The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 15 Issue 77

Tuesday 19 April 1994

Contents

o Risks ... to the quality of science: Clifford Truesdell
Michael Tobis
o Dial-in Electric Meter Readings Sans Safeguards
Scott Rose
o Stun belts -- who has the remote?
Jak Kirman
o Risks of Data Compression
Joe Decker
o TV Guide Contest
Agris Taurins
o Re: MIT student arrest
Dwight Silverman
Sidney Markowitz
o Re: Green-Card Flap [Risks, Lawyers]
Ed Clarke
o "Naissance d'un virus" by Ludwig/Condat
Rob Slade
o IFIP SEC '94 Program
Willis H. Ware
o Info on RISKS (comp.risks)

Re: Risks ... to the quality of science (Ruderman, RISKS-15.75)

Michael Tobis <tobis@skool.ssec.wisc.edu>
Mon, 18 Apr 94 22:27:56 -0500
This issue was addressed in a remarkable essay by the eccentric and
curmudgeonly fluid dynamicist Clifford Truesdell. The essay is called "The
Computer: Ruin of Science and Threat to Mankind", in _An Idiot's Fugitive
Guide to Science_, Springer_Verlag, 1984. If the title is not temptation
enough, the following is a list of subheadings in the essay, capitalization
intact:

  1. Spatial Flight would have been Impossible without Computers.
  2. Spatial flight would have been impossible without the Classic Equations
     of Motion
  3. Calculation without Classic Standards is Dangerous. A Computer is
     Incapable of Setting its own Standards.
  4. Computers have Harmed Science Already.
  5. Mathematics is the Science of Infinities. Computation is Essentially
     Finite.
  6. Computers Bring Power and the Abuses of Power. Advocates of Computing
     Seek to Destroy Mathematics.
  7. Computing Promotes Factual Fraud. It has Harmed Experimental and Applied
     Science in the Past and is Copntinuing to do so. By its Emphasis on
     Application of the Already Known, it can Delay Basic Discovery and thus
     Reduce the Field of Applications in the Future.
  8. Classic Theories used Inductive and Deductive Models. Computing
     Encourages Floating Models.
  9. Computing Promotes Logical Fraud. Computers Programmed to Confirm False
     Theory can Destroy Mankind.
 10. Summary: Computers are Here to Stay. They Endanger Thought, Language,
     Science, and the Survival of Man. Like any other Dangerous Tool, they
     should be Put under Strict Controls.

  [OK, perhaps it's a bit overdrawn, but I think anyone who intends to use
  computers to model nature should have a look at this remarkable jeremiad. mt]


Dial-in Electric Meter Readings Sans Safeguards

Scott Rose <rose@cs.wisc.edu>
Tue, 19 Apr 1994 09:00:25 +0100
My electric utility-- Madison Gas and Electric-- has embarked upon a new
meter-reading scheme that seems not to have been given a whole lot of thought.

Many of the electric meters in my neighborhood are not accessible from outside
the house, so the chances of meter-reader getting the data on a particular
visit are quite low in this era of double-income households.

In the old scheme, the meter-reader left a business-reply postcard after
ostensibly determining that the customer wasn't home to allow access to the
meter (in practice, the meter reader just leaves the card without notice,
apparently having determined that the route can be finished more quickly
without those pesky delays associated with actually determining that the
customer isn't home, but that's a flame for another forum).  The meter-reader
fills in the meter number section of the card-- a six-digit number that
uniquely identifies the meter-- the customer fills in the usage section of the
card and drops it in the mail, and MG&E picks up the roughly $.30 tab for the
reply card postage.

The new scheme is similar, except that instead of leaving a mail-in card, the
meter-reader leaves a phone-in card.  Customers each got a sample card in the
mail the other day, and I decided to give it a trial run.  Here's how the
session went:

  I dialed the number printed on the card and listened while the friendly
  voice described how to punch in my six-digit meter number after the beep.

  Having failed to determine my meter number, I punched in "111111".

  The friendly voice asked me to verify that my street address was a
  particular four-digit number (that is now lost to memory) by pressing
  a particular key.  It wasn't, of course, but I... ah... did.  This is
  just a test run, right?

  The friendly voice asked me to enter my meter reading.  I punched in "1111".

  The friendly voice thanked me for my cooperation and wished me a nice day.

Is it relevant that the rest of the day *was* relatively nice for me?

The upsides for The Company are quite apparent: the customer picks up the $.06
cost of the call, while the Company saves both the postage and keypunch costs.

The Big Risk that was apparent to me in this system was that the friendly
voice presented me with my street address and asked me to verify it, rather
than the reverse.  It's nice that they gave a bit of thought to verifying
input, but isn't this approach a bit like presenting a computer user with the
account password after the user name is typed and asking if it's correct?
While it is true that there is no computer account to be hacked on the other
side of this authentication mechanism (which is a strong malice motivator in
the case of computer accounts), it is also true that there are hearts full of
mischief in this world and big electric bills to be paid or protested if this
system is implemented as proposed.

BTW, in the same mailing was a proposal for an alternate meter-reading scheme.
The customer simply provides The Company with a copy of the key to the home,
and the meter-reader simply lets self into the home to read the meter as
necessary.  Who can spot the risks in this one?

    -Scott Rose


Stun belts -- who has the remote?

Jak Kirman <jak@cs.brown.edu>
Thu, 14 Apr 94 00:10:31 +0100
AP and NBC reported recently on the use of REACT belts by police.  Strapped
around a prisoner's waist, the belts can deliver a 50,000-volt, 4-6 mA current
to the prisoner's back muscles, enough to incapacitate the prisoner.  They are
activated by "a remote control like a garage-door opener".  These belts are
used on prisoners in transit and in court.  The reports supplied no details
concerning the communication between the remote device and the belt.

I wonder how much thought the designers gave to the possibility of
unauthorized activation of the belt, e.g. by friends of the victim or simply
out of malice.  Judging by the footage on the NBC clip, it would be very hard
indeed to get the belt off a prisoner who was being zapped by some unknown
person.

If the remote device actively transmits start and stop commands, it might also
be possible for an associate of the prisoner's to inhibit or curtail
authorized activation; this would put the prisoner at a substantial advantage
in an attempt at escape, since prisoners wearing the belt are not hand-cuffed,
and are presumably not expected to make a run for it.

Can anyone supply technical details that would clarify the risks?

Jak Kirman  jak@cs.brown.edu


Risks of Data Compression

Joe Decker <joe@synaptics.com>
Mon, 11 Apr 94 11:06:05 PDT
An article in the most recent issue of _Weatherwise_ magazine contained a
description of a system under development to send weather radar images to
general aviation via data compression.  One technique apparently used to
minimize bandwidth was to not provide distinctions between the highest radar
reflectivity levels, the idea being (according to the article) that you
wouldn't want to be in a light plane in any of them.  This neglects the RISK
that you already are in one of them.

A more insidious RISK was not noted in the article. Many image compression
methods result in images with misleadingly high amounts of detail.  Such
images could mislead pilots into making decisions based on false detail in the
decompressed images.  Image compression in safety-related applications clearly
demands caution.

joe decker     @synaptics.com    @alumni.caltech.edu


TV Guide Contest

Agris Taurins <neodata!taurins@sterling.com>
Tue, 19 Apr 1994 23:36:49 GMT
Is it just me, or has anyone else noticed the TNG contest in the April 23-29
issue of TV Guide?

As contests go, it's nothing terribly special.  The winner(s) get flown out
to Hollywood to watch the final episode.  The most interesting item follows,
directly out of the "Official Rules":

    ...To enter the sweepstakes electronically:  Send your responses
    by April 29, 1994, to tvgtrek@delphi.com.  Include name, address
    and telephone number, along with the answer to each of the seven
    questions.  Sponsor not responsible for computer malfunctions;
    late, lost, or misdirected mail.

Earlier in the rules it states "Enter as often as you wish but limit one
entry per envelope."  The only "out" them might have is another line stating
that "No mechanical reproductions will be accepted."  But since they've
explicitly stated that they're accepting electronic entries, I would think
that it doesn't apply.

How many mailer daemons do you think will be spinning out there?  How soon
will it be (if it hasn't happened already) before the mail spool on delphi
overflows?

Agris Taurins (402) 697-8006 taurins@neodata.uucp
      ...uunet!sparky!neodata!taurins


Re: MIT student arrest (Cohen, RISKS-15.76)

Dwight Silverman <Dwight.Silverman@chron.com>
Mon, 18 Apr 94 21:52:54 CDT
Frederick B. Cohen, writing in the RISKS digest, muses about the case
involving the MIT student arrested for having a BBS at that made commercial
software available. Cohen implies that the student was unaware of the nature
of the material at the site, an implication that I cannot let go unchallenged.

According to news reports about details in the indictment, the student not
only was aware of what was being posted, but posted a public notice asking
that the existence of the site not be trumpeted. The indictment, according to
the reports, indicated he was more than just a "patsy."

Should MIT be "arrested," as Cohen suggested, because of the presence of this
site on their machines? No, anymore than a phone company can be arrested
because of telephone fraud. I've also seen comments on the Internet that those
who uploaded the software should be arrested, as well. That's probably true,
but it's not that easy. Again, according to news accounts, many of those who
contributed to "Cynosure," as it was called, used anonymous account services
to do so.

The RISK? Appear to be breaking the law, and you'll end up in a lot
of trouble. It doesn't get much simpler than that.

Dwight Silverman, The Houston Chronicle    dwight.silverman@chron.com


Pointer to details on arrest of MIT student (Cohen, RISKS-15.76)

Sidney Markowitz <sidney@apple.com>
Mon, 18 Apr 1994 19:14:07 -0700
[sidney markowitz <sidney@apple.com> SK8Board Punk Rocket Scientist
Advanced Technology Group, Apple Computer, Cupertino, CA 95014]

Here is a pointer to information about the case of the MIT student who was
arrested recently. Although it is a solicitation for a legal defense fund, it
contains presentations from both sides of the case and will be of interest to
anyone who is interested in the broader political, moral and RISKy issues that
are involved. In particular, this is not a simple case of software piracy or
computer "hacking". The student is not being accused of copying copyrighted
software, but only of operating a BBS that others used for that purpose. He is
being charged under wire-fraud laws, being applied in a manner that is
unusual, to say the least.

The following can be accessed via Mosaic or other World Wide Web client
using the URL address

   http://martigny.ai.mit.edu/dldf/home.html

Here's a quote extracted from the home page so you can see what is available
there. In the actual Web version, the bulleted items at the end are hot links
to their respective files.

  The David LaMacchia Defense Fund was organized to ensure that David
  LaMacchia gets a fair trial. LaMacchia has been indicted by the federal
  government for conspiracy to commit wire fraud. "This is the first time in
  Massachusetts that the wire fraud statute has been used in a computer
  bulletin board case," said Stephen Heyman, deputy chief in the US attorney's
  office.  That makes the case interesting, law-making, and very expensive. An
  unfortunate side-effect of our common law system, where laws are made by
  decisions in particular cases, is that an individual involved in a
  constitutional test case is faced with the certainty of staggering legal
  bills as well as the possibility of imprisonment and fines.

  Contributions to the Fund will be used to defray a portion of LaMacchia's
  legal expenses. The Fund spends nothing on advertising, salaries, promotions,
  etc.; 100% of contributions are used for legal defense.

  The Fund takes no position on the merits of either side's case.

  Information from both sides
   * The Indictment
   * U.S. Attorney's April 7, 1994 press release
   * Response of Defense Counsel, April 8, 1994
   * Issues Primer (from Defense Counsel), April 11, 1994


Re: Green-Card Flap [Risks, Lawyers] (PGN, RISKS-15.76)

Ed Clarke <clarke@watson.ibm.com>
Tue, 19 Apr 94 11:20:50 EDT
PGN omitted the quantity of mail that indirect.com received; 100 megabytes!
They crashed of course as most systems would when presented with that kind
of a mail overload.  You also did not mention that this was the second time
that they'd tried this trick ( only about a hundred groups last time ) and
that they deliberately did not return the signed agreement that forbids
this kind of abuse.

Posting their local phone number and FAX !!!! number was kind of cute
though.  Many more calls and faxes are going to the Tenn. Bar Association
since that's where they are licensed.

By the way, you can add my (home) system to the "crashed" list.  I get about
35 meg of compressed news per day, it jumped to 45 meg compressed and I ran
out of inodes.  Loss of news is similar to a crash.  My down stream sites
aren't going to see it, so it's loss of service anyway. The minor 5000
crossposts could be absorbed (at my site), but the huge amount of complaints
in every bloody group killed me.  Reminds me of the ping-pong ball
demonstration of nuclear fission that was shown on TV when I was a kid.  One
ball gets tossed into a room full of ping-pong balls on mouse traps ... boom!

Ed Clarke  clarke@acheron.UUCP  clarke@watson.ibm.com


"Naissance d'un virus" by Ludwig/Condat

"Rob Slade, Ed. DECrypt & ComNet, 604-984-4067" <ROBERTS@decus.ca>
Tue, 19 Apr 1994 10:06:47 -0600 (MDT)
BKNAISDV.RVW  940113

"Naissance d'un virus", Ludwig translated by Condat

I have previously reviewed Ludwig's original book (cf BKLUDWIG.RVW) and,
basically, everything applies to this as well.  I have only two brief comments
to make on the translation.

I am rather surprised that a publishing house with the stature of Addison-
Wesley took this on.  I note that the promotional material which came with the
book states that the original was banned for export from the United States.
Even allowing for marketing hyperbole, they must have known that it would give
rise to some kind of difficulties.  As, indeed, it did:  a recent court
challenge has attempted to ban distribution of the book.  I haven't yet heard
the outcome.  (I also note that the book is supposed to help you choose
antiviral software:  didn't they even read it first?)

The second addresses the issue of the educational value of the book.  As
previously noted, the text sections leave a great deal to be desired in terms
of pedagogy.  The viral code, however, is intact, and unchanged.  All the
comments are still in English.

(I am very amused to note that the French translation of "computer virus"--
What?  No, of course not.  Don't be naive.--is CPA, standing for either "codes
sources autopropageables" or "codes parasites autopropageables".  This side of
the pond CPA means a different sort of parasite.)

copyright Robert M. Slade, 1994   BKNAISDV.RVW  940113

Vancouver Institute for Research into User Security  Canada V7K 2G6
Robert_Slade@sfu.ca rslade@cue.bc.ca  p1@arkham.wimsey.bc.ca p1@CyberStore.ca


IFIP SEC '94 Program [Excerpted from long message by PGN]

"Willis H. Ware" <Willis_Ware@rand.org>
Fri, 08 Apr 94 11:29:46 PDT
The Tenth International Conference on Information Security - IFIP SEC'94

FOR FULL BROCHURE, CONTACT THE FOLLOWING:

     FAX: IFIP SEC'94 SECRETARIAT +599 9652828

     OR AIRMAIL TO: IFIP SEC'94 SECRETARIAT POSTOFFICE BOX 4 0 6 6 WILLEMSTAD
     - CURACAO NETHERLANDS ANTILLES CARIBBEAN

     OR EMAIL TO: <  TC11@IAIK.TU-GRAZ.AC.AT   >

Organized by Technical Committee 11 of the International Federation for
Information Processing, IFIP/TC 11 - in cooperation with the Special Interest
Group on Information Security of the Dutch Computer Society - and hosted by
the Caribbean Computer Society.

                        I F I P   S E C ' 9 4
                      M A Y  2 3 - 2 7 , 1 9 9 4
                   I T C  P I S C A D E R A  B A Y
            C U R A C A O,   D U T C H  C A R I B B E A N
     I  N  T  E  R  N  A  T  I  O  N  A  L    P  R  O  G  R  A  M
          Dynamic Views on Information Security in Progress

     ***ABOUT THE TENTH INTERNATIONAL INFORMATION SECURITY CONFERENCE

This event is the Tenth in a series of conferences on information security.
Something to celebrate.  The organizers have compiled a truly exceptional,
unique, and especially upgraded conference in a setting suitable for
celebrating its Tenth birthday.  Over 75 sessions will cover just about all
aspects of information security, on a senior and advanced level.  The formal
language of SEC'94 is English.  The proceedings are published by Elsevier
North Holland in its acclaimed series.

***INVITED PRESENTATIONS***

Computer based cryptanalysis: man versus machine approach by Dr. N.
Balasubramanian, former director of the Joint Cipher Bureau/ Cryptographic
Services of the Department of Defense of the Government of India.

Establishing a CERT: Computer Emergency Response Team by Kenneth A. van Wyk,
manager Assist team, Defense Information Security Agency of the Department of
Defense, United States

Privacy aspects of data travelling along the new 'highway' by Wayne Madsen,
scientist Computer Science Corp., United States

Issues in designing and implementing a practical enterprise security
architecture by Ross Paul, manager information security, the Worldbank, United
States

(key note's and other invited speakers to be announced by special bulletin)

IFIP TC 11 position paper in discussion: Security Evaluation Criteria by H.
Schoone, Netherlands

Special TC 11 Working group sessions:
11.8 Computer Security Education, chair: Em. Prof. Dr. Harold Highland
11.1 IT Security Management, chair: Prof. S.H. von Solms (S. Africa)
11.5 System Integrity and Control, chair: William List (UK)

Special Appearance: Information Warfare: waging and winning conflict in
cyberspace by Winn Schwartau (US)

Panel discussion: Panel discussion of the editors of Elseviers Journal
Computers and Security chaired by John Meyer, Elsevier (UK), editor

Extended UNIX tutorial: Unix meets Novell Netware by Kevin H.  Brady, Unix
Systems Lab. (US)

Extended virus tutorial: Technologically enabled crime: shifting paradigms for
the year 2000 by Sara Gordon (US)

Viruses:  What can we really do ? by Prof. Henry Wolfe (New Zealand)

Future trends in virus writing by Vesselin V. Bontchev (Bulgaria/Germany)

Viral Tidings by A. Padgett Peterson (US)

Integrity checking for anti viral purposes by Yisrael Radai (Israel)

Special appearance: *title to be announced* Prof. Eugene Spafford (US)


***REFEREED PRESENTATIONS***

Operations Security: the real solution to the problem - A. Don Temple (US)

Security in virtual reality: virtual security - Amund Hunstad (Sweden)

Prohibiting the exchange attack calls for hardware signature - Prof. Reinhard
Posch/Wolfgang Mayerwieser (Austria)

Towards secure open systems - Dr. Paul Overbeek (Netherlands)

A security officer's workbench - Prof. Dennis Longley/Lam For Kwok (Australia/
Hong Kong)

An introduction to Citadel: a secure crypto coprocessor for workstations - Dr.
Elaine Palmer (US)

On the calculation and its proof data for PI 10-9th - Shengli Cheng et al.
(P.R. of China)

Securenet: a network oriented intelligent intrusion prevention and detection
system - Ass. Prof. Dimitris Gritzalis et al. (Greece)

A methodology for the design of security plans - Drs. Fred de Koning
(Netherlands)

An open architecture for security functions in workstations - Stefan Santesson
(Sweden)

Security systems based on exponentiation primitives, TESS - Prof.  Thomas Beth
(Germany)

The structure and functioning of the COST privacy enhanced mail system - Prof.
Sead Muftic, Nada Kapidzic, Alan Davidson (Sweden)

The need for a new approach to information security - Dr. Jean Hitchings (UK)
A Practical database encryption system - Prof. C.  Chang/Prof. D. Buehrer
(Taiwan, ROC)

Security analysis and strategy of computer networks - Jie Feng et al.
P.R.o.China)

Information Security: legal threats and opportunities - Dr. Ian Lloyd
(Scotland)

Secure communication in LAN's using a hybrid encryption scheme - Prof. Mahmoud
El-Hadidi, Dr. Nadia Hegazi, Heba Aslan (Egypt)

Secure Network Management - Bruno Studer (Switzerland)

Ramex: a prototype expert system for computer security risk analysis and
management - Prof. Peter Jarratt, Muninder Kailay (UK)

The need for decentralization and privacy in mobile communications networks -
D.I. Frank Stoll (Germany)

Is lack of quality software a password to information security problems ? -
Dr. Peter Fillery, Nicholas Chantler (Western Australia)

Smart: Structured, multidimensional approach to risk taking for operational
information systems - Ing. Paul van Dam, et al. (Netherlands)

IT Audit: the scope, relevance and the impact in developing countries - Dr. K.
Subramanian (India)

Program structure for secure information flow - Dr. Jingsha He (US)

Security, authentication and policy management in open distributed systems -
Ralf Hauser, Stefano Zatti (Switzerland/Italy)

A cost model for managing information security hazards - Love Ekenberg,
Subhash Oberoi, Istvan Orci (Sweden)

Corporate computer crime management: a research perspective - Dr. James
Backhouse (UK)

A high level security policy for health care establishments - Prof. Sokratis
Katsikas, Ass. Prof. Dimitris Gritzalis, et al. (Greece)

Moss: a model for open system security - Prof. S.H. von Solms, Dr. P van Zyl,
Dr. M. Olivier (South Africa)

The risk-based information system design paradigm - Dr. Sharon Fletcher (US)
Evaluation of policies, state of the art and future research directions in
database security - Dr. Guenther Pernul, Dr. A.M. Tjoa (Austria)

Exploring minimal ban logic proofs of authentication protocols -
Anish Maturia, et al. (Australia)

Security concepts for corporate networks - Prof. Rolf Oppliger, Prof. Dieter
Hogrefe (Switzerland)

The security process - Jeanette Ohlsson (Sweden)

On the security of lucas function - Dr. C.S. Laih (Taiwan RoC)

Security considerations of content and context based access controls - Donald
Marks, Leonard Binns, Peter Sell, John Campbell (US)

Anonymous and verifiable databases: towards a practical solution - Prof.
Jennifer Seberry, Dr. Yuliang Zheng, Thomas Hardjono (Australia)

A decentralized approach for authorization - Prof. Waltraud Gerhardt, Burkhard
Lau (Netherlands)

Applying security criteria to a distributed database example - Dr. Marshall
Abrams, Michael Joyce (US)

A comparison of international information security standards based on
documentary microanalysis - Prof. William Caelli, Em.  Prof. John Carroll
(Australia/Canada)

Security in EDI between bank and its client - Pauli Vahtera, Heli Salmi
(Finland)

Secure information exchange in organizations - D.I. Ralph Holbein
(Switzerland) A framework for information system security management - Helen
James, Patrick Forde (Australia)

The security of computer system management - Xia Ling et al. (P.R.o.China)
Development of security policies - Jon Olnes (Norway)

Factors affecting the decision to report occurences of computer abuse - John
Palmer (Western Australia)

Secure manageable remote access for network and mobile users in an open
on-line transaction processing environment - Dr. James Clark (Singapore)

Please report problems with the web pages to the maintainer

Top