The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 25 Issue 83

Friday 6 November 2009

Contents

"Jimmy Carter era" computer causes traffic jams
Jeremy Epstein
Central Traffic unControl === gridlock
David Lesher
Washington Metro system communications depend on single data center
Jon Eisenberg
T-Mobile suffers major outage: nationwide or nearly so
Lauren Weinstein
File share leaks data on US Congress members under investigation
Jeremy Epstein
PGN
Fugitive caught via Facebook updates
Mark Brader
Facebook 'Suggests Contacting Dead Friends'
Matthew Kruk
Massive Gene Database Planned in California
David Talbot via Jim Schindler
Drivers ticketed for not speaking English - misapplication of UI
Frank Jimenez
Privacy of health care info & health insurers
Henry Baker
Spam forged from .gov and .mil
PGN
AMEX sends USB trojan keyboards in ads
David Lesher
Risks of Using Encryption
Roger Grimes via Gene Wirchenko
'Robot' computer to mark English essays
Polly Curtis via Randall
Is Net Neutrality a Communist Plot? "Declassified DoD Film"
Lauren Weinstein
Speaking of cable modem insecurity
Danny Burstein
Re: Toyota uncontrolled acceleration
Anton Ertl
Matt Roberds
Re: Danger and Paris Hilton
Peter Houppermans
Info on RISKS (comp.risks)

"Jimmy Carter era" computer causes traffic jams

Jeremy Epstein <jeremy.j.epstein@gmail.com>
Thu, 5 Nov 2009 06:44:46 -0500

4 Nov 2009.  A "Jimmy Carter era" computer that controls traffic light
timing in Montgomery County, Maryland (suburban Washington DC) failed, which
meant that traffic lights throughout the county stopped being timed properly
(i.e., to allow more green southbound in the mornings and northbound in the
evenings).  Setting 750 traffic lights by hand each morning and evening is
ineffective.

I don't know what the article means by a Jimmy Carter era computer (other
than presumably something purchased in the late 1970s), but it's fair to say
that finding replacement parts for whatever went wrong isn't easy.  And for
those young'uns on the list, computers in that era weren't a single chip or
a single board - the CPU alone probably fills several 6' (1.8 meter) tall
cabinets, with discrete components and wires.  Troubleshooting requires lots
of training and intuition, not something you can pick up from a book...

The computer had been scheduled for replacement.  Hopefully not by a Windows
box that decides to reboot itself at inconvenient times....

The RISK, I'm guessing, is of being so reliant on a piece of hardware that
can't be readily repaired (with no backup).

http://www.washingtonpost.com/wp-dyn/content/article/2009/11/04/AR2009110402413.html


Central Traffic unControl === gridlock

"David Lesher" <wb8foz@panix.com>
Thu, 5 Nov 2009 15:40:25 -0500 (EST)

Montgomery County MD, north of DC, has an extensive network of traffic
controls including cameras on hundreds to thousands of traffic
signals. (Those cameras are allegedly for motion sensing only but I have no
proof of that; mission creep seems obvious...)

They have their own fiber backbone to interconnect all this with one central
computer.  It failed, and thus far they have not been able to restart it. As
a result, the signals have all reverted to autonomous local operation, and
traffic is a major mess. [This is a region where normal rush hours runs from
0530-0930, and 1500-1900...]

RISK:

While they HAVE fallback control; [bravo..] here it is not all that is
needed.  Gridlock for several days will not win any votes.

Traffic signals disrupted, creating chaos in Montgomery - washingtonpost.com
http://www.washingtonpost.com/wp-dyn/content/article/2009/11/04/AR2009110402413.html


Washington Metro system communications depend on single data center

"Jon Eisenberg" <JEisenbe@nas.edu>
Wed, 4 Nov 2009 08:55:42 -0500
  -- power failure causes multiple problems

http://www.washingtonpost.com/wp-dyn/content/article/2009/11/04/AR2009110401104.html?hpid=newswell


Jon Eisenberg, Director, Computer Science and Telecommunications Board,
The National Academies


T-Mobile suffers major outage: nationwide or nearly so?

Lauren Weinstein <lauren@vortex.com>
Tue, 3 Nov 2009 17:23:42 -0800

NNSquad - Network Neutrality Squad <nnsquad.nnsquad.org>

T-Mobile suffered a major outage today.  The exact scale is still unclear,
but clearly various areas around the U.S. were affected, including voice,
data, and SMS.  Service currently appears to be completely up here in my
area of L.A., though I haven't tried to use T-M in several hours and could
have missed any outage (Update: user reports on the T-M discussion forum do
indicate that L.A. was down at some point -- for up to four hours).

Anecdotal reports suggest that service has been restored in some areas but
not necessarily for all of voice/data/SMS, and that in some areas voice
calls were disrupted but 3G data continued working throughout the outage.

Obviously some failure of their backbone network and/or authentication
services.  More to come.


One other point for now.  AP is reporting that they were unable to reach the
cell phones of various T-Mobile media spokespersons, because calls to those
cell phones couldn't complete ... due to the T-Mobile outage itself.

A lesson re network diversity, it seems.


File share leaks data on US Congress members under investigation

Jeremy Epstein <jeremy.j.epstein@gmail.com>
Fri, 30 Oct 2009 13:54:08 -0400

The Washington Post's Oct 30 lead article notes that "more than 30 lawmakers
and several aides" are under investigation for various possible misdeeds
associated with "defense lobbying and corporate influence peddling".

What's technology relevant is that the information leaked because a report
was (presumably accidentally) placed on an unprotected computer (not clear
whether it was a web site, a file share, or something else).  No word on
whether the problem was a misconfiguration (i.e., mis-set file permissions,
whether accidentally or intentionally) or due to a bug in software that
allowed bypassing protections.

No indication that the data was encrypted... perhaps this is an opportunity
for Congress to learn the need for more usable security systems, including
encryption, to reduce the RISK of accidental sharing?

http://www.washingtonpost.com/wp-dyn/content/article/2009/10/29/AR2009102904597.html?hpid=topnews


Re: File share leaks data on US Congress members under investigation

"Peter G. Neumann" <neumann@csl.sri.com>
Fri, 30 Oct 2009 13:44:58 PDT

Congressional investigation kimono opened?  Some not-so-senior Congressional
employee working from home with peer-to-peer file sharing software
apparently blew the security on the ongoing internal congressional
investigations.

http://www.comcast.net/articles/news-politics/20091030/US.Congress.Leaked.Ethics.Report/


Fugitive caught via Facebook updates

Mark Brader
Sat, 24 Oct 2009 16:04:04 -0400 (EDT)

Maxi Sopo was living in Cancun, and allegedly living high on the proceeds of
bank fraud in the US.  He maintained a Facebook entry under his own name.
His status was public, but his profile was only accessible to his Facebook
"friends" -- but one of them was a former US Department of Justice official.

Story at:
http://news.bbc.co.uk/2/hi/americas/8306032.stm
http://www.guardian.co.uk/technology/2009/oct/14/mexico-fugitive-facebook-arrest

Commentary and discussion at:
http://www.schneier.com/blog/archives/2009/10/helpful_hint_fo.html


Facebook 'Suggests Contacting Dead Friends'

"Matthew Kruk" <mkrukg@gmail.com>
Mon, 26 Oct 2009 11:28:49 -0600

http://news.sky.com/skynews/Home/Technology/Facebook-Changes-Upset-Users-Reconnect-Feature-Suggests-Dead-Friends/Article/200910415417724

Facebook 'Suggests Contacting Dead Friends'
12:51pm UK, Monday October 26, 2009

Ruth Barnett, Sky News Online

Facebook's latest revamp has upset some members by recommending they get in
touch with friends who have died.  The social networking site, which is used
by 300 million people worldwide, made the controversial changes at the
weekend.

One of the most prominent additions is an automatically-generated box
suggesting the user "reconnect" with a specific person they have not
contacted for a while.  But within hours, dozens of users reported feeling
distressed when the new feature told them to get in touch with someone
deceased.

More than 900,000 have reacted against the changes by joining a group
calling for the site to go "back to normal".  "Facebook just suggested that
I reconnect with someone who passed away two years ago. That's messed up,"
one person wrote on Twitter.  Another user, Emma, 27, was confronted by the
image of a deceased friend when she logged into the site at the weekend.
"Like many of his friends I haven't deleted his profile as that would feel
weird. I'm sure thousands of Facebook users are in the same position," she
told Sky News Online.  "When someone dies there doesn't seem to be much you
can do about their profile.  It would be nice to keep it as a memorial but
there is no way of acknowledging what has happened to that person.  "There
should be a way of recognising this on their profile or Facebook should
remove the feature altogether to avoid causing offence."

Facebook does offer a "memorialisation" option and invite users to alert them to
a death but it is not widely known or publicised.

The glitch reveals the "insensitivity of the algorithm," according to
Mashable blogger Pete Cashmore. He also found examples of the site
suggesting ex husbands and wives.  "Facebook is investigating the
situation," a spokeswoman for the site told Sky News Online.


Massive Gene Database Planned in California (David Talbot)

Jim Schindler <jimschin@gmail.com>
Tue, 20 Oct 2009 21:30:00 -0800

David Talbot, Massive Gene Database Planned in California; The data will be
compared against electronic health records and patients' personal
information.   *Technology Review*, 21 Oct 2009
www.technologyreview.com/biomedicine/23777/?nlid=2446

Plans for genetic analyses of 100,000 older Californians--the first time
genetic data will be generated for such a large and diverse group--will
accelerate research into environmental and genetic causes of disease,
researchers say.

"This is a force multiplier with respect to genome-wide association
studies," says Cathy Schaefer, a research executive at Kaiser Permanente
<http://www.kaiserpermanente.org/>, a health-care provider based in Oakland,
CA, whose patients will be involved. Researchers will be able to study the
data and seek insights into the interplay between genes, the environment,
and disease, thanks to access to detailed electronic health records, patient
surveys, and even records of environmental conditions where the patients
live and work.  "The importance of this project is that it will, almost
overnight--well, in two years--produce a very large amount of genetic and
phenotypic data that a large number of investigators and scientists can
begin asking questions of, rather than having to gather data first,"
Schaefer says.

The effort will make use of existing saliva samples taken from California
patients, whose average age is 65. Their DNA will be analyzed for 700,000
genetic variations called single-nucleotide polymorphisms, or SNPs, using
array analysis technology from Affymetrix in Santa Clara, CA. Through the
National Institutes of Health (NIH), the resulting information will be
available to other researchers, along with a trove of patient data including
patients' Kaiser Permanente electronic health records, information about the
air and water quality in their neighborhoods, and surveys about their
lifestyles.

The result will be the largest genetic health research platform of its kind,
says Schaefer, who directs Kaiser Permanente's research program on genes,
the environment, and health.  The study is being undertaken together with
the University of California, San Francisco (UCSF), with a $25 million,
two-year NIH grant that tapped federal stimulus funds allocated earlier this
year.

The potential for study is nearly limitless. Researchers will likely seek
the genetic influences that determine why some people suffering from, say,
cardiovascular disease and type 2 diabetes deteriorate more rapidly than
others; and tease out which genetic factors reduce the effectiveness of
various drugs or, indeed, make them hazardous, Schaefer says. As doctors
obtain more such insights, this will allow them to tailor drug regimens and
focus resources on higher-risk patients.

Given the high average age of the group, the platform will also be a boon
to studying diseases of aging. "One might want to ask," Schaefer says, "what
are the genetic influences on changes in blood pressure as people age, and
how are those changes in blood pressure related to diseases of aging, like
stroke and Alzheimer's and other cardiovascular diseases?"


Drivers ticketed for not speaking English - misapplication of UI

"Frank Jimenez (franjime)" <franjime@cisco.com>
Sat, 24 Oct 2009 09:20:10 -0700

Apparently, in the USA, there is a Federal Law requiring holders of
commercial driving licenses to speak English.  However, the user interface
for citations in the Dallas Police Department also made this option
available when citing drivers of private vehicles.  Recently, a particular
case was publicized in the local media, and it was later discovered that 38
tickets had been issued improperly to non-commercial drivers.  The risk here
is the ability to choose an option from a drop-down box that doesn't
actually apply to a particular law enforcement situation.

More details here:
http://www.nbcdfw.com/news/local-beat/Dallas-Cop-Cites-Driver-for-Not-Speaking-English-65793662.html


Privacy of health care info & health insurers

Henry Baker <hbaker1@pipeline.com>
Thu, 29 Oct 2009 13:02:24 -0700

Since Congress & various states passed laws to protect our health info from
being sold to drug companies, we thought our mail boxes would be safe from
spam advertisements targeted to us on the basis of our health information.

Apparently we were wrong.

The drug companies are now paying our health insurers to send out
advertisements for their drugs to us on the basis of our health insurance
information.

I recently received an advertisement from my insurance company for a
shingles drug which costs a bundle just for the copay.

In the letter accompanying this advertisement:

  "The development and distribution of these materials is supported by Merck
  & Co., Inc."

The letter included a phone number to be dropped from the distribution of
these advertisements.

I think that this letter indicates whose pocket "our" health insurer is in,
and it isn't ours, the customer/taxpayer.


Spam forged from .gov and .mil

"Peter G. Neumann" <neumann@csl.sri.com>
Tue, 27 Oct 2009 13:56:12 PDT

Recent "FDIC" spam messages were forged to appear to be sent from fdic.gov.
In the past, spammers have steered clear of forging their messages from
".gov" and ".mil" addresses due to the associated legal consequences if they
were caught and prosecuted.  As a result, SRI is now spam-filtering .gov and
.mil.  [PGN-ed from an SRI facilities message.]


AMEX sends USB trojan keyboards in ads

David Lesher <wb8foz@panix.com>
Tue, 27 Oct 2009 01:14:59 -0400

A fellow user group member reported getting a USB-fob from American Express.
When he plugged in to a port, it attempted to send his xterm command line to
<HTTP://VCGW.NET/..../.....> {the dots were hex digits, it appears.... [and
PGN changed x to dot to avoid filtering]} but didn't succeed.  [It may be
Windows and Mac compatible, but not Linux...]

That address redirects to an Amex URL: <https://www201.americanexpress.com/>

It identified itself on the USB chain as:

  Bus 003 Device 003: ID 05ac:020b Apple, Inc. Pro Keyboard
  [Mitsumi, A1048/US layout]

Since it's clearly NOT an Apple Pro Keyboard; one wonders why the
manufacturer <http://www.ikyp.com> chose that false identity. The masquerade
as a keyboard might also have been to penetrate those machines that do not
blindly mount USB storage devices.

Risks:

While we now look for incoming malware on the TCP/IP connections, clearly we
need to similarly monitor the other ports as well; you can do just as much
damage (or more) with a insider keyboard attack, given some social
engineering. Is the power line next?

[I'm somewhat reminded of the DOS era story of a voice recognition product
demo where someone in the audience yelled "FORMAT C:" and "YES"....]

This is tangential:
<http://www.digitalsociety.org/2009/08/apple-keyboards-hacked-and-possessed/>


Risks of Using Encryption (Roger Grimes)

Gene Wirchenko <genew@ocis.net>
Fri, 23 Oct 2009 14:49:32 -0700

Roger Grimes had an interesting column on security recently:
http://www.infoworld.com/d/security-central/dont-trust-public-pc-your-digital-identity-126?source=IFWNLE_nlt_daily_2009-10-23

Excerpt of particular interest:

  "Similarly, I need the recipient's public key so that I can send him or
  her encrypted content. We should never share private keys. That's why they
  are called private. Pretty simple -- or so you would think.  More often
  than not, if the person isn't overly familiar with PGP/SMIME, even if
  they've been using it, they send me their private key.

  Being the good citizen that I am, I delete their private key and ask again
  for their public key, explaining that with their private key, I could be
  them, for all digital purposes. About half the newly educated group then
  sends back my public key back or, if they're using PGP, their private key
  ring, which contains all their private keys. You might think that I'm
  making this stuff up, but it's pretty much been this way with PKI and PGP
  exchanges since they were invented. PGP's own Phil Zimmerman has often
  written on this subject."


'Robot' computer to mark English essays (Polly Curtis)

Randall Webmail <rvh40@insightbb.com>
October 23, 2009 11:04:18 EDT

  [From Dave Farber's IP, johnmac, ...]

[I guess it's not so different from using grad students: autograding.  RVH]

'Robot' computer to mark English essays
Exam board denies system will be extended to GCSEs
Union fears 'a disaster waiting to happen'

The owner of one of England's three major exam boards is to introduce
artificial intelligence-based automated marking of English exam essays in
the UK from next month.  Pearson, the American-based parent company of
Edexcel, is to use computers to "read" and assess essays for international
English tests in a move that has fueled speculation that GCSEs and A-levels
will be next.  All three exam boards are now investing heavily in
e-assessment but none has yet perfected a form of marking essays using
computers -- or "robots" -- that it is willing to use in mainstream
exams. Academics and leaders in the teaching profession said that using
machines to mark papers would create a "disaster waiting to happen".
[Source: Polly Curtis, *The Guardian*, 25 Sep 2009; PGN-ed]

  [IP Archives: https://www.listbox.com/member/archive/247/=now]


Is Net Neutrality a Communist Plot? "Declassified DoD Film"

Lauren Weinstein <lauren@vortex.com>
Tue, 27 Oct 2009 14:18:39 -0700

     Is Net Neutrality a Communist Plot? ("Declassified DoD Film")
             http://lauren.vortex.com/archive/000627.html

Greetings.  As a strong supporter of Net Neutrality
(http://lauren.vortex.com/archive/000625.html), I've been increasingly
concerned by recent accusations from some anti-neutrality forces and media
commentators, who claim that Net Neutrality is actually an insidious and
dangerous "communist plot" that must be destroyed at all costs.

Such a characterization has seemed utterly ridiculous to me, and hopefully
also to most other reasonable observers.

However, a friend of mine working at a certain "Three-Initial Agency" (that
must remain unnamed) recently uncovered a long-lost U.S.  government film
that appears to shed unexpected light on accusations of a linkage between
communist/Marxist ideologies and Net Neutrality.

He managed to get the short film (only a few minutes long) rapidly
declassified and shipped it out to me.  I've now digitized the 16mm print
and brought it online.

The complete film (with associated very brief explanatory text, etc.  that
I've included) can be viewed at the YouTube link:

   Is Net Neutrality a Communist Plot?
   http://www.youtube.com/watch?v=4fCLFKlYW3c

I must admit, the film certainly had an impact on me!

Lauren Weinstein +1 (818) 225-2800 http://www.pfir.org/lauren
Co-Founder, PFIR http://www.pfir.org and NNSquad http://www.nnsquad.org
GCTIP Global Coalition for Transparent Internet Performance http://www.gctip.org
PRIVACY Forum - http://www.vortex.com Lauren's Blog: http://lauren.vortex.com


Speaking of cable modem insecurity

danny burstein <dannyb@panix.com>
Fri, 23 Oct 2009 02:08:04 -0400 (EDT)

Chen, founder of a software startup called Pip.io, said he was trying to
help a friend change the settings on his cable modem and discovered that
Time Warner had hidden administrative functions from its customers with
Javascript code. By simply disabling Javascript in his browser, he was able
to see those functions, which included a tool to dump the router's
configuration file.

That file, it turned out, included the administrative login and password in
cleartext. Chen investigated and found the same login and password could
access the admin panels for every router in the SMC8014 series on Time
Warner's network - a grave vulnerability, given that the routers also expose
their web interfaces to the public-facing Internet.

All of this means that a hacker who wanted to target a specific router and
change its settings could access a customer's admin panel from anywhere on
the net through a web browser, log in with the master password, and then
start tinkering. Among the possibilities, the intruder could alter the
router's DNS settings - for example, to redirect the customer's browser to
malicious websites - or change the Wi-Fi settings to open the user's home
network to the neighbors.


Re: Toyota uncontrolled acceleration (Lesher, Risks 25.82)

Anton Ertl
Sun, 25 Oct 2009 19:59:04 GMT

Motorcycles in Austria and Germany (and maybe other places) are equipped
with kill switches that can be easily reached, in addition to having an
ignition key.  Given the number of incidents with runaway cars one reads
about, maybe that should be a required feature of cars, too (even with a
traditional ignition key, there is the risk of activating the steering lock
when shutting off the engine with it).

On one of my first rides with my motorcycle, the engine tried to run away
(probably a mechanical thing, few or no computers on that 1986 motorcycle)
which created a few moments of horror, but then I pulled the clutch and
activated the kill switch, and had everything under control.

M. Anton Ertl http://www.complang.tuwien.ac.at/anton/home.html


Re: Toyota uncontrolled acceleration (David Lesher, RISKS-25.82)

Matt Roberds <mroberds@att.net>
Mon, 26 Oct 2009 22:50:50 -0500 (CDT)

The brake performance of new cars sold in the US since about 2000 is
regulated by Federal Motor Vehicle Safety Standard 135, 49 CFR 571.135.
(Previously it was FMVSS 105.  The analogous Canadian standards are CMVSS
135 and CMVSS 105.)  The US standards can be navigated to from
http://www.gpoaccess.gov/ecfr/ ; a very quick read of FMVSS 135 doesn't show
any tests that are supposed to be done with the throttle open during the
test.  There *are* tests that are done with the vehicle loaded to its
maximum weight rating, both with the braking system intact and with various
failures present.

An acquaintance of mine has worked for various car manufacturers and has
described doing brake tests that seem to be in excess of the federal
requirements, such as testing a fully loaded vehicle descending a mountain
in Colorado.  To the best of my recollection, however, these were also done
with the throttle closed.

Several of the other FMVSSs touch various aspects of the user interface of a
car, including at least 101, 102, 114, and 124.  114 does cover the
possibility of using something other than a physical key, but does not
specify too much about its behavior.  This may be a case where the available
products are outpacing the regulations.


Re: Danger and Paris Hilton (Re: Risks 25.82, Danger-ous services)

Peter Houppermans <peter@houppermans.com>
Wed, 21 Oct 2009 22:34:32 +0200

* I consider it unlikely that Paris Hilton would call tech support -
  that's what you have assistants for.

* I'm amazed nobody commented on the irony of a Microsoft company asking
  people NOT to reboot :-).

Please report problems with the web pages to the maintainer

Top