The RISKS Digest
Volume 21 Issue 61

Friday, 17th August 2001

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…


Censorship in action: why I don't publish my HDCP results
Niels Ferguson
Florida relies on students, not experts
Adam Shostack
PDAs increasingly vulnerable to hackers
Monty Solomon
Welland Canal Bridge runs into ship
Chris Smith
U.S. Web sites fall short of global privacy standards
DejaGoogle rides again
Dave Weingart
Risks to lose sleep over
Mike Knell
Re: AT&T Worldnet exposes all user passwords
Dylan Northrup
Mike Tuffs
Telephone "*" codes
Alan Miller
Info on RISKS (comp.risks)

Censorship in action: why I don't publish my HDCP results

<Niels Ferguson <>>
Fri, 17 Aug 2001 22:49:48 +0200

  [Copyright Niels Ferguson.  Published with permission of the author.  PGN]

Censorship in action: why I don't publish my HDCP results
Niels Ferguson, 15 Aug 2001


I have written a paper detailing security weaknesses in the HDCP content
protection system. I have decided to censor myself and not publish this
paper for fear of prosecution and/or liability under the US DMCA law.


My name is Niels Ferguson. I'm a professional cryptographer. My job is to
design, analyse, and attack cryptographic security systems, a bit like a
digital locksmith. I work to make computer systems and the Internet more
secure. You would think that people would be in favour of that, right?

Computer security and cryptography are hard. It is easy to make mistakes,
and one mistake is all it takes to create a weakness. You learn from your
mistakes, but there are too many mistakes to make them all yourself. That's
why we publish. We share our knowledge with others, so that they don't have
to repeat the same mistake. Take a look at
publications. You will see a mixture of new designs, analyses, and attacks.
This is how we learn and how we improve the state of the art in computer


Recently I found the documentation of the
<>High-bandwidth Digital Content Protection (HDCP)
system on the Internet. HDCP is a cryptographic system developed by Intel
that encrypts video on the DVI bus. The DVI bus is used to connect digital
video cameras and DVD players with digital TVs, etc. The aim of HDCP is to
prevent illegal copying of video contents by encrypting the signal.

HDCP is fatally flawed. My results show that an experienced IT person can
recover the HDCP master key in about 2 weeks using four computers and 50
HDCP displays. Once you know the master key, you can decrypt any movie,
impersonate any HDCP device, and even create new HDCP devices that will
work with the 'official' ones. This is really, really bad news for a
security system. If this master key is ever published, HDCP will provide no
protection whatsoever. The flaws in HDCP are not hard to find. As I like to
say: "I was just reading it and it broke."

What do you do when you find a result like this? First, you have to write
it down and explain it. Then you publish your paper so that the mistakes
can be fixed, and others can learn from it. That is how all science works.
I wrote a paper on HDCP, but I cannot publish it.


There is a US law called the Digital Millennium Copyright Act (DMCA), that
makes it illegal to distribute "circumvention technology", such as systems
that break copyright protection schemes. HDCP is used to protect
copyrights. There are lawyers who claim that a scientific paper like mine
is a circumvention technology within the meaning of the DMCA, because it
explains the weaknesses of a system. I have been advised by a US lawyer who
works in this field that if I publish my paper, I might very well be
prosecuted and/or sued under US law.

This is outrageous.

The risk to me

I travel to the US regularly, both for professional and for personal
reasons. I simply cannot afford to be sued or prosecuted in the US. I would
go bankrupt just paying for my lawyers.

I want to make it quite clear that Intel, who developed the HDCP system,
has not threatened me in any way. But the threat does not come only from
Intel. The US Department of Justice could prosecute me. Any other affected
party, such as a movie studio whose films are protected with HDCP, could
sue me under the DMCA. That is a risk I cannot afford to take.

The simple alternative would be to never travel to the US again. This would
harm me significantly, both professionally and personally. It would lock me
out of many conferences in my field, and keep me away from family and friends.

It all sounds a bit too far-fetched, right? Who would sue over the
publication of an article? Well, there are very good reasons to believe
that I risk a lawsuit if I publish my paper. A team of researchers led by
Professor Edward Felten was recently threatened with a DMCA-based lawsuit
if they published their own scientific article. The resulting court case is
still pending.

Freedom of speech

We have this little principle called the freedom of speech. It is codified
in the <>Universal Declaration of Human
Rights, the <>US Constitution,
and Dutch law. The whole point of freedom of speech is to allow the free
circulation of ideas and to let the truth be heard. There can be no doubt
that my paper is protected by the free speech rights.

The DMCA imposes a serious restriction on the freedom of speech. The DMCA
makes it illegal to talk about certain security systems. The equivalent law
for non-digital protection systems would make it illegal to warn people
about a cheap and very weak door lock being installed on their houses
because criminals could also use that same information.

In western society we restrict the freedom of speech only for very serious
reasons, and after careful consideration. For example, it is illegal to
shout "fire" in a crowded theatre, or to ask someone to commit a murder.
The DMCA restricts the freedom of speech because the movie industry is
afraid of losing money. Below I will argue that the DMCA does not achieve
that goal, but that aside: do we really want to sell our freedom of speech
for money?

The DMCA is a scary development. Next time that commercial interests clash
with the freedom of speech, the industry will point to the DMCA and claim
they need equivalent protection. They might outlaw the publication of a
report detailing bad safety features in a car, or of flaws found in a
particular brand of tires. After all, those publications harm industry too.
Where will it stop?


The DMCA is a US law. I am a citizen of the Netherlands, and I live and
work in Amsterdam in the Netherlands. Why do I care about the DMCA at all?

The USA is apt to apply its own laws way beyond its own borders. Dmitry
Sklyarov, a Russian programmer, was arrested last month in the US. He is
charged with violating the DMCA while performing his work in Russia as an
employee for a Russian firm. As far as we know, what he did was perfectly
legal in Russia, and in most other countries in the world. He is now out on
bail, but cannot leave northern California until further notice.

Where does this lead to? What if countries start applying their own laws to
the things people do in other countries? Will you be arrested next time you
go abroad? Do you really want to take that holiday in China if you have
more than one child? Are you sure that Germany allows you to have those
links to political pamphlets on your web site? This type of
extraterritorial application of national law violates a basic human right,
because you cannot possibly know which laws apply to you. Imagine living in
a country where the laws are kept secret, and you never know whether you
are violating a law.

Suppose a US citizen works for a firearms manufacturer in the US, making
guns. One of those guns turns up here in Amsterdam and is used to commit a
crime. This person takes a holiday over here in Europe, and is arrested for
violating the Dutch firearms laws because he helped manufacture the gun in
the US. That is what happened to Dmitry. Is that fair? Is that how we want
to run this world?

The principle of applying national laws to anybody that publishes anything
anywhere in the world is terrifying. If we allow this principle to be used,
we will never be free again. You will get a choice. You can decide to never
leave your country for any reason whatsoever. This means you might not even
be able to attend a wedding or funeral of a loved one. Alternatively, you
can restrict all your statements to satisfy the laws of all the countries
you could conceivably travel to. You might as well not say anything,
because it is very hard to find something that is legal in all
jurisdictions. We either lose our right to travel, or our right to speak
and be heard. Which fundamental human right do you want to give up today?

DMCA does not work

The DMCA is a fundamentally flawed law. It is ineffective, and actually
harmful to the interests it tries to protect. It stops me publishing my
paper now, but someday, someone, somewhere will duplicate my results. This
person might decide to just publish the HDCP master key on the Internet.
Instead of fixing HDCP now before it is deployed on a large scale, the
industry will be confronted with all the expense of building HDCP into
every device, only to have it rendered useless. The DMCA ends up costing
the industry money. No points for guessing who ends up paying for it in the

In the long run, the DMCA will make it much easier to create illegal
copies. Why? If we cannot do research in this area, we will never develop
good copyright protection schemes. We will be stuck with flawed systems
like HDCP, to the delight of the criminals.

The DMCA has been called the Snake Oil Protection Act. When a manufacturer
makes a defective product, you expect them to fix it. Not in this case. The
DMCA protects the manufacturer of a defective product by making it illegal
to show that the product is defective. Who came up with this idea?

Copyright law

Copyright law is a careful balance between the rights of the author and the
public interest. The author gets a limited-time exclusive right to
reproduce his work. The public gets free use of the work once the copyright
expires. Furthermore, the public gets certain "fair use" rights. These
include the right to use short quotes from the work in a review, for
example, and the right to create a parody. If you buy a copy of a
copyrighted work, you also have the right to make an extra copy for your
own use. A student can make a copy of a page in his textbook to mark it up
while he studies.

In a sneaky way the DMCA eliminates all these "fair use" rights of the
public. As long as the work is protected using copyright protection
technology, none of the "fair use" rights can be exercised, because it is
illegal to create or own the tool with which you can exercise your fair use
rights. Copyright expires, but the DMCA ensures that even when it does, the
work still does not enter the public domain. The US supreme court has held
that the "fair use" rights are exactly the safety valve that prevent the
copyright law from violating free speech rights. This might be another
reason why the DMCA is unconstitutional.

In Dmitry's case, he wrote software that decoded encrypted digital books.
His software has many uses. Many digital books only allow the book to be
viewed on the screen. If you are blind and want to read the book on your
braille display you have to use something like Dmitry's software. This is
perfectly legal under the "fair use" rules of copyright law, but the DMCA
forbids it thereby prohibiting blind people from accessing such books.

Why this mess?

Why did the movie industry campaign for the DMCA if it doesn't work? The
movie and record industry have a history of claiming that new technologies
will bankrupt them. When video recorders were first introduced, they swore
that they would go bankrupt if people could record movies. Now they make a
lot of money selling video tapes. Now they swear that they will go bankrupt
if we do not restrict the freedom of speech and the public's fair use
rights. Why should we believe them this time around?

The DMCA exists because the movie and record industry lobbied heavily for
it. It is a very one-sided law that clearly has not been thought through
properly. The industry has managed to eliminate the careful balance of the
copyright law and replace it with a law that effectively gives them an
unlimited monopoly on copyrighted works. Could it just be that this is the
real motive behind their lobby?

Can we fix the DMCA?

Sure. That wouldn't even be very difficult. Making and selling unauthorised
copies of copyrighted works is already illegal in most jurisdictions. We
could change the copyright law to impose stiffer penalties if the copyright
violation involves breaking a copyright protection scheme. A bit like the
difference between trespassing and breaking and entering. A law like this
would achieve exactly what we want: it would restrict illegal copying of
copyrighted works. It would not restrict the freedom of speech, or do away
with our fair use rights.

More information

You can find lots more information about the DMCA and the cases of
Professor Felten and Dmitry Sklyarov on the <>EFF web site.
My <>
declaration in the Felten court case.

Copyright 2001 by Niels Ferguson, last update 2001-08-16, comments to
<>[home page]

Florida relies on students, not experts

<Adam Shostack <>>
Fri, 17 Aug 2001 13:26:15 -0400

> FORT LAUDERDALE, Fla. (AP) - Broward County officials considering
> the $20 million purchase of a touchscreen voting system want
> students to try to tamper with the computers during a mock election.
> "One of the biggest concerns raised is whether there is the
> potential for computer abuse, and we really need to see how
> foolproof or tamperproof this equipment is," county commission
> Chairman John Rodstrom said. "If there is a problem, it will happen
> now or later. And some of these kids are pretty smart."

The risks are legion, and well documented.  It's too bad that Florida
officials are relying on students to reproduce them, but hey, one of them
may learn the value of reading the literature, instead of re-inventing it.

  [And if someone with very little experience can demonstrate the lack of
  security, *that* might impress some of the folks who are either supremely
  gullible or counting on opportunities for fraud.  But please remember that
  some of the most insidious riskful vulnerabilities are those that can be
  exploited by insiders in the development and maintenance process.  Once
  again, recognize that all of the touch-screen systems today have
  absolutely no independent voter-verified audit record such as a printed
  ballot image that can be stored in ballot boxes guarded at least as well
  as paper ballots are today — whether punched-card or optically scanned.
  Thus, there is no reasonable guarantee in touch-screen systems that your
  ballot as cast is actually equivalent to the ballot that is counted.
  This could be remedied relatively easily, as recommended in Rebecca
  Mercuri's PhD thesis <>.  PGN]

PDAs increasingly vulnerable to hackers

<Monty Solomon <>>
Fri, 17 Aug 2001 02:50:22 -0400

Handheld computers are increasingly vulnerable to hacker attacks and should
not be trusted to store "any critical or confidential information," security
experts warned Thursday.  [Reuters, 16 Aug 2001]

Welland Canal Bridge runs into ship

<Chris Smith <>>
Fri, 17 Aug 2001 13:01:17 EDT

  [Three parts, sent separately, merged into one item.  PGN]

1. Sent 13 Aug 2001

The following two news reports from the Canadian Broadcasting Corporation
cover a Saturday evening accident in the Welland Canal (southern Ontario,
Canada, near the border with Buffalo, NY) when a lift bridge was lowered too
soon, shearing off the top of the wheelhouse of a 700 ft bulk
freighter. Damage to the out-of-control freighter followed, first in
collision with the canal, and then with a fire breaking out on board. The
fire flared up again briefly Monday morning.

At least one news report stated that the bridge is under remote control,
with bridge cameras monitored from the remote control location. For now, the
clear risk is not having a working fallback to deal with situations that are
never supposed to happen. We await news of what went wrong (we hope
something did actually go wrong!) that gave rise to this accident.

Here is a good location to read further details and watch for continuing
details. This page is maintained by a regular canal and ship watcher in the

2. Sent 16 Aug 2001

Just to make me look silly, I'm certain, the report is now that the bridge
is run directly from a command cabin on the lift section itself. (I checked
the CBC video stream, and they did explicitly say the bridge was under
remote control.)

This makes a lot more sense, especially from the point of view of avoiding
accidents. Which leaves us with an open RISKS question to be checked later
when it is known what caused this collision.

3. Sent 17 Aug 2001

As the referenced newspaper article makes clear, the Welland Canal bridge
that collided with the freighter "Windoc" was *not* a remotely-operated

This contradicts — authoritatively — the statement earlier in a Canadian
Broadcasting Corporation report that the bridge was remotely controlled.

Only one of eight lift-bridges across the canal is remotely controlled. The
rest are staffed 24 hours a day during the shipping season.

The article gives a good description of the ship-bridge passage protocol.

Chris Smith <>

U.S. Web sites fall short of global privacy standards

<"NewsScan" <>>
Fri, 17 Aug 2001 08:52:25 -0700

A survey of 75 U.S. corporate Web sites found that none were in compliance
with a set of international privacy guidelines developed by the U.S. and the
European Union last year. The guidelines require companies to: notify
consumers how their personal data is used; use the information only for its
stated purpose; allow consumers to examine and correct data collected about
them; give consumers an option to forbid sharing that data for marketing
purposes; store the data in a secure manner; and provide recourse for
consumers whose privacy has been violated. The survey, conducted by
Andersen, found that travel and leisure companies scored the best on notice
and security provisions, while financial services firms were most likely to
offer adequate choice. U.S. companies must make progress on revamping their
Web privacy standards or "Disruption to the conduct of business is a real
risk," says Andersen principal Kerry Shackelford.
  [Reuters 16 Aug 2001; NewsScan Daily, 17 August 2001]

DejaGoogle rides again

<Dave Weingart <>>
Fri, 17 Aug 2001 13:30:19 -0400

I recently had to look for a message in rec.arts.sf.fandom, one of the
Usenet groups I follow and popped onto (Google
having taken over Deja's Usenet archives).  Knowing the thread title and
the approximate date, I entered those into Google's advanced group
search.  Bingo, one result returned, with a notice that read:

"In order to show you the most relevant results, we have omitted some
entries very similar to the 1 already displayed.  If you like, you can
repeat the search with the omitted results included."

Whoops.  The omitted entries were *all* the other entries in the rest of the
thread — clicking on the link they provide shows all the other messages.  I
leave the risks of this behavior as an exercise for the reader.

Dave Weingart, Randstad North America

Risks to lose sleep over

<Mike Knell <>>
Sat, 11 Aug 2001 10:01:33 +0100

While staying in a German youth hostel a couple of weeks ago, I was woken up
at midnight by someone telling me I hadn't paid to stay that night, so would
have to pay them DEM33 or leave. Ungh, gnurgh, I said (having been freshly
woken up), no, I've definitely paid in advance for two nights. This is the
second night. No, they said, you've only paid for one.

Okay, okay. Look, I've got a receipt. Can I come downstairs and sort this
out? Sure thing, they said. Better be down in five minutes at the most.
So I put some clothes on, found the receipt in my wallet and presented it
at the front desk. Sure enough, it was a receipt for 2*DEM33 == DEM66. Two
nights, all paid. But no, they said. Look, the departure date printed on
your receipt shows you've only paid for one night, and the computer agrees,
so you'll have to pay us DEM33 for tonight or leave. By now I was beginning
to wonder whether I was hallucinating. My receipt for two nights wasn't
being accepted as such? Why not? At about this point I stopped speaking
German and switched to English, because arguing in a foreign language when
you've been awake for two minutes and you're starting to doubt your sanity
anyway is tricky.

After a bit more arguing of the "I've paid!" "No, you haven't!" sort,
and a lot more fiddling about with the registration computer, the problem
was solved. Yes, I'd paid two nights at DEM33 each. But this had been
recorded in the booking system as 2 persons for one night, not one person
for two nights, so I'd been flagged as having departed. This also explains
the discrepancy in the departure date on the receipt. Since everything
was now In Order, I was graciously permitted to return to my dorm and go
back to sleep.

The RISKS here are obvious — the computer's not always right when it's
been given the wrong information in the first place. This was, however, the
first time I've encountered anyone not believing the evidence of their
own eyes — my receipt for two paid nights and my keycard with the correct
departure date written on it — because the computer didn't agree with it.
I'd also mention the RISKS of waking me up in the middle of the night just
to annoy me like this, but they're pretty obvious too.

Mike <>

Re: AT&T Worldnet exposes all user passwords (RISKS-21.57)

<Dylan Northrup <>>
Tue, 7 Aug 2001 15:35:56 -0500 (CDT)

An infinite number of monkeys in the guise of a RISKS contributor wrote:

:=Then she asked for my e-mail password.  When I refused she
:=informed me my password is not a secret, and that *all passwords* connected
:=to my Worldnet account (a Worldnet account can have up to 6 e-mail accounts)
:=are *visible* on her screen.

This is not surprising.  When working for another major ISP, the database
for their users also had passwords available for each customer and were used
by customer service as well as system administrators to help diagnose
specific problems with customers.  When working with a problem that affects
a specific customer, sometimes the best way to reproduce it from the other
end is to use the service as the customer.

That the CS representative asked for your password is unique or at least
questionable (our user base was instructed to never give that information
over the phone and that CS reps would be able to access that information
if necessary).

Dylan Northrup <*> <*>

Re: AT&T Worldnet exposes all user passwords (Smith, RISKS-21.57)

<"Tuffs, Mike" <>>
Wed, 8 Aug 2001 09:47:55 -0700

WRT the comments in this posting about blocking caller-id when used for
credit-card authorisation purposes, I recently called a credit-card company
to authorize my new card, using a blocked caller-id. The system was able to
identify me without anything other than my card number, due to caller-id.
When I asked how they were able to do this, as the id was blocked, they
informed me that their equipment simply ignored the blocked bit in the id
string. I assume this is possible for anyone?

Mike Tuffs, Mentor Graphics Corp  (503) 685 0736

Telephone "*" codes (Re: Burstein, RISKS-21.59)

<Alan Miller <>>
Tue, 14 Aug 2001 12:36:12 -0500

Danny Burstein writes on CNID/Caller ID:
>The former, which is what is used by (the vast majority of) homes and
>"regular" (non "800") business lines, can be blocked by the caller on
>either a permanent per-line basis, or as a choice per-call. (Usually by
>prepending a special code, generally "*70", before dialing out).

Actually, "*70" is almost always the code to toggle call waiting
notification, primarily used so incoming calls won't cause a beep on the
line while a data call is in progress.

"*67" is the most commonly used code to toggle outgoing caller ID
information.  This was discussed fairly heavily in RISKS or the Telecom
Digest (or both) when caller ID first became available, since for
customers with per-line blocking it's the code to _enable_ caller ID for
the following call, and there's no way to find out whether caller ID is
enabled for a line or call.

In some areas, "*69" is used for "last number callback," which calls the
number that originated the previous call (answered or not, I believe).
I believe that this service has a range of options and is handled
differently by different LECs.

Please report problems with the web pages to the maintainer