The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 23 Issue 46

Thursday 29 July 2004


*Chicago Tribune* computer meltdown
J H Haynes
Balloon stuck over Baltimore, risk of automatic shutdowns
Dave Provine
NASA space station software repairs
James Paul
Laptops at the FleetCenter at risk of breaches, attack
Hiawatha Bray via Monty Solomon
Censorware deletes Japanese city
John S. Karabaic
Using Google against Google!
Peter Parker
Court Opens Door To Searches Without Warrants
Monty Solomon
Risks of ordinary GUI "pop-up" windows?
Daniel P. B. Smith
Windows XP SP2 Installation Failures

Should we trust them?
Bruce Sinclair via Dawn Cohen
Citibank 'sorry' for current account difficulties
Patrick O'Beirne
Citibank assists scammers
Keith Gregory
Cosmic ray hits Brussels election - really?
Dirk Fieldhouse
Florida faces vote chaos in 2004, Commission hears
Fredric L. Rice
Lost Record '02 Florida Vote Raises '04 Concern
Joe Shead
Counting error on SMS poll evicts wrong contestant from 'Big Brother'
George Michaelson
California Online Privacy Protection Act
Monty Solomon
iPod security
Paul Wexelblat
Re: E-mail nonprivacy
David Cantrell
Re: Keyless remotes to cars suddenly useless
Chuck Charlton
Re: "Stolen:" one-third of the world's software
Pascal J. Bourguignon
Update: DC Metro flag-day issues
Joe Thompson
REVIEW: "The Sundering", Walter Jon Williams
Rob Slade
Info on RISKS (comp.risks)

*Chicago Tribune* computer meltdown

Tue, 20 Jul 2004 11:50:51 -0500 (CDT)

Beginning at 5:30am on Sunday morning 18 Jul 2004, the *Chicago Tribune*
began a planned upgrade of their server systems and their Newsdesk software
(developed by Denmark-based CCI Europe A/S).  By noon, everything tested out
OK.  However, around 4pm, proofing pages for the Monday morning paper could
not be generated.  At 7pm, pages sent to the off-site Freedom Center
printing facility would not produce plates.  A third-party trouble-shooter
(CCI in Denmark) was called in.  At 9:45pm, the disaster-recovery backup
system was considered, but CCI thought that would not be necessary.  At
1:30am Monday sending scanned pages to Freedom Center was abandoned as
taking too long, and preparations were made to switch back to the backup
plan.  However, by 2am some pages were correctly processed, and a hybrid
plan was cobbled together.  Finally, at 3am, the paper was abbreviated to 24
pages and printed -- except for four pages that would not print, and which
were replaced by advertisements.  Production of the paper was finally begun
at 5:30am, well beyond the normal time.  It was reportedly the first time
since the Great Chicago Fire of 1871 that the *Tribune* failed to print as
planned.  Source: Computer glitch nearly stops Tribune presses; A story we
never thought we'd print, James Coates, *Chicago Tribune*, 20 Jul 2004;
starkly PGN-ed; also noted by Rich Harrington; PGN-ed]

Balloon stuck over Baltimore, risk of automatic shutdowns

<Dave Provine <>>
Sun, 18 Jul 2004 08:14:34 -0400

A tourist balloon tethered over downtown Baltimore stalled during a wind
squall on 17 Jul 2004, with 17 occupants stranded 200 feet in the air for
two hours, amid strong wind gusts that swung the balloon around the tether,
resulting in the computer control system losing track of the balloon's
position -- which apparently automatically shut down the winch engine.
Because the program cannot restart the engine unless the balloon is on the
ground, a smaller backup engine was invoked -- although an added
complication was involving releasing the brakes that had automatically
clamped on the winch.  (This was supposed to be a 20-minute excursion.)
Four people were hospitalized.  [*The Baltimore Sun*, 18 Jul 2004; PGN-ed],0,4500292.story?coll=bal-home-headlines,0,4500292.story?coll=bal-home-headlines

NASA space station software repairs

<"James Paul" <>>
Thu, 29 Jul 2004 01:17:48 -0400

John Kelly, NASA begins repairing station glitches, 29 Jul 2004

  NASA and the Russians are beaming a series of software-upgrade files from
  Earth to several International Space Station computers with the goal of
  eliminating hundreds of potentially dangerous glitches before year's end.
  The carefully scheduled updates are meant to fix about 500 of the more
  than 1,000 errors in the computer code that operates everything from the
  space station's robot arm to critical life-support systems.  Most notably,
  the repairs are expected to fix 35 of 39 software bugs that were deemed
  "safety critical" in a review done by the space station program in the
  wake of the shuttle Columbia disaster.

Earlier items:

Laptops at the FleetCenter at risk of breaches, attack (H.Bray)

<Monty Solomon <>>
Fri, 23 Jul 2004 17:02:09 -0400

Hiawatha Bray, *The Boston Globe*, 22 Jul 2004

The Democratic National Convention will attract thousands of visitors armed
with laptop computers that feature wireless Internet access.  And that could
be a formula for disaster, according to Michael Maggio, whose Newbury
Networks Inc. recently ran a vulnerability test in the area around the
FleetCenter: Unless proper precautions are taken, computer vandals will be
able to tap into these laptops by using wireless transmitters located
outside of the FleetCenter.  The attackers could then use the compromised
laptops to gain access to the computer network used to run the convention.

Censorware deletes Japanese city

<"John S. Karabaic" <>>
Fri, 16 Jul 2004 11:03:14 -0400

Censorware installed either at the LinuxElectrons or IBM press release site
has inadvertently deleted part of the name of a Japanese city in a press
release from IBM:

relevant excerpt:

  The trial is expected to be completed by early August and then, if
  successful, onsite testing will take place at Kureha Environmental
  Engineering's waste processing site. When the effectiveness of RFID
  tagging is confirmed the company plans to equip Kureha General Hospital,
  in *censored*ushima, Japan, with the RFID technology to track their
  discarded medical waste.

John Karabaic, 3545 Zumstein Ave, Cincinnati OH 45208-1309  513.295.6365

Using Google against Google!

<"Peter Parker" <>>
Fri, 09 Jul 2004 03:05:30 -0700

Good news for the spammers!!

As most of us are aware that Google provides various options/operators for
writing effective queries. One of the operator is the "site:" option, which
restricts the search to the website specified with this tag. Just tried
googling for some gmail accounts with and the results
were a list of urls with the title "Link Already Used". The area of concern
is that all these pages are actually error pages with a valid gmail user
accounts.... so with a small script its very easy for some one to glean a
list of _valid_ gmail accounts.

Do you have a gmail account? ....check if your name is already harvested ;-)

Court Opens Door To Searches Without Warrants

<Monty Solomon <>>
Tue, 27 Jul 2004 18:08:02 -0400

It's a groundbreaking court decision that legal experts say will affect
everyone: Police officers in Louisiana no longer need a search or arrest
warrant to conduct a brief search of your home or business.  Leaders in law
enforcement say it will keep officers safe, but others argue it's a
privilege that could be abused.  The decision in United States v. Kelly
Gould, No. 0230629cr0, was made March 24 by the New Orleans-based 5th
Circuit Court of Appeals.  ...  [29 Mar 2004]

Risks of ordinary GUI "pop-up" windows?

<"Daniel P. B. Smith" <>>
Wed, 28 Jul 2004 11:08:18 -0400

Yesterday, I was annoyed yet again--by Mac OS X, as it happens, but OS X and
WinNT/2K/XP are equal-opportunity annoyers in this regard. I was about to
hit "return" to accept the default in a dialog box, and another application
that was running at the same time popped up its own dialog box just as I was
pressing the key. I couldn't stop in time. I intended to OK one dialog box,
and I ended up OK-ing a completely different one.

No harm done this time. But this sort of thing happens to me several times a
week. Frequently I will type two or three keystrokes into an window that has
unexpectedly popped up before I can stop myself.  Occasionally I will
actually mouse-click on a button in a window that popped up just as I was
starting to press the mouse.

It seems astonishing to me that nobody complains about this, and that in
twenty-odd years of GUI use there isn't a well-established solution to this
problem. It appears that when it comes to computer usability, any problem
that persists for more than a few years is apparently no longer perceived as
a problem. Or am I the only person this happens to?

The RISKS when a user who intends to confirm one dialog box accidentally
confirms another are obvious. Serious consequences in ordinary daily use are
admittedly unlikely; contriving a suitably example will be left as an
exercise for the reader.

Windows XP SP2 Installation Failures

<[identity withheld by request]>
Fri, 23 Jul 2004 20:08:49 PDT

Some choice bits from this site:;?articleId=23905071

  "CRN Test Center engineers evaluated a release candidate two (RC2) version
  of SP2, and upon completion of the install on three out of five systems,
  the machines blue-screened."

  "[Microsoft] provided instructions on how to work around the blue screen
  and uninstall SP2.  After that process finished, some interesting events
  occurred. The rollback process uninstalled every device that existed in
  the PC. Network cards, video cards and all system resources were
  uninstalled.  The rollback also removed SP1; absolutely no remnants of SP1
  existed anywhere in the system. "

If they can't get the installation process right, I highly doubt they
got the security fixes right either.

Should we trust them? (Bruce Sinclair)

<Dawn Cohen <>>
Thu, 29 Jul 2004 07:03:26 -0700 (PDT)

Here's one from the absurd department...

(As reported on

Did they really say that ?
bruce.sinclair@NOSPAMagresearch.NOTco.NOTnz (Bruce Sinclair) TelstraClear

Found recently on a web site as part of a privacy policy statement ...

  Privacy Notice: The Central Intelligence Agency is committed to protecting
  your privacy and will collect no personal information about you unless you
  choose to provide that information to us.

Citibank 'sorry' for current account difficulties

<"Patrick O'Beirne" <>>
Wed, 28 Jul 2004 12:19:45 +0100

Customers of Citibank, the world's largest bank, are suffering a wave of
current account service problems that has forced the company to post a
seven-page "service update" explanation on its website.

The bank admitted receiving complaints from customers over direct debit
payments which mistakenly defaulted to 999,999.99 pounds and personal
identification numbers for automatic teller machines, internet and telephone
banking that did not work.

Other problems included current accounts being debited twice, incorrect
reference and cheque numbers, changes to statements, canceled cheques and
replacement cheque books and cards being sent to old or wrong addresses.

Citibank said that it was "very sorry" about the problems, which were caused
by a large systems upgrade in late March that triggered a big increase in
the volume of calls from customers.

Patrick O'Beirne, Systems Modelling Ltd.  +353 55 22294

Citibank assists scammers

<"Keith Gregory" <>>
Thu, 22 Jul 2004 09:30:11 -0400

Today an a phishing scam e-mail got past the spam filters. It had the usual
wording about clicking on the link to update my e-mail address with
CityBank, which "required" my ATM card and PIN.

The strange thing about the URL was it wasn't the expected "this site @ that
site", instead, it began with:
... YIPES!

Sure enough, replacing the scammer's URL with Google's took me to Google
... which didn't like the Citibank-specific query string. Being curious, I
clicked on the original URL, and was taken to what appeared to be the
Citibank site, after bouncing around a while. Needless to say, I exited
Mozilla after doing this.

Cosmic ray hits Brussels election - really?

<"Dirk Fieldhouse" <>>
Thu, 29 Jul 2004 13:04:14 +0100

John Miller, Dow Jones Newswires (07/26/04); seen via ACM Tech News:

"European citizens and governments generally prefer traditional
paper-based voting because of unresolved reliability and security issues
surrounding electronic voting. ...
	[DF comment: what a fair summary, and in the UK issues are also being
        raised by the extension of postal paper voting]
... Fueling the arguments of paper ballot supporters are incidents such as
a 2003 Belgian election in which almost 4,100 extra votes for Maria
Vindevoghel's Communist Party were recorded in a precinct of Brussels due
to a malfunction triggered by a cosmic ray. ..."

I found this jaw-dropping -- not the possibility of a cosmic ray causing a
computer malfunction, which is an obvious threat for space-borne systems,
but how such an apparently unrepeatable external event could be accepted as
the cause of a terrestrial computer malfunction. The lack of any
confirmation through Google seems to support my astonishment. Can the select
RISKS readership confirm whether this actually occurred, or is it an urban

If people are prepared to accept this as an explanation for computer
malfunctions, maybe we're wasting our time testing software?

Florida faces vote chaos in 2004, Commission hears

<"Fredric L. Rice" <>>
Fri, 16 Jul 2004 20:02:05 -0700

Alan Elsner, Reuters, 15 Jul 2004

Florida faces another debacle in the upcoming presidential election on
Nov. 2, with the possibility that thousands of people will be unjustly
denied the right to vote, the U.S. Commission on Civil Rights heard on

Lost Record '02 Florida Vote Raises '04 Concern

<"Joe Shead" <>>
Wed, 28 Jul 2004 12:14:06 -0500

Almost all the electronic records from the first widespread
use of touch-screen voting in Miami-Dade County have been
lost.  [Abby Goodnough, *The New York Times*, 28 Jul 2004]

Counting error on SMS poll evicts wrong contestant from 'Big Brother'

<George Michaelson <>>
Mon, 5 Jul 2004 16:36:27 +1000

  Big Brother evictee returns after SMS error

  The most recent evictee from the Big Brother reality television household,
  Bree, will return to the show tonight after the company which tallies
  telephone and SMS votes for the show admitted it made an mistake.

  Bree was voted out of the show last night but Channel Ten, which airs the
  show, and Endemol Southern Star, its producers, have released a statement
  admitting the vote count was wrong.

Apparently this was detected by the phone/SMS company by an internal audit
so at one level, 'the system worked' but there are so many questions about
HOW they counted SMS votes wrong..

I'm guessing this is not a very integrated process, and somebody either
slipped up doing spreadsheet column/field edits, or in parsing data.

With $AU 1,000,000 up for grabs in a winner-takes-all outcome, I think both
the phone company and the TV station felt it was better to head off
litigation.  Else, why does anybody care? its not like this is a 'real' vote
is it...

(obvious comparisons to 'beauty contest' electronic election methods invited)

George Michaelson, APNIC, PO Box 2131 Milton, QLD 4064 Australia
+61 7 3858 3150  |  |

California Online Privacy Protection Act

<Monty Solomon <>>
Thu, 8 Jul 2004 08:44:05 -0400

Excerpt from
Piper Rudnick E-Commerce & Privacy Group @lert, 25 Jun 2004, Vol. 4, No. 5


Overview and Summary of Requirements

On 1 Jul 2004, the first online privacy law in the country that applies to
the collection of information from consumers over the age of 13 will take

The California Online Privacy Protection Act of 2003, CAL. BUS. & PROF. CODE
22575 et seq., ("Section 22575") is a privacy notice requirement law. It
contains a generous safe harbor that gives companies 30 days to come into
compliance if notified of failure to post a policy. The law also prohibits
"negligently and materially" or "knowingly and willfully" failing to follow
promises in a posted privacy policy.

The California law will require operators of a commercial Web site or online
service that collect through their Web site or online service personally
identifiable information(1) from consumers(2) residing in California to
conspicuously post their privacy policy on their Web site (or, in the case
of an online service, to use any other "reasonably accessible means of
making the privacy policy available to consumers"). The law exempts Internet
service providers and similar entities that transmit or store personally
identifiable information at the request of third parties. Because many Web
sites and online services do not collect physical address information, and
for that reason may be unaware that they are collecting personally
identifiable information from California consumers, sites and services may
be well advised to conform their privacy policies to the requirements of
this new law.  ...

iPod security

<Paul Wexelblat>
Tue, 13 Jul 2004 14:06:56 -0400

It appears that it has occurred to folks that the iPod is a security risk

If someone who had access to that dangerous USB port were going to
down/upload some data, wouldn't a thumb drive be easier and smaller?

If someone was serious, how hard would it be for a real baddie to give a CD
player or Walkman (r) write capability.

Gee, why not just plug a WI-FI device into some obscure RJ45 and get the
stuff in the parking lot? or a Zip disk, or a floppy, or a laptop, or one of
those non-spec 10Xpower bluetooth thingies

Isn't it much more likely that this poor soul with the iPod is just
trying to listen to music?

Paul Wexelblat, Dept. of Computer Science, University of Massachusetts Lowell
One University Ave, Lowell, MA 01854

Re: E-mail nonprivacy (DeForest, RISKS-23.45)

<David Cantrell <>>
Mon, 12 Jul 2004 09:59:49 +0100

I read with interest Craig DeForest's recent message about legislating for
privacy.  His argument - which is far from new - is that because legally
protecting email privacy wouldn't be 100% effective, legal protection is
foolish.  You could equally well say that because legislating to outlaw
burglary is not 100% effective, you may as well not legislate against
burglary.  A foolish notion!

Laws won't stop determined evil-doers from doing bad things.  However, they
can be used to punish them after the fact, and do have a deterrent effect on
evil-doers who are less brave.  Just look at the effort companies go to to
make sure they don't break (many) laws.  Add privacy to that list of laws
that they at least try not to break, and I for one will be a little

Re: Keyless remotes to cars suddenly useless (RISKS-23.45)

<Chuck Charlton <>>
Mon, 12 Jul 2004 01:14:14 GMT

This isn't news and isn't sudden to those of us in San Francisco who shop at
Tower Market.  Keyless remotes to cars have never functioned in much of Twin
Peaks area.  The seven television stations and numerous FM radio stations
that broadcast from Sutro Tower appear to overwhelm the low-power keyless
systems used in nearby cars.

Re: "Stolen:" one-third of the world's software (NewsScan, R-23.45)

<"Pascal J. Bourguignon" <>>
Sat, 10 Jul 2004 23:06:40 +0200

I won't comment on the risks of accepting the novlang, but wondering why all
these people don't use free software instead, what are the risks they take
in using non-free software, in their countries?

Assuming there's no legal risk for them, given the political and technical
risks of using non-free software, why don't they switch to free software?

Update: DC Metro flag-day issues (RISKS-23.44)

<Joe Thompson <>>
Tue, 27 Jul 2004 17:09:09 -0400

Metro has now reversed their decision and declared they will continue to
sell SmarTrip cards until the current inventory runs out, by which point
they hope new shipments will have come in:

"Taubenkibel says the agency decided to reverse course because it hopes to
receive a new shipment of about 10,000 SmarTrip cards by the end of the
month, and another 62,000 cards sometime in August."

REVIEW: "The Sundering", Walter Jon Williams

<Rob Slade <>>
Wed, 28 Jul 2004 08:34:36 -0800

BKSNDRNG.RVW   20040629

"The Sundering", Walter Jon Williams, 2004, 0-380-82021-8
%A   Walter Jon Williams
%C   10 East 53rd Street, New York, NY  10022-5299
%D   2004
%G   0-380-82021-8
%I   HarperCollins/Basic Books/Torch
%O   800-242-7737 fax: 212-207-7433
%P   436 p.
%T   "The Sundering"

Once upon a time, a long, long time from now (and far away) there was
a great space war.

Given that it's a long time from now, it's rather bemusing that technology
hasn't advanced very far, aside from discovering traversable wormholes and
producing antimatter in commercial quantities.  This isn't entirely the
fault of human beings, since a mysterious and powerful race has come along
and generally interfered with social and technological development, although
they now seem to have stepped out for an extinction.

But you can forgive a lot to a book that understands that space battles,
even those confined to a mere solar system, take place over days, and that
the ability to withstand crushing accelerations for long periods of time is
what makes the difference.

Faster than light communications would certainly help, but that may be too
much to ask from the universe.  Smarter computers would *definitely* help,
and should have been possible.

The use and operation of computers in this brave new world is not clearly
spelled out, but they seem to run on scripts, rather than machine code.  The
mysterious and powerful race have ensured that all computers are registered
and known, thus fulfilling Microsoft's dreams for Palladium.  (Apparently no
Linux hackers, or other amateur computer enthusiasts, have survived.)
Serious cryptography seems to have been forgotten: there is one reference to
the fact that nobody can use cryptography since everyone has powerful
computers and can therefore break any ciphers.  This indicates that everyone
has forgotten that, when computer power increases, you can just increase the
key length.

The fact that computers are known and registered is used to prove the need
for low-tech communications solutions when the bad guys move in and take
over the seats of power.  However, a few pages later, our merry band of
counter-revolutionaries is happily using communications devices that seem to
have a lot of computer-related functions (even real-time broadcasts seem to
be "store and forward").

Our underground heroine manages to become a fully-fledged intruder in the
space of twenty-four hours.  Along the way she does learn something that I
wish every security professional knew: when you have functional security,
you'd better have an assurance activity as well.

(Of course, if anyone had put "defence in depth" in place, she'd have been

copyright Robert M. Slade, 2004   BKSNDRNG.RVW   20040629    or

  [Rob, It's typically Weakness in Depth rather than Defense in Depth.
  But I suppose things will not have changed much by then anyway.  PGN]

Please report problems with the web pages to the maintainer