The RISKS Digest
Volume 19 Issue 79

Saturday, 6th June 1998

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…


Radar glitch delays NYC flights
Edelson Doneel via PGN
Air Force One drops off radar again
Edelson Doneel via PGN
FAA orders retraining for air controllers
Peter G. Neumann
Cause of train crash in Germany
Alexandre Sinyakov
15th century time machine to suffer from millennium bug
Keith Rhodes
UK libel law vs. US free speech
David Wittenberg
Re: Disabling Java and JavaScript
Li Gong
Y2K financial risks
Doneel Edelson
Re: Referer-log security hole
Robert J. Woodhead
Sidney Markowitz
Mark Nottingham
Paul Wright
Re: Navy stops teaching celestial navigation
Danny Burstein
Michael Comiskey
Re: Risks of online phone books
Una Smith
Info on RISKS (comp.risks)

Radar glitch delays NYC flights

"Edelson, Doneel" <>
Fri, 5 Jun 1998 14:25:44 -0500
Flights into and out of LaGuardia, Kennedy, and Newark in the NYC area were
delayed by an air-traffic control center computer upgrade problem at the
Westbury Long Island TRACON (Terminal Radar Approach Control).  New TRACON
software was first loaded for testing at 5:30 a.m. this morning, but it
didn't work properly and the old software was reloaded at 7:10 a.m.
Unfortunately, some controllers' screens froze, airspeed, destination, and
other information were missing, and operations were slowed down.  [USA
today, via Associated Press 5 Jun 1998; PGN Stark Abstracting]

Air Force One drops off radar again

"Edelson, Doneel" <>
Fri, 5 Jun 1998 14:24:35 -0500
In March, we reported (RISKS-19.63) the momentary outage of the long-range
radar unit at Gibbsboro, N.J. (which had been installed in February), with
Air Force One disappearing from radar.  It happened again over New Jersey
twice this morning with the President en route from Washington DC to give
the MIT commencement address, the first time for 48 seconds, the second for
36 seconds.  (This was reportedly unrelated to the TRACON outage noted in
the previous item.)  There was also an earlier failure in October 1997 in
which radar missed detecting a single-engine plane within 400 feet of a
Swissair Boeing 747, forcing the 747 into a steep dive.  [USA today, via
Associated Press 5 Jun 1998; PGN Stark Abstracting]

  [At MIT, the President noted that we need better security in our
  systems.  He failed to note (not surprisingly) that Administration policy
  on encryption is a serious hindrance to better security.  PGN]

FAA orders retraining for air controllers

"Peter G. Neumann" <>
Sat, 6 Jun 1998 10:01:59 -0500
In light of a 20-foot-separation near-collision of two planes over La
Guardia Airport on 3 April 1998, and a 21 May 1998 FAA memo outlining
increased errors by controllers (19% increase in operational errors, 49%
increase in surface errors), the FAA has ordered retraining of 10,000 of the
18,000 U.S. air-traffic controllers.  The significance of the near-disaster
came to light only after passenger complaints, whereas tower personnel had
failed to report it, and the pilot had notified his regional FAA office
rather than the local center.  Relating to radar dropouts, Joseph Fruscella
(an air-traffic controller, and eastern regional vice president of the
National Air Traffic Controllers' Association) said, "Every day we lose
approximately 50 planes on the radar" for 30 to 60 seconds.  "It's been a
problem since day one."  [USA today, via Associated Press, and *San
Francisco Chronicle* items, p A4, 5 Jun 1998, and p. A1, 6 Jun 1998, PGN
Stark Abstracting]

Cause of train crash in Germany

Fri, 5 Jun 1998 22:53:55 +0400
  [The cause of the worst German train disaster in more than 50 years
  is being blamed on a broken wheel on the first car behind the lead
  locomotive, according to *The Washington Post*, 6 Jun 1998, noting
  that investigators had not yet determined whether it was metal fatigue
  or an outside force.  Consequently, this item from Sinyakov seemed worth
  including as an indication of the diversity of risks that must be
  considered relating to technology.  PGN]

The cause of train crash in Germany is a natural phenomenon — a Local
Geophysical Resonance (LGR).  LGR is unknown early phenomenon which is
connected with an interaction of solar systems planets. It was discovered by
professor Alexander Sinyakov. This interaction leads to the excitation of
local zone of outerspace. If the frequency of LGR is equal to the critical
frequency of crystal structure of object, the failure of objects take place.

In the case of train crash in Germany (03 June 1998) the frequency of
crystal structure of steel rails and wheels was equal to the frequency of
LGR.  The crack of rails and may be wheels arose as a result of LGR.
Similar cause took place in the crash of train Pendolino in Italy.

More detail about  LGR look at:

Best regards  professor Alexander Sinyakov,   E-mail

15th century time machine to suffer from millennium bug

Fri, 05 Jun 98 07:12:39 EST
The oldest time machine in the world destined to suffer from the millennium
bug has been found in a museum in Liverpool in northwest England, it was
reported Friday.  The 400-year-old instrument, which predicts the position
of the planets, will stop working at the dawn of the new millennium, unable
to accept the date of 1 Jan 2000, like many unadjusted computers around the
world, museum curators said.  The equatorium, built by an unknown craftsman
in 1600, predicts the position of the Sun, Moon, other planets and even
eclipses through a system of rotating discs and arms.  But the last date
inscribed was 1999. "It must have seemed like an eternity at the time," said
curator Martin Suggett.  [NOTE: These short-sighted engineers. No wonder we
have all these problems. From the Japanese press, 5 June 1998.]

UK libel law vs. US free speech

David Wittenberg <>
Fri, 5 Jun 1998 16:44:46 -0400 (EDT)
Dr. L. Godfrey is suing Cornell university and a former Cornell grad student
for libel in London complaining about messages posted by the student
(M. Dolenga) on the usenet group soc.culture.canada 3 years ago.
Dr. Godfrey has previously settled a case in which he sued a British
physicist and won a libel suit against an Australian ISP.  He also has two
other Internet defamation cases he is pursuing.  The general issue here is
that UK libel law often prohibits speech which in the US is protected by the
first amendment.  If the usenet articles were written in the US and
transmitted to the UK, which laws apply?  "English Court May Test
U.S. Ideals on Online Speech" — *The New York Times* (5 Jun 1998,
electronic edition)

Re: Disabling Java and JavaScript (Byrd, RISKS-19.78)

Li Gong <gong@games.Eng.Sun.COM>
Fri, 5 Jun 1998 14:58:23 -0700
If you are worried enough about the level of risk that the Java technology
(allegedly) brings to you, I wonder why you are brave enough to use a
browser, a MIME-enabled e-mail reader, a postscript viewer, or a PC.

Li Gong, Java Software Division, Sun Microsystems Inc.

Y2K financial risks

"Edelson, Doneel" <>
Fri, 5 Jun 1998 15:53:38 -0500
My company is the major credit insurer in the the USA (and the parent
company is the world's largest credit insurer).

The marketing department issued a bulletin today outlining the Y2K
financial risks in selling on credit to other companies, both domestic
and foreign.  The focus of the article, of course, is that through the
purchase of credit insurance from our company, a business can protect
itself against the risks of non-payment, slow payment, and insolvencies.

What this means to Risks readers is that the large insurance companies
will monitor the main industries and businesses and provide early
warnings of financial problems to their clients to reduce or stop
selling to those businesses that are at risk of becoming a problem.
(After the proper warning, the insurance company is not responsible for
any further sales to those businesses).

Re: Referer-log security hole (Barger, RISKS-19.78)

"Robert J. Woodhead (AnimEigo)" <>
Thu, 4 Jun 1998 20:59:47 -0400
The difficulty of suppressing the Referer: field is a long-standing
problem that has caught people many times in the past.  And it is much
worse than people think!

For example, if you are on an Excite page and TYPE a new URL into the
Location: line of your browser, the Referer: field contains the URL of your
current page, even though you (logically) didn't come from there!  This is
a massive security hole that has been reported many times to both Netscape
and Microsoft, and never fixed.

The only way to prevent such information from being passed is as follows:

1) Make sure that there are no off-site image references on your page; they
get the referer too.  If you're using a banner exchange service, better
hope they are trustworthy!

2) Make all your links to off-site locations indirect through a CGI that
returns a page that uses the Refresh Meta tag to load the final
destination.  A CGI that merely redirects to the destination page will NOT
be sufficient; the Referer: of the original page is not changed when a
Redirect occurs!

You can see the proper technique in operation at

Re: Referer-log security hole (Barger, RISKS-19.78)

"Sidney Markowitz" <>
Thu, 4 Jun 1998 19:30:57 -0700
In RISKS-19.78 Jorn Barger talked about referer logs capturing people's
Excite passwords and implied that the web search string he mentioned would
find such logs. Perhaps this is what he meant when he said "it gets worse
and worse", but the problem really is much worse than referer logs.

The actual problem is that Excite includes an encoded password in the URL
and that encoded password is all that is needed to access and change the
personal information that one keeps on the Excite site. Many of the hits on
the search string that Jorn mentioned are not referer logs but are pages
such as "John Doe's Bookmark List" where someone has published their
bookmarked link to Excite, probably not realizing that their password is
encoded in it. The resulting URL allows anyone to view the personal
information that was entered into the profile and even change the password
as a denial of service attack.

On the page where I could see one of these John Doe's name, e-mail address,
zip code, gender, birthdate and marital status was a link to Excite's
"Privacy Policy" where they displayed in bold letters:

"Excite will never willfully disclose individually identifiable information
about its customers to any third party without first receiving that
customer's permission."

Other companies provide customizable home pages without creating URLs that
when bookmarked give full authenticated access under a user's id. I'll leave
the details on how to do it as an exercise for the people who get paid to
think them up.

sidney markowitz <>

Re: Referer-log security hole (Barger, RISKS-19.78)

Mark Nottingham <>
Fri, 05 Jun 1998 18:45:04 +1000
This is due to the poor planning on Excite's part, not any flaw in the
protocol. After all, a URL is a UNIFORM resource locator, and shows the path
to any definable object.

Excite has just misused it; it's perfectly acceptable to use the query
component to specify user-specific info (so they can 'log in' from
anywhere). To have the authentication in there as well is lunacy; it shows
up not only in the referer, but the History, any bookmarks, local cache and
any proxies (and their logs) between the user and the server.

Mark Nottingham, Melbourne, Australia
Web architecture, design and programming

Re: Referer-log security hole (Barger, RISKS-19.78)

Paul Wright <>
Fri, 5 Jun 1998 20:31:22 +0100 (BST)
Jorn Barger points out something which people who run their own web-servers
have known for a while. Last year, a friend of mine ran a server with the
host name of "tickle", named after the Mr Tickle character in Roger
Hargreaves' books for children. The site had multiple occurrences of the
word "tickle" on its pages, as well, of course, as in the URL. The referer
logs from the web server frequently cited search engine pages with query
strings which were fairly revealing: it seems adults associate tickling with
things that children wouldn't even dream about! I suppose a serious
situation could arise from this if an unscrupulous webmaster combined this
information with ident daemon logs the server also keeps.

Paul Wright, Churchill College, Cambridge

Re: Navy stops teaching celestial navigation (RISKS-19.78)

danny burstein <>
Fri, 5 Jun 1998 16:49:20 -0400 (EDT)
Numerous folk commented on the US Navy plans for dropping most of their
"celestial navigation" courses, in favo[u]r of additional training in use
of, for example, the Global Positioning Satellite (GPS) system.

Much concern was expressed by RISKS contributors as to the dangers inherent
in this reliability on high technology - a story well known to all readers

Might I suggest the obvious solution to this quandary?

There is, indeed, a completely separate and fully functional backup to GPS
currently in place, namely the GLONASS system placed in orbit by the
Russians (and their friends).

Given the fiercely competitive, yet complementary, nature of this second
system, it's highly unlikely that anything short of our sun going nova would
knock them both out. In which case, of course, loss of GPS would be the
least of our worries.

And as an added benefit GLONASS doesn't suffer from the deliberate
degradation placed on the US signal.

Danny 'overhead, without any fuss, the satellites guide the way' burstein

Re: Navy stops teaching celestial navigation (Kuenning, RISKS-19.78)

Michael Comiskey <>
Fri, 5 Jun 1998 17:48:08 +0100 (BST)
To add to the fray on the navigation issue:

> ... but I'd bet they can get a new GPS broadcaster online in
> minutes if they *really* need to.

This sounds dubious. The USAF and USN ballistic missiles are relatively
small suborbital rockets compared to those used to put satellites into
orbit.  The Navstar satellites used for GPS are pretty hefty beasts,
requiring a large launcher. They also are in a high earth orbit. I cannot
see how any of the US ballistic missile fleet, (even the Peacekeeper) could
be used to get a navstar into a usable orbit.

While there may be some emergency system about, I can't see it being as
accurate as GPS.

Michael Comiskey
Systems Manager, Ulster Museum

Re: Risks of online phone books (Epstein, RISKS-19.78)

Una Smith <>
Fri, 5 Jun 1998 16:36:48 -0400 (EDT)
Regarding Jeremy Epstein's report of a false alarm gunshot wound, I have had
similar but not as frightening experiences.  I have a very common surname
and a rare given name (it is so rare in the US that I am constantly asked
about it).  On two occasions, I have received personal e-mail from total
strangers who assumed they had "found" a long-lost friend or relative on the
Internet.  The highly personal nature of this mail was disturbing to me, and
the authors were more than a little embarrassed to discover that they had
disclosed such personal information about themselves to a complete stranger.
And let us not forget the innocent third party: the intended recipient of
this mail, some of whose personal affairs were also disclosed to me in these

Or maybe these letters were just a new kind of sucker ploy meant to get me,
a woman by my given name, to exchange personal mail with the sender.  I
almost miss the old days when undergraduates at sites in another state would
send me Unix talk requests that began with "hey babe, I am watching you
across the terminal room", assuming a "babe" would not know where the talk
request was coming from, or something...

Una Smith

Please report problems with the web pages to the maintainer