The RISKS Digest
Volume 18 Issue 24

Tuesday, 2nd July 1996

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…

Contents

Workmen strike at CERN
Al Smith
Ariane 5 Crash due to Faulty Software?
Andy Fuller
c4i-pro The Millennium comes early to GPS
Joe Gwinn via Tom Briggum ...
Police Computer Stolen
David Kennedy
Automatically generated typos in online Sydney Morning Herald
Tom McDermott
Grammar checkers
John Colville
The computer is always right - again
Hugh J.E. Davies
Metro Machiniste leaves train for coffee
Boyd Roberts
Blackmailing financial institutes - a real life story
Frank Rieger
Re: DoD and IRS tax systems
Dennis G. Rears
Scott A. Renner
Carl Minie
Digital Precipice: What the computer trade hides from their customers
Kirsten Raach on Markus Gaulke's book
Info on RISKS (comp.risks)

Workmen strike at CERN

Al Smith <Al.Smith@gold.net>
Wed, 26 Jun 1996 15:19:59 +0200
After a shutdown of 6 months during which the LEP vacuum system was opened
at many locations, the accelerator was started up on 14 June 1996.

After 5 days of machine studies it became clear that there was an obstacle
inside the LEP vacuum chamber close to Point 1. On the morning of 19 June
the vacuum system was opened and 2 empty beer bottles, some 5 metres apart,
were found inside the beam pipe.  This incident has caused a 5 day delay in
the setting up of the accelerator and will result in a reduction of about
10% of the time available for running LEP2 at the W pair production
threshold (161 GeV) in 1996.


Ariane 5 Crash due to Faulty Software?

Andy Fuller <acfa@eci-esyst.com>
Fri, 28 Jun 1996 09:11:45 -0400
According to the 24-30 June issue of *Space News* the 4 June 1996 explosion
of the Ariane 5 rocket was caused by software in the inertial guidance
system.  Apparently an inertial platform from the Ariane 4 was used aboard
the Ariane 5 without proper testing.  When subjected to the higher
accelerations produced by the Ariane 5 booster, the software (calibrated for
an Ariane 4) ordered an "abrupt turn 30 seconds after liftoff", causing the
airframe to fail.

The article notes that a request to test the inertial platform under
conditions similar to those produced by the Ariane 5 was "vetoed by CNES
for budgetary reasons."  Sextant Avionique, the builder of the inertial
platform, has since performed these tests and confirmed that it would
fail in an Ariane 5 launch.

We are again reminded that crashing a simulator is lots cheaper than
crashing a vehicle.

Andrew C. Fuller   Raytheon E-Systems   | Box 12248 | St. Petersburg, FL 33733
acfa@eci-esyst.com   (813)381-2000 x3194 | Fax:(813)381-3329


c4i-pro The Millennium comes early to GPS

<>
Thu, 27 Jun 1996 09:36 -0500 (EST)
  [Via Bruce_Walter@ccmail.orl.mmc.com and
  Bob Schaefer <schaefer@rapnet.sanders.lockheed.com> ]

"tom briggum" <tom_briggum@ccmail.nctamslant.navy.mil>
        Don't know the validity of the following, but it sounds authentic
        to me.  Talk about your major C4I problem!
        ... Tom Briggum

     >From:  gwinn[SMTP:gwinn@ed.ray.com]
     Sent:  Wednesday, June 26, 1996 11:48 AM To:  osswgx
     Subject:  The Millennium comes early to GPS

     I have good news and I have bad news.
     The good news is that GPS will not have a "Year 2000" problem.
     The bad news is that GPS System Time will roll over at midnight
     21-22 August 1999, 132 days before the turn of the millennium.
     On 22 August 1999, unless repaired, many or all GPS receivers
     will claim that it is 6 January 1980, 23 August will become 7
     January, and so on.  I would expect that some manufacturers have
     already solved the problem, but many have not.

     The details:  Section 3.3.4(b) (page 33) of the ICD-GPS-200 rev B
     (30 November 1987 issue) states that the GPS Week count starts at
     midnight 5-6 January 1980 UTC (Julian Date 2,444,244.500), and
     that the GPS Week field is modulo 1024.  This means that the week
     count will roll over 1024/52= 19.69 years from then, or in
     1980+19.7= 1999, only a few years from now.  Specifically, first
     rollover will occur at Julian Date (2,444,244.5 + 7*1024)=
     2,451,412.500, which is midnight 21-22 August 1999 UTC.

     I could find no mention of any field in any GPS message that
     would tell you which 1024-week cycle you were in.  In the July
     1993 update of ICD-GPS-200, a note has been added (also on page
     33) saying that the week number *will* roll over, and that users
     must account for this, but no way to accomplish this is
     mentioned.  I take this note as further evidence that there is no
     way to tell, given only the signal-in-space definition as of July
     1993.  I have gotten some e-mail traffic indicating that, just as
     I had suspected, some manufacturers did realize that GPS would
     soon roll over, and were keeping it to themselves in the hope
     that the others would fall upon their swords.  Not pretty.

     Our supplier was dumbfounded when I raised the issue, couldn't
     stop thanking me for pointing it out years before rollover.  They
     clearly feel that it could have been a life-threatening disaster
     for them.  Every GPS-related product they had ever made would
     have come back for repair, under warrantee, all at once.  Too
     close for comfort.  And, discovered by luck.

     The firmware in all older units will have to be replaced.  This
     would involve replacement of PROMs; some are socketed, some are
     soldered. New units presumably will know better than to claim
     dates from before they were manufactured, and/or will allow the
     user to directly or indirectly tell the firmware which 1024-week
     cycle to assume, without requiring replacement of that firmware
     at the second rollover, in 1980+(2*1024/52)= 2019 AD. Some of
     this equipment will still be in use then, long after the
     manufacturer has forgotten the product.

     However, in spite of everything, not everybody will get the
     message, so system software will forever have to have an
     independent idea of what year it is, to know when to disbelieve a
     receiver or receivers (they could all be wrong), and to handle
     arguments between various GPS receivers (if only some are wrong).

     Without a GPS Simulator, there is no way for users to test a GPS
     receiver for this problem.  All most users can do is to ask their
     manufacturer for a solution, and also to imbue the system
     software with a suitable degree of skepticism about GPS receivers'
     sense of time.

     My intent in posting this note is to alert the entire industry to
     the problem, allowing it to be solved with minimal disruption to
     all.  As a technical matter, the solution is quite simple.  It's
     the logistics that will take some years.

     Joe Gwinn


Police Computer Stolen

David Kennedy <76702.3557@CompuServe.COM>
01 Jul 96 18:31:12 EDT
Courtesy of PA News via CompuServe's Executive News Service:

         POLICE COMPUTER SNATCHED FROM DETECTIVE'S CAR

PA News  30 Jun 1996
Police Computer Stolen

  By Tim Moynihan, PA News
<>   A police computer has been stolen from a senior officer's
<>car, it was confirmed today.
<>   Two youths snatched the laptop from a car being driven by
<>Detective Superintendent Brian Edwards, who investigates major
<>crimes in central London.
<>   Scotland Yard declined to comment on whether there was
<>sensitive material on the computer though they stressed it was
<>"security protected".

o   Taken by two youths when the car was stopped in traffic at about
1740 hrs Thursday June 27, 1996.

o   Police dismissed a report that the laptop contained information
about two current, notorious cases, the Lawrence stabbing and the death of
Member of Parliament Stephen Milligan, who was found naked except for
suspenders and stockings with a plastic bag over his head and a noose of
electrical cord around his---neck.

<>   Police advice to the public is not to put valuable items on
<>the back seat, but to keep them in the boot.

[DMK: Article makes no mention to the state of consciousness of the driver
of a police car stopped in traffic. TBFTGOGGI (there but for....)]

Dave Kennedy [CISSP] InfoSec Recon Team Chief, National Computer Security Assoc.


Automatically generated typos in online Sydney Morning Herald

Tom McDermott <spon@mpce.mq.edu.au>
Thu, 27 Jun 1996 19:26:06 +0200
The online Sydney Morning Herald (*) of June 28, 1996 contains the
following phrases:
"arjpgicial turf" and
"The stereotypes Glover idenjpgied go like this"

Someone has obviously done a search-and-replace to convert "tif" to
"jpg" on the HTML source with the rather cryptic results above; I
suspect the culprit is a single missing backslash - they've searched for
'.tif' not '\.tif'

The risk? Looking foolish by publishing nonsense.

(*) To be found at <http://www.smh.com.au/>

Tom McDermott : spon@mpce.mq.edu.au


Grammar checkers

<colville@socs.uts.edu.au>
Tue, 2 Jul 1996 08:41:11 +1000
I still treasure the following response by MS Word's grammar checker.
When it came to the following fragment:

  The School reviews applications by students . . .

The checker highlighted *School reviews*, and asked:

  Is this a misspelling?  Is it the expression *Rigor mortis*?

[It may know better than us how effective the reviews were]

John Colville, School of Computing Sciences, University of Technology,
Sydney P O Box 123 Broadway, NSW, Australia, 2007   +61 2 514 1854


The computer is always right - again

Hugh J.E. Davies <hdavies@kzin.mon.rnb.com>
Mon, 1 Jul 96 15:07:46 BST
In RISKS-18.20, "Richard S. MacDonald" <dickmac@ix.netcom.com> describes how
he had trouble buying some ZIP disks because "the computer is always right",
even though it was wrong.

In the UK, we have a sales tax called VAT, which is levied on most things at
17.5% (It's a lot more complicated than that, but that's outside the scope
of this posting.) One of the things that it's not levied on are books, which
are zero-rated. Recently, I went into my local Ford dealer to buy a workshop
manual for my car. They wanted the price listed, plus VAT, since car parts
are liable to the tax. I pointed out that the workshop manual was a book,
and therefore zero rated, but they said that the computer had no provision
for selling zero rated items. Presumably, this is because car dealers are
unlikely to sell the most common zero rated items (food, children's
clothing, er, books).

In the end, they manually calculated what the price had to be such that the
price including VAT (which the computer insisted on adding) was the price
excluding VAT, and they charged me that. Of course, this makes their VAT
accounts wrong, which the Customs & Excise (who administer VAT) take very
seriously. Afterwards, I called the Customs & Excise to confirm my stance,
and they said that it sounded like this dealer could do with an audit ...

Hugh


Metro Machiniste leaves train for coffee

Boyd Roberts <boyd@france3.fr>
Tue, 2 Jul 1996 12:42:26 +0200
Taking Metro line 6 in Paris from Etoile yesterday at around 9 am I arrived
at Kleber and stood and watched while the station initiated departure signal
sounded several times while the train didn't move.  The train initiated
departure/door-closure signal sounded as well but we still didn't move.  Two
other trains arrived on the parallel track and then departed, ahead of us,
although we were on the 'primary' track.  They had been diverted to the
'secondary'.

I some fit of desperation I looked out from the first carriage and saw
the machiniste (driver/motorman) appear from this small cabin at the
head of the train with a cup of coffee (I presume).  He then entered
his compartment and the train departed.

I can only assume that he was counting on the automatic re-routing of
the subsequent trains.  Or perhaps he signaled some sort of problem,
while he made his coffee.  Trains leave Etoile about every minute or
less and then can be re-routed back to Etoile from Kleber to alleviate
congestion on the platform.

As I got off at Passy I remembered the story, reported in  RISKS, about
the Victoria line Tube train that departed without its driver.  If only
I'd been so lucky.


Blackmailing financial institutes - a real life story

Frank Rieger <frank@artcom.de>
Wed, 26 Jun 1996 13:35:25 +0100
The HERF-against-banks-story from the Sunday Times 3 weeks ago was somewhat
overhyped and has a lack of facts..  I have collected some facts on real
blackmail attempts performed in Germany on a much lower, but maybe
comparable level.

Since February 1996 until last week a person named Markus S=F6hnke
Ungerb=FChler was calling German banks and corporations, claiming he was a
member of the Chaos Computer Club and has hacked the corporate computer
system. He claimed, that he has his hands on data that proves tax
manipulations and other illegal activities of this company. He also claimed
the hacking of several systems in main German press magazines like stern and
Spiegel.  Ungerb=FChler asked the banks and companies for paying him some
1000 Deutschmarks for giving them the data "back". Another scheme was to ask
for payment for removing allegedly planted negative-stories from the press
computers.  As known by now all of some dozen companies and banks paid in
panic reaction for avoiding any press coverage. Only a very, very small
minority of victims asked the police for help - after paying.  In several
cases Ungerb=FChler handed out some disks with the "data" in exchange for
the money. These disks were empty.

Mr. Ungerb=FChler has escaped in February from an psychiatric hospital,
where he was arrested cause of being an proven schizophrenic and
blackmailer. He started his activities two days after his getaway. He based
in London and operated via some Fax- and Voicemail boxes.  The investigation
of the case was difficult, cause none of the victims was willing to prove
the identity of the blackmailer for the police etc.  (Ungerb=FChler used to
show money couriers from the banks his authentic passport to prove he is the
right person to receive the money)

He is definitely not a member of the Chaos Computer Club and is, as far as
known by now, unable to hack into computer systems. He is simply a
confidence trickster.

The case shows, how fast and easy big companies pay, if they fear press
coverage of real or alleged problems. They pay to everyone who believable
claims to be _able_ to perform hacking or electronic attacks.

In the light of this case, I could imagine, that around 40 banks in London
City have paid for being not attacked by HERF - without the real prove, that
the blackmailers own such weapons. There is a real huge amount of
irrationality in computer security issues, especially in the financial
sector. It seems like no one trusts his security measures. As I have learned
in this case, these security-guys are thinking all the time in a worst-case
manner and if the worst case occurs they are unable to react rational. You
did not need Schwartau-style doomsday-weapons for getting lots of money - ou
only have to be eloquent and know the right buzzwords.  Finally the
Ungerb=FChler-case was mainly fixed cause of massive activities of an
well-known international security company paid by one of the victims, not
cause of so good cooperation between police and the victims.

Frank

(source: partly from Der Spiegel 24.6.1996,
http://eunet.bda.de/bda/int/spon/magazin/gesel02.html)


Re: DoD and IRS tax systems (Wexelblat, RISKS-18.23)

"Dennis G. Rears" <drears@Pica.Army.Mil>
Tue, 25 Jun 96 9:37:56 EDT
Richard L. Wexelblat writes:

>Special note:  I work for the IRS and have a work-related vested interest
>============   in _not_ having the Department of Defense involved in
>               contracting for IRS software and systems.  Therefore,
>           despite any claims of non-bias below, I am clearly
>           "interested" in the classical sense of the word.

My special note:  I work for the Army as a civilian.

>That part out of the way, I'd like to say (as a private citizen, a
>tax-and-spend liberal, and an almost-always defender of free speech and the
>right of the citizen to privacy) that the present initiative by Congress to
>have DoD become the contracting agent for IRS system and software
>development is a clear and present danger to privacy in the Republic in
>which we stand.

  I think it is funny that somebody from the IRS has the GALL to write
about privacy worries about the DoD.  This from a representative from an
agency that wants access to all financial data from all its citizens.
They want to know under criminal penalty about accounts outside the US
borders.  I don't even have to talk about the Social Security Number.

>The initiative referred to above is in the "Subcommittee Mark" of the
>proposed next year's budget.  It's just a House Subcommittee so it's not
>law, but it's a bad idea in my mind, even to consider it seriously.  Is the
>Department of Star Wars and the $700 toilet seat really so excellent a
>contracting agency that they are the clear choice to handle IRS business?

  Typical attack based upon ignorance.  First it is the Department of
Defense.  Second, he mentions the $700 toilet seat when in fact it was in
the $600 range.  For those who know about the $600 toilet seat, the cost is
defensible.  It was fabricated by an aircraft company at the request of the
Air Force (not DoD).  It was not mass produced and was made to AF specs.
The company did not even want to make it.  They produced it at cost.  When a
company produces a small amount of items they are expensive.

  I don't know the full details of the proposal.  Is it the DoD, AF, or what
agency that will procure the system?  They do have separate procurement
departments.  They all operate under the FAR and Dod regulations but the AF
and Army also have additional procurement regulations.

>Well, that's my biased opinion, and I'd like very much to hear from
>others who may have a more valid claim to disinterest!

  Well essentially there are no facts in this post.  The IRS has already
shown their incompetence in procuring ADP systems.  If it is not the DoD, it
might go to NASA or some other agency.

Dennis


Re: DOD and IRS tax systems (Wexelblat, RISKS-18.23)

"Scott A. Renner" <sar@langley.mitre.org>
Tue, 25 Jun 1996 10:46:19 -0400
Where is the RISK?  The term "Department of Star Wars" shows a political
objection, not a technical one.  The "$700 toilet seat" outrages usually
turn out to be

    (a) priced the same as comparable civilian items; eg. aircraft coffee
        makers, emergency flashlights, or

    (b) priced according to procurement regulations imposed by Congress;
    $15 for the toilet seat, $685 for overhead

and in any case do not tell us much about software development.  True,
the history of software development in the DOD is not a happy one, but
then the IRS hasn't done very well in the past, either.  In terms of
privacy concerns, the IRS is *much* more threatening than the DOD.  That
threat is not changed if DOD contractors start writing IRS software.

Having DOD develop software for the IRS does not especially strike me as
one of the best ideas of the 1990s — but where's the RISK?

Dr. Scott A. Renner  The MITRE Corporation  P.O. Box 716
Langley AFB, VA 23665 USA   +1 804 766-4592   sar@mitre.org


Re: DoD and IRS tax systems (Wexelblat, RISKS-18.23)

Carl Minie <CarlM@qsc1po.qstr.com>
Thu, 27 Jun 1996 14:12:51 -0400
As an ex-liberal and small-l libertarian, I submit that the true danger to
privacy in the Republic is the practice of gathering detailed financial
information from all (law-abiding) Americans under threat of asset
confiscation and jail terms, and then giving tens of thousands of government
employees access to this information in the course of their employment.  I
further submit that passing a few wimpy privacy laws and expecting them to
prevent this information from being used for personal and political purposes
is magical thinking.  It doesn't take a genius to surmise that IRS data is
used regularly for illegal purposes by everyone from the sitting President
(of either party) down to grudge-bearing neighbors and ex-spouses.  I
believe the IRS attempted to assess the depth of the problem in their
Southeastern Region (where my mother worked) at one time, and stopped at
well over 300 violations.  You or I would have ended up at Leavenworth, but
all but a few of the most egregious violators were simply warned not to do
it again.

You can take voluntary action to keep yourself out of the TRW/
Equifax/TransUnion food chain and off junk mail lists...but Federal law
requires you to remain in the IRS's gunsights for your entire productive
lifespan.  Neither party supports privacy when it means privacy from the
government; it is a Democratic president who is enthusiastically supporting
the FBI and NSA in their efforts to prevent American citizens from using
encryption that they can't break, and to require that every phone, fax, and
modem in the United States contain a chip that would allow government
agencies to tap in at will.  Do I need to add here that the very concept of
economic privacy is anathema to those who believe that a portion of
everything you earn, keep, spend, or invest belongs to them, and that not
handing over the fraction they demand is stealing from them?

> Is the Department of Star Wars and the $700 toilet seat
> really so excellent a contracting agency that they are the
> clear choice to handle IRS business?

I don't expect the IRS to be abolished anytime soon...but letting the DoD
design its computer systems would be an acceptable second choice.  The DoD
may be expensive, but they're not very good.  My fondest hope is that with a
spanking new Government Issue computer system, the IRS that the GSA says
can't figure out where 60% of its own budget goes won't be able to find 60%
of mine.  I don't like paying for $700 toilet seats (or $320,000 spotted
owls) any more than you do.

The solution which provides the smallest RISK to privacy is not to gather
the data in the first place.  If tax compliance is truly voluntary, then the
IRS should trust that we are reading 21,000 pages of IRS rules and case law
and sending in the correct amount.

Long Pig


Digital Precipice: What the computer trade hides from their customers

<KRaach@aol.com>
Sun, 30 Jun 1996 05:48:07 -0400
In Germany a new book has been published by Markus Gaulke that describes and
illustrates (by citing hundreds of precise and real computer mishaps) the
risks and dangers connected to the increasing use of information technology
in all parts of human life. The book is very interesting reading, easy to
understand and gives valuable insights. Unfortunately the book (344 pages) is
published only in German so far (original titel: "Digitale Abgruende - Was
die Computerbranche ihren Kunden verschweigt"; verlag moderne industrie,
ISBN: 3-478-91510-4), but the author offers a Web Page in English about the
contents of his book (http://members.aol.com/Secuinfo/welcome.html).

Kirsten Raach, computer consultant

Please report problems with the web pages to the maintainer

x
Top