[The following item appears in the *Communications of the ACM*, 47, 4, April 2004, and is reproduced here with the permission of the author, subject to CACM copyright guidelines. PGN] The story of the Aceville elections has received some attention in the national press, but it is worth considering from a Risks perspective. This column is based on reports by AP (Affiliated Press, Unusual Election Results in Ohio Town, 2/30/04) and Rueters (Losers Question Ohio Election, 2/30/04). The Aceville, OH, municipal elections last February — the city's first time using the SWERVE electronic voting system — led to the election of the alphabetically first candidate in all 19 races. This is an astonishing coincidence. Furthermore, every winning candidate, and Measure A, garnered 100% of the votes counted. ``I am extremely gratified by this mandate,'' said mayor-elect Neuman E. Alfred, who received 7,215 votes in a town with 7,213 registered voters. ``This is the greatest electoral landslide since the re-election of Iraqi President Saddam Hussein.'' Byron Augusta, CEO of Advanced Automatic Voting Machines (AAVM), which supplied the SWERVE system, denied that there was anything suspicious about the coincidence that Alfred was also the AAVM technician in charge of the new voting machines. ``We are confident of the integrity of our employees, which is reflected in their unblemished record of electoral success. Reports that Alfred installed undocumented `software patches' the day before the election are completely unfounded. We could prove this to you, except that the machines now contain the software upgrade that Alfred installed the day after the election. Anyhow, our software was once certified tamper-proof by the Federal Election Commission. Any suggestion of hanky-panky is scurrilous and un-American. We were unquestionably the low-cost bidder.'' Ohio Supervisor of Elections Ava Anheuser expressed no surprise that the alphabetically first candidate won every race. ``Don't you believe in coincidence?'' she asked. ``This is an example of Adam Murphy's Law: `If it's logically possible, sooner or later it's bound to happen.' AAVM downloaded the totals from the voting machines three times. There's nothing else to recount.'' Rueters reported that several voters claimed to have voted for losing candidates, including mayoral candidate Zeke Zebronski, who said, ``I know this election was crooked. I voted for myself three times, and still got no votes.'' However, the *Aceville Advertiser* conducted an investigation and concluded that the complaints were the work of ``a small group of out-of-town academic Luddites with a paper fetish,'' and ``an even smaller group of agitators for `alphabetic equality'.'' ``They should remember that `America' starts and ends with A,'' chided *Advertiser* Editor-in-Chief Ada Augusta. Pundits are divided on whether this election was a statistical fluke, or is the harbinger of a statewide, or even national, trend. But many politicians are taking no chances. The Democratic Party is scrambling to find an A presidential candidate. ``We just don't see how Clark or Dean can beat Bush in this environment,'' said party spokeswoman April Brown. The newly-renamed All American Party's entire Ohio slate has filed to legally change their names, to Aaron Aaren, Abigail Aaren, etc. ``It's like one big family,'' said party secretary Absalom Aaren, ``and we expect to do very well in the next election.'' The American Association of the Mentally Challenged has pressed for national adoption of the SWERVE system. Spokeswoman Ada Augusta stressed that ``This is the only available system that guarantees that your vote will be counted, whether you can cast it or not. And it will bring jobs to Aceville.'' Measure A provided tax-exempt bond funding for the Aceville Automation Park, which will house new headquarters for both AAVM and the *Advertiser*. On a lighter note, the American Automobile Association was elected Dog Catcher, even though it wasn't on the ballot. ``This seems to be the first time a write-in candidate has been elected without any write-ins,'' said an AAA insider, who spoke on condition of anonymity. Regular readers of ``Inside Risks'' know that there is an important distinction between coincidence and causality. The fact that A preceded B does not mean that A caused B. The order of the candidates probably didn't influence enough voters to change Aceville's landslide results. However, ``out of an abundance of caution,'' election officials should have followed the advice of People for Randomized Alphabetic Ballots (PRAY4Ps). Putting names on the ballot in random order preserves faith in the fairness of the election. Of course, it is still possible for a random permutation to leave names in alphabetical order. Wouldn't *that* be a coincidence? I'd be happy to Risk It. [Jim Horning <firstname.lastname@example.org> is a member of the American Association for April Foolishness, and a co-founder of PRAY4Ps.]
Relating to the Toyota music-playing robot item some of you may have seen (replicated below), the extension of the concept from trumpets to other brass-family instruments is relatively straightforward: trumpets, French horns, valve trombones, and tubas all have the same basic mathematically based fingering system (relative to the fundamental of the instrument). In order to provide a well-disciplined robotic brass band, Toyota will need to implement a real-time distributed operating system by which each robot can interoperate. This system would allow tight synchronization among the players to be controlled by a robot conductor, where all the robots are integrated into a wireless local network. Arbitrary music can be downloaded on a per-instrument-type basis with fingering plans akin to those of a remotely controlled player piano, so that the group could easily expand its repertory. This approach would even facilitate performance of musical works such as Gabrielli's antiphonal compositions for multiple brass quartets and quintets dispersed around a concert hall or outdoor space. One of the standard problems in the past has been the acoustic delays, which tend to create long gaps between antiphonal responses, somewhat similar to remote news commentators linked by satellite communications. The risks are numerous, although not onerous [one-rous? two-rous?]. Perhaps other robots could also provide a chorus: * Blue screens, smiling at me, Nothing but blue screens do I see. (Accidental or intentional denial of service attacks,) * Wrong song, screeching at you, Nothing but wrong song; you can sue. (Given the general insecurity of wireless networking and operating systems, and the dynamic downloadability of music files, it is likely — for example — that ribald, raucous, or otherwise inappropriate tunes might be maliciously substituted for liturgical music. This would be likely to stir up Congressional legislation to protect robot vendors from liability under such circumstances.) * I've got plenty of nothin', And nothin's got plenty of me. (Accidental deadly embraces caused by certain Trojan-horsey note sequences, security flaws caused by basso overflow, etc.) This message is a trum-pet-er swan song (inspired by a famous star of the previous century, Glorious Swansong). Date: Fri, 12 Mar 2004 09:38:39 -0700 From: "NewsScan" <email@example.com> Subject: Toyota robot toots its own horn Toyota has taken the wraps off its latest venture in humanoid robotics -- a 4-foot (120cm) tall machine that plays "When You Wish Upon a Star" on a trumpet. The automobile company says it hopes to form a robot band to play at the 2005 World Exposition in Japan next year. The musibot is the latest entry in an increasingly competitive rivalry with Honda, whose Asimo robot walks around, and Sony, whose Qrio sings, dances, and jogs. [BBC News 11 Mar 2004; NewsScan Daily, 12 Mar 2004] http://news.bbc.co.uk/1/hi/technology/3501336.stm [I suppose that a robot text editor might perform a fontal robotomy on this issue of RISKS. PGN] [Important note: The NewsScan item above is not April Foolishness. The same is true of the following items in this issue. PGN]
PRNewswire: This April Fool's Day, AT&T wants to warn consumers about some of the latest scams being perpetrated on the unsuspecting public. "Awareness certainly helps consumers from being bilked," said Robert Cruz, consumer affairs director for AT&T. "We try to be vigilant about detecting new fraud and alerting consumers so they won't fall prey to ever more resourceful lawbreakers." Beware of the following schemes: Star-7-2, billing back to you: You receive a call from a stranger posing as a telephone technician or telling you that he has been arrested for driving with a suspended license and is in jail — or is in a situation that requires your immediate help. "I need to reach my wife and tell her what happened so she can pick up our two kids. Would you dial *72 and then her number?" Star-7-2 is a custom feature for call forwarding. When the customer dials *72 followed by a telephone number, it activates the call forwarding feature causing all your incoming calls to ring at another number. At the end of the other line — whether calls have been forwarded to a landline, a cell phone or a payphone — the original caller's partner-in-crime is able to accept all collect and third-party calls, while telling your own legitimate callers that they have the wrong number. You get billed for all calls made because your number is the one from which they are forwarded. This ingenious scam, which even overrides cell phones inability to get collect calls, may go on for several days before you become aware it has occurred. *72, Not for you: Do not accept collect calls from individuals you don't know, regardless of who they claim to be. Also, never activate *72, the call forwarding feature, unless you yourself wish to have calls forwarded elsewhere. Within the sound of my voicemail: Hackers can compromise your voicemail system in order to make fraudulent collect, third party or direct-dial calls. Hackers make use of an out-calling feature on many systems that allows them to make the calls at your expense. It isn't until you receive notification from your telephone company's security group, notices something different about your voicemail greeting, or receive a large bill that you realize you have become a victim. To prevent this: * Always change the default password provided by your voicemail vendor. * Choose a complex voicemail password, of at least six digits, so it's difficult for a hacker to guess. * Don't use obvious passwords such as an address, birth date or phone number. * Change your voicemail password often. * Check your announcement regularly to ensure the greeting is indeed yours. (Owners of small businesses should consider disabling the auto-attendant, call-forwarding and out-paging capabilities of voicemail (if these features are not used), because those features also can be hacked. [...] For these and other tips on avoiding telecommunications and Internet fraud, visit www.att.com/consumertips . Don't be an April Fool today or any day. - http://finance.lycos.com/home/news/story.asp?story=40974362
When I first heard about this my initial reaction was that it must be a joke. Sadly, it is not. It appears we not only have to worry about spammers, scammers, and other illicit fraudsters on the Net, but now the vested, 800-pound gorilla of domain name registrations, Network Solutions (recently spun-off from our friends at VeriSign) has a new plan to try fleece the masses — a "100 Year" domain registration service! I kid you not — they're sending out the e-mails promoting this gem as I type these words. Yes, boys and girls, just send Network Solutions your non-refundable renewal fee in the amount of $999, and they'll renew your domain every year for an Entire Century. Never mind that domain names and the Internet are unlikely to even exist as we know them now *long* before a hundred years have elapsed. Forget about the fact that Network Solutions itself (as well as everyone reading this message) is likely to have vanished from the scene well before 2104. For that matter, we'll be damn lucky if *civilization* still exists by that time. It appears that we now have a new textbook definition of greed, along with treating the entire Internet community like a pack of imbeciles. But then, anyone who falls for Network Solutions' "No worries for 100 years" service will themselves have given new meaning to the concept of a sucker. http://www.networksolutions.com/en_US/name-it/popup-100-yr-term.jhtml Lauren Weinstein firstname.lastname@example.org +1 http://www.pfir.org/lauren (818) 225-2800 People For Internet Responsibility http://www.pfir.org http://www.factsquad.org
On 25 Mar 2004, I received, not a surprise, but just another example of fraudulent requests for personal information. My local branch officer, after some reflection and search, said that yes, a week earlier, they were notified of the scam and that action was being taken to shut down the site (no mention of trying to apprehend the culprits). The complete e-mail to me appears below. What does surprise me is that it is so obviously a spoof. - - - - - - - - Dear Member, This e-mail was sent by the [bankname] server to verify your e-mail address. You must complete this process by clicking on the link below and entering your [bankname] ATM/Debit Card number and PIN that you use on ATM. This is done for your protection because some of our members no longer have access to their e-mail addresses and we must verify it. This is to prevent any type of online fraud. [bankname] is made to protect your identity online. To verify your e-mail address and protect your [bankname] account, click on the link below. If nothing happens when you click on the link (or if you use AOL), copy and paste the link into the address bar of your web browser. [URL removed. no longer valid. PGN] Thank you for using [bankname].
German and Swiss engineers, finally connecting their respective parts of the new Upper Rhine Bridge in Laufenberg, Germany, discovered that one half had been built 54 cm lower than the other, requiring massive reconstruction. [*Der Spiegel, 14 Jan 2004, *Salt Lake Tribune* 2 Feb 2004]. (There must be a lesson in this debacle somewhere.) [Someone must have had No-Pfaltz insurance. PGN]
A space shuttle has risked disaster every time it flew in the last 20 years because its speed brakes were faulty, NASA said yesterday. Gears were installed backwards on the flaps in Discovery's tail. They could have failed under the stress of an emergency landing, causing a crash. Discovery has flown 30 times since 1984 without a problem. The reversed gears were found in an actuator which works the flaps — they stick out to create drag and slow the craft in flight. NASA, which is blaming subcontractor Hamilton Sunstrand, said it would replace parts on all three shuttles before restarting missions after last year's Columbia disaster. [Source: London *Metro*, 24 Mar 2004. See also http://aolsvc.news.aol.com/news/article.adp?id=20040322213609990004 (noted by Ken Knowlton). PGN]
``Due to a software glitch, the computer display in the 2004 model year Grand Prix shows the wrong day of the week, Pontiac spokesman Jim Hopson said on Monday. Engineers overlooked the fact that 2004 is a leap year, with an extra day,'' http://story.news.yahoo.com/news ?tmpl=story&cid=583&ncid=583&e=4&u=/nm/20040322/od_nm/autos_gm_leapyear_dc Jerry Saltzer's story on Multics calendar calculations is at http://www.multicians.org/jhs-clock.html What worries me is, what ELSE did the GM guys overlook?
According to the Calgary *Herald*, 23 Mar 2004, the Student Union Review Board on 22 Mar 2004 ordered a complete new election. There is apparently a higher level of appeal within the Students' Union, so the story may not be entirely over. The *Herald* story did not add any details not already known about the flaws in the online voting software. Excerpts from Chris Beachamp, Online voting glitches?, "The Gauntlet", the student newspaper of the University of Calgary, in Calgary, Alberta, Canada, 18 Mar 2004, regarding potential flaws in the online voting system used in this year's Students' Union General Election (PGN-ed): Sorex Software Inc. ``discovered an issue that allows for the possibility for the system to mix up one voter for another.'' The system slowed down due to the larger than normal ballot size and "significantly larger HTML data'' in the ballot code, which was too large for the word processor software! ``The slow down may have caused some voters to leave their voting stations before their ballot was complete. This could have allowed another voter to [log in] and complete the first voter's ballot.'' Because of the anonymity, it was impossible to trace how often this problem might have occurred. Sorex allegedly violated a number of SU election bylaws. Citing irregularities in the online voting system, including voters logging in to find their ballots already selected or even closed, the petition claims system crashes ``affected the overall integrity of the election process and compromised the election result.''
A Southern California Edison customer-satisfaction survey was spoofed by at least 12 employees who had altered system data in order to have their friends and relatives receive survey calls and provide glowing reports. The company apparently thereby falsely received millions of dollars based on the survey! [Source: Reuters, 17 Mar 2004; PGN-ed] http://www.boston.com/news/odd/articles/2004/03/17/ utility_employees_rig_customer_survey/
America Online is launching a sweepstakes program that will award victims of spam various assets seized from spammers. The top prize is a 2002 Porsche Boxster S, purchased with the proceeds from a lawsuit settled with a spammer -- one of five antispam lawsuits that AOL filed in federal court last year. AOL executive VP and general counsel Randall Boe says the company sees the sweepstakes program as a "great way to teach spammers a lesson, and reward our members for their continued use of the 'Report Spam' button." The sweepstakes started at 5:00 a.m. this morning and will run till 11:59 p.m. eastern time on April 8th. Details can be found at AOL.com. [*Internet News*, 30 Mar 2004; NewsScan Daily, 30 Mar 2004] http://www.internetnews.com/xSP/article.php/3332991
Using her cell phone, an Oklahoma woman mistakenly called her parole officer. She was arrested after she tried to set up a drug deal. [Source: Reuters, 18 Mar 2004, PGN-ed] http://www.boston.com/news/odd/articles/2004/03/18/ wrong_number_leads_to_womans_arrest/
I'd noticed some time ago that I couldn't access files on one of the servers used in yahoo groups (f4.grp.yahoofs.com) I figured it was down or some such. I ran into this again a couple months ago and found that I still couldn't get thru to that server. Since my ISP had done a few odd things in the recent past, I tried via dial-up on another ISP and got thru. After much swapping of cables and computers, I discovered that the culprit was my router! A Multitech 550VPN. Several exchanges of e-mail with tech support finally brought forth the info that the server was being blocked because its IP address (18.104.22.168) ended in .255. Tech support informed me that meant it was a broadcast address. I had to inform them that, no, it did *not*. Only *some* addresses ending in .255 are broadcast addresses and blocking the rest is badly broken behavior. They said they were turning the info over to the engineers. So far, not trace of a patch. And I discovered the same bug exists in the RF 500 as well. The risk is someone who *thought* they knew something deciding to use it to implement a "security" measure that amounts to a designed in denial of service for some parts of the Internet. Leonard Erickson (aka shadow) shadow at krypton dot rain dot com
Even Microsoft itself can't keep its own people from publishing documents with deleted information in them. The Web site below hoists Microsoft on its own petard: http://lcamtuf.coredump.cx/strikeout/
Nowadays, most credit card receipts blank out portions of the credit card number so that discarded receipts cannot give it away to anyone who picks it up. However, the section of the credit card number that gets blanked out seems to vary between every shop. My wife was recently cleaning out her wallet of credit card purchase receipts and noticed that if someone was to get hold of several of her receipts, they would have enough information to piece the whole of her number together. Our local council provides green bins for everybody for them to put their waste paper, glass and tin in, which is collected every week. If a snooper was to collect someone's paper waste and get 3 or four receipts they would have enough information (as obviously they know the address) to make fraudulent charges to a card. I suppose the RISK here is assuming that a security measure that works in a single situation will work well when multiple situations are combined. [We've probably discussed this problem before, but because the risks keep recurring, it is probably worth repeating. PGN]
Exploiting Software: How to Break Code Greg Hoglund and Gary McGraw Foreword by Avi Rubin Addison-Wesley 2004 ISBN 0-201-78695-8 This book will rekindle the old argument long prevalent in RISKS about whether vulnerabilities and their exploitation should be discussed openly or whether such knowledge should be considered as hidden from public view (security by obscurity). In RISKS, we have long favored the realities that vulnerabilities do not get fixed as long as their existence is suppressed, and that belief that supposedly hidden vulnerabilities cannot be detected by would-be attackers is simply counterproductive in the long run. The quote from Ed Felten on the front cover sums it up nicely: ``It's hard to protect yourself if you don't know what you are up against.'' PGN
Please report problems with the web pages to the maintainer