As reported in RISKS 23.65 and 23.66, the Dec 15 test of the missile interceptor system failed when it didn't lift off from the launchpad due to a timing problem. The 14 Feb test didn't do any better. CNN reports that "a spokesman for the [Missile Defense] agency, Rick Lehner, said the early indications was that there was a malfunction with the ground support equipment at the test range on Kwajalein Island in the Marshall Islands, not with the missile interceptor itself. If verified, that would be a relief for program officials because it would mean no new problems had been discovered with the missile." That's good news? In case you're keeping score, that's 6 failures out of 9 attempts since the program started. And the three "successes" have been highly scripted. Your tax dollars at work (at least for Americans).
Nathan White was piloting a Navy plane at 33,000 feet over Iraq on 2 Apr 2003. He was shot down by a US Patriot missile. The summary of a report released on 10 Dec 2004 concludes that White's plane was mistaken for a nonexistent hostile missile, and that the Patriot's proper launch procedures were violated. However, a redacted version of the report notes the Army's difficulties in using the Patriot system, including gaps in crew training and frequent appearance of false tracks (which in past RISKS items are referred to as ghosts). "The issues show the unintended dangers that computerized weapons systems can pose, and the need for better human oversight." [Source: Palo Alto *Daily News*, 9 Feb 2005, p. 25; PGN-ed]
The latest CHIRP Feedback contains an interesting report. Two aircraft crossed with 1000 feet vertical separation in UK airspace. The higher aircraft had a (known) faulty transponder that was reporting 500 ft lower than actual, so the crossing caused a TCAS resolution advisory to descend in the lower aircraft. The crew of the lower aircraft point out that if the faulty transponder had read 1500 feet low, the Advisory would have said "Climb" and they would have climbed into the other aircraft.
[Source: Matt Hines, news.com, 15 Feb 2005] ChoicePoint confirmed on 15 Feb that criminals recently accessed its database of consumer records, potentially viewing the personal data of about 35,000 Californians and resulting in at least one case of identity fraud. The unidentified individuals posed as legitimate businesspeople in order to breech its defenses. Chuck Jones, a company spokesman, said that roughly 50 fraudulent accounts were set up by the schemers, through which they could view the data of California residents. News of the crime first surfaced when ChoicePoint sent an e-mail to individuals potentially affected by the attack last week. Among the data available through the company's services, and possibly accessed by the criminals, are consumers' names, addresses, Social Security numbers and credit reports. http://news.com.com/2100-1029-5577122.html
"The product used in Palm antennas is formed by the tree itself and the fronds". http://www.preservedpalm.net/gsm.shtml GSM base stations are camouflaged in specially preserved palm trees, with antennas that look like palm fronds with internal steel-bar reinforcements for structural rigidity, and with cable works inside the trunk. [PGN-ed] I suppose the risk here is assuming the plants aren't doing anything special. [They won't be doing much by themselves after they've been eviscerated. But they could serve other purposes as well. This is another variation on an old theme, so we'll add it to our Fronds List. PGN]
The Berlin daily Newspaper "Berliner Zeitung" keeps beating up on the German TollCollect system. http://www.berlinonline.de/berliner-zeitung/berlin/422264.html [Note, the author is Peter Neumann, but not PGN!] On Feb. 16, 2005 they report on a trucking company who was charged for the same truck at the same time for two different pieces of Autobahn, while a short time later they were charged for driving on some street that is not a toll road. The winning charge is for going from Kurt-Schumacher-Damm to Saatwinkler Damm (about 1.5 km as the crow flies) to the tune of 49 kilometers. According to the booking list the truck drove around town twice and used the Avus, apparently turning on the autobahn to continue .... [Maybe these are the same folks that programmed the MSN map from Haugesund to Trondheim in Norway, via the continent http://www.englishrules.com/archives/miscellany/index.php - dww] On Feb. 17, 2005 they have a nice report about how easy it is to jump paying for the toll. http://www.berlinonline.de/berliner-zeitung/politik/422488.html It seems that there are just 300 of these bridges that are controlling bridges, the rest are just for calculating the fare. And the specifications say that a 10% check is done, so there are only ever 30 of them on at a time because the machines do the checking but human intervention is necessary to flag down a toll jumper. In addition to which, the mobile checkers only work day shifts, while a lot of trucking takes place at night. A federal trucking organization took some test drives at night in the East to see if they got hooked - negative. So here we have all this expensive technology and these ugly bridges, and it still doesn't really work. Prof. Dr. Debora Weber-Wulff FHTW Berlin, Internationale Medieninformatik 10313 Berlin +49-30-5019-2320 http://www.f4.fhtw-berlin.de/people/weberwu/
A Florida appeals court has ruled that a suspicious wife, who installed spyware on her husband's computer to secretly monitor and record his electronic interactions with another woman, violated Florida's wiretapping law. The law says anyone who "intentionally intercepts" any "electronic communication" commits a criminal act. The wife had argued that her use of Spector spyware should be viewed as similar to reading a stored file on her husband's computer. But Judge Donald Grincewicz wrote that "because the spyware installed by the wife intercepted the electronic communication contemporaneously with transmission, copied it and routed the copy to a file in the computer's hard drive, the electronic communications were intercepted in violation of the Florida Act." [CNet News.com 15 Feb 2005; NewsScan Daily, 16 Feb 2005] http://news.com.com/Court+Wife+broke+law+with+spyware/2100-1030_3-5577979.html
A (presumably self-service) gas station went all night with gas priced at $.19/gallon instead of $1.83/gallon. The owner didn't know about it until reporters asked him about the low price. He corrected the price only after 1200 gallons had been pumped. It was blamed on a "computer glitch", but could easily have been a data-entry error. The article mentions another case of a misplaced decimal point in gas pricing. The Risks are more human than computer. If you're going to leave the gas station unattended, double-check your prices. (Although, I admit, it would be nice to have the computer sanity-check your price.) Note: The article doesn't say the station was unattended during the time the low price was in effect, but I don't want to believe that any attendant could have let this continue. URL of story (beware of line-wrap): http://story.news.yahoo.com/news?tmpl=story&cid=816&ncid=816&e=8&u=/ap/20050211/ap_on_fe_st/really_cheap_gas
A move by Congress to endorse a Republican-backed measure that would compel states to redesign their driver's licenses by 2008 to comply with standards for making them electronically readable has critics questioning government's motives, saying it gives the Department of Homeland Security carte blanche to do nearly anything "to protect the national security interests of the United States." Rep. Ron Paul (R-Texas) says, "Supporters claim it is not a national ID because it is voluntary. However, any state that opts out will automatically make nonpersons out of its citizens. They will not be able to fly or to take a train." Proponents of the Real ID Act say it reflects the recommendations of the 9/11 Commission and will help in the battle against terrorism and efforts to identify illegal immigrants. But Paul says, "In reality, this bill is a Trojan horse. It pretends to offer desperately needed border control in order to stampede Americans into sacrificing what is uniquely American: our constitutionally protected liberty." [CNet News.com 14 Feb 2005; NewsScan Daily, 14 Feb 2005] http://news.com.com/From+high-tech+drivers+licenses+to+national+ID+cards/2100-1028_3-5573414.html
Greetings. I'm pleased to announce "DayThink" — a new series of very brief (one-minute) MP3 audio features illuminating a wide range of relevant and important topics. Each day's feature will focus on one specific issue affecting our lives — issues definitely worth thinking about. Many of these segments will deal directly with the impacts of technology on individuals and society. DayThink features can be accessed via the DayThink main page at: http://daythink.vortex.com The debut segment is titled: "The Mother is Back!" and looks at the current round of telecom mergers and what they may mean for us all. A notification mailing list has been established that will send out a brief message to subscribers as each new feature becomes available (never more than one per day), including the segment title, a brief description, and a link to the feature audio itself that can be played at one's leisure. Subscriptions to that list can be established via: http://lists.vortex.com/mailman/listinfo/daythink or by simply sending a note (no subject or body necessary) to: firstname.lastname@example.org I hope that these features will be of some value in helping folks wade through the maze of many important issues. Thanks very much. Lauren Weinstein email@example.com firstname.lastname@example.org email@example.com 1 818-225-2800 http://www.pfir.org/lauren Fact Squad - http://www.factsquad.org
I dug a few nifty Alphanumeric displays out of the scrap bin, and wanted to use them in a sculpture. A few minutes searching on the web produced a datasheet and application-notes for a plausibly similar device, but were I too literal, I'd be perplexed. The application-note claims that the sample code scrolls "AGILENT TECHNOLOGIES" across the display, but the 8741 sample source code does not include a general-pupose character generator and literal string. Rather, there is a table of hexadecimal values, each row encoding the pixels of one character. The end-of-line comments confirm the suspicion that a glance at the table raises. Had I actually copied this code, I would see "HEWLETT PACKARD" The RISK here is only one of embarrassment, but imagine this sort of thing happening in code for a device (e.g. many PC graphics cards) which uses manufacturer's name or model number as a "key" to enable operation.
My personal e-mail cert from thawte is expiring soon. Thawte sent me an e-mail informing me of this containing "links" to their web page on how to extend it. Problem is I forgot my password and clicked on a link provided to help me recover my password. It didn't work. I'm using Mozilla Thunderbird, which displays the actually link at the bottom of the display. This is what I saw: file:///C:\Documents and Settings\jwolvaardt\Local Settings\Temporary Internet Files\Local Settings\Temporary Internet Files\OLK3C\Expiring personal Certs March.doc I guess you don't need to just post Word documents to reveal information.
Karl Klashinsky reported in Risks 23.70 about: a case where the on-vehicle software is corrupted by a virus, inserted into the automobile's computing systems, via a blue-tooth enabled cell-phone and suggested the scenario: As this vulnerability becomes known in the cracker community, how long before someone tailors a virus specific to a vehicular target — perhaps creating runaway-vehicle scenarios similar to the "faulty cruise control" incidents reported here in RISKS. Interestingly, a day before I had been pointed to an article in a South African newspaper about just such a migration, and there was also something about viruses spreading from cell phones to cars in an article in the *International Herald Tribune*, which I read daily. There is a wonderful cartoon from the German computer magazine *c't* pinned to my group's noticeboard. A passenger is sitting in an airliner using his laptop, and on the screen appears: Bluetooth: new device found: Airbus A310 In one journal it's a cartoon, and in the other journal it's news. What's going on? I made some inquiries. The punch-line first. Ross Anderson pointed me to http://www.engadget.com/entry/1234000760029037/ which reports on someone asking Eugene Kaspersky of Kaspersky Labs about how to cure a virus that ``infected the onboard computers of automobiles Lexus LX470, LS430, Landcruiser 100 via a cell phone.'' Apparently there are some communicating systems on board those cars which use Symbian (one of the mobile-phone OS's) and are bluetooth-enabled, and Kaspersky conjectured that this could be a infection route. The article, from Donald Melanson, suggests that it is not clear whether this has actually happened or not. The South African article, and the other articles besides the IHT mentioned Kaspersky Labs, so this seems to be the source of the "news". The IHT commented on a document issued Wednesday by IBM Security Intelligence, the Security Threats and Attack Trends Report, which said: Beware viruses that spread to cellphones, hand-held computers, wireless networks and embedded computers that are increasingly used to run basic automobile functions http://www.iht.com/articles/2005/02/09/business/virus.html Nothing much there. Ross also told me of a discussion at the Electronic Security in Cars conference about a (different) major car company which used a T39 mobile phone with a linux card running Apache for managing over-the-air software upgrades in some high-end models. So it seems as if two car companies use GSM communication over OTS communicators for some on-board systems. Obviously those systems *could* be infected by viruses targeted to those devices, and someone asked Kaspersky about it. That it has actually happened is questionable; that it could happen is not, for those systems, for those cars. What is there to say about likelihoods? Let me restrict myself to critical systems (chassis, especially brakes and steering; and engine control). Nav systems and in-car entertainment are not critical. First, the critical on-board systems people (chassis systems, engine systems) build separate systems from others on-board. If they use common busses, those busses (usually CAN, about to become FlexRay or TTP) are hard-real-time and the architectures are explicitly designed to inhibit inter-application interference. The critical systems themselves are hand-designed, often hand-coded, running on small processors built for hard-real-time systems use, although they may migrate to special-purpose OS-based SW in the future. There are many such systems, they are all different from each other at present, and they are proprietary. You can't easily get a copy to play with, just as you can't easily get a copy of Airbus critical-system code to play with. It may be even harder, since the companies are all in heavy competition with each other for their continued existence (see below) and they are aware of industrial theft and sabotage issues. I don't know of any such system which installs upgrades over standard mobile phones. There may be some, but the people I deal with on critical systems are all more or less aware of security issues. Furthermore, at least in Germany, such systems in the future will have to demonstrate that they have been developed according to the precepts of the IEC 61508 standard on functional safety in E/E/PE systems (roughly, systems which use programmable electronic components). That standard explicitly covers maintenance, and it does not condone upgrading critical systems using OTS communication channels vulnerable to known security problems such as malware transmission. Which doesn't mean that no one is going to try it. But it does suggest that such an effort would not last long, would end in tears, and would preclude a repeat. Why would it end in tears? Well, few people have remarked it so far, but auto manufacturers are at the sharp end of progress in SW safety and reliability (components of dependability). A model such as the Ford Focus sells a million cars a year. Each of those cars can be expected to drive 300-500 hours a year, and the cars themselves are standardly taken to have a 3-5 year service lifetime. So one model-year alone can be expected to accumulate between 9 x 10exp8 and 2.5 x 10exp9 hours of service. Add to that that systems for such cars are often built by component manufacturers such as Bosch, who install that system or closely similar systems in other cars also, and you are looking at attempting to attain an actual dependability of the order of one critical failure in 10exp10 hours of service. In aerospace, taken by many to be the industrial pinnacle of critical systems engineering, single-point-of-failure critical systems are built to a nominal standard of one catastrophic failure (loss of the airplane) in 10exp9 operational hours. And that is notional; it is intended to be higher than the cumulative service life of the entire model fleet. Whereas the 10exp9 to 10exp10 operational hours in automobile electronics is actual. Now, nobody actually knows how to manufacture SW that is guaranteed to be that dependable (that is, one may achieve it, but one cannot know or prove that one has done it). Current limits (through exhaustive testing of the final product) seem to be about 10exp5 operational hours. That is the theoretical limit of certainty through practical testing (Bayesian calculations by Littlewood and Strigini). People are scratching their heads. Heavily. And occasionally asking me and my colleagues to scratch ours. Serious problems are occurring. Each problem will lead to a recall, and I am told that a minimal cost for a recall (SW upgrade, for example) is EUR 50 per auto (Mike Ellims, Pi Technology, personal communication). Mercedes recently had to recall 600K autos for a brake-system SW upgrade (a counter that they thought would not run over between services did, in two instances, and they had to recall all cars with that SW). We could thereby reckon that that cost EUR 30 million, or thereabouts. Given that profit margins amongst those manufacturers that actually do make a real profit are in the low USD 10exp8 region, if that high, a single recall cuts seriously into profit. (According to the Economist's survey of 4 September 2004, at http://www.economist.com/surveys/showsurvey.cfm?issue=20040904 which cites a study by Maxton and Wormald for Goldman Sacks entitled "Time for a Model Change", there are only only 8 car companies above the curve of cost-of-capital versus revenue per unit, namely Porsche, Nissan, Honda, Toyota well above, and Mercedes, BMX, PSA and Hyundai barely making it over.) Recalls are not the only cost. There is also the cost of recompensing the victims of accidents in which system malfunction was a causal factor. So there is plenty of motivation to make auto critical electronics the most dependable SW-based systems the world has ever seen. We are a long way from it, but I don't think we are going to be seeing critical systems upgraded through gratuitously insecure channels. Except for the exceptions, of course. If I were to bet today, I'd bet on the cartoon staying a cartoon. Peter B. Ladkin, University of Bielefeld, Germany www.rvs.uni-bielefeld.de
It seems that some solutions have more "sex appeal" than others and hence get considered for adoption over and above obviously saner solutions. In respect of trains, as they run on rails, it should be very easy to use the trackside equipment and links to the train to determine that the train is where it should be at that moment in time. It is not as though the trains will be running off the tracks at any time during its journey (unless derailed of course in which case it is definitely going to be late). Paul E. Bennett http://www.amleth.demon.co.uk/ firstname.lastname@example.org Forth based HIDECS Consultancy Mob: +44 (0)7811-639972
Macrovision is expected to release a new DVD copy-protection technology Tuesday in hopes of substantially broadening its role in Hollywood's antipiracy effort. The content-protection company is pointing to the failure of the copy-proofing on today's DVDs, which was broken in 1999. Courts have ordered that DVD-copying tools be taken off the market, but variations of the software remain widely available online. [Source: John Borland, news.com, 14 Feb 2005] http://news.com.com/2100-1026-5576375.html
You quote Drew Dean as saying: "I believe programs such as Exact Audio Copy (EAC) do slow down the drive, and most CD/DVD burning software can write at slower speeds, but I'm not aware of any interface to tell an OS to always slow down reading." "Nero CD-DVD Speed" makes the maximum speed of the CD/DVD drive lower. I use it on my DVR to quiet down (and prevent the "spin up - fill up cache - play from cache - spin down" cycle) to slow down my 52x drive to 8x or so. [Also noted by David DiGiacomo and by Serguei Patchkovskii (who also provided a URL http://www.cdspeed2000.com/go.php3?link=download.html and advice for Linux users: you already have the needed tool installed. At the command line, to get 4x CD-ROM speed, eject -x 4 /dev/cdrom PGN]
I know that for years Plextor CD rom drives have come with a windows taskbar utility that allows the user to force the drive to run at a lower speed along with adjusting other settings. I ended up needing to use this utility on occasion with the then extremely high-speed 12x CD-Rom drive I owned. CDs built for 1x or 2x drives, including my copy of Windows 95 would vibrate so much in a 12x drive at full speed that the computer case would also vibrate and no data could be read. Forcing the drive down to 4x would fix the problem.
Please report problems with the web pages to the maintainer