Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
I have started to get strange email requests wanting to chat with me about
security, DES encryption standards, and advice on how to get rid of hackers
who are intruding on their machines. When I reply that I am not a security
expert, the replies have been equally as weird. I found out that somebody has
published a book called "Email Addresses of the Rich and Famous" (of which I
am neither) and that I am listed on the center of page 8 as a security expert.
Apparently, my entry is not the only error in this book.
Godin, Seth "E-MAIL addresses of the Rich & Famous"
Copyright 1994 by Seth Godin Productions, Inc.
Addison-Wesley Publishing Company Inc.
ISBN: 0201408937
This book appears to be on the same level as those who sell maps and addresses
to the stars homes in Hollywood (and about as accurate), and I am appalled
that a reputable publisher like Addison-Wesley would be involved in such an
obviously unchecked invasion of privacy. The time involved in dealing with
this unwanted mail is starting to interfere with my work. Can I sue? Is this
happening to other readers of the RISKS Forum?
I wrote to the editor of my software safety book at Addison-Wesley and asked
him to get me the name and email address of the $!&^%# editor at
Addison-Wesley responsible for this so I can post his/her address on the
alt.sex.kinky bboard :-).
Nancy Leveson
[Taken from Ford UK's (free) magazine for drivers, without permission.] Car thieves who broke into a Ford driving event at Oulton Park in Cheshire, has a nasty surprise when the car they pinched turned out to be a specialised reverse steer Fiesta equipped with an upside down steering rack. Used normally to improve driver's co-ordination and concentration, it is an exceptionally difficult vehicle to drive, requiring the driver to think in opposites. However, the thieves were not to know this. Attempting to turn left out of the main exit, they turned instead straight into a concrete bollard on the right. Dazed but unhurt they escaped on foot. Clive D.W. Feather, Santa Cruz Operation, Croxley Centre, Hatters Lane, Watford WD1 8YN, United Kingdom clive@sco.com +44 923 816 344 Fax: +44 923 210 352
Seen on a BBC news item last night, a baggage tag with the code:
LUN - Port Armstrong, Moon
My database says that LUN is Lusaka, in Zambia. *What* an opportunity
for your luggage to get lost.
Clive D.W. Feather, Santa Cruz Operation, Croxley Centre, Hatters Lane, Watford
WD1 8YN, United Kingdom clive@sco.com +44 923 816 344 Fax: +44 923 210 352
Reuter (94.07.24 @ 23:19 EDST) via CompuServe's Executive News Service
(GO ENS):
CHINA JAILS FOUR FOR COMPUTER FRAUD
BEIJING, July 24 (Reuter) - In one of China's first officially reported
cases of computer crime, four Beijing hoteliers have been jailed for
cheating guests by manipulating computerised billing records.
Beijing Friendship Hotel managers Jiang Zheng and Du Yize, were sentenced
to seven years, the state-run Legal Daily reported on Sunday. Two
co-defendants were given three- and one-year terms."
Key points in the article:
o Computer fraud a growing problem in China.
o Two managers embezzled about U$9,000 from guests from Feb-May 93.
o "They connived to use the computer to cancel or change hotel accounts,
alter the records of 39 cash receipts and make fraudulent reports of daily
hotel accounts," the report said.
[MK: This is clearly a case where Peking at your hotel bill is a good idea
before you pay.][Apologies to PGN.]
Michel E. Kabay, Ph.D. / Dir Education / Natl Computer Security Assn
>From the Washington Post newswire (94.07.23) via CompuServe's Executive News Service: D.C. Residents Shocked by Gas Bill for $2,248 By Daniel Southerland, Washington Post Staff Writer Rachel Carlson, a law student on a tight budget, was shocked when she opened the mail recently and found a monthly gas bill for $2,248.28. Carlson, 23, and four others sharing a brick house in the District had been paying bills ranging from $50 to $60 a month." The story continues with the explanation. Seems the gas-meter reader had been unable to get into the house to read the meter, so the Washington Gas estimated usage for three years. When they finally got a reading, they invoiced the tenants for the unpaid difference between reality and estimation. The mildly interesting portion of story for RISKS and NCSAFORUM readers is that the company will be installing low-intensity FM transponders "by March 1995 in all of the homes that currently are receiving estimated bills.... A van drives by the house and sends a `wake-up' signal to a unit attached to the gas meter. The meter reading is transmitted to the computer in the van and then to the company's billing department." Now, this scenario brings up a couple of RISKS that correspondents in the Washington, DC area might like to investigate (and report back to RISKS or the NCSAFORUM): 1) Integrity: what is the reliability of the system? How is a low error-rate ensured in the transmissions? 2) Confidentiality: how easy would it be for Nasty People Interested in Robbing Houses to tap the gas-meter signals? For all the automated timers attempting to camouflage the residents' absence, a gas meter showing little or no usage would indicate that absence for extended periods. I think this is a minor threat, but fun to think about for a few seconds. 3) Robustness: how easy would it be for Nasty People Interested in General Havoc to jam / spoof / corrupt the data transmissions? For that matter, is there any other source of interference which might cause faulty readings? One can imagine bills for $22,482.80 if Rotting Rotifer the local criminal hacker decides to have his bit of fun while the Gas Van is roaming about the neighbourhood. RISKS readers tired of real-world security will seize the opportunity to have a gas investigating this new threat to world peace and prosperity <g>. Michel E. Kabay, Ph.D. / Dir Education / Natl Computer Security Assn
A friend recently sent me a copy of the "Hacking FAQ" (Frequently Asked Questions) that was posted to alt.2600 on July 9, 1994. (I wasn't able to find it in our Usenet archives, but we purge often.) It was posted by "will@gnu.ai.mit.edu (Will Spencer). It's too long to include in Risks, but may be copied from the Risks ftp archives as [[***]]. This note summarizes the 20 page, 30,000 byte original. The FAQ has two main sections: hacking computers (mostly Unix) and telephone systems. Hacking Computers: -- A list of programs for guessing passwords for Unix and VMS (both store passwords in a one-way encrypted fashion). -- Getting the list of encrypted passwords, even if they are shadowed or otherwise hidden on Unix. Getting the list of encrypted passwords from VMS. -- Breaking out of restricted Unix shells. Becoming root on Unix (an 8 line program), erasing yourself from the Unix logs (a 1 1/2 page program). -- Faking mail by using Telnet. Faking News postings. Phone system hacking: -- Description of red, blue, and black boxes. These are (traditionally), small boxes with components that defeat telephone security, letting you make calls for free. For example, a red box mimics the sounds that money makes when coins are deposited in a pay phone. You can make one by changing the crystal in a tone dialer, or by recording the tones on a Hallmark "record your message" greeting card. -- A list of every "box" color, and a brief description of what it does. -- Finding the number of the telephone you're calling from. Traditionally, this is done by calling telephone-company provided services that were created for phone workers. The new method is to use the ANI service that delivers the calling phone number to 800 and 900 service providers: call (800) 471-8859. "It is an 800 phone sex line. The system will give you an account number. The first 10 digits of the account number will be the telephone number from which you are calling." (I haven't tested this since I don't particularly want my home phone number in their database.) -- Ringback numbers: these ring the phone from which it's called. -- Loop numbers: a loop is two telephone numbers linked together. if you call one number and your collegue calls the other number, you will be able to talk to each other. -- Reverse directory numbers: given a (listed) number, it returns the subscribers name and address. Two companies provide this information via 900 numbers, charging about one dollar per minute. Internet sites of interest: -- FTP sites; many seem to have encryption software. -- Usenet newsgroups. alt.2600, alt.dcom.telecom, alt.hackers, etc. comp.risks is not mentioned, but perhaps we're not that interesting. -- WWW sites, including what appears to be two belonging to Gene Spafford, who is a computer security expert. -- IRC (Internet Relay Chat) sites. IRC is an internet broadcast facility. -- Hacking IRC to hide your username, and to hack ChanOp. -- one BBS site I don't think that giving the Hack FAQ greater publicity in Risks is a serious risk in itself: the bad guys know this stuff, and it is useful for the rest of us to realize just how limited, for example, Unix security really is. For example, I hadn't realized that it was so easy to get the encrypted password list on VMS, and that it was so easy to get system privileges on Unix. Martin Minow minow@apple.com
[From the Baltimore Sun, July 23, 1994]
This scares me a lot. We all know the power of innuendo — when
it's combined with computer databases (which never "lie") it is even
worse. I've edited out the noise/filler with [...].
----Article Begins----
Couple mistakenly listed as abusers lost in court
No rights violation found by judges
By Anne Haddad, Sun Staff Writer
David and Marsha Hodge were mistakenly listed as child molesters in a
state database for two years without a chance to know it or to correct the
error.
But that did not violate the Taylorsville family's civil rights or
invade its privacy, three judges in the 4th US Circuit Court of Appeals in
Richmond, VA., ruled this week.
The decision overturns one by Judge Herbert F. Murray in US District
Court in Baltimore in September, 1992.
"While it is true that such records may be expunged," the appeals
court ruled, "there is no *automatic* right to expunction once an individual's
name has been cleared."
Mr. Hodge says he plans to appeal the ruling.
[...]
"There is no constitutional right ro have the state destroy records of
an investigation," Ms. Cannon [MD Attorney General's Office] said. "The fact
that the records exist does not hurt them. That's the key." [...]
In January, 1989, a misdiagnosis of 3-month-old Joseph Hodge's swollen
arm led a pediatrician to report possible child abuse. The doctor thought it
was a fracture, bu the swelling was a bone infection later diagnosed and
treated surgically at Union Memorial Hospital in Baltimore. [...]
David and Marsha Hodge, both scientists who hold national security
clearances for their jobs, said the listing in the state database could harm
them, but the court said that claim was not tangible.
The judge said that because of the confidentiality of records in abuse
investigations, "we see no avenue by which a stigma or defamation labelling
the Hodges as child abusers could attach."
----Article Ends----
The judge's finding is particularly amusing in the light of recent
revelations of widespread accesses of IRS databases by curious employees [Sen
Glenn announced some 1300 IRS employees are being disciplined for "browsing"
databases.] — any database that is not properly secured, which contains
personal information, can cause someone problems. What's frustrating about
these stories is that the technologies exist today to provide "need to know"
access and good audit trail for confidential databases. Moral: Don't trust
someone else to keep their facts about you straight.
mjr.
Here's another instance of how careless use of a listserver produced an unintended deluge in subscribers' mailboxes. An associate editor of the American Journalism Review (a paper magazine) was researching an article about the plagaristic practice known as "rip-and-read"; i.e., radio reporters reading print articles over the air, sometimes verbatim, without giving credit. The AJR editor posted a message on a professional journalists' mail list called SPJ-Online, asking print reporters to send him "rip-and-read" anecdotes. However, the editor neglected to include a private address for replies. Apparently, many respondents sent their messages to the SPJ-Online listserver, which dutifully posted them to every subscriber. I ran across this story in a humorous weekly on-line newsletter, BONG BULL (Bulletin of the Burnt-Out Newspapercreatures' Guild), which described the spamming as "an avalanche" and added this comment: > Which is no way to protect a scoop. > But that's AJR's problem, isn't it? Phillip Finch (pffinch@cerfnet.com)
Bill Donahue harassment by an automated caller is simply a new version of the old problem of bad data inputs attached to systems that did not take into account the possibility of such erroneous inputs. Workers in hospitals have long been aware that the tiniest of erroneous keystrokes can have grave consequences, as have (though with less concern, apparently) workers in large bureaucracies (the old stories of people who had "died" in the Social Security System comes to mind). I recently had the idea that any output "downstream" of a manual input be presented to all user interfaces in cursive script, so that the user is aware that keystroke errors are a possibility. A separate kind of computer risk is represented in several threads in RISKS is the use of expert systems or near expert systems in scenarios not envisioned by the designers (auto-pilots, safety and anti-theft systems linked to airbag deployment, and others). Here is a much newer kind of risk that will become more apparent as AI enters the mainstream, particularly as the mainstream seems oblivious to the differences between standard computer programs and AI. In one, all possible scenarios are supposedly thought out by the programmer, and errors generally result from inputs. Proper escape mechanisms (un-deceasing a Social Security number, for instance) can be anticipated by simply analyzing input error possibilities. In the other, all possible scenarios by definition cannot be thought out. Yet more global escape routines or even better, systems that automatically question human users about unusual scenarios it finds itself in, have not been added to make the system sensitive to its limitations. That is, people are designing, using and trusting AI and quasi AI systems in the same way they have dealt with standard computer programs. In the case of Mr. Donahue's tele-nightmare a convergent solution might be an expert system that alerts autocaller users to any phone number that results in a certain number of failure to connect. While readers of RISKS will continue to call for such common sense measures, the real problem remains a public that has inappropriate expectations and understanding of modern computer systems. We are still in the era where chainsaws have been handed out without any clear explanation of how they differ from axes. Bob Morrell
At our old building, we had a non-PBX line into the computer room. It was hooked to a Radio Shack environmental monitor, which would detect high temp, noise, etc. and call a list of phone numbers until someone responded. That part worked fine. But we started getting wrong numbers -- we'd be in the room and hear the phone ring, and the robot would pick up and start talking, but nobody who worked there would own up to it. This happened several times per day — too many even for telemarketing -- and we couldn't figure it out for the longest time. Then one day I was driving home and heard an ad on the radio for a suicide hotline, in nearby Maryland — at number (301) 685-0525. Our robot's line was (703) 685-0525! So some poor depressed person would get it together enough to call the number, but without the 301, and would get a robot saying "This is telephone number 6 8 5 0 5 2 5, the time is xx:yy, temperature is OK, noise level is OK, alert 1 is OK, alert 2 is OK, listen to the surrounding area for 15 seconds", after which it would switch on a microphone so they could either uninterrupted hear machine room noise or machine room noise with people saying "Hey, the robot's talking" "Yeah, it does that" "Wow, weird" and the like. I shudder to think of whether there were any lasting ill effects of this problem. The good news is that shortly after discovering it, we moved to a new building with a new number. ...phsiii
On what species of ant are they modelling their software automata? A few possibilities occurred to me:- Army ants: These form nice quiet little colonies for a while, then (when population pressure builds up to a certain level) they change their life-style, and go on a random march through the jungle (read "usenet"? :-) devouring everything in their path. Leaf-cutter ants: These carve up leaves and take them back to their colonies where they chew them into a mulch on which they grow an edible fungus. Honey-pot ants: Some individuals "volunteer" (i.e., are "programmed" in BT's terms) to hang from the roof of the nest and be fed by the others. Their abdomens become grossly distended with the digested food, which the other members of the colony then suck out of them. Pharoah's ant: A small variety emanating (as its name suggests) from Egypt, which is notorious for being able to get into *anything*. There are reports of surgeons opening sealed sterile dressings in the operating theatre, only to be confronted by a cute little ant waving its feelers. The common British black ant: This forms neat little nests, usually under a crack in your kitchen floor, from where they make daily raids on your larder. According to entomologists (see ref. [1] below), these follow well-trodden trails each day, except that 10% of the individuals are more adventurous than the others, and persist in discovering new places to find food, instead of just following the rest. Every year, a set of winged fertile females is hatched and fly off at random to mate and found new colonies in totally unpredictable places (but probably under that other crack in your kitchen floor! :-). The red ant: Similar to the black ant, but capable of biting through the skin and injecting painful amounts of formic acid if disturbed. Members of a colony recognise each other by smell. A colony that gets too large splits in two, and the members of the break-away colony develop a different smell, so that, if they come across members of the parent colony, there is a fight to the death. The termite (and before any entomologist jumps down my throat, let me say I am well aware that termites, although colloquially referred to as "white ants" are not "ants" at all): This builds truly impressive hills of chewed and hardened mud up to 20 feet tall. They are averse to light, and very skillful at building covered tunnels to get to where they want to be, i.e., to the nearest available source of cellulose (read "software library"? :-) which they devour with unbelievable voracity. When my father served in India during the war, everything had to be kept in steel trunks, otherwise the little darlings would make short work of your spare uniform! :-) Termites come in various forms: the queen is an enormous sluggish thing whose sole function is to lay eggs to make new termites. The soldiers are ferocious things with big jaws which rush to any breach in the nest and fight off the attacker. The workers are sterile females whose job is to tend the eggs and larvae and build the nest and tunnels by chewing and piling up pellets of mud which harden like concrete when mixed with their secretions. QUESTION: Which species could BT be thinking of? Returning to the key points from the article (as presented by Mich):- > o "Our system is made up of small, autonomous, reactive, mobile > blocks of computer code that interact in a way derived from ant behavior," > said scientist Simon Steward. "The control system that emerges from all of > these mobile software agents working together is inherently adaptable and > robust unlike normal computer programs." Must be worker termites. Entomologists have developed models of termite building behaviour which allow for the construction of large nests from very simple rules, e.g., "pile up mud pellets on top of one another, unless the worker nearest to you has made a taller pile than you have, in which case, stop working on your pile and help her to build hers". OK, termites don't need to be too bright to build fancy nests, but is the resulting structure of any use to humans? If the requirement for the overall system is simply "I want big towers of chewed mud stuck at random over the landscape", then the "termite worker" model might just be the one we want. > o The goal of the work is to prevent system crashes when an > unanticipated [...] condition occurs. Must be modelled on warrior termites. Simply rush to the hole in the nest (read "system") and chew the head off anything in sight! > o The distributed computing model uses message-passing to coordinate > computation. Like using smell to communicate messages such as "Follow me to the food!"? > o "The programs are mobile like ants, moving from one computer to > another, when needed." Army ants? The flying form of the common black ant? > o After making software or parameter changes, the "mobile programs" > would "leave messages for other programs on how the system has been > adapted." "The fungus garden is over here!" "Nip up that rose-bush and milk those aphids!" > o Modules will display "a certain amount of random behavior...." Really? There's a surprise! :-) > o The system will display heuristic, goal-seeking behaviour. Whose goals? The statement is correct. An ant colony *does* display exactly such behaviour, and the behaviour of the colony is more complex than the behaviour of the individual. A colony of social insects behaves more like a single organism than a collection of individuals. This is due to the distribution of genes among the colony (all workers are half-sisters of the queen [ref. 2 below]). Next time you dig a wasps' nest out of a pile of garden rubbish (as I once made the mistake of doing) you could make sense of the consequences by reflecting that you have just been attacked by an animal the size of a small dog with 3,000 venomous teeth! :-) The "goals" of an insect colony [ref. 2], however, are:- 1. Feed 2. Breed (or vice versa) Can we be sure that our software "ant colony" would stick to *our* goals? > All this is fascinating, and I naturally wondered about the implications > for system reliability. So did I! :-) Reliability is defined as: The probability that the system (i.e., the environment in which the "ant colony" "lives") will perform a required function for a given period of time under given conditions. If the system is continually modified by software "ants" the implications are not obvious, and my gut reaction is that chaotic behaviour could manifest itself. Could the ants actually modify the required system behaviour? If so, will they also rewrite the functional spec.? :-) > It will be interesting to follow this work and see how concerns for > reliability are worked into this evolving field. I agree that the implications for reliability are interesting, but that is all that I can be adam-ant about at the moment! :-) References:- [1] For general ant behaviour: Derek Wragge-Morley: "The Book of the Ant", Penguin, 1958 (?) [2] For the genetic basis of behaviour of social insects: Richard Dawkins: "The Selfish Gene" Peter Mellor, Centre for Software Reliability, City Univ., Northampton Square, London EC1V 0HB +44 (71) 477-8422, p.mellor@csr.city.ac.uk
Please report problems with the web pages to the maintainer