re: Remote control of airliners (Alan Wexelblat)
  • Re: Sincerely yours, *Not* Osama bin Laden? (Nick Brown)
  • Re: TurboMedical (Dick Karpinski)
  • Public information campaign on privacy (Ben Hutchings)
  • Re: Hackers and others win big in Net casino attacks (R.S. Heuman)
  • REVIEW: "The CERT Guide to System and Network Security Practices", J.H. Allen (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.70

  • "Glitch" assigns votes to wrong candidate (Tom Malaher)
  • Pregnant chad revisited (Douglas W. Jones)
  • Internet voting, revisited (Marcus de Geus)
  • LA County voting machine status report (David Schneider)
  • Stray bomb caused by typo (Tim Hollebeek)
  • Jet engine starter motors (Ben Laurie)
  • Your stolen Passport (Monty Solomon)
  • Re: A Risk from Excel and Outlook (Martin Torzewski)
  • Euro changeover (Douglas Long)
  • Re: Outlook for Thanksgiving (Edward Reid, Conor O'Neill)
  • Re: Risks of bogus e-mail addresses "FROM: ObL" (Sascha Mattke)
  • Improper address-change validation (Leonard Erickson)
  • Re: Ham radios in the aftermath of 11 Sep 2001 (Jack Decker)
  • ACM Forum on Legal Regulation of Technology (Edward W. Felten)
  • International Conference on COTS-Based Software Systems (Carol Biesecker)
  • REVIEW: "Viruses Revealed", Robert M. Slade/David Harley/Urs Gattiker (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.71

  • With Mars probe maneuver, NASA finally catches a brake (inthenews)
  • DB and WWW on one machine in Australian election (Andrew Goodman-Jones)
  • Web defacement and cyberattacks (Dave Stringer-Calvert)
  • Hacker cracks Microsoft anti-piracy software (Monty Solomon)
  • Are spammers getting sneakier? part 1 (Rob Slade)
  • Are spammers getting sneakier? part 2 (Rob Slade)
  • Redesi virus (Rob Slade)
  • The British BSE crisis (Anthony W. Youngman)
  • Pregnant chad revisited (Fred E. Ballard)
  • Re: Stray bomb caused by typo (Dan Jacobson)
  • Non-risk, re: Jet engine starter motors (Ben Laurie)
  • Re: Euro changeover (Otto Stolz)
  • Re: Improper address-change validation (Chuck Falconer)
  • Cutting through hype, spin, and propaganda - "Fact Squad Radio" (Lauren Weinstein)
  • Re: Ham radio and Morse Code (Scott K. Ellis, Skip La Fetra)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.72

  • TD Bank Canada system crash (Richard Akerman)
  • ANOTHER SRI-wide Power Outage (PGN)
  • ACT Election Electronic Voting (Josh Polette)
  • Project Liberty (Jay R. Ashworth)
  • Re: Are spammers getting sneakier? (Crispin Cowan)
  • Re: Are spammers getting sneakier? - Yes, they are (Greg Searle)
  • USPS correction (Ken)
  • NSF Trusted Computing program (Carl E. Landwehr)
  • REVIEW: "Malicious Mobile Code", Roger A. Grimes (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.73

  • FAA Asleep at the Control Column? (Bill Duncan)
  • Jilted boyfriend hacked into ex-girlfriend's Internet bank account (PGN)
  • Kids' learning game site becomes porn site (PGN)
  • Anonymous e-mailer convicted of cyberstalking (Declan McCullagh)
  • Sony uses DMCA against Aibo Enthusiast's Site (Monty Solomon)
  • RU-Blue? or RU-Yellow? (PGN)
  • DeCSS is Speech (James S. Tyre via David Farber)
  • Risks of concentrated power and the surveillance state (Peter Wayner)
  • Risk of monoculture and exponential false AV positives (Devon McCormick)
  • Fake ID anyone? (Tim Rushing)
  • Bank assets disappear, convert customers into Euro-peons (Paul van Dijken)
  • DoS attack on Mac OS9 (Erann Gat)
  • Conference management software reveals "hidden" authors (Michael Ortega-Binderberger)
  • Insecure promo from American Express (Cameron Simpson)
  • Re: ACT Election Electronic Voting (Henry Grebler)
  • Re: TD Bank Canada system crash (Przemek Skoskiewicz)
  • Re: Stray bomb caused by typo (James R. Cottrell Jr.)
  • Re: Int. Conf. on COTS-based Software Systems (Kearton Rees)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.74

  • Programming error scrambles election results (Geoff Kuenning)
  • Yet another Internet voting risk (Rebecca Mercuri)
  • Election problems before the election in Virginia (Jeremy Epstein)
  • Possible radiation therapy risk (Herbert Kanner)
  • Risks of belief in identities (PGN)
  • Stealing MS Passport's Wallet (Mike Hogsett)
  • Security hole in cash machines (Andrew Brydon)
  • UK: liberties fears over mobile-phone details (Monty Solomon)
  • Dutch police 'bombard' stolen cell phones with SMS (Monty Solomon)
  • Australian computer hacker jailed for two years (Peter Deighan)
  • Even professional organizations forget about certificate expiration (Jeremy Epstein)
  • Children's medical records released on the Web (Conrad Heiney)
  • Glitch in iTunes Deletes Drives (Monty Solomon)
  • Dates in Visual Basic (John Sullivan)
  • Excel and non-decimal dots (magical via Mark Brader)
  • Sweden's public radio reportedly bans SETI from office computers (Ulf Hedlund via Declan McCullagh)
  • Random failures (Andrew Brydon)
  • Re: Another SRI-wide Power Outage (Marcus L. Rowland)
  • Re: Kids' learning game site becomes porn site (Daniel P. B. Smith, Ian Young, Paul Bowers)
  • Re: DeCSS is Speech (Amos Shapir)
  • Re: DoS attack on Mac OS9 (William Kucharski, Carl Maniscalco)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.75

  • Feds make record counterfeit software seizure (NewsScan)
  • Google freely giving out your phone number and home address (Derek Ziglar)
  • Researchers probe Net's 'dark address space' (Kevin Poulsen via Dewayne Hendricks and David Farber)
  • A large risk of national ID cards (Adam Shostack)
  • Re: Programming error scrambles election results (Hamish Marson, Phil Kos)
  • Re: DoS attack on Mac OS9 (Erann Gat)
  • IP: Announcing URIICA - For the Sake of Internet Users Everywhere (PGN)
  • REVIEW: "Internet and Computer Ethics for Kids", Winn Schwartau (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.76

  • Many Federal computers fail hacker test (PGN)
  • 800 directory "assistance" redirecting calls (Brett Glass via Dave Farber)
  • Paperless billing and opening a bank account (Ian Chard)
  • Microsoft IE Javascript cookie disclosure vulnerability (Max)
  • Metro Headline: "Windows hacked in hours" (Chris Leeson)
  • Windows XP accounts by default are administrator, with no password (Jonathan Epstein)
  • Toaster failures (Tom Hackett)
  • Trick the user with Outlook XP and possibly others (Nathan Neulinger)
  • Re: Dates in Visual Basic (Nick Brown)
  • Re: Excel and non-decimal dots (Mark Brader)
  • Porn spam being sent in my name (Nickee Sanders)
  • Re: Kids' learning game site becomes porn site (Dan Fandrich, Malcolm Pack)
  • Computers & bureaucracy help spread of foot & mouth disease (Charles Shapiro)
  • Re: Another SRI-wide power outage (Kelly Bert Manning)
  • REVIEW: "White Hat Security Arsenal", Aviel D. Rubin (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.77

  • FBI targets suspects' PCs with spy virus (NewsScan)
  • A tell-all that ZD would rather ignore (Declan McCullagh via Monty Solomon)
  • Risks with automated counting of ballot papers: Australia (Chris Maltby)
  • Evolution, Thermodynamics, and Software Bugs (William Colburn)
  • Re: Programming error scrambles election results (Paul Terwilliger, Ralph Barone, Richard Stein, Edward Reid, Bob Dubery)
  • Re: Researchers probe Net's 'dark address space' (Scott Peterson)
  • Fun with automated car washes, or the importance of interface design (Aaron M. Ucko)
  • Re: Feds make record counterfeit software seizure (Denis Haskin)
  • Re: Glitch in iTunes Deletes Drives (Paul Ward, Geyser Admin)
  • Re: Sweden's public radio reportedly bans SETI... (Nick Brown)
  • Re: Telephone Area Code (Patrick O'Beirne)
  • Re: Google freely giving out ... (Rebecca Wright)
  • Re: DoS attack on Mac OS9 (David Cake)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.78

  • Playboy says hacker stole customer info (Monty Solomon)
  • Euro changeover risk (Carl Fink)
  • The cure is only slightly worse than the disease... (Russell Stewart)
  • My daughter is failing high school! (Jeremy Epstein)
  • Network Solutions ad inadvertently names my domain (Fredric L. Rice)
  • Another date risk (Leonard Erickson)
  • Re: Researchers probe Net's 'dark address space' (Arthur Smith)
  • Glitch in iTunes Deletes Drives (Dave Katz)
  • Re: FBI targets suspects' PCs with spy virus (R.S. Heuman, Rob Slade)
  • RISKS-21.77 was rejected by some filters (PGN)
  • Re: Porn spam being sent in my name (Andrew Klossner)
  • Re: Programming error ... (David Gillett)
  • Re: Toaster failures (Marcus Didius Falco)
  • The more things change (Mike Albaugh)
  • Re: IP: 800 directory "assistance" redirecting calls (Rob Bailey, Clay Jackson)
  • Re: National ID cards (Henry Baker)
  • Re: Windows XP accounts by default are administrator with no password (Mark Wilkins)
  • Let's get really paranoid about e-mail and spam... (Allan Hurst)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.79

  • Harry Potter related risks (Richard Akerman)
  • Phone banking hiccups (Geoffrey Brent)
  • Risks of the space character in Unix filenames (Diomidis Spinellis)
  • FBI: home-grown terrorists (Scrounger)
  • Misdirected criticism of Google (Chris Adams, Gary McGraw)
  • Re: Mobile phone jamming (Markus Kuhn)
  • Re: Stupid virus filters (Leonard Erickson)
  • Re: Let's get really paranoid about e-mail and spam (Skip La Fetra)
  • REVIEW: "The CISSP Study Guide", Ronald L. Krutz/Russell Dean Vines (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.80

  • Badtrans "worm" can capture keystrokes (NewsScan)
  • Records stolen in Auckland (Richard A. O'Keefe)
  • Calif info: Ask and you shall be removed ... but you've got to ask (NewsScan)
  • "Light turnout" for election (G R Rhodes)
  • The destruction of 7 WTC (Jacob Harris)
  • Connecticut Attorney General website wants Microsoft browsers? (Ed Ravin)
  • How to crash a phone by SMS (Monty Solomon)
  • The Web Never Forgets (Monty Solomon)
  • Risks of computer security education (David Friedman)
  • Re: Let's get really paranoid about e-mail and spam (Walter Dnes, Jason Bennett)
  • Re: Risks of the space in Unix filenames (David A. Moon, Richard A. O'Keefe)
  • REVIEW: "Hackers Beware", Eric Cole (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.81

  • Trader's error causes multi million-dollar loss (George C. Kaplan)
  • Security hole at WorldCom left internal computer networks at risk (PGN)
  • Judge ordered hack of Interior Department trust fund system (James H. Paul)
  • NatWest bank turns debits into credits (Bob Buxton)
  • Cops get speeding tickets from cameras (Monty Solomon)
  • Gwinnett County GA keeps prison inmates list online (Nick Brown)
  • "Late-night" Internet-porno-ban (Debora Weber-Wulff)
  • Optimizations at kiosks can be costly (Seth Arnold)
  • Grocery self-checkout risks (Scott Nicol)
  • Swedish police reportedly doctor video evidence, admit it (Jerry via Declan McCullagh, Ulf Lindqvist)
  • E-voting and international law (Lucas B. Kruijswijk)
  • Re: "Light turnout" for election (Andrew Fleisher)
  • Re: Connecticut AG website wants Microsoft ... (Roland Roberts, Nathan Sidwell)
  • Re: PLEASE REMOVE me from the CAL database (RootsWeb HelpDesk)
  • Re: REVIEW: "Hackers Beware", Eric Cole (Mark Brader)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.82

  • Cisco accountant's fraud (David Weitzel)
  • "The Missile Defense Hoax" (Lauren Weinstein)
  • Military intelligence at its best? (Terry Labach via Alan Wexelblat)
  • Office XP, Windows XP may send sensitive documents to Microsoft (David Farber)
  • MS Word XP "autocorrects" my name (Arnold Weissberg)
  • P3P, IE6 and Legal Liability (Ben Wright)
  • SMS phone crash exploit a risk for older Nokias (Monty Solomon)
  • Identity theft without prior knowledge of social security number (Identity withheld by request)
  • FBI may not appreciate the risks with Carnivore sniffing E-Mail (Fredric L. Rice)
  • Number takes prime position (technews)
  • Radio-synchronised alarm clocks (Jonathan D. Amery)
  • Computer will drives 820 passengers at 68 mph (Daniel Norton)
  • Re: "Late-night" Internet-porno-ban (Debora Weber-Wulff)
  • Re: Risks of various characters in Unix filenames (Duncan MacGregor, Bennet S. Yee)
  • NetSOL vs. PGP: Risks of a crypto company owning a registrar? (R. A. Hettinga)
  • Swedish police reportedly doctor video evidence, admit it (Michael Walsh)
  • Followup to: Savings Bank software upgrade goes awry (Jonathan Kamens)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.83

  • Error at Board of Studies (Pete Mellor)
  • Wiretapping equipment compromised: FBI, CALEA (Michael E. Goldsby)
  • Security problems in Microsoft and Oracle software (NewsScan)
  • Latest Windows versions vulnerable to unusually serious attacks (Monty Solomon)
  • Software glitch grounds new Nikon camera - Tech News - CNET.com (Craig Mautner)
  • Secure in, insecure out (Jeremy Epstein)
  • Assume no safety ... (Peter Houppermans)
  • Re: Identity theft without prior knowledge of SSN (Brett Harmond)
  • Mersenne prime exponent wrong (Ken Knowlton)
  • Re: Computer will drive 820 passengers at 68 mph (Ian Entecott, Jonathan Thornburg, Curt Sampson, Jeff Jonas, Jacob Sparre Andersen, Anthony W. Youngman, Andrew Roberts, Jens Braband, Jerrold Leichter)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.84

    Issue 21.85

  • Yokoh Satellite loses control (Paul Saffo)
  • More medical risks (Clay Jackson)
  • Bogus dates for McAfee virus alerts (William Colburn)
  • Re: Harvard admissions e-mail bounced by AOL's spam filters (Simon Waters, Danny Burstein, Gordon Zaft)
  • Re: "Buffer Overflow" security problems (Nicholas C. Weaver, Dan Franklin, Kent Borg, Jerrold Leichter, Henry Baker)
  • Re: Software glitch grounds new Nikon camera (Dave Gillett)
  • REVIEW: "Incident Response", Kenneth R. van Wyk/Richard Forna (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.86

  • Credit-card cloners' $1B scam (Monty Solomon via David Farber)
  • Mag-stripes on retail gift cards (Tim Christman)
  • Luton schoolboy profits from Euro chaos (Clive Page)
  • Another Euro surprise (Otto Stolz)
  • A Web site about PC security asking to lower PC/browser security (Koos van den Hout)
  • Other blunders on "secure" Web sites (Skip La Fetra)
  • Re: Harvard admissions e-mail bounced by AOL spam filters (Fredric L. Rice)
  • User Web habits tracked by some music-swapping programs (NewsScan)
  • Kaiser Permanente exposes medical record numbers (J Debert)
  • ATT ignores it's own privacy policy? (J Debert)
  • Peoples Federal Savings Bank explains their interest calculations (Jonathan Kamens)
  • Re: "Buffer Overflow" security problems (Stephen Steel)
  • Re: "Buffer Overflow" security problems and PL/I (Kelly Bert Manning)
  • Buffer overflows aren't the only issue (Rex Black)
  • Separate I and D spaces (Mike Albaugh)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.87

  • Exploding chips: Would you like to be fried with that? (Rob Slade)
  • Hospital tells elderly men they're pregnant (Arthur Goldstein)
  • Automated Debit: "There's nothing we can do to stop it." (Carl Fink)
  • Even unscientific elections get rigged (Jeremy Epstein)
  • The risks of standards and validators (Lindsay Marshall)
  • Buffer overflows and other stupidities (Earl Boebert)
  • Windows update server glitch (Mike Hogsett)
  • An outrageous violation of privacy (Fred Cohen)
  • Risks of Internet Reconfigurable Logic (John Gilliver)
  • Linked DMV databases and biometrics on driver's licenses (Ben Rosengart)
  • Facial recognition technology doesn't work (Nick Brown)
  • Honolulu speed camera risk: mainly human error (Dan Birchall)
  • AOL Buddy-Hole fix has backdoor (Robert Andrews)
  • Reinventing snake oil: compression (Jeremy Epstein)
  • Re: Airplane takes off without pilot (Paul Nelson)
  • Re: Software glitch grounds new Nikon camera (Nickee Sanders)
  • Re: Kaiser Permanente exposes medical record numbers (Geoff Kuenning)
  • Re: ING bank debits wrong sum from accounts (Paul van Keep)
  • REVIEW: "Counter Hack", Ed Skoulis (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.88

  • Bulgarian parliament against weight loss (Jonathan Larmour)
  • Pope loves Internet, but wants "anti-depravity regulation" (Declan McCullagh)
  • Unshredders (PGN)
  • Newspaper archives (Roger Needham)
  • Virginia county recalls student laptops (NewsScan)
  • Software uncovers e-mail untruths (NewsScan)
  • Georgia Tech anti-cheating software (Walter Roberson)
  • Anthrax mail irradiation can affect electronic devices in postal mail (Thomas Dzubin)
  • Health insurer computer changes delay payments... (Don Mackie)
  • Excel cut-and-pasting behaviour (Geoffrey Brent)
  • Lotus Notes silently losing data (Erling Kristiansen)
  • Woman says telephone makes unsolicited calls (Carl Fink)
  • Answering machine provides door entry code (Benjamin Elijah Griffin)
  • Microsoft using predictable passwords for Passport? (Rodger Donaldson)
  • Re: Other blunders (Brett)
  • Re: Kaiser Permanente exposes medical record numbers (George C. Kaplan)
  • Re: Bogus dates for McAfee virus alerts (David Blakey)
  • Re: AOL's spam filters (Jay Levitt)
  • Call for Participation Open Source Software Development Workshop (Cliff Jones)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.89

  • Wireless technology criticized for vulnerabilities (NewsScan)
  • Wireless bypassing the firewall (Jeremy Epstein)
  • Free airport wireless network, and spam launcher (Mike Hogsett)
  • Consumer beware: Are you really there? (Rob Graham)
  • Risks of deceptive characters in URLs: Gabrilovich/Gontmakher (PGN)
  • Water line break closes 911 center & police department (Dave Bank)
  • New official self-service litigation system available in England & Wales (Tony Ford)
  • Royal chat session failed (Erling Kristiansen)
  • Risks of bouncing e-mail (Nick Brown)
  • Stupid defaults in database conversion (Paul Wallich)
  • Spam prevention gone too far (Jonathan Kamens)
  • BBC News: Iceland places trust in face-scanning (Chris Leeson)
  • Brisbane ISP in court (Peter Deighan)
  • RSA Conference e-mail has tracking bugs (Rex Sanders)
  • Re: Buffer overflows and other stupidities (Earl Boebert)
  • Re: Software uncovers e-mail untruths (Russ Perry Jr)
  • Remote mobile phone configuration changes via SMS service (S. Llabres)
  • REVIEW: "Algebraic Aspects of Cryptography", Neal Koblitz (Rob Slade)
  • Infowar Con 2002, call for papers (Winn Schwartau)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.90

  • Software bug blamed in radioactive spill (Adam Shostack)
  • CT unemployment insurance folk mail out "off by one" letters (Danny Burstein)
  • Adult content filter considers MSDN Flash as "Unwanted adult spam" (G.J. Dekker)
  • HP annual report bitten by spelling software (Jim Griffith)
  • Turning Macs on Thievery (Monty Solomon)
  • Instructive story (Edward W. Felten)
  • E-commerce website automatic response proves costly (Brian Ally)
  • Automated upgrade means no statistics (Paul Roberts)
  • Yet another Microsoft Outlook exploit (Bear Giles)
  • Bug in MS Excel? (Alberto)
  • Re: Excel cut-and-pasting behaviour (Peter Jeremy)
  • UK to try remote voting (Merlyn Kline)
  • Miami-Dade OKs touchscreen voting (David E. Price)
  • Re: Even unscientific elections get rigged (Joe Thompson)
  • Re: Woman says telephone makes unsolicited calls (William Kucharski)
  • More Kaiser followup (Geoff Kuenning)
  • Re: REVIEW: "CISSP Examination Textbooks", S. Rao Vallabhaneni (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.91

  • Microsoft C++ feature against buffer overflows itself vulnerable (Gary McGraw)
  • Hole found in Net security program (Bill Hopkins)
  • Security flaw in Sony Vaio computers (Monty Solomon via Dave Farber)
  • Computer controller crane goes wrong (Jeff Jonas)
  • Election risks from lack of randomization (Keith Price)
  • Search engines may give you the wrong e-mail address (Robert Marshall)
  • Hotel Internet access (Christian Holz)
  • "Secure" credit-card transactions with new Amstrad e-mailerplus (Merlyn Kline)
  • Officer calls for refund of 'speeding' fines (Monty Solomon)
  • Risks of the rise of PowerPoint (Andrew Main)
  • Microsoft and English (Toby Gottfried)
  • Re: Bulgarian parliament against weight loss (Valentin Razmov)
  • Bill payer system silently changes payments (Phil Weiss)
  • Social Security Numbers printed on tax envelopes (Steve Klein)
  • Virus writers aren't playing fair (William Colburn)
  • Re: Homograph risks (Merlyn Kline)
  • Survey finds security lax at nonprofits (Audrie Krause)
  • REVIEW: "Zimmerman's Algorithm", S. Andrew Swann (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.92

  • Patriot misses again (Lord Wodehouse)
  • Researchers claim to crack Wi-Fi security (Monty Solomon)
  • When machine metadata fails, address humans (Diomidis Spinellis)
  • Unwitting cell calls swamp 911 systems (Monty Solomon)
  • Abuse of intercept capabilities: 'Tampa' affair (Geoffrey Brent)
  • PayPal's tenuous situation (Jeff Jonas)
  • Ice-skating judging solution (Ken Knowlton)
  • Re: Miami-Dade OKs touchscreen voting (Alan Brain)
  • An unlocked system can be compromised quickly (Greg Searle)
  • Dangerous characters (Mark Lomas)
  • Computerized assistance with non-standard punctuation (David Piper)
  • Re: Homograph problems (Geoffrey Brent)
  • What's a buffer overrun problem? (William P. N. Smith)
  • Sorry, that number is now in service (Gene Spafford)
  • Re: Officer calls for refund of 'speeding' fines (Henry Baker)
  • Re: Social Security numbers on tax envelopes (Robert Ellis Smith)
  • The Security Risks of Programs That Automatically Update (Scott Schram)
  • New Security Conference - GOVSEC, Call for Presentations (Jack Holleran)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.93

  • Malfunction shuts down computer-controlled amusement park ride (Chuck Hardin)
  • A$ 22,000 in fines for missing car-toll transponder (Peter Trei)
  • Air Transat emergency landing (John Johnson)
  • Nick Petreley: Identity theft (Anthony W. Youngman)
  • Metro: Time runs out for Domesday discs (Chris Leeson)
  • RISKS to computers from society (Arthur J. Byrnes)
  • Corporate Web sites leave cold steely feeling (Dan Jacobson)
  • Tunneling too close to the person you're trying to protect: SafeWeb (David Martin)
  • Privacy risk in Netscape 6 (Sim IJskes)
  • Electronic Voting in Ireland (Peter Thornton)
  • Re: Miami-Dade OKs touchscreen voting (Les Barstow, Mark Nelson)
  • Re: The homograph problem (Partha)
  • Re: Dangerous Characters (Dick Botting, Darrell Fuhriman, Bill McGonigle)
  • REVIEW: "Security Fundamentals for E-Commerce", Vesna Hassler (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.94

  • Runaway remote-controlled coal train (PGN-ed from Dan Swinehart)
  • LED lights can reveal computer data (NewsScan)
  • Yet another case of a program changing your input (Vassili Prevelakis)
  • Loosing It's Grammer Skill's (Greg Searle)
  • .org.au, .gov.au, .edu.au domain hijacking through lax security (Grant Bayley)
  • Amendment to add life prison terms for reckless hacking (Len Lattanzi)
  • The computing battlefield (Jon P)
  • Military palmtop will direct air strikes using WinCE (David Wagner)
  • The next step in malicious spam (Joe Faber)
  • The RISK of ignoring permission letters (Timothy Knox)
  • Re: Air Transat Incident, Aug 24, 2001 (Peter B. Ladkin)
  • Re: Malfunction shuts down ... amusement park ride (Stanislav Meduna)
  • Re: PayPal's tenuous situation (Max)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.95

  • ATTBI / Eudora / SSL (Jock Gill via Dave Farber)
  • 'Phantom Menace' typing is just a Microsoft speech feature (Dale Hawkins)
  • Re: Yet another case of a program changing your input (Gene Wirchenko)
  • Re: Air Force seeks better security from Microsoft (Tom Poe, Jei)
  • Disclaimers (Michael Bacon)
  • Re: Loosing It's Grammer Skill's (Michael Bacon, Klaus Brunnstein, Mike Albaugh, Merlyn Kline, Dave Williams)
  • Re: The RISK of ignoring permission letters (Rob Slade, Greg Searle, George C. Kaplan, Michael Bacon)
  • Re: Welland Canal Bridge runs into ship (Dave Gillett)
  • Re: LED lights can reveal computer data (Nick Simicich, Peter B.)
  • REVIEW: "Incident Response", Kevin Mandia/Chris Procise (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.96

  • Airbus A300 "BSD" Incident from 1997 (Peter B. Ladkin)
  • Airbus A320 Cross-Wired Sidestick Incident (Peter B. Ladkin)
  • Out with pilots, in with pibots (Erling Kristiansen)
  • Risks of Unicode and WSIWYG (Len Spyker)
  • Thousands seek Ladonian citizenship over the Internet (PGN)
  • Risks of inadequate testing, yet again (Tony Lima)
  • Hacking with a Pringles tube (Chris Leeson)
  • Re: LED lights can reveal computer data (Tramm Hudson, Colin McEwen)
  • Re: Loosing It's Grammer Skill's (Mike Albaugh)
  • Re: Sorry, that number is now in service (Jay D. Dyson, Gene Spafford, Jay D. Dyson, James Graves, Gene Spafford)
  • Re: Disclaimers (J F Hitches)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.97

  • Overcoming ICANN: Forging Better Paths for the Internet (PFIR)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.98

  • Friendly Fire deaths traced to dead battery (Jamie McCarthy, KNHaw)
  • British Air Traffic Control system outage (Alistair McDonald)
  • Clinton cartoon carries virus (NewsScan)
  • Low-tech election risks: mice (Mike Martin)
  • Black box or Pandora's box? (Monty Solomon)
  • eBay identity theft (Scott Nicol)
  • Software "glitch" changes the colour of the universe (Pete Mellor)
  • Bioinformatics start-of-the-art (Richard A. O'Keefe)
  • Windows XP disables own firewall (Scott Miller)
  • Re: LED lights can reveal computer data (Anthony DeRobertis)
  • Re: Disclaimers (Malcolm Cohen)
  • Re: PayPal's tenuous situation (Ray Todd Stevens, Alun Jones)
  • Re: The RISK of ignoring permission letters (Gene Spafford, Ray Blaak)
  • Pearl Harbor Dot Com, by Winn Schwartau (PGN)
  • REVIEW: "Authentication: From Passwords to Public Keys", R.E. Smith (Rob Slade)
  • Abridged info on RISKS (comp.risks)
  • Issue 21.99

  • Info on RISKS (comp.risks), contributions, subscriptions, FTP, etc.
  • SUMMARY OF RISKS VOLUME 21 (15 August 2000 to 29 March 2002) (NOTE: This summary is archived in ftp file risks-21.00 at ftp.sri.com, cd risks, and is also at http://catless.ncl.ac.uk/Risks/21.00.html.)