The RISKS Digest
Volume 7 Issue 85

Thursday, 1st December 1988

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…


o Security Pacific Automated Teller Theft
PGN and Stan Stahl
o Re: Corps of Software Engineers?
Dave Parnas
o Telecommunications, Data Entry and Worker Exploitation
Larry Hunter
o Milnet Isolation
John Markoff via Geoff Goodfellow
o Info on RISKS (comp.risks)

Security Pacific Automated Teller Theft

Peter Neumann <>
Wed, 30 Nov 1988 11:21:32 PST
Security Pacific National Bank acknowledged that nearly $350,000 was stolen on
11-13 November from about 300 customer accounts.  A specially privileged
"passkey" card may have been used from various LA-area ATMs to gain access to
each of these accounts, without requiring the PIN number and without being
subject to the daily limits on individual accounts.  (One person reportedly had
$1200 taken on a single day, in 4 installments) [Source: Los Angeles Times
adaptation in S.F. Chronicle, 30 Nov 88, p. A6]

"Any system can be beaten," said a security official at another Los Angeles
bank when told of the loss.  [...]  A security official at another Los Angeles
bank, however, discounted the idea of a passkey.  He did say that such a theft
would almost certainly require inside knowledge.  [From the original LA Times
article by Douglas Frantz, Times Staff Writer, contributed by Stan Stahl

  [Superuser-type trapdoor mechanisms may be more useful for illegitimate
  purpose than for legitimate purposes.  Having spent many years designing
  structured systems that were sufficiently flexible WITHOUT having such
  mechanisms, I wonder why systems with relatively omnipotent trapdoors
  continue to be used in critical applications.  The existence of such an
  ATM trapdoor seems highly unnecessary, and is clearly an invitation to
  misuse.  Maintenance interfaces should be subjected to security and
  integrity controls, separation of duties, principle of least privilege,
  etc., just like everything else.  PGN]

Corps of Software Engineers? (RISKS-7.84)

Dave Parnas <>
Wed, 30 Nov 88 23:15:02 EST
>    "Flexibility is software's strong suit, allowing the military
>    to make changes in how a weapon system functions, even after
>    it is fielded... [discussion of gratuitous changes deleted]
>    ...making changes in a hurry during a conflict is imperative
>    if software is to help US forces prevail."
>    [...] But where is the US corp of software engineers that can fix
>    a key software module quickly so the next airstrike can account for
>    an unexpected SAM threat?  Do the armed services expect contractor
>     personnel to volunteer for duty on the front lines?   ..... "
>                                     Henry Spencer at U of Toronto Zoology

    Yes.  I have seen battlefield trucks from Viet Nam whose walls were full of
debugging notes.  Contractor personnel were assigned to debug the programs
during battle.

David L. Parnas, Queen's University, Kingston Ontario

Telecommunications, Data Entry and Worker Exploitation

Larry Hunter <hunter-larry@YALE.ARPA>
Thu, 1 Dec 88 16:29:36 EST
From "Optical Information Systems Update," Dec 1, 1988, p.8.  

  Digiport, a new telecommunications facility in Jamaica, will open up
  a new era for data entry operations.  Two-way telecommunication
  eliminates one of the major problems of offshore data entry — lengthly
  turnaround time.  Previously, at least three to four days were required
  just for round trip flights.  With image transmission, the data is
  quickly available for keying.  In addition to fast turnaround, two-way
  transmission provides complete document control and security because
  the forms never leave the customers office.  With this technology,
  the data entry function is electronically transferred to a low cost
  labor area with significant savings.  For information, contact ...
  Offshore Information Services, Inc., 39 North Broadway, Tarrrytown,
  NJ 10591....

And, of course, with a significant loss to data entry personnel in high cost
(like $6.00/hr) labor areas.  Not to mention the savings (losses) in reduced
requirements for worker benefits and safety standards.

Milnet Isolation

the terminal of Geoff Goodfellow <>
30 Nov 1988 17:29-PST
By JOHN MARKOFF, c.1988 N.Y. Times News Service

     NEW YORK _ The Pentagon said on Wednesday that it had temporarily
severed the connections between a nonclassifed military computer network and
the nationwide academic research and corporate computer network that was
jammed last month by a computer virus program.
     Department of Defense officials said technical difficulties led to
the move. But several computer security experts said they had been told by
Pentagon officials that the decision to cut off the network was made after
an unknown intruder illegally gained entry recently to several computers
operated by the military and defense contractors.
     Computer specialists said they thought that the Pentagon had broken
the connections while they tried to eliminate a security flaw in the
computers in the military network.
     The Department of Defense apparently acted after a computer at the
Mitre Corp., a Bedford, Mass., company with several military contracts, was
illegally entered several times during the past month. Officials at several
universities in the United States and Canada said their computers had been
used by the intruder to reach the Mitre computer.
     A spokeswoman for Mitre confirmed Wednesday that one of its
computers had been entered, but said no classified or sensitive information
had been handled by the computers involved. ``The problem was detected and
fixed within hours with no adverse consequences,'' Marcia Cohen said.
     The military computer network, known as Milnet, connects hundreds
of computers run by the military and businesses around the country and is
linked through seven gateways to another larger computer network, Arpanet.
It was Arpanet that was jammed last month when Robert T. Morris, a Cornell
University graduate student, introduced a rogue program that jammed
computers on the network.
     In a brief statement, a spokesman at the Defense Communication
Agency said the ties between Milnet and Arpanet, known as mail bridges, were
severed at 10 p.m. Monday and that the connections were expected to be
restored by Thursday.
     ``The Defense Communications Agency is taking advantage of the loop
back to determine what the effects of disabling the mail bridges are,'' the
statement said. ``The Network Information Center is collecting user
statements and forwarding them to the Milnet manager.''
     Several computer security experts said they had been told that the
network connection, which permits military and academic researchers to
exchange information, had been cut in response to the intruder. 
     ``We tried to find out what was wrong (Tuesday) night after one of
our users complained that he could not send mail,'' said John Rochlis,
assistant network manager at the Massachusetts Institute of Technology.
``Inititally we were given the run around, but eventually they unofficially
confirmed to us that the shut-off was security related.''
     Clifford Stoll, a computer security expert at Harvard University,
posted an electronic announcement on Arpanet Wednesday that Milnet was
apparently disconnected as a result of someone breaking into several
     Several university officials said the intruder had shielded his
location by routing telephone calls from his computer through several
     A manager at the Mathematics Faculty Computer Facility at the
University of Waterloo in Canada said officials there learned that one of
their computers had been illegally entered after receiving a call from
     He said the attacker had reached the Waterloo computer from several
computers, including machines located at MIT, Stanford, the University of
Washington and the University of North Carolina. He said that the attacks
began on Nov. 3 and that some calls calls had been routed from England.
     A spokeswoman for the Defense Communications Agency said that she
had no information about the break-in.
     Stoll said the intruder used a well-known computer security flaw to
illegally enter the Milnet computers. The flaws are similar to those used by
Morris' rogue program.
     It involves a utility program called ``file transfer protocol''
that is intended as a convenience to permit remote users to transfer data
files and programs over the network. The flaw is found in computers that run
the Unix operating system.
     The decision to disconnect the military computers upset a number of
computer users around the country. Academic computer security experts
suggested that the military may have used the wrong tactic to attempt to
stop the illegal use of its machines.
     ``There is a fair amount of grumbling going on,'' said Donald
Alvarez, an MIT astrophysicist. ``People think that this is an unreasonable
approach to be taking.''
     He said that the shutting of the mail gateways did not cause the
disastrous computer shutdown that was created when the rogue program last
month stalled as many as 6,000 machines around the country.

       [By the way, things still do not appear to be back to normal. 
       Too bad.  That means MILNET hosts are not receiving RISKS, and
       also that I will have more headaches than usual with BARFMAIL.  PGN]

Please report problems with the web pages to the maintainer