The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 13 Issue 10

Monday 3 February 1992

Contents

o Ballad of Silicon Slim
Cliff Stoll
o IRS quick refund by computer pays off -- like an errant slot machine
PGN
o Dutch crackers arrested
Wietse Venema via Cliff Stoll
o `Virus' in Lithuanian Atomic Power Plant
Debora Weber-Wulff
o ``All Bugs are Viruses''
Chuck Lins
o Supreme Court's mistaken fax
Clifford Johnson
o Lack of Integrity in the "real world"
Ted Lee
o Historical perspective on fault-tolerant architecture
Paul Eggert
o Re: Communication between ATC and pilot
Henry Spencer
o Re: Confusing Telephone System Overload Message
Bill Mahoney
Jay Schmidgall
Peter Desnoyers
o Re: Computer evidence is Hearsay
Ken Tindell
Robin Fairbairns
o Re: Warranties
Irving Chidsey
Charlie Mingo
o Info on RISKS (comp.risks)

Ballad of Silicon Slim

Cliff Stoll <stoll@ocf.Berkeley.EDU>
Mon, 3 Feb 92 00:53:37 -0800
Dr. Demento collects the weirder songs for his nationally syndicated show --
he's one of the best reasons to own a radio.  Last week's program featured The
Ballad of Silicon Slim, a country & western song by John Forster.

It's about a rootin-tootin, home computin' guy who breaks into Chase Manhattan
Bank and snags a penny from everyone's account.  This salami-slicing thief
makes millions, gets caught, tossed in jail, but is popped out by a computer.

It's a song praising the thief as being democratic (stealing equally from
everyone), and carries several dubious stereotypes (the best programmers break
into computers, outsiders are the biggest threat to banking systems,
skimming of bank accounts won't be noticed).

A ballad about a computing thief.  Had to happen sometime!

-Cliff Stoll     stoll@ocf.berkeley.edu


A few excerpts
(without permission of copyright holder; I'm trying to reach him)

In the dead of night he'd access each depositor's account
And from each of them he'd siphon off the teeniest amount.
And since no one ever noticed that there'd even been a crime
He stole forty million dollars -- a penny at a time!

Little Janet was only eight but she had her own account
And the seven dollars in it was to her a huge amount.
So the day that penny vanished one unhappy little tot
Screamed, "Hey, what happened to my penny?"
And the teller tried to tell her but could not.

Is your whole year's withholding getting to the government?
Have you figured out your FICA to the hundredth of a cent?
Though the average Joe don't even know how much his FICA was
Out there, somewhere, there's a software packin' buckeroo who does!


IRS quick refund by computer pays off -- like an errant slot machine

"Peter G. Neumann" <neumann@csl.sri.com>
Mon, 3 Feb 92 17:34:40 PST
If you were one of the 1.1 million people who filed a 1991 tax return
electronically between 10Jan1992 and 27Jan1992, you may have gotten a
notification that a refund was forthcoming even if one was not.  Apparently
during that period the IRS computer program ignored all back-tax debts, which
would otherwise have offset the refunds.  Relying on the refund notification,
lenders have been making loans that were (supposedly) secured by the expected
refunds.  No one knows yet how many such unsecure loans were actually granted.
[Source: San Francisco Chronicle, 3Feb1992, p.A3, from the Washington Post]


Dutch crackers arrested

Wietse Venema <wietse@wzv.win.tue.nl>
[missing, BUT BEFORE 3 Feb 92 01:03:32 -0800]
            reposted from alt.security and forwarded to Risks by Cliff Stoll
            <stoll@ocf.Berkeley.EDU>              [and lightly edited by PGN]

This is a revision of an earlier posting carrying the same title.  Any
inaccuracies are my own responsibility.

According to Dutch TV and newspaper reports, the Amsterdam police have arrested
two computer crackers and seized their equipment.  A press conference was held
on Friday 31st.  The two made a full confession.

The reports state that over the past four months, R.J.N., age 25, computing
science engineer, and H.W., age 21, c.s. student, installed so-called Trojan
horses on a computer system of the Amsterdam Free University, and used that
same system to break into computer systems in the US, Canada, and several
European countries.  According to a Dutch police spokesman, the two had no
intention to damage or to steal information, but were doing it `just for
kicks'.

Dutch law on computer crime is still in preparation. Apparently, the charges
are based on existing law: falsification (corrupting systems files in order to
get privileges), destruction of property (rendering a computer system
unusable), and fraud (using stolen passwords).

Both fidelio and wave were students at my faculty, so I know them personally.
The sad thing is, had the police been ready for this type of action a year
earlier, they would probably still be free.

Wietse Venema, dept. of Mathematics and Computing Science,
Eindhoven University of Technology, The Netherlands


`Virus' in Lithuanian Atomic Power Plant

Debora Weber-Wulff <weberwu@inf.fu-berlin.de>
Mon, 3 Feb 1992 07:40:17 GMT
"Berliner Zeitung", 3Feb1992 ([East] Berlin), translated by DWW.

"Sabotage fails - Virus in Power Plant Program for the Lithuanian Atomic Power
Plant in Ignalina vaccinated

Vilna/Moscow (dpa)

This past weekend an act of sabotage against the computer system for the atomic
power plant in Ignalina failed. A worker in the computer center of the plant
tried on Thursday to plant a virus in a program in the non-nuclear part of the
reactor, in order to cause disruption.

dpa learned on Saturday from Vilna that the man probably wanted to get money
from the reactor managers for repairing the damage he himself causes. The plant
engineers managed, however, to repair the damage themselves in a very short
time, according to information from the news agency ITAR-TASS, which is based
on information from the government press office in Lithuania. A warrant for the
arrest of the sabotager has been issued, and officials state that he will be
prosecuted.

The shutdown of one of the two reactors since Thursday has nothing whatsoever
to do with the attempted sabotage, said the deputy Lithuanian energy minister,
Saulus Kutas.  ["Wer das glaubt, wird seelig."   LOOSELY TRANSLATED AS "If you
believe that, you'll believe anything." dww]

[And goes on to explain about the tiny leak in the cooling system and how the
water is not radioactive, and there are no problems, and a team of Swedish
specialists looked at the reactor and found no big problems, but they do have a
list of 20 little things they want to look at, and the Swedish government is
going to pay for it all.]"

Debora Weber-Wulff, Institut fuer Informatik, Nestorstr. 8-9, D-W-1000 Berlin 31
       +49 30 89691 124                           dww@inf.fu-berlin.de


``All Bugs are Viruses''

"Chuck Lins" <chuck_lins2@gateway.qm.apple.com>
3 Feb 92 15:01:23 U
While having dinner I overheard two automobile mechanics discussing a problem
one had with one of the fancy automotive diagnostic systems. Apparently, any
attempt to 'take a measurement' caused a catastrophic failure in the system
(i.e., it 'crashed'). The cause was attributed to a `virus'. While to a
computing professional such rationale appears ludicrous, it is quite a logical
conclusion for the layperson.
                                        Chuck Lins, lins@apple.com


Supreme Court's mistaken fax

"Clifford Johnson" <Cliff@Forsythe.Stanford.EDU>
Mon, 3 Feb 92 12:03:51 PST
From a UPI press release:

The Supreme Court's decree topped a roller-coaster day for refugees waiting to
learn their fate. Earlier Friday, the clerk's office of the 11th Circuit issued
an order allowing the government to send the refugees back to Haiti. But 4 1/2
hours later, it said that order had been made by mistake.  ``It was a clerical
error,'' said Joyce Larkin, deputy clerk.  ``The order was erroneously issued.
The motion filed by the government to stay the injunctive order issued by Judge
Atkins remains pending before this court.'' Kembra Smith, motions attorney for
the 11th Circuit, said a facsimile message between judges apparently was sent
by mistake to the clerk's office, and the erroneous order was then issued.  ``I
think we got an erroneous fax today, directed between the judges.  It should
not have come here -- it should not have been released,'' Smith said.  She said
there had been no final decision by the court, and that it should not be
assumed that the court necessarily will issue an order similar to the one
issued in error.  ``They (the clerk's office) received a number of documents
after the office received that (erroneous fax),'' she said. ``A decision is
probably in the near future.  But there's no way to know that. Any time period
is totally speculative on my part.'' Smith said the mistake was unusual -- and
highly embarrassing to the court because of the magnitude of the case.  ``We're
aware that it's fairly outrageous,'' she said. ``Hopefully, this will never
happen again. Oh my God, especially in a case like this.''

  [I can only add that had this been a last-day death penalty case, the error
  could have caused an unjust killing -- 4.5 hours is a long enough delay, and
  in a case involving less people, the delay may have been much greater.  CJ]


Lack of Integrity in the "real world"

<TMPLee@DOCKMASTER.NCSC.MIL>
Mon, 3 Feb 92 16:19 EST
There's been a fair amount of writing lately that the "real world" needs
protection against loss of integrity, not loss of confidentiality.  I'm not
sure it even cares about that.  Last week I learned something about how
Hennepin County (where Minneapolis is located) handles important documents that
sort of bothers me.

I needed to get a certified copy of a power of attorney that we had filed with
the county's title registry a couple of years ago.  I walked into a 30' x 30'
room that had a clerk, a copying machine, a half dozen microfilm
readers/printers and maybe half the room filled with racks of microfilm.  A
quite visible sign at the entrance said something like "please have the clerk
retrieve printed documents; microfilm is self-service." Several lawyer-looking
people appeared in fact to have done that -- they were sitting in front of the
viewers just like one does at a public library.  Not wanting to wade through
the film I just gave the clerk the document number.  She went over to the
appropriate rack, got the film, and made a print of what I had asked for, which
she then duly certified with the date and embossed county seal as being a true
and accurate copy of the original that had been filed on such and such a date.

All true scam artists and system penetrators by now ought to be asking
themselves the question that came to my mind as I drove home.  After having
done a little reconnaissance to find out what kind of film was used, what would
have prevented me from going to view a film, pretend to re-file it, but
actually slip it in my pocket and remove it?  (I saw no signs of any alarms
like they have in stores.)  I could then take it to a lab and temporarily or
permanently replace any image of a document with the image of one I had forged
up on a laser printer.  I'd return, put it back in the files, and then ask for
a certified copy of the forged image.  (I'd pick either a very recent document
or a very old one so the chances of the film's being missed while it was being
doctored would be slight.)  I would think that if one could forge a
legally-certified power of attorney giving himself power over, say, the affairs
of the president of 3M, or perhaps, the deed to a downtown office building one
could make a lot of mischief and probably a lot of money.  (You'd have to be
careful, but the possibilities are, as they say, intriguing.)

(Two additional points to note: nowhere was I asked for identification,
although I did have to sign for the certified copy.  Also, the registrar does
NOT keep any originals -- all they have are the microfilm copies; we didn't
have the original of what I needed because that had in fact to be deposited at
a different state office.)


Historical perspective on fault-tolerant architecture

Paul Eggert <eggert@bi.twinsun.com>
Mon, 3 Feb 92 11:39:30 PST
I'd like to draw RISKS readers' attention to Daniel P Siewiorek's recent survey
of fault tolerant computer design:

   Daniel P Siewiorek, Architecture of Fault-Tolerant Computers: An
   Historical Perspective, Proceedings of the IEEE 79, 12 (Dec 1991), 1710-1734

Siewiorek proposes a 3D design space and classifies two dozen well known
systems ranging from the Univac I to the Galileo mission.  There's a wealth of
juicy tidbits with a broad historical perspective.  For example, I didn't know
that the Univac I contained more error detection circuitry than most
contemporary microprocessors -- the circuitry was essential because they
couldn't simulate the machine in advance!

Although I highly recommend the survey, I have two reservations.  First,
publication delays have dated it a bit -- e.g. surely the new CM-5 deserves a
place in Siewiorek's pantheon.  Also, there's a frustrating lack of coverage of
software fault tolerance, despite hints scattered throughout that software is a
big problem area.  Perhaps we'll have to wait for the book.


Re: Communication between ATC and pilot

<henry@zoo.toronto.edu>
Mon, 3 Feb 92 14:55:12 EST
> [direct message transmission from ATC to aircraft]
>  How the message was displayed: Headup display, voice, or another console
>  display

There was a piece in a recent Aviation Week (Jan 6, I think) on NASA
experiments with a digital data-transmission system.  The pilots who tried it
generally liked it, with reservations.  They wanted to see voice used during
high-workload times like landing approaches, because they didn't want to have
their heads down inside the cockpit reading a screen at such times.  For
communication at less busy times, though, they liked it a lot.  Messages
generally did not need repeating, which was needed for a significant fraction
of voice messages.  There was less room for misunderstanding, and more time to
think about complex messages.  Being able to scroll back and look at earlier
messages was something they liked very much.  They particularly liked digital
transmission and scrolling back to earlier messages for weather data, since
this gave them some sense of how weather was changing.

Henry Spencer at U of Toronto Zoology   henry@zoo.toronto.edu   utzoo!henry


Re: Confusing Telephone System Overload Message (McCulley, RISKS-13.09)

Bill Mahoney <billzy@odin.unomaha.edu>
Sun, 2 Feb 92 10:40:50 -0600
The Omaha World Herald reported that one problem with this level of calls is
that quite a number of them went to an 800 number in Minnesota either by
accident or because of other circumstances. The company in Minnesota is asking
(unsuccessfully) for CBS to repay them for the several thousand phone calls
that they received by accident, and is claiming that at least in some areas the
phone number shown on the TV special was their 800 number and not the one for
Call Interactive. CBS has decided that it should not have to pay for anyone
dialing a wrong number (good point) and denies that the number shown on
television was ever the incorrect one.
                                                  Bill Mahoney


Re: Confusing Telephone System Overload Message

Jay Schmidgall <shmdgljd+@rchland.ibm.com>
Mon, 3 Feb 1992 07:22:37 -0600 (CST)
... The owner of the store had been watching the SotU address and recognized
his 1-800 number as the one CBS gave.  He raced to the store only to find that
his answering machine tape was filled to capacity (approx 50 msgs).  He said
some of the messages were pleasant, but others contained language unfit to
print, apparently from frustrated viewers?  He estimated the calls had cost him
several hundred dollars in lost business. (No mention of any plans to sue CBS
for compensation. :)

CBS also had some comments but I don't recall what those were; typical
apologies for the screw-up and disbelief that it could occur come to mind,
though.  I don't recall any explanation being given for the screw-up.

In light of this article, I wonder how accurate CBS's numbers are:

> Shortly afterward, with the display showing about 125,000 calls
> processed, Dan Rather reported on the air that AT&T was estimating there
> had been about 7,000,000 call attempts!  Obviously their throughput was
> a little below the capacity requirements...

I can't seem to come up with an especially pithy RISK but perhaps our
moderator can.  To me, it seems either to be one of not very thorough
testing of the system (I mean, c'mon, couldn't someone have _dialed_ the
number before showing it to the entire nation) or perhaps a typical
transcription error, though as I said I don't recall any mention in the
article.
            -- jay


Survey bias by equipment failure (McCulley, RISKS-13.09)

Peter Desnoyers <peterd@merlin.dev.cdx.mot.com>
Mon, 3 Feb 92 11:54:04 -0500
A less obvious risk - although any phone-in survey is less than scientific, the
low call completion rate (1 in 70) could further bias the results. Consider
that the probability of success is probably strongly correlated with various
factors such as geographic location (e.g. due to blocking systems that allow
equal numbers of calls from areas with non-equal populations), population
density (rural/urban/suburban), or ownership of a repeat-dial phone.

With an extremely high call-blocking probability, it is easy to imagine that
these factors could result in a given population sub-group (e.g. residents of
New Hampshire and Maine*) being under- or over-represented in the sample by a
factor of two or more.
                Peter Desnoyers

* I especially find it hard to believe that no residents of New Hampshire - who
are supposed to live and breathe politics every 4 years, with a 70%
presidential primary turnout - would have gotten through in the first few
minutes if the blocking probability was uniform.


Re: Computer evidence is Hearsay (Stock, RISKS-13.09)

<ken@minster.york.ac.uk>
2 Feb 1992 13:55:39 GMT
>... However, the magistrates' courts which should deal with such cases are
>refusing to hear them, on the grounds that computer output is hearsay and
>therefore not acceptable as evidence.

It is a little more complex than this. The law regarding summoning non-payers
requires that the Council send a bill (of course) and a reminder before any
court action is possible. The computer evidence problem surrounds this. In the
UK proof of posting in the Royal Mail is _legally equivalent to proof of
delivery_ (a precedent was set in Victorian times - they had a better postal
service then*). Reams of computer printout are used to prove that bills and
reminders have been sent, but all RISKS readers know that just because a
computer prints out that a letter has been sent is no proof that is has. There
have been a lot of software errors with Poll Tax systems (See RISKS passim) and
I suspect that the Magistrates are so annoyed at having to deal with so many
computer errors that they threw the cases out, which has now set a legal
precedent.

Now, the Government has changed the law for the Poll Tax making computer
evidence legal. There are worrying aspects to making computer evidence legal:
does the Plaintiff have to prove that the computer system is accurate? Or is
it up to the Defendant to prove that it is full of errors? Will the accuracy
of computer evidence ever be questioned? This problem will open up a whole
can of worms in the English legal system, and I bet we will see
non-computerate ill-advised legislators making sweeping changes which will
create more problems than they solve. Sounds like a case for the EFF?

Ken Tindell               * I do not imply that the UK postal system is bad!

Computer Science Dept., York University, YO1 5DD UK  ..!mcsun!uknet!minster!ken
Internet: ken%minster.york.ac.uk@nsfnet-relay.ac.uk    Tel.: +44-904-433244


Re: Computer (poll tax) evidence is hearsay (Stock, RISKS-13.09)

Robin Fairbairns <robin.fairbairns@lsl.co.uk>
Mon, 03 Feb 1992 13:06:05 GMT
> [ Unfortunately I don't have a citable source for this as I no longer live
>   in the UK and so I rely on BBC Radio for this news. ]

I had been surprised that no-one else had posted about this matter, and had dug
out old newspapers: there were articles in `The Guardian' on Jan 16 and 17.

> [ Curiously, in the main criminal courts, computer evidence is acceptable as a
> result of specific legislation, but this legislation does not apply to the
> lower courts. The government has promised to end this anomaly. ]

Actually, the case is a _civil_ one (presumably because the government never
believed that the non-payment campaign would get off the ground).  The specific
legislation that Kevin talks about applies to Crown Courts and up for civil
cases (I don't know what the rules are about criminal cases).

If there were only small numbers of defaulters, the ruling would presumably not
be a problem: a council officer could attend the court for the (trivial) time
it takes a magistrate to make an order.  In fact, there were (until the ruling)
hundreds of defaulters being dealt with in every court.  All of this legal
activity (and interest charges on loans to cover uncollected tax) is adding
massively to the costs of administering local government.  The (Labour Party)
opposition has claimed that, on average, Poll Tax bills will go up by 50% in
the coming financial year.

The government's promise to end the anomaly has not taken the form of `rushing
legislation through'; the councils have complained that their collection
strategy is in a shambles until the new legislation is passed.


Re: Warranties (Hollombe, RISKS-13.08)

Irving Chidsey <chidsey@smoke.brl.mil>
30 Jan 92 13:47:18 GMT
    Jerry Hollombe questions the trend to selling things without
warranties.  Does not the commercial code require that all things offered for
sale be merchantable, unless the sellor limit this merchantability in some
explicit way?  That a program called Taxamatic-91 can be expected to compute my
1991 taxes correctly as long as I answer its questions correctly?  That the
sole purpose of a warranty is to limit the sellor's liability, and if there is
no warranty, there is no limit.  Therefore, if it is called Taxamatic, with no
91, and there is no mention of the year in the instructions, I have grounds for
suit if it doesn't work correctly for my 92 taxes, and my 93 taxes, etc..

    How can lack of a warranty be worse than one that says, more or less,
"The sellor makes no claim that this product is error free, will operate
correctly, or is merchantable."?
                                             Irv Chidsey


Re: The Absence of a Warranty (Gilham, RISKS-13.09)

Charlie Mingo <Charlie.Mingo@p0.f70.n109.z1.fidonet.org>
02 Feb 92 23:04:07
   Under the Uniform Commercial Code, there are implied warranties, but they
are much more limited than you suggest.

   The basic implied warrenty is that of "merchantability" [UCC 2-314];
that is, the product is good enough to:

  - pass without objection in the trade under the contract description; and

  - in the case of fungible goods, are of fair average quality; and

  - are fit for the ordinary purposes for which such goods are used; and

  - run, within any agreed variations, of even kind, quality and quantity
    within each unit and among all units involved; and

  - are adequately contained, packaged and labelled as the agreement may
    require; and

  - conform to the promises or affirmations of fact made on the container
    or label if any.

    There is also an "implied warranty of fitness for a particular purpose"
when the merchant selects the product for the buyer based on a description of
the intended purpose, and the buyer relys on the seller's skill and judgement.
[UCC 2-315]

    Neither of these warranties are perpetual; rather, they describe the
condition the product is expected to be in when delivered to the buyer.  The
buyer has four years from the date of delivery to file a claim against the
seller, regardless of when s/he becomes aware of the defect. [UCC 2-725]

Charlie Mingo        mingo@well.sf.ca.us    mingo@cup.portal.com
Charlie.Mingo@p4218.f70.n109.z1.fidonet.org

Please report problems with the web pages to the maintainer

Top