The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 15 Issue 35

Weds 22 December 1993

Contents

o Airport lessons for InfoSec
Mich Kabay
o Sham CD-ROMs
Mich Kabay
o Smart Cars and Highways
Mich Kabay
o Risky Demo Offer
Rex Wheeler
o "Re-Chipping" Stolen Mobile Phones
Brian Randell
o Interactive TV: electronic democracy, risks to privacy, etc.
John Gray
o Trouble with funny place names
Mark Brader
o Mexico Turns Off Quake Warning System
Frank Carey
o Wireless Laptop Eavesdropping
Andrew Duane
o Re: Harry Erwin on Digital Woes
Lauren Wiener
o Question About Singapore Lottery Crime
Sanford Sherizen
o ISOC Symposium on Network and Distributed System Security
Dan Nessett
o Info on RISKS (comp.risks)

Airport lessons for InfoSec

"Mich Kabay / JINBU Corp." <75300.3232@compuserve.com>
14 Dec 93 05:48:02 EST
>From the Associated Press newswire through Executive News Service (GO ENS)
on CompuServe:

Airport Security, By JAMES H. RUBIN (Associated Press Writer)

    WASHINGTON (AP, 11 Dec 1993) -- Security is so poor at some of the
  nation's airports considered vulnerable to terrorists that federal
  investigators easily slipped past checkpoints and wandered around
  unchallenged.

The article goes on to state that investigators were rarely challenged as they
walked through restricted areas even though they dressed informally and tried
to draw attention to themselves.  One agent successfully brought a grenade
through metal detectors and inspection procedures.  The inspectors often saw
other unauthorized people in restricted zones.

Apparently security regulations are not taken seriously at many airports; there
are few if any consequences for breaches of security.


Although this story has nothing to do with computer security, I cite it as yet
another example of how important human factors are to security in general.
Management must take security (including information security) seriously and
apply rewards for compliance and punishment for failures.  Employees need
security awareness training and security drills.  I would like to see
intrusions as a normal part of security testing.

Michel E. Kabay, Ph.D.  Director of Education  National Computer Security Assn


Sham CD-ROMs

"Mich Kabay / JINBU Corp." <75300.3232@compuserve.com>
14 Dec 93 05:48:35 EST
>From the United Press International newswire via Executive News Service (GO
ENS) on CompuServe:

Woman indicted in CD-ROM scam

    SAN JOSE, Calif. (UPI, 10 Dec 1993) -- Federal officials said Friday a
  grand jury has indicted a San Jose woman for allegedly importing more than
  900 counterfeit CD-ROMs from Hong Kong with the intent to sell them in the
  United States.  U.S. Attorney Mike Yamaguchi said an indictment for software
  piracy had been handed down against Clare Waioi Sham, 29, of San Jose, and
  her company, C-88 International Corp.

The article mentions that this is the first software theft indictment
involving CD-ROMs.

Personally, I think the best part of this story is that the person accused of
preparing to sell counterfeit CD-ROMs is named "Sham."

Michel E. Kabay, Ph.D.  Director of Education  National Computer Security Assn


Smart Cars and Highways

"Mich Kabay / JINBU Corp." <75300.3232@compuserve.com>
14 Dec 93 05:47:43 EST
>From the Washington Post newswire, 12 Dec 1993, through Executive News
Service (GO ENS) on CompuServe:

  Smart Car 54, Where Are You?; Washington's Latest Billion Dollar Boondoggle:
  Does Anyone Care?  (By Marcia D. Lowe)

    COMPUTER-EQUIPPED cars driving themselves on automated highways. A scene
  out of "The Jetsons?" Not exactly. Smart cars and highways have quietly
  emerged as the latest and most expensive proposal to solve the nation's
  traffic problems. Government spending on the little-known Intelligent
  Vehicle and Highway Systems (IVHS) program is expected to exceed $40 billion
  over the next 20 years. (By comparison, in the first 10 years of the
  Strategic Defense Initiative, Washington spent $30 billion.) Even more
  astonishing is the total lack of organized opposition to the idea, despite
  evidence that smart cars and highways may well exacerbate the very problems
  they are supposed to solve.
    IVHS would put computers in charge of everything from timing the traffic
  signals to deciding which route each car should take - and, eventually, to
  doing the actual driving. In the early stages, a dashboard screen would
  display maps while a synthesized voice would purr directions to the driver.
  Later would come the crowning glory of IVHS, the Automated Highway System.
  Once commuters keyed in their destination, they could just sit back and
  enjoy the ride - maybe even take a nap. Cars would hurtle along, bumper to
  bumper, at speeds measured in miles per minute.

The article continues with the following key points:

o $218 million of federal funding in 1993
o claims of improved safety are unproven
o central computer failures could lead to massive accidents
o proponents concerned with limiting liability for failures
o proposed fuel savings from smoother driving could be lost through higher
  speeds
o main proponent of scheme is IVHS America, supported by 500 organizations
  including IBM, AT&T, Rockwell, General Motors, Chrysler, Ford
o minor attention given to smart public transport, priorities for
  high-occupancy vehicles

Participants in RISKS will shudder at the thought of testing computer programs
design to control thousands of cars in lockstep at 200 kph.  I wouldn't enjoy
being part of the beta-test population.  I wonder how much attention will be
paid to deliberate or accidental interference?

o Presumably information will be transmitted through radio-frequency modems.
  What will the unique identifiers be for each car.  What happens if two cars
  have the same identifier?

o How will partial or total breakdown of the control systems be handled?
  Car-to-car signalling?

o What methods will be put into place to prevent spurious instructions from
  being accepted by car controllers?

I find the concern with legal liability an alarming indication of where we're
headed.

Good fun for those interested in reliability and security; not so good fun for
early users, I fear.

Michel E. Kabay, Ph.D.  Director of Education  National Computer Security Assn


Risky Demo Offer

Rex Wheeler <0003658705@mcimail.com>
Thu, 16 Dec 93 13:10 EST
I received an interesting thing in the mail yesterday. It was an unsolicited
advertisement/demo for a mail system to run on a Novel PC LAN. It came with a
disk that included the instructions: 1) Log into your server as SUPERVISOR, 2)
Create a directory for the mail software (In SYS:PUBLIC), 3) copy the contents
of the floppy to the new directory, and 4) Run the install program.

There is also a postcard that you can send in to receive a free t-shirt. All
you have to do is provide your Name, Title, Company, Address, Telephone, Fax,
Signature, and your "unique code number" (which presumably the software will
provide you.)

To sweeten the offer there is another card you can send in to enter to win a
Jeep and other prizes. This card asks for similar information.

If you run the demo and follow the instructions, you will have executed
unknown software from a fully privileged account, and told this company where
to find you and your computers.

Sounds like an great opportunity for a Trojan Horse. The "unique code number"
could also easily contain information that indicates what else is on your
system that may be of interest to this company.

Rex Wheeler  rwheeler@mcimail.com (365-8705)  70712.110@compuserve.com


"Re-Chipping" Stolen Mobile Phones

<Brian.Randell@newcastle.ac.uk>
Wed, 15 Dec 1993 11:52:29 GMT
 [Following is the complete text of an article in the 15 Dec 1993 edition of
  the (UK)Independent.  I am somewhat surprised at the claimed extent of
  "re-chipping" of stolen mobile phones, and at the fact of it being legal, but
  have no basis on which to dispute the facts as stated.  Brian Randell, Dept.
  of Computing Science, University of Newcastle, Newcastle upon Tyne, NE1 7RU,
  UK Brian.Randell@newcastle.ac.uk +44 91 222 7923]

LOOPHOLE ON STOLEN PHONES ATTACKED,
Patricia Wynn Davies, Political Correspondent

BRITAIN'S latest crime wave - the reprogramming of hundreds of thousands of
stolen mobile telephones - is legal, while the necessary technology is openly
advertised in newspapers and magazines.  Telephones automatically barred from
networks when a theft is reported are re-entering the system in their
thousands after being "rechipped" by people the law does not treat as
criminals.

Robert Maclennan, the Liberal Democrat home affairs spokesman, has written to
Michael Howard, the Home Secretary, urging the closure of the legal loophole.
Organised rings of mobile phone thieves were getting "easy pickings" amounting
to about 350M pounds a year, Mr Maclellan said.

The rechipping process, involving the reprogramming of serial numbers so that
the network no longer recognises the phone as the stolen original, can be
easily accomplished using equipment that can be plugged into an ordinary home
computer.

Chipping services offered by dealers and openly advertised in trade magazines
and newspapers have been defended as a necessary facility for honest customers
buying second-hand telephones from previous owners who have run up bad debts
during the recession. But the biggest beneficiaries appear to be criminals.

The reprogramming racket has provided a ready outlet for small and big-time
thieves - the black market price of up to (pounds) 150 for a stolen cellphone
easily outstrips that of a stolen car stereo - while spawning a mini-industry
of "phone chippers" turning out new sets of chipping software each time a new
model is launched.

Thefts are estimated by the industry to be running at 10,000 a month, more
than 400 each day, while police forces around the country believe they account
for 40 per cent of city-centre car break-ins.

Mr Maclennan has told Mr Howard that the loophole could be easily closed with
a minor amendment to the 1984 Telecommunications Act in the forthcoming
Criminal Justice Bill.

"This is straightforward counterfeit, but astonishingly it is not illegal," he
said. "The police know who many of the crooks are, but cannot touch them."

A similar process of "cloning" a subscribers' serial and telephone numbers
into another person's phone results in innocent subscribers being billed for
fraudulent calls.  Both processes render the phone untraceable.


Interactive TV: electronic democracy, risks to privacy, etc.

John Gray <grayjw@cs.aston.ac.uk>
Thu, 16 Dec 93 14:02:33 GMT
On UK television last night, a regular evening programme, "The Late Show" was
concerned with forthcoming developments in television. This centred around the
potential for high bandwidth and bidirectional communications offered by the
use of optical fibre for cable TV services.

This increase in the number of channels, some with an interactive content
(shopping channels, databases, computer games) would promote the concept of
configurable TV ("MeTV" was the name they chose) which allows the user to
decide what kind of things they wish to watch, and thus they will largely use
only one channel: the one they have configured.

Interestingly, one of the contributors raised the privacy issues: if you know
exactly what TV programmes someone likes watching, then you (or your computer
system) can tailor direct mail (and even TV adverts) to have the maximum
impact. The difference between this and standard audience research is that the
*viewer* builds a profile for the advertiser, when they configure the system.

Also in the programme, an executive for CBS raised the point that if everyone
only subscribes to compilation services, where does the original material
come from? If people select what they view in advance, will they miss out on
things that might entertain and enlighten them. The suggestion was made that
people will retreat much more into their own pursuits and that "community" will
suffer. What happens to people who are too poor to have cable, either because
their neighbourhood isn't cabled, or because they can't afford to subscribe.
They also touched on electronic democracy in this context: if you can't afford
to subscribe, will you have a voice on an equal footing with others?

Finally, a contributor from the EFF suggested that the Internet be used as a
model: the idea of providing these services to form communities controlled by
users rather than by large companies or governments. Sadly, it seems as if the
commercial attractions to advertisers and corporations will win out.

John Gray


Trouble with funny place names

Mark Brader <msb@sq.com>
Fri, 17 Dec 1993 22:50:00 -0500
In the Usenet newsgroup rec.puzzles, there has been a little discussion
recently of place names with unusual characters.  It was suggested
that Westward Ho!, England, was unique for containing the punctuation
mark "!", but then somebody topped this by calling attention to
Saint-Louis-du-Ha! Ha!, Quebec, Canada.

At this point I decided to look these places up in atlases to see
where exactly they are.  The one I found Saint-Louis-du-Ha! Ha! in
was the Rand McNally Road Atlas, 1991 edition.

In the index, the place is spelled... "St.-Louis-du-Ha90 Ha90".

Mark Brader  Toronto  utzoo!sq!msb   msb@sq.com

(P.S.: Westward Ho! is on the north coast of Devon, more or less
straight north of Plymouth.  Saint-Louis-du-Ha! Ha! is about halfway
between Riviere-du-Loup, Quebec, and Edmundston, New Brunswick.)


Mexico Turns Off Quake Warning System

F E Carey +1 908 949 8049 <fec@arch4.ho.att.com>
Sun, 19 Dec 93 15:21:52 EST
Mexico's earthquake warning system has been turned off after failing at least
twice since it went into operation in August.  In October a quake measuring
6.8 on the Richter scale hit but the alarm didn't sound.  In November a false
alarm went out on a calm Tuesday evening.  Technologically, the system is
fairly simple.  Solar powered seismic detectors signal a desktop Olivetti.
Radio stations receive signal directly from the Olivetti system and broadcast
warbling tones like something from a science fiction movie.  Professor of
Engineering Juan Manuel Espinosa Aranda, head of the warning system, said it
was tested for two years before going into operation.  He said the two
failures resulted from simple, though lamentable, errors adding that it is
better to have a warning - even if it might be false - than simply to let
nature take its course.  Not all share his view.  Cinna Lomnitz, a seismology
professor, said: "Basically, this is an experimental system that should not be
broadcast to the public right off the bat.  Indirectly, these people have
damaged our reputation as seismologists."  Luis Abraham Villa, an office
assistant, said: "It creates collective hysteria.  It really affects the older
people.  They go crazy."

Reported in The New York Times, 12/19/93

Frank Carey at Bell Labs    f.e.carey@att.com


Wireless Laptop Eavesdropping

Andrew Duane USG/PE <duane@zk3.dec.com>
Mon, 20 Dec 93 15:47:00 EST
I just saw a blurb on "The Computer Chronicles" about the last Comdex show,
which focussed on portables, laptops, notebooks, and accessories for them. One
new product, whose name I didn't catch ("AirLink"?) was a wireless device that
automatically downloads all of your modified files as soon as you get within
30 meters of your PC. There is no user interface at all. It even works through
walls.

The possibilities for data theft are endless. Apparently, there is not even a
warning that downloading is occurring. It seems that once these are common, an
industrial spy could wander O'Hare airport and download a lot of files if
he/she were so inclined.

Does anyone have more information on this product?

Andrew L. Duane, Digital Equipment Corporation  USG Kernel Scalability
Nashua, NH   03062-2698    603-881-1294 duane@zk3.dec.com


Re: Harry Erwin on Digital Woes (RISKS-15.34)

Lauren Wiener <lauren@reed.edu>
Thu, 16 Dec 93 17:38:23 -0800
I was certainly interested to read Mr. Erwin's contribution.  "Digital Woes"
is intended to highlight a widespread problem to an audience that is
essentially oblivious to such matters (certainly not the RISKS audience!).
While the problem of unreliable and overly costly software is undeniably
widespread, it would be simple-minded to insist that it is universal.
Categories are ordinarily fuzzy; exceptions make life interesting, after all.
(I myself am having the pleasure, at present, of working for folks who write
specs!)

It is entirely possible that the project Mr. Erwin describes is such an
exception.  If so, let me add my congratulations to Mr. Distaso's.  However, I
am curious to learn more about this project -- especially if it *was*
exceptional.  In particular, I am curious to learn:

* What was the purpose of the software?

* What was it supposed to do?

* Was the product actually used in real-world situations, as opposed to
  testing?

* Were the acceptance tests specified in advance?  Were they available to the
  developers to use as they developed the software?

* If the product was used beyond testing, did it satisfy the real-world
  requirements as well as the tests?

* If the project was a contract with the U. S. gov't, was it in the interests
  of both the subcontractor and the government to declare the project a
  success?  Did this equate to a big career win for all the parties involved?
  (Unfortunately, the incentives are often such that it is in the interests of
  neither party to point out weaknesses in the product.  This kind of
  arrangement can make such congratulatory letters sound a bit hollow.)

It is entirely possible, of course, that the project Mr. Erwin describes had
none of these weaknesses, and was in fact a true and marvelous success.  All
the more reason to learn more about it, if possible.  It would be wonderful to
isolate even one factor that could help the rest of us.


Question About Singapore Lottery Crime

Sanford Sherizen <0003965782@mcimail.com>
Mon, 20 Dec 93 19:03 EST
I am trying to find some detailed information about a recent case in Singapore
where a systems person who worked for the national lottery was able to fix or
determine in advance the winning number and tip off a friend who placed a bet.
The individuals were recently found guilty and sentenced.  If anyone knows the
details, please post on RISKS or send to me.  Thanks.

Sanford Sherizen  Data Security Systems  Natick, Massachusetts


ISOC Symposium on Network and Distributed System Security

Dan Nessett <nessett@ocfmail.ocf.llnl.gov>
Mon, 20 Dec 1993 11:29:21 -0800
Wednesday, February 2

6:00 P.M. - 8:00 P.M.
  Registration and Reception

Thursday, February 3

7:30 A.M.
  Continental Breakfast
8:30 A.M.
  Opening Remarks
9:00 A.M.
  Session 1:  Electronic Mail Security
                       Chair: Steve Kent (BBN)
  Certified Electronic Mail, Alireza Bahreman (Bellcore) and Doug Tygar
    (Carnegie Mellon University), USA
  Privacy Enhanced Mail Modules for ELM, Selwyn Russell and Peter
    Craig, Queensland University of Technology, Australia
  Management of PEM Public Key Certificates Using X.500 Directory
    Service: Some Problems and Solutions, Terry Cheung, Lawrence
    Livermore National Laboratory, USA
11:00 A.M.
  Session 2: Panel: Public Key Infrastructure, Santosh Chokhani (MITRE),
    Michael Roe (Cambridge University), Richard Ankney (Fischer, Intl.)
                       Chair: Miles Smid (NIST)
2:00 P.M.
  Session 3:  Protocols
                       Chair: Tom Berson (Anagram Labs)
  Paving the Road to Network Security, or The Value of Small Cobblestones,
    H. Orman, S. O'Malley, R. Schroeppel, and D. Schwartz, University of
    Arizona, USA
  A Complete Secure Transport Service in the Internet, Francisco Jordan
    and Manuel Medina, Polytechnical University of Catalunya, Spain
3:30 P.M.
  Session 4:  Internet Firewall Design and Implementation
                       Chair: Jim Ellis (CERT)
  Inter-LAN Security and Trusted Routers, Pal Hoff, Norwegian Telecom
    Research, Norway
  Trusted to Untrusted Network Connectivity:  Motorola Authenticated
    Internet Access -- MANIAC(TM), Bill Wied, Motorola, USA
  BAfirewall: A Modern Firewall Design, Ravi Ganesan, Bell Atlantic, USA
  A Network Perimeter With Secure External Access, Frederick Avolio and
     Marcus Ranum, Trusted Information Systems, USA
7:00 P.M.
  Banquet

Friday, February 4

8:30 A.M.

  Session 5:  Panel: All Along the Watchtower: Experiences and Firefights
    Managing Internet Firewalls, Bryan Boyle (Exxon Research), Brent
    Chapman (Great Circle Consulting), Bill Cheswick (AT&T Bell Labs),
    Allen Leibowitz (Warner-Lambert), Paul Vixie (Vixie Enterprises)
                       Chair: Marcus Ranum (TIS)
10:30 A.M.
  Session 6:  Issues in Distributed System Security
                       Chair: Cliff Neuman (USC-ISI)
  CA-Browsing System -- A Supporting Application for Global Security
    Services, Denis Trcek, Tomas Klobucar, Borka Jerman-Blazic, and Franc
    Bracun, Jozef Stefan Institute, Slovenia
  The X.509 Extended File System, Robert Smart, CSIRO Division of
    Information Technology, Australia
  Auditing in Distributed Systems, Shyh-Wei Luan (VDG, Inc.) and Robert
    Weisz (IBM Canada Laboratory), USA/Canada
1:30 P.M.
  Session 7:  Authentication
                       Chair: Dave Balenson (TIS)
  The S/KEY(tm) One-Time Password System, Neil Haller, Bellcore, USA
  A Technique for Remote Authentication, William Wulf, Alec Yasinsac,
    Katie Oliver, and Ramesh Peri, University of Virginia, USA
  Remote Kerberos Authentication for Distributed File Systems:  As
    Applied to a DCE DFS-to-NFS File System Translator, Thomas Mistretta
    and William Sommerfeld, Hewlett-Packard, USA
3:30 P.M.
  Session 8:  Panel:  IP Security Alternatives, K. Robert Glenn (NIST), Paul
    Lambert (Motorola), David Solo (BBN), James Zmuda (Hughes)
                       Chair: Russell Housley (Xerox)

PROGRAM CO-CHAIRS

Russell Housley, Xerox Special Information Systems
Robert Shirey, The MITRE Corporation

GENERAL CHAIR

Dan Nessett, Lawrence Livermore National Laboratory

PROGRAM COMMITTEE

Dave Balenson, Trusted Information Systems
Tom Berson, Anagram Laboratories
Matt Bishop, University of California, Davis
Ed Cain, U.S. Defense Information Systems Agency
Jim Ellis, CERT Coordination Center
Steve Kent, Bolt, Beranek and Newman
John Linn, OpenVision Technologies
Clifford Neuman, Information Sciences Institute
Michael Roe, Cambridge University
Robert Rosenthal, U.S. National Institute of Standards and Technology
Ravi Sandhu, George Mason University
Jeff Schiller, Massachusetts Institute of Technology
Peter Yee, U.S. National Aeronautics and Space Administration

BEAUTIFUL SAN DIEGO

The Symposium venue is the Catamaran Resort Hotel, providing 7 acres of
gorgeous surroundings, facing Mission Bay and only 100 yards from
beautiful Pacific Ocean beaches. Spouses and family members can catch a
convenient Harbor Hopper for a quick trip to Sea World. After the
Symposium, plan to spend  the weekend  visiting La Jolla, the world
famous San Diego Zoo or Mexico, only  30 minutes by car or Trolley.

A limited number of rooms have been reserved at the Catamaran for the
very special rate of $77 single, $87  double. Reservations, on a space
available basis, can be made by calling (800) 288-0770 and indicating you are
attending the ISOC Symposium. Reservations must be made before Jan. 1,
1994 to ensure  this rate.

CLIMATE

February weather in San Diego is normally very pleasant. Early morning
temperatures average 51 degrees while afternoon temperatures average 67
degrees. Generally, a light jacket or sweater is adequate during February;
although, occasionally it rains.

TRANSPORTATION

San Diego International Airport is 10 miles (15 minutes) from the
Catamaran  Hotel. Supershuttle operates a continuous service between the
airport and the hotel: fare is $6.00. When you arrive at the airport, use the
free Supershuttle phone. Taxi fare between the airport and the hotel is $20.
The Catamaran charges $6 per day for parking.

REGISTRATION FEES

Postmarked        Subsequent
by Jan. 1         registration

$305              $350

No refunds after Jan. 20.

REGISTRATION INCLUDES

- Attendance    - Symposium Proceedings
- Reception     - Banquet
- Luncheons     - Coffee Breaks

On-site registration is available Wednesday evening at the reception, and
Thursday morning at the Symposium. For more information on
registration and local arrangements contact Dan Nessett at (510) 422-4033
or nessett@llnl.gov.

SYMPOSIUM REGISTRATION FORM

Name ________________________________________________

Affiliation__________________________________________

Name on Badge _______________________________________

Vegetarian Meals?____________________________________

Mailing Address _____________________________________

_____________________________________________________

_____________________________________________________


(Area Code)Phone # ___________________________________

Email Address _______________________________________

Make check (credit cards not accepted) payable to SNDSS94. (Registration is
not effective until payment is  received). Mail to: ISOC Symposium, C/O
Belinda  Gish, L-68, Lawrence Livermore National Laboratory,  Livermore,
CA. 94550.

Please report problems with the web pages to the maintainer

Top