The RISKS Digest
Volume 15 Issue 23

Saturday, 6th November 1993

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…

Contents

Another plane lands on the taxiway
Lord Wodehouse
Pax Technologica? Not in Somalia
Peter Wayner
Teachers Beware!
Peter G Spera
Clerk stole from ATMs he was told to top up ...
Apte Kishor Hanamant
Notice of Fire Hazard with Dell Notebook Computers
Bob Robillard
"Eye of the Storm" (*another* Desert Storm virus?)
Rob Slade
Re: White House and STONED 3 virus
Andrew Klossner
Jon Grantham
Re: Ethernet addresses as "port" ids
Brian Bulkowski
Re: CERT Reports and system breakins
Allan Duncan
Re: Fiber Optic Cable Hazards
Gordon Mitchell
Re: "RSI does not exist"
Pete Mellor
Re: Magnetic Fields in Subway Cars
Bob Frankston
Kenneth R Foster
Ian Turton
Peter Gorny
Bruce Limber
Russ Cage
Graeme Thomas
Info on RISKS (comp.risks)

Another plane lands on the taxiway

Lord Wodehouse <w0400@ggr.co.uk>
Wed, 3 Nov 1993 10:24:37 +0000 (GMT)
In the most recent Flight International, there is an article about an Air
Malta 737(?), which landed on the taxiway, instead of the runway. In
summary the situation was as follows  The airport has only one runway for
normal use. The taxiway for this runway can be used as a runway, if the main
one is closed. There is a normal sized taxiway as well.

The main runway was closed for maintenance, and the taxiway/runway lit as
the runway as required. The small taxiway was lit as a taxiway. The Air
Malta pilot was landing at night, saw the lit runway, and because he knew
the main runway was closed, decided that he should land on the taxiway.
Because of the repairs, the ILS system lined up with the main runway
could not be used, so the pilot thought he was doing the right thing.

Exactly the same thing happened a year or two ago, when there was major work
on the main runway. The only difference was that the direction of landing was
reversed.

The moral here which applies in many other areas, including computers and
their software is that people when they know that something has been changed
and are presented with what appears to be the normal situation or choices,
choose to take the alternative option, even when that is wrong.  The pilot
assuming that the lit runway was the one under maintenance chooses the
taxiway, while the airport authorities assumed that by telling the pilots the
runway was under maintenance and then lighting the runway/taxiway for use,
thought this was correct. Perhaps they should a way of lighting the main
runway in such a way that pilots can see that it is there, but obviously not
in use.

Lord John - The Programming Peer, w0400@ggr.co.uk   fax  - +44 81 423 4070


Pax Technologica? Not in Somalia

Peter Wayner <pcw@access.digex.net>
Fri, 5 Nov 1993 10:56:33 -0500
The reason why the NSA would like to stop crypto from being exported is
because it could fall into the hands of US adversaries. People like General
Aideed. But a recent story by Jack Anderson and Doug Cohn shows the danger of
assuming that a technological advantage is is a guaranteed win. The article
reads:

   "[Aideed] had eyes and ears everywhere; he planted loyalists inside
 the UN headquarters itself; they kept Aideed informed of every move
 the Rangers made.
   He had fun with them; he played embarrassing jokes on them. He fed
 them false intelligence, which sent them on wild goose chases. Once
 they raided a UN development project. They handcuffed and manhandled
 eight UN workers including four foreigners.
   Another time, they descended on a compound, rounded up three dozen
 Somalians and pushed around their leaders. The Rangers were told
 that Aideed was hiding out there. They grabbed a bald-headed man
 who looked like Aideed. When he denied it, they struck him with a
 rifle butt. So he hastily confessed that he was Aideed.
   But he wasn't. He was security chief for Aideed's arch enemy,
 Ali Mahdi Mohamed, who was cooperating with the UN."

It is not clear how Aideed fed the Rangers the false intelligence, but it is
conceivable that he just arranged for it to be broadcast in the clear.

In Chuck Yeager's biography, _Yeager_, the General made a point of telling of
the time that he consistently beat someone in a dog fight ("waxed their
fanny") despite the fact that he was flying a plane that was technologically
inferior. It was the pilot, not the plane. Technology wasn't a surrogate for
being clever.


Teachers Beware!

"Peter G Spera ((914) 296-6054)" <sperap@vnet.IBM.COM>
Fri, 5 Nov 93 10:04:40 EST
First there was writing in the palm of the hand, then the crib sheet (or back
of the tie or sole of the shoe or etc.), next came the programmable
calculator, now coming to a store near you, the Newton generation.

The Newton Message Pad (Apple's new personal digital assistant) will have
several financial and sophisticated calculator applications available to
users.  The hardware itself has 640 KB of storage for those hard to remember
formula and definitions.  There are also 1 and 2 MB storage cards available to
expand the Message Pad's memory in preparation for midterms and finals.

If this is an acceptable risk for taking in-class tests, don't forget about
the Message Pad's "Beaming" feature.  The built-in infrared transceiver will
allow 2 Newtons to exchange data up to 3 feet apart.  This is particularly
convenient when students want to split the preparation time or need a real
time solution.


Clerk stole from ATMs he was told to top up ...

Apte Kishor Hanamant <kishor@iti.gov.sg>
Wed, 3 Nov 1993 09:51:15 GMT
>From Straits Times (Singapore) dated 2 Nov 1993, page 21:

  His job was to top up ATM machines with cash. Instead, he filled his own
  wallet - with $122,000.  Ahmed Ansar, a clerk with a security company
  filched $ 250 to $19, 350 on 22 different occasions between September 92 and
  September 93 from the ATMs at the Changi Airport.  He was discovered and
  apprehended in a sting operation and confessed to his other crimes.

How is it that the fraud was not detected for over 12 months ?

Does it not show a surprising and damaging lacuna in the whole system ?

Would a manual cashier be allowed to run short for one year ?

In another incident, reported in September of this year, a man was
convicted of rigging a lottery run by a bank. He rigged the lottery to
reward himself and his accomplices.

It appears that Singapore is racing towards computerization without
devoting much thought to the risks and security issues involved.


Notice of Fire Hazard with Dell Notebook Computers

Bob Robillard <duke@iscp.bellcore.com>
Tue, 2 Nov 1993 16:51:02 -0500
This has just been distributed at work; I thought I'd pass it on.

Talk about a hot machine....

Duke Robillard, duke@cc.bellcore.com


IMPORTANT SAFETY NOTICE concerning DELL 320SLi and 325SLi Notebook

Our records indicate you are the owner of a Dell 320SLi or 325 SLi notebook
computer.  We have recently discovered a potential fire hazard exists within
your system.  For your safety, you should discontinue use of the notebook
immediately.  Please also advise any other users of this system not to use it
until repairs can be made.

Dell would like to repair your system free of charge and we ask that you
return the system to Dell so we can repair it and return it to you as quickly
as possible.  To arrange for the repair, please call Dell at 1-800-847-4171
Monday through Friday between 8:00 a.m. and 6:00 p.m. Central Time.  A special
customer service representative will be ready to assist you and answer any
questions you may have.  Dell will send you a shipping box overnight and will
arrange for next day delivery of your system to our repair facility.  Please
accept my apology for any inconvenience this may cause.  Thank you.

Sincerely, John Medica, Vice President, Portable Products


"Eye of the Storm" (*another* Desert Storm virus? :-)

"Rob Slade, Ed. DECrypt & ComNet, VARUG rep" <roberts@decus.arc.ab.ca>
4 Nov 93 12:12 -0600
BKEYESTM.RVW   931019

Gold Eagle/Worldwide
225 Duncan Mill Road
Don Mills, Ontario
M3B 3K9
"Eye of the Storm"

Those who like books with series titles like "The Executioner" will like this
book.  'Nuff said.

The computer virus is by no stretch of anyone's imagination a major subplot,
even in a book which seems to consist only of subplots.  Nevertheless, it is
interesting to note what it indicates about the popular perception of viral
programs.

The "virus" is tripped during an attempt to find a tap in a voice (phone and
radio) network.  Since phone switches are basically computers with special
peripherals, this could be realistic.  There are viral programs which can
"sense" probes into memory or operations, and can then trigger.  However, there
is no indication of reproduction in the story, and, therefore, the malicious
program is either a logic bomb or a trojan horse (or both).

Interestingly, the system under attack is protected by a "worm".  The theory is
proposed that you protect your own computer by shutting down if you detect
suspicious activity.  (One suspects this was the idea behind the "Immunizer".)
Having written the shutdown program, you should know how to recover the system,
whereas unknown malicious software can damage your data structure in ways that
may take longer to diagnose and rectify.

The concept is initially interesting, but somewhat flawed.  First of all, the
reliability of the system is internally compromised by such protection, and
this is not acceptable in all situations.  (In the book, communications are
shut down at a vital juncture.)  Further, the detection of suspicious activity
requires a background of known methods of attack.  (Interestingly, the
protection program in the book is stated to be subject to periodic upgrading.)
Given the need for specific knowledge of security loopholes that the malicious
software might use, there will probably be better means to deal with the
insecurities.  Finally, if the attacking program uses an unknown method, the
attack may still succeed.

In the book, we once again see the myth of a virus (or the defending "worm" in
this case) being able to damage hardware.  Fuses blow, wires burn out and the
power for the entire complex shuts down.  Debugging the system involves the
"MIS manager" character crawling under desks with a roll of electrical tape.
Guess we still have some educating to do.

copyright Robert M. Slade, 1993   BKEYESTM.RVW   931019
Permission granted to distribute with unedited copies of the Digest

        ======================604-984-4067======================
DECUS Canada Communications, Desktop, Education and Security group newsletters
Editor and/or reviewer ROBERTS@decus.ca, RSlade@sfu.ca, Rob Slade at 1:153/733
DECUS Symposium '94, Vancouver, BC, Mar 1-3, 1994, contact: rulag@decus.ca


Re: White House and STONED 3 virus

Andrew Klossner <andrew@frip.wv.tek.com>
Tue, 2 Nov 93 12:51:28 PST
    "Rush Limbaugh always uses whatever anti-Clinton story he can
    find, but only one recipient of the disk reported infection
    with the STONED 3 virus; the others had no infection,
    suggesting that it didn't originate at the White House."

Thanks.  The report didn't quite ring true — who boots from floopy
these days?  Perhaps the story is of more value in the statement it
makes about uncritical social acceptance of computer RISK anecdotes.

  -=- Andrew Klossner  (andrew@frip.wv.tek.com)


Re: White House and STONED 3 virus

Jon Grantham <grantham@joe.math.uga.edu>
Tue, 2 Nov 1993 19:27:13 -0500 (EST)
What actually happened, according to an AP article I read, was that one
organization found the STONED 3 virus on the disk.  Since they couldn't find
any other potential source, they decided it *must* have come from the White
House and not their own systems.  They then put out an announcement to this
effect, which was received with much joy by talk-show hosts.  Neither AP nor
the White House found anybody else who had the same problem, leading one to
guess that the organization was wrong.  The way the one disk became all of
them is a topic better discussed in the alt.folklore hierarchy.

Jon


Ethernet addresses as "port" ids

Brian Bulkowski <brianb@starlight.com>
Fri, 5 Nov 93 12:13:47 -0800
Various people have commented on the fact that Ethernet addresses can't be
used for security because 1) Ethernet addresses don't get passed through
routers, and 2) Ethernet addresses can be reset very easily. Some thoughts:

I caution against technology blinders. There are more network protocols than
IP in the world. Microsoft's Netbios, for example, is inherently non-routable,
so Ethernet addresses could be used for security. Novell's IPX uses the
Ethernet address for the node number in the network layer address, which will
be maintained across routers. Netware allows you to set a security list for a
given user, and that user may only log in from certain Ethernet addresses in
this fashion. I'm told the US government is a big fan of this feature.

In IP cloud land, it turns out that security on IP addresses is quite good,
because any gross impersonation of an IP number will cause the return packets
to be routed someplace completely different.

The second is very true. They days of burning Ethernet addresses into real ROM
is gone. Remember how big the form factor is for those things, and how long it
takes to burn them? Most modern Ethernet cards that I'm aware of are software
settable, which allows the manufacturer to set the ethernet address as part of
the final software test of the board. This is far cheaper and faster than
burning ROM. The 3Com ElinkIII, WD(SMC)16, Intel Etherexpress all do this, and
come with a program to reset the Ethernet address. The risk is that that which
is most flexible can be bent to nefarious purposes.

Regards, BrianB   brianb@starlight.com


re: CERT Reports and system breakins (Peterson, RISKS-15.18)

Allan Duncan <a.duncan@trl.oz.au>
Sat, 6 Nov 1993 22:33:14 +1100
> ...  It would be very
> difficult (well, nothing is impossible but this would be close) for software
> to forge an address using commercial equipment and collisions should be
> obvious.

Well, that's the theory.  I have an acquaintance who was working on a job with
_lots_ of cards, and he found duplicate numbers.  It made for an interesting
bit of debugging until this was determined - you have to first over-ride the
assumption that each device is unique.

Allan Duncan, Telecom Research Labs, PO Box 249, Clayton, Victoria, 3168,
Australia. (+613) 253 6708   {uunet,hplabs,ukc}!munnari!trl.oz.au!a.duncan


Re: Fiber Optic Cable Hazards

Gordon Mitchell <gordonlm@stein3.u.washington.edu>
3 Nov 1993 01:20:03 GMT
>I read with interest the story about the Telecom Worker who had died from
>accidentally getting a piece of fiber into his bloodstream.  Since I didn't
>see much activity on this list about it, I sent out messages to a Telecom and
>Safety list.  [...]

>Anyone one else get any pertinent personal replies they can pass along?

I have worked with fibers for the last 20 years.  Essentially since they
became transparent.  In that time I _have_ seen injuries of fiber stuck
into hands.  Fortunately silica is about as inert as materials come.
The problem is generally more what is on the fiber, e.g., uncured epoxy.

The fiber in heart sounds like a scare story.  As far as I am aware, the only
hazard is mechanical irritation.  That is pretty benign with hands.  One
occasional problem that occurs with buffer removed from fiber is glass flying
through the air when a fiber is bent and broken.  That makes safety glasses a
good idea.

Looking back over the last 2 decades, I can remember lots more wounds due to
general lab hazards such as xacto knives, needles, hand tools,...

   Gordon Mitchell   gordonm@ee.washington.edu


Re: "RSI does not exist" (Gavin Matthews: RISKS Digest 15.21)

Pete Mellor <pm@csr.city.ac.uk>
Wed, 3 Nov 93 00:42:19 GMT
Gavin Matthews <GAVIN@shapel.ug.eds.com> reported the ruling by Judge John
Prosser, QC, in the case of Mughal versus Reuters.

This ruling has created uproar. It was front page news on most serious papers
last Friday. The news is good for Reuters, who would otherwise face a series
of hefty claims from its employees (or ex-, as in this case).

The good news for RSI sufferers is that the case will probably go to appeal,
and the judgement stands a good chance of being reversed. (It seems to have
been a test case backed by the NUJ.) Also, it does not constitute a
"precedent" since earlier court judgements *have* awarded substantial damages
to victims of this "imaginary" condition.

If you want to know how prevalent a condition is, ask yourself how many people
you know personally are suffering from it. Since I became interested in the
subject, I have discovered an amazing number of people who have.

My interest is personal. A close friend of mine was diagnosed as suffering
from Carpal Tunnel Syndrome (CTS) a couple of years ago. CTS is a rather nasty
form of RSI, and can lead to severe disability of the hands if not treated. It
is due to the compression of the nerves in the wrist due to swelling of the
surrounding tissues. My friend's case was typical. In retrosepct, she had
suffered from it for many years, but the earlier diagnosis had been
"arthritis". Following a fairly routine operation to relieve the pressure on
the nerve, she has now made an almost complete recovery.

I put out a call for information on the net, and I was overwhelmed by the
response. (This was *only* to do with CTS, not other forms of RSI.) Typists
are not the only sufferers from CTS. Other professions/activities with a high
incidence are: meat-packers, sheet-metal workers, pianists, cyclists,
embroiderers, bricklayers. All involve repetitive actions with the wrist in a
fairly fixed position. Predisposing factors seem to be: small frame (i.e.,
narrow Carpal Tunnel) and overweight. ("Egg-shell personality" didn't seem to
be positively correlated! :-)

The use of word-processors, however, does seem to have coincided with an
epidemic of CTS. The causes are a subject for speculation, but there are a
number of interesting possibilities:-

- The use of a computer terminal involves long periods of keying without
  changing hand position (as opposed to the old manual machines which
  required the typist to change paper occasionally).

- The condition is far more prevalent than was realised in the past, and was
  under-reported due to misdiagnosis. (CTS has only recently become a
  recognised condition: see my friend's previous diagnosis. Also, a number
  of the people who responded to my request for information cited cases of
  parents or other older relatives who ended up almost totally crippled with
  what was obviously CTS, but could not be diagnosed or treated at the time.)

However, thanks to Prosser's judgement, we can all relax. My friend can
rest assured that her symptoms were "all in the mind", including the wasted
muscles on the affected hand, and the appearance of the nerve when exposed.
(This was obviously an interesting case of "mind over matter": the thought
compresses the nerve! :-) Her recovery must be an interesting example of the
"placebo effect".

Reuters can get away without paying their disabled employees a penny (for the
time being! :-) and the surgeon who operated on my friend's wrist can cut
down his operating list (*one* surgeon in *one* clinic dealing with 4 or 5
cases *each week*!) by referring all his patients to a psychiatrist! :-)

Anyway, typing all this has made my hand feel a bit funny. (Must be my
"egg-shell personality"!) I think I'll give it a rest.

Peter Mellor, Centre for Software Reliability, City University, Northampton
Square, London EC1V 0HB Tel: +44 (71) 477-8422   p.mellor@csr.city.ac.uk

Disclaimer: British justice is a fine institution. Neither I nor my employers
would ever dream of suggesting that a distinguished judge could be senile,
corrupt, or both.


Re: Magnetic Fields in Subway Cars (Drzyzgula RISKS-15.20)

<Bob_Frankston@frankston.com>
Tue, 2 Nov 1993 19:30 -0400
The obvious question: "What about Maglev systems". They use very strong
magnetic fields to propel the train.


magnetic fields on subways

Kenneth R Foster <kfoster@eniac.seas.upenn.edu>
Tue, 2 Nov 93 19:35:01 -0500
I've been a consultant, in an indirect way, to a Department of Transportation
study of magnetic fields on trains, and have analyzed data from several
railroad systems (French TGV, Boston subway system, Northeast Corridor AMTRAK
system in the US, Washington Metro).  The fields can be quite high — several
Gauss near the floor.  The frequency content depends on whether the system
operates at AC or DC. The fields are associated with motors running the
trains, the catenaries, etc.  I do not know what kinds of fields are needed to
wipe out floppy disks but there is a wealth of data on magnetic field
dosimetry available.

I note that the fields are strongest near the floor of the cars and near
motors.  At seat level they are generally comparable to other ambient fields.
Maybe dropping the disk on the floor near a motor would be the most likely
source of trouble.

Kenneth R. Foster, Bioengineering, Univ. of PA


Re: Magnetic Fields in the subway (Marchant-Shapiro, RISKS-15.21)

Ian Turton <ian@geog.leeds.ac.uk>
Wed, 3 Nov 93 09:08:09 GMT
Several years ago I was a student at the department of geophysics in
Newcastle upon Tyne. One story told to us was that shortly after the city
opened its metro system, one line of which ran past the university, the
department started to have problems with its magnetometers, which measure
changes in the Earth's magnetic field on the order of 1%. It turned out that
the safety cutouts to earth on the metro system where underrated by a
factor of 10 and hence most of the current was flowing to ground instead of
back along the tracks, the system uses overhead cables to carry the
positive supply. This meant that there was no opposing magnetic field from
the rails to cancel the overhead cable's field. The department actually had
a contract for a while to report to the City where the circuit breakers had
blown, which they could tell by triangulating the pulses of magnetism.

So it seems possible that the designers of the DC metro didn't consider the
size of magnetic fields generated by the system and didn't use a specific
return path or that they have a problem with this path anyway.

On a related note the fears of the London Underground lead to BBC radio
personel always travelling by taxi when carrying magnetic tapes, though I
never heard of anyone actually having a magnetic tape damaged on the
underground.  However the expenses are better on a taxi :-)

Ian Turton - School of Geography, Leeds University, Leeds, UK.
         0532 -333309


Re: Magnetic Fields in Subway Cars (Drzyzgula, RISKS-15.20)

Peter Gorny <Peter.Gorny@arbi.informatik.uni-oldenburg.de>
Wed, 3 Nov 1993 18:46:26 GMT
Well, I lost all data on a 1/2" magnetic tape that way in a Hamburg streetcar
many years ago. (To recover I had to travel 200 miles back to the source
computer....   so I know what you are talking about.
BTW: Beware of loudspeakers. They often have strong permanent magnets.

D-26111 Oldenburg, Germany    +49-441-798-2901 or -4521 (Fax: -2155)
Gorny@Informatik.Uni-Oldenburg.DE     Gorny@ACM.org


Re: Magnetic fields on subway trains (and elsewhere!)

Bruce Limber <blimber@cap.gwu.edu>
Wed, 3 Nov 1993 13:56:27 -0500 (EST)
There's lately been discussion here of the possible RISKS to magnetic
media of the magnetic fields in subway trains.  As a regular commuter on
Washington, DC's Metro, I find this a subject of considerable interest.

(And while I've been known to carry floppy disks and/or a laptop computer
on the trains, no, I haven't noticed a problem so far.)

That said, can someone out there with the appropriate expertise please
advise the rest of us, whose fields are regrettably not sufficiently broad
that we can figure out the answer for ourselves?

_Is_ there a way to transport magnetic media safely, so that they're
protected from errant fields on subways and elsewhere?  If so, how?

    - In closed ferrous boxes?
    - Closed non-ferrous boxes?
    - Sprinkled with the blood of a freshly-killed goat?
    - "Grounding" the box, or not?

Inquiring minds want to know. . .

(BTW, I've also heard it said that we need not fear airport X-ray
machines, but that library stolen-book detector gates are sudden death to
disks.  True, or not?  I--for one--don't know.)


Re: Magnetic fields in subway cars (Drzyzgula, RISKS-15.20)

<rsi!russ@destroyer.rs.itd.umich.edu>
Thu, 4 Nov 93 23:13:41 -0500
I can vouch for Bob Drzyzgula's experience, from direct measurement.  In 1989,
I was working for one of the Big 3 auto companies developing an advanced
electronic compass system.  One of its features allowed continuous real-time
readings of its flux-gate sensor.  We used this to log hours of data to disk
for later analysis.  Typical data from a run would show the local magnetic
field to be about 15-20 A/D counts (the sensitivity was about .02-.025
gauss/count; it was never measured exactly).

Our summer intern took a test car to NYC as part of a system shake-down.
He happened to be logging data as he drove down 5th Avenue (if I recall
correctly) and a train just happened to pass underneath.  The magnetometer
showed a deviation of several HUNDRED A/D counts off to the right of the
vehicle, followed by a return to normal a few seconds later.  This was
on the road above, mind you, not just a few feet from the rail.  I would
estimate the street-level field strength at 5-10 gauss.

One wonders how the inductive currents affect bone development in subway
commuters, among other things.  If magnetic fields affect other biological
processes, it would appear that the subways are a health concern for anyone
living next to a line.  (Perhaps one could take a medical deduction for a
penthouse dwelling?)

Russ Cage  (313) 662-9259   russ%rsi.uucp@destroyer.rs.itd.umich.edu
russ@m-net.ann-arbor.mi.us


Re: Magnetic Fields in Subway Cars

Graeme Thomas <gvt@uplx.co.uk>
Sat, 6 Nov 93 12:37:07 GMT
I vaguely recall reading that the BBC used to have a rule preventing couriers
carrying video tapes from travelling on the London Underground system, for
fear that the magnetic fields would wipe the tapes.  Instead, the couriers
would use taxis, at greater expense.  Eventually some research was done, which
proved that the magnetic fields experienced inside the metal carrying cases
was negligible, and the rule was eventually removed.

Graeme  [ gvt@uniplex.co.uk ]

Please report problems with the web pages to the maintainer

x
Top