Subject: RISKS DIGEST 14.46 REPLY-TO: risks@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Tuesday 6 April 1993 Volume 14 : Issue 46 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Sound of the Fury: Sub-liminal highway monitoring... (Peter Wayner) Computer company helps students with fake IDs (Phil Haase) Mangled zip code leads to collection agency (Ken Hoyme) NREN WRAP [Joe's Final Houston Chronicle NII Story] (Joe Abernathy) Danny Dunn, Automatic House, Automatic Electric Post Office (Jerry Bakin) Teenage Hackers (Jim Haynes) Re: If they mention flying saucers (Ian Phillipps, Olaf Titz, Robert VanCleef) Re: FORTRAN-hating gateway (Nick Andrew) Re: FORTRAN-hating gateway, Hayes Sequence Triggered (A. Padgett Peterson) Re: Correcting computer information ... (Roger D Binns) Re: Dutch hacker in jail for another month (Ralph Mooonen) Internic Registration Services Security Compromised (Mark Boolootian) Call for Papers, PSAM II (System-Based Models) (Charlie Lavine) The RISKS Forum is a moderated digest discussing risks; comp.risks is its Usenet counterpart. Undigestifiers are available throughout the Internet, but not from RISKS. Contributions should be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with appropriate, substantive "Subject:" line. Others may be ignored! Contributions will not be ACKed. The load is too great. **PLEASE** INCLUDE YOUR NAME & INTERNET FROM: ADDRESS, especially .UUCP folks. REQUESTS please to RISKS-Request@CSL.SRI.COM. Vol i issue j, type "FTP CRVAX.SRI.COMlogin anonymousAnyNonNullPW CD RISKS:GET RISKS-i.j" (where i=1 to 14, j always TWO digits). Vol i summaries in j=00; "dir risks-*.*" gives directory; "bye" logs out. The COLON in "CD RISKS:" is essential. "CRVAX.SRI.COM" = "128.18.10.1". =CarriageReturn; FTPs may differ; UNIX prompts for username, password. For information regarding delivery of RISKS by FAX, phone 310-455-9300 (or send FAX to RISKS at 310-455-2364, or EMail to risks-fax@cv.vortex.com). ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. Relevant contributions may appear in the RISKS section of regular issues of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise. ---------------------------------------------------------------------- Date: Mon, 5 Apr 1993 18:00:02 -0400 From: Peter Wayner Subject: Sound of the Fury: Sub-liminal highway monitoring... The April 5th 1993 edition of the Washington Post contains a short item describing how AT&T is modifying some of the technology it developed for submarine warfare to smooth traffic flow on the highways. They are currently testing the system on the New Jersey Turnpike where they've installed "SmartSonic" sensors that ... ``measure the speed of passing vehicles by listening to their individual sounds or `acoustical signatures' just as they have been used to listen to other submarines.'' The RISKS? The system will supposedly control ramp access and offer alternative, less-congested routes. This means we are effectively replacing a low-level system with one that is high-level and if not drive-by-wire, at least navigate-by-wire. I have no ideas whether the highways obey/mimic differential equations that are potentially chaotic, but I hope they will check these things out. Naturally, the privacy arguments about electronic tollbooths apply to this situation. I can imagine the 21st century crook on the lam (and lambs avoiding the crook): he hacks his carburetor chip to change the distinctive signature of his car. Or better yet, he hacks his DSP-controlled sonic-muffler to change the signature regularly. Gotta love technology... The 21st century is going to be a great one for nerds like us. [Must be sub-laminal? PGN] ------------------------------ Date: 05 Apr 1993 20:45:31 -0400 (EDT) From: FPHAASE@delphi.com Subject: Computer company helps students with fake IDs This article appeared in the New Orleans Times Picayune on Thursday, April 2. It in interesting to note that a software company unknowing helped these teenagers in their escapade. Four 16-year-old students were issued misdemeanor citations by Slidell (a suburb of New Orleans) police for unlawful use of a license. Apparently they had made phony driver licenses using one of the student's father computer and a desk top publisher program. The driver licenses were from the states of Minnesota, Wisconsin and Washington. The 4 students would manufacture these IDs and sell them for $30. The students were all honor students from one of the local high schools. The police seized a computer disk, a cutting board and a lam 55311). After this, their monthly mailings stopped. Last week, I received a letter from a collection agency due to my unfulfilled agreement. The address was so incredibly mangled, I am amazed that the post office was able to route it. The zip code had only one digit right (54762). The city and street names were mangled as well. Apparently their data entry operator damaged the record when entering the change of address. My guess is that Columbia House attempted to send their bulk-class mailings to this mangled address and never got them routed (or a proper response to the "Address Correction Requested" notation). I don't suppose the Post Office spends a lot of time trying to route misaddressed bulk mail. Rather than trying to send me anything by 1st class mail, they turned it over to a collection agency to make this attempt. Seems pretty inefficient, since the cost of the collection agency has to be more than a 1st class letter. Finally, I called Columbia House's 1-800 (toll-free) number to clear this up. The operator corrected the address on-line, but made the comment that he had to make sure that the change 'took'. Apparently they have experienced regular problems with entering an address change, only to have the system not actually make the change to the database record. They either have a software or training problem there. The simple change of two zip code digits led to far more chaos than it should. Ken Hoyme, Honeywell Systems and Research Center, 3660 Technology Dr., Minneapolis, MN 55418 (612)951-7354 hoyme@src.honeywell.com ------------------------------ Date: Thu, 1 Apr 93 14:54:12 CST From: Joe.Abernathy@houston.chron.com (Joe Abernathy) Subject: NREN WRAP [Joe's Final Houston Chronicle NII Story] NREN Wrap -- This is my last story for the Houston Chronicle. It is to appear on April 4, 1993. Please feel free to redistribute it for any non-commercial use. To those of you who have provided so much help these past four years, thanks. It's been a real education. I've accepted the job of Senior Editor- News at PC World magazine, and I'll still be writing the Village Voice Technocracy column, so I hope you'll all stay in touch. My new contact information is P.O. Box 572390, Houston, Texas 77257-2390, joe@blkbox.com. By JOE ABERNATHY Houston Chronicle Staff Writer The specters of class struggle and international economic warfare are casting a shadow over administration hearings on how to build a sophisticated national computer network. Billed as an engine of job growth, a central concern is emerging that the ``data superhighway'' promised by Vice President Al Gore and President Bill Clinton during the campaign could produce a large underclass of ``information have-nots.'' Based on an emerging global computer network known as the Internet, which links up to 12 million people in more than 30 nations, the National Research and Education Network (NREN) is a decade-long project of former Sen. Gore. Gore envisions a future in which oceans of data, including libraries of movies, books and other creative works, would be readily avail able to every home. In selling a $5 billion spending plan focused on the network in 1992, Gore held forth the image of classrooms without walls, sophisticated medical collaborations, and globally competitive small businesses. ``The NREN is at all odds the most important and lucrative marketplace of the 21st century,'' he said in a recent statement. But in trying to make it work, it has become apparent that the NREN remains in many ways a captive of its privileged institutional heritage. Some Americans don't even have telephone service, and many still don't have computers with which to access the net. Two congressional hearings were held in late March concerning the National Information Infrastructure, and a bill has been introduced that would take up where Gore's 1992 High-Performance Computing Act left off _ bringing the net to classrooms, small business and other potentially disenfranchised Americans. Clinton's budget includes an additional $489 million over six years for the network. And while the regional Bells, newspapers and other information giants have been struggling for years over the future of the medium, congressional insiders say that with the in creased attention, a resolution seems likely to be found during the current session of Congress. ``What I think is really getting squeezed out is that there hasn't been a genuine, public interest, bottom-up grass roots voice. It's a huge, huge issue,'' said Marc Rotenberg, director of the Washington offices of Computer Professionals for Social Responsibility, the primary champion of civil rights in the new electronic medium. ``It's about people, it's about institutions, it's about who gets to connect and on what terms.'' Observers also fear that the rush to wield the network as an economic weapon could produce dramatic incursions into free speech and other civil liberties. ``I'm very concerned that the rhetoric about national competitiveness is transforming itself into a new cold war,'' said Gary Chapman, director of CPSR's 21st Century Project in Cambridge, Mass. ``The concerns of intelligence and other federal agencies including NASA has been to look at technology resources that are not related to military security but to economic benefits as being things that have to be protected by Draconian measures of security.'' Recent disciplinary actions at NASA Ames Research Center in Northern California seem to support Chapman's concerns. Up to eight of the 11 scientists disciplined in December were targeted because of their participation in politically oriented, international discussion groups hosted on the Internet computer network, according to documents ob tained by the Houston Chronicle under the Freedom of Information Act, along with subsequent interviews of NASA Ames personnel. ``Some people there were accused of dealing with foreign nationals about non-classified technology issues,'' said Chapman, whose organization also has made inquiries into the matter. ``NASA said the U.S. has to protect its technology assets because of the global environment of competitiveness.'' The issues are even simpler for Raymond Luh, a subcontracting engineer fired by NASA. Luh, an American of Chinese ancestry, feels that his career was destroyed simply because he joined in one of the thousands of political discussions aired each day over the Internet. ``I feel I have been gravely wronged by NASA,'' Luh said. ``I cannot possibly seek employment elsewhere. My reputation as a law- abiding citizen and a hard-working researcher has been tarnished almost beyond repair.'' NASA refused to comment on the matter. According to FOIA documents provided by NASA's Office of the Inspector General, Luh was fired when ``a document containing Chinese writing was found in (Luh's computer). ... Investigation determined that Luh's office computer held a large volume of files relating to his efforts to promote Most Favored Nation trade status for the People's Republic of China. ... Luh was not authorized to use his computer for this activity.'' To Luh, however, he was only one of the chorus of voices that joined in a fiery debate surrounding fallout from the Tiananmen Square massacre. He wasn't trying to make policy _ he was exercising intellectual freedom, in his spare time. ``That's a very dangerous and disturbing kind of trend,'' said Chapman. ``The parallel is with the Cold War and transforming the modes of thinking and the practices of these agencies into new forms of control, even in the absence of militarily significant enemies. We'll start think ing about the Japanese or whatever Pacific Rim country you want to pick as being `enemies,' and intellectual commerce with these people will be a matter of economic security. ``The freedom of expression aspect of that is very critical. We want to make sure that this is a system in which people can express themselves freely without repercussions.'' Observers fear that Luh may be only the first such casualty as federal agencies and special interest groups reshape the Internet into their own model, carving up a pie estimated to be worth $3.5 trillion. While Gore's vision implies the construction of a high-speed, high-tech fiber optic network, a number of counter-proposals are being floated. The Electronic Frontier Foundation -- which earlier made a name for itself with a successful court challenge to the conduct of the Secret Service in a hacker crackdown -- is focusing on building a less powerful, less costly network that could reach more people, more quickly. ``Our central concern is that we get from debate to doing something,'' said Jerry Berman, EFF director. EFF's approach _ endorsed by Rep. Edward J. Markey, D-Mass. _ is to build an ISDN (Integrated Services Digital Network) service atop the telephone network, making a modest level of digital computer transmission available quickly to every home. The more sophisticated fiber optic approach implied by Gore's NREN could be implemented as time and money allow. But few voices have been heard backing ISDN. ``The current state of the discussion is turmoil and chaos,'' said the CPSR's Rotenberg. ``It's a mistake to place too much emphasis on any technological configuration. A lot of that energy and those resources would be better spent talking about users and institutions rather than technology and standards. This is like trying to explain railroads in the 18th century or cars in the 19th century. Here we are in the 20th century, and we know something big is happening right under our feet and we know it has something to do with these new telecommunications technologies. ``None of us knows where this is going to take us, but I think people should have some sensitivity to the prospect that the future world we're going to live in is going to be shaped in many ways by the decisions we make today about the information infrastructure.'' ------------------------------ Date: Fri, 2 Apr 93 13:00:21 MST From: jerry@amex-trs.com (Jerry Bakin) Subject: Danny Dunn, Automatic House, Automatic Electric Post Office Can you see the irony in this situation? Here, the intelhouse usenet list, a group interested in "intelligent" houses, and automated process control cannot even get the net traffic automated and must return to a human tended process! How can we rely on the intelligent houses we build? More like a house of cards.... Jerry Bakin. > Bone-weary from travel and working 150 hours in two and a half weeks, > the intelhouse mailing list administration wizard comes back into his > office, blows the dust off of his aged keyboard, and urges his fingers > back to their less-exhausted nimble selves. Quickly invoking mail, he soon > discovers that in his absence wicked site administrators and fools in > charge of Usenet mail maps have wrecked havoc on his precious mailing > list. Yes, after all the spells, incantations, and perl scripts, a few > site administrators had managed to bounce mail in a fashion not only > non-RFC-compliant, but also so dastardly as to have never before been > inflicted on his system. If only he hadn't spent the weekends working on > excising an evil hardware demon from a large justice system computer, and > his weekdays trying to promote his company's talents to a large maker of > plastic money, he could have countermanded the errant mail going to > hundreds of innocent mailing list readers. He could have eliminated the > terror and confusion and misery needlessly inflicted on those people, > after all, it was he that the wicked site administrators were after. > > Nevermore, he swore. Instead, he would personally see to it that his > forwarding scripts would not inadvertently pass on these bounce messages > to innocent bystanders. He lamented that it meant less timely delivery of > mail, in that he would personally read each item and post only those of > utility to all readers. Yes, he would become one of those dreaded wizards > with incredible power at his fingertips. He would become ... a > MODERATOR! > > Yes, readers of this mailing list, mail will cease to flow as quickly as > it has in the past. It will pass a human's (??) eyes before being sped > on its way. But for a worthy cause ... truth, justice, and the intelligent > way! ------------------------------ Date: Sat, 3 Apr 93 18:37:28 -0800 From: haynes@cats.UCSC.EDU (Jim Haynes) Subject: Teenage Hackers Saw this in the first quarter 1993 issue of "Miracles in Trust" the newsletter of the Perham Foundation. In a lengthy chronology of West Coast wireless developments there is this item. July 1911: In Los Angeles, teenaged radio amateur operators, trained at Los Angeles Polytechnic High School, intercept and disclose collusion over the Catalina wireless circuit involving the Hearst newspapers, with much attendant publicity and a criminal prosecution later dismissed. The Wireless Association of Southern California, of over 200 young Los Angeles amateurs, forms as a result of the incident. It operates a 2kW spark transmitter using the call sign ALA. ------------------------------ Date: Fri, 2 Apr 93 13:50:27 BST From: ian@unipalm.co.uk (Ian Phillipps) Subject: Re: if they mention flying saucers, they're out to get you I don't know the name of the law, but in England, yes, it is an offence. There is no assumed right here to listen to anything on the radio waves. So if you realise that what you're listening to is not either a broadcast, licensed amateur or CB operator, you must stop listening. Not a lawyer etc.etc.etc. Ian Phillipps, Unipalm Ltd, 216 Science Park, Phone +44 223 420002 Milton Road, Cambridge, CB4 4WA, England. Phax +44 223 426868 [Brinton Cooper noted that the UK has a strange concept of civil liberties -- they seem to subordinate them to the needs of the state. Within their system, there may well be no question at all. PGN] ------------------------------ Date: Thu, 1 Apr 1993 23:03:00 +0200 From: olaf@bigred.ka.sub.org (Olaf Titz) Subject: Re: if they mention flying saucers, they're out to get you I don't know about Britain, but in Germany it has been in fact illegal to listen, using whichever device, into frequencies not assigned to broadcasting services. This rule was overturned by the German Supreme Court about two years ago. For every piece of telco equipment that is operated in Germany, a permission has to be obtained (usually by the manufacturer) from a telco authority. This permission could be granted with the provision to obey certain rules, whose violation constituted a criminal offence in itself. (One of the rules on every permission for radio equipment has been not to listen into non-broadcast waves.) The latter rule was turned down for the reason that the telco authority could in effect determine what was illegal and punishable, a power that rests exclusively with the Parliament. But the fact that even a pocket receiver has to be "licenced" remains. Olaf Titz comp.sc.student karlsruhe germany olaf@bigred.ka.sub.org uknf@dkauni2.bitnet s_titz@ira.uka.de 49-721-60439 ------------------------------ Date: Thu, 1 Apr 93 11:11:39 PST From: Robert VanCleef Subject: Re: If they mention flying saucers, ... (Maeda, RISKS-14.44) ... my brother-in-law is a German airlines pilot. He has often discussed the difference between American and German laws on monitoring the airways. In Germany you must have a license to listen! He discusses their use of tracking vehicles to listen for leakage from illegal receivers and their active pursuit of violations. Bob Van Cleef vancleef@george.arc.nasa.gov NASA Ames Research Center (415) 604-4366 ------------------------------ Date: 3 Apr 1993 08:54:58 +1000 From: nick@kralizec.zeta.org.au (Nick Andrew) Subject: Re: The FORTRAN-hating gateway (Karn, RISKS-14.45) I encountered a similar problem whilst attending Uni. New X.25 concentrators had been installed to speed up terminal access to the H*neywell mainframe in the central computer room. Every so often, all terminals would crash. After experiencing it a few times, I realised that they were crashing at a particular point in _my_ session. I was reading one of the online manuals. I eventually narrowed it down to a simple sequence of 4 lowercase 'n's ... just like nnnn nnnn ... the gateway could NOT send or receive this sequence in a single packet. Unfortunately, nobody told that to the author of the online manual. The concentrators were eventually replaced with Ungermann-Bass terminal servers. No further gotchas have been reported. Nick. Kralizec Dialup Unix (Public Access), Zeta Microcomputer Software P.O. Box 177, Riverstone NSW 2765 ------------------------------ Date: Thu, 1 Apr 93 22:32:06 -0500 From: padgett@tccslr.dnet.mmc.com (A. Padgett Peterson) Subject: Hayes Sequence Triggered (FORTRAN-hating gateway, Karn, RISKS-14.45) Sounds more like the the modem was skating the HAYES patent by using the TIES (time-independent escape sequence) promoted by a competitor. This eliminates the "guard time" of 1 second that is an essential part of the patent. TIES proponents state that accidental triggering is statistically unlikely 8*) Padgett ps Turning off the "in band" sequence & using DTR I can understand, but 128 (80h) is just as likely as "+" (2Bh) in a binary file unless the Motorola firmware interprets it as "none". ------------------------------ Date: Tue, 6 Apr 93 18:26:44 +0100 From: Roger D Binns Subject: Re: Correcting computer information ... (Mellor, RISKS-14.45) My university department (Brunel - computer science) gets around some problems in what I regard as a devious way. They do not wish for students to see what their exam marks (ie percentages) are (grades are ok). By law, any data holder has 40 days to provide data on request. The department only keeps electronic copies of the records for 40 days, hence preventing any student from seeing them. Quite what the ethics and reasoning behind all this are, I'll leave to others. Roger Binns cs89rdb@brunel.ac.uk Brunel University - UK ------------------------------ Date: Fri, 2 Apr 93 10:07 GMT From: rmoonen@ihlpl.att.com Subject: Re: Dutch hacker in jail for another month It might be interesting to note that in another article in the 'Volkskrant' the designer of the new Dutch Computer Crime Law was quoted as saying: [The fact that this hacker's custody was prolonged with 30 days] requires the judicial order to be severely shocked. Hacking a university computer does not fulfill that requirement. Prof. Dr. H. Franken, who designed the law, also said that the law was not meant to be used against students who where merely playing around with computer systems, but was targeted for organised crime, and big-time fraud. Franken himself is an honorary member of the 'Time-Wasters' a hackers-club based in Eindhoven. University officials have said that damages to their systems are small, but it is also said that he used their computer so hack other systems. We'll just have to wait and see what happens..... --Ralph ------------------------------ Date: Fri, 2 Apr 1993 15:53:14 -0800 (PST) From: booloo@framsparc.ocf.llnl.gov (Mark Boolootian) Subject: Internic Registration Services Security Compromised From: Jim Lick Message-Id: <199304022302.AA13439@pi-chan.ucsb.edu> Subject: Internic Registration Services Security Compromised Date: Fri, 2 Apr 1993 15:02:39 -0800 (PST) INTERNIC REGISTRATION SERVICES SECURITY COMPROMISED April 2, 1993 In what must be a great embarrassment to NSI officials, security at the Internic host for Registration Services was compromised on the second day of official service to the Internet community. Through a series of accidents, a user of their ftp service was able to access directories normally off-limits to anonymous ftp services. As a result of this access, the user was able to obtain a copy of the system's /etc/passwd file that could be used to decode passwords of users on the system through the use of a password cracking program. The user was also able to access system logs, including a log of anonymous ftp transactions by users around the world. In the course of this investigation the user was able to find numerous other security holes including world-mountable filesystems. Although no further action was taken, these holes would enable a malicious hacker to easily penetrate the system. An Internic admin was in the process of fixing the security holes at the time of this release. The Internic Registration Services is funded by NSF to administer registration of network numbers, domain names, autonomous system numbers, and other functions crucial to the operation of the global Internet. Note: This is NOT an April Fool's Joke. ------------------------------ Date: Thu, 01 Apr 93 12:21:44 PST Subject: Call for Papers, PSAM II (System-Based Models) From: lavine@aero.org PSAM - II An International Conference Devoted to the Advancement of System-Based Methods for the Design and Operation of Technological Systems and Processes March 20-24, 1994 San Diego Hilton Beach and Tennis Resort The purpose of PSAM is to provide a forum for the presentation of scientific papers covering both methodology and applications of system-based approaches to the design and effective, safe operations of technological systems and processes. These include nuclear plants, chemical and petroleum facilities, defense systems, aerospace systems, and the treatment and disposal of hazard wastes. The objective is to share experience to the benefit of all industries. Some of the topics within the scope of the meeting are: - software dependability - computerized control systems and operator aids - automatic fault detection and diagnosis - AI in support of process safety management Send four copies of a summary (800-1200 words, single-space) to the Technical Program Chairman, George Apostolakis, by May 13, 1993. Full papers will be October 10, 1993. Professor George Apostolakis Mechanical, Aerospace, and Nuclear Engineering Department 38-137 Engineering IV, UCLA Los Angeles, CA 90024-1597 310-825-1300, 310-206-2302 (fax) For more information, contact Charlie Lavine, The Aerospace Corporation, lavine@aero.org, 310-336-1595. ------------------------------ End of RISKS-FORUM Digest 14.46 ************************