Forum on Risks to the Public in Computers and Related Systems
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
Volume 15: Issue 35
Weds 22 December 1993
Contents
Airport lessons for InfoSec- Mich Kabay
- Sham CD-ROMs
- Mich Kabay
- Smart Cars and Highways
- Mich Kabay
- Risky Demo Offer
- Rex Wheeler
- "Re-Chipping" Stolen Mobile Phones
- Brian Randell
- Interactive TV: electronic democracy, risks to privacy, etc.
- John Gray
- Trouble with funny place names
- Mark Brader
- Mexico Turns Off Quake Warning System
- Frank Carey
- Wireless Laptop Eavesdropping
- Andrew Duane
- Re: Harry Erwin on Digital Woes
- Lauren Wiener
- Question About Singapore Lottery Crime
- Sanford Sherizen
- ISOC Symposium on Network and Distributed System Security
- Dan Nessett
- Info on RISKS (comp.risks)
Airport lessons for InfoSec
"Mich Kabay / JINBU Corp." <75300.3232@compuserve.com>
14 Dec 93 05:48:02 EST
>From the Associated Press newswire through Executive News Service (GO ENS)
on CompuServe:
Airport Security, By JAMES H. RUBIN (Associated Press Writer)
WASHINGTON (AP, 11 Dec 1993) -- Security is so poor at some of the
nation's airports considered vulnerable to terrorists that federal
investigators easily slipped past checkpoints and wandered around
unchallenged.
The article goes on to state that investigators were rarely challenged as they
walked through restricted areas even though they dressed informally and tried
to draw attention to themselves. One agent successfully brought a grenade
through metal detectors and inspection procedures. The inspectors often saw
other unauthorized people in restricted zones.
Apparently security regulations are not taken seriously at many airports; there
are few if any consequences for breaches of security.
Although this story has nothing to do with computer security, I cite it as yet
another example of how important human factors are to security in general.
Management must take security (including information security) seriously and
apply rewards for compliance and punishment for failures. Employees need
security awareness training and security drills. I would like to see
intrusions as a normal part of security testing.
Michel E. Kabay, Ph.D. Director of Education National Computer Security Assn
Sham CD-ROMs
"Mich Kabay / JINBU Corp." <75300.3232@compuserve.com>
14 Dec 93 05:48:35 EST
>From the United Press International newswire via Executive News Service (GO
ENS) on CompuServe:
Woman indicted in CD-ROM scam
SAN JOSE, Calif. (UPI, 10 Dec 1993) -- Federal officials said Friday a
grand jury has indicted a San Jose woman for allegedly importing more than
900 counterfeit CD-ROMs from Hong Kong with the intent to sell them in the
United States. U.S. Attorney Mike Yamaguchi said an indictment for software
piracy had been handed down against Clare Waioi Sham, 29, of San Jose, and
her company, C-88 International Corp.
The article mentions that this is the first software theft indictment
involving CD-ROMs.
Personally, I think the best part of this story is that the person accused of
preparing to sell counterfeit CD-ROMs is named "Sham."
Michel E. Kabay, Ph.D. Director of Education National Computer Security Assn
Smart Cars and Highways
"Mich Kabay / JINBU Corp." <75300.3232@compuserve.com>
14 Dec 93 05:47:43 EST
>From the Washington Post newswire, 12 Dec 1993, through Executive News
Service (GO ENS) on CompuServe:
Smart Car 54, Where Are You?; Washington's Latest Billion Dollar Boondoggle:
Does Anyone Care? (By Marcia D. Lowe)
COMPUTER-EQUIPPED cars driving themselves on automated highways. A scene
out of "The Jetsons?" Not exactly. Smart cars and highways have quietly
emerged as the latest and most expensive proposal to solve the nation's
traffic problems. Government spending on the little-known Intelligent
Vehicle and Highway Systems (IVHS) program is expected to exceed $40 billion
over the next 20 years. (By comparison, in the first 10 years of the
Strategic Defense Initiative, Washington spent $30 billion.) Even more
astonishing is the total lack of organized opposition to the idea, despite
evidence that smart cars and highways may well exacerbate the very problems
they are supposed to solve.
IVHS would put computers in charge of everything from timing the traffic
signals to deciding which route each car should take - and, eventually, to
doing the actual driving. In the early stages, a dashboard screen would
display maps while a synthesized voice would purr directions to the driver.
Later would come the crowning glory of IVHS, the Automated Highway System.
Once commuters keyed in their destination, they could just sit back and
enjoy the ride - maybe even take a nap. Cars would hurtle along, bumper to
bumper, at speeds measured in miles per minute.
The article continues with the following key points:
o $218 million of federal funding in 1993
o claims of improved safety are unproven
o central computer failures could lead to massive accidents
o proponents concerned with limiting liability for failures
o proposed fuel savings from smoother driving could be lost through higher
speeds
o main proponent of scheme is IVHS America, supported by 500 organizations
including IBM, AT&T, Rockwell, General Motors, Chrysler, Ford
o minor attention given to smart public transport, priorities for
high-occupancy vehicles
Participants in RISKS will shudder at the thought of testing computer programs
design to control thousands of cars in lockstep at 200 kph. I wouldn't enjoy
being part of the beta-test population. I wonder how much attention will be
paid to deliberate or accidental interference?
o Presumably information will be transmitted through radio-frequency modems.
What will the unique identifiers be for each car. What happens if two cars
have the same identifier?
o How will partial or total breakdown of the control systems be handled?
Car-to-car signalling?
o What methods will be put into place to prevent spurious instructions from
being accepted by car controllers?
I find the concern with legal liability an alarming indication of where we're
headed.
Good fun for those interested in reliability and security; not so good fun for
early users, I fear.
Michel E. Kabay, Ph.D. Director of Education National Computer Security Assn
Risky Demo Offer
Rex Wheeler <0003658705@mcimail.com>
Thu, 16 Dec 93 13:10 EST
I received an interesting thing in the mail yesterday. It was an unsolicited advertisement/demo for a mail system to run on a Novel PC LAN. It came with a disk that included the instructions: 1) Log into your server as SUPERVISOR, 2) Create a directory for the mail software (In SYS:PUBLIC), 3) copy the contents of the floppy to the new directory, and 4) Run the install program. There is also a postcard that you can send in to receive a free t-shirt. All you have to do is provide your Name, Title, Company, Address, Telephone, Fax, Signature, and your "unique code number" (which presumably the software will provide you.) To sweeten the offer there is another card you can send in to enter to win a Jeep and other prizes. This card asks for similar information. If you run the demo and follow the instructions, you will have executed unknown software from a fully privileged account, and told this company where to find you and your computers. Sounds like an great opportunity for a Trojan Horse. The "unique code number" could also easily contain information that indicates what else is on your system that may be of interest to this company. Rex Wheeler rwheeler@mcimail.com (365-8705) 70712.110@compuserve.com
"Re-Chipping" Stolen Mobile Phones
<Brian.Randell@newcastle.ac.uk>
Wed, 15 Dec 1993 11:52:29 GMT
[Following is the complete text of an article in the 15 Dec 1993 edition of the (UK)Independent. I am somewhat surprised at the claimed extent of "re-chipping" of stolen mobile phones, and at the fact of it being legal, but have no basis on which to dispute the facts as stated. Brian Randell, Dept. of Computing Science, University of Newcastle, Newcastle upon Tyne, NE1 7RU, UK Brian.Randell@newcastle.ac.uk +44 91 222 7923] LOOPHOLE ON STOLEN PHONES ATTACKED, Patricia Wynn Davies, Political Correspondent BRITAIN'S latest crime wave - the reprogramming of hundreds of thousands of stolen mobile telephones - is legal, while the necessary technology is openly advertised in newspapers and magazines. Telephones automatically barred from networks when a theft is reported are re-entering the system in their thousands after being "rechipped" by people the law does not treat as criminals. Robert Maclennan, the Liberal Democrat home affairs spokesman, has written to Michael Howard, the Home Secretary, urging the closure of the legal loophole. Organised rings of mobile phone thieves were getting "easy pickings" amounting to about 350M pounds a year, Mr Maclellan said. The rechipping process, involving the reprogramming of serial numbers so that the network no longer recognises the phone as the stolen original, can be easily accomplished using equipment that can be plugged into an ordinary home computer. Chipping services offered by dealers and openly advertised in trade magazines and newspapers have been defended as a necessary facility for honest customers buying second-hand telephones from previous owners who have run up bad debts during the recession. But the biggest beneficiaries appear to be criminals. The reprogramming racket has provided a ready outlet for small and big-time thieves - the black market price of up to (pounds) 150 for a stolen cellphone easily outstrips that of a stolen car stereo - while spawning a mini-industry of "phone chippers" turning out new sets of chipping software each time a new model is launched. Thefts are estimated by the industry to be running at 10,000 a month, more than 400 each day, while police forces around the country believe they account for 40 per cent of city-centre car break-ins. Mr Maclennan has told Mr Howard that the loophole could be easily closed with a minor amendment to the 1984 Telecommunications Act in the forthcoming Criminal Justice Bill. "This is straightforward counterfeit, but astonishingly it is not illegal," he said. "The police know who many of the crooks are, but cannot touch them." A similar process of "cloning" a subscribers' serial and telephone numbers into another person's phone results in innocent subscribers being billed for fraudulent calls. Both processes render the phone untraceable.
Interactive TV: electronic democracy, risks to privacy, etc.
John Gray <grayjw@cs.aston.ac.uk>
Thu, 16 Dec 93 14:02:33 GMT
On UK television last night, a regular evening programme, "The Late Show" was
concerned with forthcoming developments in television. This centred around the
potential for high bandwidth and bidirectional communications offered by the
use of optical fibre for cable TV services.
This increase in the number of channels, some with an interactive content
(shopping channels, databases, computer games) would promote the concept of
configurable TV ("MeTV" was the name they chose) which allows the user to
decide what kind of things they wish to watch, and thus they will largely use
only one channel: the one they have configured.
Interestingly, one of the contributors raised the privacy issues: if you know
exactly what TV programmes someone likes watching, then you (or your computer
system) can tailor direct mail (and even TV adverts) to have the maximum
impact. The difference between this and standard audience research is that the
*viewer* builds a profile for the advertiser, when they configure the system.
Also in the programme, an executive for CBS raised the point that if everyone
only subscribes to compilation services, where does the original material
come from? If people select what they view in advance, will they miss out on
things that might entertain and enlighten them. The suggestion was made that
people will retreat much more into their own pursuits and that "community" will
suffer. What happens to people who are too poor to have cable, either because
their neighbourhood isn't cabled, or because they can't afford to subscribe.
They also touched on electronic democracy in this context: if you can't afford
to subscribe, will you have a voice on an equal footing with others?
Finally, a contributor from the EFF suggested that the Internet be used as a
model: the idea of providing these services to form communities controlled by
users rather than by large companies or governments. Sadly, it seems as if the
commercial attractions to advertisers and corporations will win out.
John Gray
Trouble with funny place names
Mark Brader <msb@sq.com>
Fri, 17 Dec 1993 22:50:00 -0500
In the Usenet newsgroup rec.puzzles, there has been a little discussion recently of place names with unusual characters. It was suggested that Westward Ho!, England, was unique for containing the punctuation mark "!", but then somebody topped this by calling attention to Saint-Louis-du-Ha! Ha!, Quebec, Canada. At this point I decided to look these places up in atlases to see where exactly they are. The one I found Saint-Louis-du-Ha! Ha! in was the Rand McNally Road Atlas, 1991 edition. In the index, the place is spelled... "St.-Louis-du-Ha90 Ha90". Mark Brader Toronto utzoo!sq!msb msb@sq.com (P.S.: Westward Ho! is on the north coast of Devon, more or less straight north of Plymouth. Saint-Louis-du-Ha! Ha! is about halfway between Riviere-du-Loup, Quebec, and Edmundston, New Brunswick.)
Mexico Turns Off Quake Warning System
F E Carey +1 908 949 8049 <fec@arch4.ho.att.com>
Sun, 19 Dec 93 15:21:52 EST
Mexico's earthquake warning system has been turned off after failing at least twice since it went into operation in August. In October a quake measuring 6.8 on the Richter scale hit but the alarm didn't sound. In November a false alarm went out on a calm Tuesday evening. Technologically, the system is fairly simple. Solar powered seismic detectors signal a desktop Olivetti. Radio stations receive signal directly from the Olivetti system and broadcast warbling tones like something from a science fiction movie. Professor of Engineering Juan Manuel Espinosa Aranda, head of the warning system, said it was tested for two years before going into operation. He said the two failures resulted from simple, though lamentable, errors adding that it is better to have a warning - even if it might be false - than simply to let nature take its course. Not all share his view. Cinna Lomnitz, a seismology professor, said: "Basically, this is an experimental system that should not be broadcast to the public right off the bat. Indirectly, these people have damaged our reputation as seismologists." Luis Abraham Villa, an office assistant, said: "It creates collective hysteria. It really affects the older people. They go crazy." Reported in The New York Times, 12/19/93 Frank Carey at Bell Labs f.e.carey@att.com
Wireless Laptop Eavesdropping
Andrew Duane USG/PE <duane@zk3.dec.com>
Mon, 20 Dec 93 15:47:00 EST
I just saw a blurb on "The Computer Chronicles" about the last Comdex show,
which focussed on portables, laptops, notebooks, and accessories for them. One
new product, whose name I didn't catch ("AirLink"?) was a wireless device that
automatically downloads all of your modified files as soon as you get within
30 meters of your PC. There is no user interface at all. It even works through
walls.
The possibilities for data theft are endless. Apparently, there is not even a
warning that downloading is occurring. It seems that once these are common, an
industrial spy could wander O'Hare airport and download a lot of files if
he/she were so inclined.
Does anyone have more information on this product?
Andrew L. Duane, Digital Equipment Corporation USG Kernel Scalability
Nashua, NH 03062-2698 603-881-1294 duane@zk3.dec.com
Re: Harry Erwin on Digital Woes (RISKS-15.34)
Lauren Wiener <lauren@reed.edu>
Thu, 16 Dec 93 17:38:23 -0800
I was certainly interested to read Mr. Erwin's contribution. "Digital Woes" is intended to highlight a widespread problem to an audience that is essentially oblivious to such matters (certainly not the RISKS audience!). While the problem of unreliable and overly costly software is undeniably widespread, it would be simple-minded to insist that it is universal. Categories are ordinarily fuzzy; exceptions make life interesting, after all. (I myself am having the pleasure, at present, of working for folks who write specs!) It is entirely possible that the project Mr. Erwin describes is such an exception. If so, let me add my congratulations to Mr. Distaso's. However, I am curious to learn more about this project -- especially if it *was* exceptional. In particular, I am curious to learn: * What was the purpose of the software? * What was it supposed to do? * Was the product actually used in real-world situations, as opposed to testing? * Were the acceptance tests specified in advance? Were they available to the developers to use as they developed the software? * If the product was used beyond testing, did it satisfy the real-world requirements as well as the tests? * If the project was a contract with the U. S. gov't, was it in the interests of both the subcontractor and the government to declare the project a success? Did this equate to a big career win for all the parties involved? (Unfortunately, the incentives are often such that it is in the interests of neither party to point out weaknesses in the product. This kind of arrangement can make such congratulatory letters sound a bit hollow.) It is entirely possible, of course, that the project Mr. Erwin describes had none of these weaknesses, and was in fact a true and marvelous success. All the more reason to learn more about it, if possible. It would be wonderful to isolate even one factor that could help the rest of us.
Question About Singapore Lottery Crime
Sanford Sherizen <0003965782@mcimail.com>
Mon, 20 Dec 93 19:03 EST
I am trying to find some detailed information about a recent case in Singapore where a systems person who worked for the national lottery was able to fix or determine in advance the winning number and tip off a friend who placed a bet. The individuals were recently found guilty and sentenced. If anyone knows the details, please post on RISKS or send to me. Thanks. Sanford Sherizen Data Security Systems Natick, Massachusetts
ISOC Symposium on Network and Distributed System Security
Dan Nessett <nessett@ocfmail.ocf.llnl.gov>
Mon, 20 Dec 1993 11:29:21 -0800
Wednesday, February 2
6:00 P.M. - 8:00 P.M.
Registration and Reception
Thursday, February 3
7:30 A.M.
Continental Breakfast
8:30 A.M.
Opening Remarks
9:00 A.M.
Session 1: Electronic Mail Security
Chair: Steve Kent (BBN)
Certified Electronic Mail, Alireza Bahreman (Bellcore) and Doug Tygar
(Carnegie Mellon University), USA
Privacy Enhanced Mail Modules for ELM, Selwyn Russell and Peter
Craig, Queensland University of Technology, Australia
Management of PEM Public Key Certificates Using X.500 Directory
Service: Some Problems and Solutions, Terry Cheung, Lawrence
Livermore National Laboratory, USA
11:00 A.M.
Session 2: Panel: Public Key Infrastructure, Santosh Chokhani (MITRE),
Michael Roe (Cambridge University), Richard Ankney (Fischer, Intl.)
Chair: Miles Smid (NIST)
2:00 P.M.
Session 3: Protocols
Chair: Tom Berson (Anagram Labs)
Paving the Road to Network Security, or The Value of Small Cobblestones,
H. Orman, S. O'Malley, R. Schroeppel, and D. Schwartz, University of
Arizona, USA
A Complete Secure Transport Service in the Internet, Francisco Jordan
and Manuel Medina, Polytechnical University of Catalunya, Spain
3:30 P.M.
Session 4: Internet Firewall Design and Implementation
Chair: Jim Ellis (CERT)
Inter-LAN Security and Trusted Routers, Pal Hoff, Norwegian Telecom
Research, Norway
Trusted to Untrusted Network Connectivity: Motorola Authenticated
Internet Access -- MANIAC(TM), Bill Wied, Motorola, USA
BAfirewall: A Modern Firewall Design, Ravi Ganesan, Bell Atlantic, USA
A Network Perimeter With Secure External Access, Frederick Avolio and
Marcus Ranum, Trusted Information Systems, USA
7:00 P.M.
Banquet
Friday, February 4
8:30 A.M.
Session 5: Panel: All Along the Watchtower: Experiences and Firefights
Managing Internet Firewalls, Bryan Boyle (Exxon Research), Brent
Chapman (Great Circle Consulting), Bill Cheswick (AT&T Bell Labs),
Allen Leibowitz (Warner-Lambert), Paul Vixie (Vixie Enterprises)
Chair: Marcus Ranum (TIS)
10:30 A.M.
Session 6: Issues in Distributed System Security
Chair: Cliff Neuman (USC-ISI)
CA-Browsing System -- A Supporting Application for Global Security
Services, Denis Trcek, Tomas Klobucar, Borka Jerman-Blazic, and Franc
Bracun, Jozef Stefan Institute, Slovenia
The X.509 Extended File System, Robert Smart, CSIRO Division of
Information Technology, Australia
Auditing in Distributed Systems, Shyh-Wei Luan (VDG, Inc.) and Robert
Weisz (IBM Canada Laboratory), USA/Canada
1:30 P.M.
Session 7: Authentication
Chair: Dave Balenson (TIS)
The S/KEY(tm) One-Time Password System, Neil Haller, Bellcore, USA
A Technique for Remote Authentication, William Wulf, Alec Yasinsac,
Katie Oliver, and Ramesh Peri, University of Virginia, USA
Remote Kerberos Authentication for Distributed File Systems: As
Applied to a DCE DFS-to-NFS File System Translator, Thomas Mistretta
and William Sommerfeld, Hewlett-Packard, USA
3:30 P.M.
Session 8: Panel: IP Security Alternatives, K. Robert Glenn (NIST), Paul
Lambert (Motorola), David Solo (BBN), James Zmuda (Hughes)
Chair: Russell Housley (Xerox)
PROGRAM CO-CHAIRS
Russell Housley, Xerox Special Information Systems
Robert Shirey, The MITRE Corporation
GENERAL CHAIR
Dan Nessett, Lawrence Livermore National Laboratory
PROGRAM COMMITTEE
Dave Balenson, Trusted Information Systems
Tom Berson, Anagram Laboratories
Matt Bishop, University of California, Davis
Ed Cain, U.S. Defense Information Systems Agency
Jim Ellis, CERT Coordination Center
Steve Kent, Bolt, Beranek and Newman
John Linn, OpenVision Technologies
Clifford Neuman, Information Sciences Institute
Michael Roe, Cambridge University
Robert Rosenthal, U.S. National Institute of Standards and Technology
Ravi Sandhu, George Mason University
Jeff Schiller, Massachusetts Institute of Technology
Peter Yee, U.S. National Aeronautics and Space Administration
BEAUTIFUL SAN DIEGO
The Symposium venue is the Catamaran Resort Hotel, providing 7 acres of
gorgeous surroundings, facing Mission Bay and only 100 yards from
beautiful Pacific Ocean beaches. Spouses and family members can catch a
convenient Harbor Hopper for a quick trip to Sea World. After the
Symposium, plan to spend the weekend visiting La Jolla, the world
famous San Diego Zoo or Mexico, only 30 minutes by car or Trolley.
A limited number of rooms have been reserved at the Catamaran for the
very special rate of $77 single, $87 double. Reservations, on a space
available basis, can be made by calling (800) 288-0770 and indicating you are
attending the ISOC Symposium. Reservations must be made before Jan. 1,
1994 to ensure this rate.
CLIMATE
February weather in San Diego is normally very pleasant. Early morning
temperatures average 51 degrees while afternoon temperatures average 67
degrees. Generally, a light jacket or sweater is adequate during February;
although, occasionally it rains.
TRANSPORTATION
San Diego International Airport is 10 miles (15 minutes) from the
Catamaran Hotel. Supershuttle operates a continuous service between the
airport and the hotel: fare is $6.00. When you arrive at the airport, use the
free Supershuttle phone. Taxi fare between the airport and the hotel is $20.
The Catamaran charges $6 per day for parking.
REGISTRATION FEES
Postmarked Subsequent
by Jan. 1 registration
$305 $350
No refunds after Jan. 20.
REGISTRATION INCLUDES
- Attendance - Symposium Proceedings
- Reception - Banquet
- Luncheons - Coffee Breaks
On-site registration is available Wednesday evening at the reception, and
Thursday morning at the Symposium. For more information on
registration and local arrangements contact Dan Nessett at (510) 422-4033
or nessett@llnl.gov.
SYMPOSIUM REGISTRATION FORM
Name ________________________________________________
Affiliation__________________________________________
Name on Badge _______________________________________
Vegetarian Meals?____________________________________
Mailing Address _____________________________________
_____________________________________________________
_____________________________________________________
(Area Code)Phone # ___________________________________
Email Address _______________________________________
Make check (credit cards not accepted) payable to SNDSS94. (Registration is
not effective until payment is received). Mail to: ISOC Symposium, C/O
Belinda Gish, L-68, Lawrence Livermore National Laboratory, Livermore,
CA. 94550.
Report problems with the web pages to the maintainer