Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
The recent EVT/WOTE workshop at USENIX Security featured a panel on 9 Aug 2010 [It was very lively and quite contentious. PGN!] about Indian voting machines, and related developments involving Indian law enforcement's interest in one of the Indian hackers involved. This is a story from *The Hindu Times* covering the debate and subsequent developments. [Joseph Lorenzo Hall, ACCURATE Postdoctoral Research Associate, UC Berkeley School of Information and Princeton Center for Information Technology Policy http://josephhall.org/] Narayan Lakshman, Hot debate over Electronic Voting Machines, *The Hindu Times*, 11 Aug 2010 http://www.thehindu.com/news/international/article562910.ece?homepage=true This week the debate on whether electronic voting machines (EVMs) in India are tamper-proof, reached boiling point in far-away Washington, as a representative of the Election Commission of India (ECI) and an American university professor clashed publicly over contradictory claims regarding the machines. The controversy was stoked at an industry conference on EVMs, where Alok Shukla, Deputy Election Commissioner at the ECI and Alex Halderman, Assistant Professor of electrical engineering and computer science at the University of Michigan, also put forth different accounts regarding the case of Hari Prasad, a colleague of Mr. Halderman who was alleged to have appeared on Indian television with an EVM that he procured from unnamed sources. ... Vulnerable to `dishonest display' Yet, Mr. Halderman noted that based on the experiments that he and his colleagues had undertaken, they could demonstrate that EVMs were vulnerable firstly to the so-called `dishonest display' attack whereby a microcontroller and a Bluetooth radio chip could be smuggled into the device using a genuine-looking display board. Through the use of these devices, which Mr. Halderman said he had assembled at the cost of “just a few dollars,'' the attacker could then signal which candidates should receive stolen votes via a Bluetooth smart phone. Electronic booth capture Second, Mr. Halderman alleged, the Indian EVM was also susceptible to attack through the use of an electronic clip, which attached directly to the EVM chips and could rewrite the votes stored there. Not only could the votes be changed through this “electronic form of booth capture,'' but the secrecy of election data could also be violated as the clip would allow the attacker to copy out the votes stored. Further, Mr. Halderman said that the paper, wax and string seals used to protect EVMs had been “widely discredited'' and were entirely vulnerable to tampering. “Machines [are] stored around the country in a variety of locations, from abandoned warehouses to schools, etc. [and it is] likely many of them could be accessed by criminals, especially with the aid of dishonest insiders,'' Mr. Halderman said. Substantiating these arguments, Indian pollster G.V.L. Narasimha Rao said that employees of Public Sector Undertakings and their technicians -- responsible for manufacturing the EVMs—were a “huge potential source of fraud,'' even if the ECI had ruled out any form of insider threat. Further, he said, a large number of private players were involved in election operations including manufacturers, their agents, vendors of foreign companies, government officials and so on. ...
The second day (10 Aug) of EVT/WOTE 2010 began with Jeff Burbank (author of License to Steal, Nevada's Gaming Control System in the Megaresort Age, University of Nevada Press, 2005), who gave a superb talk on insider misuse in the gambling industry and state oversight. The video is not on the USENIX website (although most of the other presentations are). Perhaps you have to read the book, which contains much of the material presented in Jeff's talk.
The British Columbia Lottery recently rolled out a new online Gambling web application, then had to pull the plug within hours. No date for reopening has been announced. Apart from slow online response during the brief time it was online reports state that BCLC let users gamble with money from other users accounts and exposed user's personal information to other users. http://www.theprovince.com/technology/Privacy+commissioner+orders+shutdown+BCLC+online+gambling+site+until+glitches+fixed/3329791/story.html To deal with the social downside of gambling addiction BCLC had recently imposed a $9,999 limit on monthly loses and betting. By coincidence that is just under the $10,000 limit for Federal FINTRAC reporting of large gambling transactions. BCLC's month was made even worse when the Federal FINTRAC agency announced $670,000 in fines against BCLC for alleged repeated failure to comply with reporting requirements. http://www.globaltvbc.com/world/BCLC+only+provincial+gambling+body+fined/3309328/story.html BC's gambling addiction goes quite deep. The party currently in power originally reduced the opposition to just seats in the house, after the former Premier resigned in disgrace. Among other issues in that debacle was "Casinogate" which involved the Minister appointed by the former Premier intervening to approve a Casino Licence for a hotel controlled by a motorcyle gang. On the Bricks and Mortar side of the "business" BCLC let a gambling addict continue to bet despite the addict's request to be banned. The request was honored when the addict tried to collect a win, but was ignored his request while he was losing money. http://toronto.ctv.ca/servlet/an/local/CTVNews/20100728/bc-gambler-casino-100728?hub=Toronto Gambling boosters claim that people will gamble anyway, so why not offer a legal alternative? Hasn't the USA had some success at charging and arresting companies which process charge card transactions for illegal gambling websites? My personal take is that anyone silly enough to pay to use an illegal online gambling web service is also silly enough to think the game isn't rigged. We have seem reports of rigged server code for gambling websites.
http://consumerist.com/2010/08/crook-crack-check-image-sites.html Ben Popken, Crooks Crack Check Image Sites, Steal $9 Million, 2 Aug 2010 (Davide Restivo) Know how when you go into your online checking account you can click on checks that you've written and see the scanned image of them? Well, those pictures have to be stored somewhere, and they're not always secure. Russian crooks broke into three sites that store archival check images, stole the information, and wrote over $9 million in phony checks against over 1,200 accounts. In order to keep the money, though, the crooks have to recruit "money mules" through online job posting sites to unwittingly launder the checks and send the thieves money from their own accounts, as we talked about recently in "Watch A Money Mule Scam Unfold." The security research firm that discovered the breach said that they've notified the affected sites who have since sealed up the gaps, but the scam is still operating and targeting other image archival companies. Hm, what's the digital equivalent of the phrase, "hanging paper?"
The recently-announced Apple iPhone jailbreak: http://blog.iphone-dev.org/post/890709355/the-return-of-jailbreakme-com is much more serious than a quick scan would suggest. For one, the jailbreak requires no confirmation from the user: just downloading and viewing a (small) PDF is enough to bypass all the iPhone's security and install code at the system level. This is also probably the first time that known vulnerabilities in a system have been amalgamated into a user-level package meant specifically for the purpose of bypassing restrictions in the system. While this seems like good news for iPhone owners, it also means that anyone can exploit the same vulnerabilities in the same fashion to his/her own malicious ends. Specifically, there is nothing stopping you or I from creating an equivalent PDF that installs malware into an iPhone. So was Apple unaware of these vulnerabilities? That would reek of terminal ignorance. Assuming then that they were aware, what steps did they take to warn customers and provide upgrades to mitigate these issues? Or did they deliberately ignore the potential risks to their customers so that jailbreaks would be possible and people would continue buying iPhones? While the last may seem far-fetched, it is true that means of jailbreaking iPhones are in Apple's interests from a pure numbers point of view. At a larger level, are we going to see new botnets comprised of well- connected, high-power mobile devices? I'm trying to picture a scenario where existing PCs and mobile devices coalesce into creating super- powered networks capable of attacking, spamming and warring over multiple media. Time to hand over to the science-fiction writers, I guess. Raj Mathur firstname.lastname@example.org http://kandalaya.org/
*San Francisco Chronicle* http://www.sfgate.com/cgi-bin/blogs/scavenger/detail?entry_id=3D69967 When it comes to parking tickets, timing is everything, as ABC7's Dan Noyes discovered. Under San Francisco's program to catch traffic scofflaws, some Muni buses have been mounted with front-facing video cameras to record cars that are illegally parked in transit-only lanes. The problem is, the camera clocks were not adjusted for daylight saving time in March and were off an hour—an important detail for people like George Chen. The San Francisco smoke shop owner who has permission to park in a loading zone claims he moved his car in time. Still, the City slapped him with an $85 ticket. Turns out the time was wrong on cameras for 17 buses, a problem that wasn't discovered until the end of the June. More than 500 drivers were erroneously ticketed, said Noyes. Now, it looks like those folks are entitled to a refund by the Municipal Transportation Agency. Here's a list of erroneous citations with license plate numbers. Aileen Yoo, 12 Aug 2010 http://www.sfgate.com/cgi-bin/blogs/scavenger/detail?entry_id=69967#ixzz=0wQD8vXQh
Operator of Dells ride that injured girl faces felony [This was reported by several people. PGN] "He made a mistake, ... He fully cooperated with the investigation You don't do anything criminally wrong and they issue a felony charge and they arrest you. A mistake is not a crime, so they didn't need to arrest him. I respectfully disagree with the issue as a criminal charge in the case where they've shown neglect and nothing more." http://tinyurl.com/253jnlt (host.madison.com) This was an inevitable accident. What's amazing is that it took eight years to happen. What's lucky is that the first accident wasn't a death. http://abcnews.go.com/US/florida-teen-critical-condition-100-foot-fall-terminal/story?id=11326023#
Cutoff of YouTube in Siberia due to a single video http://bit.ly/cKjiUf (Google European Public Policy Blog) [From Network Neutrality Squad]
The parental controls built into the Mac OS X Mail client can be easily bypassed by anyone who knows the email address of the child and his/her parent. The Mail client can be fooled into adding any address to the child's whitelist (i.e., the list of addresses with whom the child is allowed to correspond), as if the parent had approved the address, without his/her knowledge or consent. This vulnerability can be taken advantage of by the child or by any third party anywhere on the Internet. I have reported this vulnerability to Apple, and they have declined to assign a CVE ID for it, disclose it to the public, or indicate a time-line for when it will be disclosed or fixed. For more information: http://blog.kamens.us/2010/08/03/mac-os-x-mail-parental-controls-vulnerability/
Justin Scheck, What They Know: Stalkers Exploit Cellphone GPS, *Wall Street Journal*, 3 Aug 2010 Phone companies know where their customers' cellphones are, often within a radius of less than 100 feet. That tracking technology has rescued lost drivers, helped authorities find kidnap victims and let parents keep tabs on their kids. But the technology isn't always used the way the phone company intends. One morning last summer, Glenn Helwig threw his then-wife to the floor of their bedroom in Corpus Christi, Texas, she alleged in police reports. She packed her 1995 Hyundai and drove to a friend's home, she recalled recently. She didn't expect him to find her. The day after she arrived, she says, her husband "all of a sudden showed up." According to police reports, he barged in and knocked her to the floor, then took off with her car. The police say in a report that Mr. Helwig found his wife using a service offered by his cellular carrier, which enabled him to follow her movements through the global-positioning-system chip contained in her cellphone. ... http://online.wsj.com/article/SB10001424052748703467304575383522318244234.html
http://www.latimes.com/business/la-fi-travel-briefcase-20100809,0,7868968.story http://www.cnn.com/2010/US/08/04/marshals.body.images/ Mike M. Ahlers, Agency stored body images from Florida courthouse, CNN, 4 Aug 2010 * The Marshals Service used millimeter wave technology to collect images * The images were of people entering a federal courthouse in Orlando, Florida * A sampling of the ghost-like images was obtained under the Freedom of Information Act * The Marshals Service says the images were never accessed before the request The U.S. Marshals Service is confirming that it has stored more than 35,000 "whole body" images of people who had entered a U.S. courthouse in Orlando, Florida. The images captured by millimeter wave technology are more ghost-like and far less detailed than those produced by "backscatter" machines commonly used by the Transportation Security Administration at airports nationwide. But the Electronic Privacy Information Center, a privacy rights group that obtained the Marshals Service photos, said the disclosure shows that body imaging machines can store intrusive images of people's bodies and that the federal government will store images in the absence of strong judicial or legislative restraints. EPIC and other privacy groups filed suit against the TSA this year, asking the court to bar it from using body imagers at airports. In a letter to EPIC, Justice Department attorneys agreed to give 100 images of the approximately 35,314 images that were stored on the Orlando courthouse machine from February 2 until July 28. It called the 100 images a "representative sample" of stored images. A U.S. Marshals Office spokeswoman said the Brijot Gen2 machine in Orlando automatically stores the images to a hard drive, and security officers can look at an image of the person who just entered the machine and the two previous images. But all other images can only be accessed via an administrative passcode, spokeswoman Carolyn Gwathmey said. Gwathmey said the stored images had never been accessed before the receipt of the Freedom of Information Act request. Marc Rotenberg of the Electronic Privacy Information Center conceded that the Marshals Service's images are "not particularly revealing" but said this experience highlights the necessity for prohibitions on government's use of backscatter technology, which can capture far more revealing images by using X-rays to provide detailed images in or under a person's clothing. "The only thing that is preventing the TSA from [storing images] is that we keep raising this with them," Rotenberg said. In written comments this year to CNN, the TSA said images at airports "cannot be stored, transmitted or printed" when in normal operations. "TSA has clearly demonstrated the extensive steps and strict measures that have been taken to protect passenger privacy," the agency said. The images released to the Electronic Privacy Information Center were captured by a machine at the Middle District of Florida in the Orlando courthouse. The Marshals Service also tested a machine at a U.S. courthouse in Washington for about 90 days in the 2007 and 2008 time frame, Gwathmey said. During the test, the machine was not used to screen individuals entering the courthouse, she said. That machine was returned to the vendor, and any images that may have been stored on it are no longer under agency control, the Justice Department said. [See also CNET. PGN] http://news.cnet.com/8301-31921_3-20012583-281.html?tag=mncol;title
[Mass.] Governor Patrick Signs Safe Driving Legislation, 02 Jul 2010 New law bans texting while driving for all drivers and cell phone-use by junior operators; Massachusetts one of 29 states to prohibit Dangerous behavior behind the wheel http://www.mass.gov/?pageID=gov3pressrelease&L=1&L0=Home&sid=Agov3&b=pressrelease&f=100702_Safe_Driving_Legislation&csid=Agov3 An Act relative to safe driving. http://www.mass.gov/legis/bills/house/186/ht04/ht04795.htm
The obvious question, of course, is "why didn't you fix the underlying problem with the alarm?" Of course, that can itself be a difficult business, which raises a separate question: why not have the alarms sound only in the control room, where the watch stander can evaluate the problem and sound the rig-wide alarm if something is actually wrong? My guess is that that isn't possible. It may be a deliberate design choice—you want alarms to warn people even if the watchstander has to leave the room—but it may be an issue of over-automation. Some years ago, on an overnight flight, I had a chance to ask the pilot why he left the seatbelt sign illuminated all night, when the flight was quite smooth. The answer was over-automation: the way the plane was designed, every time he turned it on, a chime sounded and an automated PA system message warned the passengers. This meant that even modest turbulence would result in passengers being awakened. He didn't like the system, but it wasn't possible for him to turn if off—some designer, somewhere, felt that it was better to relieve the pilot of the extra work of sounding the chime and making an announcement, without really understanding the actual usage model.
Tim Jones, *Wall Street Journal*, 4 Aug 2010 In a groundbreaking new series titled "What They Know," the *Wall Street Journal* is taking a close look at the information that online advertisers collect about you as you browse the Web: "The tracking files represent the leading edge of a lightly regulated, emerging industry of data-gatherers who are in effect establishing a new business model for the Internet: one based on intensive surveillance of people to sell data about, and predictions of, their interests and activities, in real time." What the industry knows about you may surprise you. The articles examine the world of tracking cookies, and other less well-known tracking technologies like flash cookies and beacons. They found that "the nation's 50 top websites on average installed 64 pieces of tracking technology onto the computers of visitors, usually with no warning." Using information gathered this way, the advertising industry is able to accurately guess substantial information about you - often including your gender, age, income, marital status, credit-rating, and whether you have children or own a home. The findings are used not only to determine what advertisements you see, but sometimes to decide what kind of discounts or credit card offers you're allowed access to. ... https://www.eff.org/deeplinks/2010/08/what-they-know What They Know: http://online.wsj.com/wtk Online Behavioral Tracking: http://www.eff.org/issues/online-behavioral-tracking
> [And what if you are deaf? PGN] Prompted by the quite electric car's noted problem in Japan, especially so for the visually-challenged people, some are experimenting with embedding active RFID tag in the car and let the pedestrians such as blind people carrying the detector to learn of the approaching cars by means of RFID. The detecting device warns of the approaching car using sound warning. I think the same mechanism can then be used for the deaf by using the detector to cause some kind of vibration motion depending on the direction of approaching vehicle, etc. The cost of having an active tag in each car and the detecting device carried by the handicapped may not be small. It should be born by the society as a whole IMHO.
>With auto-complete fields, typing the beginning of a drug name can trigger a >pop-up of MANY drugs with the same root, where careless clicking selects the >wrong one, a common problem with Windows' auto-complete function. I have never understood why such software does not make the prescriber select *both* the generic and a trade name for each medication and confirm that they match. It seems to me this would basically eliminate such errors. For example: I am allergic to Voltaren (diclofenac), an anti-inflammatory drug. I have more than once found that my medical records contain the false information that I am allergic to Vytorin (ezetimbe). I cannot imagine, if the provider had to select both names with no prompting, this error would ever happen. >Similarly, a pull-down field for dosage can lead to careless selection of an >incorrect value, a common problem with Windows' pull-down selection >function. This would be trivially remedied by requiring the dosage to be pulled-down *and* typed in, and, again, matching values. For IV drugs, the simplest cross-check is probably to force the provider to confirm how many minutes or hours one standard-size bag will last. PGN writes: > [This is one of those issues in which both arguments are partially > correct. Fixed fields are risky with poorly defined, overlapping, > or otherwise confusing. Free-text fields have many other risks. > The risks question is much deeper than that dichotomy. PGN] But I think it is wrong to highlight only the _risks_ of free-text fields. Used to confirm what is selected from menus, it seems to me they offer a considerable opportunity for risk reduction.
Please report problems with the web pages to the maintainer