precedence: bulk Subject: Risks Digest 22.87 RISKS-LIST: Risks-Forum Digest Thursday 21 August 2003 Volume 22 : Issue 87 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at http://www.risks.org as http://catless.ncl.ac.uk/Risks/22.87.html The current issue can be found at http://www.csl.sri.com/users/risko/risks.txt Contents: Nasty elevator death at Houston hospital Missing full-stop halts NZX trading (Gavin Treadgold) Safe! until the 22st century? (Wendell Cochran) Of course, it couldn't happen again!/The Road to Vulnerability (H.L.Hausen) Tampa Police disband face-recognition software (PGN) Botched 911 call led to man's death (Ben Moore) Blackout: definitely not terrorists! (Martin Ward) Robert X. Cringely on India, outsourcing, and IT productivity (PGN) Lots of railroad traffic affected by so-big (Danny Burstein) Increase in bounces from forgeries due to virus (PGN) Sobig.F (Rob Slade) Sobig side effects (Jim Griffith) Firewall reject rates (Mike Hogsett) "Good" Worm Fixes Infected Computers (Jim Schindler) Send PIF files in ZIP attachment to avoid virus detectors? (Olivier Dagenais) Do-Not-Spam list effort will be futile (NewsScan) The Risks of Miniaturisation (Gene Wirchenko) Update on NZ payphone failures (Don Mackie) Out of context numbers: It wasn't quite THAT bad... (Andrew Greene) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Mon, 18 Aug 2003 09:15:19 -0700 (PDT) From: "Peter G. Neumann" Subject: Nasty elevator death at Houston hospital More for the "THIS CAN'T POSSIBLY HAPPEN" file: Hitoshi Kikaidow, a surgical resident at Christus St. Joseph Hospital in Houston, was caught by a hospital elevator door as he stepped in, and was decapitated as the elevator ascended. A female hospital employee was in malfunctioning the elevator at the time, and was trapped until rescued by firefighters. Incidents with elevators and escalators kill about 30 people and injure about 17,000 each year, according to the U.S. Bureau of Labor Statistics' Census of Fatal Occupational Injuries and more recent Consumer Product Safety Commission data. [PGN-ed from two sources] *Houston Chron*: http://www.chron.com/cs/CDA/ssistory.mpl/metropolitan/2053346 *Newsday* AP item: http://www.newsday.com/news/nationworld/wire/ sns-ap-brf-doctor-decapitated,0,5206582.story?coll=sns-ap-nationworld-headlines And don't forget the "THIS CAN'T POSSIBLY HAPPEN AGAIN" file. RISKS reported the earlier cases in Ottawa in which, following the first death in Apr 1989 (RISKS-8.48,49,50,52,54), a second death in Jun 1989 (RISKS-8.77) occurred; the known flaw in the 1954 Otis elevator door interlock logic causing the first death had remained uncorrected (RISKS-9.01). We also previously reported the Houston elevator that failed in the floods caused by Tropical Storm Allison and by default went down to the BOTTOM, drowning its occupant (RISKS-21.47). I recall another case in which elevator power failed because of a fire on the top floor, and the elevator by default went to the TOP floor, roasting its occupants, but I cannot find that case in our archives. ------------------------------ Date: Thu, 21 Aug 2003 11:23:19 +1200 From: "Gavin Treadgold" Subject: Missing full-stop halts NZX trading A missing full-stop in a piece of code for a trivial change to a software program reportedly started the chain of events that brought New Zealand's sharemarket to a halt yesterday. http://www.nzherald.co.nz/business/businessstorydisplay.cfm?storyID=3519114 Computer glitch halts stock exchange trading http://www.stuff.co.nz/stuff/0,2106,2633746a13,00.html A faulty computer program at New Zealand's biggest share registrar halted trading on the stock exchange for more than five hours yesterday. I guess that's got to be one of the smallest software bugs around :) ------------------------------ Date: Tue, 19 Aug 2003 15:25:20 -0700 From: Wendell Cochran Subject: Safe! until the 22st century? `Disaster Plans Get New Scrutiny After Blackout' runs a headline in *The New York Times*, 19 Aug 2003, C1. Alas, some company managers seem to evaluate risk in risky ways. "Some customers learn from experience," reports John Schwartz of *The Times*, paraphrasing Don DeMarco, vice president for business continuity & recovery services at IBM, `but seem to learn the wrong lesson. He described a corporate client that survived a major flood with the help of his company's disaster recovery services, and then declined to renew its contract for the following year. `Mr. DeMarco said he was aghast. "Are you kidding?" he recalled asking. "We just saved your company." `The client, however, was unmoved. "We're in a hundred-year flood zone," Mr. DeMarco recalled him saying, "and it just happened." ------------------------------ Date: Mon, 18 Aug 2003 10:43:40 +0200 From: "H.L.Hausen" Subject: Of course, it couldn't happen again!/The Road to Vulnerability Some years ago I visited the Darlington PowerPlant in Ontario and I was surprised that the Power Grid Control System of the Niagara-Mohawk power grid did not include a "25% safety reserve" as usual. The software engineers there told me that the software has been proven to be safe and reliable and so that sort of traditional risk prevention was not necessary. Is it that sometimes software engineers don't like to listen to traditional engineering professionals? Wasn't there a problem with the Darlington control software some time ago? I assume a deeper investigation into the Grid Control is necessary. [For previous RISKS items on Darlington, see RISKS-9.64, 11.08, 11.12, 11.96, 12.49, 15.13, 15.59, 15.81, 17.47. PGN] ------------------------------ Date: Wed, 20 Aug 2003 09:47:51 -0500 From: "Peter G. Neumann" Subject: Tampa Police disband face-recognition software The Tampa Police Department has eliminated the facial-recognition software hooked up to cameras scanning crowds in public places in Ybor City, after two years, with zero arrests and zero positive identifications, with a database of 30,000 mug shots of criminals and runaway children. [Source: *Tampa Tribune*, 20 Aug 2003] http://www.tampatribune.com/MGA0TF0TKJD.html ------------------------------ Date: Sun, 17 Aug 2003 19:52:21 GMT From: Ben Moore Subject: Botched 911 call led to man's death A 911 dispatcher in Buncome County, North Carolina, clicked on a box to transfer the house address of a caller into the Computer Aided Dispatch system. But that system, installed in March 2003, did not yet have information on all Buncombe County roads, and suggested an incorrect alternative (Briarcliff Drive, instead of Lane, in West Asheville), which the dispatcher accepted. As a result, the paramedics were significantly delayed and the self-inflicted victim died. Attempts are now being made to complete the database. [Source: article by Tonya Maxwell, 15 Aug 2003, *Citizen-Times*; PGN-ed] http://cgi.citizen-times.com/cgi-bin/story/40174 ------------------------------ Date: Mon, 18 Aug 2003 10:29:45 +0100 From: Martin Ward Subject: Blackout: definitely not terrorists! Did anyone else notice this? All the early reports about the blackout said that they had *no* idea of the cause, or even in which country it originated (with Canada and the USA both pointing the finger at each other). But officials are absolutely certain that it was *not* caused by terrorist activity. Some reports were slightly more honest in saying that "we have no evidence of terrorist activity": not surprising since they had no evidence of *any* cause whatsoever. If "no evidence of terrorist activity" is the same as "definitely no terrorist activity", then the blackout definitely did not occur (because there is no evidence of *any* cause). Any actual loss of electricity you appear to observe is therefore merely the result of a deranged imagination... Martin.Ward@durham.ac.uk http://www.cse.dmu.ac.uk/~mward/ ------------------------------ Date: Sat, 16 Aug 2003 07:45:14 -0400 From: "Peter G. Neumann" Subject: Robert X. Cringely on India, outsourcing, and IT productivity Those of you interested in problems associated with outsourcing might be interested in this article: May the Source Be With You: IT Productivity Doesn't Have to Be an Oxymoron, but Outsourcing Isn't the Way to Achieve It, by Robert X. Cringely http://www.pbs.org/cringely/pulpit/pulpit20030814.html Cringely has a fascinating Web site. He also invites you at that URL to send this article to others, but I thought my including it in its entirety in a RISKS issue would be a little excessive, so I am merely posting the URL here. ------------------------------ Date: Wed, 20 Aug 2003 19:00:04 -0400 (EDT) From: danny burstein Subject: Lots of railroad traffic affected by so-big Computer Virus Strikes CSX Transportation Computers Freight and Commuter Service Affected, 20 Aug 2003 CSX Transportation's (CSXT) information technology systems experienced significant slowdowns early today after a computer virus infected the network. The cause was believed to be a worm virus similar to those that have infected the systems of other major companies and agencies in recent days. The infection resulted in a slowdown of major applications, including dispatching and signal systems. As a result, passenger and freight train traffic was halted immediately, including the morning commuter train service in the metropolitan Washington, D.C., area. Contrary to initial reports, the signal system for train operations was not the source of the problem. Rather, the virus disrupted the CSXT telecommunications network upon which certain systems rely, including signal, dispatching and other operating systems. [...] http://www.csx.com/?fuseaction=company.news_detail&i=45722&news_year=-1 ------------------------------ Date: Tue, 19 Aug 2003 14:49:35 PDT From: "Peter G. Neumann" Subject: Increase in bounces from forgeries due to virus Incidentally, the number of bounces from messages sent with forged FROM: addresses (appearing to come from me and various others of you who are remarking thereupon) seems to have taken a huge quantum leap in the past few days. I'm suddenly getting even more bounces than usual, due to the new W32.Sobig.F virus. My regrets if you are getting any such forged e-mail. However, it is not coming from my mailer, because I do not use *any* Microsoft software. Just look at the last RECEIVED: line (unless your stupid mailer hides it!). Typical subject lines include these: Re: Details Re: Approved Re: Re: My details Re: Thank you! Re: That movie Re: Wicked screensaver Re: Your application Thank you! Your details and attachments such as: application.zip details.zip document_....zip movie....zip thank_you.zip your_details.zip your_document.zip wicked_scr.zip You can read more about this virus online at: http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.f@mm.html ------------------------------ Date: Thu, 21 Aug 2003 11:05:42 -0800 From: Rob Slade Subject: Sobig.F Sobig load is increasing: over the past 15 hours I've received 52 copies in my inbox, up from yesterday's 47 in 20 hours (and, as previously noted, well exceeding the previous record for Klez at its height). (On the slightly bright side, spammers seem to have been affected: other spam seems slightly down today :-) As noted, Sobig uses its own SMTP engine, and spoofs both the From and Return-Path headers on a random basis, so that is no indication. However, the message body is always "Please see the attached file for details." so that is a reliable indicator. In addition, I've had a look at more headers, and the following two seem to appear in every copy I've received: X-MailScanner: Found to be clean X-Mailer: Microsoft Outlook Express 6.00.2600.0000 *PLEASE* spread the word: DO NOT OPEN ATTACHMENTS. If in doubt, don't. Sobig uses no special technology beyond this rather simplistic social engineering. (Can anyone tell me: is there any content scanner lazy enough to be bypassed by the X-MailScanner header?) http://www.sophos.com/virusinfo/analyses/w32sobigf.html http://www.f-secure.com/v-descs/sobig_f.shtml rslade@vcn.bc.ca slade@victoria.tc.ca rslade@sun.soci.niu.edu http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade ------------------------------ Date: Thu, 21 Aug 2003 13:57:21 -0500 From: griffith@dweeb.org (Jim Griffith) Subject: Sobig side effects Unlike Blaster and other past worms and viruses, the rec.humor.funny moderating addresses have been hammered by the Sobig worm. In the past 48 hours, I've seen some 3500 worm-related e-mail messages sent to the three or four moderating addresses that I use, resulting in a DOS of e-mail and submission processing. As this worm does the "send the worm out as if from someone else" trick, and as the RHF addresses have been around for years, the worm is apparently masquerading as coming from me in a lot of instances, despite the fact that the RHF machines run LINUX and are immune to it. So a fair number of the worm-related pieces of e-mail are mail bounces and quarantine messages generated by other sites' anti-virus software. Most annoying is that some of the addresses targeted by the worm are mailing list subscription addresses. While many of them are smart enough to either look for keywords like SUBSCRIBE or require confirmation, some of them are not. As a result, I find that the RHF-related addresses are now subscribed to mailing lists devoted to jokes, religious and political topics, and one which discusses issues important to Raelians. I've also found that I've apparently opened customer support tickets with any number of companies as well. It's disappointing that despite the surge in e-mail viruses in past years, many systems still allow actions to be triggered by a single e-mail, with no outside confirmation required. ------------------------------ Date: Tue, 19 Aug 2003 14:07:14 -0700 From: Mike Hogsett Subject: Firewall reject rates The following are the file sizes for our compressed daily firewall logs. There are a few interesting dates. The spike for 26 Jan 2003 is the SQL Slammer worm. The increase in early March is an exploit for port 445 on MS products. Finally the major spike on Aug 12 is Blaster. So, we have gone from about 2Mbytes/day of compressed log data at the beginning of the year to about 20Mbytes/day now. There is no end in sight. [There is no site to end. PGN] 1-Jan-2003 2M ** 2-Jan-2003 2M ** 3-Jan-2003 2M ** 4-Jan-2003 3M *** 5-Jan-2003 1M * 6-Jan-2003 2M ** 7-Jan-2003 2M ** 8-Jan-2003 3M *** 9-Jan-2003 3M *** 10-Jan-2003 3M *** 11-Jan-2003 3M *** 12-Jan-2003 3M *** 13-Jan-2003 3M *** 14-Jan-2003 3M *** 15-Jan-2003 3M *** 16-Jan-2003 3M *** 17-Jan-2003 2M ** 18-Jan-2003 3M *** 19-Jan-2003 3M *** 20-Jan-2003 3M *** 21-Jan-2003 2M ** 22-Jan-2003 2M ** 23-Jan-2003 3M *** 24-Jan-2003 3M *** 25-Jan-2003 9M ********* 26-Jan-2003 24M ************************ 27-Jan-2003 8M ******** 28-Jan-2003 5M ***** 29-Jan-2003 4M **** 30-Jan-2003 3M *** 31-Jan-2003 2M ** 1-Feb-2003 3M *** 2-Feb-2003 3M *** 3-Feb-2003 2M ** 4-Feb-2003 3M *** 5-Feb-2003 2M ** 6-Feb-2003 3M *** 7-Feb-2003 3M *** 8-Feb-2003 4M **** 9-Feb-2003 3M *** 10-Feb-2003 4M **** 11-Feb-2003 3M *** 12-Feb-2003 3M *** 13-Feb-2003 3M *** 14-Feb-2003 3M *** 15-Feb-2003 3M *** 16-Feb-2003 3M *** 17-Feb-2003 3M *** 18-Feb-2003 3M *** 19-Feb-2003 3M *** 20-Feb-2003 3M *** 21-Feb-2003 2M ** 22-Feb-2003 3M *** 23-Feb-2003 3M *** 24-Feb-2003 3M *** 25-Feb-2003 3M *** 26-Feb-2003 4M **** 27-Feb-2003 3M *** 28-Feb-2003 3M *** 1-Mar-2003 3M *** 2-Mar-2003 2M ** 3-Mar-2003 3M *** 4-Mar-2003 4M **** 5-Mar-2003 4M **** 6-Mar-2003 4M **** 7-Mar-2003 5M ***** 8-Mar-2003 6M ****** 9-Mar-2003 11M *********** 10-Mar-2003 12M ************ 11-Mar-2003 11M *********** 12-Mar-2003 10M ********** 13-Mar-2003 11M *********** 14-Mar-2003 12M ************ 15-Mar-2003 10M ********** 16-Mar-2003 10M ********** 17-Mar-2003 9M ********* 18-Mar-2003 9M ********* 19-Mar-2003 10M ********** 20-Mar-2003 11M *********** 21-Mar-2003 12M ************ 22-Mar-2003 10M ********** 23-Mar-2003 11M *********** 24-Mar-2003 6M ****** 25-Mar-2003 10M ********** 26-Mar-2003 10M ********** 27-Mar-2003 10M ********** 28-Mar-2003 12M ************ 29-Mar-2003 11M *********** 30-Mar-2003 10M ********** 31-Mar-2003 9M ********* 1-Apr-2003 12M ************ 2-Apr-2003 13M ************* 3-Apr-2003 11M *********** 4-Apr-2003 10M ********** 5-Apr-2003 10M ********** 6-Apr-2003 13M ************* 7-Apr-2003 9M ********* 8-Apr-2003 11M *********** 9-Apr-2003 11M *********** 10-Apr-2003 11M *********** 11-Apr-2003 11M *********** 12-Apr-2003 12M ************ 13-Apr-2003 12M ************ 14-Apr-2003 11M *********** 15-Apr-2003 12M ************ 16-Apr-2003 12M ************ 17-Apr-2003 10M ********** 18-Apr-2003 11M *********** 19-Apr-2003 11M *********** 20-Apr-2003 10M ********** 21-Apr-2003 10M ********** 22-Apr-2003 11M *********** 23-Apr-2003 13M ************* 24-Apr-2003 13M ************* 25-Apr-2003 13M ************* 26-Apr-2003 12M ************ 27-Apr-2003 10M ********** 28-Apr-2003 11M *********** 29-Apr-2003 15M *************** 30-Apr-2003 11M *********** 1-May-2003 11M *********** 2-May-2003 10M ********** 3-May-2003 11M *********** 4-May-2003 10M ********** 5-May-2003 9M ********* 6-May-2003 12M ************ 7-May-2003 11M *********** 8-May-2003 10M ********** 9-May-2003 9M ********* 10-May-2003 10M ********** 11-May-2003 9M ********* 12-May-2003 9M ********* 13-May-2003 13M ************* 14-May-2003 10M ********** 15-May-2003 10M ********** 16-May-2003 10M ********** 17-May-2003 11M *********** 18-May-2003 9M ********* 19-May-2003 10M ********** 20-May-2003 10M ********** 21-May-2003 11M *********** 22-May-2003 9M ********* 23-May-2003 10M ********** 24-May-2003 12M ************ 25-May-2003 10M ********** 26-May-2003 11M *********** 27-May-2003 10M ********** 28-May-2003 13M ************* 29-May-2003 10M ********** 30-May-2003 11M *********** 31-May-2003 10M ********** 1-Jun-2003 7M ******* 2-Jun-2003 8M ******** 3-Jun-2003 11M *********** 4-Jun-2003 10M ********** 5-Jun-2003 11M *********** 6-Jun-2003 10M ********** 7-Jun-2003 12M ************ 8-Jun-2003 12M ************ 9-Jun-2003 12M ************ 10-Jun-2003 14M ************** 11-Jun-2003 12M ************ 12-Jun-2003 13M ************* 13-Jun-2003 10M ********** 14-Jun-2003 11M *********** 15-Jun-2003 9M ********* 16-Jun-2003 10M ********** 17-Jun-2003 14M ************** 18-Jun-2003 13M ************* 19-Jun-2003 13M ************* 20-Jun-2003 11M *********** 21-Jun-2003 11M *********** 22-Jun-2003 9M ********* 23-Jun-2003 9M ********* 24-Jun-2003 11M *********** 25-Jun-2003 12M ************ 26-Jun-2003 10M ********** 27-Jun-2003 12M ************ 28-Jun-2003 14M ************** 29-Jun-2003 11M *********** 30-Jun-2003 10M ********** 1-Jul-2003 14M ************** 2-Jul-2003 9M ********* 3-Jul-2003 10M ********** 4-Jul-2003 11M *********** 5-Jul-2003 11M *********** 6-Jul-2003 8M ******** 7-Jul-2003 9M ********* 8-Jul-2003 14M ************** 9-Jul-2003 10M ********** 10-Jul-2003 8M ******** 11-Jul-2003 9M ********* 12-Jul-2003 10M ********** 13-Jul-2003 7M ******* 14-Jul-2003 8M ******** 15-Jul-2003 12M ************ 16-Jul-2003 10M ********** 17-Jul-2003 9M ********* 18-Jul-2003 10M ********** 19-Jul-2003 8M ******** 20-Jul-2003 9M ********* 21-Jul-2003 8M ******** 22-Jul-2003 11M *********** 23-Jul-2003 9M ********* 24-Jul-2003 8M ******** 25-Jul-2003 9M ********* 26-Jul-2003 8M ******** 27-Jul-2003 8M ******** 28-Jul-2003 7M ******* 29-Jul-2003 12M ************ 30-Jul-2003 9M ********* 31-Jul-2003 9M ********* 1-Aug-2003 9M ********* 2-Aug-2003 8M ******** 3-Aug-2003 7M ******* 4-Aug-2003 7M ******* 5-Aug-2003 11M *********** 6-Aug-2003 8M ******** 7-Aug-2003 7M ******* 8-Aug-2003 8M ******** 9-Aug-2003 6M ****** 10-Aug-2003 7M ******* 11-Aug-2003 7M ******* 12-Aug-2003 44M ******************************************** 13-Aug-2003 35M *********************************** 14-Aug-2003 24M ************************ 15-Aug-2003 20M ******************** 16-Aug-2003 15M *************** 17-Aug-2003 11M *********** 18-Aug-2003 12M ************ 19-Aug-2003 26M ************************** ------------------------------ Date: Mon, 18 Aug 2003 20:10:24 -0700 From: Jim Schindler Subject: "Good" Worm Fixes Infected Computers A new Internet worm emerged today that is designed to seek out and fix any computer that remains vulnerable to "Blaster," the worm that attacked more than 500,000 computers worldwide last week. The new worm scours the Internet for computers already infected with Blaster and deletes the "bad" worm, according to two anti-virus software vendors. The worm then fixes the computers with one of eight software patches developed by Microsoft Corp, and it uses infected computers as a base for searching the Internet for other vulnerable systems. Blaster and the new worm both target vulnerabilities in recent versions of Windows XP, Windows 2000 and Windows NT 4.0. Even though the new worm is "good," it can cause plenty of trouble for computer users ... Buried within the code of the new worm is the message: "I love my wife & baby :-) ~~ Welcome Chian ~~ Notice: 2004 will remove myself:-)~~ sorry." [From the titled article by Brian Krebs, *The Washington Post*, 18 Aug 2003] ------------------------------ Date: Wed, 20 Aug 2003 21:52:15 -0400 From: "Olivier Dagenais" Subject: Send PIF files in ZIP attachment to avoid virus detectors? With the recent rebirth of the Sobig virus/worm, I have found myself on the receiving end of many messages being bounced back, saying I reached accounts that do not exist, are over quota or that do not allow certain attachments to come through, such as in the following response: This message has been rejected because it has a potentially executable attachment "thank_you.pif" This form of attachment has been used by recent viruses or other malware. If you meant to send this file then please package it up as a zip file and resend it. The RISKS? How long until a virus sends itself in a ZIP file attachment, thereby bypassing traditional virus detection routines and people implicitly trusting said attachments and their contents? (doesn't most ZIP software make ZIPs transparent to the users, anyway?) Oh, and did I mention that the bounced message also included said "potentially executable attachment"? What a great virus re-distribution mechanism! (IIRC) PIF files were the precursors to shortcuts and never were meant to contain executable code, so why EVER trust them as executable code? (although banning them is a risk in itself, if some unfortunate soul were to write a program to manage, say, personal information files...) ------------------------------ Date: Wed, 20 Aug 2003 09:16:15 -0700 From: "NewsScan" Subject: Do-Not-Spam list effort will be futile Federal Trade Commission Chairman Timothy Muris says that even if efforts in Congress to establish a "do-not-spam" list succeed, that won't fix the problem of unwanted junk mail. "If such a list were established, I'd advise customers not to waste their time and effort. Most spam is already so clearly illegitimate that the senders are no more likely to comply with new regulations than with the laws they now ignore." The drive toward setting up a "do-not-spam" list has picked up steam following the popularity of the FTC's recently established "do-not-call" registry for people who want to stop telemarketing calls. Muris says the magnitude of the problem and the fact that "spammers can easily hide their identities and cross international borders," makes government regulation extremely difficult. "In the end, spam will be reduced, if at all, through several technological improvements, as well as safer computing practices by others." [AP 19 Aug 2003; NewsScan Daily, 20 August 2003] http://apnews.excite.com/article/20030819/D7T1A63G3.html ------------------------------ Date: Sun, 17 Aug 2003 12:30:24 -0700 From: Gene Wirchenko Subject: The Risks of Miniaturisation I recently lost some very useful data. It was on a USB memory stick. As far as I can tell, I forgot to remove the itty-bitty memory stick before leaving a college workstation. I did get the memory stick back, but it occurred to me how very unlikely I would be to forget with something bigger. I now attach the memory stick to my pants with the cord that came with it. ------------------------------ Date: Tue, 19 Aug 03 21:42:04 +1200 From: Don Mackie Subject: Update on NZ payphone failures (RISKS-22.86) Some more details in the story at: http://www.nzherald.co.nz/storydisplay.cfm ?storyID=3518759&thesection=business&thesubsection=technology I had never heard of The Centre for Critical Infrastructure Protection before. I work in health and am involved in some disaster preparedness committees. Probably my own fault for not asking. They seem to be more interested in information systems infrastructure than water/power. Don Mackie [Error in Subject line in RISKS-22.86 is corrected in archives. PGN] ------------------------------ Date: Wed, 20 Aug 2003 12:54:48 -0400 From: agreene@pageflexinc.com (Andrew Greene) Subject: Out of context numbers: It wasn't quite THAT bad... PGN's summary in RISKS-22.85 included the sentence: "At least 50 million people were affected." But according to *The New York Times* ("How Many in the Dark? Evidently Not 50 Million" by Mike McIntire, 17 Aug 2003, currently at http://www.nytimes.com/2003/08/17/nyregion/17NUMB.html), that number was actually the total population of the overall geographical areas served by utility companies that were affected, and could be taken as a hard upper limit on the number of customers affected. However, the number was lifted out of context and then got exaggerated by politicians and news reporters looking to make a big story sound even more impressive: "Approximately 61,800 megawatts of customer load was lost in an area that covers 50 million people. ... We cannot say with precision how many customers were affected at this time." [...] For instance, in the New York region, where approximately 18 million people live, nearly 20 percent of the available electricity remained on, according to the New York Independent System Operator, which monitors electrical usage. [Andrew, Just because someone was not out of power does not mean that person was not affected. But you are quite correct. The quoted 50 million number was erroneously qualified. TNX. PGN] ------------------------------ Date: 30 May 2003 (LAST-MODIFIED) From: RISKS-request@csl.sri.com Subject: Abridged info on RISKS (comp.risks) The RISKS Forum is a MODERATED digest. Its Usenet equivalent is comp.risks. => SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) if possible and convenient for you. Alternatively, via majordomo, send e-mail requests to with one-line body subscribe [OR unsubscribe] which requires your ANSWERing confirmation to majordomo@CSL.sri.com . If Majordomo balks when you send your accept, please forward to risks. [If E-mail address differs from FROM: subscribe "other-address " ; this requires PGN's intervention -- but hinders spamming subscriptions, etc.] Lower-case only in address may get around a confirmation match glitch. INFO [for unabridged version of RISKS information] There seems to be an occasional glitch in the confirmation process, in which case send mail to RISKS with a suitable SUBJECT and we'll do it manually. .UK users should contact . => SPAM challenge-responses will not be honored. Instead, use an alternative address from which you NEVER send mail! => The INFO file (submissions, default disclaimers, archive sites, copyright policy, PRIVACY digests, etc.) is also obtainable from http://www.CSL.sri.com/risksinfo.html ftp://www.CSL.sri.com/pub/risks.info The full info file will appear now and then in future issues. *** All contributors are assumed to have read the full info file for guidelines. *** => SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line. => ARCHIVES: http://www.sri.com/risks http://www.risks.org redirects you to the Lindsay Marshall's Newcastle archive http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue] Lindsay has also added to the Newcastle catless site a palmtop version of the most recent RISKS issue and a WAP version that works for many but not all telephones: http://catless.ncl.ac.uk/w/r http://the.wiretapped.net/security/info/textfiles/risks-digest/ . http://www.planetmirror.com/pub/risks/ ftp://ftp.planetmirror.com/pub/risks/ ==> PGN's comprehensive historical Illustrative Risks summary of one liners: http://www.csl.sri.com/illustrative.html for browsing, http://www.csl.sri.com/illustrative.pdf or .ps for printing ------------------------------ End of RISKS-FORUM Digest 22.87 ************************