The RISKS Digest
Volume 16 Issue 36

Monday, 29th August 1994

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…


Vandals Cut Cable, Slow MCI Service
Mich Kabay
Mexican election computers
John Sullivan
Attack of the killer spellcheckers...
Valdis Kletnieks
U.S. Mail causes ZIP-code problem
Al Stangenberger
Re: Bug in Microsoft Word
Dave Moore
Salt in wounds (Re: New Cray and Unix Passwords...)
Peter Wayner
Re: Fraud and Identity — SCI-FI
Andrew Marchant-Shapiro
Politicians Join the Internet
Mich Kabay
Re: pi = 3
Mark Stalzer
Rob Boudrie
System makes bank check forgery easy
Christopher Klaus
CFP: 2nd ACM Conference on Computer and Communications Security
Li Gong
Info on RISKS (comp.risks)

Vandals Cut Cable, Slow MCI Service

"Mich Kabay [NCSA Sys_Op]" <>
28 Aug 94 13:12:43 EDT
>From the Washington Post newswire (94.08.27):


 By Elizabeth Corcoran
 Washington Post Staff Writer

    "Telephone calls between New York City and Washington on the MCI network
encountered traffic jams yesterday afternoon after vandals removed a segment of
cable in Newark. The problems began just before 2 p.m. and lasted until 5:45
    "MCI Communications Corp. spokesman Jim Collins said vandals `neatly cut'
out a 20-foot segment of fiber-optic cable that ran along a railroad overpass
above a street in Newark. The cable, which was wrapped in a thin plastic
casing, was not easy to reach."

The article continues with the following key points:

o   Repairs took about an hour after the break was located.

o   NJ residents, in particular, got many busy signals when alternative
routes were saturated.

o   Brokers on the NASDAQ exchange, including Dow Jones, were affected.

o   Motives for the theft of 20 feet of fiber optic cable are unknown.

[Comments by MK:  could this be a dry run for a class-3 (international)
information warfare attack?  "Let's see what happens when we deliberately
interfere with one of the major carriers...."]

M.E.Kabay,Ph.D./DirEd/Natl Computer Security Assn

Mexican election computers

Fri, 26 Aug 94 13:21:42 -0500
RISKS readers will recall that six years ago, the Mexican ruling party PRI
evidently stole the presidential election through tricks with the
vote-counting computer.

Last month, the Economist had an article about preparations for the elections
this year in Mexico.  Their reporter interviewed a government official in
charge of elections; when he asked about the computer irregularities six years
ago, the interview was abruptly ended.

It seems that the elections this year were more open and fair than those six
years ago.  But there have been some questions raised again about the computer
system.  The IFE (Federal Electoral Institute) has delayed releasing the final
vote totals.  PRI representatives say the delay is because the PRD (opposition
party) is demanding recounts of each ballot box.  But, according to Reuters,
PRD representatives to the IFE claim instead that the delays were "due to
suspicious problems with the official computer system".  The Reuters report
continues to say that:

       IFE officials denied Thursday there were any problems with
    the computer system but said an investigation was continuing
    into an apparent effort by unknown individuals to infiltrate a
    computer virus into the main electoral computer.
       Interior Minister Jorge Carpizo said Wednesday that
    investigators had found some clues indicating who might have
    been responsible for the effort but did not say who they were or
    whether the effort was politically motivated or not.

John Sullivan

Attack of the killer spellcheckers...

Valdis Kletnieks <>
26 Aug 1994 18:53:21 GMT
Seen on page 2 of the New River Valley Current section of the
Roanoke Times & World-News, Aug 24, 1994:


   Because of an overzealous computer spellchecker, a number of names in a
story on Radford University sports in the Welcome Students section appeared
incorrectly and were not caught by a sports-ignorant editor.

   Phil Leftwich is the former Highlander now in the pros.  Chris Connolly
plays ball in WIlmington, Del., not Laminating, Del., and there's no such
place as Educator, Ga. — Eric Parker is from Decatur.  Chibi Johnson is not
in the least bit Chubby, and Done Staley is legendary, not Don Stellae.
Meanwhile, Paul Beckwith, who is no relation to Paul Backwash, departed for

   Because of a reporter's error, a story in Saturday's New River Current
incorrectly reported a July 20 vote by the Montgomery County Planning
Commission on a Price Mountain tower proposal.  The vote only recommended the
proposal for a public hearing.  But by a 5-4 vote, the commission recommended
approval of the tower Monday.  The Board of Supervisors will consider it next


The obvious first-order RISK is of course not keeping your spellchecker in
line.  However, the following should also be noted:

1) The correction contained the WIlmington with an upper-case 'I' - there's
nothing like having a typo in an apology for an errant spellchecker.

2) The first 2 paragraphs have an unusual amount of levity - the third is
reprinted as a sample of their usual correction style.  One almost needs to
wonder if in fact, the original error never happened, and that the retraction
is itself a creation of an AI gone amuck... ;)

Valdis Kletnieks, Computer Systems Engineer

U.S. Mail causes ZIP-code problem

Al Stangenberger <forags@nature.Berkeley.EDU>
Sat, 27 Aug 1994 13:37:23 -0700
Residents of Oak Avenue in San Rafael, CA, are victims of a burgeoning mail
problem caused when their street was "inadvertently" deleted from the Postal
Service's national ZIP code database.  San Rafael has several ZIP codes for
various areas;  two of these (94901 and 94904) have Oak Avenues with similar
street numbers.  Somehow the Oak Avenue in 94901 was deleted from the master
database of streets, and this deletion was propagated to all commercial
mailers in the USA who subscribe to the Post Office's ZIP code update service.
The result of the deletion was that commercial mail programs automatically
changed all Oak Avenue addresses in code 94901 to the Oak Avenue in 94904.
The resulting flood of misdirected mail has caused the usual problems
associated with missing bills, mortgage statements, etc.  Further, any
ZIP code changes back to 94901 requested when residents discovered this
error were automatically "corrected" back to 94904 by the programs which
relied on the Post Office's bad data.  This situation will persist until the
next revision tapes for the national ZIP database are distributed.

The article I saw (Marin Independent-Journal, 12 August 1994) did not explain
how a record was "inadvertently" deleted from the national database. I
checked a printed ZIP code directory for San Rafael, and saw at least four
other pairs of streets which could also have fallen victim to the problem.
Fortunately, they did not.

Until the problem is fixed, Oak Avenue mail is being manually sorted.

Al Stangenberger  Univ. of Calif Berkeley Dept. of Env. Sci., Policy, & Mgt.

Re: Bug in Microsoft Word

Dave Moore <>
Thu, 25 Aug 1994 14:20:37 -0400 (EDT)
<>Word has a summary info area, for each document, that cannot be turned off.

I wasn't aware of this specifically, but there is a much more substantial but
similar feature that I encountered in version 4.x & 5.x of Word for the Mac.
I suspect that it exists in the PC versions as well but have not checked.
Fortunately, it's easy to test it yourself.  Just create a Word file.  Save it
with "Fast Save".  Re-open the file, delete something and save again with
fast-save.  Now use any external file viewer and look for your deleted text.

The following is an internal memo I sent out a couple of years ago:


Do you send WORD files via e-mail ?  If so, be aware that you may be
accidentally sending out your underwear along with your intended message.

        <Dramatic pause for puzzlement and underwear checking>

The default configuration in WORD for file saving is "Fast Save".  The way
this works is it only saves a list of edits and appends them to the existing
file.  When this file is opened, only the end result is displayed. However
when you send this file via e-mail, the entire file is sent.

So what does this mean ?  It means that if you use Word to delete stuff that
you change or that you don't intend to send or be seen; the supposedly deleted
stuff may still be present in the file.  The recipient of that file may be
able to recover some or all of the deleted information.

Under ordinary usage, this is not a problem.  Recovery of deleted text by the
recipient requires some specific knowledge and time.  For obvious reasons, I
won't explain the method.

If you have some specific reason to be sure that no deleted text can be
recovered, turn off Fast Save prior to saving for transmittal.  Otherwise,
your underwear may be visible.


Actually recovery is not difficult at all, but the above was intended for
a non-technical audience.

Salt in wounds (Followup to new Cray and Unix Passwords...)

Peter Wayner <>
Fri, 26 Aug 1994 09:54:31 -0400
One should be careful pushing the envelope while calculating on the back of
it. I made one misstep in my piece in RISKS-16.34 when I stated that 1000
passwords could be attacked as easily as one. I neglected to take account of
the Salt, which is a neat part of the UNIX password system that effectively
increases the size of the password space by a factor of 1024.

If you are attacking one password, then the time limits from the earlier
piece still hold if you're able to guess the salt ahead of time. This
may not be possible and it certainly isn't possible if you're trying
to use the "neat" trick of compare 1000 passwords in one swell FLOP.

There are additional weaknesses that should be pointed out. If people only use
lower-case characters and numbers, then the size of the key space is even
smaller. This is only 36^8 possible choices which is about 1/76th the size of
the space made up of {A-Z,a-z,0-9}.

But who uses digits? Many don't. The number of 8 character passwords made
up of just lower-case letters can be searched about 1026 times faster. That's
less than an hour given the rough estimates. This pretty close to the
size of the salt so the two cancel each other out and the running times
from the previous post would apply here. This emphasizes the need for
using different cases, numbers and punctuation in the password.

When people use DES manually, they often just type in the key like a password.
(Many of the automatic systems choose keys randomly from the entire key
space.)  If this is the case, then all of the estimates from the earlier piece
in 16.34 also apply to this case without having to worry about the salt.
Clearly, any new standard encryption algorithm should include a method for
hashing a longer phrase down to a shorter key in such a way that the entire
keyspace is covered.

Finally, some have asked about shadow password files, a common UNIX system
hack that prevents ordinary users from access to the password file that used
to be kept open for all to read. It is unclear how common these are, but this
problem is really independent of the problem of attacking encrypted passwords.
People can get at encrypted passwords by sniffing the network as well as a
variety of other file system hacks. If the users could never get at encrypted
passwords, we wouldn't need to encrypt the passwords anymore.

I should point out again that my estimates of about the Cray came from thin
air. I have no direct knowledge of the exact architecture of the machine or
many of the small and medium sized details that could impose factors of 2 or 4
on the results.

There are several other details. Although most focus their paranoia on the
NSA, there are many others who might come to own such a machine. The Cray
computer eventually emerging from this project should be available on the open
market. It will undoubtably have many uses in many arenas. The memory
architecture may grow to be popular in desktop machines because it can be used
to do ray tracing, CAD applications and many other computational projects.
Other Cray innovations are now common on desktop machines. That may be well
into the future, but concentrating on that is one way to keep from getting
mired in the past.

Re: Fraud and Identity — SCI-FI (Kabay, RISKS-16.35)

25 Aug 94 14:58:00 EST
MK writes:
>And will such tokens become valuable
>commodities--valuable enough to steal and trade in the underworld?  Sounds
>like the subject for an interesting science fiction novel.]

I recall at least once SciFi story in which eyeballs are removed to trick
retinal scanners (that is, you remove someone ELSE's eyeball, and hold
it up to the scanner...not at all nice!).

Andrew Marchant-Shapiro, Depts of Sociology and Political Science, Union
College, Schenectady NY 12308   (518) 388-6225

Politicians Join the Internet

"Mich Kabay [NCSA Sys_Op]" <>
29 Aug 94 07:42:27 EDT
The Washington Post newswire (94.08.29) reports on the growing use of Internet
services by the US Congress and Senate:

"E-Mail Puts Congress At Voters' Fingertips; House, Senate Venturing Onto the
 By Elizabeth Corcoran
 Washington Post Staff Writer

    "When the House of Representatives was weighing an amendment to a bill on
education earlier this year, constituents swamped Rep. Elizabeth Furse's
office with questions and concerns.
    "The Oregon Democrat took to the information highway: Along with
conventional interviews, she posted soothing explanations on various computer
bulletin boards. The uproar died down, and the bill passed."

The author makes the following key points:

o   Growing use of Internet access throughout the US government, including
legislators, support staff, and government employees.

o   White House plans to put multimedia documents online by mid-September.

o   "...about 40 representatives and 30 senators have acquired Internet
addresses; about that many more members and committees in both houses have
requested access."

o   Enthusiasts praise the immediacy of the electronic communications

o   Voters can obtain detailed information online about legislation.

o   Congressional staffers are working on security measures "to protect
its paths onto the Internet from hackers bent on disrupting databases."

o   Remote voting by legislators is a possibility under discussion for the
long term.

[Comments by MK:

1) Disproportionate weight

In social psychology, one of the observations about how people form judgements
about issues ("social cognition") is that _salience_ influences judgement.
That is, the unusual, the exceptional, the striking--these factors insensibly
lead us to overestimate their importance.  In experimental work over many
years, psychologists have found that anyone who is noticeably different in a
group picture is assumed unconsciously by observers to have special

Until Internet access becomes more widespread, anyone sending E-mail to a
Congresscritter is likely to be considered with greater interest than someone
sending snailmail--simply because of the novelty.

2) Spoofs

Congresscritters naturally weigh public comments with an eye to voter
preferences.  If there 20,000 messages supporting a particular initiative and
500 opposing it, the recipient may be influenced in favour of the proposal.

And how will the congressional staff judge how many people sent the 20,000
messages if there is no authentication of the identity of the senders?  Yes,
fraudsters could go to the trouble of generating thousands of printed messages
and mailing them from the appropriate district (so the postmark would fit).
Mind you, it would be quite a job, what with using different fonts, margins
and wording to simulate the contributions of individual voters.

What a contrast with E-mail!  Without public key signatures, a computer
program could generate thousands of E-mail messages using randomizers for the
text and a list of fraudulent identifiers.  Even _with_ public keys, if the
Bad Guys chose to certify thousands of their own pseudonyms, nobody could stop
them--and it is unlikely that Congresscritters would know which keys had been
certified by criminals.

3) Representative democracy

Each letter and phone call to a legislative office is assumed to represent the
opinions of many others who have not taken the time to communicate with their
representatives.  The practice of allowing free mail to representatives is
supposed to increase the availability of such communications.

What assumptions will legislators make about E-mail?  And what will be the
demographic attributes of E-mail senders?  I think there's scope for some
pretty intensive research here before anyone draws conclusions about the
population sending political E-mail.

Legislators must analyze issues, not merely tally indices of popularity.  And
with electronic communications, they must be especially wary of taking the
easy path of vote-counting.  Some of those "voters" may be phantoms, and the
rest may be very different from "normal" voters.

Many commentators have suggested that access to the Internet may widen the gap
between the enfranchised intelligentsia and the disenfranchised masses.  As
E-mail links to legislators increase, it will be important to monitor the gap.
If it becomes intolerable, that gap will have to be closed by widening access
to the proposed National Information Infrastructure.]

M.E.Kabay,Ph.D./DirEd/Natl Computer Security Assn

Re: pi = 3 (RISKS-16.34,35)

Thu, 25 Aug 1994 12:49:39 +0800
It doesn't take a law to make pi = 3. On some old versions of Basic for
PDP-11s, you could assign any value to the "constant" pi.  The constant was
contained in a shared run-time system (with write permission!), and changing
it in one program changed it for all Basic programs (until the rts was

Mark Stalzer,

More on Pi (RISKS-16.34,35)

Rob Boudrie <>
Thu, 25 Aug 94 14:39:41 EDT
[The Indiana Pi-throwing] is covered in detail in Peter Beckmann's book "A
History of PI", in which he points out both the incomprehensibility of that
Indiana law, as well as the difficulty in finding Pi=3 in it.  That volume
(available in paperback) is absolute must reading for all of those who at one
time knew Pi to over 200 digits.
                                        rob boudrie

   [Also noted by Hal Lewis (
   the book "has lots of other great stories about this remarkable
   number."  PGN]

system makes bank check forgery easy

Christopher Klaus <>
Mon, 29 Aug 94 12:42:54 EDT
Here's an obvious risk that I am not sure exists for all banks but here's the

I use to live in dorms and when I opened an account with a local bank,
they sent 3 or 4 packets of checks.  I put the extra packets in my desk.
Unfortunately, my roommates were less than honest and forged a check
for some pizza. I noticed 1 or 2 packets missing so I had the bank stop
payment for all the packets of checks that were missing.  More than 6 months
later, after I moved, I grabbed a packet of checks, and wanted to verify
these were good ones and not ones I had previously stopped payment on.

I called up the bank and the lady told me , if the checks had been stopped
payment for more than 6 months, it is automatically purged from the system ,
and are good again.  I asked her, `If I stole a few packets of blank checks
from someone, I could just wait 6 months for the stop payment to roll over in
your system, and begin forging again?'  And she said, `Yea, but not a lot of
people know that.'  Well, gee, that makes me feel safer.

I am not sure if this is true for most banks, but I wouldn't be surprised if
it were so.

Christopher William Klaus  <>  <>
Internet Security Systems, Inc.         Computer Security Consulting
2209 Summit Place Drive,              Penetration Analysis of Networks
Atlanta,GA 30350-2430. (404)998-5871.

CFP: 2nd ACM Conference on Computer and Communications Security

Li Gong <>
Thu, 25 Aug 94 12:18:21 -0700
This is the first announcement of the upcoming ACM conference [RISKS-pruned].
You can access the full registration information online by E-mail to or by www file

                   Call For Participation
   2nd ACM Conference on Computer and Communications Security
                Nov 2-4 1994, Fairfax, Virginia
                    Sponsored by: ACM SIGSAC

      Hosted by: Bell Atlantic and George Mason University

             In cooperation and participation from
        International Association of Cryptologic Research
IEEE Communication Society TC on Network Operations and Management
         IEEE Computer Society TC on Security and Privacy

                Conference Highlights

Building on last year's highly successful inaugural conference, we are pleased
to invite your participation in this year's conference. The purpose of the
conference is to bring together researchers and practitioners of computer and
communications security. As evidenced by the program, the conference offers a
unique blend of cryptography and security, theory and practice, with emphasis
on the practical. The conference will be held in the Holiday Inn, Fair Oaks,
in Fairfax, Virginia; minutes from the Nation's Capital. We welcome you to
enjoy an informative and invigorating program, and Washington's pleasant
mid-fall sight-seeing weather.

                Advance Technical Program
                   (Subject to Change)

November 2

8:45 - 9:00     Welcome, D. Denning and R. Pyle

9:00 - 10:30     Applications, R. Sandhu
- Support for the File System Security Requirements of Computational
  E-Mail Systems, A. Prakash and T. Jaeger
- Secure Wireless LANs, V. Bhargavan
- The Design and Implementation of Tripwire: A File System Integrity
  Checker, G. Kim and E. Spafford

11:00 - 12:30 Emerging Areas, S. Lee
- Exchange of Patient Records: Prototype Implementation of a Security
  Attribute Service in X.500, M. Jurecic and H. Bunz
- A Process-Oriented Methodology for Assessing and Improving Software
  Trustworthiness, E. Amoroso, C. Taylor, J.Watson and J. Weiss
- Panel: To be announced

2:00 - 4:00 Key Escrow, C. Neuman
- Clipper Repair Kit - Towards Acceptable Key Escrow Systems,
  T. Beth, H. Knobloch, M. Otten, G. Simmons and P. Wichmann
- Protocol Failure in the Escrowed Encryption Standard, M. Blaze
- Panel: Corporate Key Escrow, R. Ganesan

4:30 - 6:00  Cryptography -1, J. Feigenbaum
- Secure Agreement Protocols: Reliable and Atomic Group Multicast in
  Rampart, M. Reiter
- Key Distribution via True Broadcasting, M. Just, E. Kranakis, D.
  Krizanc, P. Van Oorschot
- Conditionally Secure Secret Sharing Scheme with Disenrollment
  Capability, C. Charnes and J. Pieprzyk
- Meta-ElGamal Signature Schemes, P. Horster, H. Petersen and M. Michels
- Anonymous Credit Cards, S. Low, N. Maxemchuk and S. Paul

November 3

9:00 -10:30     Database Security, Carl Landwehr
- An Efficient Multiversion Algorithm for Secure Servicing of
  Transaction Reads, P. Ammann and S. Jajodia
- A Temporal Authorization Model, E. Bertino, C. Bettini and P. Samarati
- Propagation of Authorizations in Distributed Database Systems, P.
  Samarati, P. Ammann and S. Jajodia

11:00 - 12:30 Cryptography-2, J. Stern
- Substitution-Permutation Networks Resistant to Differential and
  Linear Cryptanalysis, H. Heys and S. Tavares
- Information Leakage of Boolean Functions and its Relationship to
  Other Cryptograpahic Criteria, M. Zhang, S. Tavares and L. Campbell
- Authentication Codes that are r-fold Secure Against Spoofing,
  R. Safavi-Naini

2:00 - 4:00 Electronic Commerce Security - R. Ganesan
- The Role of Licensing, Insurance and Endorsements in Evaluating
  Trust of Distributed System Services,  C. Lai, G. Medvinsky and C. Neuman
- To be announced
- Panel: Security Issues in Electronic Commerce, C. Neuman

4:30 - 6:00  Cryptographic Protocols, P. Van Oorschot
- New Protocols for Third-Party-Based Authentication and Secure Broadcast,
  L. Gong
- How to Simultaneously Exchange Secrets by General Assumptions,
  T. Okamoto and K. Ohta
- A Key Distribution Method for Object-Based Protection, W. Ford and M. Wiener

November 4

9:00 - 10:30 Cryptanalysis, L. Gong
- On the difficulty of factoring, A. Lenstra
- How to Break Gifford's Cipher, T. Cain and A. Sherman
- Parallel Collision Search with Application to Hash Functions and
  Discrete Logarithms, P. Van Oorschot and M. Wiener

11:00 - 12:30    Firewalls, S. Bellovin
- Application Access Control at Network Level, R. Molva and E. Rutsche
- Network Security Probe , P. Rolin, L. Toutain and S. Gombault
- Panel: Firewalls, S. Bellovin

2:00 - 3:00  Experience, R.Graveman
- Security Modelling for Organizations, A. Anderson, L. Kwok and D. Longley
- Mainstreaming Automated Information Systems Security Engineering,
  J. Coyne and N. Kluksdahl

3:30 - 5: 00     Multilevel Security, V. Gligor
- The Compatibility of Composable Policies, H. Hinton and S. Lee
- An Entropy Conservation Law for Testing the Completeness of Covert
  Channel Analysis, R. Browne
- Prerequisite Confidentiality, J. Nestor and S. Lee

General Chairs: Dorothy Denning (Georgetown University), Raymond Pyle
  (Bell Atlantic)
Program Chairs: Ravi Ganesan (Bell Atlantic), Ravi Sandhu (George Mason Univ.)
Treasurer and Local Arrangements: Richard Graveman (Bellcore)
Proceedings: Jacques Stern (ENS/DMI)
Publicity: Li Gong (SRI)

[Program Committee distinguished, but deleted for space, along with
  registration info.  PGN]

Please report problems with the web pages to the maintainer