The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 16 Issue 11

Friday 3 June 1994


o Flaw in Clipper detected
Jim Huggins
o Re: Solo midair collisions
Martyn Thomas
o Donuts with Ears, Part II
Peter Wayner
David Wright
o Ollie North on the high seas...Big toys, big egos, E-trails
David Honig
o Nonexistent Risks (Re: Call Your OPERATER!)
Gregory B. Sorkin
o Risks of faxing
Adam Shostack
o The Ghost in the Modem
Loka Alert 1:6 via Phil Agre
o Zimmermann statement on PGP 2.6
Philip Zimmermann
o "The Hacker Crackdown" by Bruce Sterling
Rob Slade
o Info on RISKS (comp.risks)

Flaw in Clipper detected

Jim Huggins <>
Thu, 2 Jun 1994 13:55:23 -0400 (EDT)
The following is summarized from an article in the _Detroit_Free_Press_,
2 June 1994, pages A5-6.  The article was written by John Markoff of the New
York Times [and appeared on the front page of the Times on that day].

AT&T Bell Labs researcher Matthew Blaze has been quietly circulating a report
among computer researches and federal agencies which demonstrates a flaw in
Clipper.  Using Blaze's technique, two parties can use Clipper to have a
conversation which could not be decrypted by government officials using the
proper escrowed keys.  The flaw would not permit third parties without the
escrowed keys to decrypt the conversation either; essentially, this technique
would reduce Clipper to the status of other commercially-available
cryptography which is computationally infeasible to break.

Stanford's Martin Hellman, who has reviewed Blaze's work, states "People who
want to work around Clipper will be able to do it."  In a written statement,
NSA directory of policy Michael Smith stated that Clipper would still remain
useful: "Anyone interested in circumventing law-enforcement access would most
likely choose simpler alternatives."  Smith claims that Blaze's technique
would be too difficult and time-consuming for practical use.

Comments: of course, this will probably re-ignite most of the Clipper
controversy again, since this seems to strike at the heart of NSA's purposes
in creating Clipper (secure cryptography with a mandatory back-door for the
government).  I'm more interested in NSA's statement that says in essence that
Clipper can be avoided more simply: perhaps this shows that Clipper won't be
all that useful after all?

Jim Huggins, University of Michigan (

Re: Solo midair collisions

Martyn Thomas <>
Wed, 1 Jun 94 11:19:15 +0100
The account of a collision with a sky-diver reminds me of an incident some
years ago when a commercial jet hit a salmon at altitude, which smashed
through the nose, demolished the co-pilot's rudder pedals and broke his leg,
ending against the rear bulkhead of the cockpit [the salmon, presumably,
not the rudder pedals or the leg].

The accident report assumed an eagle had dropped it.

          [The eagle salmoned up all its carriage?  PGN]

Donuts with Ears, Part II

Peter Wayner <>
Thu, 2 Jun 1994 18:17:26 -0400
A spokesman from Dunkin' Donuts tells me that the chain has ordered all DD to
remove their listening equipment.  Apparently, the front-page news about their
listening devices finally brought the public sentiment to their attention.
Maybe if they had stronger mikes they would have gotten the message sooner?

Re: Eavesdropping hits NSA [RISKS 16.10]

David Wright <>
Fri, 03 Jun 94 10:15:41 EDT
[...] The security cameras that are installed in in many stores will remain,
however; the company said they are a proved deterrent to robbery.

  -- David Wright, Hitachi Computer Products (America), Inc.  Waltham, MA

Ollie North on the high seas...Big toys, big egos, electronic trails

David Honig <honig@binky.ICS.UCI.EDU>
Fri, 03 Jun 1994 11:41:15 -0700
In the 3 Jun 1994 Wall Street Journal there is an article about a Whitbread
sailboat race.  The story includes a description of how one team is accusing
one of its members of telling another team about the weather, which is
apparently against their rules.  The evidence for this is *computer logs of
faxes* sent between the individuals, who are also possibly romanticly linked.
(There may also be financial motives connected with boat sponsorship.)

Anyway, the risk to perpetrators in not covering their electronic trails
(tails?) is present even on a sailboat in the South Pacific.

Nonexistent Risks (Re: Call Your OPERATER!)

Gregory B. Sorkin <>
Tue, 31 May 94 18:13:03 -0500
There is the RISK of not double-checking dubious information, including
information in the Risks Digest.

I dialed 1-800-OPE-RATO[R] (I didn't dial that last R -- for "redundancy"),
and sure enough, I got a "(pong) AT&T".

Then I dialed 1-800-OPE-RATE[R], and sure enough, I got . . . nothing.
Is there a regional discrepancy, or is the rumor of MCI's devious cunning
just an urban myth?

   [I got RINGING with NO ANSWER after 20 rings.  Maybe that is
   exactly the point?  Ultimate denial of service, intended to
   make you want to go elsewhere when you think you are getting
   AT&T?  PGN]

There were also several Risks Digest items about clever color copiers blocking
the reproduction of US and some foreign currencies.  This seems almost
impossible algorithmically, and indeed appears to be fictional, based on what
testing one can do legally.

   [We have gone around on that one in the past.  PGN]

What are the Risks here?  Just that people will go about spreading urban
myths, I guess.

Greg Sorkin (

Risks of faxing

Adam Shostack <>
Wed, 1 Jun 1994 09:16:16 -0400
    This appeared in rec.humor.funny.  I'm submitting it to RISKs because
nothing on the risks of faxing has appeared in a while.  The problems are that
there is often little way to ensure your fax is going to the correct place,
and that the faxed paper is out of your control once faxed, and might be
copied, and redistributed with your name & private correspondence.

    Public-key encryption programs, such as PGP, would have allowed the
unfortunate applicant to encrypt this (as email).  If it was mail, he would
have to type the wrong address twice, once for the mail address, and also for
the encryption recipient.  He might have had a chance at getting the job.  (Of
course, using the phone would also have avoided the problem, but can be
inconvenient & expensive when colleagues are overseas.)

>    You might enjoy this.
>    A candidate for the Director of our Research Center faxed a
>    colleague to request a letter of recommendation.  It was
>    accidentally faxed here instead. It read in part:

>        "Iowa is too wet and droll.  But it's a directorship
>        so I should apply..."

>    The fax is now part of his permanent application file.

The Ghost in the Modem (Loka Alert 1:6--from the Washington Post)

Phil Agre <>
Sun, 29 May 1994 21:01:06 -0700
Date: Sun, 29 May 1994 22:40:43 -0500 (EST)
Subject: The Ghost in the Modem (Loka Alert 1:6--from the Washington Post)

                                  Loka Alert 1:6 (May 29, 1994)

>From the Sunday _Washington Post_:


Friends and Colleagues:

     This is one in an occasional series of e-mail postings on democratic
politics of science and technology, issued by The Loka Institute.  You are
welcome to post it anywhere you feel is appropriate.  The following essay,
written by Loka Institute members, is reprinted from the Outlook Section of
_The Washington Post_, Sunday, May 29, 1994.

--Dick Sclove
  Executive Director, The Loka Institute, P.O. Box 355,
       Amherst, MA 01004-0355, USA
  Tel. 413 253-2828; Fax 413 253-4942


                     THE GHOST IN THE MODEM

         For Architects of the Info-Highway, Some Lessons
                   From the Concrete Interstate

              By Richard Sclove and Jeffrey Scheuer

     Vice President Gore envisions the information superhighway as the second
coming of the interstate highway system championed by his father, former U.S.
Senator Al Gore, a generation ago.  Let us hope that the junior Gore is proven
wrong.  Rush-hour traffic jams, gridlock, garish plastic-and-neon strips, high
fatality rates, air pollution, global warming, depletion of world oil
reserves--have we forgotten all of the interstate highway system's most
familiar consequences?

     It's not that Gore's analogy is wrong, only that his enthusiasm is
misplaced.  Comparing the electronic and asphalt highways is useful--but
mostly as a cautionary tale.  Building the new information infrastructure will
not entail the degree of immediate, physical disruption caused by the
interstate highway system.  But sweeping geographic relocations, and
accompanying social transformations, seem probable.  And the risk of inequity
in contriving and distributing electronic services--or, conversely, imposing
them where they are not wanted--is clear.

     Indeed, disparities in access to new information systems have already
begun to surface.  A study released this past week by a group of public
interest organizations, including the National Association for the Advancement
of Colored People and the Center for Media Education, notes that low-income
and minority communities are underrepresented in U.S. telephone company's
initial plans for installing advanced communications networks.

     Unequal access is only the most obvious among many social repercussions
that may lie in store for us.  The real history of the interstate highway
system suggests how we can think about and control the vast implications of
new technologies and a new national public infrastructure.

     It is widely assumed that Americans' infatuation with cars led to the
construction of America's superhighways.  But actually when Congress passed
the Interstate Highway Act in 1956, car sales were slack, and there was no
popular clamor for building a new road system.  At the time only about half of
American families owned an automobile; everyone else depended on public
transportation.  Congress was responding to aggressive lobbying by auto makers
and road builders, plus realtors who saw profits in developing suburban

     The act's key provisions included support for bringing freeways directly
into city centers and earmarking gasoline tax revenues for highway
construction.  As the interstate highways were built, city and suburban
development adapted to the quickening proliferation of autos.  Soon more
Americans found themselves forced to buy a car in order to be able to shop or
hold a job.  The Highway Trust Fund, by assuring the rapid atrophy of
competing public transit systems, bolstered this trend.

     Thus the asphalt highways--and the society around them--are a reflection
of successful lobbying by powerful business interests and external compulsion,
not simply the free choices of consumers.  There is no guarantee that the
process of wiring consumers and employees into the electronic highway system
will be different.

     The effects of the interstate highway system on American communities were
profound, especially in the cities.  As historian James Flink notes,
"Ambitious programs for building urban freeways resulted in the massive
destruction of once viable poor and minority neighborhoods."  In other cases,
new highways encircled poor neighborhoods, physically segregating minorities
into marginalized ghettos.

     Gradually, a black and Hispanic middle-class did emerge.  Its members too
fled along the interstate to the suburbs, further draining economic and
cultural resources from the inner city.  This contributed to the emergence of
a new social phenomenon: today's desperately deprived, urban underclass.

     Elsewhere the effects were subtler but still significant.  The noise and
danger from growing numbers of autos drove children's games out of the street,
and neighbors and families off their front porches.  Before long, suburbs
without sidewalks came to signal an unprecedented paucity of local
destinations worth walking to.  Suburban housewives found themselves leading
increasingly isolated daytime lives at home.

     Highways made shopping malls possible, enabling franchise and chain store
sales to boom.  But this sapped downtown centers.

For some teenagers and senior citizens, today's anonymous, consumption-mad
expanses provide a semblance of community space-- having swallowed up the
general store, the soda fountain, the Main Street sidewalk, and the town
square.  There is ample danger of the new electronic technology extending
these losses.

     Remember too that it is easy to romanticize new technology.  The popular
arts glorified life on the highway.  People read Jack Kerouac's "On the Road,"
watched "Route 66" on television, and recall the Merry Pranksters' psychedelic
bus-capades during the '60s.  In fusing alienation and rebellion with youthful
exuberance, each of these foreshadows contemporary cyberpunk culture.  Yet
real-life experience on the interstate is mostly banal and uneventful.
McDonald's, Pizza Hut, and Wal-Mart look about the same wherever you exit.

     There are also political ramifications of a vast new public
infrastructure.  Interstate highways contributed to national and even
international economic integration.  But while GNP soared, mom-and-pop
production and retailing declined.  That meant greater local dependence on
national and global market forces and on distant corporate
headquarters--powers that communities simply couldn't control.  The locus of
effective political intervention thus shifted toward more distant power
centers.  But because those are realms in which everyday citizens cannot be as
effectual as in smaller political settings, democracy was impaired.

     If the growth of the highways is revealing, so too is the opposition to
freeway construction that emerged.  As citizens became more politically
mobilized during the 1960's and early '70s, opposition to relentless highway
expansion arose from environmentalists and from local communities, both rich
and poor.

Transportation engineers reeled at the specter of upright citizens rejecting
their good works.  Many current telecommunications engineers and
true-believing entrepreneurs are no less convinced of the unalloyed
beneficence of their art.

     The importance of the analogy between the information and asphalt
highways lies in the political procedures that create them.  What if a wider
range of people, including non-car owners, had been involved in transportation
planning all along?  Considering the alternatives envisioned by critics such
as Lewis Mumford, it seems likely we would have a smaller and different road
system today.  As in Europe and Japan, there probably would have been greater
investment in public transit.  Modern America might exhibit less sprawl, less
dependence on foreign oil, and more cohesive urban neighborhoods.

     Three lessons for the construction of the information superhighway
suggest themselves:

     o _No Innovation Without Evaluation_: To help reduce adverse social
impact, the federal government should mandate evaluated social trials of
alternative electronic services.  Analogous to environmental impact
statements, these trials should precede full-scale deployment of any major
components of new information infrastructures.

     o _No Innovation Without Regulation_: We should conserve cultural space
for face-to-face social engagement, traditional forms of community life,
off-screen leisure activities and time spent in nature.  How about a modest
tax on electronic home shopping and consumer services, rebating the revenue to
support compensatory, local community-building initiatives?

     o _No Innovation Without Participation_: A number of European nations are
out-competing America in including lay people in technology decision-making.
For instance, the Danish government appoints panels of everyday citizens to
cross-examine a range of experts, deliberate among themselves and then publish
their own social assessments of technological alternatives.  Sweden, Norway
and Germany have pioneered processes for involving workers directly in
designing new production systems.

     The coming revolution in information systems is going to change life for
everyone--including the multitude who, by circumstance or choice, never use
computers.  It is imperative to develop mechanisms for involving all segments
of our society in designing, evaluating and governing these new systems.

     Data highway enthusiasts may see such measures as wasteful obstructions
of market forces.  But what entrepreneurs call red tape is really democracy in

     Richard Sclove is executive director of the Loka Institute in Amherst,
Mass., a public interest research organization concerned with science,
technology and democracy.  He also directs the Public Interest Technology
Policy Project at the Institute for Policy Studies.  Jeffrey Scheuer, a New
York writer, is a fellow of the Loka Institute.


   [If you would like more info regarding the Loka Institute, please send
   an e-mail message to that effect to: ; however,
   the staff warns that they may be slow in responding, due to travels.  PGN]

Zimmermann statement on PGP 2.6

Philip Zimmermann <>
Fri, 3 Jun 1994 01:39:59 -0600 (MDT)

From:  Philip Zimmermann, author of PGP
To:    People interested in PGP
Date:  28 May 94

On 24 May 1994, the Massachusetts Institute of Technology released
PGP (Pretty Good Privacy) version 2.6.  PGP is a software package
that encrypts electronic mail, using public key cryptography.  Over
the past three years, PGP has become the worldwide de facto standard
for email encryption.  PGP 2.6 is being published under the terms of
the RSAREF license from RSA Data Security, Inc (RSADSI).  This is a
significant milestone in PGP's legal development.

Export of this software from the US or Canada may be restricted by
the US Government.  PGP version 2.6 is being released through a
posting on a controlled FTP site maintained by MIT.  This site has
restrictions and limitations which have been used on other FTP sites
to comply with export control requirements with respect to other
encryption software such as Kerberos and software from RSA Data
Security, Inc.  These special mechanisms are intended to preclude
export of cryptographic software from the US.  The MIT FTP site that
carries PGP is, in the pub/PGP directory.

This new freeware version of PGP is for noncommercial use.  For
commercial use, you may get ViaCrypt PGP, available on a variety of
platforms.  ViaCrypt may be contacted at 602-944-0773, or via email

PGP 2.6 is as strong as earlier versions.  It contains no back doors.
It can read messages, signatures, and keys from PGP versions 2.5,
2.4, 2.3a, and 2.3.  Beginning in September, a built-in software
timer will trigger PGP 2.6 to begin producing messages, signatures,
and keys that cannot be read by earlier versions of PGP.  It will
still retain its ability to read things from earlier versions after
that date, so that users who upgrade to 2.6 will not be
inconvenienced, particularly if everyone else upgrades by that time.
The reason for the change in format is to grant RSADSI's request to
MIT to encourage all users to stop using older versions.  ViaCrypt's
new products will support the new formats used by PGP 2.6.  Details
of the compatibility issues and their reasons are outlined in the PGP
User's Guide, included in the release package.  See also the official
statements released by MIT for further details.

Version 2.6 also has some bug fixes and improvements of the version
2.5 released by MIT on 9 May 1994.  Both the 2.5 and 2.6 versions
were produced in a joint project between myself and MIT.  Both
versions were released by MIT after extensive review by MIT's
administration and their legal counsel.  I am told by MIT that MIT's
legal counsel believes that both versions 2.5 and 2.6 do not infringe
the RSA patents in any way, and they both comply with the terms of
the RSAREF licenses that each were released under.  But regardless of
the noninfringing nature of version 2.5, I urge all PGP users in the
US to upgrade to version 2.6, to help move toward eradication of
earlier, pre-RSAREF versions of PGP.  This will improve the overall
political and legal landscape surrounding PGP.  MIT will publish
details on the simple format change so that earlier European versions
of PGP may be independently upgraded by the Europeans.

This note does not attempt to answer all the questions you may have
about the implications of this new release of PGP.  For further
details, see the information released by MIT, or see the PGP User's
Guide in the new release package.

Version: 2.6


<"Rob Slade, Ed. DECrypt & ComNet, VARUG rep, 604-984-4067">
Wed, 01 Jun 1994 12:50:45 -0600 (MDT)
Subject: "The Hacker Crackdown" by Bruce Sterling


Bantam Books
1540 Broadway
New York, NY  10036
"The Hacker Crackdown", Sterling, 1992, 0-553-56370-X, U$5.99/C$7.50

It is important to keep in mind that the crackdown of the title refers to a
specific incident:  the series of raids in 1990 by various United States law
enforcement agencies which tend to be collectively, if incorrectly, subsumed
under the code name, "Operation Sundevil".  The book brings together a number
of the stories surrounding this event, as well as giving some background,
particularly in regard to AT&T and the US Secret Service.  There are, however,
significant gaps which prevent it from being an overall analysis of either the
cracker/phone phreak culture or the data security/law enforcement community.

As an overview of the 1990 raids, the book is entertaining, often informative,
and generally well written.  Digressions often provide very interesting
background, although at times they consume entire chapters without much bearing
on the central issues.  Those who were around for the electronic discussions of
the 1990 raids will possibly be glad of the collection of all the stories into
one place.  (Those who have dealt with the crackers, phone phreaks and wannabes
will readily recognize some of the descriptions, as well as the repeated
emphasis on braggadocio as a primary character trait.)

Although Sterling is aware of the debate over the term "hacker"; indeed, he
worries over contributing to the degradation of the term; he does not
distinguish between the various communities of electronic outlaws.  In fact, he
states, at one point, that all are the same.  Similarly, his contacts with law
enforcement and data security people are limited.  For these reasons, the book
is not useful as a general introduction to the field.

The writing is highly opinionated.  The US-centric view of technology borders
on jingoism.  In general, neither law enforcement nor the cracking communities
are seen with any favour.  Although we can sympathize with Sterling's
motivation in wanting to bring to light the injustice done to his friend, the
extreme sarcasm which cloaks most of the first half of the book makes it
difficult to understand what point he is trying to make.

For those involved in data security, a very entertaining read.  For newcomers,
please take it with a very large grain of salt.

copyright Robert M. Slade, 1994   BKHKRCRK.RVW  940314
Vancouver Institute for Research into User Security  Canada V7K 2G6

Please report problems with the web pages to the maintainer