Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
[In RISKS, we try to include success stories, not just catastrophes. Here is a NASA success (albeit after several Mars-related failures that have been reported here earlier). This item is from *The Washington Post*, 23 Oct 2001, via Science In the News (Sigma Xi). PGN] The Mars Odyssey, which left Earth seven months ago, braked into orbit around the red planet last night, giving NASA's Mars program a welcome boost after back-to-back failures in 1999. While outwardly confident, engineers at NASA's Jet Propulsion Laboratory in Pasadena, Calif., were anxious about the make-or-break "Mars orbit insertion" — MOI — rocket firing, a 19.7-minute maneuver one manager described as "the longest 20 minutes of our lives." In reality, engineers had to wait a full half-hour to find out whether Odyssey's main engine had done its job. After a brief scare caused by a momentary loss of data, flight controllers were able to confirm the rocket firing had started on time at 10:26 p.m. EDT based on analysis of radio transmissions from the spacecraft. But Odyssey disappeared behind Mars -- as expected — halfway through the maneuver. http://www.washingtonpost.com/wp-dyn/articles/A42061-2001Oct23.html
Technical hiccups hit ACT election counting By Sandra Rossi, 22 Oct 2001, Computerworld Australia It is ironic that counting in Australia's first election offering electronic voting stalled because of technical hiccups following the ACT poll [on 20 Oct 2001]. Electronic voting is supposed to speed up the polling process and was used on Saturday during the ACT election offering voters a choice between traditional paper ballots and the Internet. By the time voting closed, the ACT Electoral Commissioner Phil Green was claiming Internet users significantly slowed down the collating of electronic votes. More than 11,000 pre-poll electronic votes were supposed to have been counted just after the polls closed at 6pm but there were periods when counting was at a virtual standstill. According to Green, disks were slower to load than expected and processing the disks for eight polling stations equipped for computer voting was drawn out because of competition from the Internet. "We're getting lots of hits on our Internet site and that's actually slowing down our server because it's all being run off the one database," Green said during counting. http://www.computerworld.com.au/IDG2.NSF/a/00046162?OpenDocument&n=e&c=CP
GForce Pakistan hackers defaced the U.S. Defense Test and Evaluation
Processional Institute Web site www.dtepi.mil as well as
enduringfreedom.dtepi.mil and nasa.dtepi.mil
http://www.newsbytes.com/news/01/171341.html
after which a rival group of Pakistani vigilante hackers (Yiyat) identified
the purported culprit and retaliated.
http://www.newsbytes.com/news/01/171365.html
[Above text PGN-ed from the URLs. I tried to verify the
"processional", but dtepi.mil was apparently off the Net. PGN]
Also, an interesting CNN article on a DoE cyberattack scenario. Best
quote:
The important lesson is that Black Ice showed how interdependent are the
various infrastructure systems — including telecommunications, utilities
and banking — and how major might be the combined effects of cyber- and
physical attacks, she says.
The infrastructure system providers didn't understand the
interdependencies among their systems," Scalingi says. "If you talk to
state and local government and local utilities, they'll tell you they have
great response plans. The problem is, they write them in isolation.
http://www.cnn.com/2001/TECH/ptech/10/21/black.ice.idg/index.html
By John Borland, Staff Writer, CNET News.com, 19 Oct 2001 A piece of software being distributed anonymously online has successfully cracked part of Microsoft's anti-piracy technology, the centerpiece of much of the giant's recent forays into the audio and video world. Microsoft confirmed Friday that the code, written by a programmer using the pseudonym "Beale Screamer," can strip off the protections that prevent a song from being copied an unlimited amount of times. The company's digital media division has spent much of the day talking to record labels and content partners in an effort to respond to Screamer's software, said Group Product Manager Jonathan Usher. http://news.cnet.com/news/0-1005-200-7590303.html
As we are all well aware, spam has been around for a while. As most of us are aware, replying to the "if you have received this message in error and want to be removed from our lists" message at the bottom of most spam simply allows the spammers to verify that they have a "live one"--e-mail address, that is. Recently I received a flood of spam, all simply offering to take my name off their list--if I replied to it. I guess the clients of spam companies are starting to get pickier about the quality of the lists. However, I have also started to receive the odd message like one I got this morning. The subject line stated that the sender saw my ad on Google. Now, I don't advertise on Google. But then again, Google is a Web search tool, and a lot of people are careless about differentiating between the vast quantities of sites out there consisting solely of masses of banners, and information sites like the ones I have up. Reading the message was no more informative: it simply asked me to send more information. The headers were more interesting. The message was ostensibly from someone at referralware.net, but the "Received" lines indicated an origin at prontomail.com. rslade@vcn.bc.ca rslade@sprint.ca slade@victoria.tc.ca p1@canada.com http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
So I get this e-mail with no subject, but the "From" name is the same as my
daughter. Only, of course, it isn't her. It's somethingtosell5678@aol.com.
Only it isn't that, either, when you look at the headers, it's:
Received: from Azzarmaster (ppp-178.11.triton.net
[216.65.178.11] (may be forged))
Now isn't that clever! triton.net has determined that the header
information *it* received may be forged! It is helpfully warning me that I
may be receiving spam! Really? How would it know? Is this, perhaps, an
open relay? And, if so, why is it open? Why isn't triton.net closing off
this type of abuse?
Well, let's look at the IP address, 216.65.178.11. Good old Samspade.org
can tell us that:
Trying whois -h whois.arin.net 216.65.178.11
Lucre, Inc. (NETBLK-LUCRE)
4011 Plainfield Ave
Grand Rapids, MI 49525
US
[...]
Coordinator:
Hale, Steve (SH1448-ARIN) steve@lucre.net
(616) 361-0128
OK, lucre.net certainly sounds like a domain name that a spammer would pick.
However, the information goes on:
Domain System inverse mapping provided by:
NS1.TRITON.NET 209.172.0.5
So let's be guessing that the header isn't actually forged at all. Perhaps
we are just supposed to give up looking when we see an indication of a
forged header, and not try to find out who actually sent this message. Or,
perhaps triton.net is simply going for plausible deniability: "Spam? Gee,
that's too bad. Bummer that the headers are forged, otherwise we could tell
who sent it."
rslade@vcn.bc.ca rslade@sprint.ca slade@victoria.tc.ca p1@canada.com
http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
RISKS readers may have heard of one or both variants of Redesi, also known as Dark Machine or Ucon. (In fact, it was PGN who first alerted me to the existence of the second.) (If you haven't heard about them, don't open any e-mail attachments with filenames of Common.exe, Rede.exe, Si.exe, UserConf.exe, or Disk.exe. These filenames seem to be consistent in both versions, in file attachments, and on infected machines.) There are two variants. One comes with a large variety of possible subject lines, all of which contain either a double hyphen or an ellipsis (three or six periods). Many appear to be comments from Kev, Gaz, Will, Si, Jim, Arwel, or Michelle. The body of the message of this A version reads "heh. I tell ya this is nuts ! You gotta check it out !" and file attachments with filenames as listed above. Infected machines will have files with the filenames listed created in the root directory of the C: drive with the hidden attribute set. However, this variant doesn't make any changes to the Registry, and doesn't do any apparent damage. The second variant comes with a subject line that may refer to Microsoft, security updates, alerts, terrorists, emergency response, and viruses. The body contains what appears to be a message from Microsoft describing the attachment as a security patch, and a message of endorsement from the forwarder. (Since both variants are forwarded using Microsoft Outlook address books, the messages will appear to come from someone you know.) (Note that Microsoft is not in the habit of sending out security patches as e-mail attachments.) The B variant adds entries to the Registry, and attempts to use an entry in the Autoexec.bat file to reformat the disk on or after November 11, 2001. The filenames of the attachments, and the files created, are the same. Note that the close association and quick release of the two variants may have been a two stage piece of social engineering. The first release would create some concern, and would promote a heightened sense of urgency about applying patches or fixes, possibly enough to prompt people to run suggested repair programs without getting confirmation. The second virus would take advantage of this kind of panic. And, in this case, the "cure" is definitely worse than the disease. (However, given some of the second set of subject lines, the second release may simply be trying to take advantage of the uncertainty over terrorist attacks.) By the way, if you are trying to filter viruses at the e-mail gateway, scan e-mail for messages with attachments with filenames Common.exe, Rede.exe, Si.exe, UserConf.exe, or Disk.exe. Also note the message text "heh. I tell ya this is nuts ! You gotta check it out !" and "Just recieved this in my email I have contacted Microsoft and they say it's real !" Note that deleting messages on the basis of body text is not recommended, since it may eliminate warning messages. rslade@vcn.bc.ca rslade@sprint.ca slade@victoria.tc.ca p1@canada.com http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
[This message is not particularly relevant to COMPUTERS, but highly relevant to TRUSTING THIRD-PARTIES. PGN] As you probably know, some scientists were asked to study whether BSE had jumped species into sheep, and were given a load of sheep-brains to study. It then turned out that these were not sheep, but cow brains, leading to newspaper headlines about how scientists couldn't tell the difference between sheep and cows. This morning, it took a turn for the worse. It appears that the scientists *had* suspected something was wrong, and asked for a sample of their material to be analysed to check the species. However, as their brief was to look for BSE, they could only *request* that somebody else check for species. It seems that when this check was done, it was done on a sample of material that the original scientists *should* have been given, not on the sample they had provided from what they *had* been given. So of course the species test "proved" they had sheep brains. The risk? The classic "need to know" principle meaning that people are forced to rely on others "doing the right thing" rather than being empowered to make sure themselves that things are okay. And the classic of basing your test on the assumption that things are okay, rather than assuming (and looking for) a cock-up. [Heard on Radio 4]
It is shocking that a risk so obvious was not mentioned or found. I think it is a real insult to voters, and a disgrace to the manufacturer and voting officials. Sheesh! Like so many things in RISKS, an intelligent sixth grader wouldn't run things this way. Fred Ballard fredb@acm.org fred.ballard@abbott.com [The really sad thing is that many of the same punch-card machines were apparently also implicated in the 1988 Florida Senate race. Buddy Mackay lost a close election to Connie Mack, in which there was a drop-off of 210,000 votes relative to the Presidential race in the same four counties. A lot of people must have been asleep at the wheel. PGN]
> ... GPS coordinates could use a check digit that detects one digit errors > and transpositions, much like the one used in credit-card numbers. Erm, but aren't any coordinates valid as long as you don't go beyond, e.g. 90 degrees north latitude, etc. OK, yes, it would be wise to check that the coordinates are indeed within Afghanistan, unless oops, we want to create a random international incident, or maybe even blow ourselves up. Odd that with all that high tech, he still had to type them in instead of clicking on it... Or maybe he needs an Afghanistan Residential Zoning Map hooked into his GIS to lock out bad picks. http://www.geocities.com/jidanni/ Tel+886-4-25854780 ¿n¤¦¥§ [Also commented on by Lou Schneider. PGN]
One of the rays of sunshine in the otherwise bleak cloudspace that is RISKS is that the occasional risk turns out not to be. I have been told by a significant number of people that the starter motor is not what goes on "continuous" after the jet has taken off. Instead the ignitors stay on and ensure that if the flame goes out, it is relit. It is, apparently, normally not necessary to respin the turbines once in flight. If I remember correctly, because the 777's engine start sequence is entirely automated (literally one switch for each engine), there's no distinction made between starter motors and ignitors on the control panel. There's a single switch that does, in effect, "off", "on" and "continuous". Thanks for all the corrections on this issue. Ben <http://www.apache-ssl.org/ben.html>
On Sun, 14 Oct 2001 21:50:48 +0200, Douglas Long wrote:
> Converting all values to Euros and then calculating the
> account balance [...] yields one answer. Calculating a
> partial balance in Francs, converting to Euros, and then
> completing the remaining calculations using Euros [...]
> yields a slightly different result.
This is an intrinsic property of the two operations {conversion | addition}:
they are not commutative;
cf. <http://europa.eu.int/euro/html/dossiers/00121/00121-en.pdf>.
Hence, there are rules the banks are legally bound to,
cf. <http://europa.eu.int/euro/html/home5.html?lang=5>.
However, according to the dossier cited above, the particular
issue observed by Douglas Long is subject to national rules. [...]
(Note: EUR cash will only be introduced on 01 Jan 2002)
> some ATM transactions are reported in Francs ... others ... in Euros
This sort of happening is forbidden in Germany. However, I do not know
anything about national regulations in France.
In Germany, customers currently can choose whether their accounts are
handled in DM or in EUR. Banks are committed to carry the original amount
and currency of every single transaction through to the final account (in
addition to the EUR amount they use for their own balancing); hence, if a DM
amount is transferred from one DM account to another DM account, the
original DM amount will precisely be balanced in both customer accounts,
notwithstanding the fact that the banks themselves calculate in EUR. The
same scheme applies to cash deposits to, and withdrawals from, DM accounts.
The US postoffice operates the same way. I recently put in a change of address, and the advisory went to the new address, along with all the old mail. Chuck F (cbfalconer@yahoo.com) [At SRI, we did a study for the USPS many years ago, and I complained then about that stupid policy. Evidently, they still have not learned. PGN]
Announcing "Fact Squad Radio"
October 21, 2001
http://www.factsquad.org/radio
PFIR - People For Internet Responsibility - http://www.pfir.org
[ To subscribe or unsubscribe to/from this list, please send the
command "subscribe" or "unsubscribe" respectively (without the
quotes) in the body of an e-mail to "pfir-request@pfir.org". ]
Greetings. The main purpose of People For Internet Responsibility's
recently-announced "Fact Squad" effort is to cut through hype, spin,
misinformation, and propaganda regarding technological issues and their
effects upon society.
In furtherance of this goal, we're pleased to announce the launching of the
"Fact Squad Radio" service. Fact Squad Radio is providing very short (one
minute), tightly-focused audio features, each concentrating on a single
relevant topic of importance. These vignettes are aimed at explaining the
issues briefly in a non-technical manner suitable for general audiences.
Topics to be covered will include both matters of long-standing importance
and crucial issues of the moment.
We encourage linking and redistribution of these features, and they are
freely distributable without any further permission being needed for
non-broadcast, non-commercial usage. Requests for other kinds of usage will
be considered on a case-by-case basis. We'll be ramping up towards a five
per week, M-F schedule. All segments are in the standard MP3 format.
The debut Fact Squad Radio feature concerns a topic of some significant
interest right now — National ID Cards.
Fact Squad Radio is at:
http://www.factsquad.org/radio
Thanks very much!
Lauren Weinstein lauren@pfir.org lauren@vortex.com lauren@privacyforum.org
Tel: +1 (818) 225-2800
Co-Founder, PFIR - People For Internet Responsibility - http://www.pfir.org
Co-Founder, Fact Squad - http://www.factsquad.org
Moderator, PRIVACY Forum - http://www.vortex.com
Member, ACM Committee on Computers and Public Policy
With due respect to Mr. Decker, I believe he has slightly (perhaps unintentionally) distorted the most recent developments in amateur radio licensing. While it may be true that the ham radio community has in the past considered Morse code a "favorable" barrier to entry to keep out "undesirables," current Morse code requirements have a more reasonable explanation. The maximum required Morse code speed for a ham license is now 5 WPM. While there are several license grades with more "long distance" frequency bands available for use, they are now all accessible by passing the appropriate technical knowledge test. The 5 WPM code requirement for the long-range frequency bands is a result of international treaty requirements. There are currently efforts underway to have that portion of the international treaties changed, at which time the Morse code requirement will be removed from the amateur licensing requirements. Scott K. Ellis
> ... And it's also something that could come back to bite you in the butt,
> should those of the "excluded" class ever reach positions of power.
No truer words have ever been spoken. Mr Decker's points against the Morse
code requirement are true and to-the-point (I speak as an Amateur Extra (20
words-per-minute Morse) licensee who has *never* attempted a "real" Morse
contact — I learned the code (and it *IS* very hard!) simply to get the
license. Mr. Decker's points about exclusion ring true.
However, there are other points which were omitted in his message which need
to be made in balance — and this is my reason for this message to RISKS.
These are not "rebuttals" to his premise, but point to other reasons why
Amateur ("ham") radio is justified in today's society.
Ham Radio (and its FCC justification) is about COMMUNICATION. We are a
trained bunch of COMMUNICATORS (it does not really matter if we are using
Ham, CB, or other frequencies) who are experienced at accurate
COMMUNICATION. We are equally skilled at picking up a police or fire
hand-held radio as we are at using our "special" frequencies — and getting
a CLEAR message across. In an emergency situation, communication needs far
outstrip the installed capability — Hams are PEOPLE who have frequencies
(communication channels) and clear-communication skills who can use their
resources (or those of the police/fire/Red Cross agency they are present to
help) to keep information flowing. (I do wish to point out that the ham
"special" frequencies are necessary to augment the limited number of
police/fire channels in a true communications emergency.)
This is (one of) the core justification(s) of Ham radio by the FCC. Active
(hobby) use of the radio spectrum enables ham operators to be ready and able
to help in times of communications emergency. Morse Code is a useful
method, but it is not the only method.
Skip La Fetra, Amateur Extra, AA6WK, Skip@LaFetra.com
http://www.LaFetra.com/Skip/AA6WK
[I have omitted several other messages on this topic, but there
seems to be lively disagreement. PGN]
Please report problems with the web pages to the maintainer