Issue 23.00
Info on RISKS (comp.risks), contributions, subscriptions, FTP, etc.
SUMMARY OF RISKS VOLUME 23 (November 2003 to ...) (NOTE: This summary is archived in ftp file risks-23.00 at ftp.sri.com, cd risks, and is also at http://catless.ncl.ac.uk/Risks/23.00.html.)
Issue 23.01
Credit agencies sending our files abroad (David Lazarus via Paul Saffo)
Crypto screwup: Sensitive Israeli missile test inadvertently broadcast (Craig S. Bell)
A new risk for electronic voting (Jeremy Epstein)
California Halts E-Vote Certification (Kim Zetter via Monty Solomon)
Touch screen voting -- like Web site maintenance? (William Nico)
Irish Labour Party urges suspension of e-voting until flaws addressed (Patrick O'Beirne)
E-ZPass, UPS, and Newark Airport (Susan Landau)
Microsoft puts a price on the heads of virus writers (NewsScan)
Microsoft patches their patched patches (Robert Bruce Thompson via Dave Farber)
Remember those jokes about "if AT&T built cars?" (Daniel P.B. Smith)
Duh! an electronic signature! (Geoff Kuenning)
Paying employees is not rocket science (Paul Robinson)
Another victim of the d__n bad-word filter! (Adam Abrams)
REVIEW: "High Integrity Software", John Barnes (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.02
Eurofighter Typhoon brake fault (Peter B. Ladkin)
Computers in cars: "When you add complexity you add risks" (NewsScan)
Mail-order price-listing typo cost company over $2 million (Chiaki Ishikawa)
New election to be held due to technical glitch (Kim Alexander)
Vanishing votes; wireless security experts (Rebecca Mercuri)
Fairfax County electronic voting: the saga continues (Jeremy Epstein)
Thwarted Linux backdoor (Douglas W. Jones)
Talk of wiretaps rattles Hollywood (Bernard Weinraub via Monty Solomon)
Update: Fun with stolen credit-card numbers (Jonathan Kamens)
Re: SPARK Ada in "High Integrity Software" (Peter B. Ladkin)
Re: goto in Slade's review of "High Integrity Software" (Martin Cohen, Andrew Dalke)
Marcus Ranum: The Myth of Homeland Security (PGN)
REVIEW: "The GSEC Prep Guide", Mike Chapple (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.03
Whirled-Wide Web (Bertrand Meyer)
TAB operator error in punter's favour (David Shaw)
Astonishing electronic voting "glitch" (Steve Summit)
The computer is ALWAYS right (Charles Lamb)
Re: California halts e-vote certification (David E. Ross)
More on Diebold installing uncertified software in California (PGN)
Re: A new risk for electronic voting (Steven M. Bellovin)
Report raises more questions about voting machines (EPIC)
Belkin: Another protocol-violation-to-sell-products risk (Tim Bradshaw)
New definition of "Fish 'N Chips" (Jim Schindler)
Minnesota CriMNet shutdown (Steven Hauser)
FBI's reach into records is set to grow (Monty Solomon)
High-tech microscopes expose Americans' private lives (Monty Solomon)
A heavily used RISKY website: France Telecom (Peter Kaiser)
Holes found in online job search privacy (Brian Berstein via Monty Solomon)
Security patching: a story from the trenches (Rex Black)
Bank scam with spaces in trick URL (Mark Brader)
Computers in cars: "When you add complexity you add risks" (Richard I Cook)
Abridged info on RISKS (comp.risks)
Issue 23.04
Sony to recall 550,000 CD Walkman battery packs (Monty Solomon)
Amber Alert, Coming to the Inbox Nearest You (Rebecca Mercuri)
Southern drawls thwart voice recognition for police (Ken)
California to require voting machine receipts and stricter auditing (Steve Bellovin)
E-Votes must leave a voter-verified paper audit trail (PGN)
Diebold ATMs hit by Nachi worm (Steve Summit)
Proposed reason for electronic voting mess (John Bechtel)
Re: Astonishing electronic voting "glitch" (Martin Ward)
Whois bug at www.tucows.com (Tony Toews)
Man arrested wardriving child porn (Walter Roberson)
Old Nigerian scam nets $400,000 (Arthur J. Byrnes)
In-Security clearance (Name withheld by request)
Human Error Leads to AT&T's Anti-Spam Gaffe (Ryan Naraine via Fuzzy Gorilla)
Books of Interest: End of the World; Human Factor (Mike Smith)
REVIEW: "Practical Cryptography", Bruce Schneier/Niels Ferguson (Rob Slade)
REVIEW: "Wireless Security Essentials", Russell Dean Vines (Rob Slade)
Re: SANS, GSEC, and Chapple book review (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.05
Two loose screws killed Disneyland rider (PGN)
US railroad uses Wi-Fi to run 'driverless' trains (Lars Kongshem)
Nuclear plan shut down by lightning strike (Fuzzy Gorilla)
Tanker Truck Shutdown Via Satellite (Fuzzy Gorilla)
Microsoft Windows, Auto Edition (Andrew Whitby)
What Bill Gates Says About Security (from InformIT) (Dawn Cohen)
Another large gas bill (Amos Shapir)
UK MoD scraps 130-million-pound computer project (Fuzzy Gorilla)
How Much Is Privacy Worth? (Monty Solomon)
Government e-mails apparently sent to hairdresser (Neil Youngman)
'Master' and 'slave' computer labels unacceptable, LA officials say (Henry Baker)
Security subtleties (identity withheld by request)
Man trapped for hours by payphone (Mark Brader)
Debian security breach and forensic analysis (Gerrit Muller)
Re: Security patching: a story from the trenches (Walter Dnes)
Dangerous looking e-mail from quickbooks (Kyle York)
Re: In-Security clearance (Peter H. Coffin)
Re: Amber Alert, Coming to the Inbox Nearest You (Timothy Knox)
Re: Cehck tihs out! (Rodney Hoffman)
ANNOUNCE: New mailing list for secure application development, SC-L (Kenneth R. van Wyk)
Abridged info on RISKS (comp.risks)
Issue 23.06
Electronic car doors trap man in Australian flood, nearly drown him (Tony Healy)
New official self-service litigation system available in England/Wales (Tony Ford)
Software paraphrases sentences (Justine Roberts)
The Eight Fallacies of Distributed Computing (Peter Deutsch via Roger Z)
Human Factor? (Dave Brunberg)
This number's ready for prime time (NewsScan)
Re: Another large gas bill (Tom Hayhurst)
Big money on the line, but no source code... (D G Rossiter)
Nevada to apply slot-machine security to e-voting hardware? (David Brunberg)
Re: Diebold ATMs hit by Nachi worm (Russ Cooper, Elinor Mills Abreu via Lillie Coney)
Voter-verified breadcrumb trail? (Dave Brunberg, PGN)
Voting machines (William Ehrich)
Re: "In-Security clearance" (Eric Dobbs)
Re: Real purpose behind In-Security clearance program (Daniel Suthers)
Nigerian scams (Ted Lemon)
The Internet and the right to communicate (Monty Solomon)
The Structure of an Accident (William Langewiesche via Monty Solomon)
REVIEW: "Linux Security Cookbook", Barrett/Silverman/Byrnes (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.07
Remote-controlled trains (Bill Tolle)
Over-reliance on PowerPoint leads to simplistic thinking (NewsScan)
Japan's Mars probe goes off course (PGN)
Risk of a test message: Heated Training Session (Patrick Lincoln)
Voter information up for grabs (NewsScan)
Voting machine maker dinged (Lillie Coney)
Convicted felons worked for electronic voting companies (Susan Marie Weber)
Re: Diebold ATMs hit by Nachi worm (Drew Dean)
Re: Why have electronic voting machines at all? (Russ Cooper)
Proper understanding of "The Human Factor" (Don Norman)
April Fool's e-mail freed detained kidnapper (Lillie Coney)
This number's ready for prime time (Mark Brader)
Correction for RISKS-23.06 (Trevor Zacks)
Free lunch? Or double-or-nothing? (Rob Slade)
REVIEW: "Effective Security Management", Charles A. Sennewald (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.08
Railroad accident results from deactivated crossing gates (PGN)
Chats led to Acxiom hacker bust (Kevin Poulsen via Monty Solomon)
Moderation and Immoderation (PGN)
Re: Tragedy of the Commons (Douglas W. Jones)
Re: Proper Understanding of the Human Factor (Peter B. Ladkin)
Poor writing is the problem, not PowerPoint (Simson L. Garfinkel)
Why have electronic voting machines at all? (Finn Poschmann, Sander Tekelenburg)
CFP: CyberCrime and Digital Law Enforcement Conference, Mar 2004 (Michel E. Kabay)
Abridged info on RISKS (comp.risks)
Issue 23.09
Rotorouted New Year's greeting? (PGN)
Loss of bus braking due to nearby illegally modified transceivers (Chiaki Ishikawa)
"Openness" in Government (Identity withheld by request)
GuineTel seeks ways of clamping down on scam fraud (Patrick O'Beirne)
AOL now filtering based on whether they like embedded URLs (Stever Robbins)
Guilt by technology (Dawn Cohen)
Murphy's Law (Mark Brader)
Important article on origins of Murphy's Law (Doug Mink)
Re: Railroad accident results from deactivated crossing gates (Geoff Kuenning)
Re: Proper understanding of "The Human Factor" (Merlyn Kline)
Poor writing is the problem, not PowerPoint (Paul A.S. Ward)
Re: Diebold ATMs & Nachi worm; you ain't seen nuttin' yet! (Richard I Cook)
Re: Diebold ATMs hit by Nachi worm (Tim Panton)
Re: Voter information up for grabs (David E. Ross)
Re: Online issue of civil claims (Robin Crorie)
Abridged info on RISKS (comp.risks)
Issue 23.10
Cybercrime more than doubled in 2003 (NewsScan)
Reliability of network vulnerability testing is decreasing (Charles Preston)
Biometrics: 'Not your father's fingerprints' win out (NewsScan)
Pointless "security" (Huge)
To Err is Human: Building a Safer Health System (Marc Auslander)
VoteHere reports computer break-in (Fredric L. Rice)
Re: Voter information up for grabs (Kelly Bert Manning)
Re: Why have electronic voting machines at all? (Peter Williams)
Electronic voting: social aspects (Andrew o' Baoill)
Re: Over-reliance on PowerPoint (Ron Bean)
Re: Poor writing is the problem, not PowerPoint (Julian Thomas)
An economic argument against PowerPoint (Carson Harding)
Re: Railroad accident (John Hines, John A. Stewart, Ed Ravin, Chris Smith, Matthew Delaney, David Cantrell)
Re: Loss of bus braking due to nearby illegally modified transceivers (Huge)
Abridged info on RISKS (comp.risks)
Issue 23.11
Bank of England falls victim as e-mail scams rise by 400% (Keith A Rhodes)
Get ready for SPIM (NewsScan)
Israeli government suspends purchases of Microsoft software (NewsScan)
Input data error on tag transfer causes driver's arrest (Stanley A. Klein)
Forget your bank balance? It's available on the Internet (Monty Solomon)
Inadvertent use of wireless network (Ben Rosengart)
Car-monitoring service allows you to be your own Big Brother (Monty Solomon)
Secret ballots the Tel-Aviv University way... (Yaron Davidson)
Electronic voting: computer reliability aspects (Bob Axtell)
Re: Why have electronic voting machines at all? (Mark Newton)
Re: Loss of bus braking due to nearby illegally modified transceivers (Kenji Rikitake)
REVIEW: "Disaster Recovery Planning", Jon William Toigo (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.12
U.S. FAA warns of EFIS system fault (Peter B. Ladkin)
B747-400 Electronic flight displays rendered inoperative (Peter B. Ladkin)
Happy 2**30'th birthday, time_t! Now go patch Pro/ENGINEER (Paul Eggert)
Danish PM's private communications disclosed by MS Word (Theodor Norup)
Anti-spam law enacted -- so what's all this junk in my in-box? (NewsScan)
Want chips with that burger? (Jim Schindler)
Suing the customers (Joyce Scrivner)
Burger King wireless risk (Robert Franchi)
AP accidentally distributes celebrity phone numbers (Robert Franchi)
'Unfixable' Word password hole exposed (Brett McCarron)
VoteHere there and everywhere (Rebecca Mercuri)
More voting snafus in Palm Beach and Broward Counties (Alan Fullilove)
Correction re: Australian Voting (Eric Ulevik)
Re: Electronic car doors trap man (Ian Mitchell)
The dangers of PGN-ing (Simon Hogg)
COMPSAC 2004 Call for Contributions (Yuen Tak Yu)
EUSPRIG CFP July 2004 Klagenfurt (Patrick O'Beirne)
REVIEW: "Ben Franklin's Web Site", Robert Ellis Smith (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.13
Is the F-35 fighter jet is too reliant on foreign software (Lillie Coney)
Some rental cars keep tabs on drivers (Dewayne Hendricks via IP)
Israeli Post Office break-in (Gadi Evron)
Online poll rigging (Keith C. Ivey)
Students' data on Web, and NYU. on defensive (Monty Solomon)
Bruce Schneier on Orange Alert in Salon (Cory Doctorow via IP)
Some .mil and .gov subscribers of Risks Spammed (Dennis G Rears)
Errant weather alert (David Kennedy)
Moscow ML fails because of time overflow bug (Paul E. Black)
Re: Happy 2**30'th birthday, time_t! (Alistair McDonald, Ed Ravin, Massimo Dal Zotto)
Re: The dangers of PGN-ing (Peter Riocreux, Huge)
E-mail scam attacks AT*T Worldnet (John Reinke)
PayPal spoofing (Jacob Palme)
Announcement: Third Bieleschweig Workshop (Peter B. Ladkin)
Abridged info on RISKS (comp.risks)
Issue 23.14
Spirit Rover humbled by classic programming error (Robert Woodhead)
New virus infects PCs, whacks SCO (Monty Solomon)
Panel reports DoD SERVE System fatally flawed - bureaucrats in denial (Scott Miller)
Roadside camera claims car going 406 mph (greep)
The risks of naming (Ross Anderson)
"Outsourced and Out of Control" (Lauren Weinstein)
Pun-intended definitions (PGN)
UK data protection laws and the Law of Unintended Consequences (Richard Pennington)
Lie-detector glasses, 90% accurate? (Steve Holzworth)
DHS protects vendors of anti-terrorism technologies from liability (Jay Wylie)
Privacy & security threats in one (Jeremy Epstein)
Rob Slade's review of Marcus Ranum's *The Myth of Homeland Security* (Marcus J. Ranum)
Proceedings on ... Engineering Principles of System Security ... (Daniel P. Faigin)
Abridged info on RISKS (comp.risks)
Issue 23.15
E-mail activity: VaVaVoom MyDoom! (PGN)
Risks of virus scanners (Steve Bellovin)
AP blames virus transmission on users (Kevin Dalley)
US-CERT warns of worm, forgets to mention operating system (Kevin Dalley)
More controversy over SERVE Internet voting project (Dan Keating via Lillie Coney)
Finally! The Nigerian e-mail scammers caught (NewsScan)
Re: Spirit Rover humbled (Paul Czyzewski, Mark Brader, Dan Riley)
Re: UK data protection laws and ... Unintended Consequences (Richard Pennington, Dave Harris, Mark Brader)
Google targeted by pranksters (Monty Solomon)
On paypal and eBay scams (John Sinteur)
Postbank spoofing (Talmon)
Disciplinary action for teaching someone to use the address bar? (Neil Youngman)
REVIEW: "The Hanged Man's Song", John Sandford/John Camp (Rob Slade)
REVIEW: "Defense and Detection Strategies Against Internet Worms", Nazario (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.16
Security holes at DMVs nationwide lead to ID theft and safety concerns (Monty Solomon)
Defeating phishing scams (Andrew Rose)
A nasty Phishing attempt (Avishai Wool)
Another wireless risk (Chris Meadows)
Hotel reservation system easily confused (Richard S. Russell)
Browsers, online forms, rendering and opt-in marketing (Alistair McDonald)
Drunk unlocks police car with own key (Max)
Re: Happy 2**30'th birthday, time_t! (Steve Summit)
Re: Suing the customers (Paul Robinson)
Re: Lie-detector glasses, 90% accurate? (Ron Bean, Peter B. Ladkin)
REVIEW: "Biometrics", Woodward/Orlans/Higgins (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.17
How to Hack an Election (Hendrik)
UK: Vital e-crime evidence often destroyed (Iain Thomson via Keith A Rhodes)
Security Holes at DMVs Nationwide Lead to ID Theft and Safety Concerns (Monty Solomon)
Porn viewers work for hackers (Robin Burke)
January clearance sale (Scott Nicol)
Re: Spirit Rover humbled (Jim Griffith)
A scary thing (Erann Gat)
Phishing and a new IE security patch (Sidney Markowitz)
MyDoom and SCO (Steve Wildstrom)
RISKS actually gets *relatively little* MyDoom Traffic (Chris Smith)
Re: Risks of virus scanners (Paul Tomblin, Alan J Rosenthal)
Re: The risks of naming (Robert de Bath)
Re: Drunk unlocks police car with own key (D. Joseph Creighton, David Hollman)
"Loss of Identity" theft (Terry A. Ward)
REVIEW: "Kerberos: The Definitive Guide", Jason Garman (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.18
Software bug contributed to blackout (Kevin L. Poulsen)
*WashPost* registration expired, newsroom hampered (Bill Hopkins)
GM will recall some Chevrolet Corvettes (Monty Solomon)
Police face sack in ongoing privacy incidents (NewsScan)
Three degrees of outsourcing leads to data disclosure (Ed Ravin)
Privatization vs privacy (Friedrich Knauss)
TiVo watchers uneasy after post-Super Bowl reports (Monty Solomon)
Cable modem hackers conquer the co-ax (Kevin Poulsen via Monty Solomon)
Electronic copyrights (Jim Griffith)
Opposition to SPF (Ian Jackson)
Actually, SPF makes things worse (Markus Fleck-Graffe)
Re: Drunk unlocks police car with own key (Crispin Cowan)
Microsoft warns of widespread Windows flaw (Robert Lemos via Monty Solomon)
'Mydoom' Creators Start Up 'Doomjuice' (Matti Huuhtanen via Monty Solomon)
Re: MyDoom and SCO (Scott Miller)
Don't rely on Social Security Numbers -- AGAIN! (Robert Ellis Smith)
Re: UK data protection laws ... Unintended Consequences (R M Crorie)
An interesting spam-filter risk (Geoff Kuenning)
NSF: Science of Design (Sol J. Greenspan via Gene Spafford)
Abridged info on RISKS (comp.risks)
Issue 23.19
Mississippi voids November 2003 e-vote election for errors (Steve Corrick)
Canadian medical tests give reversed results (Danny Burstein)
911 mistake: Wisconsin rescuers go to wrong town; victim dies (David LaRue)
Interesting device to steal ATM accounts (Mabry Tyson)
Officials Say Mob Stole $200 Million Using Phone Bills (William K Rashbaum via Monty Solomon)
Amazon reviewers identified -- as the authors! (NewsScan)
Alleged Trojan horse in Israeli anti-ballistic missile system (Gadi Evron)
GAO Report Warns of Airline Security Shortcomings (Lillie Coney)
GE says blackout bug patched (Kevin L. Poulsen)
Strategic planning for VeriSign restart of "Site Finder" (Lauren Weinstein)
FTC warning about private no-spam registry (NewsScan)
TiVo's privacy policy (Terence Eden)
Re: Privatization vs privacy (Aaron)
Challenge/Response spam blocking (Thomas Harrington)
Social Security number as identity: not secure (Carl Fink)
Re: Spirit Rover humbled (Timothy Prodin)
Sputnik & garage door openers (Kyle York)
Re: SPF and its critics (Lawrence Kestenbaum)
Exploiting software (Gary McGraw)
Abridged info on RISKS (comp.risks)
Issue 23.20
King/Drew patient monitors shut off following 2 deaths (Sheri Alpert)
Bug in Windows-operated toilet system (Wendy M. Grossman)
Physical security of electronic voting terminals (Tobin Fricke)
Chipmakers race to plug the buffer overflow problem (NewsScan)
Buffer overflows and Multics? (Tom Van Vleck)
An old filtering problem, but worth repeating (Drew Dean)
Anti-captcha technique (Lindsay Marshall)
Further misdirected on-line trip planning (Mark Brader)
Conspiracy Theory: mortgage scams (NewsScan)
Osama Bin Laden is not on the no-fly list? (Peter Wayner)
MS Java Virtual Machine issue (Ferdinand John Reinke)
Garage-door openings by aircraft (John Slimick, Kevin G. Rhoads)
Re: Garage-door openers (Peter B. Ladkin)
Re: Garage-door openers by Sputnik (Steve Bellovin)
Re: Drunk unlocks police car with own key (Adam Laurie)
Abridged info on RISKS (comp.risks)
Issue 23.21
Bar codes for your health (NewsScan)
*Computer Weekly*'s campaign against government incompetence (Pete Mellor)
Malicious IT design in support of the cold war (Sam Garst)
Flaws threaten VoIP networks (Lillie Coney)
Fixed-length fields strike again (Robert Israel)
Toll Collect doesn't (Peter B. Ladkin)
SPF and SRS (Ben Rosengart)
Re: Risks of SPF (Peter da Silva)
Re: SPF and its critics (Dimitri Maziuk)
Theft of Client Information at Israeli Bank's "Information Fortress" (Gadi Evron)
Re: Interesting device to steal ATM accounts (Gadi Evron)
Abridged info on RISKS (comp.risks)
Issue 23.22
Stolen heart monitor (Nigel Metheringham)
Keeping online games honest (NewsScan)
4.6-million DSL subscribers' data leaked in Japan? (via Dave Farber)
E-mail robbery, the easy way (Ralf Ertzinger)
Solving e-mail problems economically (Peter B. Ladkin)
Laptop security (Gadi Evron)
"Where did it print?" 1990 version (Daniel P. B. Smith)
Buffer overflows and Burroughs/Unisys (Keith Gobeski, Michael LeVine)
MS Java Virtual machine (Curtis Karnow)
Garage-Door openers; Rapid disassembly of PCS phones (Charles Jackson)
Re: Garage-door openers (Michael Kent)
Re: Garage-door openings by aircraft (Scott Peterson)
Further misdirected on-line trip planning (Bob Heuman)
Amtrak Website routing (Richard S. Russell)
REVIEW: "Developing Secure Distributed Systems with CORBA", Lang/Schreiner (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.23
July 2002 air collision revisited (Paul Cox)
FBI employee snoops through confidential police databases (Declan McCullagh)
Data Protection and an increasingly paranoid world (Matthew Byng-Maddick)
When entries aren't screened (Gillian M Brent)
Re: Malicious IT design in support of the cold war (Henry Baker, Diomidis Spinellis)
MS self-inflicted DDoS (Doug Sojourner)
Re: MS Java Virtual Machine issue (Jonathan de Boyne Pollard)
Re: SPF and its critics (Greg Bacon)
SPF is harmful. Adopt it. (Jonathan de Boyne Pollard)
Abridged info on RISKS (comp.risks)
Issue 23.24
Risks of Leap Years and Dumb Digital Watches, quadrennial posting (Mark Brader)
GAO's latest evaluation of DOD software development practice (James Paul)
Trouble with Mars rover Spirit (Erling Kristiansen)
RFID tags in new US notes explode when you try to microwave them (Michael Borek)
State looks at false bills from AT&T (Peter Howe via Monty Solomon)
California e-voting: did programmers even try it? (Joel Garry)
Anti-Spam Solutions and Security, Neal Krawetz (Monty Solomon)
Legal Mercedes driver jailed for 18 months (Stefan Lesser)
Re: Stolen heart monitor (Dave Brunberg)
Re: Buffer overflows and VMS (Stanley F. Quayle)
Re: Buffer overflows and Burroughs/Unisys (Bill Hopkins)
Re: A320 Incident (Peter B. Ladkin)
Abridged info on RISKS (comp.risks)
Issue 23.25
Leap Year Strikes Again (Chuck Weinstock)
Pssst, wanna buy a spambotnet? (Rob Slade)
July 2002 air collision revisited (Michael Bacon)
Damaging consequences of response to password-protected viruses (Vassilis Prevelakis)
Spring '04 Sun Outage Notification (starband via Mich Kabay)
SPAM Countermeasures (Scott MacQuarrie)
Re: RFID tags in new US notes explode when you try to microwave them (Michael Borek responding to Paul Schleck)
And Another E-Voting Problem (David Bolduc via Dave Farber's IP)
Moseley Braun paper (Peter Zelchenko)
Avi Rubin on e-voting after yesterday's primary (Dave Brunberg)
Denial of service in criminal justice (Dick Mills)
REVIEW: "Hiding in Plain Sight", Eric Cole (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.26
U.S. Senate security shenanigans (Kristina Herrndobler via James Bauman)
PFIR Conference Announcement: "Preventing the Internet Meltdown" (PFIR)
Yet another worm masquerades as Microsoft update (NewsScan)
The price of e-mail is constant vigilance (Rob Slade)
Firms look to limit liability for online security breaches (Jonathan Krim via Monty Solomon)
Smartcards weren't so smart after all, says Target (NewsScan)
BBC reports card cloning scam (John Sawyer)
An interesting airplane user interface (David Magda)
Re: Legal Mercedes driver jailed for 18 months (David Gillett)
Extended Call for Papers: Voting, Elections, and Technology (Micah Altman)
Abridged info on RISKS (comp.risks)
Issue 23.27
DARPA robot race is a bust (NewsScan)
Re: DARPA robot race (PGN)
Can Software Kill? (Debbie Gage and John McCormick via Dan Scherer)
P2P legal defense by separation of content and key? (Brent J. Nordquist)
PPI delayed by "computer problems" (Bill Hopkins)
Microsoft Word reveals document's author -- again (George W. Harris)
Lost e-votes could flip Napa County race (PGN)
California voters turned away (PGN)
Googling Up Passwords, Scott Granneman excerpt (Monty Solomon)
SSL is being severely stressed by phishing expeditions (Alistair McDonald)
When is a decimal point not a decimal point? (Darryl Smith)
Merger Mania (Mike Albaugh)
New twist to social engineering in virus transmission (John Sawyer)
Re: An interesting airplane user interface (A.M. Passy)
People are not as conservative as some think! (Jonathan de Boyne Pollard)
Re: Buffer overflows (Mike Albaugh)
2004 IEEE Symposium on Security and Privacy (Steve Tate)
Abridged info on RISKS (comp.risks)
Issue 23.28
House Panel Slams Federal IT Security (PGN)
JFK AirTrain passengers end up at storage yard instead of airport (Tom Lambert)
Connecticut automobile emissions tests faulty (Danny Burstein)
Diebold Opteva 520 ATM crashes exposing Windows XP Inside! (Scott A. Hissam)
The RISKS of Risk Analysis (Michael Bednarek)
Anti-spam lawsuit complaints (Monty Solomon)
Self adjusting firewalls in Longhorn (Neil Youngman)
Death of UK skydiver in Australia (Anthony Youngman)
"Special Skills draft" (Geoffrey Brent)
Risks of automated pedophilia detection (Nick Brown)
Latest e-mail worms use password trick to foil filters (NewsScan)
CORRECTION to "SSL is being severely stressed by phishing expeditions" (Alistair McDonald)
Re: SSL is being severely stressed by phishing (Isaac Morland, Nelson Minar)
Re: When is a decimal point not a decimal point? (John Carlyle-Clarke, Nick FitzGerald)
Throwing out the baby with the bathwater: Crypto sigs (Tim Panton)
Abridged info on RISKS (comp.risks)
Issue 23.29
Coincidental Risks -- related to electronic voting systems (Jim Horning)
Toyota music-playing robot and possible spinoffs (PGN)
April Foolproof: AT&T Alerts Consumers About the Latest Scams (Monty Solomon)
Network Solutions' "A Sucker Born Every Minute" Domain Service (Lauren Weinstein)
Fraudulent request for bank info (Ken Knowlton)
Bridge construction mismatch (Ken Knowlton)
Shuttle speed-brake gears installed backwards (Anthony Youngman)
Pontiac leap-year bug (Tom Van Vleck)
Online student election flaws (James Prescott)
Utility employees rig customer survey (Monty Solomon)
AOL unveils spam-victim sweepstakes (NewsScan)
Wrong number leads to woman's arrest (Monty Solomon)
Risks of confusing LAN and WAN rules (Leonard Erickson)
Web site devoted to Word documents with unintended strikeouts (Henry Baker)
Risks of discarded receipts (Tim Aidley)
Exploiting Software: How to Break Code, Hoglund/McGraw (PGN)
Abridged info on RISKS (comp.risks)
Issue 23.30
GM recalls Cadillac SRX (Monty Solomon)
Firetruck steers itself into tree (Caleb Hess)
800,000 cards overcharged at Wal-Mart stores (Monty Solomon)
News24's not-very-restrictive access restrictions (Cody Boisclair)
Time records often altered, job experts say (Bob Schuchman)
4.6-million DSL subscribers' data leaked in Japan? (Chiaki Ishikawa)
Pilot study of cybercrime against businesses (Michel Kabay)
Risks of broadband upgrades (Jeremy Epstein)
Too Many Pips! (Andrew Watkins)
Fighting back at spam, viruses, etc.? (Neil Youngman)
Risks of malicious code in MIDI instruments/robots (Kenji Rikitake)
Net hoaxes snare fools all year (Monty Solomon)
Re: Bridge construction mismatch (Stephen Poley, Darryl Smith)
Re: AT&T Alerts Consumers About the Latest Scams (Pekka Pihlajasaari)
Netsky.P and iframe src=??cid variant (Rob Slade)
Latest Citibank scam... (Cody Boisclair)
Who's in charge of the e-mail virus war, and are we losing? (Steve Summit)
Re: Buffer overflows and Burroughs/Unisys (Crispin Cowan)
Abridged info on RISKS (comp.risks)
Issue 23.31
Chinooks again (Neil Youngman)
Blackout computer failure analysis (Stephen Cohoon)
Malware, auto-reply, and non-native languages (Drew Dean)
Risks in Google's New "Gmail" Service (Lauren Weinstein)
Risks in Network Solutions' domain information masking (Lauren Weinstein)
Seeing the Light might just *not* show the right contamination (Bob Heuman)
Re: Buffer overflows (Jon A. Solworth)
Re: iAPX 432 (Robert I. Eachus)
Re: 4.6-million DSL subscribers' data leaked in Japan? (Curt Sampson)
Re: News24's not-very-restrictive access restrictions (Curt Sampson)
Yet another version of the Beagle social engineering (John Sawyer)
REVIEW: "Cybersquatters Beware", Chantelle MacDonald Newhook (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.32
Republicans walk out of Federal hearing on voting machines, Lynn Landes
USB "square" plugs (Henry Baker)
Re: Who's in charge of the e-mail virus war ... (Steve Summit)
Radar guns, again (Adam Shostack)
Wireless hacking (NewsScan)
Citibank data compromised without using it? (Art Mellor)
Re: Chinooks again (Peter B. Ladkin)
REVIEW: "Ethics and Technology", Herman T. Tavani (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.33
University supercomputers attacked by vandals (NewsScan)
Risk of automatic updates (Geert Jan van Oldenborgh)
Runaway car from hell (Ken Knowlton)
Unfortunate MTA behavior (Drew Dean)
User interface anecdote, ATMs and voting machines (David Crooke)
Global Domination (Lauren Weinstein)
Former anti-piracy 'bag man' turns on DirecTV (Monty Solomon)
Expecting browser-side code to implement security (Derek Ziglar)
MiniDV Firewire connectors (Ron Erwin)
Risks of tax-preparation software (Toby Douglass)
Re: Cancer treatments and radiation detectors (Rob Slade)
Squeezing the pips until they squeak (Andrew Yeomans)
Re: Radar guns, again (Derek Ziglar, Sean Sosik-Hamor, Arthur T)
Web Sites ignore the law, think it applies only to Federal Government (Bob Heuman)
Abridged info on RISKS (comp.risks)
Issue 23.34
EFF Pioneer Awards for 2004
Fire trucks collide (Russ Perry Jr)
Innocent Brits labelled as crooks (Fuzzy Gorilla)
UK firms face weekly attacks (Graeme Wearden via Keith A Rhodes)
Quizzed upon sending e-mail (Dan Jacobson)
Aussie banking group scales up against 'phishing' (Keith A Rhodes)
Sans-serif font hides phishy text (Andrew Collier)
Risks of tax-preparation software (Paul D. Smith)
Automated Copyright Notice System (Steve Klein)
Automotive "black box" data used in trial (Fuzzy Gorilla)
Earthlink SpamBlocker (Paul Wexelblat)
Re: Unfortunate MTA behavior (Drew Dean)
Boy trapped in public bathroom (Fuzzy Gorilla)
Re: Runaway car from Hell (Bernard W Joseph, Carl Fink)
REVIEW: "Network Security Essentials", William Stallings (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.35
Computer glitch grounds Atlanta flights (Fredric Rice)
TurboTax electronic filing option fails to send AMT Form 6251 (Richard Mason)
California bans e-vote machines (Kim Zetter via Monty Solomon)
Ireland scraps electronic voting plans (Brent M.P. Beleskey)
Sydney trains disrupted by software glitch (John Colville)
Self-referential Patriot Act suppression of law suit (PGN)
Millions of lost revenue from faulty speed cameras (Bertrand Meyer)
Sasser worm is latest threat (NewsScan)
Antivirus software prolongs viral life (Geoff Kuenning)
Sasser eyed over train outage (NewsScan)
New identity-theft scam (Geoff Kuenning)
Gas explosion creates confidential litter (Sarah Hollins)
Hybrid vehicles may be hazardous to rescuers' health (Joe Thompson)
TCP, BGP, DoS, and BS (Rob Slade)
Florida sues AT&T for billing errors (Frank Carey)
Re: Traffic Signal Controllers (Jay R. Ashworth)
FREEDOM 2.0, Washington, DC, 20-22 May 2004 (EPIC)
REVIEW: "Non-Repudiation in Electronic Commerce", Jianying Zhou (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.36
Computer glitch gives out free gasoline (Jack Christensen)
U.S. blunders with China, Iran keyword blacklist (Declan McCullagh)
Risks of prisoner abuse vs. digital cameras (Lauren Weinstein)
Auto-Blacklisting is a bad idea (Drew Dean)
Re: Computer glitch grounds Atlanta flights (Tron Smith)
Corrupted virus definition load blocks re-load (George Michaelson)
Antivirus software prolongs viral life (Matthias Heiler)
Challenge/response standards (Brent Laminack)
Aus vs. Swiss speeding (Ivan Reid)
Re: ... lost revenue from faulty speed cameras (Anthony Youngman, Michael Smith, Bertrand Meyer)
MDT and a Fatal accident: a possibility? (Nick Lindsley)
Abridged info on RISKS (comp.risks)
Issue 23.37
Las Vegas monorail delayed due to computer glitch (Chuck Weinstock)
False Positive Risks (John Lettice via R.G. Newbury)
'Blue Screen of Death' on hotel TV screen (Henry Baker)
New UK Driving Licence puts Identity at risk (Adam Laurie)
Forrester speeds up timeline on white-collar offshoring (NewsScan)
Researchers find WiFi flaw (NewsScan)
Sasser creator turned in for the reward (NewsScan)
German Toll-Collect announces another delay... (Debora Weber-Wulff)
Listen to your CPU and break RSA? (Gadi Evron)
Banks don't understand phishing social risks (Samuel Liddicott)
Fines reimbursed, drivers reinstated; faulty speed camera (Bertrand Meyer)
Re: Hybrid vehicles may be hazardous to rescuers' health (Stephen Fairfax)
Re: Auto-Blacklisting is a bad idea (Kyler Laird)
Formal Methods for Industrial Critical Systems CFP (Diego Latella)
Abridged info on RISKS (comp.risks)
Issue 23.38
Paris Airport collapse: Analogy collapses (Marshall D Abrams)
FBI fingerprint screwup: Brandon Mayfield no longer a suspect (PGN)
GAO looked at DoD and off-shored software (James Paul)
So what's new with Pittsburgh Verizon DSL (David Farber)
The lighter side of electronic voting (Jason T. Miller)
Florida law bans deceptive subject lines in e-mail (NewsScan)
Spam being rapidly outpaced by 'spim' (Nico Chart)
Another method of password theft (James Renken)
Window smashed, data lost (David Lazarus via Monty Solomon)
Spamming the referrer logs (Diomidis Spinellis)
And a Mac Sniffer in a Pear Tree ... (Paul Kedrosky via Dave Farber)
Speed cameras: fines refunded, licenses restored (Stuart Lamble)
Re: Radar Gun Follies (Chris Meadows)
Re: New UK driving licence puts identity at risk (Chris Malme)
Re: Challenge-response is a bad idea (Jonathan de Boyne Pollard)
REVIEW: "Beyond Fear", Bruce Schneier (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.39
Air Force radios jamming garage-door openers in FL Panhandle (Paul Wexelblat)
Boa triggers blackout in Honduras (M. Barnabas Luntzel)
Online satire reported as truth (Jean L. Palmer)
*Reason Magazine* custom covers (Charles Shapiro)
New GAO Report on Government Data Mining (Barry Steinhardt via Dave Farber)
Coming Soon: A Cellphone Directory (Jube Shiver Jr. via Monty Solomon)
Maryland governor signs tough anti-spam law (Andy Sullivan via Monty Solomon)
The Fight Against Spam, Part 3 (F.J. de Kermadec via Monty Solomon)
Now, two-thirds of all e-mail is spam (Bob Sullivan via Monty Solomon)
Poor fallbacks on automated systems (Geoff Kuenning)
Re: Ireland scraps electronic voting plans (Erling Kristiansen)
'Pirate Act' raises civil rights concerns (Declan McCullagh)
Re: New UK driving licence puts identity at risk (John Sawyer)
Crash data recorders in cars (Fuzzy Logic)
Re: FBI fingerprint screwup (Scott Miller)
Risks of believing in testing, Re: GAO report (Chris Jewell)
Re: Another method of password theft (A J Stiles)
Banks don't understand phishing social risks (Michael Bacon)
REVIEW: "The Teeth of the Tiger", Tom Clancy (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.40
Problems due to misfiled fingerprints (PGN)
Building the A380: Just Like Software (Rex Black)
eVoting standards and testing (Rebecca Mercuri)
Re: Risks of believing in testing (Ken Knowlton, Spencer Cheng)
Users, learning from history, social engineering, planning (Gadi Evron)
Detectives follow the money trail to tackle spam (NewsScan)
Are passwords passe'? (NewsScan)
Re: Boa triggers blackout in Honduras (Ralph Barone)
The lighter side of electronic voting (Marcus L. Rowland)
Re: New GAO Report on Government Data Mining (Robert I. Eachus)
Data Mining: Federal Efforts Cover a Wide Range of Uses (Monty Solomon)
Daft security questions (Ian Chard)
Abridged info on RISKS: MAILMAN replaces Majordomo (comp.risks)
Issue 23.41
Computer breakdown in England affects air traffic (Debora Weber-Wulff)
Privacy and Security Risks in Rampell's E-Mail Surveillance Service (Lauren Weinstein)
France Telecom voice mail espionage (David F. Gallagher)
USB risks (Gadi Evron)
Whom do I tell? (Jerry James)
An anatomy of a PGP Joe Job (Gadi Evron)
Netgear/UWisc NTP mess (Hal Murray)
Selling Web bugs (Neil Youngman)
Re: Spam being rapidly outpaced by 'spim' (Gadi Evron)
Abridged info on RISKS (comp.risks)
Issue 23.42
Whose Data Is It, Anyway? (Matt Silberstein)
E-mail needs a makeover (NewsScan)
India's outsourcing business in trouble (NewsScan)
Autorun considered evil (Peter da Silva)
Stuck between the 2G and 3G networks (Henry Skoglund)
Verity K2 is data mining? (Aahz)
HTML Mail-readers (Mike Albaugh)
Re: Risks of believing in testing (David Crocker, Peter B. Ladkin, Fred Cohen)
Re: Daft security questions (Brian Reynolds, Lou Katz, Antonomasia)
British ATC slowdown (Peter B. Ladkin)
Abridged info on RISKS (comp.risks)
Issue 23.43
AOL worker sold customer list for spam, US charges (via Monty Solomon)
Swedish social insurance computers disabled by virus (Peter Håkanson)
Terror over Internet Protocol? (NewsScan)
Canada's largest bank has "processing disruption" (Yves Bellefeuille)
PFIR "Preventing the Internet Meltdown" Conference Info Online (Lauren Weinstein)
Attacking the attackers: maybe not a good idea (NewsScan)
Shocking laptop horror stories (Aahz)
Hacker hits South Korean defense (NewsScan)
/Not/ keeping security information up to date (TFB)
Wyoming woman arrested on false federal charges (Dirk the Daring)
Exploding vending machine emits phosgene gas (Cheryl Hoefelmeyer)
Irresponsible traffic announcement (Steve Friedman)
Who am I? (Erann Gat)
Re: Autorun evil? (Thomas Wicklund)
Risks of testing (Thomas Wicklund)
Re: Whom do I tell? (Chris Brand)
REVIEW: "Security Warrior", Cyrus Peikari/Anton Chuvakin (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.44
Acting Now to Prevent the Internet Meltdown (PGN)
Court rules e-mail eavesdropping okay (NewsScan)
Fed. Court Rules No Privacy For E-Mail Passing Through ISP Servers (Lauren Weinstein)
Florida Felon list is wrong, wrong, wrongity wrong (Danny Burstein)
Israeli Police losses laptop with critical agents information (Gadi Evron)
DC Metro discovers flag-day issues with changeover in payment systems (Joe Thompson)
Coca-Cola Cans as Security Threat (Jack M Dominey)
Pharmacists worry about drug vending units (Daniel P. B. Smith)
RFID could cost 4 million jobs by 2007 (NewsScan)
Barclays Bank of Zimbabwe suffers data theft (Bob Heuman)
French authority forbids "DIDTHEYREADIT?" service (Bob Heuman from NewsScan)
Web service maps tax codes to ID info (John)
Re: Attacking the attackers: maybe not a good idea (Nick Brown, Curtis Karnow)
REVIEW: "Exploiting Software", Greg Hoglund/Gary McGraw (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.45
$500 million and counting (Tom Gray)
Keyless remotes to cars suddenly useless (Paul Saffo)
Stolen: one-third of the world's software (NewsScan)
Obstacles to Net phone service (NewsScan)
Zinc whiskers (Craig S. Bell)
Friends don't let friends use Microsoft Internet Explorer (Tom Van Vleck)
Bev Harris crusades to expose e-voting flaws (Fredric L. Rice)
E-voting concerns (NewsScan)
Perils of Database Matching, Chapter 47,061 (Paul Wallich)
Private-sector firm maintains dossiers in U.S. (David Marston)
Re: Web ads threat to bank security (Rich Kulawiec)
E-mail non-privacy is a good decision! (Craig DeForest)
VoIP hacks gut Caller I.D. (Monty Solomon)
Using google against google (Peter Parker)
Re: Coca-Cola Cans as Security Threat (Nick Brown)
REVIEW: "Network Security Jumpstart", Matthew Strebe (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.46
*Chicago Tribune* computer meltdown (J H Haynes)
Balloon stuck over Baltimore, risk of automatic shutdowns (Dave Provine)
NASA space station software repairs (James Paul)
Laptops at the FleetCenter at risk of breaches, attack (Hiawatha Bray via Monty Solomon)
Censorware deletes Japanese city (John S. Karabaic)
Using Google against Google! (Peter Parker)
Court Opens Door To Searches Without Warrants (Monty Solomon)
Risks of ordinary GUI "pop-up" windows? (Daniel P. B. Smith)
Windows XP SP2 Installation Failures ()
Should we trust them? (Bruce Sinclair via Dawn Cohen)
Citibank 'sorry' for current account difficulties (Patrick O'Beirne)
Citibank assists scammers (Keith Gregory)
Cosmic ray hits Brussels election - really? (Dirk Fieldhouse)
Florida faces vote chaos in 2004, Commission hears (Fredric L. Rice)
Lost Record '02 Florida Vote Raises '04 Concern (Joe Shead)
Counting error on SMS poll evicts wrong contestant from 'Big Brother' (George Michaelson)
California Online Privacy Protection Act (Monty Solomon)
iPod security (Paul Wexelblat)
Re: E-mail nonprivacy (David Cantrell)
Re: Keyless remotes to cars suddenly useless (Chuck Charlton)
Re: "Stolen:" one-third of the world's software (Pascal J. Bourguignon)
Update: DC Metro flag-day issues (Joe Thompson)
REVIEW: "The Sundering", Walter Jon Williams (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.47
Computer Failure Grounds and Delays Flights on 2 Airlines (Monty Solomon)
E-voting critic issues challenge to hackers (PGN)
VoIP -- Voyeurism over Internet Protocol? (NewsScan)
Russian extortionists: each did his bit of work (NewsScan)
The Mr Micawber Syndrome (Michael Bacon)
Implementing Information Security: Risks vs. Cost (Gideon T. Rasmussen)
Re: Cosmic ray hits Brussels election -- really? (Peter B. Ladkin, Dirk Fieldhouse, Sergio Gelato)
REVIEW: "Official [ISC]^2 Guide to the CISSP Exam", Hansche et al. (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.48
Kolwicz kicked out for submitting real election tests (via Susan Marie Weber)
Image flaw pierces PC security (Keith A Rhodes)
Windows Buffer Overflow Protection Programs: Not Much (Paul Robinson)
Security Cavities Ail Bluetooth (Kim Zetter via Monty Solomon)
Emoticon-interpreters create risks in instant messaging services (Dale Hawkins)
First malicious program aims for handhelds (Keith A Rhodes)
Two more Canadian Banks with computer software screwups (Bob Heuman)
Top Australian banking sites vulnerable (NewsScan)
Cable giants seek to dominate VoIP (NewsScan)
Another airline outage (Jeremy Epstein)
Two Million Scans Uncover 55 Million Instances of Spyware (Monty Solomon)
Memory error paper (Laurent Guerby)
Risks of automated calling systems (Jeremy Epstein)
Internet voting in The Netherlands update (Joseph Kiniry)
Re: The Mr Micawber Syndrome (Fernando Pereira)
Re: Stolen: one-third of the world's software (Jurek Kirakowski)
REVIEW: "Software Forensics", Robert M. Slade (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.49
U.K.: Don't smile for your passport picture! (PGN)
Gloria Estefan performance in Dallas canceled due to computer crash (Ben Moore)
Airport Express crypto broken by DVD Jon (Cory Doctorow via Monty Solomon)
Buffer Overflow in "I'm Away" feature of AOL Instant Messenger (Paul Robinson)
Windows Buffer Overflow Protection Programs: Not Much (Paul Robinson)
Obion County Tennessee vote counting problems (Jeremy Epstein)
Drivers let Big Brother in to get a break (Kevin Maney via Monty Solomon)
DidTheyReadIt operations and security concerns (Rob Slade)
Risks of ordinary GUI "pop-up" windows? (Cody Boisclair)
REVIEW: "Stealing the Network: How to Own a Continent", Ryan Russell (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.50
Sequoia's new paper audit trail voting systems (PGN)
New Mexico votes lost in 2000 (Jeremy Epstein)
Mac Year 2004 bug (Tom Van Vleck)
Ford dumps Oracle system after four years of trouble (Lindsay Marshall)
Don't get stuck in the dark: a year later (Jeff Jonas)
U.S. air travel without government identification (Dan Wallach)
U.S. military sites offer a quarter million Microsoft Word documents (Diomidis Spinellis)
The GTS Katie - A risk of privatization or outsourcing (Joshua Newman)
Fire engine startup risks (J.D. Baldwin via Gary G. Taylor)
Google as back door for pay-per-view information (Sergei Lewis)
Network vandals face prison sentences (NewsScan)
"EXIT" signs too high (Henry Baker)
Re: U.K.: Don't smile for your passport picture! (James Moyer, Michael Bednarek)
Re: Airport Express crypto broken by DVD Jon (Marshall Clow)
REVIEW: "Computer Security for the Home and Small Office", Thomas C. Greene (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.51
NASA Spirit nearly done in by DOS (Hank Nussbacher)
Sum of a Glitch (Bev Harris via David Chessler and Dave Farber's IP)
The case of the screaming telephone (Debora Weber-Wulff)
The toll collection hassle in Germany (Debora Weber-Wulff)
Website offers CNID falsification service (Kevin Poulsen via Monty Solomon)
Rick Broadhead's Dear Valued Customer (Amit Asaravala via Monty Solomon)
Canvas expiration 'bug': *not* a Mac OS issue (Matt Gough via Bob Grant)
Accounting software number issues (Darryl Smith)
Another animal-caused power interruption (Geoffrey Brent)
Privacy concern over Australian e-mail law (NewsScan)
Lack of sanity checking in Web shopping cart software (Richard Kaszeta)
Correction to New Mexico, Florida, Bush & Gore (Jeremy Epstein)
REVIEW: "Know Your Enemy", Honeynet Project (Rob Slade)
Abridged info on RISKS (comp.risks)
Issue 23.52
Shutting the train door before the commuter has bolted? (Michael Bacon)
Illinois Secretary of State computer outage (J H Haynes)
Overcomputerization enlightenment (Joseph A. Dellinger)
More ID theft, via laptop (David Lesher)
Missouri vote-by-fax (PGN)
E-voting in Nevada (NewsScan)
Diebold GEMS central tabulator contains a stunning security hole (Bev Harris via EEkid)
Using a paper trail to verify electronic voting machine results (Diomidis Spinellis)
Election verification in Venezuela (Peter B. Ladkin)
ATMs offer too much information (Brendan Kehoe)
Risk of using open forums for disaster recovery (Espen Andersen)
Re: NASA Spirit nearly done in by DOS (Gene S. Berkowitz)
REVIEW: "Security Assessment", Greg Miles et al. (Rob Slade)
Abridged info on RISKS (comp.risks)