The RISKS Digest
Volume 26 Issue 52

Tuesday, 2nd August 2011

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…


Motorcycle 'smart key' can disable steering
Steven J Klein
Internet Addiction
Sharon Gaudin via Gene Wirchenko
Researchers Expose Cunning Online Tracking Service That Can't Be Dodged
Lauren Weinstein
House Committee sweepingly hypocritical Internet data retention bill
Lauren Weinstein
Bot-Bashed by Google
Robert X. Cringely via Gene Wirchenko
Re: Study Faults Approval Process for Medical Devices
Kevin Fu
Re: Patient alleges Tufts breached privacy
Steve Loughran
Re: FB & facial recognition software
Peter Houppermans
Re: Risks of verbose automated e-mail
Eriks Ziemelis
Re: Don't throw away Grandma's wind-up desk clock
Kurt Fredriksson
Mark Kramer
Taking over a stranger's phone number
Geoff Kuenning
Info on RISKS (comp.risks)

Motorcycle 'smart key' can disable steering

Steven J Klein <>
Tue, 26 Jul 2011 19:59:28 -0400

Motorcycle maker Ducati rolled out a new `smart key' that lets riders leave
the key in their pocket. When they sit down on the bike, a sensor detects
the key, allows the engine to be started, and unlocks the steering.

At least that's how it's supposed to work. *The Wall Street Journal* reported:

  Ducati says that while testing the new bikes it found that—under very
  specific conditions—the electronic steering lock could fail to
  disengage: a rider could potentially start the bike and begin riding while
  the steering is still locked—a situation that could result in a
  tip-over or collision.

Maybe they should call it a stupid key?

Source: <>

Steven Klein *

Internet Addiction (Sharon Gaudin)

Gene Wirchenko <>
Wed, 27 Jul 2011 10:05:31 -0700
Sharon Gaudin: Internet as hard to give up as cigarettes, liquor, study says;
Losing 'Net access even for a day described as 'nightmare', *ITBusiness*,
27 Jul 2011

How would you handle giving up your Internet connection—your Facebook
friends, Twitter, online news and shopping—for just a single day?

If you think being disconnected for even a day might drive you nuts, you're
not alone. A survey of 1,000 people between the ages of 18 and 65 in the
U.K. showed that many Britons are as emotionally connected to the Internet
and all of their devices as smokers are to their cigarettes.

However, not everyone reported being so tied to their digital lives.  The
survey showed that 23 per cent of respondents said they would feel "free" if
they were disconnected from online activities.

Researchers Expose Cunning Online Tracking Service That Can't Be Dodged

Lauren Weinstein <>
Fri, 29 Jul 2011 17:05:09 -0700

  "Researchers at U.C. Berkeley have discovered that some of the net's most
  popular sites are using a tracking service that can't be evaded - even
  when users block cookies, turn off storage in Flash, or use browsers'
  "incognito" functions.  The service, called KISSmetrics, is used by sites
  to track the number of visitors, what the visitors do on the site, and
  where they come to the site from - and the company says it does a more
  comprehensive job than its competitors such as Google Analytics.  But the
  researchers say the site is using sneaky techniques to prevent users from
  opting out of being tracked on popular sites, including the TV streaming
  site"  (Wired)

House Committee sweepingly hypocritical Internet data retention bill

Lauren Weinstein <>
Fri, 29 Jul 2011 09:50:53 -0700

  [From Network Neutrality Squad.  PGN]

  Rep. John Conyers of Michigan believes the bill is mislabeled. "This is
  not protecting children from Internet pornography. It's creating a
  database for everybody in this country for a lot of other purposes," he
  says.  Rep. Lofgren of California, a leading Democrat in opposition to the
  bill said was a "stalking horse for a massive expansion of federal power." (Digital Trends)

In the usual Congressional demonstration of hypocrisy, the bill is entitled
"Protecting Children from Internet Pornographers Act of 2011" but actually
allows the collected data to be used for any purpose, including government
tracking down of whistleblowers, file sharers, peace activists, or anyone
else for virtually any reason.

  [PGN adds: Lauren later noted on 2 Aug 2011 an item from CNET:
  How The New 'Protecting Children' Bill Puts You At Risk:
  Last Thursday the U.S. House of Representatives passed a bill that
  makes the online activity of every American available to police and
  attorneys upon request under the guise of protecting children from
  pornography.  (CNET)]

Bot-Bashed by Google (Robert X. Cringely)

Gene Wirchenko <>
Wed, 27 Jul 2011 13:42:43 -0700

Robert X. Cringely: When Google bots go wrong—one user's story; Dylan
Marcheschi felt the full brunt of a faulty Google algorithm; now he's urging
the company to offer real customer support

Dylan Marcheschi found out the hard way what happens when you get on
Google's bad side. Worse, he didn't do anything to deserve it, and he was
victimized not by a human but by a bot.

About two weeks ago, the artist from Brooklyn was having an e-mail
conversation with a friend in Thailand when he received a message telling
him his Google account had been disabled. Everything he'd built up over the
past seven years had just gone poof.

Worse, there was no one to talk to about it. There is no customer support
line for Google—no e-mail support, no live chat. All you can do is post a
message on a forum and hope that somebody—anybody—weighs in with an
answer. But for Dylan, nobody did.

So Marcheschi went public.  [and all hell broke loose.  PGN]

Re: Study Faults Approval Process for Medical Devices (Meier, R-26.51)

Kevin Fu <>
Mon, 1 Aug 2011 23:17:51 -0400

> [Can we learn anything from this relating to computer systems being
> trustworthy and effective?  PGN]

As one of the writers commissioned by this Institute of Medicine (IOM) panel
and a regular attendee of related workshops and Senate/House hearings over
the last few years, I would say yes.  But it's complicated at so many

The IOM released multiple publications on this topic.  The earlier
publication includes my commissioned report on "Trustworthy Medical Device
Software" along with several other fascinating topics that relate to medical
device safety and effectiveness (think epidemiology).  Download the chapter
via the no-paywall and watch the webcast respectively on:

Caveat lector: the intended audience is primarily that of physicians and
healthcare professionals.  There was only one computer scientist on the IOM
panel.  If you consider yourself a computer scientist, put on your HCP cap
before reading.

You can download the panel's 246-page final recommendations (cited in last
week's NYT) from

Safety and effectiveness share many themes with trustworthiness, but it's
not a bijection.  Security is a part of trustworthiness.  I believe that
Nancy Leveson briefly compares and contrasts safety with security in her
1995 book, "Safeware: System Safety and Computers."  Both safety and
security are negative goals, for instance.

Kevin Fu, Assoc. Professor, Computer Science Department
University of Massachusetts Amherst Ph: 616-594-0385  Fax: 413-545-1249

Re: Patient alleges Tufts breached privacy (Chris D., RISKS-26.49)

Steve Loughran <>
Tue, 2 Aug 2011 10:56:53 +0100

Chris D. raises the issues of the NHS still using faxes to communicate.

I can reassure him that my local GP has a special defence against spoof
faxes: namely they lose them and deny they were ever received.

Unfortunately, this security system can be bypassed by turning up with a
printout of an e-mail from the hospital saying "we faxed it" and a phone
number which they will then dial to get the prescription repeated, rather
than dialing the hospital's exchange:

To get a fake prescription all you have to do bring a fake e-mail printout
and have an accomplice at the end of the line who appears to not know who
you are, be uninterested in the problem but eventually able to find your
paperwork and read out what the prescription is.

And yes, certificate based signed/encrypted e-mail with a requirement that
all e-mails are in the domain and mail servers dropping out of
network e-mails from that domain would work better. In fact, they'd be better
of fixing the e-mail infrastructure than trying to do a national patient
record system, as at least moving the health service to e-mail may actually
be possible -and if it isn't, there's no point trying anything more

Re: FB & facial recognition software (Klein, RISKS-26.51)

Peter Houppermans <>
Tue, 02 Aug 2011 06:59:16 +0200

I've been aware of the potential for facial recognition code to be applied
to public pictures for a while.  Facebook and Google are working along the
same path, although FB would at least link tagging to existing accounts
(allowing you to undo the tagging), whereas Google's Picasa did not.

Although images are not always taken to the exacting standards that a
passport biometric requires, it seems to me quite possible that someone will
develop a way to create a usable average from a collection of pictures.

Some experimenting with software called Portrait Professional yielded an
interesting discovery: it also subtly adjusts facial geometry, which gave me
an idea.

I wonder if it would not be possible to craft an application that creates a
sufficiently subtle deviation in facial characteristics to throw off facial
recognition code.  We humans tend to have a far greater tolerance level for
variation than most facial recognition code so it would not create *human*
recognition issues.  It would only throw a spanner into the works of
unauthorised automated online identity data collection.

Having said that, if you're going as far as digitally adjusting images of
yourself you could consider a simpler approach: not posting them at all :-).

Re: Risks of verbose automated e-mail

Eriks Ziemelis <>
Tue, 2 Aug 2011 10:22:33 -0700 (PDT)

Seems like there are two risks here, and one not being Jet Blue's fault.

As Paul pointed out, SMS is wide-spread, and that Jet Blue's notification
system does not have an SMS option seems to be a bit of a poor design, what
with just about every notification system of the ilk I've used has SMS

The real risk is trying to force a feature/system to work in a manner that
it was not designed for (and the vast majority of "Average Joes/Janes" do
not know or care about) and expect success.

Re: Don't throw away Grandma's wind-up desk clock

Kurt F <>
Tue, 02 Aug 2011 20:47:42 +0200

I am bit surprised that no-one has mentioned that the frequency is the
main factor in the control of an electricity grid.
If the load increases, the frequency will drop and more electricity must
be generated until the frequency is back to normal again.
If the load decreases, the frequency will go up, and less electricity
must be generated.
It is thus the amount of electricity generated and consumed in real time
that will result in small variations in frequency. And a very small
variation indeed.

Re: Don't throw away Grandma's wind-up desk clock (Lee, RISKS-26.49)

Mark Kramer <>
Tue, 2 Aug 2011 13:23:40 -0400

Ted Lee asks "how much is 'just over'" when a clock gains 14 seconds a day?

86400 seconds in a day. To see 86414 in a day, the reference frequency must
be 86414/86400 too high. E.g., 60*86414/86400 = 60.009722 Hz.

Not very far over at all.

  [Also noted by Anthony DeRobertis.  PGN]

Taking over a stranger's phone number

Geoff Kuenning <>
Sat, 30 Jul 2011 03:29:59 -0700

A year ago I went on sabbatical and rented out my house.  I asked my tenants
to take over my phone number so that I would be able to recover it when I
returned, and I called Verizon and authorized that action.  However, the
tenants misunderstood and got an entirely new number, so from Verizon's
point of view I had canceled my account and my number went back into the

When I returned a few weeks ago, I set up new phone service with a different
company.  Thinking that my tenants had only recently closed their Verizon
account, I asked that my number be ported to the new company.  You can guess
what's coming: it worked.  No sooner had my phone been connected than it
rang; it was the old number's new owner, trying to reach his house.

Once I figured out what had happened, I arranged to give the number back to
the innocent stranger.  But that took over a week.  What saddens me is that
if you call up Verizon and try to do something simple to your account, such
as enable voicemail, they will take you through a painful ID verification
process.  So why did they let a third party grab a phone number without any
attempt to ensure that the request was valid?

Geoff Kuenning

Please report problems with the web pages to the maintainer