The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 17 Issue 58

Friday 22 December 1995


o I've been Framed by Gondolas!
Paul Menon
o Texas Instruments e-mail snafu...
Bruce R Koball
o My name is mud! [alta vista]
Piers Thompson)
o Re: Indelible words [alta vista]
Bill Hawthorne
o Problems when PC BIOS is held in flash RAM
Martin Portman
o Re: Domain Registration RISK?
o Write protection is in *hardware*
Rob Slade
o Re: German service providers must maintain covert customer databases?
Otto Stolz
o Correction to previous posting re: IW attack on Navy by AF
o Re: Navy Battleship takeover
Jim Haynes
John Oram
RSR Madison
Mark Stalzer
Bob Brewin
o Re: Risks of checking accounts
Geoff Kuenning
o ABRIDGED info on RISKS (comp.risks)

I've been Framed by Gondolas!

Paul Big-Ears Menon <>
Fri, 22 Dec 1995 20:04:44 +1100 (EST)

This year ('95) I think I've written a total of 3 memos. You know, those official things you resort to when e-mail won't suffice. It is for that reason I don't enjoy writing them. They're an extreme measure and have to be very carefully worded.

Uhh .. huh .. so far, so good.

My last two were no different. They were addressed to the same audience (my boss, the HOD, the academic enrollment officer and various people in the administrative group that `controls' the database - another department, including the director of that group). The subject, by the way, was regarding access to student enrolment data for use in accounts creation. A rather serious issue. The last memo was sent on the 19th of December.

Today (the 22nd of December, halfway through our Departmental Christmas breakup, I wandered back into my room, making a final scan of the mess that was supposed to be my desktop. In a vain attempt to clean up I shuffled a few things around, and ended up with a copy of the last poison pen production in my hand. An idle scan revealed the first point on the memo to start [the names have been censored to protect the needle — pnm]:

"1. Mr XXXX's approach to the ASG early last year regarding data gondolas was in an expectation ..."

I cracked up.

Visualisation took over - yup that made sense. I could see it now. Extra large data packets are now to be termed as gondolas.

How could anyone take this memo seriously? I shared my gaffe with a few in the Staff Room (still enjoying the festivities) - including my boss, and had them crying. My boss hadn't noticed it either.

So what had happened? You guessed it, a spelling checker was used. I had used FrameMaker to compose the memo. I obviously got lazy when it was time to check the spelling and didn't notice what was being suggested as a correction (you know - hit the return key... just get on with it!). All I can assume is that the intended word was supposed to be _downloads_, and my fingers got out of synch with my brain, perhaps typing something like downdolas, I'm not exactly sure ...

There's a risk where corrections to transposition errors cause an even greater error, whereas if the error was left intact, it may have been understood [mabye! :-)]. [And PGN had fun checking mispelings on this issue.]

Such errors arise from what I term keyboard race conditions. Common typos are 'teh' instead of 'the'. I also have a dread of typing 'interested' as there's a 20% chance (I'm sure) of it ending up as 'inetereseted'.

I've never suffered these race conditions when writing (by hand).

A Merry Christmas and a preprosperous (..) New Year to you all.

Paul Menon, Dept of Computer Science, Royal Melbourne Institute of Technology, 124 Latrobe St., Melbourne 3001, Victoria, Australia

Texas Instruments e-mail snafu...

Bruce R Koball <>
Fri, 22 Dec 1995 11:14:59 -0800

This is a relatively pedestrian RISK for any one who's had experience configuring e-mail lists, but it's notable, perhaps, because of the stature of the problem's source...

Texas Instruments recently opened a Web site they're calling TI&ME, to provide all sorts of technical info on their products, including data sheets on their complete lines of analog and digital ICs (this is a lot of data... the TI data books in my library take almost 10 linear feet of shelf space... so such a resource could be quite useful to hardware designers).

In an effort to qualify access to this site they initially required that, at sign-up time time, you select a login and password, and then wait while a validation code was separately e-mailed to you. You then had to log back into their Web site and enter the validation code before you could get access to the data sheets.

While a bit awkward, this process seemed to work OK... Last night, however, I got e-mail from their service announcing that they had removed the validation code requirement from their sign-up procedure... fine by me... I was already in...

Unfortunately, whatever change they made in their system also seems to have triggered an avalanche of bogus e-mail to people on their list... this morning I logged in to find dozens of bounced mail replys, replys to bounced mail replys, replys to replys of bounced mail, etc... all originating from TI's site... and I'm hoping they fix it soon...

What's the RISK lesson? I suppose it's best summed up by something Mitch Ratcliffe said a while back: "Computers let you make more mistakes faster than anything except handguns and tequila..."

Bruce R. Koball, 2210 Sixth St., Berkeley, CA 94710 510 845-1350 (fax) 510 845-3946

My name is mud! [alta vista]

Ionica\) < (Piers Thompson \>
Fri, 22 Dec 95 13:15:30 GMT

I am interviewing job applicants at the moment. I saw the mention of the alta vista search engine in Risks and thought it could be a useful tool for gathering extra information about applicants from their usenet participation. I am dubious about the morality of this course of action but I am also keen to recruit the best person for the job.

Anyway, to cut a long story short, I didn't get any hits on any of the applicants. So I tried searching for myself......and the first hit was an obscene mailing to one of the alt newsgroups.

I have an unusual name so any prospective employer might very well assume that the obscene poster was me.

In a way I think that this experience was amusing in an ironic way. I tried to use underhand means to discover things about job applicants and, instead, found out that my name's net image isn't quite as expected.


Re: Indelible words [alta vista] (Hawthorne, RISKS-17.56)

Bill H. <>
Fri, 22 Dec 1995 08:38:05 GMT

There's also a hidden RISK in such archives, arising from the public's ignorance of the way USENET works:

It's natural to assume that a person actually reads all the newsgroups they post to; however, this is not always the case. Followups to a crossposted article in most cases go to all of the original newsgroups, which is usually not a serious issue; however, some posters make a nasty hobby of crossposting "trolls" to totally unrelated newsgroups, often including groups on pretty damning topics, in the eyes, for instance, of potential employers. For a case in point do a search on Alta Vista <> for:

drugs.pot and

Now, look at the actual content of the posts this search turns up... :-)

The RISK? If you aren't careful about following up to someone else's post, you could be listed in search engines across the net as a regular poster to newsgroups you don't actually read-- and there's no guarantee that potential clients or employers will think to double-check the content of those posts.

- Bill H. (

Problems when PC BIOS is held in flash RAM

Martin Portman <>
Fri, 22 Dec 95 09:39:51 GMT

Some pc motherboards now (or soon will) have flash RAM chips placed where the old bios rom chips used to live. So after production, the bios code is loaded into the flash RAM. The benefits are shorter time to market (the bios doesn't have to be finished until the last minute) and upgrades will also be possible in the field.

The RISK here is from code that would write to the flash RAM, ie. altering the operation of the bios (viruses), or maybe deleting random segments of it.

Each PC will have to come supplied with a re-load trusted bios program, but I have no idea how (or if) this would work.

Another RISK is that the flash RAM will probably only be good for tens of program cycles (updates) to keep costs down. After a few virus attacks and reloading the bios and legitimately updating it, writes to the RAM chips may start to fail and the whole pc will be useless.


Re: Domain Registration RISK?

<[Same person as the RISKS-17.57 item with the same subject:]>
Fri, 22 Dec 1995 011:51:58 -0800 [received time]

(update to yesterday's note/today's posting)

Well, my No! Stop! Don't do it! e-mail to the hostmaster at the InterNIC did not stop the erroneous DNS update from taking place. [I sent in a request to update a domain i own and made a typo of (no "s").]

The "system" is supposed to allow updates only from the "owner", technical contact, or admin contact of a domain. Obviously, there is a "improvement opportunity" in the current system, as I just checked and the erroneous update occurred this morning, despite my not being associated with the other domain in any way and sending a note to the NIC telling them NOT to make the update....

[Date: Fri, 22 Dec 1995 14:57:02 -0800 received time]

I just got a reply acknowledging my "NO! Don't do it!" note which I sent to the InterNIC after receiving their confirmation of my (typoed) request to update my domain nameserver

The note says that the _correct_ update has now been performed and will be available on Monday - what a Christmas present for the folks in the other domain.

Checking with the NICs whois service today, I see the (incorrect) data is available, earlier than promised (5 PM today). ]

Write protection is in *hardware*

"Rob Slade" <>
Fri, 22 Dec 1995 14:21:33 EST

As much as I hate to disagree with anyone saying anything bad about Win95 ...

> it is possible to format write-protected disks when using the German
> version of Windows 95.

Sorry, but either they are wrong or the report was incomplete. Win95 mostly, and to the best of my knowledge only, runs on BIOS/Intel/DOS compatible machines. Almost without exception, these computers use disk drives where the write protection circuitry is built into the hardware. (Believe me, we have discussed this times without number in the virus discussion area.)

It is possible for the circuitry to fail. Also, 3.5 inch drives fail "writeable" while 5.25 inch drives fail "safe". And there are interesting problems with transparent or silvered tabs or disks. Macs generally have the same type of hardware write protection, although I believe there was discussion of bypassable write protection on some obsolete models.

DECUS Canada Communications
Author "Robert Slade's Guide to Computer Viruses" 0-387-94311-0/3-540-94311-0
[NUMEROUS e-mails on that point, including (Did the author mean files?), "Robert Beckman" <>, Alain Knaff <>, PGN.]

Re: German service providers must maintain covert customer databases?

Otto Stolz <>
Fri, 22 Dec 1995 10:00:34 +0100


I have not read that article yet. However, I wish to improve on the translation of the two terms given in German:

> Such a practical ["praktisches"!] information system is needed by the

In this context, "praktisch" usually means both "useful", and "easy-to-use". Hence, the preceding sentence means: Such a handy information system is needed by the German government and secret services. (A rather cynical remark, typical for the "Bulkware" column that does not mince matters.)

> This database must be organised so that it can be accessed by higher
> places ["hoeheren Orts"!] without the telecommunication provider noticing

"Hoeheren Orts" is an almost obsolete term, from Prussian and the Kaiser's times, meaning "by the authorities", or "by the powers that be"; this term was often used to indicate personal involvement of the emperor. ("Man war hoeheren Ortes nicht erfreut" == "His Majesty was not amused".) Again, Bulkware hints at an attempt to reinstate features of an authoritarian state that supposedly had been overcome.

Otto Stolz <>

Correction to previous posting re: IW attack on Navy by AF

Information Warfare Mailing List <>
Fri, 22 Dec 1995 16:36:17 -0500 (EST)

I made an error in my previous posting to Risks. I incorrectly stated that a Navy captain was the person responsible for the demonstration - it was an Air Force captain - a big difference. Please let your readers know.

[For some reason there was a difference between the original IW posting and its almost equivalent RISKS posting. PGN]

Re: Naval Battleship takeover (Long, RISKS-17.55)

Jim Haynes <>
Fri, 22 Dec 1995 10:57:41 -0800

In correcting/debunking this story the moderator has managed to introduce a new error. He talks about the improbability of a teenaged Navy captain; while the original story said an Air Force captain. "Captain" has a very different meaning between the two services. Air Force captains, while not teenagers, tend to be many years younger than Navy captains. Navy captain <~=> Air Force colonel; Air Force captain <~=> Navy lieutenant. (where ~= means "approximately equal")

Re: Naval Battleship takeover (Long, RISKS-17.55)

John Oram <>
Thu, 21 Dec 1995 20:54:49 -0800

>If he was a Navy captain, he could not have been all that young. Whizzkids
>are usually considered teenagers. Anyone know of any teenaged Navy captains?

Minor point - the guy was supposed to be an Air Force captain (third officer rank), not a Navy captain (6th officer rank). A U.S. Air Force captain could be as young as 25 or so, which could be considered whizzkid-esque from an upper-echelon (i.e. Navy captain, early to mid forties) perspective.

To make things more confusing, the Navy equivalent of an AF captain is a lieutenant, and the Navy equivalent of a AF lieutenant is an ensign. Convoluting matters further, in the Canadian and British militaries, lieutenant is pronounced 'lef-tenant' yet spelled the same. And the AF equivalent of a captain is a colonel, which is also not pronounced as it sounds because of a horrific entomological journey from Italian via French to English.

A 2nd Lieutenant wears a gold bar, yet a 1st lieutenant wears a silver bar. And even though a major outranks a lieutenant, a lieutenant general (3 stars) outranks a major general (2 stars).

Ranks make much sense sometimes. The RISK - not using unique keys for different military service's ranks. :)

John Oram (son of an Air Force Colonel), MIS Department
University of British Columbia
[Also noted by Mark Stalzer <>, Sten Drescher <>, and others. PGN]

Re: Naval Battleship takeover (Long, RISKS-17.55)

Fri, 22 Dec 1995 00:59:09 -0500

From Richard S. Russell (

A message from the InfoWar list noted that: <<There are NO active US battleships!!! And there weren't any last September.<>

As stated, this is true. However, let the record show that the US Navy still flies the flag daily over 1 commissioned battleship, the USS Arizona, permanently stationed in Honolulu.

Re: Naval Battleship takeover (Long, RISKS-17.55)

Mark Stalzer <>
Fri, 22 Dec 95 08:21:13 EST

Thanks for debunking the battleship takeover story. It's right up there with the death ray that supposedly cooked the President's helicopter.

Mark Stalzer,

Re: Naval Battleship takeover (Long, RISKS-17.55)

Bob Brewin <>
Fri, 22 Dec 1995 10:53:56 -0500

Yikes. This story will not die — it just lives on a Web site at the Daily Telegraph in London. Having worked for a British news organization (Reuters) for years, if you believe the Telly story, call me about a bridge I have for sale.

The Air Force did not hack the Navy over the Internet. They did it over a secure network (SIPRNET) which is firewalled from the Internet.

The Air Force conducted this attack with the Navy's knowledge and permission.

The Navy does not have any battleships on active duty.

The Air Force did not get control of the none-existent battleship.

Yep. This does have the makings of a legend.

Bob Brewin editor-at-large (whatever that means) federal computer week

Geoff Kuenning <>
Fri, 22 Dec 1995 11:13:07 -0800

In RISKS 17.57, Gary M. Watson tells of receiving someone else's checking statement, and writes:

> 2. Don't put all sorts of important numbers on check Memos.

Unfortunately, this won't help. Take a look at the back of your cancelled checks sometime. When you make a payment to any moderately large company, the first thing they do is print important audit-trail information on the back: the date, the amount of the payment, and the account number credited are always included, among other things. They need this in case a problem arises. So a moderately knowledgeable thief can extract the critical numbers regardless of whether you put the account number in the memo line. (The only time the "please put account number on check" advice is actually useful is when your check gets separated from the bill stub before it can get into the processing machine, which one hopes is a rare occurrence. I ignore the advice out of laziness, not for security purposes.)

Geoff Kuenning

Please report problems with the web pages to the maintainer