precedence: bulk Subject: Risks Digest 22.81 RISKS-LIST: Risks-Forum Digest Sunday 20 July 2003 Volume 22 : Issue 81 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at http://www.risks.org as http://catless.ncl.ac.uk/Risks/22.81.html The current issue can be found at http://www.csl.sri.com/users/risko/risks.txt Contents: Reassembly of shredded documents (Richard M. Smith) SEVIS foreign students database (Thomas Dzubin) IPv6 addresses too big to fit? (Joe Loughry) Italian naming problem (Darryl Luff) GPS-piloted tractors? (Conrad Heiney) Health Commissioner's anonymised case reports not so anonymous (Don Mackie) Privacy rights under threat by lawmakers (Dan Gillmor via Monty Solomon) Carjacker tracked and bugged by Tele-Aid operator (Jonathan Epstein) Samsung Electronics bans camera phones from key factories (Ferdinand John Reinke) Software helps police draw crime links (Gareth Cook via Monty Solomon) AOL blocking e-mail from other ISPs (David E. Ross) Lack of Abbey National telephone banking security (Adam Laurie) HighGroup Listing of SSN's (Alice K. Whitfield) Why are spammers backing spam-control laws? (NewsScan) California court rules against Intel in spam case (Elinor Mills Abreu via Monty Solomon) Re: Virginia Identity Theft Passport (John Sinteur) Re: David Nelson and CAPPS II? (Arthur Flatau) Re: Error In e-mini Dow Futures creates havoc (Stewart C. Russell) Re: Washing machine does the right thing after power outage (Kurt Thams) Re: The nuking of RFID chips (Kevin G. Rhoads) Formal Methods 2003 - Call for Participation and Programme Details (Diego Latella) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Thu, 17 Jul 2003 12:51:45 -0400 From: "Richard M. Smith" Subject: Reassembly of shredded documents Throughout the 1980s, Sascha Anderson, a poet, musician, and literary impresario, was one of the leading voices to speak out against the East German government and its dreaded secret police, the Stasi. But his credibility gradually evaporated after the Communist government's collapse as rumors about him acquired the weight of proof: he had been informing on his dissident compatriots all along. It turns out that his supposedly unretrievable Stasi file was *manually* reconstructed from bags of papers that had been shredded during the final days of the regime in 1989. However, the German government is now planning on reconstituting 16,000 bagsful from that era, using advanced scanning technology. [Source: Picking Up the Pieces, By Douglas Heingartner, *The New York Times*, PGN-ed] http://www.nytimes.com/2003/07/17/technology/circuits/17shre.html ?pagewanted=all&position= [The programming effort is certainly an interesting application!] ------------------------------ Date: Wed, 9 Jul 2003 05:49:23 -0700 (PDT) From: Thomas Dzubin Subject: SEVIS foreign students database Under new United States homeland security laws, all U.S. schools have to register their foreign students in the database, known as the Student and Exchange Visitor Information System (SEVIS). This system has all the attributes of a big system rushed into production before sufficient testing could take place. In my mind, the RISK-iest thing about this story is that the effects of the problems can cause life-changing situations for people including being jailed and/or deported. Many problems with this system are detailed in the story including files being mysteriously deleted or "misplaced". Some advisers are telling students not to go back to their home countries on school breaks, in case SEVIS accidentally deletes their records. Students who are not in the system cannot re-enter the country. One quote from the story: "Daily interactions with SEVIS have become a test of wit and will" Other bugs/glitches/problems reported: - Unable to modify existing records which is a problem if a foreigner (or spouse) has a baby. - extreme system slowness and random crashing - insufficient or inadequate help desk technician support One final quote from the story: "The technical failings of SEVIS and the difficulty the government has had in implementing it undermine its security potential, Cotten says. If the American people feel safer because of SEVIS, then they are severely misled, she says." Source: http://www.govexec.com/dailyfed/0703/070303h1.htm (Hopefully this link is still active. If not, Government Executive Magazine does keep old stories archived under a slightly different URL naming convention...the title "Foreign student tracking system called inefficient, intrusive" should stay the same.) ------------------------------ Date: Thu, 17 Jul 2003 17:36:27 -0600 From: "Loughry, Joe" Subject: IPv6 addresses too big to fit? In light of the recent announcements by the U.S. Department of Defense in support of IPv6, we have been going through our software making the necessary changes. I found several examples of text input fields that were too short to hold a valid IPv6 address like 3ffe:1800:0:3:290:27ff:fe14:cdee. Also necessary was replacing calls to the standard library functions inet_ntoa() and inet_addr(), among others, which do not support IPv6. On an encouraging note, however, I found that throughout the source code, extremely conservative coding practices and good error checking everywhere means that our software does not crash when handling IPv6 addresses. It's Y2K all over again. Joe Loughry, Lockheed Martin Space and Strategic Missiles, RADIANT MERCURY ------------------------------ Date: Fri, 18 Jul 2003 12:41:33 +1000 From: Darryl Luff Subject: Italian naming problem Hmm, the simple risk of your perfectly sensible domain name being interpreted very differently in other languages. [NOTE: text not mine. DL] At least they should then have created a brilliant logo..... If you were a company called Powergen and you had a subsidiary that operated in Italy, what would you call that company's Web site?. Probably not http://www.powergenitalia.com But they really did. ... [A high-strung multilingually interpretable literal string! PGN] ------------------------------ Date: Fri, 18 Jul 2003 16:28:41 -0700 From: "Conrad Heiney" Subject: GPS-piloted tractors? According to a Reuters report on CNN today, a University of Queensland researcher is promoting an Australian technology for satellite-guided tractors. These are said to be accurate to 2 cm. Apparently advantages to these are that the tractors are more accurate and do not crush the soil as much as conventional people-driven equipment, allowing higher yield. As a bonus, they could be run at night. http://www.cnn.com/2003/TECH/science/07/18/satellite.tractor.reut/index.html The RISK of unmanned vehicles relying on GPS signals, with or without rotating blades attached, is interesting to contemplate, especially at night! Conrad Heiney http://contentgoeshere.com/ http://fringehead.org ------------------------------ Date: Wed, 9 Jul 03 19:32:37 +1200 From: Don Mackie Subject: Health Commissioner's anonymised case reports not so anonymous The New Zealand Health & Disability Commissioner has been dealing with complaints about health care for almost ten years. As it says at the website (www.hdc.org.nz) the purpose... is to promote and protect the rights of health and disability consumers, and to facilitate the fair, simple, speedy, and efficient resolution of complaints. The Commissioner investigates complaints. Often there are useful lessons to be learned from the complaint and the findings, after removal of all identifying features, are published so that others can benefit. Some are posted on the website in a range of formats: html, pdf and Word document. Some of you will see where this is leading. A colleague of mine was startled to be told by a patient that a Google search on the doctor's name yielded the text of a HDC finding as the top hit. While my colleague acknowledges that there was a complaint about them they have learned from it and believed that the publication was anonymous. On opening the link from Google, I got a Word document. Sure, the names of the individuals had been removed from the text of the document, but when I went Properties -> Summary, there they were. Waiting to be found by a search engine. I looked at a few other .doc files and the same problem existed. I informed the HDC and they have now pulled the .doc opinions. Ignorance of the hidden information in word processing files is, of course, not new. This one has had the potential to damage reputations when the HDC's office has been careful, but not careful enough, to protect them in the past. ------------------------------ Date: Sun, 13 Jul 2003 20:23:54 -0400 From: Monty Solomon Subject: Privacy rights under threat by lawmakers Dan Gillmor, *San Jose Mercury News*, 13 Jul 2003 In the constant battle to preserve what's left of our privacy and roll back some of the invasions we've already suffered, one reality is all too clear: Elected officials are not on our side. Last week brought the latest perversion of the public will, the cowardly refusal of the California Legislature to enact even modest improvements in financial privacy. The voters will do it instead, in a ballot measure next year. Meanwhile, state and federal lawmakers are almost totally oblivious to future threats, including some that should be dealt with before they cause trouble. For example, retailers will soon be installing little identifying radios, a technology known as RFID, into items they sell, enabling a host of new privacy invasions that could make the status quo seem benign. We all understand why lawmakers hold the public good, and will, in such contempt. They tend to vote on behalf of their financial benefactors. Commercial interests see our privacy as a barrier to their business. Game over? No. We have to care enough to take matters into our own hands. Pressuring politicians is vital, but it's plainly not enough. We'll need to do a little multitasking to retrieve our right to be left alone. ... http://www.siliconvalley.com/mld/siliconvalley/6293890.htm ------------------------------ Date: Thu, 17 Jul 2003 13:23:16 -0400 From: Jonathan Epstein Subject: Carjacker tracked and bugged by Tele-Aid operator A quick-thinking bystander realized that police could track the movements of a carjacker who sped off with two small children in the back seat. The police were able to indirectly both track and listen-in on the car, and learn that the kids in the back seat were OK. http://www.washingtonpost.com/wp-dyn/articles/A2862-2003Jul16.html Marc Fisher of the Washington Post writes: That carjacking the other night raises some fascinating questions. I'm sure the mom was tremendously relieved that the operators in Dallas were able to listen in on her children as their kidnapper hurtled along Rt. 50 -- and goodness knows what might have happened if the Mercedes version of OnStar, called Tele-Aid, hadn't been tracking the thug's movements. But do any of you have concerns about the ability of Tele-Aid and similar companies to turn on the microphone remotely and listen in on the goings-on in your car? Or does this case prove that such privacy fears are outweighed by the good those devices can do? ------------------------------ Date: Mon, 7 Jul 2003 15:45:55 -0400 From: "Ferdinand John Reinke" Subject: Samsung Electronics bans camera phones from key factories Samsung Electronics is restricting use of camera phones at key factories and research centers to preclude industrial espionage. (Camera phones have become popular in South Korea.) [Source: Yahoo News, 7 Jul 2003] http://news.yahoo.com/news?tmpl=story2&cid=1509 &u=/afp/20030707/tc_afp/skorea_samsung_it_company_030707080259&printer=1 [I wonder if they remember that PDA's have camera capability? Wonder if financial institutions have thought about this "risk"? Not likely. JohnR] ------------------------------ Date: Fri, 18 Jul 2003 02:13:53 -0400 From: Monty Solomon Subject: Software helps police draw crime links The Boston Police Department is rolling out a powerful new computer program built to find hidden connections among people and events almost instantly, allowing detectives to investigate murders, rapes, and other crimes far faster than they can today. Called ''Coplink,'' the program sifts through tens of millions of police records, from 911 calls to homicide investigations, to deliver a short list of potential leads in just seconds. The same kind of searching currently takes hours or even days of a detective's time -- when it is possible at all. Designed in an Arizona AI lab, Coplink searches through arrest records, incident reports, and emergency phone calls to identify potential suspects and compile all possible leads on them, including past addresses, weapons they have owned, and even the arrest records of people with whom they have been stopped in a car. In Boston, it will search only through city police records, though it could later be expanded to stretch far more broadly. ... [Source: Gareth Cook, *The Boston Globe*, 17 Jul 2003; PGN-ed] http://www.boston.com/dailyglobe2/198/nation/ Software_helps_police_draw_crime_links+.shtml ------------------------------ Date: Sat, 19 Jul 2003 12:30:11 -0700 From: "David E. Ross" Subject: AOL blocking e-mail from other ISPs AOL has been bouncing E-mail messages from other ISPs. In their attempt to block spam, they are blocking mail servers that they presume are on end-user IP addresses. For some reason, some ISP mail servers -- including at large, well-run ISPs -- were considered to be among those addresses. The problem started on Tuesday, 15 July, or earlier. AOL apparently did not know of the problem until a customer of an affected ISP complained on the morning of Friday, 18 July. AOL's response is that they will not be able fix the problem until Monday, 21 July, or later. This seems to be another case of implementing technology without sufficient testing. However, the fact that a problem reported on Friday cannot be fixed until Monday indicates this risk arises from placing business considerations ahead of either technology or customer service. David E. Ross ------------------------------ Date: Fri, 18 Jul 2003 10:41:16 +0100 From: Adam Laurie Subject: Lack of Abbey National telephone banking security I hold an Abbey National account in the joint names of myself and my wife, but my wife's entry is still in her maiden name (so from the bank's perspective it could be any individual with no special legal relationship). This account was created many moons ago, before we were married, to facilitate the purchase of a flat. After the transaction, there were a couple of hundred pounds left in the account, which have languished ever since. We recently moved house and so this account came to our attention when the tenants at the previous address forwarded our bank statements to us. And now the scary bit... Armed only with the statement passed to me by said 3rd party, I was able to call up the online bankers, cancel all the cheques and have all the funds in the account transferred to an arbitrary account (in this case my personal account - i.e. not a joint account with my wife). The "extra security" questions I was asked were: 1. who is the other named account holder? (this was printed on the back of statement). 2. what is your overdraft limit? (this was printed on the front of the statement). As the nice kid in Terminator 2 says... "easy money"... :) Adam Laurie, A.L. Digital Ltd., The Stores, 2 Bath Road, London W4 1LT UK http://www.aldigital.co.uk http://www.thebunker.net Tel: +44 (20) 8742 0755 ------------------------------ Date: Fri, 18 Jul 2003 10:36:05 -0400 From: "Alice K. Whitfield" Subject: HighGroup Listing of SSN's The risks of using social security numbers as personal identifiers in the U.S. is better known to members of this community than perhaps any other. You may appreciate then, better than the Social Security Administration apparently does, the increased risk that arises when the SSA's own published list of valid (partial) numbers contains errors of omission (http://www.ssa.gov/foia/highgroup.htm, as of 18 July 2003 at 1400 UT). The errors in the July list are not numerous, and may affect mostly elderly, former railroad workers. In past instances, the errors were more widespread but eventually fixed. They show no sign of responding to any communications about the current problems, however. Obviously, the current list was not verified before the page went live. Luckily, flunking a flawed social security number verification test under the current regime of Total Awareness, "is not a basis ... for ... adverse action ... such as laying off, suspending, firing, or discriminating against an individual..." So, according to the Social Security Administration, no one should have to worry about those risks, at least. ------------------------------ Date: Fri, 18 Jul 2003 09:26:46 -0700 From: "NewsScan" Subject: Why are spammers backing spam-control laws? Bigtime spam-mongers and junk-mail proponents like the Direct Marketing Association are backing proposed antispam legislation, while consumer and public-interest groups, almost without exception, oppose the bills. What's going on? "It's a sign of who benefits from these bills and who doesn't," says a spokesman for the Coalition Against Unsolicited Commercial Email. "When you see some of the biggest spammers in the country backing legislation that is allegedly antispam, you really need to wonder about what these bills actually do." The answer is that rather than banning all unsolicited e-mail outright, as many consumer groups wish, they legitimize spam, as long as the perpetrators adhere to certain rules, such as using accurate subject lines and valid return addresses, and allowing recipients to opt out of future mailings. Two bills are currently making their way through Congress and a variant of thereof is expected to pass overwhelmingly and be signed into law later this year. [*Wall Street Journal*, 18 Jul 2003; NewsScan Daily, 18 Jul 2003] http://online.wsj.com/article/0,,SB105848273351539900,00.html (sub req'd) ------------------------------ Date: Mon, 30 Jun 2003 23:07:18 -0400 From: Monty Solomon Subject: California court rules against Intel in spam case The California Supreme Court on 30 Jun 2003 ruled spammers cannot be sued under state law for property trespass for just sending e-mail -- a setback for Intel Corp., which had sued a former engineer for sending e-mails to up to 35,000 company workers. The 4-3 ruling reversed a lower court order prohibiting former Intel engineer Ken Hamidi from sending e-mails critical of Intel to thousands of its employees. Intel claimed the e-mails had trespassed on its private network and had harmed the company by reducing worker productivity. But the California Supreme Court found that Intel's computer system had not been damaged as a result of the e-mails and, therefore, there was no trespass. The court declined to expand state common law covering property trespass to apply to e-mail whose contents may be objectionable, but which is otherwise harmless. ... [Source: Elinor Mills Abreu, Reuters, 30 Jun 2003] http://finance.lycos.com/home/news/story.asp?story=34677087 ------------------------------ Date: Thu, 17 Jul 2003 07:45:56 +0200 From: John Sinteur Subject: Re: Virginia Identity Theft Passport (RISKS-22.80) I can't help but wonder, how long until identity thieves won't just acquire a driver's license, credit cards, etc, with their freshly stolen identity, but one of these passports as well? Which will be relative unknown to the cop on the street, so the first few yours you could hack something together yourself in Photoshop as well... If there's a bug in the way people use paperwork to assert and use identities, how is more paperwork going to solve that? [Similar comment from Michael Hartley. PGN] ------------------------------ Date: Thu, 17 Jul 2003 09:44:12 -0500 From: "Arthur Flatau" Subject: Re: David Nelson and CAPPS II? (Slade, RISKS-22.80) There was a story on this in the *Austin American Statesman* (originally from the *Chicago Tribune*). http://www.statesman.com/insight/content/auto/epaper/editions/ sunday/insight_f3e0169a836a10f00085.html There are at least two David Nelsons in the Austin area. The articles states: The family [Dr. David and Cindy Nelson of Austin and their two young children] plans to fly to Canada in August, and this time they're planning countermeasures. They'll try buying David Nelson's airline ticket under D. Austin Nelson. That is surely a tactic that the bad guys would never figure out! Arthur Flatau, Texas Microprocessor Division, Advanced Micro Devices, 5900 East Ben White Boulevard, Austin TX 78741 Arthur.Flatau@amd.com ------------------------------ Date: Fri, 18 Jul 2003 10:17:40 -0400 From: "Stewart C. Russell" Subject: Re: Error In e-mini Dow Futures creates havoc (RISKS-22.80) It seems that typos are quite common on trading systems. Talking to a friend who is a foreign exchange trader, I found out that such misquotes are commonly called "wrong big figure" quotes. A casual web search on this phrase will return an alarmingly large number of documents from forex houses. These documents pertain to their liability -- or lack of it -- for such quotes. Surely we need to work on the ergonomics of such trading systems? ------------------------------ Date: Thu, 17 Jul 2003 10:54:38 -0700 From: "Kurt Thams" Subject: Re: Washing machine does the right thing after power outage On the other hand, an enterprising user could pull the power plug at nearly the end of the job, load a new batch of clothing, and get his second (and third and fourth...) wash free! ------------------------------ Date: Thu, 17 Jul 2003 09:20:25 -0400 From: "Kevin G. Rhoads" Subject: Re: The nuking of RFID chips (Cowan, RISKS-22.80) Most stun guns and cattle prods use current limited high voltage DC. It is easy to provide overload protection for this kind of electrical insult -- although I doubt that RFID manufacturers will include such protection in the early designs. However, if such deactivation becomes common and problematic, it can be designed around. Better to use a low output Tesla coil, which generates high voltage splattered all over the RF spectrum. Of course, a linear RF power amp driven by an RF sweep generator should also work -- but that level of equipment is not readily available. Cheap Tesla coils can be easily homebrewed and Edmund Scientific carries a model for about $120 that is ideal. ------------------------------ Date: Fri, 18 Jul 2003 09:58:48 +0500 From: Diego Latella Subject: Formal Methods 2003 - Call for Participation and Programme Details The 12th International FME Symposium Pisa, Italy - September 8-14, 2003 http://fme03.isti.cnr.it - fme03@isti.cnr.it FM 2003 is the twelfth in a series of symposia organized by Formal Methods Europe, an independent association whose aim is to stimulate the use of, and research on, formal methods for software development. These symposia have been notably successful in bringing together a community of users, researchers, and developers of precise mathematical methods for software development as well as industrial users. Formal methods have been controversial throughout their history, and the realization of their full potential remains, in the eyes of many practitioners, merely a promise. Have they been successful in industry? If so, under which conditions? Has any progress been made in dispelling the skepticism that surrounds them? Are they worth the effort? Which aspects of formal methods have become so well established in the industrial practices to loose the "formal method" label in the meanwhile? FM 2003 aims to answer these questions, by contributions not only from the Formal Methods community but also from outsiders and even from skeptical people who are most welcome to explain, document, and motivate the source of their reluctance. FM 2003 will host 7 Workshops, 8 Tutorials and 1 Day dedicated to the Industry besides the 3 days of the FME Symposium. Tool demonstrations will also take place during the symposium, with the opportunity of holding presentations for each tool. For full details on the Symposium organization and to register please go to the web site http://fme03.isti.cnr.it, or send your query to fme03@isti.cnr.it. Dott. Diego Latella, Consiglio Nazionale delle Ricerche, ISTI Via G. Moruzzi, 1 - I56124 Pisa, ITALY phone +39 0503152982 or +39 348 8283101 fax +39 0503138091 or +39 0503138092 Diego.Latella@isti.cnr.it http://www.isti.cnr.it/People/D.Latella ------------------------------ Date: 30 May 2003 (LAST-MODIFIED) From: RISKS-request@csl.sri.com Subject: Abridged info on RISKS (comp.risks) The RISKS Forum is a MODERATED digest. Its Usenet equivalent is comp.risks. => SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) if possible and convenient for you. Alternatively, via majordomo, send e-mail requests to with one-line body subscribe [OR unsubscribe] which requires your ANSWERing confirmation to majordomo@CSL.sri.com . If Majordomo balks when you send your accept, please forward to risks. [If E-mail address differs from FROM: subscribe "other-address " ; this requires PGN's intervention -- but hinders spamming subscriptions, etc.] Lower-case only in address may get around a confirmation match glitch. INFO [for unabridged version of RISKS information] There seems to be an occasional glitch in the confirmation process, in which case send mail to RISKS with a suitable SUBJECT and we'll do it manually. .UK users should contact . => SPAM challenge-responses will not be honored. Instead, use an alternative address from which you NEVER send mail! => The INFO file (submissions, default disclaimers, archive sites, copyright policy, PRIVACY digests, etc.) is also obtainable from http://www.CSL.sri.com/risksinfo.html ftp://www.CSL.sri.com/pub/risks.info The full info file will appear now and then in future issues. *** All contributors are assumed to have read the full info file for guidelines. *** => SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line. => ARCHIVES: http://www.sri.com/risks http://www.risks.org redirects you to the Lindsay Marshall's Newcastle archive http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue] Lindsay has also added to the Newcastle catless site a palmtop version of the most recent RISKS issue and a WAP version that works for many but not all telephones: http://catless.ncl.ac.uk/w/r http://the.wiretapped.net/security/info/textfiles/risks-digest/ . http://www.planetmirror.com/pub/risks/ ftp://ftp.planetmirror.com/pub/risks/ ==> PGN's comprehensive historical Illustrative Risks summary of one liners: http://www.csl.sri.com/illustrative.html for browsing, http://www.csl.sri.com/illustrative.pdf or .ps for printing ------------------------------ End of RISKS-FORUM Digest 22.81 ************************