The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 21 Issue 70

Friday 19 October 2001


"Glitch" assigns votes to wrong candidate
Tom Malaher
Pregnant chad revisited
Douglas W. Jones
Internet voting, revisited
Marcus de Geus
LA County voting machine status report
David Schneider
Stray bomb caused by typo
Tim Hollebeek
Jet engine starter motors
Ben Laurie
Your stolen Passport
Monty Solomon
Re: A Risk from Excel and Outlook
Martin Torzewski
Euro changeover
Douglas Long
Re: Outlook for Thanksgiving
Edward Reid
Conor O'Neill
Re: Risks of bogus e-mail addresses "FROM: ObL"
Sascha Mattke
Improper address-change validation
Leonard Erickson
Re: Ham radios in the aftermath of 11 Sep 2001
Jack Decker
ACM Forum on Legal Regulation of Technology
Edward W. Felten
International Conference on COTS-Based Software Systems
Carol Biesecker
REVIEW: "Viruses Revealed", Robert M. Slade/David Harley/Urs Gattiker
Rob Slade
Info on RISKS (comp.risks)

"Glitch" assigns votes to wrong candidate

<Tom Malaher <>>
Wed, 17 Oct 2001 23:02:27 -0600

  [With Election Day coming up again (!!!) in the U.S., the first
  four items in this issue seem particularly relevant.  PGN]

Computer glitch miscounts votes ...  Just after midnight, one of them
[supporters] decided to take a last look at the results on the city's
election Web site and discovered Desbarats had won -- a computer glitch had
assigned the wrong totals to each candidate. ...  The problem, said election
officials, stemmed from the fact candidate Athena d'Arras's surname starts
with a lower case "d," and the computer database that sorted election
results didn't recognize it as the first letter of her last name.  "Capital
letters were sorted first and smaller letters were sorted next, so
everything went in for the wrong candidate," said Barbara Clifford, the
city's returning officer.   [Source: *Calgary Herald*, 17 Oct 2001:]

[My question is, why would the sort order of the output affect the correct
assignment of votes to candidates?  Hopefully the unique key being used is
not the index position in a sorted array, but something more sophisticated.
Tom M]

  [Perhaps the programmer implicitly assumed the order of appearance was
  indeed ASCII-collating-sequence sorted!  Close but no ASCIIgar.  PGN]

Pregnant chad revisited

<"Douglas W. Jones" <>>
Fri, 19 Oct 2001 15:16:10 -0500 (CDT)

I've recently gotten my hands on a Votomatic voting machine (thanks
to Larry Mandel of Governmental Business systems Inc for sending it
to me, out of the blue), and I've used it to do some experiments on
pregnant chad, following up on questions arising from an interview
I did with the Fort Lauderdale Sun Sentinel last December.  The results
of my experiments are on the web, in:

complete with lots of pictures.  In sum, certain ballot positions on a
Votomatic voting machine, and not others, are particularly prone to jams
caused by an accumulation of chad inside the mechanism.  This was not
difficult to uncover -- although punching all that chad was a bit boring.

If the election community was supported by a decent research capability,
this problem with the machine ought to have been known years ago.  I'm
shocked that nothing was mentioned of this possibility in any of the
testimony I'm aware of from last winter's legal battles or the
Congressional hearings last spring, because once you take the machine
apart and look at how it works, the risk is pretty obvious.

Doug Jones <>

Internet voting, revisited

<"Marcus de Geus" <>>
Wed, 17 Oct 2001 02:02:48 +0000

A Dutch RNW news mailing reports that Internet (presumably WWW) voting to find
a new name for the merged towns of Leidschendam and Voorburg in the
Netherlands was abandoned after large-scale fraud was suspected.

Starting on 12 Oct 2001, residents of the two towns, which are due to merge
on 1 Jan 2002, were given the opportunity to indicate their choice of names
(which I won't bother you with) for the new municipality via the Internet.
On 15 Oct, 10,000 votes were counted, which was considered "an improbably
high count". Also, the town councils received e-mail warnings pointing out
the susceptibility to fraud of Internet voting.

As a result, the referendum will be restaged, this time using a new medium:
e-mail. Voters will be asked to leave their name and address.

I don't think there's any need to point out the RISKS.

Marcus de Geus <>

LA County voting machine status report

<"Schneider, David" <David.Schneider@Emulex.Com>>
Tue, 16 Oct 2001 18:03:48 -0700

On the KLCS broadcast of 2001.10.10, the Los Angeles County Board of
Supervisors meeting included an agenda item on digital voting machines.
I caught it in progress, but was able to make the following notes:

Conny B. McCormack, The LA County Registrar/Recorder was giving a progress
report, and made the following points

- The Cal Tech/MIT report was that digital voting machines [in general?]
  were "not ready" for full deployment.
- Logistics:  current models are heavy, increasing transportation issues,
  including delivery charges.
- Training: The decertification of [prescored] punch cards was due to 1-3%
  problems that voters experienced - it can expected to be difficult to keep
  new system problems that low.
- Training: LA County has to train 2500 poll workers who cover 5000  [500?]
  polling places.
- Punch cards allow parking-lot setup if polling place is locked; what would
  be the fallback with digital voting machines?
- Phased introduction is desirable: early voters in 2000 (9 locations 1%
  of voters) and 2002, and full deploy in off-year election such as 2005.
- Paper ballots are a contingency plan; they remain certified and are
  cheaper but the slow count that results is an issue.

Supervisor Knabe had the comment that he had observed, in the early voter
trial, that seniors had fear of the new machines going in, but liked the big
print; and the disabled liked voice features

Supervisor Yaroslavsky was asking what is consequences of missing the goal
of full deployment for the 2004 election, and how would the conversion be
funded?  (This would be a BIG budget hit).

Ms. McCormack pointed out in other comments that LA County (among others in
California) had to respond to the California Secretary of State, but that
this was being driven by a class-action lawsuit, and the court could mandate
a stricter schedule than the Secretary of State might.  Also, there was a
reference made that, "Cal Tech voting machines did not yet exist".

I hope my summary is reasonably accurate, and that the parts I missed don't
change the thrust of the discussion.  Meanwhile, voting officials will be
watching the counties in Florida where digital voting machines would get
their next big trial.

David Schneider

Stray bomb caused by typo

<Tim Hollebeek <>>
Mon, 15 Oct 2001 13:12:29 -0400

Several sources are now reporting that a satellite bomb that went astray and
hit a residential area did so because the pilot entered one digit wrong when
entering the target coordinates.

Without more information, it is hard to say definitively how this problem
could be avoided, but it certainly seems feasible that systems which display
or accept GPS coordinates could use a check digit that detects one digit
errors and transpositions, much like the one used in credit-card numbers.
If at all possible, systems attached to 2000-lb warheads should be as
resistant to typos as commercial systems are.

Tim Hollebeek

Jet engine starter motors

<Ben Laurie <>>
Mon, 15 Oct 2001 14:42:49 +0100

Recently I flew from Heathrow to Boston with British Airways on (I think) a
747. My plane was delayed for two hours while one of the starter motors was
replaced. We then flew to Boston without event.  Whilst in Boston I joked
with friends that it was kind of scary that the starter motor was replaced
and tested precisely once before we flew across the Atlantic. Of course, the
response (which I naturally expected) was that it only needed to work
once. But is that true?

As it happened, on my return flight I spent the takeoff in the cockpit of
the 777 I flew back on. As we took off, I noted that the copilot switched
the starter motors to "continuous" after takeoff. When I asked why, he said
that because there were a lot of clouds, the moisture could put the engines
out -- so they ran them in continuous start "just in case".

So, how safe was it to fly across the Atlantic on a single test?


Your stolen Passport

<Monty Solomon <>>
Wed, 3 Oct 2001 22:45:59 -0400

ZDNET, OPINION, By Wayne Rash, 26 Sep 2001

The way Dave Thomas describes it, he and his staff were trying to track down
a series of unusual bugs in Windows, when they stumbled across something
that really worried them. There, on their screens along with the code they
were debugging, was the name and password they'd just used for Microsoft's
Passport service. Worse, it was in plain text, and readily accessible. As he
looked more deeply, he realized that creating a worm that could recover that
information would be, in his words, "trivial.",14179,2814881,00.html

Re: A Risk from Excel and Outlook (Re: RISKS-21.69)

<Martin Torzewski <>>
Tue, 16 Oct 2001 13:32:21 +0100

I encountered this some years ago.  See MS KB extract below (my italics).
The article goes on to provide around 3 ways of avoiding it (none being
default - the risk).  When I reported it the mail administrator where I
worked at the time, we jointly concluded that the existence of the KB entry
meant MS would be unresponsive to any report.

As it happened, what was sent to me was sensitive in terms of cell content
which I shouldn't have seen.

Martin Torzewski  Work:   +44 (0)20 7426 7280

OL98: Entire Excel Worksheet Copied Rather than Selected Cells

The information in this article applies to:
*	Microsoft Outlook 98

Double-clicking a selection of cells that are pasted from Microsoft Excel
into a Microsoft Outlook 98 e-mail message, displays the entire worksheet
rather than just the selection of cells.
This is by design. When you use Microsoft Outlook Rich Text for the default
e-mail message format and you paste the cells with the Microsoft Excel
worksheet still open, the default paste option is Microsoft Excel Worksheet.

Euro changeover

<Douglas Long <>>
Sun, 14 Oct 2001 21:50:48 +0200

I am trying to balance my first statement from my French bank.  (For those
of you not familiar with the Euro conversion, banks in France currently
allow transactions in both Francs and Euros, which results in a statement
that contains amounts in both currencies.)  My bank provides two statements,
the first in Francs and the second in Euros.  Unfortunately, I am trying to
use Quicken to reconcile my account (which has its own peculiarities with
respect to non-dollar currencies) and am running up against a problem with
round off errors.

Converting all values to Euros and then calculating the account balance, as
I do in Quicken, yields one answer.  Calculating a partial balance in
Francs, converting to Euros, and then completing the remaining calculations
using Euros, as my bank does, yields a slightly different result.  Not
enough to make a difference to me, but multiplied by 1000's of bank accounts
one has to wonder if anyone is taking advantage of the rounding errors?
[This possibility was suggested quite some time ago in .]

What makes me really wonder here is the way my ATM withdrawals are recorded
on my statement.  Every withdrawal results in Francs coming out of the
machine, but some ATM transactions are reported in Francs on the Franc part
of my statement and others are reported in Euros on the Euro part of my
statement.  This even occurs when I use the same ATM machine; some are
recorded Francs, some are reported in Euros!  I can think of no rational
reason why this is so.

Douglas Long, Paris, France

Re: Outlook for Thanksgiving (RISKS-21.69)

<Edward Reid <>>
Tue, 16 Oct 2001 9:48:00 -0400

> It seems that in some versions of Microsoft Outlook, Thanksgiving 2001 is
> marked as 29 Nov.  In fact, Thanksgiving is early this year, on 22 Nov.

That's not early. Thanksgiving has always been celebrated on the fourth
Thursday in November, never the fifth. (Where "always" :=: as long as I've
been alive, 52 years.) The risk is not that the celebration date might
change -- it didn't -- but that the programming was done by someone who
didn't know the basics of the application area (holidays).

Edward Reid

Re: Outlook for Thanksgiving

<"Conor O'Neill" <>>
Tue, 16 Oct 2001 13:46:25 +0100

Surely the real risk here is any program pretending to 'know' anything
about these public holidays. For the vast majority of the world, the
US-style 'Thanksgiving' holiday doesn't exist at all.

Conor O'Neill, Bristol, UK

Re: Risks of bogus e-mail addresses "FROM: ObL" (Wayner, RISKS-21.68)

<Sascha Mattke <>>
Thu, 18 Oct 2001 08:26:25 -0400

That news is nonsense.  I talked with the priest who was cited on vnunet.
He said that some Filipino members of his church received that sms and were
also questioned by the police (very politely, he stressed), but this was in
no way related to receiving the sms.  The padre basically said that the
story was made up by a leftist ngo called Migrante International, then
printed without research by the inquirer, and then found its way on the net.
He and some Filipinos are now demanding the ngo to apologize for spreading
fear with the relatives of the questioned people.

Sascha Mattke, Redaktion BIZZ, Stolberger Strasse 200, 50933 Koeln
Tel +49 (0) 221 - 5341-575

Improper address-change validation

< (Leonard Erickson)>
Tue, 9 Oct 2001 04:35:52 PST

About a month ago I decided to update some info in a personal ad on

Among other things, I changed the e-mail address that responses were and
notifications of potential matches were to to be sent to.

Imagine my surprise when I found that the confirmation message was sent
*only* to the new address.

Sure, it requires a password to get logged in to But once there,
*anyone* could change the info, and the first I'd have known was when I
couldn't get in.

While this isn't an application that can cause damage, it is one where
the results could be more than a bit embarrassing.

The method of "verification" chosen might guard against mistyping the
address you wished to change to, but it provides no security.

I've gotten no response to my e-mail to pointing out the flaws in
their "security".

Leonard Erickson (aka shadow{G})
last resort:

Re: Ham radios in the aftermath of 11 Sep 2001 (Murnane, R-21.68)

<Jack Decker <>>
Mon, 15 Oct 2001 17:06:04 -0400

With all due respect to Mr. Jonz and Mr. Collinsworth, the problems that
amateur radio operators are having with government officials are, in my
opinion, largely a product of their own attitudes.  Those who promote Linux
and other alternative operating systems could take a lesson from this as

Not too many years ago, there was a requirement that was considered
absolutely essential for getting into ham radio: That you know Morse code at
5 words per minute.  That may not seem like a huge obstacle (particularly to
those who found it easy) but in a way it's like playing the piano - some
people pick it up naturally and can "play it by ear", some struggle with it
but do well enough to get by (IF they have sufficient motivation), and some
are completely tone deaf - no matter how they try, it just doesn't make
sense to them.  The amateur radio community has steadfastly refused to
acknowledge that the latter group could even possibly exist.

But what was worse was the attitude of many hams whenever someone advocated
dropping the code requirement.  Their attitude was that the code acted as a
"lid filter" which kept the "undesirables" (read: former CB radio operators)
out of ham radio.

The result of this was that there were many kids like myself, who had the
interest and knowledge of electronics back in the 60's and 70's, but who
found the code an insurmountable barrier.  Having been this excluded from
the exclusive group of those who could "pound brass", we found it hard to
figure out why we should care what happens to ham radio in the future.  We
moved on to other things, like computers and the Internet.

Then a little over a decade ago, U.P.S. (the folks who deliver packages
using brown trucks) petitioned for some 2-meter frequencies that were carved
right out of the ham bands.  A lot of hams were so arrogant that they
thought there wasn't a chance that the FCC would give away any of their
precious spectrum to a commercial interest.  Well, they got a rude
awakening, and suddenly decided that perhaps it would be in their best
interest to allow folks into certain classes of amateur radio without the
code requirement, although even that did not happen without a lot of
"kicking and screaming" by the older hams.

But even then, they reserved the higher classes of amateur licenses - the
ones that had access to frequencies capable of spanning long distances - for
those that could decipher Morse Code at a higher rate of speed.  Even though
some hams (and potential hams) had absolutely zero desire to communicate
using Morse Code, the requirement was still forced upon them by the "old
guard".  Wouldn't want any former C.B.'ers communicating with people
overseas, you know!

Well, guess what - that generation that the hams snubbed is the generation
that's now holding political offices.  Many of those who know enough about
amateur radio that they are not voting out of total ignorance, also know
that they were welcomed on CB and told to go study the Morse Code (already a
dying form of communication) by the hams.

I see the same type of struggle happening today in the Linux community,
between those who feel that Linux should be made as easy to use as Windows,
and those who feel that people ought not to even be allowed to own a
computer unless they know how to use the command line interface (I've even
seen a few Linux folks suggest that computer users should be
licensed!). Fortunately, since the use of Linux is not licensed by any
government, vendors can make their own decisions as to how much
user-friendliness to incorporate into the product.

The risk is that if you set up something, be it a hobby or a computer
operating system, in such a way that it appears that you are making it
*deliberately* harder to learn than it needs to be, some folks either cannot
or will not make the effort, and those are lost opportunities for making
friends.  And it's also something that could come back to bite you in the
butt, should those of the "excluded" class ever reach positions of power.

Personally, I have good friends who are ham radio operators and yet I still
find it difficult to have much sympathy for the plight of hams as expressed
by Mr. Jonz and Mr. Collinsworth.  From where I sit, the hams (or at least
their predecessors in the hobby) brought much of it on themselves.

Jack Decker

ACM Forum on Legal Regulation of Technology

<"Edward W. Felten" <>>
Wed, 17 Oct 2001 06:55:24 -0700

ACM Forum on Legal Regulation of Technology

Laws and legal regulations are increasingly affecting what technologists can
do. The ACM Forum on Legal Regulation of Technology is a new venue for
technologists to discuss how the law is changing their work.

There are many examples of the law's impact on technology. The growth of
intellectual property claims, including software and business-model patents,
has affected many technologists. Prohibitions on specific technologies, such
as those in the U.S. Digital Millennium Copyright Act, have affected both
researchers and practitioners. Applications of antitrust law have shaped the
landscape for companies both large and small.

Legal scholars have been discussing these issues for some time, but computer
scientists have not been nearly as active in the debate. The forum seeks to
bring technologists into the debate. Although we welcome the contributions
of legal scholars, the forum belongs to technologists and has a
technology-centric view.

Many discussions will necessarily focus on the laws of a particular country,
often the United States, but the forum is international in scope. Discussion
of any country's laws will be welcome. In light of economic globalization,
international treaties, and countries' efforts to harmonize their laws with
each other, we expect technologists throughout the world to face many of the
same issues.

The forum will follow the model of ACM's successful RISKS Forum, issuing a
periodic digest of contributions. Contributions will be chosen by a
moderator, and generally will be short but may point to lengthier
discussions elsewhere.

The forum is sponsored by ACM. It is hosted by the Department of Computer
Science at Princeton University. The moderator is Edward W. Felten.

  How To Subscribe:

  To subscribe, send an e-mail message to The
  body of the message should contain the single line "subscribe lawtech".
  If all goes well, you will receive a reply message saying that you have
  been subscribed to the forum.

International Conference on COTS-Based Software Systems (ICCBSS)

< (Carol Biesecker)>
Mon, 15 Oct 2001 17:31:06 +0000 (UTC)

International Conference on COTS-Based Software Systems (ICCBSS)
4 - 6 February 2002
Orlando, Florida, USA
World Wide Web:

Implementing COTS-based software systems presents unique problems that
typical reuse practices do not address.  As systems increasingly depend on
the successful integration of COTS products, practitioners and researchers
must be ready to meet these challenges.

National Research Council Canada, the Software Engineering Institute, and
the USC Center for Software Engineering present the inaugural International
Conference on COTS-Based Software Systems (ICCBSS). ICCBSS is the first
conference dedicated to solving the unique problems of using COTS products
in large systems [*].  We have assembled a unique program that includes
keynote addresses by Barry Boehm of the USC Center for Software Engineering,
David Baum of Motorola Labs, Ivar Jacobson of Rational Software, and Mike
Moore of NASA.  The conference features over 25 presentations covering COTS
management and engineering processes, technical strategies, and practical
experiences using COTS products in large systems.  In addition, panel
discussions will address the critical issues involved in constructing
survivable systems using COTS products, testing systems incorporating COTS
products, and dealing with COTS vendors.

Additional information about the program and conference registration
can be found on this Web site:

Contact: Barb Hoerr, E-mail:, Phone: + 1 412 268 3007

  [* NOT TRUE.  I keynoted a NATO conference on that subject in Brussels,
  April 2000.  On my Web site you will find lecture notes for the talk, and
  references to many of the published papers given in my report on
  survivable systems and networks. PGN]

REVIEW: "Viruses Revealed", Robert M. Slade/David Harley/Urs Gattiker

<Rob Slade <>>
Tue, 16 Oct 2001 11:57:29 -0800

  [I think this book is very much worthy of mention in RISKS,
  despite the identity of the reviewer.  PGN]

BKVR.RVW   20011013

"Viruses Revealed", Robert M. Slade/David Harley/Urs Gattiker, 2001,
0-07-213090-3, U$39.99
%A   Robert M. Slade,,
%A   David Harley,
%A   Urs Gattiker (Denmark)
%C   300 Water Street, Whitby, Ontario   L1N 9B6
%D   2001
%G   0-07-213090-3
%I   McGraw-Hill Ryerson/Osborne
%O   U$39.99 905-430-5000 +1-800-565-5758 fax: 905-430-5020
%P   700 p.
%T   "Viruses Revealed"

The International Institute for Fashion and Other Really Nasty Things today
announced the winner of the 2001 Award for the World's Ugliest Book Cover.
"Normally, we wouldn't announce a winner until next spring some time," said
Frederick Krueger, the Institute's president, "but with the release of
`Viruses Revealed,' there really isn't room for any competition."

Spokespeople for Osborne/McGraw-Hill would not speak for attribution, but
one did admit that they were pleased with the award.  "We said we were going
for `bold' and `eye-catching,' but our real target was to produce that
sick-to-your-stomach flu feeling, to give people a real virus queasiness.
It's nice to know we succeeded."

Security specialists were equally quick to comment on the contents of the
work.  "What a thick book!" said David Chess.

"Da- I mean, darn it, where are the taxonomies?" said Winn Schwartau, author
of "Internet and Computer Ethics for Kids."  He also promised to give us his
*real* reaction "as soon as I get rid of the best of these rugrats."

"I think more time should go by between Slade's books." - Larry Bridwell

"How come my work didn't get mentioned?" - sarah gordon

"read it" - A. Padgett Peterson

"Should be `reviled'." - PGN

"A mythic work!  No, sorry, that should be `mythical'." - Jeff Crume

"Why are these guys misusing my name?" - Gene Spafford

"Makes a great doorstop." - Tom Sheldon

"Oooh, a foreword from spaf!" - David Chess (no relation)

"Fills an unneeded gap." - Fred Cohen

Misinformation about semi-recent viruses can be found at, while marketing hype is available
at and  Some real links can be
found at

copyright Robert M. Slade, 2001  BKVR.RVW   20011013   or

Please report problems with the web pages to the maintainer