Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
I'm sure there will be several submissions on this. The associated press
story on it contains the following "... Avid Modjtabai, head of technology
for the nation's fifth largest bank, said today that problems with the
company's online banking services lasted less than two hours, and customers
never lost the ability to make basic ATM transactions, including withdrawing
cash and making deposits at Wells Fargo-branded ATMs." While I haven't been
able to verify that is the reason, on Sunday I had my Wells Fargo credit
("check") card refused by a merchant's POS terminal with the code "card
blocked." My account has plenty of money in it and there are no untoward
transactions in it. (That I was able to check. Go figure). I tried
calling calling WF off and on all day yesterday to see if they knew why the
card was blocked and they couldn't find out — because their computers were
down. Today I can't get through, presumably because of heavy call volume.
The Windows Genuine Disadvantage servers all went down.
Result: All attempted OS installations were labeled as counterfeit.
THAT means you get 'limp home' mode for the box..
<http://forums.microsoft.com/Genuine/ShowPost.aspx?PostID=2053834&SiteID=25>
<http://www.boingboing.net/2007/08/25/microsoft_wga_server.html>
The recovery procedure, once you know their server is again working,
involves deleting some special files, and revisiting the WGA server.
{Sigh; haven't we had this conversation before?}
RISKS:
Creating an artificial single-point-of-failure.
Not making that single point robust/redundant enough to defend again all
enemies, foreign and domestic [i.e. outsiders vs the more likely "we have
met the enemy, and he is us..." errors.]
Not having good recovery procedure when the Can't Happen Does
Happen... [Can your mother find her data.dat file?]
I wonder if the server farm has both geographic and network diversity.
(There was a Jan 2001 failure of all Microsoft nameservice; then, they were
in one place, on one segment.)
I also worry about what happens if somehow, sometime, the MS database gets
trashed, and it decides ALL copies of XP/VISTA/Win2009/whatever are
pirated. So when every machine does its obligatory check-in, and gets
castrated...
[Will Debian be VERY popular overnight?]
[This looks like a RISKS story — not to mention being a reminder of how quaintly peaceful a place Tokyo is that allows them to treat this as news.] Subway train passes station after line switched to wrong track A subway train was forced to pass a station it was supposed to stop at on Monday evening because the line was switched to a track exclusively for trains passing the station, the subway operator said. At about 6:40 p.m., the driver of a local train on the Tokyo Metro Tozai Line slowed down his train to stop at Baraki-Nakayama Station in Funabashi, Chiba Prefecture, but noticed the train had gone onto the passing track, Tokyo Metro officials said. The train was forced to continue on to the following Nishi-Funabashi Station. About 840 passengers were aboard the train but the incident did not cause major confusion. Tokyo Metro officials pointed to the possibility that a computerized system controlling the line's railway switches had developed trouble. (Mainichi) 21 Aug 2007 http://mdn.mainichi-msn.co.jp/national/news/20070821p2a00m0na003000c.html
When the Boston Massachusetts Bay Transportation Authority updated its software to shut off about 13,000 lost, stolen, or expired cards, it also detected and disabled an unknown number of monthly passes that had been automatically reloaded without payment for up to the past seven months. [Source: Ryan Haggerty, Glitch allowed free rides with T passes; Audit to check scope of flaw; firm blamed, *The Boston Globe*, 23 Aug 2007; PGN-ed] http://www.boston.com/news/local/articles/2007/08/23/glitch_allowed_free_rides_with_t_passes/
For two days beginning on 16 Aug 2007, Skype's peer-to-peer network was
critically unstable. This evidently resulted after Skype users all around
the world rebooted their systems subsequent to getting a set of Microsoft
patches via Windows Update. The flood of attempted Skype logins together
with a lack of adequate Skype network resources at that time prompted a
chain reaction. Although this had never happened before, it revealed a flaw
in Skype's self-healing mechanism — which has now been fixed through
retuning of the algorithms. This apparently had nothing to do with any
particular MS patches. (Skype has something like 200 million users in
total, although only 5 or 6 million are generally online at once. The peak
usage reported was 9 million in January 2007.)
[Thanks to Lauren Weinstein for pointing out the Skype source with
commentary by Villu Arak, 20 Aug 2007 and clarification on 21 Aug:
http://heartbeat.skype.com,
The site also includes current Skype status along with a note yesterday on
a presumably temporary problem that involves payments using either of two
banks in Estonia. PGN-ed]
It is funny to see all the articles in Telecom magazines and blogs about how Skype is unreliable as proven by last week's outage. These people seem to forget that the vaunted PSTN has had many such outages. I posted here in RISKS back in 1993 about a Pacific Bell DACS software upgrade that went bad and knocked out most of Orange County, California for a day. How often has the PSTN been killed by radio contests and natural disasters? Any large scale system can and will suffered from such problems as it is growing. This is nothing new to most RISKS readers.
In the Welsh country borough known as Vale of Glamorgan, there have been several instances of foreign truck drivers following routings given by satellite navigation and apparently unable to understand signs reading "Unsuitable for heavy goods vehicles - Anaddas i gerbydau nwyddau trwm". They are now experimenting with a pictographic sign instead — showing a truck with a red slash through it, and a satellite overhead. To me this sign looks if heavy trucks whose drivers don't use satnav are now welcome... http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2007/08/28/nsatnav128.xml http://icwales.icnetwork.co.uk/0100news/0200wales/tm_headline=signs-to-warn-of-satnav-dangers&method=full&objectid=19695744&siteid=50082-name_page.html Mark Brader, Toronto, msb@vex.net
The Saskatchewan Party is outraged that as the words Privatization of the Crowns fades out in one part of the ad, the letters P,O, R, and N stay up a split second longer than the rest. http://www.ctv.ca/servlet/ArticleNews/print/CTVNews/20070828/sask_ad_070828/20070828/?hub=Politics&subhub=PrintStory
Thousands of names, phone numbers, and e-mail addresses stored by the Internet job-search site Monster.com have been stolen as part of a complex online fraud scheme. Symantec Corp., a security company, disclosed the breach over the weekend after one of its researchers found that a server computer in Ukraine held 1.6 million records stolen from Monster, a New York company whose US operations are based in Maynard. [Source: Hiawatha Bray, *The Boston Globe*, 22 Aug 2007: PGN-ed] http://www.boston.com/business/globe/articles/2007/08/22/data_thieves_hit_monstercom_site/
http://lauren.vortex.com/archive/000279.html
I frequently make the assertion that it's impossible to successfully censor
the Internet by trying to remove materials that have already been posted
publicly after they've attracted attention. What's published is published,
what's done is done. The genie won't just refuse to go back into the
bottle, he'll stick his tongue out at you as well — or worse.
You may recall the international brouhaha a couple of weeks ago over the
Navy pulling from YouTube all copies of an (originally relatively obscure --
now infamous) amateur music video posted by a user named "PUMPIT01" and
produced on the aircraft carrier Ronald Reagan (CVN76), as described in
http://tinyurl.com/2tuzdz and many other stories.
The video in question ("Women of CVN76") has been variously described as
being removed due to security violations (brief shots of utterly innocuous
reactor-related areas), "inappropriate use of safety equipment," and other
explanations.
The real reason for the Navy's "reaction" is clearly just plain old ordinary
embarrassment, especially since the ship's CO has a cameo role in the
amusing production.
But my point here isn't to post a video review, but rather to emphasize that
for all the noise about deleting the video, it of course remains easily
available with but a minimum amount of effort.
You may feel that the inability to effectively "recall" posted materials is
a blow for freedom, or to the contrary an information control disaster. But
either way, it's a fact — a reality that we can't escape. And perhaps the
sooner we come to terms with this truth, the less time we'll be wasting at
shadow boxing with useless Internet censorship attempts. There are far
better ways that we can be spending our time.
Excuse me? Oh, where's the video? Like I said, finding a copy is actually
quite simple.
Example: For the sake of the argument, let's say that you did a Google
Search right now for the straightforward query of:
cvn-76 women pumpit01 "click here"
No magic words. No secret codes. Just pretty obvious stuff from the news
stories about the video, plus a little common search sense. And while any
given search results are often fairly ephemeral, and any particular copy of
material found at any given time may still be removed, well, the Internet is
a big place, and the Lords of Censorship remain essentially impotent, for
better or worse, indeed.
Lauren Weinstein +1 (818) 225-2800 http://www.pfir.org/lauren lauren@vortex.com
The 50 residents of the Chinese village Tianmeidong decided to change its name to one that would bring it better luck: Tianwei plus a third character that is rare enough that computers could not represent it. Even the Nanguo newspaper was forced to describe that character in its article because its computer could not write it. As a result, anything that involves the government is blocked, such as registering a marriage or the sale of property. [AP item, 21 Aug 2007, PGN-ed] http://www.guardian.co.uk/worldlatest/story/0,,-6865184,00.html Good luck with that character set!
A 17-year-old New Jersey resident has published instructions on how to unlock Apple's iPhone so it will work on some competing cellular networks. [Source: Brad Stone, *The New York Times*, 25 Aug 2007] http://www.nytimes.com/2007/08/25/technology/25iphone.html?th&emc=th
An explosion in calls from cellular phones has overwhelmed critical parts of California's 911 system, resulting in hundreds of thousands of lost calls and lengthy waits to reach dispatchers even as crimes or potentially deadly emergencies unfold. Wireless 911 calls statewide have jumped roughly tenfold since 1990, to more than 8 million last year. Cell calls now make up the majority of all 911 calls, and key emergency agencies are struggling to adapt. The problems are aggravated by call surges — such as when multiple motorists call in about the same accident — staffing shortages at 911 dispatch centers, and technological hurdles. Cell calls are more easily interrupted or lost and take longer to handle, officials say, reducing the number of calls each dispatcher can field. [Source: Robert J. Lopez and Rich Connell, Users are experiencing lost calls and lengthy waits; Officials say it's better to summon help on a land line. *Los Angeles Times*, 20 Aug 2007; PGN-ed] http://www.latimes.com/news/local/la-me-911cell26aug26,0,3741158.story?page=1&coll=la-home-center rich.connell@latimes.com and robert.lopez@latimes.com
Lauren Weinstein's Blog Update:
Cable Industry Responds Regarding HD TiVo Incompatibilities
August 25, 2007
http://lauren.vortex.com/archive/000275.html
[...] a few days ago I reviewed the situation concerning incompatibilities
between the new High Definition TiVo ("TiVo HD") and the Switched Digital
Video (SDV) systems being rapidly deployed by cable systems.
http://lauren.vortex.com/archive/000273.html
That was last Wednesday. The following day, that blog item appeared on
Slashdot http://www.slashdot.org and was as a result very widely referenced
and discussed. So much for Thursday.
Now comes word that the next day (yesterday), the cable industry trade
association (NCTA - National Cable & Telecommunications Association)
http://ibc.broadcastnewsroom.com/articles/viewarticle.jsp?id=175784
made a filing with the FCC offering to develop a workaround for the problem.
As might be expected, NCTA is continuing to push the "OpenCable Application
Platform" (OCAP) system that the Consumer Electronics Association has found
to be unacceptable.
However, NCTA reportedly says in their new FCC filing that they are now
willing to develop a "tuning resolver" to work around the problem for
existing devices like the new TiVo. This device would be a USB "dongle" to
handle SDV tuning (the second of the probable options that I mentioned in my
original blog item, as it happens).
While this is obviously a welcome development, two obvious questions are
"When?" and "How much will it cost?"
Obviously cost is important. And if the device takes too long to appear,
the associated host devices might already be obsolete!
Still, a busy three days, and no doubt the timing of the NCTA filing vs. all
of the Slashdot attention to the issue was just an amusing coincidence.
Ohio's method of conducting elections with ES&S electronic voting machines appears to have created a true privacy nightmare for state residents: revealing who voted for which candidates. Time-stamped paper trails permit the reconstruction of an election's results — allowing voter names to be matched to their actual votes. [Source: Declan McCullagh, CNET News.com, 20 Aug 2007; PGN-ed from an interesting long article.] http://news.com.com/E-voting+predicament+Not-so-secret+ballots/2100-1014_3-6203323.html
The IEEE has a blog called "The Risk Factor" with the by-line "Software failures and successes dissected daily". Don't remember seeing it mentioned in RISKS, so I thought people might be interested: http://blogs.spectrum.ieee.org/riskfactor/
When two similar protocols interoperate, the results can be drastic and at
other times humorous; fortunately, this falls into the latter category:
http://support.microsoft.com/kb/276304
Looks like the response from the Kerberos server got mis-parsed by AD:
If you log on to an MIT realm, press CTRL+ALT+DELETE, click Change
Password, type your existing MIT password, and then type a new, simple
password that does not pass the dictionary check in Kadmind, you may
receive the following error message:
Your password must be at least 18770 characters and cannot repeat any of
your previous 30689 passwords. Please type a different password. Type a
password that meets these requirements in both text boxes. Note that
the number of required characters changes from 17,145 to 18,770 with the
installation of SP1.
NOTE: This is not a common case; it occurs only when you configure Windows
2000 to authenticate against an MIT Kerberos domain.
Lauren Weinstein's Blog Update: More Wikipedia "Gotcha" Silliness
August 18, 2007
http://lauren.vortex.com/archive/000270.html
My concerns regarding the Wikipedia operational model are fairly well known,
e.g., "Wikipedia and Responsibility"
http://lauren.vortex.com/archive/000257.html
So it was with considerable interest that I've noted the controversy
regarding a 24-year-old self-described "disruptive technologist," and his
tool to more easily track the origin of Wikipedia changes (*The New York
Times*, "Lifting Corporate Fingerprints From the Editing of Wikipedia").
http://www.nytimes.com/2007/08/19/technology/19wikipedia.html
But even the title of that article tends to belie the underlying nature of a
real problem — the lack of accountability for most of what's written or
edited in Wikipedia. The "Corporate Fingerprints" bit is cute — but what
about all of the other fingerprints smeared through virtually every byte of
the Wikipedia database?
Apparently it's one thing to snicker about corporate folks who want to
correct what they perceive as errors (or, indeed, put their own positive
spin on "the facts.") But there seems to be little interest in figuring out
who purposely defaces pages, plants false or defaming information in the
first place, or for that matter is responsible for the more mundane,
probably factual minutiae, even just for the sake of establishing
authenticity or expertise.
Wikipedia seems to be turning into a gigantic "gotcha" machine --
increasingly contaminated like a chunk of "Silly Putty" that's been used
once too often to pick up comic strip images.
The single best thing that Wikipedia could do to lend itself genuine
credibility would be to require that contributers identify themselves — by
name, not by handles or childish aliases. Or, as an alternative, at the
very least clearly indicate "in-line" when unauthenticated text dominates an
entry.
Ironically, our disruptive technologist's tracing mechanism will probably
have ever less value moving forward from today. While it will continue to
be useful for retrospective analysis up to this point in time, we can be
sure that more and more of the primarily targeted corporate Wikipedia
editors will learn their lesson.
That lesson being, if you're going to edit your entry on Wikipedia, be sure
to do it through a proxy or generic ISP account, not through your corporate
network.
So moving forward, we'll probably have even less meaningful transparency
concerning Wikipedia changes, and that Silly Putty Syndrome will likely
continue to escalate.
Given what Wikipedia could aspire to be, that's really a shame.
[Source: Ross Kerber, *The Boston Globe*, 21 Aug 2007; PGN-ed] Authorities have arrested Maksym Yastremskiy, a Ukrainian man, whom they suspect played a key role in the sale of many credit card numbers stolen from TJX Cos., in what is considered the biggest corporate data breach to date. "Prices ranged from $20 to $100 per stolen card, and the cards were sold in batches of up to 10,000, depending on factors like the credit limits of the consumer accounts being traded." http://www.boston.com/business/personalfinance/articles/2007/08/21/suspect_named_in_tjx_credit_card_probe/
One of the risks of replacing frequent leap-seconds and thus the frequent need to handle them with infrequent leap-hours is that handling them becomes an unusual task. We're never as good with unusual tasks as we are with the usual tasks. Practice makes perfect! With the requirement to add a leap second every few years systems have to be designed to handle them as part of their normal operation. If we have to add a leap hour every 100 years or so, we'll have Y2K date problems every time. The same old excuses will be rolled out : We never expected this system to have to handle leap hours when we built it. Since leap seconds come around every few years any system that is to keep accurate time has to deal with them head on as part of the basic design. Guy Dawson, I.T. Manager, Crossflight Ltd guy@crossflight.co.uk
This story is hilarious: The opening paragraph: "A Linux user who was jailed for uploading a film onto a peer-to-peer service has been told he will have to switch to Windows if he wants to use a computer again." It seems that the monitoring software he is now required to have does not run under Linux. Also amusing is the closing remark about being *given* two felonies. http://news.com.com/Linux+felon+forced+to+install+Windows/2100-1030_3-6204348.html?tag=nefd.pulse
But wasn't the only issue the *display* of the underlying data? From the linked post, "copying and pasting what looks to be '0123456989' into a text editor will still give '0123456789'". [Typo in original linked post corrected. PGN] From that I'd assume that internal calculations would still be correct and that only the displaying of results would be corrupt. It is still a problem, no doubt, but at least it wasn't as bad as it could have been. Mike Hogsett
BKSECMTR.RVW 20070612 "Security Metrics", Andrew Jaquith, 2007, 0-321-34998-9, U$49.99/C$61.99 %A Andrew Jaquith %C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8 %D 2007 %G 0-321-34998-9 978-0-321-34998-9 %I Addison-Wesley Publishing Co. %O U$49.99/C$61.99 fax: 416-443-0948 800-822-6339 bkexpress@aw.com %O http://www.amazon.com/exec/obidos/ASIN/0321349989/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/0321349989/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/0321349989/robsladesin03-20 %O Audience i- Tech 1 Writing 1 (see revfaq.htm for explanation) %P 306 p. %T "Security Metrics: Replacing Fear, Uncertainty, and Doubt" In the Foreword, Dan Geer states that the book is not about selling the idea of metrics. Which makes the initial chapters a bit problematic: if they aren't about selling the idea of metrics, what are they about? Chapter one is supposed to be an introduction, but seems primarily focused on the idea that metrics are not about risk management. (There is also an assertion that proper metrics are "well understood across industries, and consistently measured," which is interesting because much of what follows appears to contradict this statement.) The definition of security metrics, in chapter two, addresses metrics from fields other than security, and emphasizes the position that metrics are important (and that the current "metrics," such as checklist frameworks and annualized loss expectancy, are inadequate). Chapter three divides metrics into four general areas, dealing with perimeter security, control, availability, and applications development. Brief examples of collections of metrics related to these fields are given in the text, although the lists can't be expected to be comprehensive, due to the huge scope of security as a whole. The second of these topics, control, is probably the subject of chapter four, although it is entitled "Measuring Program Effectiveness." Basic concepts from statistics, such as the difference between mean (average) and median (midpoint of a set of elements), are presented in chapter five. Chapter six talks about demonstrating data in a visual manner. Most of the material consists of suggestions for graphics and examples are given "redrawing" the displays of commercial programs. Aspects of automating the calculations of security metrics are outlined in chapter seven. In chapter eight, Jaquith recommends the use of a security scorecard based on the Balanced Scorecard management assessment model. Security can be difficult to define, let alone measure, and, in general, too little attention is paid to numeric assessments that can assist in determining how well we are performing at the task. This book does go somewhat beyond a mere exhortation to create and use metrics for security, but it still leaves an awful lot of work for the practitioner or manager. copyright Robert M. Slade, 2007 BKSECMTR.RVW 20070612 rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org http://victoria.tc.ca/techrev/rms.htm [The need for incisive security metrics has been with us for a long time. On the other hand, the metrics that have emerged tend to be local rather than system-wide, and these local metrics are not easily composed into system-wide metrics. Even the metrics for algorithmic crypto strength are relatively unsatisfying when the crypto is poorly implemented or embedded in systems that are easily compromised — whether by insiders or outsiders. Thus, the quest for meaningful system-level security metrics that can be derived from lower-layer metrics remains an enormously difficult challenge. PGN]
Please report problems with the web pages to the maintainer