The RISKS Digest
Volume 28 Issue 62

Friday, 8th May 2015

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…


Dealing with rogue drones, Copping a 'copter
The Economist
Computer Scientists Use Twitter to Predict UK General Election Result
Lee Page
Vint Cerf on ACM, Internet Issues, Quantum Machine Computing
Stephan Ibarki
ACLU sues Fairfax County police over license-plate data
Jim Reisert
The man who wants to outlaw encryption
Daily Dot via Lauren Weinstein
Boxing Match: Video Piracy Battle Enters Latest Round—Mobile Apps
NYTimes via Monty Solomon
Now you can embed classic MS-DOS games in tweets
Ian Paul via Jim Reisert
ZPM Espresso and the Rage of the Jilted Crowdfunder
NYTimes via Monty Solomon
Re: Doctors don't like EHRs
James Geissman
Re: All cars must have tracking devices ...
Alister Wm Macintyre
Re: FAA Orders Fix for Possible Power Loss in Boeing 787
Jeff Makey
Re: At least one American Airlines plane is grounded because the pilots' iPads crashed
Michael Kohne
Authentication vs Identification: South Korean ID system in disarray
Jay Ashworth
Info on RISKS (comp.risks)

Dealing with rogue drones, Copping a 'copter (The Economist)

"Peter G. Neumann" <>
Sun, 3 May 2015 9:29:28 PDT
In the hands of criminals, small drones could be a menace. Now is the time
to think about how to detect them and knock them down safely.  On 22 April,
a drone carrying radioactive sand landed on the roof of the Japanese prime
minister's office in Tokyo. It was the latest of a string of incidents
around the world involving small drones. Last year more than a dozen French
nuclear plants were buzzed by them. In January one crashed on the White
House lawn. In February and early March several were spotted hovering near
the Eiffel tower and other Parisian landmarks. Later in March someone
attempted to fly one full of drugs (and also a screwdriver and a mobile
phone) into a British prison. The employment of drones for nefarious, or
potentially nefarious, purposes thus seems to have begun in earnest. It is
only a matter of time before somebody attempts to use a drone, perhaps
carrying an explosive payload, to cause serious damage or injury. The
question for the authorities is how to try to stop this happening.

*The Economist*, 1 May 2015

Computer Scientists Use Twitter to Predict UK General Election Result (Lee Page)

"ACM TechNews" <>
Fri, 8 May 2015 13:13:01 -0400 (EDT)
Lee Page, University of Warwick, 5 May 2015 via ACM TechNews,
Friday, May 8, 2015

Computer scientists from the University of Warwick used Twitter to predict
the outcome of the U.K. general election.  The team has developed an
algorithm that harvests political tweets, and incorporating sentiment
conveyed in tweets was one of its key features.  The user-generated content
is aggregated and put into conventional polling reports to produce a daily
prediction of voting share.  "We then put all this information into our
forecasting model, along with the parties' share of the vote as measured by
opinion polls," says Warwick researcher Adam Tsakalidis.  The team says the
approach will provide key insights into how public opinion is developing and
what factors might be influencing any changes in support.  The researchers
believe their forecasts could be more accurate than traditional opinion
methods.  Tested during the Greek election in January, the model achieved
better results than all of the most recent polls leading up to the vote and
three exit polls once the ballots closed.  "We are particularly interested
in automatically identifying the sentiment expressed towards specific
politicians or parties and topics such as immigration," Tsakalidis says.
"This will help us obtain more accurate predictions as well as better
understanding of the reasons behind public support or discontent."

Vint Cerf on ACM, Internet Issues, Quantum Machine Computing (Stephan Ibaraki)

"ACM TechNews" <>
Mon, 4 May 2015 12:28:25 -0400 (EDT)
Stephan Ibaraki, IT World Canada, 1 May 2015
via ACM TechNews, 4 May 2015

In a wide-ranging interview, Vint Cerf, co-creator of the Internet and vice
president at Google, discusses a range of topics, including the modern
challenges of the Internet, the technologies of the future, and the
Association for Computing Machinery (ACM).  Asked what he sees as the main
challenges and controversies surrounding the Internet today, Cerf,
co-recipient in 2004 of the ACM A.M. Turing Award, identified the need to
ensure users' safety, security, and privacy.  He also reiterated his
frequent warnings about a "digital Dark Age" that could result as software
continues to advance and the means of interacting with older software and
data falls away.  Finally, he pointed to the Internet of Things,
particularly the need to ensure the security of all Internet-connected
devices.  Cerf also commented on a number of speculative topics, saying he
thinks the singularity envisioned by Ray Kurzweil is "a stretch," but that
he sees a great deal of promise in current research into quantum computing
and quantum entanglement.  He also comments on the need for professionalism
and credentialing in software development and discusses his time as
president of ACM.  Cerf says ACM's main challenges today are helping to
establish 21st century business models, being relevant to computer science
practitioners, and helping to promote computer science as a discipline.

ACLU sues Fairfax County police over license-plate data

Jim Reisert AD1C <>
Wed, 6 May 2015 14:30:28 -0600
The Associated Press, 6 May 2015

FAIRFAX, Va. (AP) - The American Civil Liberties Union of Virginia is suing
Fairfax County police over a policy in which they store data collected on
thousands of drivers through the use of license-plate readers.

The civil-liberties group filed the suit Tuesday in Fairfax County Circuit
Court. The ACLU alleges that keeping a database of information collected
through license-plate readers amounts to an illegal invasion of privacy.

The man who wants to outlaw encryption

Lauren Weinstein <>
Thu, 7 May 2015 22:00:53 -0700
  Unlike the gung-ho mood post-9/11 America, which led to the passage of the
  USA Patriot Act, industry and academic experts and even members of
  Congress have lambasted Comey's efforts to outlaw strong encryption as a
  vast overstep of government authority and grossly naive. Just last week,
  for example, a congressional hearing on encryption got downright hostile
  when Rep. Ted Lieu (D-Calif.) called Comey's proposal "stupid."
    The Daily Dot via NNSquad

  [We note thatthe federal appeals court for the Second Circuit ruled
  on 7 May 2015 that the NSA's bulk record collection program is unlawful.

Boxing Match: Video Piracy Battle Enters Latest Round—Mobile Apps

Monty Solomon <>
Tue, 5 May 2015 09:34:26 -0400

With the Mayweather-Pacquiao bout, live streaming from mobile apps was just
one of the new piracy headaches facing media companies.

  [That, plus the fact that thousands of paying customers were unable to
  access the live streaming.  PGN]

Now you can embed classic MS-DOS games in tweets (Ian Paul)

Jim Reisert AD1C <>
Tue, 5 May 2015 13:41:12 -0600
That didn't take long.....

@SamuelGibbs, 4 May 2015

Twitter kills MS-Dos games embedded in tweets

Social network kills MS-Dos gaming fun, saying interactives and games breach
its embedded cards terms of service

ZPM Espresso and the Rage of the Jilted Crowdfunder

Monty Solomon <>
Tue, 5 May 2015 09:47:32 -0400

What happens when a Kickstarter project fails to launch?

Re: Doctors don't like EHRs (RISKS 28.61)

"Geissman, James" <>
Sat, 02 May 2015 00:03:42 +0000
I looked in Wiki and the EHR article listed 11 different standards plus 3
"open" ones for them. Whaa? In the mortgage banking industry where I work
there's the MISMO standard. Different people modify it somewhat, but it's a
single basic standard. Of course the idea with the mortgage data is the data
is meant to be exchanged, not merely used by the creator. Isn't that the
case with EHRs also?

Re: All cars must have tracking devices ... (Drewe, RISKS-28.61)

"Alister Wm Macintyre \(Wow\)" <>
Sat, 2 May 2015 01:11:23 -0500
Several observations:

* I think train locomotives should have radar in front to detect vehicles
which have not yet cleared RR crossings, such as back end of a school bus or
truck, that is stuck in a traffic jam.

* Some cars are imported into EU.  I assume it will be a requirement to have
this installed in imports, before they are driven in EU.  But EU auto
manufacturers, which export to other nations, may need to disable this
feature, or give owners the opportunity to have this disabled, depending on
the laws of the other nations.

* The USA has places where cell reception is no good, such as some rural
areas, and valleys.  Is this also true in Europe?

* There are areas where cell phone service is blocked, because national
security mentality thinks most bombs are set off by cell phone calls.  That
will work until the enemy uses alternative technology, such as timers (as in
the Spain train bombing), and other techniques. It can also inconvenience
first responders who may rely on that system.  The Boston Marathon had no
drones harassing the runners, thanks to a system which used cell phone

* There may need to be some threshold adjustment to recognize what some
people do not consider to be an accident, such as car door hitting adjacent
car, when they parked too close to each other, or what goes on when crossing
the picket line of a labor management dispute . lots of hands thumping the

* Some riots may set off excess alarms, as the police shoot pellets into a
crowd, and many parked cars get hit.

* The US has systems where people are required to notify the police, such as
medical personnel observing what appears to be evidence of child abuse, then
funding for the police to do anything with the info is lost, and the
mandatory reports go into the garbage, without updating the requirements.
Is this also true in Europe?

* Will this system be as easy to hack as prior systems installed in

* Many alarm systems in the USA trigger calls to the police, but some
systems have lots of false alarms, then the police send the owners of the
false alarm systems bills for the wasted time of the police or fire dept.
Is this also true in Europe?  What will happen with alleged false alarms
from this system?

There have been multiple disasters, where power outages take out cell phone
towers, such as 9/11 in NYC where communication services used the Twin

In the Haiti 2010 quake, which took out a capital city's infrastructure,
many volunteer foreign first responders were flooded with SOS.  Some

* Where we come from, lots of people do prank 911 calls, so many of these
may also be a similar situation.

* Cell tower service was knocked out, until the USAF launched a flying cell
tower, so what we are probably hearing is the last gasp of the batteries of
the cell phones of now dead people.

For these, and other reasons, many cell phone SOS were not responded to.
But later examination of where dead bodies were found, showed a correlation
that many of those SOS were in fact real, and had they been taken seriously,
more lives could have been saved.

Re: FAA Orders Fix for Possible Power Loss in Boeing 787

Jeff Makey <>
Mon, 4 May 2015 14:44:43 -0700
248 days is the time it takes a 100Hz counter to go from zero to 2**31.  If
such a counter is stored in a signed 32-bit integer, its value then
overflows to become negative, and confusion may ensue.  The Solaris 2.5
operating system, circa 1996, had this problem with the system clock and
would hang after 248 days of uptime.

[Also noted by Gene Wirchenko and Kent Borg—who recalls the day Berkshire
Hathaway broke $(2^15)/share, and the stock market also broke. PGN]

Re: At least one American Airlines plane is grounded because the pilots' iPads crashed (Moore, RISKS-28.61)

Michael Kohne <>
Fri, 1 May 2015 20:36:39 -0400
> Where's the backup system?

What's the data on the iPad used for? Is it just stuff used to setup the
flight computers and inform the tower and so-on? Because if it IS just
pre-flight information, then staying at the gate is a perfectly safe (if
moderately expensive) fallback procedure.

Authentication vs Identification: South Korean ID system in disarray

Jay Ashworth <>
Mon, 4 May 2015 19:27:49 -0400 (EDT)
  [Re: Lauren Weinstein, South Korean ID system in disarray, 14 Oct 2014,
  Privacy Forum and Network Neutrality Squad, but not in RISKS.  PGN]

PRIVACY Forum's Lauren Weinstein pointed out a BBC story about identity
theft in South Korea, and the piece is interesting, because it points up the
RISKS of *not learning lessons*.

The problem there, it seems stems from the same source as in the US:

  Treating an identifier as an authenticator.

Well, more properly, *knowledge of an identifier*.

In the US, of course, this is the Social Security Number, which we are told
to keep a State Secret... except for all the people to whom we are required
to give it. (TTBOMK, you are only legally required to disclose your SSN to
employers, the IRS, and—thanks to the USA PATRIOT Act, passed by an
entire Congress nearly none of whom have read it *by now*, much less before
passing it—banks, and non-bank debit card service providers.  (And as
another correspondent points out, state DMVs in REALID states, now.))

Identifiers and authenticators each have several properties which it is
necessary for them to fulfill in order to successfully accomplish their
tasks.  Herewith, a recap:

For identifiers: they must be unique, they must be arbitrary (you cannot
encode mnemonics into them, or, if you do, at least some part must be
globally unique and arbitrary amongst the relevant namespace), and it
*mustn't ever be necessary to change them*.

Authenticators, on the other hand, *must* be changeable, to avoid and
recover from authentication breaches, and they must *not* be researchable --
that is, unlike "mothers maiden name" or "city you grew up in" or "name of
your first pet", or any other bit of information that people can pry out of
you by posting a cute quiz on Facebook, it must not be possible to determine
what the authenticator is for a given identity relationship.

Anything which is not a password/phrase/PIN violates the second requirement,
and biometrics violate the first (quite apart from the requirement that
biometrics must test for a living human, lest someone cut your finger off to
scan it—and please don't think I'm joking there).

Identity theft problems in both the US and S Korea stem from the persistent
and wilfull failure of businesses and governments in both countries to cease
trying to extend SSN/identity numbers (which are identifiers) to fill the
purpose of authenticators as well—one data item cannot do both jobs, as
they have conflicting requirements... and those requirements are absolute.

As you realize, if you shop at Home Depot.  Or Target.  Or Kohls.

Or have tried to make a change to your power utility account.

It is often possible to convince someone who tells you they "must have your
SSN" that they are wrong; some organizations have policy for this.  Duke
Energy was happy to put my FL DL number on file instead, once I insisted.

In the 60s, a friend forced the Mass DMV to make up an SSN for him, rather
than putting his on his MA DL.

In the final analysis, each individual is responsible for their own
security; while laws may protect you from some of the inevitable results,
they generally don't protect you from the hassle.

On the larger scale, CIOs of big organizations MUST (to borrow normative
language from the RFCs) learn this lesson and MUST stop using "knowledge of
SSN" as an authenticator, and MUST stop asking for it at all unless they
have a real, legal reason to need it.

That's the only way we'll *really* stop having to deal with Identity Theft
in the United States.

> (BBC):  (Oct 2014)
> The government is considering issuing new ID numbers to every citizen
> aged over 17, costing billions of dollars. The ID numbers and
> personal details of an estimated 80% of the country's 50 million
> people have been stolen from banks and other targets, say experts.
> Rebuilding the system could take up to a decade, said one. Some 20
> million people, including the president Park Geun-hye, have been
> victims of a data theft from three credit card companies. "The
> problems have grown to a point where finding a way to completely solve
> them looks unlikely,'' technology researcher Kilnam Chon told Reuters.

Jay R. Ashworth, Ashworth & Associates, 2000 Land Rover DII, St Petersburg
FL  +1 727 647 1274

Please report problems with the web pages to the maintainer