The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 22 Issue 81

Sunday 20 July 2003

Contents

Reassembly of shredded documents
Richard M. Smith
SEVIS foreign students database
Thomas Dzubin
IPv6 addresses too big to fit?
Joe Loughry
Italian naming problem
Darryl Luff
GPS-piloted tractors?
Conrad Heiney
Health Commissioner's anonymised case reports not so anonymous
Don Mackie
Privacy rights under threat by lawmakers
Dan Gillmor via Monty Solomon
Carjacker tracked and bugged by Tele-Aid operator
Jonathan Epstein
Samsung Electronics bans camera phones from key factories
Ferdinand John Reinke
Software helps police draw crime links
Gareth Cook via Monty Solomon
AOL blocking e-mail from other ISPs
David E. Ross
Lack of Abbey National telephone banking security
Adam Laurie
HighGroup Listing of SSN's
Alice K. Whitfield
Why are spammers backing spam-control laws?
NewsScan
California court rules against Intel in spam case
Elinor Mills Abreu via Monty Solomon
Re: Virginia Identity Theft Passport
John Sinteur
Re: David Nelson and CAPPS II?
Arthur Flatau
Re: Error In e-mini Dow Futures creates havoc
Stewart C. Russell
Re: Washing machine does the right thing after power outage
Kurt Thams
Re: The nuking of RFID chips
Kevin G. Rhoads
Formal Methods 2003 - Call for Participation and Programme Details
Diego Latella
Info on RISKS (comp.risks)

Reassembly of shredded documents

<"Richard M. Smith" <rms@computerbytesman.com>>
Thu, 17 Jul 2003 12:51:45 -0400

  Throughout the 1980s, Sascha Anderson, a poet, musician, and literary
  impresario, was one of the leading voices to speak out against the East
  German government and its dreaded secret police, the Stasi.  But his
  credibility gradually evaporated after the Communist government's collapse
  as rumors about him acquired the weight of proof: he had been informing on
  his dissident compatriots all along.

It turns out that his supposedly unretrievable Stasi file was *manually*
reconstructed from bags of papers that had been shredded during the final
days of the regime in 1989.  However, the German government is now planning
on reconstituting 16,000 bagsful from that era, using advanced scanning
technology.  [Source: Picking Up the Pieces, By Douglas Heingartner, *The
New York Times*, PGN-ed]
  http://www.nytimes.com/2003/07/17/technology/circuits/17shre.html
  ?pagewanted=all&position=

  [The programming effort is certainly an interesting application!]


SEVIS foreign students database

<Thomas Dzubin <dzubint@vcn.bc.ca>>
Wed, 9 Jul 2003 05:49:23 -0700 (PDT)

Under new United States homeland security laws, all U.S. schools have to
register their foreign students in the database, known as the Student and
Exchange Visitor Information System (SEVIS).  This system has all the
attributes of a big system rushed into production before sufficient testing
could take place.  In my mind, the RISK-iest thing about this story is that
the effects of the problems can cause life-changing situations for people
including being jailed and/or deported.

Many problems with this system are detailed in the story including files
being mysteriously deleted or "misplaced".  Some advisers are telling
students not to go back to their home countries on school breaks, in case
SEVIS accidentally deletes their records.  Students who are not in the
system cannot re-enter the country.  One quote from the story: "Daily
interactions with SEVIS have become a test of wit and will"

Other bugs/glitches/problems reported:

- Unable to modify existing records which is a problem if a foreigner
  (or spouse) has a baby.
- extreme system slowness and random crashing
- insufficient or inadequate help desk technician support

One final quote from the story:

"The technical failings of SEVIS and the difficulty the government has had
in implementing it undermine its security potential, Cotten says. If the
American people feel safer because of SEVIS, then they are severely misled,
she says."

Source:
  http://www.govexec.com/dailyfed/0703/070303h1.htm
(Hopefully this link is still active.  If not, Government Executive Magazine
does keep old stories archived under a slightly different URL naming
convention...the title "Foreign student tracking system called inefficient,
intrusive" should stay the same.)


IPv6 addresses too big to fit?

<"Loughry, Joe" <joe.loughry@lmco.com>>
Thu, 17 Jul 2003 17:36:27 -0600

In light of the recent announcements by the U.S. Department of Defense in
support of IPv6, we have been going through our software making the
necessary changes.  I found several examples of text input fields that were
too short to hold a valid IPv6 address like
3ffe:1800:0:3:290:27ff:fe14:cdee.

Also necessary was replacing calls to the standard library functions
inet_ntoa() and inet_addr(), among others, which do not support IPv6.

On an encouraging note, however, I found that throughout the source code,
extremely conservative coding practices and good error checking everywhere
means that our software does not crash when handling IPv6 addresses.

It's Y2K all over again.

Joe Loughry, Lockheed Martin Space and Strategic Missiles, RADIANT MERCURY


Italian naming problem

<Darryl Luff <dluff@iitscdm.com.au>>
Fri, 18 Jul 2003 12:41:33 +1000

Hmm, the simple risk of your perfectly sensible domain name being
interpreted very differently in other languages.  [NOTE: text not mine.  DL]

  At least they should then have created a brilliant logo.....

    If you were a company called Powergen and you had a subsidiary that
    operated in Italy, what would you call that company's Web site?.

  Probably not http://www.powergenitalia.com

  But they really did.  ...

    [A high-strung multilingually interpretable literal string!  PGN]


GPS-piloted tractors?

<"Conrad Heiney" <conrad@fringehead.org>>
Fri, 18 Jul 2003 16:28:41 -0700

According to a Reuters report on CNN today, a University of Queensland
researcher is promoting an Australian technology for satellite-guided
tractors. These are said to be accurate to 2 cm.  Apparently advantages to
these are that the tractors are more accurate and do not crush the soil as
much as conventional people-driven equipment, allowing higher yield. As a
bonus, they could be run at night.
  http://www.cnn.com/2003/TECH/science/07/18/satellite.tractor.reut/index.html

The RISK of unmanned vehicles relying on GPS signals, with or without
rotating blades attached, is interesting to contemplate, especially at night!

Conrad Heiney  http://contentgoeshere.com/  http://fringehead.org


Health Commissioner's anonymised case reports not so anonymous

<Don Mackie <donald@iconz.co.nz>>
Wed, 9 Jul 03 19:32:37 +1200

The New Zealand Health & Disability Commissioner has been dealing with
complaints about health care for almost ten years. As it says at the website
(www.hdc.org.nz) the purpose... is to promote and protect the rights of
health and disability consumers, and to facilitate the fair, simple, speedy,
and efficient resolution of complaints.

The Commissioner investigates complaints.  Often there are useful lessons to
be learned from the complaint and the findings, after removal of all
identifying features, are published so that others can benefit.  Some are
posted on the website in a range of formats: html, pdf and Word document.
Some of you will see where this is leading.

A colleague of mine was startled to be told by a patient that a Google
search on the doctor's name yielded the text of a HDC finding as the top
hit.  While my colleague acknowledges that there was a complaint about them
they have learned from it and believed that the publication was anonymous.
On opening the link from Google, I got a Word document.  Sure, the names of
the individuals had been removed from the text of the document, but when I
went Properties -> Summary, there they were.  Waiting to be found by a
search engine.  I looked at a few other .doc files and the same problem
existed.  I informed the HDC and they have now pulled the .doc opinions.

Ignorance of the hidden information in word processing files is, of course,
not new.  This one has had the potential to damage reputations when the HDC's
office has been careful, but not careful enough, to protect them in the
past.


Privacy rights under threat by lawmakers

<Monty Solomon <monty@roscom.com>>
Sun, 13 Jul 2003 20:23:54 -0400

Dan Gillmor, *San Jose Mercury News*, 13 Jul 2003

In the constant battle to preserve what's left of our privacy and roll back
some of the invasions we've already suffered, one reality is all too clear:
Elected officials are not on our side.  Last week brought the latest
perversion of the public will, the cowardly refusal of the California
Legislature to enact even modest improvements in financial privacy. The
voters will do it instead, in a ballot measure next year.

Meanwhile, state and federal lawmakers are almost totally oblivious to
future threats, including some that should be dealt with before they cause
trouble.  For example, retailers will soon be installing little identifying
radios, a technology known as RFID, into items they sell, enabling a host of
new privacy invasions that could make the status quo seem benign.

We all understand why lawmakers hold the public good, and will, in such
contempt.  They tend to vote on behalf of their financial benefactors.
Commercial interests see our privacy as a barrier to their business.

Game over? No. We have to care enough to take matters into our own hands.
Pressuring politicians is vital, but it's plainly not enough.  We'll need to
do a little multitasking to retrieve our right to be left alone.  ...

http://www.siliconvalley.com/mld/siliconvalley/6293890.htm


Carjacker tracked and bugged by Tele-Aid operator

<Jonathan Epstein <Jonathan_Epstein@nih.gov>>
Thu, 17 Jul 2003 13:23:16 -0400

A quick-thinking bystander realized that police could track the movements of
a carjacker who sped off with two small children in the back seat.  The
police were able to indirectly both track and listen-in on the car, and
learn that the kids in the back seat were OK.
  http://www.washingtonpost.com/wp-dyn/articles/A2862-2003Jul16.html

Marc Fisher of the Washington Post writes:

That carjacking the other night raises some fascinating questions. I'm sure
the mom was tremendously relieved that the operators in Dallas were able to
listen in on her children as their kidnapper hurtled along Rt. 50 -- and
goodness knows what might have happened if the Mercedes version of OnStar,
called Tele-Aid, hadn't been tracking the thug's movements. But do any of
you have concerns about the ability of Tele-Aid and similar companies to
turn on the microphone remotely and listen in on the goings-on in your car?
Or does this case prove that such privacy fears are outweighed by the good
those devices can do?


Samsung Electronics bans camera phones from key factories

<"Ferdinand John Reinke" <ferdinand.john.reinke@att.net>>
Mon, 7 Jul 2003 15:45:55 -0400

Samsung Electronics is restricting use of camera phones at key factories and
research centers to preclude industrial espionage.  (Camera phones have
become popular in South Korea.)  [Source: Yahoo News, 7 Jul 2003]
http://news.yahoo.com/news?tmpl=story2&cid=1509
  &u=/afp/20030707/tc_afp/skorea_samsung_it_company_030707080259&printer=1

  [I wonder if they remember that PDA's have camera capability? Wonder if
  financial institutions have thought about this "risk"? Not likely. JohnR]


Software helps police draw crime links

<Monty Solomon <monty@roscom.com>>
Fri, 18 Jul 2003 02:13:53 -0400

The Boston Police Department is rolling out a powerful new computer program
built to find hidden connections among people and events almost instantly,
allowing detectives to investigate murders, rapes, and other crimes far
faster than they can today.  Called ''Coplink,'' the program sifts through
tens of millions of police records, from 911 calls to homicide
investigations, to deliver a short list of potential leads in just seconds.
The same kind of searching currently takes hours or even days of a
detective's time -- when it is possible at all.  Designed in an Arizona AI
lab, Coplink searches through arrest records, incident reports, and
emergency phone calls to identify potential suspects and compile all
possible leads on them, including past addresses, weapons they have owned,
and even the arrest records of people with whom they have been stopped in a
car.  In Boston, it will search only through city police records, though it
could later be expanded to stretch far more broadly.  ...
[Source: Gareth Cook, *The Boston Globe*, 17 Jul 2003; PGN-ed]
  http://www.boston.com/dailyglobe2/198/nation/
  Software_helps_police_draw_crime_links+.shtml


AOL blocking e-mail from other ISPs

<"David E. Ross" <david@rossde.com>>
Sat, 19 Jul 2003 12:30:11 -0700

AOL has been bouncing E-mail messages from other ISPs.  In their attempt to
block spam, they are blocking mail servers that they presume are on end-user
IP addresses. For some reason, some ISP mail servers -- including at large,
well-run ISPs -- were considered to be among those addresses.

The problem started on Tuesday, 15 July, or earlier.  AOL apparently did not
know of the problem until a customer of an affected ISP complained on the
morning of Friday, 18 July.  AOL's response is that they will not be able
fix the problem until Monday, 21 July, or later.

This seems to be another case of implementing technology without sufficient
testing.  However, the fact that a problem reported on Friday cannot be
fixed until Monday indicates this risk arises from placing business
considerations ahead of either technology or customer service.

David E. Ross <http://www.rossde.com/>


Lack of Abbey National telephone banking security

<Adam Laurie <adam@algroup.co.uk>>
Fri, 18 Jul 2003 10:41:16 +0100

I hold an Abbey National account in the joint names of myself and my wife,
but my wife's entry is still in her maiden name (so from the bank's
perspective it could be any individual with no special legal
relationship). This account was created many moons ago, before we were
married, to facilitate the purchase of a flat. After the transaction, there
were a couple of hundred pounds left in the account, which have languished
ever since. We recently moved house and so this account came to our
attention when the tenants at the previous address forwarded our bank
statements to us.

And now the scary bit...

Armed only with the statement passed to me by said 3rd party, I was able to
call up the online bankers, cancel all the cheques and have all the funds in
the account transferred to an arbitrary account (in this case my personal
account - i.e. not a joint account with my wife).

The "extra security" questions I was asked were:

1. who is the other named account holder? (this was printed on the
   back of statement).

2. what is your overdraft limit? (this was printed on the front of
   the statement).

As the nice kid in Terminator 2 says... "easy money"... :)

Adam Laurie, A.L. Digital Ltd., The Stores, 2 Bath Road, London W4 1LT UK
http://www.aldigital.co.uk  http://www.thebunker.net  Tel: +44 (20) 8742 0755


HighGroup Listing of SSN's

<"Alice K. Whitfield" <qcscorp@sprintmail.com>>
Fri, 18 Jul 2003 10:36:05 -0400

The risks of using social security numbers as personal identifiers in
the U.S. is better known to members of this community than perhaps any
other.  You may appreciate then, better than the Social Security
Administration apparently does, the increased risk that arises when the
SSA's own published list of valid (partial) numbers contains errors of
omission (http://www.ssa.gov/foia/highgroup.htm, as of 18 July 2003 at
1400 UT).

The errors in the July list are not numerous, and may affect mostly
elderly, former railroad workers.  In past instances, the errors were
more widespread but eventually fixed.  They show no sign of responding
to any communications about the current problems, however. Obviously,
the current list was not verified before the page went live.

Luckily, flunking a flawed social security number verification test
under the current regime of Total Awareness, "is not a basis ... for ...
adverse action ... such as laying off, suspending, firing, or
discriminating against an individual..." So, according to the Social
Security Administration, no one should have to worry about those risks,
at least.


Why are spammers backing spam-control laws?

<"NewsScan" <newsscan@newsscan.com>>
Fri, 18 Jul 2003 09:26:46 -0700

Bigtime spam-mongers and junk-mail proponents like the Direct Marketing
Association are backing proposed antispam legislation, while consumer and
public-interest groups, almost without exception, oppose the bills. What's
going on? "It's a sign of who benefits from these bills and who doesn't,"
says a spokesman for the Coalition Against Unsolicited Commercial Email.
"When you see some of the biggest spammers in the country backing
legislation that is allegedly antispam, you really need to wonder about what
these bills actually do." The answer is that rather than banning all
unsolicited e-mail outright, as many consumer groups wish, they legitimize
spam, as long as the perpetrators adhere to certain rules, such as using
accurate subject lines and valid return addresses, and allowing recipients
to opt out of future mailings. Two bills are currently making their way
through Congress and a variant of thereof is expected to pass overwhelmingly
and be signed into law later this year.  [*Wall Street Journal*, 18 Jul
2003; NewsScan Daily, 18 Jul 2003]
  http://online.wsj.com/article/0,,SB105848273351539900,00.html (sub req'd)


California court rules against Intel in spam case

<Monty Solomon <monty@roscom.com>>
Mon, 30 Jun 2003 23:07:18 -0400

The California Supreme Court on 30 Jun 2003 ruled spammers cannot be sued
under state law for property trespass for just sending e-mail -- a setback
for Intel Corp., which had sued a former engineer for sending e-mails to up
to 35,000 company workers.  The 4-3 ruling reversed a lower court order
prohibiting former Intel engineer Ken Hamidi from sending e-mails critical
of Intel to thousands of its employees.  Intel claimed the e-mails had
trespassed on its private network and had harmed the company by reducing
worker productivity.  But the California Supreme Court found that Intel's
computer system had not been damaged as a result of the e-mails and,
therefore, there was no trespass.  The court declined to expand state common
law covering property trespass to apply to e-mail whose contents may be
objectionable, but which is otherwise harmless.  ...  [Source: Elinor Mills
Abreu, Reuters, 30 Jun 2003]
  http://finance.lycos.com/home/news/story.asp?story=34677087


California court rules against Intel in spam case

<Monty Solomon <monty@roscom.com>>
Mon, 30 Jun 2003 23:07:18 -0400

The California Supreme Court on 30 Jun 2003 ruled spammers cannot be sued
under state law for property trespass for just sending e-mail -- a setback
for Intel Corp., which had sued a former engineer for sending e-mails to up
to 35,000 company workers.  The 4-3 ruling reversed a lower court order
prohibiting former Intel engineer Ken Hamidi from sending e-mails critical
of Intel to thousands of its employees.  Intel claimed the e-mails had
trespassed on its private network and had harmed the company by reducing
worker productivity.  But the California Supreme Court found that Intel's
computer system had not been damaged as a result of the e-mails and,
therefore, there was no trespass.  The court declined to expand state common
law covering property trespass to apply to e-mail whose contents may be
objectionable, but which is otherwise harmless.  ...  [Source: Elinor Mills
Abreu, Reuters, 30 Jun 2003]
  http://finance.lycos.com/home/news/story.asp?story=34677087


Re: Virginia Identity Theft Passport (RISKS-22.80)

<John Sinteur <john@sinteur.com>>
Thu, 17 Jul 2003 07:45:56 +0200

I can't help but wonder, how long until identity thieves won't just acquire
a driver's license, credit cards, etc, with their freshly stolen identity,
but one of these passports as well? Which will be relative unknown to the
cop on the street, so the first few yours you could hack something together
yourself in Photoshop as well...

If there's a bug in the way people use paperwork to assert and use
identities, how is more paperwork going to solve that?

  [Similar comment from Michael Hartley.  PGN]


Re: David Nelson and CAPPS II? (Slade, RISKS-22.80)

<"Arthur Flatau" <arthur.flatau@amd.com>>
Thu, 17 Jul 2003 09:44:12 -0500

There was a story on this in the *Austin American Statesman* (originally
from the *Chicago Tribune*).
  http://www.statesman.com/insight/content/auto/epaper/editions/
  sunday/insight_f3e0169a836a10f00085.html

There are at least two David Nelsons in the Austin area.  The articles
states:

    The family [Dr. David and Cindy Nelson of Austin and their two young
    children] plans to fly to Canada in August, and this time they're
    planning countermeasures. They'll try buying David Nelson's airline
    ticket under D. Austin Nelson.

That is surely a tactic that the bad guys would never figure out!

Arthur Flatau, Texas Microprocessor Division, Advanced Micro Devices,
5900 East Ben White Boulevard, Austin TX 78741 Arthur.Flatau@amd.com


Re: Error In e-mini Dow Futures creates havoc (RISKS-22.80)

<"Stewart C. Russell" <scruss@sympatico.ca>>
Fri, 18 Jul 2003 10:17:40 -0400

It seems that typos are quite common on trading systems. Talking to a friend
who is a foreign exchange trader, I found out that such misquotes are
commonly called "wrong big figure" quotes.

A casual web search on this phrase will return an alarmingly large number of
documents from forex houses. These documents pertain to their liability --
or lack of it -- for such quotes.

Surely we need to work on the ergonomics of such trading systems?


Re: Washing machine does the right thing after power outage

<"Kurt Thams" <thams@thams.com>>
Thu, 17 Jul 2003 10:54:38 -0700

On the other hand, an enterprising user could pull the power plug at nearly
the end of the job, load a new batch of clothing, and get his second (and
third and fourth...) wash free!


Re: The nuking of RFID chips (Cowan, RISKS-22.80)

<"Kevin G. Rhoads" <Kevin.Rhoads@Dartmouth.EDU>>
Thu, 17 Jul 2003 09:20:25 -0400

Most stun guns and cattle prods use current limited high voltage DC.  It is
easy to provide overload protection for this kind of electrical insult --
although I doubt that RFID manufacturers will include such protection in the
early designs.  However, if such deactivation becomes common and
problematic, it can be designed around.

Better to use a low output Tesla coil, which generates high voltage
splattered all over the RF spectrum.  Of course, a linear RF power amp
driven by an RF sweep generator should also work -- but that level of
equipment is not readily available.  Cheap Tesla coils can be easily
homebrewed and Edmund Scientific carries a model for about $120 that is
ideal.


Formal Methods 2003 - Call for Participation and Programme Details

<Diego Latella <Diego.Latella@isti.cnr.it>>
Fri, 18 Jul 2003 09:58:48 +0500

The 12th International FME Symposium
Pisa, Italy - September 8-14, 2003
http://fme03.isti.cnr.it -  fme03@isti.cnr.it

FM 2003 is the twelfth in a series of symposia organized by Formal Methods
Europe, an independent association whose aim is to stimulate the use of, and
research on, formal methods for software development.  These symposia have
been notably successful in bringing together a community of users,
researchers, and developers of precise mathematical methods for software
development as well as industrial users.

Formal methods have been controversial throughout their history, and the
realization of their full potential remains, in the eyes of many
practitioners, merely a promise. Have they been successful in industry? If
so, under which conditions? Has any progress been made in dispelling the
skepticism that surrounds them? Are they worth the effort? Which aspects of
formal methods have become so well established in the industrial practices
to loose the "formal method" label in the meanwhile?

FM 2003 aims to answer these questions, by contributions not only from the
Formal Methods community but also from outsiders and even from skeptical
people who are most welcome to explain, document, and motivate the source of
their reluctance.

FM 2003 will host 7 Workshops, 8 Tutorials and 1 Day dedicated to the
Industry besides the 3 days of the FME Symposium. Tool demonstrations will
also take place during the symposium, with the opportunity of holding
presentations for each tool.

For full details on the Symposium organization and to register please
go to the web site http://fme03.isti.cnr.it, or send  your query to
fme03@isti.cnr.it.

Dott. Diego Latella, Consiglio Nazionale delle Ricerche, ISTI
Via G. Moruzzi, 1 - I56124 Pisa, ITALY
phone +39 0503152982 or +39 348 8283101  fax +39 0503138091 or +39 0503138092
Diego.Latella@isti.cnr.it http://www.isti.cnr.it/People/D.Latella

Please report problems with the web pages to the maintainer

Top