precedence: bulk Subject: Risks Digest 22.38 RISKS-LIST: Risks-Forum Digest Weds 13 November 2002 Volume 22 : Issue 38 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at and by anonymous ftp at ftp.sri.com, cd risks . Contents: Wireless keyboard (Mike Hogsett) Server crash leaves students unable to register (Max Power) Colleges urged not to monitor peer-to-peer sharing (NewsScan) Re: Hartford Public Library Net Browsing - Bugged or Not? (George Mannes) More on the Autotote scam (PGN) Joke not so funny anymore (Toby Gottfried) Chip glitch hands victory to wrong candidate (PGN) Glitches indeed! (Rebecca Mercuri) VoteWatch (Steven Hertzberg) Election integrity in general (PGN) Re: Lynn Landes's analysis of the 2002 Elections (PGN, Rebecca Mercuri) Re: Zogby poll failures (Henry Baker) REVIEW: "Manager's Guide to Contingency Planning for Disasters", Kenneth N. Myers (Rob Slade) REVIEW: "High Technology Crime Investigator's Handbook", Gerald L. Kovacich/William C. Boni (Rob Slade) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Mon, 11 Nov 2002 11:31:50 -0800 From: Mike Hogsett Subject: Wireless keyboard While a Stavanger man typed away at his desktop computer, his text was also streaming in on his neighbor's machine in a building 150 meters away. http://www.aftenposten.no/english/local/article.jhtml?articleID=427668 All I can say is Why-re-less? - Mike Hogsett ------------------------------ Date: Tue, 12 Nov 2002 18:23:46 -0800 (PST) From: Max Power Subject: Server crash leaves students unable to register The five servers that handle Washington University's class registration crashed on 8 Nov 2002, preventing several thousand students from signing up for their winter-quarter classes for most of the day. This was attributed to a system software problem rather than an overload problem: The software translating students' Net IDs into student numbers was running much slower than previously. 14,000 students were eligible to register, as opposed to only 1,000 in the spring quarter. Ironically, this came shortly after the Registrar's Office had permanently shut down its Student Telephone Assisted Registration system (STAR), because of phone-line costs and lack of use. [Source: Alex Sundby, *The Daily*, Washington University, 12 Nov 2002; PGN-ed] http://www.thedaily.washington.edu/all.lasso ?-database=DailyWeb.fp5&-layout=List&-response=newspage.lasso &-recordID=33782&-search&-Token.Count=3 ------------------------------ Date: Mon, 11 Nov 2002 10:05:51 -0700 From: "NewsScan" Subject: Colleges urged not to monitor peer-to-peer sharing The Electronic Privacy Information Center (EPIC), a Washington-based nonprofit organization that promotes freedom of speech on the Internet, is attacking letters recently written by the recording industry asking college officials to monitor Web use at their institutions for copyright violations made through peer-to-peer sharing of music or video files by members of the academic community. EPIC is criticizing those letters for trying to shift the burden of content enforcement to academic institutions which have scarce resources for such purposes, and is warning against a network "arms race" between file sharers and copyright enforcers. The group thinks colleges should avoid adopting a "confrontational role with respect to these technologies," because all it would do would be to harm the network's overall performance. [IDG News Service 11 Nov 2002; NewsScan Daily, 11 Nov 2002] http://www.idg.com.hk/cw/readstory.asp?aid=20021111002 ------------------------------ Date: Mon, 11 Nov 2002 11:54:39 -0500 From: George.Mannes@thestreet.com Subject: Re: Hartford Public Library Net Browsing - Bugged or Not? (R-22.35) Bill Olds' *Hartford Courant* column "The FBI Has Bugged Our Public Libraries" was excerpted starkly in RISKS-22.35. The column apparently cited "anonymous sources". The FBI responded, claiming the information was false, and the paper now admits it should have been more rigorous in checking the details. Olds said, "I called the Justice Department but I was told they could not discuss issues involving the FBI and libraries. ... In the atmosphere of secrecy created by the Patriot Act, my sources misinterpreted what the FBI was doing." As Don Sellar, ombudsman at *The Toronto Star*, once said, "When the sources are wrong, they're wrong anonymously and it's the newspaper's credibility that gets publicly dented." [Source: "Anonymous Sources, Bad Information", Karen Hunter, *Hartford Courant*, 10 Nov 2002; PGN-ed] http://www.ctnow.com/news/opinion/columnists/hc-hunter1110.artnov10,0,6354989.column George Mannes, 14 Wall Street - 15th Floor / New York, NY 10005 phone: 212-321-5208 / mobile: 917-207-5790 george.mannes@thestreet.com ------------------------------ Date: Wed, 13 Nov 2002 10:20:18 PST From: "Peter G. Neumann" Subject: More on the Autotote scam (RISKS-22.35) The saga of the PickSix winner that culminated in a wild-card bet on every horse in the Breeders' Cup Classic (the horse race with the U.S.'s largest pot) continues, and provides a timely set of lessons, for example: * The intense risks of insider misuse in certain types of systems * The perils of poor system designs that seriously ignore security * The importance of audit trails, and especially nontamperable ones * The value of truly independent unbiased objective security audits by really knowledgeable and experienced red-teaming experts Whenever such an unusual event involving a large payout is detected, an immediate concern should be this: Have there been other similar cases that were not previously noticed? In the Breeders' Cup case, it was soon thereafter discovered that the same type of scam had been pulled at least twice previously, and that all of the apparent participants are linked by a bond of fraternity brotherhood from their undergraduate days at Drexel University. In each subsequently uncovered scam, as well as in the Breeders' Cup case, an off-track bet from a particular betting parlor that did not keep records of phone-in bets was subsequently altered by insider system manipulation AFTER the results of the early races were known, but before the records were transmitted to the central facility. [If you want the background on the cases and the individuals involved, see the series of articles in *The New York Times*, 9 Nov, 10 Nov, and 13 Nov.] And then, you might ask, have there been other cases of undetected insider fraud in gambling systems? There have certainly been publicly admitted precedents of rigged gambling payoffs, perhaps most notably the Harrah's Tahoe $1.7 million progressive multiple-slot-machine jackpot that reportedly was triggered by insiders, although the exact details of that event almost 20 years ago are still not widely known. We have also noted in RISKS that you might want to wonder about the trustworthiness and integrity of on-line gambling systems. But perhaps MOST INSIDIOUS from the effect on the populace at large is that implicit in all those discussions are that the same concerns arise in the all-electronic voting machines, as noted in recent RISKS issues (including this one). In the horse-race betting cases, even if there had been audit records as to the exact bets that were later altered (there were no such audit trails on the OTB system used for the exploits), a really clever perpetrator with insider access privileges might have been able to alter the audit records without being detected unless the audit mechanism was totally nontamperable (which is generally considered to be either overkill or practically impossible despite the existence of once-writable media). In all computing environments where something is valued (especially gambling, electronic voting, national security, intelligence, counter-intelligence, supposedly secure databases with stringent privacy policies, etc.), the presence of overprivileged insiders and the absence of nontamperable audit trails must both be considered as warning indicators. ------------------------------ Date: Mon, 11 Nov 2002 08:46:31 -0800 From: "Toby Gottfried" Subject: Joke not so funny anymore I am reminded of an old election joke, which seems like less and less of a joke. A third world country decided to go democratic, turning to the USA for guidance. On a limited budget, they could only afford second-hand equipment and got some voting machines from the city of Chicago. With great fanfare, they held their election, with Fyodor Guantanamo running against Kwame Santahara. The winner was ... Richard J. Daley. ------------------------------ Date: Tue, 12 Nov 2002 13:43:00 PST From: "Peter G. Neumann" Subject: Chip glitch hands victory to wrong candidate In Nebraska, a defective computer chip in Scurry County's optical scanner misread ballots Tuesday night and incorrectly tallied a landslide for the wrong party. Investigation led to the diagnosis of a faulty chip, which when replaced reversed the outcomes in two commissioner races, verified by a hand recount, from Republican victories to Democratic victories. [Source: http://www.truthout.org/docs_02/11.13C.vote.chip.htm; PGN-ed] For some other irregularities in Nebraska, see VoteWatch (next item). ------------------------------ Date: Tue, 12 Nov 2002 19:20:49 -0500 From: "Rebecca Mercuri" Subject: Glitches indeed You think the November 5, 2002 US General Election went smoothly? Use your favorite Web engine and search for the words "election" and "glitch" -- a recent scan on Google News turned up hundreds of press reports. Not all of these troubles were in Florida -- states included Texas, Alabama, Nevada, Georgia, California, South Carolina, Nebraska, and New Jersey. Voter News Service, the agency that provides exit poll data that might have been used as a cross-check against computerized returns, was coincidentally knocked out of service by an unidentified "massive computer glitch" on election day as well. Many of the election problems (including those at VNS) occurred in spite of hundreds of millions of dollars (soon to be billions) spent on new equipment. If, say, an automobile manufacturer experienced numerous major "glitches" in a product line, the public would be clamoring for a recall. Yet everyone seems quite content with these computerized voting systems, and the press continues to blame the poll workers, even in Broward County where they spent an additional $2.5M on training and staff for election day and still managed to misplace some 103,000 votes. Characterizing these serious problems as "glitches" makes it seem like poor engineering and incompetent election system management is somehow acceptable to the American public. It's not. A massive recall of these inappropriate and defective devices must be started immediately. Call or write to your Secretary of State and complain. Rebecca Mercuri www.notablesoftware.com/evote.html ------------------------------ Date: Mon, 11 Nov 2002 23:32:23 -0800 From: "Steven Hertzberg" Subject: VoteWatch I recently launched VoteWatch.us, which is an online service that allows voters to immediately report voter machine errors, polling place problems and other voting obstacles. VoteWatch is quickly becoming the central repository of election 2002 discrepancies. I would appreciate it if you could browse VoteWatch and add comments as you see fit. Steven Hertzberg, Founder, VoteWatch, San Francisco, CA ------------------------------ Date: Mon, 11 Nov 2002 11:44:40 PST From: "Peter G. Neumann" Subject: Election integrity in general With PAPER BALLOTS, there is the accountability of the paper ballots themselves, which can potentially be examined for serial number consistency, watermarks to hinder the introduction of phony ballots, fingerprints, etc. With LEVER MACHINES, it is true that they can be rigged to fail to record votes for one candidate, but it is unlikely that such a vote could be misrecorded for another candidate (assuming the standard ballot face is in place). With PUNCH-CARDS and MARK-SENSE CARDS, there is the evidence of the cards themselves. Although tampering with the cards is obviously possible (substitution, invalidation by internal fraudulent overvoting by election officials, the cards provide an audit trail). With the ALL-ELECTRONIC SYSTEMS that exist today (with the exception of the Avante system that now includes the Mercuri Mechanism as a standard), there is ABSOLUTELY NO EVIDENCE OF ANYTHING OTHER THAN THE ALLEGED BALLOT IMAGE -- which itself can be fraudulent, given proprietary code, Trojan horses and trapdoors, etc. Recounts are meaningless if the data is already corrupted when stored. Furthermore, many of these machines are configured by vendor-supplied personnel, with potential access privileges for the system or the accuracy of the configuration. Every one of these systems has potential problems. But a world-wide consensus seems to suggest that a single piece of paper with a single set of candidates is the most reliable method, because poll watchers can see what is happening. How do you watch the bits moving around inside an all-electronic system? ------------------------------ Date: Mon, 11 Nov 2002 7:33:43 PST From: "Peter G. Neumann" Subject: Re: Lynn Landes's analysis of the 2002 Elections (RISKS-22.37) I received several responses strongly offended by the inclusion of Lynn Landes's piece in RISKS-22.37. I deeply regret if that item offended you. I included it not primarily for its claims (whether accurate or not), but rather for the implications of accidents and misuses, potential and actual, publicized or kept secret, detected and undetected, that we have been discussing in RISKS for many years. Much of her piece is actually relevant here, although I think her message may have been weakened because of certain statements that were more political than the objective reporting that we try to make the expected norm in RISKS. As I see it, the most important question we should be asking is this: With respect to those of you who voted last week using an all-electronic voting machine, is there any meaningful assurance that the vote you cast was correctly recorded -- that is, any assurance that there were no misconfigured systems, accidents, internal fraud, etc.? For almost all of the existing electronic systems (with the exception of one that actually incorporates the Mercuri Mechanism -- namely, Avante), the answer is an UNEQUIVOCAL NO. This is an untenable situation if you believe in election integrity, IRRESPECTIVE of your party affiliations. PGN ------------------------------ Date: Mon, 11 Nov 2002 00:02:11 -0500 From: "Rebecca Mercuri" Subject: Re: Lynn Landes' analysis of the 2002 Elections (RISKS-22.37) First of all, it's more like $4B, Lynn wasn't including the additional sums for training and so on that were also authorized by the Help America Vote Act bills. But even $4B is just the tip of the iceberg. Over in Broward County Florida, where they just spent around $18M for brand new touch-screen voting machines they found that they had to pay an additional $2.5M just to run the November election, because the machines couldn't be set up and monitored by the regular poll workers who are normally hired. Now if Broward has to pay this sum 2 times a year for the next decade, how does this Help America Vote? They could print up an easy-to-read paper ballot for every man, woman, and child in the entire County for well under $1M and they would probably not discover missing cartridges 2 days later with 103,000 missing votes on them (after being monitored by the Republicans who came down from the state to help the Democrats out with the election). A box of paper ballots is a lot harder to lose (not that it hasn't been done) than a small voting cartridge. And the paper ballots can be read by hand if the computers are misprogrammed (like they seem to have been in a lot of US counties this past November). Over in Texas, I don't really see how it's could be the Democrats' fault when they discovered their brand new touchscreen voting machines lighting up for the Republican candidates over in Dallas last week. When the Democrats sued to stop the machines being used, the Republicans said "we haven't had any complaints." Sure, because they didn't light up for Democratic candidates when the Republicans were pressed. I wonder why? Misalignment? Conveniently, none were misaligned in the other direction. Hmmm. If you really look at your history books, you'll see all sorts of election fraud in all sorts of places. We had things like literacy tests. And we had to pass amendments to the US Constitution so that gender and race wouldn't be used to prevent citizens from voting. There's plenty of election fraud too. Tip O'Neil (the late Speaker of the House) described in his autobiography (after he retired) a scheme whereby paper ballots were routinely substituted (called chain voting). It's not any particular party that is to blame, it's just that vote stealing is as much a tradition in the USofA as apple pie. Unauditable voting machines just make it even easier to cover up. Folks can continue to stick their heads in the sand and pretend this hasn't happened, doesn't happen, and won't happen. Or they can face reality and then work to adopt systems that will REDUCE and ELIMINATE election fraud, rather than encourage and enhance the ease of doing it. Please read the additional material and links on my website over at www.notablesoftware.com/evote.html and join the effort to save democracy before it's too late. R. Mercuri ------------------------------ Date: Sat, 09 Nov 2002 14:56:54 -0800 From: Henry Baker Subject: Re: Zogby poll failures (Landes, RISKS-22.37) There was a long article in the *Wall Street Journal* with lots of quotes from Zogby. Apparently, the problem is that they depend upon telephone solicitation to find out how people are voting, and people are using caller ID to screen out the calls. There is also a significant rise in the percentage of cell phones, for which spam telephone calls aren't allowed. Also, women are not as at home as they used to be, so there's no one to answer the phones. So there's no need to attribute malice to the bad polling data, when simple incompetence will do just fine. [... and an inherently flawed methodology? PGN] ------------------------------ Date: Tue, 12 Nov 2002 08:01:03 -0800 From: Rob Slade Subject: REVIEW: "Manager's Guide to Contingency Planning for Disasters", Kenneth N. Myers BKMGTCPD.RVW 20021012 "Manager's Guide to Contingency Planning for Disasters", Kenneth N. Myers, 1999, 0-471-35838-X, U$55.00 %A Kenneth N. Myers %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8 %D 1999 %G 0-471-35838-X %I John Wiley & Sons, Inc. %O U$55.00 416-236-4433 fax: 416-236-4448 %P 234 p. %T "Manager's Guide to Contingency Planning for Disasters" The preface clearly states that this book promotes a "what if," worst case scenario approach to contingency planning. It presents the development of detailed business continuity procedures as a waste of time, and assumes that minor mishaps can be handled within the limits of the methods meant to deal with the worst case. Although this flies in the face of conventional BCP (Business Continuity Planning) wisdom, in all but the last item Myers makes a convincing case. The emphasis is on avoiding the "how long can you do without" type questions so common in BCP, and more directed towards "what alternatives can we use when we have to do without" answers. Chapter one is an introduction, and this is obviously not your average DRP (Disaster Recovery Planning)/BCP book, since it includes items such as a "disaster life cycle." "Defining The Problem" doesn't really happen in chapter two, although one could say that the problem is clarified to a certain extent. The text is a bit repetitive, reiterating several times that too many companies concentrate on recovering the technology before the business. There is more traditional look at BCP in chapter three, since it concentrates on awareness and education, and provides a good, basic overview of selling the contingency planning idea to management. Chapter four reviews project planning, although primarily from an outsider perspective, like that of a consultant. From this viewpoint, it offers very practical, helpful advice. Business impact analysis is presented in chapter five, although, again, the text retails content already stated elsewhere. The implementation strategy, in chapter six, primarily covers dealing with various layers of management. The Myers process of plan development is presented in a structured form in chapter seven, although most points have been made already. Chapter eight again presents a more traditional, and very short, view, this time of plan maintenance, education, and testing. The guidelines for internal consultants and consulting firms, in chapter nine, form a nice checklist. There are a number of appendices, of which B (with a sample contingency plan and examples of alternative methods is particularly useful. A broader list of alternative methods is suggested in Appendix C. While some may dismiss it as a kind of cost/benefit reductio ad absurdum, Myers' method does raise issues that need to be considered. This contrarian view should be more widely considered by the BCP community. copyright Robert M. Slade, 2002 BKMGTCPD.RVW 20021012 rslade@vcn.bc.ca rslade@sprint.ca slade@victoria.tc.ca p1@canada.com ------------------------------ Date: Wed, 13 Nov 2002 08:05:55 -0800 From: Rob Slade Subject: REVIEW: "High Technology Crime Investigator's Handbook", Gerald L. Kovacich/William C. Boni BKHTCRIH.RVW 20021012 "High Technology Crime Investigator's Handbook", Gerald L. Kovacich/William C. Boni, 2000, 0-75067806-X, U$34.95 %A Gerald L. Kovacich shockwavewriters.com %A William C. Boni %C 2000 Corporate Blvd. NW, Boca Raton, FL 33431 %D 2000 %G 0-75067806-X %I Butterworth-Heinemann/CRC Press/Digital Press %O U$34.95 800-272-7737 http://www.bh.com/bh/ dp-catalog@bh.com %P 298 p. %T "High Technology Crime Investigator's Handbook: Working in the Global Information Environment" The preface makes the somewhat contradictory statement that the book is "not a `how to investigate high-technology crime' book but provides basic information for someone ... new to the profession." This odd assertion may be partially explained by the fact the text is very heavy on career and organizational matters, and extremely light on functions and technology. It would appear that any technical issues are seen as "how to," while corporate politics are basic information. Part one provides an introduction to the high technology crime environment, in broad overview. Chapter one is a pedestrian presentation of high technology. The text is very disjointed (a discussion of government departments using high-tech crime as a justification to fight for increased budgets is immediately followed by a minor example of online harassment), and, despite the promotion of the importance of technical information and tools for crime investigation, the technical material is weak, simplistic, and oddly handled. For example, a subjective and imprecise measure of data volume (a book) is used to calculate ridiculously "accurate" (in terms of significant figures) store sizes for a variety of obsolete systems. There is a superficial and pessimistic look, in chapter two, at the "Global Information Infrastructure." Again, the technical content is insubstantial: mention of lists of top level domains makes reference to using a search engine to find them, but the instructions consist of "well, you're an investigator, investigate." This seems to sum up the attitude to providing necessary information. High-technology miscreants, in chapter three, are reasonably well described, with only minor errors. There is an internal contradiction when the text lumps phone phreaks in with hackers, and then treats them as distinct, and the book retails the Cap'n Crunch myth, whereas Draper himself points out that he was taught about the 2600 hertz whistle. There is a slight overemphasis on the importance of "professional hackers." Chapter four's coverage of attack technology is jumpy and fragmented. An "ISP attack" makes little sense, while spoofing is narrowly defined to include only one specific type of session hijacking. Three pages of diagrams of PBX (Private Branch eXchange) attacks explain nothing. Protection technology, in chapter five, is defined as access control, accountability, and audit trails, followed by a random grab bag of security ideas. Part two is an overview of the high technology crime investigation profession or unit. This material is basically recycled from "The Information Systems Security Officer's Guide," by one Gerald L. Kovacich. There are a large number of very short chapters. Chapter six is a generic promotion for career planning, with added, but oddly irrelevant, details. Marketing yourself, in terms of preparation of resumes and for interviews, is in chapter seven. Chapter eight describes the perfect, and therefore fictional, company to work for. This is followed by the perfect job description in nine, the perfect investigative unit in ten (with some brief staff job descriptions in eleven), and the perfect mandate (plus an excessively detailed example of a PBX survey) in chapter twelve. Chapter thirteen suggests that you develop contacts, but, somewhat in opposition to the career building emphasis earlier, this concentrates on "sources" or informers. The development of metrics, in chapter fourteen, seems to be primarily concerned with the creation of bar charts to show management that you've been working. The "Final Thoughts," in chapter fifteen, are mostly vague opinions. Part three is entitled high technology crimes and investigations. Chapter sixteen has various stories, with almost no detail, about crimes and computers, few of which are relevant to corporate investigations. There is some useful advice, in chapter seventeen, on the initial seizure and chain of custody of computer equipment, but the discussion is limited to data recovery. Part four is supposed to be about challenges to high technology crime investigation, but chapter eighteen, the only section, simply contains more vague thoughts. For someone trying to build a career via political maneuvering, this book can provide some useful tips. For someone trying to investigate a crime involving computers, it might be a bit frustrating. copyright Robert M. Slade, 2002 BKHTCRIH.RVW 20021012 rslade@vcn.bc.ca rslade@sprint.ca slade@victoria.tc.ca p1@canada.com http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade ------------------------------ Date: 29 Mar 2002 (LAST-MODIFIED) From: RISKS-request@csl.sri.com Subject: Abridged info on RISKS (comp.risks) The RISKS Forum is a MODERATED digest. Its Usenet equivalent is comp.risks. => SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) if possible and convenient for you. Alternatively, via majordomo, send e-mail requests to with one-line body subscribe [OR unsubscribe] which requires your ANSWERing confirmation to majordomo@CSL.sri.com . If Majordomo balks when you send your accept, please forward to risks. [If E-mail address differs from FROM: subscribe "other-address " ; this requires PGN's intervention -- but hinders spamming subscriptions, etc.] Lower-case only in address may get around a confirmation match glitch. INFO [for unabridged version of RISKS information] There seems to be an occasional glitch in the confirmation process, in which case send mail to RISKS with a suitable SUBJECT and we'll do it manually. .MIL users should contact (Dennis Rears). .UK users should contact . => The INFO file (submissions, default disclaimers, archive sites, copyright policy, PRIVACY digests, etc.) is also obtainable from http://www.CSL.sri.com/risksinfo.html ftp://www.CSL.sri.com/pub/risks.info The full info file will appear now and then in future issues. *** All contributors are assumed to have read the full info file for guidelines. *** => SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line. => ARCHIVES are available: ftp://ftp.sri.com/risks or ftp ftp.sri.comlogin anonymous[YourNetAddress]cd risks [volume-summary issues are in risks-*.00] [back volumes have their own subdirectories, e.g., "cd 21" for volume 21] http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue]. Lindsay Marshall has also added to the Newcastle catless site a palmtop version of the most recent RISKS issue and a WAP version that works for many but not all telephones: http://catless.ncl.ac.uk/w/r http://the.wiretapped.net/security/info/textfiles/risks-digest/ . http://www.planetmirror.com/pub/risks/ ftp://ftp.planetmirror.com/pub/risks/ ==> PGN's comprehensive historical Illustrative Risks summary of one liners: http://www.csl.sri.com/illustrative.html for browsing, http://www.csl.sri.com/illustrative.pdf or .ps for printing ------------------------------ End of RISKS-FORUM Digest 22.38 ************************