The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 20 Issue 14

Sunday 3 January 1999


o Car computer directs couple into river
o Swedish passport system struck by 99
Ulf Lindqvist
o Swedish Giroguide also hit by 99
Martin Minow
o Excel bug
Tom Rowe
o Chinese sentence hackers to death
John Knight
o Student can criticize school on web site, judge says
Declan McCullagh
o Hackers have fun with Furby
Robert Raisch via Dave Farber
o Now you see it, now you don't
Jerry Leichter
o Y1999: Risk of re-using data fields for error signaling
Daniel A. Graifer
o 99-Year retrospective health insurance - or Y2K problem
Fraser McHarg
o San Francisco power outage and the risks of signs
Eric Leif
o Page-layout program hazards
Jordin Kare
o Some new things to try at
Fred Cohen
o Privacy Digests
RISKS moderator
o Info on RISKS (comp.risks)

Car computer directs couple into river

"Peter G. Neumann" <>
Mon, 28 Dec 1998 09:30:46 -0500
A German couple drove their BMW with great confidence under control of its
computerized satellite navigation.  Indeed, they drove it past a stop sign,
down a ferry ramp, and into the Havel River in Caputh, near Potsdam/Berlin,
Germany.  The computer system reportedly neglected to tell them they needed
to wait for the ferry.  Ship traffic was stopped for two hours, but the
couple was OK.  [Sources: PGN Abstracting from numerous multiply submitted
similar copyrighted stories, several quoting different officials reminding
us that we should not blindly rely on technology.  Big surprise to RISKS
readers!  But for the price of a Beemer, I thought it drove on water.  PGN]

Swedish passport system struck by 99

Ulf Lindqvist <>
Fri, 1 Jan 1999 21:51:10 +0100 (MET)
In Sweden, the first report about a 99-related computer problem appeared
already on 1 Jan 1999.  The Swedish police can normally issue provisional
passports at the three main international airports in Sweden. But on the
first day of 1999, no passports could be issued because the computer system
could not handle 99.  Four people in Stockholm and two in Goteborg had to
cancel their trips because they could not get their passports.  The system
was reported to have been fixed during the afternoon.  [Primary source
*Sveriges Televisions Text-TV*, January 1 1999]

A couple of things to note: Of course it is a risk to try to travel abroad
without having a passport, but there could be good reasons - family
emergencies, for example.  The ordinary Swedish passports where changed in
1998 to conform with European Union regulations, but in this case the system
must be much older or based on old components (if the designers where not
extremely shortsighted).  Most businesses do not open until Monday 4 Jan - we
could expect to hear about more 99-problems then, I guess.

Ulf Lindqvist, Department of Computer Eng., Chalmers University of Technology
SE-412 96  Goteborg, SWEDEN  +46 31 772 17 60

  [Also reported by Martin Minow, and by Debora Weber-Wulff, who notes
  that 99 seems to be used often in Sweden to denote "end-of-file"...  PGN]

Swedish Giroguide also hit by 99

Martin Minow <>
Sat, 2 Jan 1999 10:02:39 -0800
The New Year provided an early taste of Y2K in Sweden. According to the
Stockholm newspaper, *Svenska Dagbladet*, the modem-based "Giroguide"
payment service run by the PostGiro refused to process payments "if the
payer provided a specific date in 1999". (PostGiro is a convenient payment
system run by the Post Office used as widely as checking accounts in the
United States.)

"It was due to a programming error" ... that can depend on the combination
"99" that, in some cases, is used to mark end-of-run.  Since you can enter
payments up to a year in advance, it may also be due to a year-2000 problem,
but Jarl Dahlerus, who is responsible for E-PostGiro, doesn't believe this
is the case.  If any customer is affected by the error, they will be
compensated by PostGiro.

Translated and summarized by Martin Minow,

Excel bug

"Tom Rowe" <>
Thu, 31 Dec 1998 23:02:41 +0100
I imagine this has been discussed some, but in case it hasn't.
If you enter a number, say 123456789999 in Excel and save the file as
comma delimited (csv I think MS uses) it will be saved as 1.234567E+11.
Quite a few programs can't import this properly, including Word.
But what's worse, bringing it back into Excel gives you 123456700000.
I think the risks are fairly obvious.
I wonder if the large bank I work for (which has standardized on
Excel) knows about it.
When opening an account I guess not only do I need to ask banks the
interest rates, fees etc, but also what software they use. Sheesh.

Tom Rowe, Atlanta, GA

Chinese sentence hackers to death

John Knight <>
Thu, 31 Dec 1998 12:38:59 -0500 (EST)
Twin-brother computer hackers sentenced to
death in China (Deutsche Presse-Agentur, 28 Dec 1998)

Two Chinese computer hackers who illegally transferred 720,000 yuan (about
87,000 dollars) to their own bank accounts have been sentenced to death, the
Beijing Chenbao newspaper said in its Monday edition.  The hackers, twin
brothers, had used inside information to rob a bank in the city of
Zhenjiang, the report said.  One of the brothers, Hao Jingwen, opened 16
accounts under false names in September, the report said.  Then he entered a
branch of the Trade and Industry Bank in Zhenjiang, in Jiangsu province, and
installed a piece of equipment in the bank's computer system.

  [Extracted from NMIA ZGram, (Zhi Hamby)]

Student can criticize school on web site, judge says

Declan McCullagh <>
Tue, 29 Dec 1998 18:02:45 -0500
This case reminds me of another I wrote about earlier this year -- but with
a happier ending:,2822,12983,00.html
[Also AP item 28 Dec 1998]

School Dazed by Speech Ruling, by Declan McCullagh

A Missouri high school cannot punish a student for criticizing a teacher on
a personal Web page, a federal judge ruled Monday.  Saying the school
violated free speech rights protected by the First Amendment, District Judge
Rodney Sippel ordered the Woodland School District to let the student
publish his site from a home computer.  "Disliking or being upset by the
content of a student's speech is not an acceptable justification for
limiting student speech," Sippel wrote in a 17-page opinion.

POLITECH -- the moderated mailing list of politics and technology
To subscribe: send a message to with this text:
subscribe politech
More information is at

IP: Hackers have fun with Furby (from Robert Raisch)

Dave Farber <>
Sun, 27 Dec 1998 11:05:23 -0500
See Also: Reverse Engineering the LEGO RCX

From: "Robert Raisch" <>

(When you provide technically capable, questing minds with simple, cheap and
effective communications channels, they do what come naturally.  This is why
DIVX is doomed. /rr)

Hackers have fun with Furby, BY MARGIE WYLIE, Newhouse News Service


While some people see a lovable little friend in this year's answer to
Tickle Me Elmo, toy hackers like the 25-year-old programmer see a challenge:
make Furby do as they command. Why? Why not?

``I figured it would be neat,'' said Tokash, who has created a Web site for
Furby hackers to swap information (
``Somebody's going to hack this thing; I might as well be one of them.''

The Furby was designed by Tiger Electronics of Illinois to squeal, sneeze or
snore and speak 200 words in a language called Furbish. And since its
October introduction, hackers have skinned, autopsied and beamed the
cloyingly sweet animatronic fur-ball with different infrared signals. The
results, in excruciating detail, are posted on the Web.

Rob Raisch, Internet Technical Hired Gun <>

Now you see it, now you don't

Jerry Leichter <>
Fri, 25 Dec 98 08:34:22 EST
The Net remembers everything; the Net forgets everything.  What's the effect
on traditional ideas of research?

The Web these days relies on search engines.  These are commercial ventures,
whose distinguishing features are in the technologies used to implement the
Web crawlers, indexers, and other components.  Details of these technologies
have remained closely guarded trade secrets.

A group at Stanford University set out to do research on some nice new ideas
for search engines, applying and extending some traditional ideas from
library science to estimating relevance and importance of various Web pages.
The algorithms used, the architecture of the system, and other interesting
stuff, was published as a series of reports, which appeared - naturally
enough - on the Web at the group's Web site

If you're interested in learning more ... you're too late.  If you go to
that site, you'll find that the research group no longer exists.  It's been
reconstituted as a corporation, Web site
That site currently has very little on it.  The research papers are no
longer on the Web.

Now, I have no objection to the researchers going off to start a company.  I
wish them the best of luck, even as I worry about the effect the drain of
talent from the academic world will ultimately have.  However, I am
concerned about the removal of previously-public research material.  We hear
repeated complaints that traditional journals don't accept URL's as
bibliographic citations.  If *even a university research department*
approves the removal of on-line versions of its own research papers, how can
we take the Web seriously as a resource for scholarship?

Note that, even if the commercial venture decides to put the papers on-line
at its site, that would not be good enough.  First of all, if anyone has a
citation to the papers at the old cite, the citation should be good on its
own - it should not require a chase to another site.  More important,
however, commercial Web sites come and go.  Even with the best of
intentions, a com- mercial Web site is not a stable academic reference.  If
the new company fails; or if it succeeds, but is acquired by a larger
company and disappears as a separate entity; the papers will likely vanish

  [Increasingly, much valuable research from the past is being forgotten.
  Unfortunately, the operative motto seems increasingly to be
    ``If it is not now on the Web, it never existed.''  PGN]

Y1999: Risk of re-using data fields for error signaling

"Daniel A. Graifer" <>
Wed, 30 Dec 1998 13:12:25 -0500
"1999 problems with medical device clocks found"
<> discusses two
medical devices that the FDA is warning hospitals of non-health
threatening failure in 1999.  The HP defibrillator will print "set clock"
instead of the date on its printed record.  The other, a patient
monitor, will also fail to correctly report the date in it's logs.

Obviously, somebody made "99" mean "clock needs to be reset".  These are
relatively new devices.  We they really so short of memory that they
couldn't find a bit somewhere for this flag?

Daniel A. Graifer, Parker & Company 1-888-426-6548
Andrew Davidson & Company, 588 Broadway, Ste 610, NY 10012 1-212-274-9075

  [Note: relating to Jerry Leichter's Y2K item in RISKS-20.13,
  various folks observed that 9 Apr 99 is the 99th day of 1999, which
  in some programs is represented as 9999, an erstwhile stopcode.  PGN]

99-Year retrospective health insurance - or Y2K problem

Tue, 29 Dec 1998 13:40:58 +1000
Last week I received my Health Insurance renewal notice with the period of
cover listed as "From: 4 January 1999 To: 4 January 1900".  Since I was not
alive for most of the 99-year period I am intending to decline their
generous retrospective insurance offer.

It does not bode well, that in December 1998, HBA, one of the larger Health
Insurance companies in Australia can presumably be so far behind in its
Year 2000 project that they have not tested the production of their primary
revenue collection document.  Many other companies have already finished
their Year 2000 projects.

Now is the time that annual renewals for all sorts of things will be
issuing that should have expiry dates falling in January 2000, it will be
interesting to see how many other 1999 to 1900 renewals appear.

  [Many people are actually expecting some serious problems beginning next
  week for insurance companies and others who have to deal with dates a year
  ahead.  PGN]

San Francisco power outage and the risks of signs (Horiuchi, R-20.13)

eric leif <>
Wed, 23 Dec 1998 03:10:26 -0500
The mention of a pipe and the risk of not having a sign reminded me of an
incident. Some background information, this took place in a nuclear training
facility. For the most part a "real" plant wouldn't have as many tags and
signs as this plant, but every pipe, wire, machine was labeled.

So that's the stage and the pipe in question had the label CPW, the meaning
of that pipe was taught early, and everyone there knew what it was, so much
in fact that an ongoing joke about its meaning as Coffee Pot Water, however
the real meaning of that acronym is Controlled Pure Water.  And what that
means is this water could be potentially contaminated.  Anyway you can
probably guess the conclusion of this story, but I will continue anyway. A
new trainee, had apparently heard the joke before the lesson, and used CPW
to fill up a coffee pot.

The risks here are many. The joke definition of the above incident is really
a risk with human nature or boredom of being over trained perhaps, but that
aside. The use of acronyms is certainly a risk and I'm sure its been seen on
this list many times. Even without using acronyms, the above sign could
still be misinterpreted, Controlled Pure Water sounds at first like its pure
and guaranteed to be so. Most people at this plant knew what controlled
meant in context of this plant, but others? And back to the SF power outage,
had that pipe been labeled substation ground, would that have meant anything
to a construction crew?

The real risk of this power outage would seem to me a physical security
risk, as with the CPW incident. Neither of these things needed to be easily
accessible, but once they are humans will err.

-eric leif <>

Page-layout program hazards

Jordin Kare <>
Tue, 29 Dec 1998 10:54:49 -0800
In RISKS-20.13, Ben Sherman <> noted that Quark Xpress, as
part of a "feature" allowing embedded ASCII string commands, would
silently convert <> to >, mangling published UNIX listings.  This is by no
means a new problem, and is, I think, inherent in the use of embedded

Circa 1981, I was typesetting a songbook using TROFF, the UNIX typesetting
program in which one flags command lines embedded in text by starting them
with a period (.), e.g., .PP signals a new paragraph.  After some 2000
copies of the book had been printed and put on sale, we discovered that,
in perhaps a dozen places, entire lines of text had vanished.  (This is
remarkably difficult to detect when proofreading familiar songs, similar
to losing complete sentences out of prose text).

On close examination, we found that TROFF had silently "eaten" every line
beginning with an apostrophe (').  VERY close reading of the TROFF manual
revealed that the apostrophe is an alternate command line marker, so that
any line starting with an apostrophe will be treated as a command.  This
fact was noted in one obscure footnote, and not referenced anywhere else.

Why the programmers thought the apostrophe was a "safe" character to use
is unclear, but seems to follow the same logic that caused the Quark
Xpress bug: in "normal" writing, one does not use <>, nor start a line
with an apostrophe.  However, these occur frequently in specific types of
writing: in UNIX shell scripts for <>, and in poetry or song lyrics for
lines starting with apostrophes (which frequently use contractions like
'Til and 'Tis).

The consistent Risk is that any reserved character combination, no matter
how obscure, may occur in someone's text, quite possibly without them
realizing it.  If there is a solution (other than really careful
proofreading of typesetting-program output) it presumably includes
conspicuously documenting such combinations, ruthlessly minimizing their
number, and trying very hard to avoid anything even remotely likely to be
entered other than deliberately.

Jordin Kare

Some new things to try at

Fred Cohen <>
Thu, 24 Dec 1998 17:52:22 -0800 (PST)
Just thought RISKS readers would like to know about a few New Year's gifts

I thought many of you might be interested in the newest "game" on
            The Cracking Game

In this 'game', we teach defenders about attack and defense techniques
by having them try to tell us how they would crack into a variety of
different sorts of systems and having various defensive things happen to
them along the way.  It is also a lot of fun and somewhat of a
challenge.  Just select it from the "Would you like to play a game?"
Menu and press Go.

Please note that the game is still under development and your comments
will be greatly appreciated.

I have also put up a beta-test version of an automatic game:

        The Network Security Simulator

This simulator is intended for design, attack, and defense analysis for
computer networks, but it may also be of some interest from a gaming
viewpoint. It has just been added to the games menu at Just
select "Network Security Simulator", select inputs from the menus, press go,
and see the results. Press "reload" to simulate again - with different
results of course. Your comments again will be appreciated.

Fred Cohen & Associates: - - tel/fax:925-454-0171

  [Standard RISKS disclaimer.  In this case, FC's work at FC&A is separate
  and independent from any work he does for at Sandia.  PGN]

Privacy Digests

<RISKS moderator>
17 Apr 1997
Periodically I will remind you of TWO useful digests related to privacy,
both of which are siphoning off some of the material that would otherwise
appear in RISKS, but which should be read by those of you vitally interested
in privacy problems.  RISKS will continue to carry general discussions in
which risks to privacy are a concern.

* The PRIVACY Forum is run by Lauren Weinstein.  It includes a digest (which
  he moderates quite selectively), archive, and other features, such as
  PRIVACY Forum Radio interviews.  It is somewhat akin to RISKS; it spans
  the full range of both technological and nontechnological privacy-related
  issues (with an emphasis on the former).  For information regarding the
  PRIVACY Forum, please send the exact line:
     information privacy
  as the BODY of a message to ""; you will receive
  a response from an automated listserv system.  To submit contributions,
  send to "".

  PRIVACY Forum materials, including archive access/searching, additional
  information, and all other facets, are available on the Web via:

* The Computer PRIVACY Digest (CPD) (formerly the Telecom Privacy digest) is
  run by Leonard P. Levine.  It is gatewayed to the USENET newsgroup
  comp.society.privacy.  It is a relatively open (i.e., less tightly moderated)
  forum, and was established to provide a forum for discussion on the
  effect of technology on privacy.  All too often technology is way ahead of
  the law and society as it presents us with new devices and applications.
  Technology can enhance and detract from privacy.  Submissions should go to and administrative requests to  (For example, vol 13, issue 031, 23 Dec
  1998, has a long item on random credit-card fraud via small charges.)

There is clearly much potential for overlap between the two digests,
although contributions tend not to appear in both places.  If you are very
short of time and can scan only one, you might want to try the former.  If
you are interested in ongoing discussions, try the latter.  Otherwise, it
may well be appropriate for you to read both, depending on the strength of
your interests and time available.


Please report problems with the web pages to the maintainer