Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
The end-volume summary issue (RISKS-19.98) is available on the ftp site as risks-19.00 in the main directory, and is now also in the new subdirectory 19 as both risks-19.00 and risks-19.98 — along with the rest of volume 19.
In a talk to the Washington D.C. chapter of AFCEA (the Armed Forces Communications and Electronics Association), Art Money (nominee-to-be for U.S. AsstSecDef for C-cubed-I) said that "Cyberterrorists have hacked into and altered the Defense Department's medical World Wide Web pages that contain information on troops' blood types" according to an article by Bob Brewin (antenna@fcw.com). Apparently, the intruders penetrated and altered medical databases at DoD hospitals in the Southeastern United States. This incident has reportedly caused the DoD to revisit its policy of what information to put on its Web pages. [I guess the PREVIOUS hacks did not raise enough alarms? Well, maybe that will change if Money is on the line. For new readers, the earlier cases of DoD Web site hacks were in RISKS-19.63 (the Army) and RISKS-18.64 (the Air Force), with other U.S. Government Web site hacks noted in RISKS-18.35 (Justice Department), RISKS-18.49 (CIA), and RISKS-18.88 (NASA). Then there was the Cloverdale case, which DeputySecDef John Hamre called the "most organized and systematic" attack (RISKS-19.60). ``Can you spell "security"?'' (and while you are at it, address integrity, preventing denials of service, and other aspects of security — as well as the general preoccupation with confidentiality). ]
File under "Yet Another Case of 'Deleted' Text That Isn't": *The Washington Post* reports (16 Sep 1998) that the copy of the Starr report made available on the Internet by the House contained footnotes absent from the printed version delivered to Congress. It seems that Starr's team wrote the document in WordPerfect, and provided the House with an authoritative disk copy. When House computer technicians converted the document to HTML format for release on the Web, footnotes that had been "deleted" in the drafting process suddenly reappeared. According to the *Post* story, when one deletes a WordPerfect footnote, the program simply inserts a token "that says, in effect, ignore the following passage. But the conversion to HTML had the effect of inserting a countermanding symbol: Ignore the ignore command." One of the erroneously resurrected footnotes contained an alleged comment by Lewinsky when, upon being barred from the White House, she learned that the President was meeting with TV journalist Eleanor Mondale. The "deleted" footnote quoted Lewinsky as saying, "Maybe she's not sleeping with him yet. Anyway, there's the excitement. It's the president." (A quick check reveals this to be footnote 739 of the Narrative chapter, which I downloaded from the Post web site Friday afternoon.) In addition to reviving deleted footnotes, the document conversion process also dropped some passages included in the official report. The erroneous additions and deletions made their way into innumerable online copies available on the Web, as well as full-text copies of the report included in the Saturday editions of the Post and several other newspapers. There's a old saying about Supreme Court opinions to the effect that the bodies are buried in the footnotes (e.g., that the most potent and difficult opposing legal arguments are cursorily dealt with there). One wonders what other tidbits are on the Starr disk. Fragmentary copies of earlier drafts? Slack space at the ends of files? Other WordPerfect hidden text? Mark Eckenwiler eck@panix.com
[... more on the foregoing ...]
Risks:
(1) The old one, mostly discussed in terms of Microsoft Word in the past,
that wysiNwod (what you see is NOT what's on disk). There have been
numerous articles in RISKS noting that deleted text is frequently still
there in Word. I don't ever recall seeing anything to this effect with
WordPerfect, though.
(2) A newer risk but related risk, that since conversion programs don't
follow the same algorithms for figuring out what text to translate, things
get added or dropped without the user's knowledge. This can happen even
when the converter comes from the same company as the proprietary format.
For example, the pluggin converted for MS Word 7 (i.e., for Office 95) to
convert Word to HTML silently drops all footnotes.
(3) As has also been noted too many times to count, as the technology has
become ubiquitous, but knowledge of the limitations has not, we run
increasing risks that we'll get tripped (Tripped?) up by such problems.
Starr should thank his lucky stars (starrs?) that there have not been more
significant or embarrassing discrepancies uncovered. Perhaps had he been
smarter and used a lighter-weight word processor, he could have been spared
this glitch. Starr light, starr not-so-bright, .... [I know it's a
stretch, but I couldn't resist.]
[Also noted and commented on by A. Michael Froomkin.]
[In other news, I heard an item that some of Monica Lewinsky's
deleted computer files have been recovered from her computer. PGN]
Former Olympic figure skater Nancy Kerrigan has settled a lawsuit against
Marvista Computing Co. after a faked porno photo with her face and someone
else's body appeared on their Web site as a come-on to attract customers.
Their three computers will be stripped of porno images and donated to a
local school. [Source: UPI, 17 Sep 1998, PGN Abstracting]
Let's hope the files on those hard drives can't be undeleted... Declan
[Combine digital photography with the see-through infrared camera
technology described in RISKS-19.93 and we get undie-lewded truth? PGN]
[To subscribe to POLITECH, send a message to majordomo@vorlon.mit.edu
subscribe politech
More information is at http://www.well.com/~declan/politech/ ]
In RISKS-19.96 Sidney Markowitz writes about pornsite Webmasters padding their META tags with inappropriate keywords, trying to boost their hitrates — sounds like web-spam to me. [*] Removal of those sites is a very easy way for the search engines to increase their hit relevance (the newest golden virtue). Objective verification of complaints should be relatively easy, and the penalty - complete removal of all of that company's pages from the engine might carry some weight. An alternative solution: A parallel search through a main database and a list of known "bad hits". This could be set up similarly to the meta-search engines, with the side-search results used to modify the relevance sorting, or remove hits entirely. Difference of opinion on what constitutes abuse could be settled by allowing the user to choose which 'abuse' database to sort against. The logical extension of this seems to turn into a NoCeM for web search engines. [* Laced with odium hitrate? PGN]
A small article in Sydsvenskan (Swedish newspaper) noted that SAS is having a terrible time in Copenhagen getting peoples bags on the right plane. Seems they have a new computer-operated baggage-handling system that is not working properly... [now where have I heard that before?!]. SAS is having to organize large-scale baggage-delivery operations, as the baggage tends not to arrive until the next plane. A spokesperson was certain, however, that they would get the problem sorted out quickly and noted that it was not the fault of SAS but of the Copenhagen Airport. [*] Debora Weber-Wulff on sabbatical at Debora.Weber_Wulff@te.mah.se 040-325628 Hemsida: http://www.te.mah.se/person/dw/ [* A classical case of (sur)passing the ruck(sack). PGN]
According to *Aviation Week and Space Technology*, 21 Sep 1998, p21, technicians believe that a malfunction of the flight control computers and/or software resulted in the failure of the Zenit booster launched from Baikonur on September 10. Zenit carried 12 commsats for Globalstar. The Energomash second-stage engine was shut down prematurely, and the payload impacted in Siberia. Telemetry data indicates that two of the three primary flight computers shut down, a situation that `left the third computer unable to control the vehicle', resulting in the cutoff of the engine. This is clearly not the full story. It suggests the primary flight control had three parallel channels, but in that case one should have sufficed to control the booster. Also, if loss of control resulted in cutoff of the engine, then some machine `knew' that control had been lost (presumably the inertial nav computer) and indicated that to whichever machine performed the cutoff. An interesting contrast to Ariane 5, on which apparently the nav computers shut down on detection of gross navigational errors. Peter Ladkin, Universitaet Bielefeld, Postfach 10 01 31, D-33501 Bielefeld, Germany ladkin@rvs.uni-bielefeld.de Tel: +49 (0)521 106-5326/5325/2952
The Daily Express today (24-SEP-1998) reports - taken from Kommersant Vlast magazine - on an event that took place almost 15 years ago, at 21:00 BST, 25-SEP-1983. Computer screens for the early warning system at the Serbukov-15 base, indicatedthat a Minuteman ICBM was en route to Moscow, followed seconds later by other missiles. If the threat had been confirmed within 10 minutes, and Soviet leader Yuri Andropov informed of this, a counter-strike would almost certainly have been issued. However, Lieutenant-Colonel Satnislav Petrov, "armed with a creaking computer" was responsible for analysing data from the Oko satellite, Kosmos 1382, and knew that it was subject to faulty readings caused by radiation damage. He also knew that the launch was not confirmed by ground-based warning systems, and did not alert the Kremlin. An inquiry commission later came away "terrified" at the appalling dangers created by the defective early warning system. Re-run of "War Games", anyone? Mark Corcoran, VMS Systems/Site/Security/Comms & Network Manager, Softel Ltd. Email: postmaster OR Mark.Corcoran @softel.co.uk PSImail: 234273400398::MARK
From the *Sydney Morning Herald*, 25 Sep 1998: Tens of thousands of people missed payday yesterday after an error in the bank's computer program on Wednesday night failed to authorise payments to banks across the nation. Employees with more than 50 national companies who bank with the NAB (National Australia Bank) were affected. ... information tecnologists testing the bank's computers last weekend had inadvertently failed to restore the pay program. The problem has been overcome and people's pays would be available first thing this morning. John (jdoliver@ozemail.com.au)
The Pentagon is studying why an automated anti-terrorist barrier suddenly lifted the front end of a limousine several feet into the air on 21 Sep 1998. The incident was embarrassing because Japanese Defense Minister Fukushiro Nukaga suffered a sprained ankle and Rear Admiral Fumio Ota was cut above his eye and needed several stitches. Reportedly, three investigations are being carried out by the Defense Department's police force (which is responsible for maintaining Pentagon security), the company that installed the barrier, and an independent analyst. [Source: UPI US & World, 22 Sep 1998.] M. E. Kabay, PhD, CISSP / Director of Education ICSA, Inc. <http://www.icsainc.net> [Perhaps the system is programmed to detect foreign cars? PGN]
According to *The Associated Press*, 15 September 1998: A 28-year-old computer consultant is under investigation by the FBI for allegedly hacking into at least 2,585 computers at US West. Aaron Blosser, a self-described "math geek", was apparently trying to use the systems to search for a new prime number. The hacking was only discovered when the computers took as long as 5 minutes to retrieve phone numbers, the operation should normally take 3 to 5 seconds to complete. The US West Intrusion Response Team found the unauthorized program running on the computers on May 27th. The team was able to track the software back to a terminal at one of the comapany's Littleton offices, where they found Blosser, a contract computer consultant who work for a vendor which was hired by US West. "I've worked on this (math) problem for a long time," said Blosser. "When I started working at U S West, all that computational power was just too tempting for me." Blosser ran up 10.63 years of CPU time in his failed search for a new prime number. The full article can be found at: http://cnn.com/TECH/computing/9809/15/uswest.hacker.ap/index.html
Although mined extensively already, the vein of risks associated with automatic spelling checkers runs so rich that I can't resist a contribution. This gem just came across our e-mail, in the form of a MS Word attachment, as one entry in a list of job opportunities: GS-0801, General Negro A little investigation reveals that GS-0801 is actually the job series designation for "General Engr". My experience with said word processor (in its default configuration) is that it takes a very aggressive approach to spell checking, and leaves me no doubt how this entry occurred. I expect some of my non-RISKS reading colleagues here may require a little explanation to see the humor. [A little black humor, at that. PGN] Matt McPherson, U.S. Army Corps of Engineers, Detroit District mattm@superior.lre.usace.army.mil
Bruce Martin (Bruce_Martin@manulife.com) described a VIA Rail Canada derailment on Sept 3, 1997, and the fact that although monitoring systems generated an alarm, the crew had erroneously concluded that "the failure was in the warning system, and [...] disconnected it." He then commented: The "computer error" has become a truism, humans are often more likely to believe in the integrity of mechanical systems than computer systems. This doesn't mesh with my experience. Back in 1981, when I would guess that the majority of trains didn't have computer-generated warnings of mechanical failure, a friend and I took the TransCanada from Vancouver to Toronto. At a stop in eastern British Columbia, we got talking to the engineers and they invited us to join them in the engine compartment. An hour or so after leaving the station, an alarm - a mechanical bell like many older fire alarms - went off. One of the engineers went to the rear part of the engine to check it out. A minute or so later, the alarm went silent and he came back. When I asked what the problem had been, he said that there was no problem: the alarms frequently went off for no apparent reason and he had loosened the cover to shut it up. So much for believing in the integrity of mechanical systems. Furthermore, probably like most people reading this article, I have lost count of the number of times I have tried to explain to someone why information is not necessarily correct simply because it's "what the computer says". This happens even in situations where the information is blatantly wrong, but because it is displayed on a computer screen, it is taken as gospel and the people accepting it don't make the slightest effort to evaluate it for themselves. (The cynic in me believes that this ability is rapidly atrophying.) In the end, for whatever reasons, perhaps humans are simply more likely to believe what they want to believe - a big risk in itself, of course. Ruth Milner, Assistant to the Director, Computing, NRAO, Socorro NM rmilner@nrao.edu 1-505-835-7282
Bob Frankston mentioned that Windows NT "has been C2 certified," without elaborating. This is a misleading comment. Some years ago, a specially-prepared version of Windows NT 3.51 was certified as C2 secure. But this is the *only* version of Windows NT that was ever certified as such. Extensive modifications were made to the system registry in order to meet the standard, and the machine was not networked at the time. Windows NT 4.0 has *never* been certified as C2 secure, neither in specially modified form, nor otherwise. It is not C2 certified. I hope someone with expert knowledge will fill us in on the details. I just think it's a shame that this myth is constantly repeated. John Nolan, jn@n2k.com
BKWBSCSB.RVW 980711 "Web Security Sourcebook", Aviel D. Rubin/Daniel Geer/Marcus J. Ranum, 1997, 0-471-18148-X, U$29.99/C$42.50 %A Aviel D. Rubin rubin@bellcore.com %A Daniel Geer %A Marcus J. Ranum %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8 %D 1997 %G 0-471-18148-X %I John Wiley & Sons, Inc. %O U$29.99/C$42.50 416-236-4433 fax: 416-236-4448 %P 350 p. %T "Web Security Sourcebook" As Steve Bellovin notes in the foreword, complexity and security are antithetical. To have a complete picture of the security of a single transaction in World Wide Web activity one must consider the hardware of the user, the operating system of the user, the client software of the user, the hardware of the host, the operating system of the host, the server software of the host, the base transport protocol, the higher level (generally HTTP: the HyperText Transport Protocol) protocol, the general structure of the network itself, and the various forms of content. To expect a short book to cover all of this material is unrealistic. The current work, however, is of inconsistent quality and falls short even of a much reduced target. Chapter one looks at basic Web history and technology plus a few illustrative security loopholes. While basic browser security information is presented in chapter two, the presentation is disorganized and seems to stress some relatively improbable risks. On the other hand, it does point out some important and little known problems with Internet Explorer. Advanced browser security lists a good deal of misinformation about cookies (along with some real dope) and discusses anonymous remailers in chapter three. The discussion of scripting, in chapter four, is simplistic in the extreme. While I would personally agree with the assessment that JavaScript and ActiveX are not worth the security hazards they represent, these technologies deserve more than the terse dismissal they receive in the text. Java gets somewhat more detailed discussion but the authors do not appear to distinguish between design factors and specific implementation bugs limited to a given platform. Server security is limited to UNIX permissions in chapter five. Chapter six looks primarily at commercial cryptographic products, but without having built a solid foundation for their effective use. Scripting is again reviewed in chapter seven, this time concentrating on (again) UNIX CGI (Common Gateway Interface) programming for sanitizing input from users. The overview of firewall technologies in chapter eight is reasonable and balanced, citing the different types of firewalls, their strengths and weaknesses, and the fact that firewalls can only be one tool in a larger security strategy, never a complete answer. Chapter nine presents the different protocols in transaction security quite well, but fails to give an analysis of the social and market forces that are equally important to the overall picture. Some systems for electronic payment are compared in chapter ten. Predicting the future is, of course, problematic, but chapter eleven seems to contains more faults than can legitimately be said to be inherent to the process. As only one example, the authors look forward with trepidation to "network aware" viruses. I'm sorry to tell you this, guys, but the proof of that concept happened in the wild more than a decade before you wrote the book, and has transpired depressingly often since. The presentation of this text as a sourcebook is probably valid on the one hand: the primary value of the tome lies in the mention of various commercial systems related to Web security. It cannot, however, be recommended as a sole source. Both a conceptual background and an overall review of the totality of Web security factors are missing. There are interesting points in the book, and even useful tips, but while it may belong on the bookshelf of the dedicated Web administrator it is not necessarily a must read for those with limited resources. copyright Robert M. Slade, 1998 BKWBSCSB.RVW 980711
BKCMCR2K.RVW 980619 "Computer Crisis 2000", W. Michael Fletcher, 1998, 1-55180-138-8, U$12.95/C$15.95 %A W. Michael Fletcher feedback@highspin.com %C 1481 Charlotte Road, North Vancouver, BC V7J 1H1 %D 1998 %G 1-55180-138-8 %I Self-Counsel Press %O U$12.95/C$15.95 604-986-3366 fax: 604-986-3947 selfcoun@pinc.com %P 232 p. %T "Computer Crisis 2000" The book jacket states that the author has thirty years of experience in advising businesspeople how to deal with technology. If so, then he is, of course, part of the problem, since this problem is not one that wasn't foreseen. Indeed, in the preface he admits he came late to the problem, and certainly a warning book now is just a tad behind the times. However, the book is aimed at small and medium sized businesses. This market has been neglected in other works on the topic, and may still have room to fix the situation as far as it can be dealt with internally, since their computing needs are presumably less monolithic than those of the corporate giants. Part one is a definition of the problem and how it may affect people and businesses. The explanation is split into the first two chapters (the book chapters are very short). Generally the exegesis is reasonable, although not altogether convincing of the seriousness of the situation, but it also contains some sections detailing accounting functions that have only a minimal bearing on the issue. A third chapter lists some excuses for avoiding the work involved, but adds nothing to the book. Possible impacts get sidetracked into the beginnings of an action plan, the action plan is disorganized, and the section ends with a look at legalities that ends, for some reason, with some thoughts on tax law. Part two looks at large institutions. The review of government says what the author thinks they should be doing, but gives limited (and likely incorrect) analysis of what the situation and prognosis actually is. Much the same applies to the chapter on infrastructure and utilities. (The optimistic view of the Internet in the event of a communications failure is particularly naive.) The overview of finances simply looks at a bleak set of possible problems, most without solution. Planning and implementation is addressed in part three. The initial outline is quite good, stressing that the time for delay and cheap solutions is past, but it may not be entirely convincing to managers and business owners due to the weak opening in part one. Personnel and inventory get some detail, but the implementation itself is strung over four chapters with questionable organization. The final two parts contain two chapters looking at the possible ancillary benefits of going through the year 2000 process, and a very terse look at the international scene. An appendix lists both print and online resources. As Fletcher notes in the preface, he could not put absolutely everything into the book, and polishing and the inclusion of more material would have delayed a project that is late enough as it is. The concentration on personal computers and shrink wrapped software is valid given the target audience. However, more detail on certain implementation areas would have greatly improved the book. As only one example, getting commitments from suppliers is lacking in breadth and range, and there should be contingency plans for the inevitable failures in some part of the infrastructure. This book is not alarmist: if anything it does not paint the scene widely enough. copyright Robert M. Slade, 1998 BKCMCR2K.RVW 980619
Please report problems with the web pages to the maintainer