Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit precedence: bulk Subject: Risks Digest 22.00 (), Volume 22 summary REPLY-TO: risks@csl.sri.com RISKS-LIST: RISKS-FORUM Digest 2002 Volume 22 : Issue 00 () FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Info on RISKS (comp.risks), contributions, subscriptions, FTP, etc. SUMMARY OF RISKS VOLUME 22 (1 April 2002 to ...) (NOTE: This summary is archived in ftp file risks-22.00 at ftp.sri.com, cd risks, and is also at http://catless.ncl.ac.uk/Risks/22.00.html.) ---------------------------------------------------------------------- Date: 12 Feb 2001 (LAST-MODIFIED) From: RISKS-request@csl.sri.com Subject: Abridged info on RISKS (comp.risks) The RISKS Forum is a MODERATED digest. Its Usenet equivalent is comp.risks. => SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) if possible and convenient for you. Alternatively, via majordomo, send e-mail requests to with one-line body subscribe [OR unsubscribe] which requires your ANSWERing confirmation to majordomo@CSL.sri.com . [If E-mail address differs from FROM: subscribe "other-address " ; this requires PGN's intervention -- but hinders spamming subscriptions, etc.] Lower-case only in address may get around a confirmation match glitch. INFO [for unabridged version of RISKS information] There seems to be an occasional glitch in the confirmation process, in which case send mail to RISKS with a suitable SUBJECT and we'll do it manually. .MIL users should contact (Dennis Rears). .UK users should contact . => The INFO file (submissions, default disclaimers, archive sites, copyright policy, PRIVACY digests, etc.) is also obtainable from http://www.CSL.sri.com/risksinfo.html ftp://www.CSL.sri.com/pub/risks.info The full info file will appear now and then in future issues. *** All contributors are assumed to have read the full info file for guidelines. *** => SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line. => ARCHIVES are available: ftp://ftp.sri.com/risks or ftp ftp.sri.comlogin anonymous[YourNetAddress]cd risks [volume-summary issues are in risks-*.00] [back volumes have their own subdirectories, e.g., "cd 21" for volume 21] http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue]. Lindsay Marshall has also added to the Newcastle catless site a palmtop version of the most recent RISKS issue and a WAP version that works for many but not all telephones: http://catless.ncl.ac.uk/w/r http://the.wiretapped.net/security/info/textfiles/risks-digest/ . http://www.planetmirror.com/pub/risks/ ftp://ftp.planetmirror.com/pub/risks/ ==> PGN's comprehensive historical Illustrative Risks summary of one liners: http://www.csl.sri.com/illustrative.html for browsing, http://www.csl.sri.com/illustrative.pdf or .ps for printing ------------------------------ Subject: SUMMARY OF RISKS VOLUME 22 (1 April 2002 to ...) (archived in ftp file risks-22.00) RISKS 22.01 Monday 1 April 2002 ATF Takes Responsibility for Federal Software Policy Enforcement (ATFS Director) REVIEW: "Hacking for Dummies", Bill Murray III/Gene Spafford (Rob Slade) Computers to Cars (PGN) Surprise Settlement Evenly Splits Microsoft (Gene Spafford) Big security leak in Internet sexshop (Paul van Keep) Web site leaks customers address, offers extra discounts (Ron Gut) Hackers find new way to bilk eBay users (Monty Solomon) BT is publishing confidential ex-directory telephone numbers (Clive Jones) Risks of using anti-spam blacklists (Eric Murray) The smart highway (Raphael Lewis via Monty Solomon) E-mail subscriptions, windows 2000 patches and photocopiers (Alistair McDonald) Re: Out with pilots, in with pibots (Robert Woodhead)