From Wired - http://www.wired.com/news/space/0,2697,64752,00.html?tw=wn_tophead_3 Ctrl-alt-del: The communications failure that nearly brought NASA's Spirit mission to Mars to an early end in January was caused by an unforeseen aspect of the DOS file system, a Jet Propulsion Laboratory scientist said Monday. During a presentation at Stanford University's Hot Chips conference, JPL software developer Robert Denise said his team did not anticipate that a DOS file system containing directory information would continue to grow after other files had been deleted from the Spirit rover's flash memory. This oversight, coupled with an instruction to copy the contents of Spirit's flash memory into its limited random access memory launched the rover into a nearly disastrous cycle of errors and reboots. Fortunately for NASA, the JPL team was able to upload a software upgrade and disable the copy instruction before the rebooting completely drained the rover's batteries. Spirit has performed well ever since, according to NASA. In April, the agency extended the rover's mission -- along with that of its twin, opportunity -- for an additional five months. Both rovers have already detected evidence of the water that is thought to have once existed on Mars.
Sum of a Glitch, by Bev Harris In the Alabama 2002 general election, machines made by Election Systems and Software (ES&S) flipped the governor's race. Six thousand three hundred Baldwin County electronic votes mysteriously disappeared after the polls had closed and everyone had gone home. Democrat Don Siegelman's victory was handed to Republican Bob Riley, and the recount Siegelman requested was denied. Three months after the election, the vendor shrugged. "Something happened. I don't have enough intelligence to say exactly what," said Mark Kelley of ES&S. When I began researching this story in October 2002, the media was reporting that electronic voting machines are fun and speedy, but I looked in vain for articles reporting that they are accurate. I discovered four magic words, " voting machines and glitch," which, when entered into a search engine, yielded a shocking result: A staggering pile of miscounts was accumulating. These were reported locally but had never been compiled in a single place, so reporters were missing a disturbing pattern. I published a compendium of 56 documented cases in which voting machines got it wrong. How do voting-machine makers respond to these reports? With shrugs. They indicate that their miscounts are nothing to be concerned about. One of their favorite phrases is: "It didn't change the result." Except, of course, when it did: In the 2002 general election, a computer miscount overturned the House District 11 result in Wayne County, North Carolina. Incorrect programming caused machines to skip several thousand party-line votes, both Republican and Democratic. Fixing the error turned up 5,500 more votes and reversed the election for state representative. This crushing defeat never happened: Voting machines failed to tally "yes" votes on the 2002 school bond issue in Gretna, Nebraska. This error gave the false impression that the measure had failed miserably, but it actually passed by a 2-to-1 margin. Responsibility for the errors was attributed to ES&S, the Omaha company that had provided the ballots and the machines. According to the Chicago Tribune, "It was like being queen for a day--but only for 12 hours," said Richard Miholic, a losing Republican candidate for alderman in 2003 who was told that he had won a Lake County, Illinois, primary election. He was among 15 people in four races affected by an ES&S vote-counting foul-up. An Orange County, California, election computer made a 100 percent error during the April 1998 school bond referendum. The Registrar of Voters Office initially announced that the bond issue had lost by a wide margin; in fact, it was supported by a majority of the ballots cast. The error was attributed to a programmer's reversing the "yes" and "no" answers in the software used to count the votes. A computer program that was specially enhanced to speed the November 1993 Kane County, Illinois, election results to a waiting public did just that-- unfortunately, it sped the wrong data. Voting totals for a dozen Illinois races were incomplete, and in one case they suggested that a local referendum proposal had lost when it actually had been approved. For some reason, software that had worked earlier without a hitch had waited until election night to omit eight precincts in the tally. A squeaker -- no, a landslide--oops, we reversed the totals -- and about those absentee votes, make that 72-19, not 44-47. Software programming errors, sorry. Oh, and reverse that election, we announced the wrong winner. In the 2002 Clay County, Kansas, commissioner primary, voting machines said Jerry Mayo ran a close race but lost, garnering 48 percent of the vote, but a hand recount revealed Mayo had won by a landslide, receiving 76 percent of the vote. http://www.progressivetrail.org/articles/040825Harris.shtml IP Archives at: http://www.interesting-people.org/archives/interesting-people/
The German IT giant, Siemens, has had to recall the entire production of its fancy new x65 mobile phone family because of a software error. This phone, which was filled to the brim with fancy stuff and on offer from most of the mobile operators, has an unfortunate mis-feature. The telephone has a default melody that it plays just before it dies on account of the battery being too low,sort of a swan song. The problem is that this melody is turned on by default and when it plays, it plays at an ear-splitting noise level that is loud enough to possibly cause hearing damage. Of course this only would happen in the case of someone having it in their ear when it plays, which Siemens says is rare [but has happened to me with my hands-free a few times in the past years - dww] No one had been reported hurt by the phone yet, but Siemens was able to reproduce this in the lab, so the company decided to withdraw the phone and caution customers to turn the feature off until they can get a software update. They do get extra points for being proactive about the problem  This will surely wreak havoc in the balance sheet, and as my newspaper (the Berliner Zeitung ) nastily notes, it chalks up one more disaster for Siemens in the area of quality management. Just to mention three recent problems, the Combino street car had to be recalled from all over the world because the body was wrongly constructed, the diesel ICE trains have many problems and the airport Skytrain in Düsseldorf has an annoying tendency to stop for a reboot between stations. Risks readers will remember tales of software controlled rail switches ... Oh yes, glad you asked, many Siemens divisions seem to be ISO 900x certified...  Siemens press release http://www.siemens.com/index.jsp?sdc_sectionid=4&sdc_langid=0&sdc_contentid=1207000  http://www.berlinonline.de/berliner-zeitung/wirtschaft/371491.html (but will probably get a new address in the archive, this is called "Qualitätsproblem Siemens" and is written by Thomas H. Wendel. Prof. Dr. Debora Weber-Wulff, FHTW Berlin, FB 4, Internationale Medieninformatik Treskowallee 8, 10313 Berlin Tel: +49-30-5019-2320
The Berlin newpaper "Tagesspiegel" reports  that there is a real danger of the new attempt to get the toll collection scheme up and running by the beginning of the year failing. Only 37 000 updated so-called "on-board units" have been built into trucks, there need to be at least 400 000 by January 1 in order for the system to work. The truck owners are being offered 50 € if they have one of the first 200.000 new OBUs built in by the end of the year. Of course, many already paid to have a previous version of the OBU installed, so they are understandably reluctant to run out and have this radio-sized box installed in their cabs. This is the third attempt to get it to work, the system was originally supposed to begin in the summer of 2003 so that the German government can reap in money to pay for roads projects for the world soccer championships in 2006. A speaker for Toll Collect, the consortium responsible for the mess, says that they can actually start with less OBUs, although this will make long lines at rest stops and gas stations as drivers purchase tickets. A government spokeperson is quoted as being unaware of any problems that might delay the third start. Toll Collect is run by DaimlerChrysler Services AG (45%), Deutschen Telekom AG (45%) and the French company Cofiroute S.A. (10%).  http://archiv.tagesspiegel.de/archiv/27.08.2004/1324184.asp [I played with one of the terminals at a rest stop and actually managed to print a toll ticket for myself. I was able to enter a completely stupid route, the system had no problems with this. The usability of the menu system leaves a bit to be desired, this will surely contribute to nice long lines if they ever get this going -dww] Prof. Dr. Debora Weber-Wulff, FHTW Berlin, FB 4, Treskowallee 8, 10313 Berlin Tel: +49-30-5019-2320 http://www.f4.fhtw-berlin.de/people/weberwu/
By Kevin Poulsen, SecurityFocus, 27 Aug 2004 Overdue debtors beware: You may not be able to rely on CNID [Calling Number Identification] to screen out those annoying bill collectors much longer. A California entrepreneur has a plan to bring the hacker technique of CNID spoofing to the business world, beginning with collection agencies and private investigators. Slated for launch next week, Star38.com would offer subscribers a simple Web interface to a CNID spoofing system that lets them appear to be calling from any number they choose. "It creates an extra avenue for them to have someone pick up the phone," says founder Jason Jepson. CNID spoofing has for years been within the reach of businesses with certain types of digital connections to their local phone company, and more recently has become the plaything of hackers and pranksters exploiting permissive voice over IP systems. But Star38.com appears to be the first stab at turning CNID spoofing into a commercial venture. Jepson claims the service will charge a twenty-five cent connection fee for each call, and seven to fourteen cents per minute. ... http://securityfocus.com/news/9419 [Lightly PGN-ed for RISKS]
Amit Asaravala, Loser Delivers Laughs, Wired.com, 27 Aug 2004 In the struggle between humanity and technology, humanity is clearly getting its ass kicked. That is the conclusion one comes to after reading Rick Broadhead's Dear Valued Customer, You Are a Loser ($10, Andrews McMeel Publishing), a hilarious look at the maddening tendency for technology to create as many problems as it solves. Published in May with little fanfare, the 315-page paperback is a compilation of more than 100 true stories of technological blunder and misfortune. Some of the stories are bizarre, some are pathetic -- but all are highly entertaining. Take, for instance, the case of the Ukrainian businessman who put 50 new pagers -- a gift for his employees -- in the back seat of his car and then promptly crashed into a lamppost when they all began beeping at the same time. The culprit? A welcome message sent by the pager company to each of the pagers. Then there's the story of the German couple who carefully followed the driving directions given by their car's satellite navigation system -- right up until it guided them into a river. ... http://www.wired.com/news/culture/0,1284,64734,00.html
Please see the recently expanded thread at Macintouch which reveals that the problem stems from a deliberate decision by Deneba to have Canvas disabled at a time of their choosing. It has nothing to do with the normal and correct functioning of the Macintosh system clock. http://www.macintouch.com/canvas.html Relevant excerpt by Matt Gough With reference to the problem with Canvas expiring soon, the response from Deneba (now ACD Systems) is utter nonsense. The System clock on the Mac flipped over to a 'negative' value on Wednesday, January 19, 1972 at 3:14:08 am, and so has been negative since long before the Mac existed. I have been debugging Canvas here using the venerable Macsbug and have determined that it will deliberately expire at 12:30pm on 31st August 2004. Thankfully this expiry date is stored in a resource within Canvas, and so anyone with a copy of ResEdit can fix their Canvas to alter this expiry date. = = = = = = = There follows (at the above link) a ResEdit patching technique, provided by Mr. Gough, to restore functionality until 31 August 2039. Bob
Here in Australia, the MYOB (www.myob.com.au) Accounting software is very popular. Like many other vendors they are also bundling services like credit card merchant services, superannuation and the like. When someone makes a payment you will be notified the next day by email with a file that automatically updates your accounting file. For services like paying my superannuation account (like a 401K), I need to send a message authorizing the transaction from the accounting software connecting to their server. Today I got a notification informing me that this service will be our for four hours on Saturday. Nothing wrong with that. Just that the footer of the email had some of my data on in. Company: Radioactive Networks Pty Ltd Serial Number: 6.16054E+11 The serial number used to be a seven digit number until the beginning of this year. They have now updated all numbers, increasing the number of digits. As you can see they forgot to update their email system to handle the long numbers correctly. Not only have they converted to Scientific Notation, but they have also rounded. I am just wondering where else they round their numbers. Darryl Smith, VK2TDS POBox 169 Ingleburn NSW 2565 Australia Mobile 0412 929 634 [+61 4 12 929 634 Intl] www.radio-active.net.au\blog\
This may be a new size record: "A hydroelectric plant in Nova Scotia remained closed Tuesday after a wayward humpback whale swam through the underwater gates connecting the facility with the Atlantic Ocean... The plant was shut down because officials were concerned the whale could get trapped in its turbine. Canada's Fisheries Department spokesman Jerry Conway said the whale did not appear to be in immediate danger." http://story.news.yahoo.com/news?tmpl=story&cid=517&ncid=753&e=3&u=/ap/20040825/ap_on_re_ca/canada_whale_trapped
Civil libertarians say that a proposed Australian law could allow authorities easy access to private, stored e-mails without a warrant, giving many new government bodies to access private e-mails, voicemail messages and SMS messages. Under current laws, unopened e-mails can only be accessed if they involve serious crime and only with a telecommunications intercept warrant. If the bill is passed authorities would need only a search warrant, or in some cases no warrant at all, according to online civil liberties group Electronic Frontiers Australia (EFA). [*The Australian* 30 Aug 2004; NewsScan Daily, 31 Aug 2004, Rec'd from J. Lamp] http://australianit.news.com.au/articles/0,7204,10613440%5E15306%5E%5Enbv%5E,00.html
The Lack of Sanity Checking in Web Shopping Cart Software or "The Story of the 1.1 Cocktail Shakers" Recently, I was browsing the web site of a large Burlington,NJ-based retailer, and decided to add a cocktail shaker to my shopping cart. Due to some slightly twitchy fingers resulting from my morning coffee, I accidentally entered the number 1.1 (instead of 1) to the the "quantity desired" box, and found myself with a shopping cart containing 1.1 cocktail shakers at $9.99/each, for a grand total of $10.99 plus shipping of $5 (shipping is $5/item, for a total of $5.50 for 1.1 items). At this point curiosity got the best of me, and I decided to check out. To my surprise, the site's shopping cart software never did a sanity check on the data, and simply confirmed my order for 1.1 cocktail shakers, and I also received an email confirmation for "Qty: 1.1." My credit card was charged for $16.49. Due to the atomic nature of cocktail shakers, it's obvious that at some point something was going to have to give, and this apparently happened in the shipping department: my "Shipping Confirmation Notice" listed the quantity shipped as "1", but confirmed that the total charges were still those for 1.1 shakers ($16.49) instead of the appropriate charges for a single shaker ($14.99). Indeed, as expected, I received a single cocktail shaker in the mail, with a receipt for "Cocktail Shaker, Qty 1", also listing the inappropriate price. It was relatively easy to square the charges away, but the company's customer service representative had to get a supervisor involved, as they apparently hadn't seen this before. The RISK is obvious: a lack of sanity checking on input data resulted in a spurious order being sent through the system, with additional lack of double-checking resulting in a discrepancy between what was shipped and what was billed. Months later, the error remains uncorrected, and you can still order fractional items, with the additional risk that a dishonest customer may be able to able to get a discount by ordering slightly less than a single item and hope for a "roundup" when it gets shipped. Really, it's too bad, because I was really thinking that my cocktail shaker is a bit small, and could use another 10% of volume. :) That, or perhaps I should buy 0.9 shakers to go with my 1.1 shakers to make a matched pair. Richard W Kaszeta <email@example.com> http://www.kaszeta.org/rich [On the other hand, a round-down would be more consistent: Suppose you had ordered .99 shakers. You probably would have been billed for .99 shakers and received none. Shake-ri-la. PGN]
At the conclusion of my note in RISKS 23.50, I wrote "Had Gore won Florida, New Mexico's five electoral votes...". Steve Klein pointed out that regardless of the result in New Mexico, it wouldn't have impacted the result, and whoever carried Florida won the election. Specifically: > Bush won the electoral vote by 271-266; 270 votes are needed to win. > (There are a total of 538 electors; one abstained.) > > In 2000, Florida had 25 electoral votes, and New Mexico had 5. > (Due to apportionment, Florida will have 27 electoral votes in 2004.) > > If Gore won Florida and New Mexico, he'd have 291 electoral votes. > If Gore won Florida but lost New Mexico, he'd have 286 electoral > votes. > > Either way, Gore would have won, and New Mexico would not have made a > difference. Obviously losing votes is a very bad thing, but my conclusion was incorrect. Thanks to Steve for pointing this out.
BKKNYREN.RVW 20040618 "Know Your Enemy", Honeynet Project, 2004, 0-321-16646-9, U$49.99/C$71.99 %A Honeynet Project firstname.lastname@example.org www.honeynet.orb/book/ %C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8 %D 2002 %G 0-321-16646-9 %I Addison-Wesley Publishing Co. %O U$49.99/C$71.99 416-447-5101 fax: 416-443-0948 %O http://www.amazon.com/exec/obidos/ASIN/0321166469/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/0321166469/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/0321166469/robsladesin03-20 %P 768 p. + CD-ROM %T "Know Your Enemy, Second Edition: Learning About Security Threats" The first edition of "Know Your Enemy" was a lot of fun, and it also contained some valuable advice if you were brand new to the idea of a honeypot, and wanted to get started quickly. This second edition has taken advantage of another couple of years in the development of honeypots and honeynets, and provides guidance on a new generation of the technology. More than that, it promises, and mostly provides, more detailed information on the analytical aspects of honeynet operation, including the all-too-often neglected topic of network forensics. The page count has more than doubled. I have frequently said that any book with "hack," or any variant thereof, in the title is automatically suspect. This work helps prove my point, first, because the Honeynet Project members have not used the term (they refer to attackers as blackhats), and the text also notes the problems with "exploit" type books: they list old and known attacks, most of which are protected against, and say nothing about the attackers and how they work. Part one describes the honeynet. Chapter one points out the value of "knowing the enemy" and the history of the Honeynet Project. Chapter two explains what a honeypot is, leading to details on how a honeynet works, in terms of architecture, policies, and the risks and responsibilities of operating one, in chapter three. Building a first generation honeynet, in chapter four, presents specific details, although a number of concepts have already been given. The lessons from the early years of the project have led to a second generation of design, which is outlined in chapter five. Using a single machine to create a virtual network of simulated machines is described in chapter six. Chapter seven extends all of this into distributed networks of machines. A number of legal issues are discussed in chapter eight: specific citations are primarily from US laws, but general concepts are also examined. Part two concerns the analysis of data collected from the Honeynet. Chapter nine looks at the various sources of evidence. Network forensic ideas and tools are reviewed in chapter ten, although the material does tend to jump abruptly from Networking 101 to an assumption that the reader can parse Snort captures. Fundamentals of the data recovery aspects of computer forensics are given in chapter eleven, leading to the specifics of UNIX recovery in chapter twelve, and Windows in thirteen. (These chapters contain details of up to date tools not available in most of the standard computer forensic texts.) I was delighted to see that chapter fourteen addresses reverse engineering, although only in a limited subset of the full range of software forensics. Chapter fifteen reiterates the sources from chapter nine, and suggests centralized collection and management of data. Part three explains what the project has determined about "the enemy" by the types of attacks that have been launched and detected. Chapter sixteen takes a random crack at several topics related to the blackhat community: a number of points are interesting, but few are very helpful. A general overview of attacks in given in chapter seventeen. Specific attacks, and analyses, on Windows, Linux, and Solaris are detailed in chapters eighteen to twenty. Future trends are projected in chapter twenty one. The repetition of material that plagued the first edition has been cleaned up to a great extent, although the text would still benefit from a tightening up of the material in some chapters. In addition, the early examples are not thoroughly explained, making the reader initially feel that only a firewall audit log specialist would be able to understand what is being said. However, as with the first edition, most of the book is written clearly and well, and it is certainly worth reading. In addition, the new material definitely makes this not merely an interesting read, but something that has the potential to be a serious reference in the forensic field. copyright Robert M. Slade, 2004 BKKNYREN.RVW 20040618 email@example.com firstname.lastname@example.org email@example.com http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
Please report problems with the web pages to the maintainer