Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
Since the Suns here in Phoenix are in the NBA playoffs, one of the ticket offices discovered that something was amiss. Since the only way to get any of the remaining tickets is by calling up either of the two ticket offices, this happened for one of the games... On one of our local channels, they reported that employees from the company that installed the phone for the ticket office (I believe it was Dillard's) had been discovered to have "fixed" (I don't know the proper term they used) the phone lines so the callers (employees of the installing phone equipment) would be the first to get through to place orders for the tickets. The news show went on to add that disciplined action(s) had been taken by the company and the company would not comment on the situation. The "modification" to the phone system was detected by the ticket office. (I thought rigging/modifying the odds of a dial-in only event was cardinal. (sorry for the pun) No No.)
This morning there was a report on National Public Radio on what it called Astroturf letter writing campaigns. Apparently some lobbying firms have started offering this service to clients likely to be affected by legislation about to come up for vote. For a fee they will generate a large number of letters which will put forward the client's case to several selected mailing lists. These letters also contain an exhortation to sign and mail the included PROTEST letters which are pre-addressed to the area congressional rep. Such campaigns were found by several congressmen who are in favor of the Clinton Administration's proposed BTU tax. On the face of it it seems like the good old American democratic system. The risk identified by one of the Congressman was that the high levels of noise generated by these computer aided campaigns are making it difficult for them to identify the genuine missive from Mrs Bramley in Peoria. SHYAM
Mr. Rogers' article is most certainly both welcome and informative on an otherwise overreported and underanalyzed area of potential health risk. Unfortunately, he uses an abbreviation in the article whose meaning is undefined, at best, and ambiguous at worst. In reference to the strength of the magnetic fields measured at 30cm distance from a VDT, he lists the strength of the magnetic fields as "4-7 Mg," and elsewhere repeats the use of this abbreviation. By the normal standard abbreviation scheme that I am familiar with (and I believe most people are as well), the abbreviation "Mg" should be interpreted as "Megagauss", which is absurd in the context. The average strength of the Earth's magnetic radiation field at ground level ranges between 2-2.5 mg (that's milligauss), and even the dangers supposedly related to magnetic fields have been generally associated with fields in excess of 10mg, coupled with continuous exposure over long periods of time. (A good discussion of this subject can be found in the book "Cross-Currents," the name of whose author escapes me at the moment, and also his sequel on a similar subject, the title of which also escapes me at the moment.) As a side note, I had our electric company send a representative out to my house a couple of years ago, specifically to measure the EMF radiation from various instruments and equipment in my house. This was largely in response to a scare about power line proximity and the fact that my house overlooks a freeway, on the other side of which are power transmission lines totalling 506 kilovolts of electricity. It turned out that the EMF level outside the house at chest height was 1.5-2.5 mg, whereas the average EMF level _inside_ the house, mid-room at chest height, was around 5mg. Our waterbed heater generated over 10mg at bed surface level, and the most dangerous room in the house was the kitchen, with a reading of 6-9mg mid-room. Surprisingly, the highest radiation levels were from electric alarm clocks, ranging 140-300+mg at the face, down to somewhere between 40-50mg at a distance of 3 feet. The VDTs? My wife's EGA read 15mg at the screen, down to 1.5mg at 3 feet, and my monochrome was slightly higher (I forgot the exact reading). Now, Mr. Rogers, what did _you_ mean by "Mg?" Mark A. Hull-Richter, NCR Teradata, 100 N. Sepulveda Blvd., # 11-257 El Segundo, CA 90245 (310) 524-5782 mhr@ElSegundoCA.NCR.com
Yesterday, I walked up to a Citibank ATM (a relatively new one at 2nd Ave. and
4th St. in Manhattan) and the screen displayed the question "What language
would you like to use for your transaction," a question I usually get only
after inserting my card and entering my PIN. I was a bit puzzled, but think I
have an answer. Two "features" of this particular ATM in combination may
present quite a risk.
Feature 1: Citibank ATMs don't swallow cards. You insert, then
immediately withdraw them to start a transaction. I
appreciate this feature, having left my card in an ATM before.
Feature 2: After selecting your transaction, but before receiving cash
or a balance or making a deposit, you must answer the question
"After this transaction, can we help you with anything else?"
This question is very oddly placed. I don't want to think about
my next transaction until this one is finished.
What may have happened:
The previous customer (call her Maria), inserted and withdrew her card,
entered her PIN, chose a language, selected a transaction, and was then
perhaps confused by the question about an additional transaction (Feature 2),
or just slipped on the touch screen. Between having to answer questions like
"Is this correct?" and "Would you like a receipt?" it would be easy to keep
hitting the Yes button. When Maria finished her first transaction, she took
her receipt, and having already retrieved her card, turned and walked out, not
realizing she had pre-ordered another transaction. Presumably I could have
effected a second transaction on her account, withdrawing some large sum of
money. I've never made two transactions in a row on a Citibank ATM, so I
can't be sure that the language question is routinely presented again, but
nothing else seems to make sense, especially since when I pressed the Cancel
button right off, I got the message "Your transaction has been cancelled,"
then the usual "Insert your card, then withdraw it quickly" opening message.
Any Citibank programmers out there who care to comment? Even if I've misread
the situation, this scenario is all too plausible. Feature 1 and Dubious
Feature 2 (a programming hack, I'd almost have to guess) just don't work
together.
Steve Kass (skass@drew.drew.edu), Department of Mathematics and Computer
Science Drew University, Madison, NJ 07940
>Another method that might allow you to "authenticate" an ATM machine:
> Enter an incorrect PIN as your first attempt.
> Try a balance query if the ATM seems to accept the bad PIN.
Won't work in Germany. You don't get 3 tries per card insert, you get 3 tries
on the *lifetime of the card*! If you goof up 3 times, the card is marked
invalid and has to be sent in to a special office for resetting. Takes about
2-3 weeks. And balance queries are usually not done with ATM machines, but
with extra boxes that give a list of transactions since the last query - this
has shifted the costs and work of preparing statements to the user. You have
to stand there and wait while the silly thing grinds out 3-4 pages, usually
with a page of advertising (Grrrrrrrr....). This also saves postage for the
banks.
Debora Weber-Wulff, Professorin fuer Softwaretechnik, Technische
Fachhochschule Berlin, FB Informatik, Luxemburgerstr. 10, 1000 Berlin 65
[Thanks, Debora. One of the joys of RISKS is that our international
contributors keep the U.S. folks on their toes. For example, John Oliver
<j.oliver@uow.edu.au> in Wollongong, Australia, chided me for my item in
RISKS-14.71 about RISKS "Summer Slowdown Time". He said
"Shame on you. This is WINTER! John Oliver" PGN]
Margins on sales in supermarkets are reputed to be very low. Credit card companies usually charge a couple of percent on transactions with their cards. So, credit card sales in supermarkets would wipe out the retailers' profits. Yet, payment by credit cards in supermarkets is expanding. Obviously the credit card companies are offering the grocers lower than usual rates. What do they get in return? Are they accumulating buying profiles on people who use credit? If so, how do they use the information they gather? Can I expect a letter from Proctor and Gamble: "We see you bought Crest in March and May of 1992, but you haven't bought it since. How come? (And here's a 50 cent coupon to encourage you to buy it again.)" In a similar vein, supermarkets around here offer various forms of "price clubs", whereby you get an extra discount on selected items if you present your card at check-out. Are THEY accumulating buying profiles? How are THEY using the information? [Have I become excessively paranoid about invasions of privacy?] Dave Kristol
>The risks? When the drink robot fails to work some soft drink gets spilt, but >what happens if there's a problem with a machine that is working around hot >oil? Such technology is being used successfully in the semiconductor industry. Similar robots handle automated wet stations, wherein silicon wafers are dunked into a variety of etchants, including hydrofluoric and sulfuric acids. It takes a competent design and reasonable control limits, but is capable of being done successfully. Dean F. Kling dkling@ptd.intel.com (503) 642-6829 No, I don't speak for Intel
Most likely the robot's work cell is protected by light beam barriers, floor mat switches or both. Tripping either system should cause the robot to immediately stop moving until the system is reset. This sort of setup is required by ANSI/OSHA regulations for robot work cells. }The risks? ... Some hot oil gets splashed (the robot isn't pouring oil, just dipping things in it). Not a good thing, to be sure, but not likely a tragedy, either. I note the (required) manual cutoff button is located away from the hot oil tanks. The Polymath (aka: Jerry Hollombe, M.A., CDP, Head Robot Wrangler at Citicorp 3100 Ocean Park Blvd., Santa Monica, CA 90405 (310) 450-9111, x2483
John Camp Writes in Risks 14.71:
Subject: Workshop on Digital Systems Reliability and Nuclear Safety
> >From Washington National Airport
> The Washington Metro has subway service to Rockville from National
> Airport. Take a Yellow Line train marked ~Gallery Place~ to Metro
> Center and transfer to a Red Line train marked ~Shady Grove~ to
> ~Twinbrook~.
This worries me when even minor details can't be gotten right.
In Washington DC, the Yellow Line train at National Airport goes in two
directions. The one going toward Washington is labeled "U Street/Cardoza" and
goes THROUGH Gallery Place! This isn't a new event; the extension to the
Yellow line has been running for more than a year.
Also, one transfers from the Yellow to the Red Line AT GALLERY PLACE. The
Yellow Line does not and never has run to Metro Center!
There is, however, a Blue Line that DOES go to Metro Center from National
Airport, at which point one can also transfer to the Red Line. But THAT train
- the Blue Line - would be labelled "New Carrolton" and doesn't go anywhere
near Gallery Place!
This worries me that if small details like this are wrong, what other things
could also be wrong? Maybe they'll run an ad for this symposium in the
{Washington Star}! :)
(The :) is because The Star Folded many years ago.)
Paul Robinson - TDARCOS@MCIMAIL.COM
The conference announcement in RISKS-14.71 contains incorrect directions for taking the Metro from National Airport to the Holiday Inn Crowne Plaza. I'm sending a correction to lammerin@cs.utwente.nl and, should you wish to publish it separately, the correct directions are these: There is a free shuttle bus between the terminal and the National Airport Metro station. At the station, purchase a farecard to Twinbrook. (Fare varies according to the day of week and the time you enter, and will be either $2.00 or $3.15 one way.) Take the yellow train marked "Mt. Vernon Sq." to the Gallery Place station; there, transfer to a train marked "Shady Grove" and ride to the Twinbrook station; the hotel is beside the station. (Be sure to take a "Shady Grove" train; trains at the same platform marked "Grosvenor" do not go all the way to Twinbrook.)
<> ... The White House will be connected to the Internet as well as
<> several on-line commercial vendors, thus making us more
<> accessible and more in touch with people across this country.
Only a minor item of risk-interest, perhaps, but: which people and which
country? I have an email address ending in ".uk", but the more generic ".com"
is available to people outside the US for a small sum (I'll have access to one
soon). I don't see anything to stop (for example) groups from outside the US
lobbying this email service by pretending to be "the people" from "this
country." The Internet is international.
Nothing to lose sleep over, I don't think, but I did sense a wee bit of
parochialism in this announcement and thought I'd point out something that's
probably obvious.
Nick Rothwell | cassiel@cassiel.demon.co.uk
CASSIEL Contemporary Music/Dance | cassiel@cix.compulink.co.uk
[By the way, jim@mpl.UCSD.EDU (Jim Easton) reported that mail to
vice.president@whitehouse.gov was rejected. Let him know
if you have a good address. And thanks to all of you who
reported on Gedanken Experiments with the the White House
Internet connections. They are vastly too numerous (and some
to off-color) to be included here. PGN]
In RISKS-14.69, Peter Junger responds to comments I'd made earlier. I'd like
to look a bit at the broader issues.
The Constitution may protect speech, but espionage, a crime which may involve
"nothing more" than speech, has been illegal since before the Constitution was
written, and you wouldn't have much success challenging it on First Amendment
grounds.
There are two interesting things about cryptography:
- It's one of only two examples of cases where things can be
treated as secret even if you invent them yourself. (The
other is information about nuclear technology.) If you
were to become aware of classified information about
existing cryptosystems, the espionage statutes would apply
to you just as they would were you to come into possession
of plans for a fighter plane. If you can be forbidden from
discussing one, you can be forbidden from discussing the
other. (Actually, "discussing" for espionage purposes doesn't
even have to be with foreign nationals, but it does have to
be with the intent of making the information available to
foreign nationals, or something like that.)
So what we come down to is the claim that the fact that you
invented something yourself automatically gives it First
Amendment protection, even though had you gotten it by other
means it might not be so protected. Well, maybe. It's an
argument worth making, but personally I think more on social
policy grounds than Constitutional ones - I see nothing in the
Constitution that makes a distinction based on authorship, and
in fact such distinctions can be very hazardous: If I have a
right to say something, but my publisher does not have the
right to publish it for me, my rights are being honored more
in the breach than in reality.
- Cryptographic systems can easily be embodied as software. As
Mr. Junger point out, software is inherently both speech and
object. One gets the feeling on the net that people wish to
see it purely as speech because that gets them to final re-
sults they like, right now. Along the way, they make various
questionable assumptions, such as identifying the description
of an algorithm with efficient (or just WORKABLE!) code for
it. That was the point of my 500-man-year example. The code
for such a monstrosity would clearly be a manufactured object,
difficult to duplicate from scratch. A broad description of
that object might help someone duplicate it to a very limited
extent. A detailed design specification would help a lot
more. But the code itself remains much more usable than
any description.
Building a fighter jet is difficult for many reasons. Even
with the proper equipment and materials, detailed drawings and
specifications remain necessary. Code is like those detailed
drawings and specifications. It just happens that for pro-
grams, once you have the code, you don't need to do much more
(while for a fighter you've still got a great deal of work).
Plans for fighters have always been considered very sensitive.
I see no reason why code, or specifications for code, should
not be.
Our ideas about free speech were developed at a time when
"information" and "objects" were separate universes. Speech
might affect PEOPLE, but it could not directly affect the
physical world. It's exactly because of its effect on people
that dictatorships wish to control it; and it's exactly
because our system of government is based on the idea that
people, in effect, have the right to be affected, that we so
strongly protect speech rights.
These days, the borderline between "information" and "object"
is getting fuzzy. A computer virus is "information", but it
can pretty directly affect the real, physical world. Should
it be given the same protection as speech that is aimed at
people? People are moral actors, and are assumed to be res-
ponsible for the outcomes of their acting on speech they hear.
A computer that "hears" a virus is NOT a moral actor; the
responsibility for any damage it does lies entirely on the
creator of the virus.
Actions certainly have consequences. We like to say that
ideas have consequences, too, but those consequences are
always filtered through other people, other moral actors.
This is very different from the growing potential for certain
ideas, expressed in software rather than words, to have
DIRECT consequences. I believe it's foolish to claim that
just because we use the word "information" to describe both
traditional speech and this new class of thing that we should
automatically apply the same standards to each.
I have no love for the existing cryptographic export regulations. However, I
refuse to close my eyes to the problems they are trying to solve. Rather than
tossing our hands up and saying "there's no perfect solution, so let's not try
to find ANY solution," we should try to come up with better approaches.
Perhaps in the long run we are destined to fail; even so, we have to survive
in the short run.
— Jerry
Let's review a RISKS discussion that's gotten out of hand: David Sobel, originally wrote in RISKS DIGEST 14.59: <> The proposed DSS was widely criticized within the computer <> industry for its perceived weak security and inferiority to an <> existing authentication technology known as the RSA algorithm. <> Many observers have speculated that the RSA technique was <> disfavored by NSA because it was, in fact, more secure than the <> NSA-proposed algorithm and because the RSA technique could also <> be used to encrypt data very securely. Dorothy Denning responded in RISKS 14.60: > This is terribly misleading. NIST issued the DSS proposal along with a > public call for comments as part of their normal practice with proposed > standards. The community responded, and NIST promptly addressed the > security concerns. Among other things, the DSS now accommodates longer > keys (up to 1024 bits). As a result of the revisions, the DSS is now > considered to be just as strong as RSA. Marc Rotenberg commented in RISKS 14.62: > Denning has to be kidding. The comments on the proposed DSS were uniformly > critical. Both Marty Hellman and Ron Rivest questioned the desirability of > the proposed standard. Most recently, Eric Raymond wrote in RISKS 14.64: > As a long-time RISKS reader and contributor, I observe that that this is not > the first time that Ms. Denning has apparently operated as a mouthpiece for > the NSA's anti-privacy party line on DES and related issues. > >I believe Ms. Denning's remarks must be understood as part of a continuing >propaganda campaign to marginalize and demonize advocates of electronic >privacy rights. I have no link to the FBI, NSA, or NIST, and I agree with this particular statement of Dorothy's, that DSS is regarded to be as strong as RSA. Mobs often believe the words that are shouted the loudest, and this may have warped the public perception of DSS. Some people will refuse to accept DSS because of where it came from, but let's be clear on this specific issue: NOBODY HAS PRESENTED A CREDIBLE SCIENTIFIC ARGUMENT THAT DSS CAN BE BROKEN! I spent a couple of years using some of the most powerful machines in the world to compute discrete logarithms, and I published a survey paper in 1990 on the discrete logarithm problem. I am quite sure that there is no publicly known technique that will compromise DSS with 1024 bit keys, and I think both Rivest and Hellman will agree on this point. There are technical issues of some dispute, but this issue is not among them. If anything, factoring is regarded as easier than computing discrete logarithms because of the linear algebra involved. People are apparently getting so steamed over Clipper and the notion of key escrowing that their glasses are getting fogged. It's gotten so no matter what Dorothy says, she is demonized as a stooge of the Feds. It appears that there are legitimate issues to be debated here, but let's try to clean up the discussion surrounding Clipper, Skipjack, Capstone, DSS, SHA, NSA, NIST, and RSA, to distinguish between the different scientific, business, and governmental policy issues. If you disagree with Dorothy's statements regarding key escrow policy, then say so explicitly. If you believe that DSS is cryptographically weak, then let's see somebody break it. I maintain that unless somebody pulls a new algorithmic trick out of their sleeve, we won't see a 1024-bit DSS signature forged until long after we are all pushing up daisies. Kevin S. McCurley Massively Parallel Computing Research Laboratory Sandia National Laboratories
Please report problems with the web pages to the maintainer