The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 13 Issue 68

Thursday 23 July 1992

Contents

o Telco problem with Garth Brooks concert ticket sales proves fatal
Art Corcoran
o Re: 911 call lands caller in jail
SATRE
o Re: A computer as a criminal tool
Jonathan A. Marshall
o The onus of correcting databases
Henry G. Baker via PGN
o Crypto systems -- less is more
Chaz Heritage
o Re: BBS Pornography
Chuck Stern
Art Corcoran
o Re: Bellcore threatens 2600
Mel Beckman
o 2600 reply to Bellcore lawsuit threat
Emmanuel Goldstein
o Re: Technology and leading employees: another example
Clifford Johnson
o Re: Nuclear reactor control
Tom Ohlendorf
o Info on RISKS (comp.risks)

Telco problem with Garth Brooks concert ticket sales proves fatal

Art Corcoran <corcoran@tusun2.mcs.utulsa.edu>
Thu, 23 Jul 1992 16:36:46 -0500
Our local (Tulsa, OK) television news reported today about how a telco problem
proved fatal.  A retired Doctor [Homer Hardy] tried to call 911 when his wife
[Phyllis Joan Love Hardy, 67] started having a heart attack.  His 7-8 attempts
always resulted in a busy signal.  He finally dialed 0 for the operator, but
when the ambulance arrived, his wife was already dead.  It seems the telco was
overloaded with over 320,000 calls in one hour by persons trying to buy tickets
to a concert by country musician, Garth Brooks.

One of the persons in the story commented, "I guess Garth Brooks tickets are
more important than 911 service."

Art Corcoran, University of Tulsa, corcoran@tusun2.mcs.utulsa.edu

  [Also noted by Phil Karn <karn@thumper.bellcore.com>.  An AP story noted
  that the number of calls exceeded the previous record for Tulsa BY A FACTOR
  OF TWO.  Promoters sold out 23,000 tickets within three hours in Tulsa and
  Oklahoma City to two Brooks' concerts.  Now they will have to do
  Garthroscopic surgery on the phone system.  PGN]


Re: 911 call lands caller in jail (Beckman, RISKS-13.66)

RGB Technology/703-556-0667 <SATRE@cisco.nosc.mil>
Mon, 20 Jul 1992 06:35 PDT
Mel Beckman reports that "CA resident Helene Golemon called 911 to report
(twice) a loud teenage street party in the wee hours."  The risk being
identified is the police looking up the resident's criminal record.  How about
the much more serious risk of tying up 911 with a non-life threatening call?


Re: A computer as a criminal tool (Junger, RISKS-13.67)

Jonathan A. Marshall <marshall@cs.unc.edu>
Thu, 23 Jul 92 11:27:42 -0400
Would it be safe to assume that the 15-year-old had his parents' permission to
participate in the sting and access the adult files?  His parents might have
known that he could encounter adult pictures during the sting.  If so, then
perhaps their permission means that no crime actually occurred during the
sting, and the case could be thrown out.

--Jonathan A. Marshall, Computer Science, UNC-Chapel Hill, marshall@cs.unc.edu


The onus of correcting databases (From Henry G. Baker)

"Peter G. Neumann" <neumann@csl.sri.com>
Thu, 23 Jul 92 17:34:31 PDT
Here is an excerpt from a SnailMail letter from Henry G. Baker:

  I have recently been trying with only moderate success to correct my credit
file at the Equifax credit reporting organization based in Atlanta.  As you may
have seen on the news, they have settled with a number of states' attorneys
general over their sloppy data.
  After getting a copy of my report, and noticing a large number of entries
that looked suspiciously as if they belonged to someone else, and seeing one of
my previous addresses as ``25 Roycroft Dr.'' (I never lived on that street, nor
do I even know where it is), I asked Equifax to remove the entry.  The first
letter to Equifax didn't work, but a combination of a second letter from me and
one from my lawyer finally produced a correction to my file: I am now listed as
having previously lived on ``25 Cancel Dr.''!!
  By the way, Equifax also listed my marital status as ``single'', even though
it (correctly) listed my wife's name in the ``spouse'' section, along with her
(correct!) social security number.
  I think that I have now been sensitized to the problem of unfettered national
databases, and words like ``radicalized'' and ``click'' come to mind.  (Am I
dating myself?)
                           [I hope you are not dating yourself,
                           especially as you are married.  PGN]

Nimble Computer Corp., 16231 Meadow Ridge Way, Encino CA 91436, 818-501-4956


Crypto systems -- less is more

<chaz_heritage.wgc1@rx.xerox.com>
Thu, 23 Jul 1992 09:43:37 PDT
There has been much discussion recently on RISKS about the FBI's demands to be
allowed to tap phones, etc. and about the restrictions, proposed and
implemented, on the export from the USA of cryptological apparatus, whether
hardware or software.

If one wants - as a bank might - to encipher all of a large volume of
transmissions then this is certainly an important issue; the security and
'exportability' of systems like DES and RSA would clearly be mission-critical
in these circumstances.

However, the justification for these restrictive measures is said to be to
facilitate policing. It is said, for example that phone-taps are vital to the
'war on [untaxed] drugs', and encryption restrictions to the fight against
terrorism.

Any competent criminal or terrorist obliged to use his own telephone would
naturally expect it to be tapped, whatever Constitutional 'rights' he might
believe himself to have, and act accordingly; if he were obliged to send a
co-conspirator a note about their conspiracies then they would doubtless
arrange beforehand a secure cipher system.

The Foreign Office one-time pad system is said never to have been broken, and
those who know far more about cryptology than I do seem to think that it never
will be. It is easy to generate its key, and relatively easy to use it for
short messages. A simple modification of the system does not rely on the
physical transfer of key, eliminating the possibility of detection in transit.

The FBI therefore seem to have little chance of catching anyone competent,
since they will probably not intercept meaningful conversations between serious
crooks, and will be unable to break FO one-time pad cipher should the villains
choose to use it.

All they will do is hasten the natural selection of criminals and terrorists
until only those who are really professional (and therefore dangerous) will
still be in business, filling the prisons meanwhile with small fry and amateurs
who have, perhaps, been foolish enough to trust their telephones and their
expensive, but crippled, commercial cipher systems.

What, then, is the true purpose of demanding new phone-taps and restrictions on
encryption technology?

This for me is merely a matter of curiousity, since I am British, and therefore
prohibited by the criminal law from attempting to transmit any form of code or
secret writing (our spooks got this sorted out in the time of the *first* Queen
Elizabeth).
                                          Baffled, Chaz


Re: BBS Pornography (Cohen, RISKS-13.67)

Chuck Stern <chuck@novus.com>
Thu, 23 Jul 1992 09:52:14 -0400
This is in partial response to a posting by Mr David Cohen (bx953@cleveland.
freenet.edu) concerning the recent Akron-area BBS bust.

Put your money where your mouth is.  Not just Mr. Cohen, but anyone who thinks
that arrests of this sort are anything less than savory.  If you are an
attorney, donate some time to write an Amicus brief for the court, if such
things are allowed for criminal prosecutions.  Even better, if the miscarriage
of justice is so great that it makes you want to scream, donate some time to
help defend the case.  If you have some knowledge, share it with elected
officials who are making the laws without the benefit of technical expertise.

Remember that the government never willingly grants a right, or even a
privilege, to its citizens.  And in these days of the "War on Crime", we must
protect what rights we have.
                                      Chuck Stern  chuck@novus.com


Re: BBS Pornography (Cohen, RISKS-13.67)

Art Corcoran <corcoran@tusun2.mcs.utulsa.edu>
Thu, 23 Jul 1992 17:00:09 -0500
We have had at least two cases of BBS Porn here in Tulsa.  The local news even
had a three part "expose" on the subject last summer.  I attended a sysop
meeting at the time.  "People in the know" said (i.e., rumored) that the
sysop's computer equipment is impounded for over six months and that it is
often "dropped" or otherwise damaged by the authorities.

Computers cannot sue for "Police brutality".

In one of the cases, a woman was reading a message and called police when "foul
language was uncontrollably displayed on her screen".  (That is, she was
offended by the contents of the message.)

Art Corcoran, University of Tulsa, corcoran@tusun2.mcs.utulsa.edu


Re: Bellcore threatens 2600 (Goldstein, RISKS-13.67)

Mel Beckman <mbeckman@mbeckman.mbeckman.com>
Thu, 23 Jul 92 09:07:07 PST
As someone who has also been involved in of 2600's dubious reprints, I feel
reasonably qualified to respond. In the September 1987 issue, 2600 printed a
facsimile of an internal technical document I wrote while employed as an IBM
systems developer. The document explained how to decrypt password security on
the IBM S/36 (the encryption is trivial although not obvious). The document was
intended as a "worksheet" for accessing systems where the original "security
officer" (superuser) password has been lost or forgotten. With this article,
anybody could gain superuser access to a S/36. I still don't know how 2600 got
the thing, but my copyright (the series of technical notes is personally
copyrighted by me; not a work-for-hire) was stripped off (according to 2600,
before they received the document), although my name was still on the thing.

At the time of reprinting, I had left the original job and was working at
another company (NEWS 34-38 magazine, a technical journal covering the IBM
S/34/36/38 systems). I found out about the problem when a lawyer from IBM's
Rochester, MN development lab called me, quite irate, wanting to know why I had
publicized this document. The way 2600 presented my document -- with no
explanation how it was received -- it looked like I had submitted the thing for
publication!

The noise being made by IBM was causing all kinds of problems for me. My
current employer was concerned about possible adverse publicity accruing to one
of its regular authors and editors; the original firm doing IBM systems
programming was none too happy and let it be known that the problem was all
mine; my already tentative relationship with IBM's Rochester lab certainly
didn't improve (some relationships were definitely cut off by this incident)
and I had to spend a huge amount of time talking with everybody, including the
lawyers, trying to convince them I hadn't instigating the incident.

2600 was, in my opinion, irresponsible in printing something with a persons
name on it, without making any attempt to contact me (I'm in many online
directories, including nic & Compuserve). If they couldn't contact the author,
the ethical thing to do is not publish. 2600 apparently couldn't resists such a
"juicy" tidbit though, whatever the cost to somebody else.  As this was a
titled document -- and obviously part of a series -- 2600 reasonably could
deduce that somebody owned the thing and that permission should be obtained. At
that time, presumption of copyright wasn't a legal doctrine (although now,
thankfully, it is), however, 2600 should know that lack of a copyright notice
doesn't mean that the notice wasn't illegally removed. Their claim to be able
to publish the contents as a news item anyway is academic, as they published a
photographic facimile of my work.

I also thought 2600 should have withheld the document on the simple grounds
that public disclosure would put a good deal of small business systems at
exposure to attack. We all know that 2600 revels in making public information
that can compromise security, to the great embarassment of system manufacturers
(hopefully coercing mfrs into improving their products).  Somewhere, though, in
a democratic society, there is a line that separates mature activism from
juvenile vandalism. 2600 crossed that line in my situation.

I had little legal recourse against 2600, and the editor (at that time, Eric
Corley), insisted in phone discussions that I was greatly exaggerating my
problems. He never apologized, although I did get from him a promise to not
further publish anything with my name without permission.

I think there is a place for publications such as 2600 (I regularly pick up a
copy at Reiters Technical Books in Washington, DC), but 2600 goes over the line
periodically, as they did in my case and possibly in the Bellcore case at hand
(I haven't seen '91 winter issue). Since Emmanuel asked for comments on his
Bellcore lawyer letter, I figured some history from "one of us" could help
provide perspective. I consider myself a open-minded member of the Internet
community, on the CPSR/EFF side of privacy and information freedom issues, but
I nevertheless take exception to some of 2600's practices.

Mel Beckman, Beckman Software Engineering, 1201 Nilgai Place, Ventura, CA 93003
805-647-1641  mbeckman@mbeckman.com  Compuserve: 75226,2257   Fax: 805/647-3125

As background, following are the two letters exchanged by my magazine's attorneys
and Eric Corley.

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

April 15, 1988
Blah, blah & blah
Law Offices

Eric Corley, Editor/Publisher
Peter Kang, Office Manager
2600 MAGAZINE
Middle Island, NY

Dear Sirs:

I have been asked to contact you on behalf of Mel Beckman and his employer,
NEWS 34-38 magazine. It is my understanding that your publication, 2600
Magazine, for the month of September 1987, included the publication of
confidential memorandum written by Mr. Beckman while he was an employee of
another company. The name of the article was "Decrypting Password Security."

We do not know how the memorandum came into your possession, but its
unauthorized use may do serious damage to Mr. Beckman's reputation and to that
of his current employer. No determination has yet been made as to what steps
may be taken to protect the interests of Mr. Beckman and NEWS 34-38.  In the
meantime, demand is hereby made that you desist from any further unauthorized
use of any articles or documents produced by Mr. Beckman.

Please confirm in writing that you will comply with this demand.

Very truly yours,

  [attorney's signature]

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

May 31, 1988

Dear [attorney's name]

These are the facts as I know them regarding the acquisition by 2600 Magazine
of the article entitled "Decrypting Password Security" written by Mel Beckman.

In August of 1987 we received a copy of the article on a single sheet of paper.
There was no indication of a copyright or clues to the article being a
"confidential memorandum". No company name was evident and there was no
publication from which to ask permission for reprinting. The only
identification mark on the entire page was the name "Mel Beckman" which was
unknown to us.

Our magazine is in the habit of printing interesting and humorous pages from
telephone books, non-copyrighted manuals, and books that we happen to be
reviewing. We do not print personal memos or anything else that would invade
the privacy of any one person. Given the facts as they were presented to us at
the time we believe no wrongful action was taken on our part. I might also
point out that had we indeed managed to track down the author and been refused
permission to reprint the article, we would still be able to reveal the
contents as a news item, since the article had been leaked to us. But let us
not delude ourselves--the article was not all that earth-shattering.

We strongly doubt any harm will come to Mr. Beckman's reputation as a result of
this incident. Obviously some other person is responsible for sending the
article to us. Mr. Beckman cannot and should not be held accountable for
another person's actions.

You can rest assured that any future articles we may receive with Mr. Beckman's
name on them will not be reprinted in our magazine.

Sincerely,

Eric Corley, Editor, 2600 Magazine


2600 reply to Bellcore lawsuit threat

Emmanuel Goldstein <emmanuel@well.sf.ca.us>
Thu, 23 Jul 92 15:33:25 -0700
The following reply has been sent to Bellcore. Since we believe they have
received it by now, we are making it public.

Emmanuel Goldstein
Editor, 2600 Magazine
PO Box 752
Middle Island, NY 11953

July 20, 1992

Leonard Charles Suchyta
LCC 2E-311
290 W. Mt. Pleasant Avenue
Livingston, NJ 07039

Dear Mr. Suchyta:

We are sorry that the information published in the Winter 1991-92 issue of 2600
disturbs you. Since you do not specify which article you take exception to, we
must assume that you're referring to our revelation of built-in privacy holes
in the telephone infrastructure which appeared on Page 42. In that piece, we
quoted from an internal Bellcore memo as well as Bell Operating Company
documents. This is not the first time we have done this. It will not be the
last.

We recognize that it must be troubling to you when a journal like ours
publishes potentially embarrassing information of the sort described above. But
as journalists, we have a certain obligation that cannot be cast aside every
time a large and powerful entity gets annoyed. That obligation compels us to
report the facts as we know them to our readers, who have a keen interest in
this subject matter. If, as is often the case, documents, memoranda, and/or
bits of information in other forms are leaked to us, we have every right to
report on the contents therein. If you find fault with this logic, your
argument lies not with us, but with the general concept of a free press.

And, as a lawyer specializing in intellectual property law, you know that you
cannot in good faith claim that merely stamping "proprietary" or "secret" on a
document establishes that document as a trade secret or as proprietary
information. In the absence of a specific explanation to the contrary, we must
assume that information about the publicly supported telephone system and
infrastructure is of public importance, and that Bellcore will have difficulty
establishing in court that any information in our magazine can benefit
Bellcore's competitors, if indeed Bellcore has any competitors.

If in fact you choose to challenge our First Amendment rights to disseminate
important information about the telephone infrastructure, we will be compelled
to respond by seeking all legal remedies against you, which may include
sanctions provided for in Federal and state statutes and rules of civil
procedure. We will also be compelled to publicize your use of lawsuits and the
threat of legal action to harass and intimidate.

Sincerely, Emmanuel Goldstein


Re: Technology and leading employees: another example (Meyer, RISKS-13.67)

"Clifford Johnson" <Cliff@Forsythe.Stanford.EDU>
Thu, 23 Jul 92 16:24:51 PDT
> [Technological] advances will in face increase the lead that
>  the best people already had over the others.

In many (especially large) organizations, the presumption that the best have a
lead over their co-workers is untrue. Ever heard the parable of the
cave-dwellers putting out the eyes of the one who could see?


Re: Nuclear reactor control (Teasdale, Re: RISKS-13.67)

"Tom Ohlendorf - TSU Admin. DP, (410) 830-3642" <D7AP002@TOA.TOWSON.EDU>
Thu, 23 Jul 1992 08:45 EDT
My particular reply is to the statement:

> However, this does not help at all in cases where the reactor
> is running out of control but still producing steam and power, nor will it do
> any good if something has happened to prevent the reinsertion of the damper
> rods themselves...

While I am not even close to an expert in the nuclear power industry, I did
work for a firm that made security systems for nuclear power plants  and had an
opportunity to learn something about the operations of the industry.

Based on my acquired knowledge, the reason why operators and computer systems
monitor the reaction is to prevent a run-away reaction such as cited above. The
computer systems are sophisticated enough to be able to SCRAM (or drop the
control rods for those that don't know what SCRAMing is) the reactor when the
reaction goes out of control. The human monitors also have this control in case
the computer fails.

BTW, for you trivia buffs, SCRAM stands for Secondary Control Rod Axe Man. In
the days before all of the sophisticated control, a person would have to
physically cut the control rod cable with an axe when a reaction went run-away.

Tom Ohlendorf, Programmer/Analyst  INTERNET: D7AP002@TOA.TOWSON.EDU

Please report problems with the web pages to the maintainer

Top