The RISKS Digest
Volume 2 Issue 25

Monday, 10th March 1986

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…


o Balloting
Barbara E. Rice
o Canceling ballots
Jim McGrath
o Bank robbery
Curtis Jackson
o Earthquake problems with Nuclear Reactors
Brent Chapman
Martin J. Moore
Phil Ngai
o Info on RISKS (comp.risks)


Barbara E. Rice <rice@nrl-csr>
Mon, 10 Mar 86 12:43:50 est
     There has been much discussion on the net as to the secrecy of
ballots. No one has mentioned yet the situation I find myself in
regularly  with the absentee ballot system. My name is printed on the
outside of the envelope and I assume checked off when it arrives at its
destination to insure that I don't vote 2 or more times.  What is to
prevent someone from just taking a peek and seeing who I voted for.  In
fact I have never heard what the method is to insure that my name and
who I vote for are not put together.  There is a simple way to check
this out to see if my vote is secret but I do not have the courage to
try it.  All I would need to do is vote a straight communist ticket.  If
my security clearence is revoked in the next six months it would be safe
to assume my vote is not secret.  Anyone know of a non-career
threatening way to check this out?
Barb R.

Canceling ballots

Mon 10 Mar 86 22:12:18-EST
  Subject: Progress report on computerized voting
    From: hyde%topcat.DEC@decwrl.DEC.COM  (Kurt Hyde DTN 264-7759 MKO1-2/E02)
    My students at Rivier College will still be investigating further
    into the proper security controls.  One of them is considering a
    way to let the voter see his/her ballot and abort that ballot.
    The printer would then print an appropriate message such as
    "CANCELED" on the bottom.

I can see a lot of potential problems with canceling already printed
ballots.  In particular, any technology that takes a ballot which
would, by default, be valid and then modifies it to be invalid could
be used to invalidate valid ballots after the polls have been closed.
Moreover, if the technology fit in a voting booth, then it is probably
portable enough so that such modifications could be done on site (i.e.
without physically removing the ballots to an unauthorized location).

I would thus suggest that you use some sort of display (CRT, LED, or
just light bulbs next to the appropriate names) for voter
confirmation.  Failing that, you should print out the ballot as
before, but on white (say) paper.  If the voter confirms the ballot,
then the white copy is stamped CANCELED, a duplicate is printed on
red (say) paper, and both are deposited in separate boxes.  While both
copies would be kept, only the red copy would be treated as

You can still forge red ballots (you can forge any paper ballots).
But you cannot turn a red ballot into a white one by using a CANCEL
stamp or somesuch.  Only gross mutilation or removal of the ballot
from an authorized area could cancel the valid ballot - both harder to
do (at least undetected).


bank robbery

Sat, 8 Mar 86 20:45:11 est
I read an excellent book a few years ago simply entitled "Computer Crime".
                                       [PRESUMABLY BY DONN PARKER?  PGN]
I highly recommend it to the readers of mod.risks.  Here are a couple
of example horror stories from the book (from memory, sorry):

  a) A guy gets a bank loan, when he gets his payment book he sends in the
  *last* payment slip from the book with his first payment.  The bank's
  computer sends him a cheerful letter congratulating him on settling his
  debt in a timely manner.

  b) A guy opens an account at a major NYC bank with several thousand dollars.
  After he gets his personalized checks, he goes to a shady printer friend
  and has the guy print up identical checks but with a bogus magnetic number
  on the bottom.  He then goes on a $1,000,000 check-writing spree.  Every
  time on large purchases they call his bank and electronically verify that
  he can cover the check.  Every time the sorting machine at the bank sees
  the leading ?3?-digit code of a West Coast bank, and automatically mails
  the check there.  The West Coast bank's sorter kicks the check out to
  manual sorting because it has a bogus account number.  The human sorter
  takes one look at the check and sees the name of the NYC bank and blithely
  mails it back...  They finally got onto him when one of the checks had
  been through so many sorter and mailer machines it was nearly in shreds,
  and the human sorter on the West Coast got curious enough to look at the
  magnetic ink number.

  c) Guy opens an account in a Washington, D.C. bank.  He rips off several
  pads of blank deposit slips from the lobby of said bank, takes them to
  a location (?maybe he worked at the place?) that has a magnetic ink
  typewriter.  He laboriously types his own account number on the bottom
  of all the slips, then places the pads back in the lobby of the bank.
  A month later he withdraws $100,000 and disappears.

The MAD Programmer — 919-228-3313 (Cornet 291)
alias: Curtis Jackson   ...![ ihnp4 ulysses cbosgd mgnetp ]!burl!rcj
            ...![ ihnp4 cbosgd akgua masscomp ]!clyde!rcj

Re: Earthquake problems with Nuclear Reactors

Mon, 10 Mar 86 17:33:22 est
> From: "Lindsay F. Marshall" <>
> Subject: Earthquake problems with Nuclear Reactors.
> [...]
> So if you hear that Newcastle vanished, you'll know why!
>            [and we'll be back to carrying coals ...  PGN]

Ok, ok, cute, I laughed, I liked it.  But nuclear paranoia being what it
is, and with no smiley, this seems to me to be blatantly inaccurate, and
worthy of clarification.  As far as I know, nothing short of refining
the fuel and making a bomb out of it can cause a power reactor to
explode with a large yield.  Or perhaps the two of you know of some
other way that a power reactor can cause a city to "vanish" (implying a
sudden, physical removal of the city from existence or perception)?

        [Whatever happened to Sverdlovsk — or was that biological?  PGN]

103/212 modems DON'T WORK AS SUPPOSED (10% of the time?)

Brent Chapman <chapman%miro@BERKELEY.EDU>
Sun, 9 Mar 86 02:00:47 PST
In article <> Phil Ngai writes:
  >RISKS-LIST: RISKS-FORUM Digest,  Saturday, 8 Mar 1986  Volume 2 : Issue 24
  >Date: Sat, 8 Mar 86 00:34:30 pst
  >From: amdcad!phil@decwrl.DEC.COM (Phil Ngai)
  >To: risks@sri-csl.ARPA
  >Subject: Re: Misdirected modems
  >This is an often repeated wives tale by people who ought to know better.
  >With ordinary dialup modems of the 103/212 class, it is the *answering*
  >modem which initiates a tone. The originating modem (the one that dialed)
  >remains silent until it hears the carrier of the answering modem.
  >Thus, if a computer dialed a wrong number, the person receiving
  >the call would hear nothing, not a "funny whistle".

Sorry, maybe that's how it's SUPPOSED to work, but it just doesn't happen
that way.  I work with several 103/212 class modems, and every one of them,
at least 10% of the time, "responds" to a "carrier" before there actually is
one.  There appear to be no fixed, recognizable reasons for this.  They will
respond to rings, busy signals, or someone picking up the line.  All of
these modems are recent models, purchased within the last year, so I don't
think it's a problem of out-of-date technology.

Brent Chapman

Re: misdirected modems

"MARTIN J. MOORE" <mooremj@eglin-vax>
0 0 00:00:00 CDT
> From: amdcad!phil@decwrl.DEC.COM (Phil Ngai)
> This is an often repeated wives tale by people who ought to know better.
> With ordinary dialup modems of the 103/212 class, it is the *answering*
> modem which initiates a tone. The originating modem (the one that dialed)
> remains silent until it hears the carrier of the answering modem.
> Thus, if a computer dialed a wrong number, the person receiving
> the call would hear nothing, not a "funny whistle".

True, the answering modem normally initiates a tone first.  However, some
103/212-class modems (e.g., the Hayes Smartmodem 1200 which I use at the office
and the similar Prometheus P1200A which I use at home) will start a tone after
a few seconds regardless of whether the answering modem starts one.  I have
the speaker on during the dialing and connection process, and both modems
always start a tone whenever a call fails to go through or gets a wrong number
(one or the other happens about 10% of the time.)  Anyone who is skeptical of
this is welcome to drop by my office and I'll be happy to demonstrate it.
In fact, I whistled at some poor soul on a wrong number while dialing in for
this terminal session!
                                marty moore (

Re: misdirected modems

Phil Ngai <amdcad!phil@decwrl.DEC.COM>
Mon, 10 Mar 86 17:42:34 pst
I have a Hayes and I just tried it and it does not
whistle at me.

Please report problems with the web pages to the maintainer