Previous IssueIndexNext IssueInfoSubmit ArticleFTPDo not even think about clicking on this button
 

The Risks Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 16: Issue 24

Thursday 14 July 1994

Contents

o Quoth the Maven, Livermore! (porno repository)
PGN
o "DUMB FROGS AHEAD"
Tom Zmudzinski
o Digital display boards on highways
Jason Hanson
o Mailers that add "Company Confidential"
Paul Szabo
o Scams
Phil Agre
o Re: Secure use of Internet
Tom Patterson
o Re: Shopping Risks...
Philip H. Smith III
o Re: Brock Meeks article on Clipper
Jerry Leichter
o Cellular phone risks/privacy
Phillip Brown
o Literary treatment of street-corner cameras
Scott Dorsey
o Teletext
Bob Richardson
Clive D.W. Feather
Bob Frankston
o Re: Laptop Danger
Bob Frankston
Joe Chew
Lars-Henrik Eriksson
Tony Abo
o Info on RISKS (comp.risks)
---------------------------------------------

Quoth the Maven, Livermore!

"Peter G. Neumann" <neumann@csl.sri.com>
Wed, 13 Jul 94 13:31:25 PDT 
Lawrence Livermore National Laboratory (one of the U.S.'s three nuclear
weapons labs) has had one of its unclassified Internet computers hacked
to provide a repository for 2 Gigabytes of pornographic images, storing
over 1000 pictures.  (You thought a picture is worth 1000 words?  In this
case it is worth 2000 kilobytes, i.e., 2 megabytes each.)  This was
reported in a Los Angeles Times article by Adam S. Bauman (appearing in
the San Jose Mercury, 12 July 1994, front page); the Times article also
noted that the Software Publishers Association and the FBI are tracking
something like 1600 B-boards that contain pirated software.  [Thanks to
Nachum Shacham for bringing in the clipping.]
---------------------------------------------

"DUMB FROGS AHEAD"

"Tom Zmudzinski" <zmudzint@cc.ims.disa.mil>
Thu, 14 Jul 94 15:27:41 EST 
This is one for the Highway, not the I-way (Information Dirt Road):

On 2 July 1994, on Route 29 in Virginia, one of those roadside variable
message electronic signs was reported as flashing:

                       "DUMB FROGS AHEAD"

This wasn't a case of someone fat-fingering "dense fog ahead".  Some
prankster(s) had gotten access to the controls and had a little fun
confusing the public.  Stacy Pruitt, spokesbeing for Virginia Department
of Transportation (VDOT), was quoted in the Washington Post as saying,
"We think someone got in there during the night.  What is mysterious is
that it takes a password to sign onto the system.  We're calling it
'highway hacking'."  VDOT officials reported that the security box (on
the back of the unit) was left unlocked, allowing physical access to the
keyboard.

Obviously, the so-called highway hacker(s) could have concocted a far
more dangerous prank (the mind boggles!) but that merely begs the REAL
question:
           How do you tell the smart frogs from the dumb ones?

Tom Zmudzinski  [Unreformed Paronomasiac]  ZmudzinT@CC.IMS.DISA.MIL
    CAUTION!   INCORRIGIBLE PUNSTER!   PLEASE DON'T INCORRIGE!

     [A chunk of the 13 July 1994 Washington Post article (which appeared
     in the "Dr. Gridlock" column about local auto and traffic issues) was
     sent to RISKS by marc@sti.com (Marc Pawliger), with the Subject line
     "FROGGY BOTTOM".  As I try not to use copyrighted material in its
     entirety (although I sometimes FROGETTE, as in the case of the amusing
     "TOUCH-TOE" [sic!] item "Risks of REDIAL" in RISKS-16.21), I have
     in this case chosen Tom's adaptation.  I TOAD the line on this one.
     TOUCH-TOAD or TOUCH-TOED?  "This carflee tastes like ZMUD to me!"
     "It should.  It was GROANED this morning."  PGN]
---------------------------------------------

Digital display boards on highways

Jason Hanson <jhanson@cs.wisc.edu>
Thu, 14 Jul 1994 16:40:04 -0500 (CDT) 
Often when driving, one is confronted with those big digital display boards
that warn of impending traffic conditions.  On top, there always appears to be
a cellular antenna.  Am I correct in thinking that there is a modem on the
cellular "line"?

The risks are somewhat obvious - one could call and change the message!  While
"COP AHEAD - SLOW DOWN" would be a bit amusing, a change from "BRIDGE OUT
AHEAD" to "WEST HIGH RULEZ" would be disastrous.

Jason J. Hanson, Univ. of Wisc., 22 Langdon Street #220  Madison, WI 53703-1344
  (608) 256-1004   Ham: N9LEA (Extra)    jhanson@yar.cs.wisc.edu
---------------------------------------------

Mailers that add "Company Confidential"

Paul Szabo <szabop@tualatin.pen.tek.com>
Thu, 14 Jul 94 17:42:01 PDT 
I received an e-mail that was distributed over a large mail-group today.  It
had a line, just below the "Subject" line, that read:

> Sensitivity: Company-Confidential

There are several RISKS here:

1)  Misuse of this label can cause your company problems when it
    comes time to sue someone for stealing confidential information.
    This label should mean what it says in order to be valid in court.
    My company has told the employees several times to use this
    label ONLY for actual confidential material, for this reason.

2)  It did not say which company the material was confidential for.
    It would not be a valid in court on actual confidential material
    because the company's name is not mentioned.

3)  The person who sent this message is not paying attention
    to lines that their mailer adds.  Lesson:  Learn how your
    mailer works!

Paul Szabo, Test Engineer, Tektronix Test and Measurement, Beaverton, OR
503-627-5811
---------------------------------------------

Scams

Phil Agre <pagre@weber.ucsd.edu>
Wed, 13 Jul 1994 18:13:59 -0700 
The 24 June 1994 issue of The Wall Street Journal contains a long article
about a wave of "fax scams" that has been emanating from Nigeria.  People
receive quasi-official-looking faxes with elaborate stories about money that
needs to be parked in their bank accounts for short periods, with large
profits promised.  The recipients of these faxes, of course, start dreaming of
big bucks.  Just before the deal is closed a temporary "hitch" arises,
requiring the person to send over some money or goods to bribe a government
official.  Needless to say, the money and goods are never seen again.  Part of
what makes these scams so effective is that the scammers manage to come up
with enough personal information about the victim to play on his or her weak
points and make the faxed "documents" more compelling.  The scam requires
faxes rather than just airmail because the parties need to exchange increasing
numbers of faxes as things get more complicated, and speed presumably helps
keep doubt from setting in.  The article says:

  Nigerian scam artists have claimed so many victims in Texas that the
  Nigerian soccer team and its fans have received a less-than-enthusiastic
  welcome at the World Cup games there.  In Addison, the Dallas suburb where
  the Nigerian team is practicing, a local newspaper quoted the police chief
  warning restaurateurs to beware of Nigerians bearing credit cards.  After
  outraged Nigerians called for his resignation, the chief said his remarks
  had been misinterpreted.

The full reference is:

  Geraldine Brooks, How a recurring scam cost an accountant and his wife
  $54,000, The Wall Street Journal, 24 June 1994, pages A1, A6.

The Risk, of course, is not specific to faxes.  When communications are cheap
and personal information is readily available, scams like these can readily
cross borders, so that criminal communications can originate in "off-shore"
locations where they are not likely to be punished.  Just think what will be
possible when global broadband communications become widely available.

Phil Agre, UCSD
---------------------------------------------

Re: Secure use of Internet (RISKS-16.22)

Tom Patterson <patterson@mcc.com>
Mon, 11 Jul 1994 09:39:17 -0600 
Re: Mosaic risks (Levine, RISKS-16.22)

 At the RISK of sounding like a commercial, "Mosaic" (a brand-name for the
generic World Wide Web (Web) technology) is and has been available in privacy
and integrity enhanced versions from the MicroElectronics and Computer
Technology Corporation (MCC - my employer).  MCC EINet has secured Web client
versions on Mac and Windows, as well as Unix servers.  Web is the latest in a
series of internet products that MCC has secured, including WAIS and FTP.  We
also maintain commercial grade access control and key servers on the network,
available to any registered user.

The two most obvious RISKS in an internet Web environment are the
authentication of the user and the server.  Just as a user must authenticate
to a server, responsible users will want non-reputable evidence that the
server is what it says it is.  This two-way authentication process is fully
deployed today.  And before everyone responds, we agree that their are many
more RISKS, and secured clients and servers are only part of our system, which
includes an internet security plan, risk analysis, fully integrated firewalls,
and transparent encryption.

Re: Fraud on the Internet (Rowley, RISKS-16.22)

  ... Your reaction is naive.  The short answer is yes.

The internet is a wonderful collection of networks of all shapes and
sizes, for many purposes.  There is no reason to try to impose additional
rules and regulations on it.  What is happening, however, is that as
commercial entities are looking to make use of it, they want additional
security features in place.  If a company puts in links to the internet
with a firewall and authenticating server, that does not 'require' the
rest of the users to change anything.  It just means that one
organization is making use of an advanced technology in a safe and secure
manor.

Tom Patterson, Director, INFOSEC, MCC  patterson@mcc.com
---------------------------------------------

Re: Shopping Risks... (RISKS-16.21)

703) 506-0500 <PHILS@RELAY.RELAY.COM (Philip H. Smith III,>
Wed, 13 Jul 94 08:14:49 EDT 
A minor but (mildly?) interesting bar-code risk lies in coupons which are part
of the packaging of products.  The manufacturers have figured out that they
shouldn't put barcodes on those which appear on the outside of packaging, lest
the store pay you for taking the product (although this means that the scanner
cannot verify that you bought the necessary product when redeeming the
coupon), but continue to put barcodes on those which appear *inside* the
product.

In the case of Healthy Choice frozen fake eggs, the coupon happens to be
on the inside, but *opposite the normal product bar-code*.  I found
myself paying for 2 products instead of paying for one and cashing a
coupon, when the checker scanned the wrong side of the coupon!

Hardly earth-shattering, but a nice gotcha.

...phsiii
---------------------------------------------

Re: Brock Meeks article on Clipper

Jerry Leichter <leichter@lrw.com>
Wed, 13 Jul 94 16:00:56 EDT 
It's Silvio M*i*cali.  Meeks got it consistently wrong throughout his article,
and unfortunately now even extracts are repeating the mastake.  :-)

                            -- Jerry

    [Your moderator knew that also, and somehow neglected to fix it.  PGN]
---------------------------------------------

Cellular phone risks/privacy

"Brown, Phillip" <Phil@gtemc.sprint.com>
Thu, 14 Jul 1994 18:01:30 -0400 
One more contribution on the use and abuse of cellular phone technology, if
the forum can tolerate it.  As a technology planning engineer in the trade,
I find the amount of ignorance-fueled fear of telephony and the vast amount
of misinformation on cellular telephony in particular to be a source of
constant amusement (but hey, I'm easily amused :).  I'll address some
specific remarks from earlier contributions first, then raise the noise
floor another few dB with my own views.

Willis H. Ware writes:
>If cells get smaller in the future, then the precision of location will
>increase ...

In a subsequent issue of Risks, Lauren Weinstein writes:
>If you read your phone bill inserts carefully, you may have already
> received a notice allowing you to choose whether or not you want your
> called number information released to VENDORS of telecommunication services!

The concern about monitoring is justified only up to a point -- remember, the
only reason for this information to be saved is because it has value to
someone.  Wireline telcos long ago abandoned detailed billing, and today don't
even retain that information unless required by a government agency; the cost
of collecting and storing this tidal wave of data is still too prohibitive to
make it useful on an everyday basis (this is a situation I don't see changing
in the foreseeable future, either).  The cellular phone industry, on the other
hand, has employed detailed billing from its infancy, for reasons driven both
by customer needs (why did this call cost so much?)  and economies of scale
(the processing needs have been orders of magnitude smaller than what is
required by our wireline brethren, and at the same time the silicon revolution
has made low to midrange computing power cheap -- many smaller cellular phone
companies still do billing on a single PC!).  So, for instance, seeing LA
reporters with copies of OJ's cellular phone bill are no surprise at all,
given that the information is readily at hand and the weakest security link in
a system is usually the human operator.  For all the high tech, gee whiz
methods of obtaining cellular phone IDs, the most common way is still for
unscrupulous sorts to bribe or blackmail company insiders into sharing lists
of valid subscribers.  In the case of a large company like AirTouch (or my
own), a corruptible someone with access to subscriber data can probably also
get billing data.

Robert Morrell, Jr. and Bob Frankston pointed out different aspects of the
risks of eavesdropping on cellular phone conversations (Mr. Morrell made the
point that it is incumbent upon the user to ascertain and protect his level of
privacy, and Mr. Frankston pointed out the fallacy of comparing wired and
wireless technologies from a privacy perspective).  The so-called security of
the wired telephone is conceptually similar to "security through obscurity" in
that it is the medium itself that makes listening to an otherwise unencoded
communication difficult.  It is something that virtually no phone user has
thought about but takes for granted anyhow.  I could agree with Mr. Morrell's
extreme-sounding position if there was some assurance that once the user body
was educated about the risk and began demanding truly secure communication
(which I believe will happen eventually) the option was still available.
Right now the US government is trying to usurp the issue while the body
politic is still ignorant, and I see that as a violation of the public trust.
BTW, several companies make scramblers for analog cellular phones (which work
in conjunction with a companion device on the target phone, either wired or
compatible cellular).  The big drawback to these is that they must do most of
their cryptographic work in the frequency domain, and 3300 Hz is not a lot of
bandwidth to play in.

On the general issue of location tracking, I think the greater concern should
be with real-time monitoring.  I can sit at my desk today and find out which
cell sites in our network any given phone number has placed calls on for the
last 24 hours (after which time the data is rolled off into oblivion but
continues to be available offline in printed detailed billing reports).  But,
as has already been correctly pointed out, this information is highly
imprecise.  Triangulation can be employed with a greater degree of precision
(within a few hundred feet at best), but not consistently enough to be
reliable.  Data from technologies such as GPS must be transmitted in-band, so
it is useless to the phone company unless the receivers are integrated into
the network.  However, I can't -- and probably won't ever be able to -- get
any of the same information from a competitor, because that type of data is
highly competitive in nature.  No competing carriers will share that
information with one another, nor will they be enthusiastic about providing
the data to a clearinghouse where it might be generally accessible.  So in
this case competition is our friend.  In any event, every large cellular
carrier is already performing real-time network monitoring, and using called
number information to get to the weak human link is probably more effective
for law enforcement anyhow.

Phil Brown  GTE Mobilnet  pdb540@gtehq7.mail4.gtemc.sprint.com
---------------------------------------------

Literary treatment of street-corner cameras

Scott Dorsey <kludge@grissom.larc.nasa.gov>
Thu, 14 Jul 1994 13:26:55 -0400 
I believe the first instance I can think of is Orwell's novel 1984, although
I would not be surprised that the idea predated that as well.  I do recall
having seen 1930s Gene Autry serials in which the evil mole-men placed
television transmitters throughout an unsuspecting town.
--scott
---------------------------------------------

Teletext (Closed Caption) Methods (Stern, RISKS-16.23)

Bob Richardson <bob@CSOS.ORST.EDU>
Wed, 13 Jul 1994 17:04:07 -0700 (PDT) 
Michael Stern writes in RISKS-16.23 about an alarming number of errors in a
closed-captioned news program, and wonders if these are induced by faulty
voice-recognition systems or spell-checker bugs.  The truth is far simpler.
Many live programs (such as news) are live-captioned by a service provider.
In other words, a live human stenographer listens in (and usually views) the
program while it is being broadcast, and types along as best as they can keep
up.  This is a somewhat outdated method when it comes to news, but many
stations still use it, and it is quite error-prone.  This is probably what
happened in the reported case.

More modern newsrooms with integrated teleprompting/news composition software,
have the newsroom computer automatically generate live close-captioning data
from the teleprompter display.  So the home viewer actually gets to see the
news slightly before the anchor reads it off the display.  The problem here is
that commentary from persons on screen, such as people live in the field, must
still be provided manually or not at all.

Some stations elect to caption the news program after it has aired, then
re-broadcast it during the late-night hours.  The problem here, of course, is
that hearing-impaired viewers aren't able to get the news until hours after
everyone else.

Bob Richardson, OmiCo Industries                  bob@csos.orst.edu
PO Box 1404            Corvallis, OR  97339            503-758-5018

Teletext run amok (Stern, RISKS-16.23)

"Clive D.W. Feather" <clive@sco.com>
Thu, 14 Jul 1994 09:00:31 +0100 (BST) 
Unlike most programmes, teletext conversion of the news is done live. As I
understand it, a typist transcribes what the newsreader is saying using a
special phonetic keyboard (like those devices you sometimes see being used in
Parliamentary Committees or Congress). This is linked to a computer, which
makes a "best guess" at the corresponding words and outputs the teletext
directly. Obviously there is no time to correct errors.

Clive D.W. Feather, Santa Cruz Operation, Croxley Centre, Hatters Lane, Watford
WD1 8YN, UK   clive@sco.com  +44 923 816 344    Fax: +44 923 210 352 |

Re: Teletext run amok

<Bob_Frankston@frankston.com>
Thu, 14 Jul 1994 21:39 -0400 
It's interesting that one looks for a high tech explanation for these errors.
Many Risks readers seem to forget that we already have a fairly reliable
speech to text system. I presume that the TV stations use the same kind of
system that one encounters when using the text to speech mechanism that is
employed in the page networks. This is an efficient system that runs on 2000
to 3000 calories a day and can handle a wide variety of speech.

A human.

Unlike the paging systems which allow the typist to confirm the message
(though I do get messages like my wife's request that I buy some "weak germ"),
the TV systems require someone to type at a furious pace without any chance to
correct or think. It's surprising how few errors occur. Wait for the story on
Unix.
---------------------------------------------

Re: Laptop Danger for Airplanes

<Bob_Frankston@frankston.com>
Thu, 14 Jul 1994 21:39 -0400 
Is it too much to expect that when airlines find problems with laptop
computers they report which ones? It is possible that particular
manufacturer's machines are out of compliance. As part of assuring safety, it
would be worthwhile to report the brands to the FCC rather than just
condemning all devices.

As to lavatories, is it indeed worth risking an aircraft because one
passenger is in the lavatory without a seatbelt on?

Re: Laptop danger for airplanes (Martin, RISKS-16.23)

Ad absurdum per aspera <JTCHEW@lbl.gov>
14 Jul 1994 21:51:45 GMT 
I hate to second-guess somebody who probably used the available information
and did what he thought was best, but... jumpin' jehoosephat! Rather than
violate procedures by taking off with somebody in the potty, he came within a
"few feet" of re-enacting Tenerife on at least one occasion, maybe more?  Not
all RISKS involve computers...

--Joe

Re: Laptop Danger for Airplanes (Martin, RISKS-15.23)

<lhe@sics.se>
Thu, 14 Jul 94 08:46:36 +0200 
I recently saw the Flight Safety Department of the Swedish CAA comment on
interference by the use of cellular phones.

In one instance, operating a cellular phone caused the aircraft transponder to
stop replying to interrogations from ground secondary radar stations. When the
phone was turned off the transponder replied normally again.

The FSD speculates that transmissions from the cellular phone on frequencies
close to the interrogation frequency of the transponder had caused the
sensitivity of the transponder receiver (which is automatically adjusted) to
be reduced to the point where it could no longer receive interrogations.

Neither the cellular phone type (NMT or GSM) nor the aircraft type was given.

(PS. A "transponder" is a device that provides ground radar stations
with coded replies that identifies the aircraft and gives information
about its altitude.)

Lars-Henrik Eriksson, Swedish Institute of Computer Science, Box 1263
S-164 28  KISTA, SWEDEN   lhe@sics.se  (intn'l): +46 8 752 15 09

re: Laptop Danger for Airplanes (RISKS-16.23)

Tony Abo <tabo@hitech.com>
Wed, 13 Jul 94 19:28:36 -0700 
I may not be as up on this issue as I should be.  I do however fly fairly
often, and have become aware of the subject of interference to in-flight
instruments by electronic devices being used by passengers, and the rules
regarding the use of electronic devices.

It is clear that there is plenty of circumstantial evidence reported by flight
crews of this phenomenon.  When this first became an issue my understanding
was that no one was sure that there was any link between the electronic
devices and the occurrences, however for safety's sake, the restrictions were
being instituted.

What I don't understand is why after all this time there isn't more
substantial data available.  How hard would it be to reproduce the problem?
Certainly if one such device can cause a problem, then a cabin full of
devices, which can be switched on and off in a controlled experiment should
yield some measurable effect.  Has something like this been done already?  Has
this been done without being able to reproduce the problem?

It isn't that I don't believe there is a problem.  It just seems to me that
the kind of evidence I've seen reported does not help pinpoint the problem.
Therefore, the restrictions on the electronic devices may inconvenience
travelers without diminishing any risk.  Or perhaps once the effect can be
reproduced and isolated, alterations could be made to shield the
instrumentation from the effect.  This would be a far more effective approach
than expecting a few flight attendants to police an entire cabin full of
potential abusers.

Also, if the phenomena are caused by other unidentified sources, then there is
certainly a risk that too much attention to this theory could be diverting
attention from the real cause of the potentially disastrous occurrences.

---------------------------------------------

Previous IssueIndexNext IssueInfoSubmit ArticleFTPDo not even think about clicking on this button
 

Report problems with the web pages to the maintainer