The RISKS Digest
Volume 27 Issue 11

Tuesday, 11th December 2012

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…


How the US Air Force flushed a $1B software project down the drain
Randall Stross via Lauren Weinstein
Iran shipping signals conceal Syria ship movements
Danny Burstein
Syria outage sheds light on U.S. Kill Switch concerns
Robert Lemos via ACM TechNews
25-GPU cluster cracks every standard Windows password in <6 hours
ars technica via Lauren Weinstein
Inaccurate Apple Maps directions causes 'life threatening issue' for travelers in Australia
Monty Solomon
In Pursuit of McAfee, Media Are Part of Story
Jeff Wise via Monty Solomon
The Illusion Of Online Security
The Diane Rehm Show via Monty Solomon
High-Speed Traders Profit at Expense of Ordinary Investors
Nathaniel Popper and Christopher Leonard
UN Internet regulation talks in Dubai threaten Web freedom
Dan Gillmor via Dave Farber
Lord Leveson calls for curbs on Internet 'mob rule'
Chris Drewe
National Network for First Responders Won't Happen for Years ...
Edward Wyatt via Lauren Weinstein
How Smartphones Are Making Wallets Obsolete
Gabe Goldberg
"A Step Toward E-Mail Privacy"
NYTimes editorial via PGN
Lock Firm Onity Starts To Shell Out For Security Fixes To Hotels' Hackable Locks
Andy Greenberg via Jim Reisert
Mobile Browsers Fail Georgia Tech Safety Test
Michael Terrazas via ACM TechNews
A letter to the President about e-voting
Barbara Simons
10th International Conference on integrated Formal Methods iFM 2013
Diego Latella
Info on RISKS (comp.risks)

How the US Air Force flushed a $1B software project down the drain (Randall Stross)

Lauren Weinstein <>
Sun, 9 Dec 2012 13:22:26 -0800
[Source: Excerpt from Randall Stross, *The New York Times*, 9 Dec 2012]

  "Signs that such comprehensive change could not, in fact, be done "at
  once" were visible last spring. Last April, Jamie M. Morin, assistant
  secretary of the Air Force, testified before a subcommittee of the
  Senate's Armed Services Committee about E.C.S.S.: "The total cost on the
  system is now over $1 billion," he said, adding, "I am personally appalled
  at the limited capabilities that program has produced relative to that
  amount of investment."  With the cancellation of the system last month, a
  spokeswoman said that the Air Force would continue to rely on its legacy
  logistics systems, some of which have been in use since the 1970s."

Iran shipping signals conceal Syria ship movements

Danny Burstein <>
Thu, 6 Dec 2012 23:46:23 -0500 (EST)
Iranian oil tankers are sending incorrect satellite signals that confuse
global tracking systems and appear to conceal voyages made by other ships to
Syria, which, like Iran, is subject to international sanctions. ...  "It is
of course possible to manipulate or falsify information in these messages,"
said Richard Hurley, a senior analyst at IHS Fairplay, a maritime
intelligence publisher.  At least three Iranian oil tankers are transmitting
such false signals, effectively taking over the identity of Syrian-owned
vessels traveling between Syria, Libya and Turkey.  All the vessels in
question were registered in Tanzania.

[Source: Reuters Exclusive item, Jessica Donati and Daniel Fineren, with
additional reporting by Jonathan Saul, Amena Bakr and Fumbuka Ng'wanakilala;
Editing by Will Waterman; starkly PGN-ed]

Syria outage sheds light on U.S. Kill Switch concerns (Robert Lemos)

ACM TechNews <technews@HQ.ACM.ORG>
Fri, 7 Dec 2012 11:15:36 -0500
Syria and as many as 60 other countries are at a severe risk of being
disconnected from the Internet because of lack of redundancy in their
telecommunications connections to the outside world, according to a recent
Renesys report.  However, the report rated the United States, Canada, and
many Western European nations as "resistant to risk," while other countries
were rated at "significant" or "low risk" or being disconnected.  The
analysis found that concerns that an Internet "kill switch" could cut people
off are unwarranted in the United States, says Renesys' Earl Zmijewski.
"Syria is not the U.S., it is not Canada, and it's not Western Europe,"
Zmijewski says.  "There is no way to simply shut down connectivity."  The
analysis of the relative resistance of a country's network to disconnection
is based on the number of providers that connect to the outside world, not
the number of physical connections.  Renesys' James Cowie notes that
comments on the study indicate that most people were concerned about their
country's vulnerability to being disconnected.  "It's interesting that most
people who are suggesting modifications to (our) model believe that their
country is much more vulnerable to disconnection," Cowie says.  [Source:
Robert Lemos, eWeek, 5 Dec 2012]

25-GPU cluster cracks every standard Windows password in <6 hours

Lauren Weinstein <>
Mon, 10 Dec 2012 15:59:50 -0800
  "The five-server system uses a relatively new package of virtualization
  software that harnesses the power of 25 AMD Radeon graphics cards. It
  achieves the 350 billion-guess-per-second speed when cracking password
  hashes generated by the NTLM cryptographic algorithm that Microsoft has
  included in every version of Windows since Server 2003. As a result, it
  can try an astounding 95^8 combinations in just 5.5 hours, enough to brute
  force every possible eight-character password containing upper- and
  lower-case letters, digits, and symbols. Such password policies are common
  in many enterprise settings. The same passwords protected by Microsoft's
  LM algorithm-which many organizations enable for compatibility with older
  Windows versions-will fall in just six minutes."  (ars technica via NNSquad)

 - - -

Of course, you need access to the hashes to do this.   If sites didn't
make stupid errors that exposed their hash files, this approach would
not be particularly useful in most cases.

Inaccurate Apple Maps directions causes 'life threatening issue' for travelers in Australia

Monty Solomon <>
Tue, 11 Dec 2012 09:25:33 -0500
Inaccurate Apple Maps directions causes 'life threatening issue' for
travelers, says Australian police

Apple redraws maps after Australian drivers led astray in the bush

In Pursuit of McAfee, Media Are Part of Story (Jeff Wise)

Monty Solomon <>
Mon, 10 Dec 2012 09:07:53 -0500
  [Monty excerpted this paragraph from a fascinating article by Jeff Wise on
  a very strange case involving WiReD's Rocco Castoro and Robert King
  traveling with John McAfee traveling in Belize, and a mysterious death.

... The gloating was short-lived, however. Within minutes, a reader noticed
that the photograph posted with the story still contained GPS location data
embedded by the iPhone 4S that took it, and sent out a message via Twitter:
"Check the metadata in the photo. Oooops ..."  Vice quickly replaced the
image, but it was too late. "Oops! Did Vice Just Give Away John McAfee's
Location With Photo Metadata?" a headline asked. The article
included a Google Earth view of the exact spot the picture had been taken -
poolside at the Hotel & Marina Nana Juana in Izabal, Guatemala. ...

The Illusion Of Online Security

Monty Solomon <>
Fri, 7 Dec 2012 09:48:36 -0500
The Diane Rehm Show, December 5, 2012

The age of passwords is over. That's the claim made in this month's "Wired"
magazine. Most of us trust that a string of letters, numbers and characters
is enough to protect our bank accounts, e-mail and credit cards. But hackers
are breaking into computer systems and hosts of user names and passwords on
the Web with increasing regularity. And because so much of our personal
information is stored in the cloud, hackers can trick customer service
agents into resetting passwords. Some Internet companies say the trade-offs
-- convenience and privacy—are necessary to protect our data. Privacy
advocates say that price is too high. Diane and her guests discuss the
illusion of online security and whether you can make your accounts harder to


Simon Davies founder of Privacy International.
Cecilia Kang technology reporter for the Washington Post.
Kevin Mitnick information security expert and former hacker.

High-Speed Traders Profit at Expense of Ordinary Investors (Popper, Leonard)

Monty Solomon <>
Sat, 8 Dec 2012 14:57:32 -0500
Nathaniel Popper and Christopher Leonard, *The New York Times*, 3 Dec 2012
High-Speed Traders Profit at Expense of Ordinary Investors, a Study Says
[PGN-ed; lots more to read]

A top government economist has concluded that the high-speed trading firms
that have come to dominate the nation's financial markets are taking
significant profits from traditional investors.  The chief economist at the
Commodity Futures Trading Commission, Andrei Kirilenko, reports in a coming
study that high-frequency traders make an average profit of as much as $5.05
each time they go up against small traders buying and selling one of the
most widely used financial contracts.

UN Internet regulation talks in Dubai threaten Web freedom (Dan Gillmor)

Dave Farber <>
Thu, 6 Dec 2012 10:36:28 -0500

"The very idea that the ITU could obtain and exert major regulatory powers
over the Internet is a happy one only to dictators and others who believe
the Internet needs to be controlled. We've seen again and again what nation
states like Syria, China, Saudi Arabia and others do when they are unhappy
with online content or conversations. Even a hint that such censorship could
spread should be, and is, anathema to people who believe in fundamental free
speech rights. Russia, in particular, has proposed regulations that the
United States ambassador to the meeting called "the most shocking and most
disappointing" of any he'd seen."

  [Dan Gilmore in *The Guardian*.  Web URLs deleted by PGN]

Lord Leveson calls for curbs on Internet 'mob rule'

Chris Drewe <>
Sat, 08 Dec 2012 19:19:08 +0000
Apologies if this is Leveson overload, but he's made some, um, interesting
comments in Australia, reported by Jonathan Pearlman, in Sydney in the
*Daily Telegraph*, 8 Dec 2012:


Lord Justice Leveson has called for new laws to curb the rise of "mob rule"
on the Internet and says he is keenly watching the aftermath of his report
into media ethics.  He was "concerned" about the debate that had followed
his 2000-page report

  [Long copyrighted article PGN-ed.]

National Network for First Responders Is Years Away (Edward Wyatt)

Lauren Weinstein <>
Thu, 6 Dec 2012 16:26:32 -0800
Edward Wyatt, *The New York Times*, 7 Dec 2012,

  ... Hurricane Sandy also exposed a significant flaw in the initial design
  of the emergency system. It would rely greatly on commercial cellphone
  networks, the same networks that failed during the storm when cell towers
  blew down, power equipment failed and backup batteries or generators were
  flooded. "To think that you can build a network that can withstand
  anything and everything that Mother Nature throws at it is a bit
  unrealistic," said Bill Smith, president of AT&T Network Operations. "It's
  not impossible, but it would be incredibly expensive." ...

Basing the emergency network on the fragile commercial wireless systems,
What could go wrong?

How Smartphones Are Making Wallets Obsolete

Gabe Goldberg <>
Sun, 09 Dec 2012 23:46:05 -0500
Some people might cringe at the thought of putting a picture of an insurance
card on their phone, but if I lose my phone, there is a password to stop
someone from opening it. My wallet never came with a password.

There are a couple of things I still carry in my pocket, held together with
a money clip: the debit card and my driver's license. But I'm confident that
those, too, will someday disappear.

Soon enough, my phone will become my sole credit card, and the only thing
left in my pocket will be my driver's license. And at some point, the
government will enter the 21st century and offer a digital alternative for

Or maybe I won't need a driver's license at all: when cars drive themselves
in the not-too-distant future, I'll be taking a nap while my car takes me to

What could go wrong?

"A Step Toward E-Mail Privacy" (NYTimes editorial)

"Peter G. Neumann" <>
Sun, 9 Dec 2012 08:13:17 PST
[Very nice editorial in *The New York Times*, 9 Dec 2012, PGN-ed and
truncated for RISKS.]

The growth of the Internet, social networking and mobile technologies has
transformed how Americans communicate and exchange information, but Congress
has lagged in updating federal privacy laws to safeguard digital
communications from inappropriate prying. Late last month, the Senate
Judiciary Committee approved a measure, proposed by Patrick Leahy, that
would significantly enhance the privacy protection given to e-mails.  The
bill, an amendment to the outdated 1986 law that now governs e-mail access,
the Electronic Communications Privacy Act, would require law enforcement
agents to get a search warrant from a judge in order to obtain e-mail
content from a communications service provider that holds private electronic
messages, photos and other personal records, like Gmail or Facebook.

Lock Firm Onity Starts To Shell Out For Security Fixes To Hotels' Hackable Locks (Andy Greenberg)

Jim Reisert AD1C <>
Fri, 7 Dec 2012 08:20:40 -0700
"After four months, countless hacking embarrassments and a string of hotel
burglaries, the maker of one of the world'2s most common hotel keycard locks
is finally owning up to the cost of an epic—and expensive—security

"Onity, the company whose locks protect 4 million or more hotel rooms around
the world, has agreed to reimburse at least some fraction of its hotel
customers for the cost of fixing a security flaw exposed in July that allows
any hacker with a $50 homemade device to open its locks in seconds,
according to written agreements between the company and several of its
largest buyers."

Jim Reisert AD1C, <>,

Mobile Browsers Fail Georgia Tech Safety Test

ACM TechNews <technews@HQ.ACM.ORG>
Fri, 7 Dec 2012 11:15:36 -0500
  Michael Terrazas, *Georgia Tech News* (5 Dec 2012)
  [via ACM TechNews, 7 Dec 2012]

Georgia Tech researchers have found that mobile Web browsers are so unsafe
that even cybersecurity experts cannot detect when their smartphone browsers
have landed on dangerous Web sites.  "We found vulnerabilities in all 10 of
the mobile browsers we tested, which together account for more than 90
percent of the mobile browsers in use today in the United States," says
Georgia Tech professor Patrick Traynor.  The main issue is graphic icons
known as secure sockets layer (SSL) or transport layer security (TLS)
indicators, which alert users when their connection to the destination Web
site is secure and that the Web site they see is actually the site they
intended to visit.  Due to the small screen associated with most mobile
browsers, there is not enough room to incorporate SSL indicators as with
desktop browsers.  Displaying a graphical indicator that a site is secure in
a Web browser's URL field is on the security guidelines recommended by the
World Wide Web Consortium for browser safety.  "Research has shown that
mobile browser users are three times more likely to access phishing sites
than users of desktop browsers," says Georgia Tech researcher Chaitrali

A letter to the President about e-voting

Barbara Simons <>
Fri, 07 Dec 2012 15:48:53 -0800
Election, Tech Experts to Obama: Yes, “We Need to Fix That,'' But
  E-Voting Not the Answer
Source: Verified Voting, Dated: Dec 06, 2012

In a letter delivered to President Obama and congressional leaders this
week, experts including congressional representatives, elections officers
and cyber-security experts, urged the president to reject any calls for
Internet voting.

Barbara Simons, Chair of Board, Verified Voting, Coauthor, Broken
Ballots: Will Your Vote Count? -, 650-328-8730
Jordana Merran -, 301-873-4484

Groups Warn Against Hasty Action on Internet Voting in Response to Long
Lines, Technical Glitches in November 2012

Washington, DC, In a letter delivered to President Obama and congressional
leaders this week, a broad coalition of experts, including congressional
representatives, elections officers and cyber security experts, is urging
the president and Congress to reject any calls for Internet voting. They are
warning officials that Internet voting remains a highly insecure option that
leaves our systems vulnerable to cyber-attacks and technical failures.

After voters across the country waited as long as seven hours to cast their
ballots and Hurricane Sandy wreaked havoc on East Coast election systems
last November, lawmakers in Congress are introducing legislation to
facilitate the voting process in federal elections, and some parties have
expressed Interest in online voting.

“Internet voting seems like a great solution. But relying on the Internet
to transmit a vote means not only opening the election up to hackers and
malicious forces, but also giving up the right to vote anonymously,'' said
Barbara Simons, former president of the Association for Computing Machinery
and chair of the board of the nonpartisan Verified Voting.

Instead, Simons and dozens of other leaders in their fields are urging
Congress to use scanned-in paper ballots in federal elections.

“The lack of accountability in our election processes has put our democracy
at risk. That's why we urge Congress to adopt scanned paper ballots. They
are inexpensive, they can eliminate long lines because many voters can vote
simultaneously, and most importantly, they provide a paper trail that can be
verified, especially in the event that an election result is called into
question,'' [quoting Peter G Neumann]

The letter to the President notes that, had elections been too close to call
in the November contest, many jurisdictions that rely on electronic voting
machines would have had no way to verify whether their results were correct.

The text of the letter can be found at

Signatories include:

Andrew W. Appel, Eugene Higgins Professor of Computer Science, Princeton Univ.
Matt Blaze, Assoc. Professor, Computer & Information Science, Univ. of
Harvie Branscomb, Colorado Voter Group
Duncan A. Buell, Computer Science and Engineering Professor, Univ. of
  South Carolina
David Dill, Computer Science Professor, Stanford Univ.; Board of
  Directors, Verified Voting
Susan Dzieduszycka-Suinat, Overseas Vote Foundation
Jeremy Epstein, Senior Computer Scientist, SRI International
David J. Farber, Distinguished Professor of Computer Science & Public
  Policy, Carnegie Mellon Univ.
Lowell Finley, Member, EAC Standards Board
Irene Etkin Goldman, Voting Rights Advocate, Board Chair, Coalition for
  Peace Action, Princeton, N.J.
Mary Ann Gould, Co-Founder, Executive Director, Coalition for Voting
J. Alex Halderman, Assistant Professor of Computer Science & Technology
Joseph Lorenzo Hall, Senior Staff Technologist, Center for Democracy &
Mark Halvorson, Founder and Former Director, Citizens for Election
  Integrity Minnesota
Candice Hoke, Director, Public Monitor of Cuyahoga Election Reform; Law
  professor, Cleveland State Univ.
Representative Rush Holt, Member of Congress
Harri Hursti, Security Researcher, CTO SafelyLocked
Holly Jacobson, Co-Founder, Voter Action
David Jefferson, Computer Scientist, Lawrence Livermore National
  Laboratory; Board of Directors, California Voter Foundation; Board of
  Directors, Verified Voting
Douglas W. Jones, Associate Professor of Computer Science, Univ. of
  Iowa; Coauthor, Broken Ballots: Will Your Vote Count
Earl Katz, Public Interest Pictures
Douglas A. Kellner, Co-Chair, New York State Board of Elections
Marybeth Kuznik, Executive Director, VotePA; Judge of Elections, Penn
  Township, Westmoreland County, PA
Mark Lindeman, Adjunct Assistant Professor of Political Science,
  Columbia Univ.
Collin Lynch, Intelligent Systems Program, Univ. of Pittsburgh; Past
  President, VoteAllegheny; Member, VotePA; Past Co-Chair, Allegheny
  County Citizen's Advisory Panel on Election Systems
Margaret MacAlpine, Advisory Comm. Member, California Post Election
  Risk-Limiting Audit Pilot Program
Neal McBurnett, ElectionAudits (the open source project)
John McCarthy, Lawrence Berkeley National Laboratory Computer Scientist
  (retired); Verified Voting volunteer
Dan McCrea, President and Co-Founder, Florida Voters Foundation
Walter Mebane, Professor of Political Science and Professor of
  Statistics, Univ. of Michigan
Justin Moore, Board of Advisors, Verified Voting Foundation
Michelle Mulder, Consultant, Verified Voting Foundation
Peter G. Neumann, Principal Scientist, SRI International Computer Science
  Lab; Moderator, ACM Risks Forum
Ronald L. Rivest, Viterbi Professor of Computer Science, MIT
Lida Rodriguez-Taseff, Miami-Dade Election Reform Coalition
Aviel D. Rubin, Professor of Computer Science and Technical Director of
  the Information Security Institute, Johns Hopkins Univ.
Noel Runyan, President of Personal Data Systems, Campbell, CA.
Ion Sancho, Leon County Supervisor of Elections
Bruce Schneier, Chief Security Technology Officer, BT; Security
  technologist and author
Kevin Shelley, Former California Secretary of State
Barbara Simons, IBM Research (retired); member, EAC Board of Advisors;
  Chair, Board of Directors, Verified Voting; Former President, ACM;
  Coauthor, Broken Ballots: Will Your Vote Count?
Stephanie Singer, Philadelphia City Commissioner
Pamela Smith, President, Verified Voting
Howard Stanislevic, Founder, E-Voter Education Project, NY, NY
Philip B. Stark, Professor and Chair, Department of Statistics, Univ. of
  California, Berkeley
Paul Stokes, United Voters of New Mexico
Penny M. Venetis, Clinical Prof. of Law, Judge Dickinson R. Debevoise
  Scholar; Co-Director, Constitutional Litigation Clinic, Rutgers School
  of Law-Newark
David Wagner, Professor of Computer Science, Univ. of California, Berkeley
Luther Weeks, CTVotersCount
Rebecca Wilson, Co-Director, SAVE our Votes: Secure, Accessible,
  Verifiable Elections for Maryland

10th International Conference on integrated Formal Methods (iFM 2013)

Diego Latella <>
Thu, 06 Dec 2012 09:38:53 +0100
June 10 - 14, 2013 - Turku, Finland


Applying formal methods may involve modeling different aspects of a system
which are best expressed using different formalisms.  Correspondingly,
different analysis techniques may be used to examine different system views,
different kinds of properties, or simply in order to cope with the sheer
complexity of the system. The iFM conference series seeks to further
research into hybrid approaches to formal modeling and analysis; i.e., the
combination of (formal and semi-formal) methods for system development,
regarding modeling and analysis, and covering all aspects from language
design through verification and analysis techniques to tools and their
integration into software engineering practice.

Areas of interest include but are not limited to:
- Formal and semiformal modeling notations
- Integration of formal methods into software engineering practice
- Refinement
- Theorem proving
- Tools; - Logics
- Model checking
- Model transformations
- Semantics
- Static Analysis
- Type Systems
- Verification
- Case Studies
- Experience reports

- Jean-Raymond Abrial, Marseille, France
- Cosimo Laneve, University of Bologna, Italy
- Susanne Graf, VERIMAG, France
- Kim Larsen, Aalborg University, Denmark

This call for papers and additional information about the conference
can be found at
For information regarding the conference you can contact:

Please report problems with the web pages to the maintainer