Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
Senate 266 introduced by Mr. Biden (for himself and Mr. DeConcini) contains the following section: SEC. 2201. COOPERATION OF TELECOMMUNICATIONS PROVIDERS WITH LAW ENFORCEMENT It is the sense of Congress that providers of electronic communications services and manufacturers of electronic communications service equipment shall ensure that communications systems permit the government to obtain the plain text contents of voice, data, and other communications when appropriately authorized by law.
The referenced language requires that manufacturers build trap-doors into all cryptographic equipment and that providers of cconfidential channels reserve to themselves, their agents, and assigns the ability to read all traffic. Are there readers of this list that believe that it is possible for manufacturers of crypto gear to include such a mechanism and also to reserve its use to those "appropriately authorized by law" to employ it? Are there readers of this list who believe that providers of electronic communications services can reserve to themselves the ability to read all the traffic and still keep the traffic "confidential" in any meaningful sense? Is there anybody out there who would buy crypto gear or confidential services from vendors who were subject to such a law? David Kahn asserts that the sovereign always attempts to reserve the use of cryptography to himself. Nonetheless, if this language were to be enacted into law, it would represent a major departure. An earlier Senate went to great pains to assure itself that there were no trapdoors in the DES. Mr. Biden and Mr. DeConcini want to mandate them. The historical justification of such reservation has been "national security;" just when that justification begins to wane, Mr. Biden wants to use "law enforcement." Both justifications rest upon appeals to fear. In the United States the people, not the Congress, are sovereign; it should not be illegal for the people to have access tto communications that the government cannot read. We should be free from unreasonable search and seizure; we should be free from self-incrimination. The government already has powerful tools of investigation at its disposal; it has demonstrated precious little restraint in their use. Any assertion that all use of any such trap-doors would be only "when appropriately authorized by law" is absurd on its face. It is not humanly possible to construct a mechanism that could meet that requirement; any such mechanism would be subject to abuse. I suggest that you begin to stock up on crypto gear while you can still get it. Watch the progress of this law carefully. Begin to identify vendors across the pond. William Hugh Murray, Executive Consultant, Information System Security 21 Locust Avenue, Suite 2D, New Canaan, Connecticut 06840 203 966 4769
I noticed an interesting column by Joshua J. Kaufman on computers for lawyers in the March/April edition of The Washington Lawyer, the official journal of the District of Columbia Bar. The column began: On Second Thought "What do you expect from a $69 program?" were the last words said to me by the technical department at Isogon Corporation. The comment was made after its product NewSpace, a data compression utility (which I have reviewed favorably in the past), managed to destroy 1,400 files and 42 megabytes of my data. I spent over an hour on the phone with technicians trying to find a way to correct the problem--all to no avail. What happened to Kaufman is that he had been using NewSpace successfully to compress files on his hard disk. One night he started up the program, left work, and came back in the morning to discover that his computer had "frozen." When he rebooted, the "file allocation table" was damaged in a way that could not be recovered. Thus while his files were almost all fine, he could not retrieve them, despite the fact that he could list the files in his directory. The RISKS I see here are (1) relying on reviewers of software who use a product casually but who do not systematically test, and (2) producing software that can, without prior notice, leave your system in an unrecoverable state. For $69, perhaps Kaufman was entitled to a product that, even though possibly buggy, would be designed to fail safely. David G. Novick, Department of Computer Science and Engineering, Oregon Graduate Institute of Science and Technology, Beaverton, OR 97006-1999
With all the verbiage about whether Len Rose was a "hacker" and why he did
what he in fact did, everyone has had to work on ASSUMPTIONS. Well, it turns
out there's now some data: A press release from the US Attorney in Chicago,
posted to the Computer Underground Digest by Gene Spafford. I've extracted
one interesting portion concerning the famous "modified login.c" program:
In pleading guilty to the Chicago charges, Rose acknowledged that when
he distributed his trojan horse program to others he inserted several
warnings so that the potential users would be alerted to the fact that
they were in posession of proprietary AT&T information. In the text of
the program Rose advised that the source code originally came from
AT&T "so it's definitely not something you wish to get caught with."
and "Warning: This is AT&T proprietary source code. DO NOT get caught
with it." The text of the trojan horse program also stated:
Hacked by Terminus to enable stealing passwords.
This is obviously not a tool to be used for initial
system penetration, but instead will allow you to
collect passwords and accounts once it's been
installed. (I)deal for situations where you have a
one-shot opportunity for super user privileges..
This source code is not public domain..(so don't get
caught with it).
Rose admitted that "Terminus" was a name used by him in communications
with other computer users.
I can't imagine a clearer statement of an active interest in breaking into
systems, along with a reasonable explanation of how and when such code could
be effective. (BTW, back in the early 70's, some friends of mine and I dis-
covered that a newly-installed APL system still had no password, or a standard
password, set on its operator account. Because we had quick access to some
code that would let us to "trap" the resulting privileges, we were able to
continue to play God on that system for years - although the operator password
was changed within a day or two. "One-shot opportunities" DO occur.)
The only thing that will convince me, after reading this, that Rose was NOT an
active system breaker is a believable claim that either (a) this text was not
quoted correctly from the modified login.c source; or (b) Rose didn't write
the text, but was essentially forced by the admitted duress of his situation
to acknowledge it as his own.
— Jerry
The PBS Special "Living Against the Odds" showed some signs of statistics
abuse which were especially annoying for a special which is supposed to
enlighten the masses about this kind of thing. It is bad enought that this
king of abuse is the foundation of much of our current public policy
debates, but to see it emphasized like this: isn't there anything we can do?
2 examples:
The statistic they used to judge the risk of an activity was deaths per
100,000 participants. In other words, they said that 20 out of 100,000
people who climb rocks die while climbing rocks, and 20 out of 100,000
people who drive cars die while driving cars, so the two activities are
equally dangerous. This conclusion does not follow, for it does not
take into account the very likely possibility that people who climb
rocks spend a significantly different amount of time climbing rocks
than people who drive cars spend driving cars, over the course of a
lifetime. If the average rock climber spends 1,000 hours of his life
climbing rocks, and the average driver spends 10,000 hours driving,
then the mortality statistics suggest that rock climbing is 10 times as
dangerous.
One of the "experts" was shown saying (I quote from memory) "80% of people
surveyed think they are safer than average drivers. Obviously this can't
be true." Unfortunately for the expert, it can be true, and it wouldn't
surprise me if it *were* true. For a very simple example, take the case
where 80% of the people have exactly 1 accident every 2 years, and 20% of
the people have exactly 2 accidents every 2 years. The "average" driver
therefore has 0.6 accidents per year, and 80% of the drivers are better
than average, since they only have 0.5 accidents per year.
How can we survive as a democracy in a technological age when even the experts
can't understand the complexities of the data they are evaluating?
Jeremy Grodberg
Accepting the statements of "those who should know" without question is an old
problem. If my memory serves, one of the reasons given for the success of the
Communist Revolution in China was a belief on the part of the Chinese
population that written statements were "Truth"; leading them to believe the
propoganda posters without question.
I have seen the same factor at play with individuals who believe everything
they read in the paper, or hear on a TV news programs, or learn from their
friend, neighbor, or pastor. The FCC has been repeatedly hit by unfounded
petition drives of various sorts. Most of these problems have been well
documented as Urban Legends.
The computer related risk, like always, is in the speed and ease of
propagation. It is too easy to mail a copy of this "important" message to
hundreds of people, where it can sit in someone's mailbox until they decide to
pass it on.
There are two things that we can do as individuals:
1) Establish and use clearing houses for sensitive information.
Having the CERT validate and announce security problems will
help prevent the problem of people ignoring a security bug
in ftp because of too many previous false messages.
2) Identify your sources:
If all you have is hearsay, note it as such! If you have a
reference, list it. One of the most valuable features of the
RISKS digest is the fact that most of the posters identify
the sources of their information.
As long as people believe what they want to believe, be it the National
Enquirerer or alt.rumors, this will be a problem.
Bob Van Cleef, NASA Ames Research Center (415) 604-4366 vancleef@nas.nasa.gov
I'd like to point out that the woman who had her life upended by someone
stealing her identity probably would have been able to avoid this problem if
she had been a member of TRW Credentials service. Many of you usenet-folk love
to slam this TRW service, but in a case like this woman's, it may have saved
her all that trouble.
/eli
Oops, I forgot an important point. A big advantage of precincts is that you
pick precincts to recount at random, then verify the recount numbers against
the original counts for that precinct. If you start seeing discrepancies, then
you need to recount everything. Then, the recount actually tells you something
about the original count.
I also didn't say anything about pre- and post-election testing of the system,
yet another BIG AREA.
- Erik
erikn@tekcae.cax.tek.com (503)690-8350 690-9292[fax]
Herbison takes Richard Wexelblat to task for asking if a ballot-verification method is secure by stating: > [The method] *might* have been reasonable before you published it, but now > that you have provided the information needed to cook the vote and avoid > detection--just modify the electronic vote counter so it is accurate until > the ballot count is larger than 2% of the expected returns and does > anything it wants after that point. This argument is fallacious on two counts. One, it assumes that if Richard hadn't publicised the verification method, no one with ill intent would have known it. Any system security manager can tell you that those with ill intent are often the best-informed on system vulnerabilities. Security through obscurity just doesn't work. Two, it implicitly assumes that someone could be in a position to "modify the electronic vote counter" and yet not know the verification method. Highly unlikely, I'd say. [For the record, Richard Wexelblat is my father. That doesn't make Herbison's argument any less unreasonable.] --Alan Wexelblat, Bull Worldwide Information Systems, phone: (508)294-7485
> Consider the scenario for a moment and imagine, say, 10,000 kids in the
> audience actually do what they're told. You've got 10,000 phones dialing the
> same number simultaneously. How many of those calls do you think will
> actually get through?
In answer to your question, all 10,000 of them will get through. Sprint has a
service called "Mass Event 900/800" for doing exactly this. It can handle,
coincidentally, 10,000 calls simultaneously, and is offered to all their larger
800 and 900 customers. I've heard, but not been able to substantiate, that
AT&T has a similar service.
-Bill Woodcock, BMUG NetAdmin
Please report problems with the web pages to the maintainer