The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 14 Issue 59

Tuesday 11 May 1993


o Worst Computer Nightmare Contest
Shari Steele via Arthur R. McGee
o IFIP resolution on demeaning games
Richard Wexelblat
o Fake ATM Machine Steals PINs
o Teller Users Beware
o More on Census imposters invading Cary
George Entenman
o NIST Advisory Board Seeks Comments on Crypto
Clipper-Capstone Chip Info
o New NIST/NSA Revelations
Dave Banisar
o Info on RISKS (comp.risks)

Worst Computer Nightmare Contest (fwd)

"Arthur R. McGee" <>
Sat, 8 May 1993 08:44:37 -0700 (PDT)
  ---------- Forwarded message ----------
  Date: Fri, 7 May 1993 09:48:07 -0400
  From: (Shari)
  Subject: Worst Computer Nightmare Contest

  The San Diego Computer Fair '93 is looking for the most awful, woeful tale
  of "abuse suffered by a human at the hands of a computer."  The suffering
  human will win a weekend in beautiful San Diego to try and forget that
  horrible episode in his or her life. Send your 1,000 word submission to
  Computer Nightmare Contest, ComputerEdge Magazine, P.O. Box 83086, San Diego
  CA 92138.

IFIP resolution on demeaning games

Richard Wexelblat <>
Mon, 3 May 93 13:13:06 EDT
According to the "Newstrack" in CACM (2/93; p.13), IFIP has adopted a
resolution condemning the production, distribution, and use of computer games
that demean human beings and advocate malicious behavior by the players.  The
resolution points to the growth of brutal war games, sexist games, and games
based on themes of racial, ethnic, or religious hatred.  The document states:
"IFIP appeals to everybody worldwide to censure harmful games, to raise
awareness of the issues involved, and to support only computer games that
respect human dignity."

(Does anyone know the origin of the issue within IFIP or whether a more
complete description exists.)

    [I hope everyone catches de meaning.  PGN]

Fake ATM Machine Steals PINs

Tue, 11 May 93 10:52:57 -0400
Everyone knows you're supposed to be VERY careful about not revealing your PIN
number for your ATM card.  How are you supposed to stop this new trick???  At
the Buckland Hills Mall, in Manchester CT, last week, some scam artists
installed a fake ATM machine.  They had negotiated with the Mall officers,
pretending to be Bank officials, and had gotten permission.  Apparently, they
even got the phone company to come in and lay down some lines.  Then, they
installed an ATM machine they had stolen.

It was programmed to read off the account numbers, remember the PIN as it was
typed, then claim some kind of error and refuse to give out money.  They left
the machine in the mall for a WEEK, collecting PINs, then they came back, took
it machine back to "repair", and have since printed up new cards, and have
been using the PINs to siphon off money.....

Why didn't I think of that??

  [New trick?  This is one of the oldest scams going, but it still recurs. PGN]

Teller Users Beware

Mon, 10 May 93 12:52:56 PDT
Any of you that use an automated telephone transaction system to do your
banking (or to make balance inquiries, etc.) may be interested in an
experience I had today.

I dialed in and was connected to a session in progress that belonged to
another user (who probably hung up after receiving whatever information he/she
requested). I immediately transferred all their money into my
just kidding :) I would hate to think that might happen to me, especially
since some of these services allow you to move money around.

I would like to suggest to anyone using these type of services (including
voice-mail services) to back all the way out of the system before hanging up.
Some systems (like Aerospace voice-mail) allow you to disconnect via a
command, before hanging up, but many do not. My banking system does not allow
me to disconnect without hanging up, but it does allow me to back out of the
menus until I reach the main menu which prompts for user password before
proceeding. From now on I'm going to make sure I back out to that level before
hanging up.



   [Another old classic.  The TENEX undetected-hangup problem years ago had
   similar properties, leaving a dial-up port still active, waiting for the
   next dial-up to randomly stumble upon a logged-in user session.  PGN]

More on Census imposters invading Cary (RISKS-14.58)

George Entenman <>
Mon, 10 May 93 12:32:57 -0400
Saturday's News and Observer had a little article saying that the Census
workers in Cary might really have been working for the US Census Bureau.

   [But George's item does suggest that there is a problem anyway!  PGN]

NIST Advisory Board Seeks Comments on Crypto

Clipper-Capstone Chip Info <>
Tue, 11 May 93 13:42:18 EDT
Note: This file has been posted to the following groups:
      RISKS Forum, Privacy Forum, Sci.crypt, Alt.privacy.clipper

and will be made available for anonymous ftp from,
filename pub/nistgen/cryptmtg.txt and for download from the NIST
Computer Security BBS, 301-948-5717, filename cryptmtg.txt.

Note: The following notice is scheduled to appear in the Federal Register this
week.  The notice announces a meeting of the Computer System Security and
Privacy Advisory Board (established by the Computer Security Act of 1987) and
solicits public and industry comments on a wide range of cryptographic issues.
Please note that submissions due by 4:00 p.m. May 27, 1993.

                            DEPARTMENT OF COMMERCE
                National Institute of Standards and Technology

                          Announcing a Meeting of the

AGENCY:   National Institute of Standards and Technology

ACTION:   Notice of Open Meeting

SUMMARY: Pursuant to the Federal Advisory Committee Act, 5 U.S.C. App., notice
is hereby given that the Computer System Security and Privacy Advisory Board
will meet Wednesday, June 2, 1993, from 9:00 a.m. to 5:00 p.m., Thursday, June
3, 1993, from 9:00 a.m. to 5:00 p.m., and Friday, June 4, 1993 from 9:00 a.m.
to 1:00 p.m.  The Advisory Board was established by the Computer Security Act
of 1987 (P.L. 100-235) to advise the Secretary of Commerce and the Director of
NIST on security and privacy issues pertaining to Federal computer systems and
report its findings to the Secretary of Commerce, the Director of the Office
of Management and Budget, the Director of the National Security Agency, and
the appropriate committees of the Congress.  All sessions will be open to the

DATES: The meeting will be held on June 2-4 1993.  On June 2 and 3, 1993 the
meeting will take place from 9:00 a.m. to 5:00 p.m. and on June 4, 1993 from
9:00 a.m. to 1:00 p.m.

Public submissions (as described below) are due by 4:00 p.m.  (EDT) May 27,
1993 to allow for sufficient time for distribution to and review by Board

ADDRESS: The meeting will take place at the National Institute of Standards
and Technology, Gaithersburg, MD.  On June 2, 1993, the meeting will be held
in the Administration Building, "Red Auditorium," on June 3 the meeting will
be held in the Administration Building, "Green Auditorium," and on June 4,
1993 in the Administration Building, Lecture Room "B."

Submissions (as described below), including copyright waiver if required,
should be addressed to: Cryptographic Issue Statements, Computer System
Security and Privacy Advisory Board, Technology Building, Room B-154, National
Institute of Standards and Technology, Gaithersburg, MD, 20899 or via FAX to
301/948-1784.  Submissions, including copyright waiver if required, may also
be sent electronically to "".


- Welcome and Review of Meeting Agenda
- Government-developed "Key Escrow" Chip Announcement Review
- Discussion of Escrowed Cryptographic Key Technologies
- Review of Submitted Issue Papers
- Position Presentations & Discussion
- Public Participation
- Annual Report and Pending Business
- Close


This Advisory Board meeting will be devoted to the issue of the
Administration's recently announced government-developed "key escrow" chip
cryptographic technology and, more broadly, to public use of cryptography and
government cryptographic policies and regulations.  The Board has been asked
by NIST to obtain public comments on this matter for submission to NIST for
the national review that the Administration's has announced it will conduct of
cryptographic-related issues.  Therefore, the Board is interested in: 1)
obtaining public views and reactions to the government-developed "key escrow"
chip technology announcement, "key escrow" technology generally, and
government cryptographic policies and regulations 2) hearing selected
summaries of written views that have been submitted, and 3) conducting a
general discussion of these issues in public.

The Board solicits all interested parties to submit well-written,
concise issue papers, position statements, and background
materials on areas such as those listed below.  Industry input is
particularly encouraged in addressing the questions below.

Because of the volume of responses expected, submittors are asked to identify
the issues above to which their submission(s) are responsive.  Submittors
should be aware that copyrighted documents cannot be accepted unless a written
waiver is included concurrently with the submission to allow NIST to reproduce
the material.  Also, company proprietary information should not be included,
since submissions will be made publicly available.

This meeting specifically will not be a tutorial or briefing on technical
details of the government-developed "key escrow" chip or escrowed
cryptographic key technologies.  Those wishing to address the Board and/or
submit written position statements are requested to be thoroughly familiar
with the topic and to have concise, well-formulated opinions on its societal

Issues on which comments are sought include the following:


Public and Social policy aspects of the government-developed "key escrow" chip
and, more generally, escrowed key technology and government cryptographic

Issues involved in balancing various interests affected by government
cryptographic policies.


Consequences of the government-developed "key escrow" chip technology and,
more generally, key escrow technology and government cryptographic policies.


Issues and impacts of cryptographic-related statutes, regulations, and
standards, both national and international, upon individual privacy.

Issues related to the privacy impacts of the government-developed "key escrow"
chip and "key escrow" technology generally.


4.A  Industry Questions: U.S. Export Controls

4.A.1 Exports - General

What has been the impact on industry of past export controls on products with
password and data security features for voice or data?

Can such an impact, if any, be quantified in terms of lost export sales or
market share?  If yes, please provide that impact.

How many exports involving cryptographic products did you attempt over the
last five years?  How many were denied?  What reason was given for denial?

Can you provide documentation of sales of cryptographic equipment which were
lost to a foreign competitor, due solely to U.S.  Export Regulations.

What are the current market trends for the export sales of information
security devices implemented in hardware solutions?  For software solutions?

4.A.2  Exports - Software

If the U.S. software producers of mass market or general purpose software
(word processing, spreadsheets, operating environments, accounting, graphics,
etc.) are prohibited from exporting such packages with file encryption
capabilities, what foreign competitors in what countries are able and willing
to take foreign market share from U.S. producers by supplying file encryption

What is the impact on the export market share and dollar sales of the U.S.
software industry if a relatively inexpensive hardware solution for voice or
data encryption is available such as the government-developed "key escrow"

What has been the impact of U.S. export controls on COMPUTER UTILITIES
software packages such as Norton Utilities and PCTools?

What has been the impact of U.S. export controls on exporters of OTHER
SOFTWARE PACKAGES (e.g., word processing) containing file encryption

What information does industry have that Data Encryption Standard (DES) based
software programs are widely available abroad in software applications

4.A.3  Exports - Hardware

Measured in dollar sales, units, and transactions, what have been
the historic exports for:

            Standard telephone sets
            Cellular telephone sets
            Personal computers and work stations
            FAX machines
            Telephone switches

What are the projected export sales of these products if there is no change in
export control policy and if the government- developed "key escrow" chip is
not made available to industry?

What are the projected export sales of these products if the
government-developed "key escrow" chip is installed in the above products, the
above products are freely available at an additional price of no more than
$25.00, and the above products are exported WITHOUT ADDITIONAL LICENSING

What are the projected export sales of these products if the
government-developed "key escrow" chip is installed in the above products, the
above products are freely available at an additional price of no more than
$25.00, and the above products are to be exported WITH AN ITAR MUNITIONS
LICENSING REQUIREMENT for all destinations?

What are the projected export sales of these products if the
government-developed "key escrow" chip is installed in the above products, the
above products are freely available at an additional price of no more than
$25.00, and the above products are to be exported WITH A DEPARTMENT OF

4.A.4  Exports - Advanced Telecommunications

What has been the impact on industry of past export controls on other advanced
telecommunications products?

Can such an impact on the export of other advanced telecommunications
products, if any, be quantified in terms of lost export sales or market share?
If yes, provide that impact.

4.B  Industry Questions:  Foreign Import/Export Regulations

How do regulations of foreign countries affect the import and export of
products containing cryptographic functions?  Specific examples of countries
and regulations will prove useful.

4.C  Industry Questions: Customer Requirements for Cryptography

What are current and future customer requirements for information security by
function and industry?  For example, what are current and future customer
requirements for domestic banking, international banking, funds transfer
systems, automatic teller systems, payroll records, financial information,
business plans, competitive strategy plans, cost analyses, research and
development records, technology trade secrets, personal privacy for voice
communications, and so forth?  What might be good sources of such data?

What impact do U.S. Government mandated information security standards for
defense contracts have upon demands by other commercial users for information
security systems in the U.S.?  In foreign markets?

What threats are your product designed to protect against?  What threats do
you consider unaddressed?

What demand do you foresee for a) cryptographic only products, and b) products
incorporating cryptography in: 1) the domestic market, 2) in the foreign-only
market, and 3) in the global market?

4.D  Industry Questions:  Standards

If the European Community were to announce a non-DES, non-public key European
Community Encryption Standard (ECES), how would your company react?  Include
the new standard in product line?  Withdraw from the market?  Wait and see?

What are the impacts of government cryptographic standards on U.S. industry
(e.g., Federal Information Processing Standard 46-1 [the Data Encryption
Standard] and the proposed Digital Signature Standard)?


5.A  American Business:  Threats and Security Requirements

Describe, in detail, the threat(s), to which you are exposed and which you
believe cryptographic solutions can address.

Please provide actual incidents of U.S. business experiences with economic
espionage which could have been thwarted by applications of cryptographic

What are the relevant standards of care that businesses must apply to
safeguard information and what are the sources of those standards other than
Federal standards for government contractors?

What are U.S. business experiences with the use of cryptography to protect
against economic espionage, (including current and projected investment levels
in cryptographic products)?

5.B  American Business:  Use of Cryptography

Describe the types of cryptographic products now in use by your organization.
Describe the protection they provide (e.g., data encryption or data integrity
through digital signatures).  Please indicate how these products are being

Describe any problems you have encountered in finding, installing, operating,
importing, or exporting cryptographic devices.

Describe current and future uses of cryptographic technology to protect
commercial information (including types of information being protected and
against what threats).

Which factors in the list below inhibit your use of cryptographic products?

Please rank:

--    no need
--    no appropriate product on market
--    fear of interoperability problems
--    regulatory concerns
--       a) U.S. export laws
--       b) foreign country regulations
--       c) other
--    cost of equipment
--    cost of operation
--    other

Please comment on any of these factors.

In your opinion, what is the one most important unaddressed need involving
cryptographic technology?

Please provide your views on the adequacy of the government-developed "key
escrow" chip technological approach for the protection of all your
international voice and data communication requirements.  Comments on other
U.S. Government cryptographic standards?


Please describe any other impacts arising from Federal government
cryptographic policies and regulations.

Please describe any other impacts upon the Federal government in the
protection of unclassified computer systems.

Are there any other comments you wish to share?

The Board agenda will include a period of time, not to exceed ten hours, for
oral presentations of summaries of selected written statements submitted to
the Board by May 27, 1993.  As appropriate and to the extent possible,
speakers addressing the same topic will be grouped together.  Speakers,
prescheduled by the Secretariat and notified in advance, will be allotted
fifteen to thirty minutes to orally present their written statements.
Individuals and organizations submitting written materials are requested to
advise the Secretariat if they would be interested in orally summarizing their
materials for the Board at the meeting.

Another period of time, not to exceed one hour, will be reserved for oral
comments and questions from the public.  Each speaker will be allotted up to
five minutes; it will be necessary to strictly control the length of
presentations to maximize public participation and the number of

Except as provided for above, participation in the Board's discussions during
the meeting will be at the discretion of the Designated Federal Official.

Approximately thirty seats will be available for the public, including three
seats reserved for the media.  Seats will be available on a first-come,
first-served basis.

FOR FURTHER INFORMATION CONTACT: Mr. Lynn McNulty, Executive Secretary and
Associate Director for Computer Security, Computer Systems Laboratory,
National Institute of Standards and Technology, Building 225, Room B154,
Gaithersburg, Maryland 20899, telephone: (301) 975-3240.

SUPPLEMENTARY INFORMATION: Background information on the government-developed
"key escrow" chip proposal is available from the Board Secretariat; see
address in "for further information" section.  Also, information on the
government-developed "key escrow" chip is available electronically from the
NIST computer security bulletin board, phone 301-948-5717.

The Board intends to stress the public and social policy aspects, the legal
and Constitutional consequences of this technology, and the impacts upon
American business and industry during its meeting.

It is the Board's intention to create, as a product of this meeting, a
publicly available digest of the important points of discussion, conclusions
(if any) that might be reached, and an inventory of the policy issues that
need to be considered by the government.  Within the procedures described
above, public participation is encouraged and solicited.

Raymond G. Kammer, Acting Director

May 10, 1993

New NIST/NSA Revelations

Dave Banisar <>
Thu, 6 May 1993 19:24:06 EST
        Less than three weeks after the White House announced a controversial
initiative to secure the nation's electronic communications with
government-approved cryptography, newly released documents raise serious
questions about the process that gave rise to the administration's proposal.
The documents, released by the National Institute of Standards and Technology
(NIST) in response to a Freedom of Information Act lawsuit, suggest that the
super-secret National Security Agency (NSA) dominates the process of
establishing security standards for civilian computer systems in contravention
of the intent of legislation Congress enacted in 1987.

        The released material concerns the development of the Digital
Signature Standard (DSS), a cryptographic method for authenticating the
identity of the sender of an electronic communication and for authenticating
the integrity of the data in that communication.  NIST publicly proposed the
DSS in August 1991 and initially made no mention of any NSA role in developing
the standard, which was intended for use in unclassified, civilian
communications systems.  NIST finally conceded that NSA had, in fact,
developed the technology after Computer Professionals for Social
Responsibility (CPSR) filed suit against the agency for withholding relevant
documents.  The proposed DSS was widely criticized within the computer
industry for its perceived weak security and inferiority to an existing
authentication technology known as the RSA algorithm.  Many observers have
speculated that the RSA technique was disfavored by NSA because it was, in
fact, more secure than the NSA-proposed algorithm and because the RSA
technique could also be used to encrypt data very securely.

        The newly-disclosed documents -- released in heavily censored form at
the insistence of NSA -- suggest that NSA was not merely involved in the
development process, but dominated it.  NIST and NSA worked together on the
DSS through an intra-agency Technical Working Group (TWG).  The documents
suggest that the NIST-NSA relationship was contentious, with NSA insisting
upon secrecy throughout the deliberations.  A NIST report dated January 31,
1990, states that

     The members of the TWG acknowledged that the efforts
     expended to date in the determination of a public key
     algorithm which would be publicly known have not been
     successful.  It's increasingly evident that it is
     difficult, if not impossible, to reconcile the concerns
     and requirements of NSA, NIST and the general public
     through using this approach.

        The civilian agency's frustration is also apparent in a July 21, 1990,
memo from the NIST members of the TWG to NIST director John W. Lyons.  The
memo suggests that "national security" concerns hampered efforts to develop a

     THE NIST/NSA Technical Working Group (TWG) has held 18
     meetings over the past 13 months.  A part of every
     meeting has focused on the NIST intent to develop a
     Public Key Standard Algorithm Standard.  We are
     convinced that the TWG process has reached a point where
     continuing discussions of the public key issue will
     yield only marginal results.  Simply stated, we believe
     that over the past 13 months we have explored the
     technical and national security equity issues to the
     point where a decision is required on the future
     direction of digital signature standards.

An October 19, 1990, NIST memo discussing possible patent issues surrounding
DSS noted that those questions would need to be addressed "if we ever get our
NSA problem settled."

        Although much of the material remains classified and withheld from
disclosure, the "NSA problem" was apparently the intelligence agency's demand
that perceived "national security" considerations take precedence in the
development of the DSS.  From the outset, NSA cloaked the deliberations in
secrecy.  For instance, at the March 22, 1990, meeting of the TWG, NSA
representatives presented NIST with NSA's classified proposal for a DSS
algorithm.  NIST's report of the meeting notes that

     The second document, classified TOP SECRET CODEWORD, was
     a position paper which discussed reasons for the
     selection of the algorithms identified in the first
     document.  This document is available at NSA for review
     by properly cleared senior NIST officials.

In other words, NSA presented highly classified material to NIST justifying
NSA's selection of the proposed algorithm -- an algorithm intended to protect
and authenticate unclassified information in civilian computer systems.  The
material was so highly classified that "properly cleared senior NIST
officials" were required to view the material at NSA's facilities.

        These disclosures are disturbing for two reasons.  First, the process
as revealed in the documents contravenes the intent of Congress embodied in
the Computer Security Act of 1987.  Through that legislation, Congress
intended to remove NSA from the process of developing civilian computer
security standards and to place that responsibility with NIST, a civilian
agency.  Congress expressed a particular concern that NSA, a military
intelligence agency, would improperly limit public access to information in a
manner incompatible with civilian standard setting.  The House Report on the
legislation noted that NSA's

     natural tendency to restrict and even deny access to
     information that it deems important would disqualify
     that agency from being put in charge of the protection
     of non-national security information in the view of many
     officials in the civilian agencies and the private

While the Computer Security Act contemplated that NSA would provide NIST with
"technical assistance" in the development of civilian standards, the newly
released documents demonstrate that NSA has crossed that line and dominates
the development process.

        The second reason why this material is significant is because of what
it reveals about the process that gave rise to the so- called "Clipper" chip
proposed by the administration earlier this month.  Once again, NIST was
identified as the agency actually proposing the new encryption technology,
with "technical assistance" from NSA.  Once again, the underlying information
concerning the development process is classified.  DSS was the first test of
the Computer Security Act's division of labor between NIST and NSA.  Clipper
comes out of the same "collaborative" process.  The newly released documents
suggest that NSA continues to dominate the government's work on computer
security and to cloak the process in secrecy, contrary to the clear intent of

        On the day the Clipper initiative was announced, CPSR submitted FOIA
requests to key agencies -- including NIST and NSA -- for information
concerning the proposal.  CPSR will pursue those requests, as well as the
pending litigation concerning NSA involvement in the development of the
Digital Signature Standard.  Before any meaningful debate can occur on the
direction of cryptography policy, essential government information must be
made public -- as Congress intended when it passed the Computer Security Act.
CPSR is committed to that goal.

David L. Sobel, CPSR Legal Counsel, (202) 544-9240

Please report problems with the web pages to the maintainer