precedence: bulk Subject: Risks Digest 22.92 RISKS-LIST: Risks-Forum Digest Monday 6 October 2003 Volume 22 : Issue 92 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at http://www.risks.org as http://catless.ncl.ac.uk/Risks/22.92.html The current issue can be found at http://www.csl.sri.com/users/risko/risks.txt Contents: Near-disaster on a French commuter train (Alexandre Kampouris) Nuclear reactor guard asleep on the job (Ken Knowlton) Houston 911 System prone to crashes (Mark H. Johnson) Continental Airlines takes back free miles (Frank) Overlooked security risk: the telephone (NewsScan) Parking chaos in York (David Wj Stringer-Calvert) Torvalds: geeky kids need dates (NewsScan) Computer blamed for bad pictures shown to Mexico's first lady (Mark Lutton) Spam Abounds (Peter G. Neumann) Fighting spam: raise the bridge or lower the water? (NewsScan) VeriSign agrees to suspend Site Finder service (NewsScan) Purveyor of unencrypted service insists it's secure (Alice Silverberg) Another case of electronic vote-tampering? (Farhad Manjoo via Monty Solomon) AntiVirus autoresponders (Rob Slade) REVIEW: "Intrusion Signatures and Analysis", Stephen Northcutt et al. (Rob Slade) Rebuttal of review of my book by Rob Slade (Michael Caloyannides) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Mon, 22 Sep 2003 18:10:46 +0200 From: Alexandre Kampouris Subject: Near-disaster on a French commuter train On Saturday September 20th, a disaster was miraculously averted when a RER suburban train stopped around 7:30 PM between stations near Villeneuve-Triage south of Paris due to equipment failure. According to the preliminary reports, the engineer, who is the only staff member on board, is said to have instructed the passengers over the PA system to alight the train on the left side, and walk to the next station. However it appears that the doors where only open on the right side; the passengers simply started walking on the second track. For a reason yet to be determined the traffic hadn't been interrupted in the other direction, and an oncoming train narrowly missed the myriads of passengers in its path, who by sheer luck escaped death or serious injury by throwing themselves to the ground or jumping aside. An enquiry is underway. Even though the exact chain of events is yet to be established, there seems to be at least two system failures, i.e., (1) the doors opening on the wrong side, and (2) the non-secured track. The frightening event was recorded on video. http://infos.francetv.fr/semiStatic/64-NIL-NIL-259414.html http://www.leparisien.com/home/info/faitsdivers/article.htm?articleid=210899112 ------------------------------ Date: Sun, 28 Sep 2003 14:37:07 EDT From: KCKnowlton@aol.com Subject: Nuclear reactor guard asleep on the job [Quoted from *The New York Times*, Metro Section, 28 Sep 2003, pg 43, by Matthew L. Wald] When two Nuclear Regulatory Commission officials found a security guard asleep at his post at the Indian Point 2 nuclear reactor last year, the agency decided not to issue a notice of violation because there was no terrorist attack on the plant during the half-hour or so that the guard was sleeping, a Congressional audit has found. ... The report also says the commission did not treat the incident more seriously because no guards had been found sleeping "more than twice during the past year." There was no comment in the story (or in the NRC report?) about sleeping behavior of those who deal with knobs, dials, monitors and keyboards. An interesting general philosophical attitude: post-hoc shrugs for all infractions that had no catastrophic consequences. ------------------------------ Date: Fri, 3 Oct 2003 08:39:55 -0500 From: Mark_H_Johnson@raytheon.com Subject: Houston 911 System prone to crashes To summarize - Houston has deployed a new 911 emergency response system which has had a number of failures since it went "live" a week ago. Pictures of the new facility look somewhat like Mission Control - large consoles with multiple displays in front of each operator. It sure looks nice, but the system does not appear to work reliably. The latest incident occurred during the day when technicians were working on the link between the computers and units within the cars. To quote: When the system started slowing, technicians reverted to the backup, which crashed within minutes. From 9:50 a.m. to 10:30 a.m., dispatchers resorted to dispatching by radio instead of by computer. Without the computer's locator system, they frequently had to ask emergency workers to volunteer for individual assignments rather than assigning them to calls. Another notable quote is But city officials say the only way to test the system was by going "live." Sorry, but that does not sound reasonable to me. For reference: http://www.chron.com/cs/CDA/ssistory.mpl/metropolitan/2133809 http://www.chron.com/cs/CDA/ssistory.mpl/metropolitan/2134381 http://www.chron.com/cs/CDA/ssistory.mpl/metropolitan/2127855 http://www.click2houston.com/editorials/2522205/detail.html [May not all be permanent...] ------------------------------ Date: Thu, 18 Sep 2003 22:28:45 -0500 (GMT-05:00) From: frank099@earthlink.net Subject: Continental Airlines takes back free miles Last week, I checked my Continental Airlines OnePass frequent flyer account and discovered that my account had been credited with 500,000 bonus miles, allegedly because I won a contest. It turns out that thousands of other people were "winners" as well, with some having a million or more frequent flyer miles added to their accounts. The miles didn't last long and were removed a few days later. However, many people had booked trips with those free miles, which Continental quickly canceled. http://www.usatoday.com/travel/news/2003/09/15-airmiles.htm ------------------------------ Date: Thu, 02 Oct 2003 09:28:34 -0700 From: "NewsScan" Subject: Overlooked security risk: the telephone As corporate phone systems become increasingly complex and computerized, criminals are finding new ways to infiltrate company networks, and the problem becomes magnified as businesses turn to IP-based phone systems. "This is the first time that a computer virus can stop your telephones from working," says PricewaterhouseCoopers senior manager Mark Lobel. "There is a whole new class of attacks that can occur. The essence of the problem is that everyone is looking at this as a new technology for voice -- the way we're sending voice communications is absolutely new. But the data is still riding on the same infrastructure that was pounded by recent problems like SoBig." To counteract the threats, phone system administrators need to be much more vigilant about password management and may even consider locking out certain country codes. "In fact, you should probably consider the risk associated with VoIP systems to be as high as the threats to your organization's most sensitive data. If someone in your IT department gets paged when your firewall goes down, they should also be paged when 40 new voicemail boxes mysteriously appear on your IP system," says Lobel. [*E-Commerce Times*, 2 Oct 2003; NewsScan Daily, 2 Oct 2003] http://www.ecommercetimes.com/perl/story/31731.html ------------------------------ Date: Mon, 06 Oct 2003 11:41:08 -0700 From: "David Wj Stringer-Calvert" Subject: Parking chaos in York The system controlling York's newly installed intelligent traffic variable-message signs (VMS) were hit by a computer virus on 4 Oct 2003, freezing 21 VMS displays at car parks that were intended to show the number of available parking space. Motorists thus went into full car parks expecting to find space. One VMS at St George's Field showed 349 spaces when there were *none*, causing an enormous traffic tie-up. [And no one was around to slay St George's draggin' congestion.] A similar problem had occurred in August. (The system, costing 1.5 million pounds, began operation in July 2003. The software is provided by Tennet and the hardware by Variable Message. A temporary fix is sought to enable the VMSs to be blanked out if this happens again. [Source: `Frozen' signs lead to car park chaos, by Rosslyn Snow, *Yorkshire Evening Press*, 6 Oct 2003; PGN-ed] ------------------------------ Date: Mon, 29 Sep 2003 14:17:45 -0700 From: "NewsScan" Subject: Torvalds: geeky kids need dates Asked how to end virus and worm attacks, Linux creator Linus Torvalds told an interviewer: "When you have people who hook up these machines that weren't designed for the Internet, and they don't even want to know about all the intricacies of network security, what can you expect? We get what we have now: a system that can be brought down by a teenager with too much time on his hands. Should we blame the teenager? Sure, we can point the finger at him and say, 'Bad boy!' and slap him for it. Will that actually fix anything? No. The next geeky kid frustrated about not getting a date on Saturday night will come along and do the same thing without really understanding the consequences. So either we should make it a law that all geeks have dates -- I'd have supported such a law when I was a teenager -- or the blame is really on the companies who sell and install the systems that are quite that fragile." [*The New York Times Magazine*, 28 Sep 2003; NewsScan Daily, 29 Sep 2003] http://partners.nytimes.com/2003/09/28/magazine/WLN104109.html ------------------------------ Date: Wed, 1 Oct 2003 10:18:00 -0400 From: "Mark Lutton" Subject: Computer blamed for bad pictures shown to Mexico's first lady The wife of Mexican President Vicente Fox is a staunch defender of family values. Attending a charity presentation dedicated to helping children with cancer, she viewed a picture of a naked man and woman together that was somehow inadvertently included among the slides. A "technical error" is blamed. [Source: Mexico's prim first lady gets eyeful of nudes, Reuters, 1 Oct 2003] http://www.reuters.co.uk/newsArticle.jhtml?type=oddlyEnoughNews&storyID=3536434 [Let's see if this issue gets spam-filtered. PGN] ------------------------------ Date: Fri, 3 Oct 2003 10:34:42 PDT From: "Peter G. Neumann" Subject: Spam Abounds Unfiltered spam has once again taken a quantum leap. The latest version of SpamAssassin catches about 1000 spams per day on e-mail to Neumann and RISKS. However, even after SpamAssassin does its job, RISKS is still getting about 90% spam from the residual mail. In other words, I have to delete almost all of the incoming mail to RISKS. My own mail is only somewhat less offensive. (And I have been away, which makes it ever more difficult to keep up. I regret the long gap between issues, and my inability to cope with the backlog in the past weeks. PLEASE resubmit any really salient items that you felt I might have missed. I need a salient solution to help overcoming being as-salted.) Spam is evermore not your friend. [Minor change in archive copy removing ambiguity. PGN] ------------------------------ Date: Mon, 06 Oct 2003 09:46:36 -0700 From: "NewsScan" Subject: Fighting spam: raise the bridge or lower the water? Many software experts now believe that the best way to fight spam is not by targeting it directly but instead by concentrating on the identification of legitimate mail. VeriSign executive Nico Popp explains, "People have been spending all their time creating filters to find the bad guys. We want to turn that on its head and find ways to identify the good guys and let them in." The idea would be to develop the Internet equivalent of caller ID, with a technology that identifies senders and lets receivers presume that unidentified senders are sending junk mail. Richard Reichgut of AuthentiDate says, "It's not easy to change something as successful and widely used as e-mail. But the only way to fix e-mail is to have a strong way to know who is sending you mail." [*The New York Times*, 6 Oct 2003; NewsScan Daily, 6 Oct 2003] http://partners.nytimes.com/2003/10/06/technology/06SPAM.html [Once again, see Lauren Weinstein's Tripoli proposal -- http://www.pfir.org/tripoli-overview -- which is a sensible approach to giving users control over how to confront the e-mail dilemma. BEWARE of ceding this authority to ISPs! PGN] [Also, see "Four Internet pioneers discuss the sorry state of online communication today. The consensus: It's a real mess." by Katharine Mieszkowski, Salon.com: http://www.salon.com/tech/feature/2003/10/02/e_mail/ She quotes Dave Farber, Dave Crocker, Brad Templeton, and Jakob Nielsen. PGN] ------------------------------ Date: Mon, 06 Oct 2003 09:46:36 -0700 From: "NewsScan" Subject: VeriSign agrees to suspend Site Finder service VeriSign and ICANN reached a temporary truce Friday, with VeriSign acquiescing to ICANN's demand that it suspend its controversial Site Finder service pending further technical review. ICANN could have fined VeriSign as much as $100,000 or even revoked its contract to manage the master list of .com and .net Internet domain names. Critics have charged VeriSign with undermining the collectivist culture of the Internet with the preemptive launch of its service, which redirects Web users who mistype a URL to the VeriSign Web site. "In the past when you made a dramatic change to the network structure that was the least bit potentially damaging, you went out through the community and you exposed what you were going to do and got reaction," says Carnegie Mellon computer science professor David Farber. VeriSign "just broke the whole process." In its defense, VeriSign executives say they notified ICANN of their plans ahead of time, but admitted that they sidestepped ICANN's lengthy approval process because it's too slow. In response, ICANN says it's "sympathetic to concerns" about its process and has proposed a more streamlined procedure for reviewing new services such as Site Finder. [*Wall Street Journal*, 6 Oct 2003; NewsScan Daily, 6 Oct 2003] http://online.wsj.com/article/0,,SB106519977252395300,00.html (sub req'd) [This is after VeriSign told ICANN to drop dead: See the correspondence http://www.icann.org/correspondence/lewis-to-twomey-21sep03.htm and Dan Gillmor's column in response: http://weblog.siliconvalley.com/column/dangillmor/archives/001361.shtml noted courtesy of Dave Farber's IP. PGN] ------------------------------ Date: Fri, 3 Oct 2003 15:21:02 -0700 From: Alice Silverberg Subject: Purveyor of unencrypted service insists it's secure Here's a hotel reservation url that expects you to send your credit-card information unencrypted (though when you phone the associated number to ask about it, they insist that it's secure): http://www.innsuites.com/ ------------------------------ Date: Sun, 5 Oct 2003 13:20:43 -0400 From: Monty Solomon Subject: Another case of electronic vote-tampering? (Farhad Manjoo) Another case of electronic vote-tampering? Representatives of the computer vote-counting industry are unfairly dominating the standard-setting process, say critics. By Farhad Manjoo, Salon.com, 29 Sep 2003 When the IEEE, the world's leading professional society of engineeers, decided in the summer of 2001 to create a technical standard for electronic voting machines, most everyone concerned with the elections business thought it was a grand idea. For the most part, the IEEE operates just as you'd expect a bunch of engineers to behave -- the group is rigorous, open-minded, dispassionate, and reluctant to embark upon any major endeavor unless everyone with an opinion has had an opportunity to hold forth. "Consensus" is the IEEE's main buzzword; and while that ethic can lead to some frustration, it also explains why so many industries and government agencies ask the IEEE to draw up technical standards for new technologies. People trust the IEEE's open process, and when it sets down certain specifications -- governing everything from aircraft gyros to wireless networks -- the specs are widely respected by technologists. And by the summer of 2001, a standard for voting machines was clearly needed. After the hobbled 2000 presidential election, officials across the nation were rushing to purchase new equipment to replace their maligned punch-card systems. Elections vendors were heavily promoting fully electronic, ATM-style touch-screen voting machines, but many computer scientists warned -- and are warning still -- of critical security flaws in such systems. The key players in the debate over electronic voting saw the IEEE as a good place to resolve concerns people had with the new systems; they hoped that after hearing all sides, the vaunted body could create respected technical guidelines for the machinery of modern democracy. Two years later, however, the IEEE group charged with drafting a voting machine standard is paralyzed by bitter in-fighting. Members of the body can't agree on the substance of a proposed standard for voting machines, nor can they even come to a consensus on a fair process for determining such a standard. The parties involved are arguing about big things -- about whether, for instance, electronic voting machines should be required to produce a "voter-verifiable" audit trail, which many security experts say is the only way to guarantee security in electronic systems -- and tiny things, such as the order in which topics are discussed in the meetings they hold. To hear members of the committee tell it, the whole process has become a circus -- a circus that illustrates how difficult it might be to eventually create a national standard for voting systems. [...] http://www.salon.com/tech/feature/2003/09/29/voting_machine_standards/ ------------------------------ Date: Sun, 5 Oct 2003 13:35:27 -0800 From: Rob Slade Subject: AntiVirus autoresponders I notice the NTBUGTRAQ seems to have added to following as a sigblock to all messages: "Most viruses these days use spoofed e-mail addresses. As such, using an AntiVirus product which automatically notifies the perceived sender of a message it believes is infected may well cause more harm than good. Someone who did not actually send you a virus may receive the notification and scramble their support staff to find an infection which never existed in the first place. Suggest such notifications be disabled by whomever is responsible for your AV, or at least that the idea is considered." Note once again that variations may occur. The infected user may be identified in Swen infected messages by the Return-Path header. Frequently the infected user's mailbox has been filled and is over quota, so the postmaster, abuse, and possibly support accounts should be notified as well. (The abuse and support I accounts that I have contacted who have taken the time to investigate have confirmed that users identified in the Return=Path headers are infected.) rslade@vcn.bc.ca slade@victoria.tc.ca rslade@sun.soci.niu.edu http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade ------------------------------ Date: Wed, 1 Oct 2003 07:54:59 -0800 From: Rob Slade Subject: REVIEW: "Intrusion Signatures and Analysis", Stephen Northcutt et al. BKINSIAN.RVW 20030831 "Intrusion Signatures and Analysis", Stephen Northcutt et al, 2001, 0-7357-1063-5, U$39.99/C$59.95/UK#30.99 %A Stephen Northcutt stephen@sans.org %A Mark Cooper %A Matt Fearnow %A Karen Frederick %C 201 W. 103rd Street, Indianapolis, IN 46290 %D 2001 %G 0-7357-1063-5 %I Macmillan Computer Publishing (MCP) %O U$39.99/C$59.95/UK#30.99 800-858-7674 info@mcp.com %O http://www.amazon.com/exec/obidos/ASIN/0735710635/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/0735710635/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/0735710635/robsladesin03-20 %P 408 p. %T "Intrusion Signatures and Analysis" Intrusion detection and network forensics are now vitally important topics in the security arena. An explanation of how to identify dangerous signatures, and extract evidence of an intrusion or attack from network logs, is something that most network administrators require. Unfortunately, while the idea is good, and badly needed, the execution, in the case of the current work, is seriously flawed. The introduction doesn't really specify a purpose or audience for this book. Mention is made of the GIAC (Global Incident Analysis Center, also seemingly referred to at times as the GCIA) certification, but no definition is given as to what this actually is. Chapter one presents a number of examples of network log entries and formats. The interpretation, though, concentrates on easily identifiable items such as IP addresses, and neglects components that are less well known. There seems to be some attempt to structure the descriptions, but it is unclear and confusing, as are a number of the illustrations and figures. Chapters three and four list a "top ten" of specific attacks, described down to a byte level, but not always in clear detail. Perimeter logs, such as those from firewalls and routers, are discussed in chapter six. Restraint in reaction to odd traffic is urged in chapter seven, particularly in light of the probability of address spoofing. Chapter eight outlines packets that indicate mapping scans, while nine does the same with searches that might be gathering system information. Denial of services attacks are reviewed in chapters ten and eleven, first with respect to attacks that attempt to exhaust specific resources, and then in regard to bandwidth consumption. Chapter twelve discusses trojan programs, concentrating on detection of unusual open ports. Miscellaneous exploits are listed in chapter thirteen, but since exploits are listed throughout the previous three chapters it is difficult to find a distinctive for this section. Fragmentation attacks are described in chapter fifteen. Chapter sixteen reports on some odd looking non-malicious packets, in warning against reacting to false positives. A grab bag of odd packets is listed in chapter seventeen. As should be evident from the description above, there is a good deal of valuable material in this book. Unfortunately, it is not easy to extract the useful bits. The book as a whole could use serious reorganization. While chapter one appears to be an introduction to the technical details, a far better explanation of packets and the import of various fields is given in chapter five, ostensibly on non- malicious or normal traffic, and this material should probably have been placed at the beginning of the manual. Chapter fourteen, almost at the end of the text, reviews buffer overflows, which are seen throughout the chapters preceding it. There is a slight attempt to explain the book in chapter two, but the content and organization is perplexing, there is heavy use of unilluminated insider jargon, and the presentation of example packets and subsequent conclusions without the middle step of identifying the items that make these data suspicious could be quite frustrating to the student. The new system administrator will not find the explanations clear or illuminating. The experienced professional will not find particular attacks or traffic types easy to find for reference. Both groups will find themselves flipping back and forth between sections of the book, or even between sections of the exegesis of one particular attack. However, both groups will likely be interested in the book anyway, simply because of the lack of other sources. copyright Robert M. Slade, 2003 BKINSIAN.RVW 20030831 rslade@vcn.bc.ca slade@victoria.tc.ca rslade@sun.soci.niu.edu http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade ------------------------------ Date: Wed, 01 Oct 2003 16:00:23 -0400 From: Michael Caloyannides Subject: Rebuttal of review of my book by Rob Slade (RISKS-22.90) In his 9 Sep 2003 review of the book "Desktop Witness", 0-471-48657-4, Rob Slade made numerous factually incorrect statements that your readers are likely to be mislead by. A careful reading of the book would have shown that reviewer that steganography using conventional software is explicitly discouraged (rather than encouraged as he incorrectly claims) in the book precisely because it is detectable through steganalysis tools that look for statistical irregularities in the composite file; a careful reading of that same section would have shown the reviewer -- and anyone else -- that the book then proceeds to show that unconventional steganography is inherently undetectable because there is a multiple infinity of ways to imbed a hidden meaning in an overt act, especially if it used rarely and if the ratio of covert to overt message is low. Who can credibly detect a steganographic content in a recipe for lasagna posted in some Usent newsgroup, or in the presence of an occasional spelling error or in a graphic included in an otherwise professional document? As with the steganography example, so with the rest of the points he raises; his objections are based on a superficial reading of the book he reviewed that missed the points discussed in that book. For example, he sets the biased tone of his review by postulating an inconsistency in the title and subtitle of the book ("Desktop Witness". The Dos and Don'ts of Personal Computer Security), when it is quite clear that there is no such inconsistency because the book provides "the dos and dont's of personal computer security" so that one's desktop computer will not end up being used as a witness against one. Worse yet, his review is repeatedly tainted with his religious objection to the fundamental premise of the book which is that honorable civilized people have a right to their privacy. While Mr. Slade's religious background, which includes a degree in Christian Science, is his own business, it is allowed to distort what should have been a factual review with his own value judgments. One reads, for example, in his review his assertion that the book's reasoned arguments in support of individual privacy are "shrill", "extreme" or "paranoid". These oddly emotional words in a supposedly detached review are at best suspect, given the fact that: a) According to the FBI, roughly 1 in 20 Americans has been the victim of identity theft, and the trend is increasing at an alarming rate. b) There is a huge and healthy debate today about the extent to which individual privacy and the Bill of Rights should be sacrificed in the post 9/11 world. For a balanced review of the same book by a University professor in the UK, your readers may also wish to read http://www.newscientist.com/opinion/opbooks.jsp?id=ns23486 This book, by the way, is used in a number of Universities for training students in computer science as well as in law. ------------------------------ Date: 30 May 2003 (LAST-MODIFIED) From: RISKS-request@csl.sri.com Subject: Abridged info on RISKS (comp.risks) The RISKS Forum is a MODERATED digest. Its Usenet equivalent is comp.risks. => SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) if possible and convenient for you. Alternatively, via majordomo, send e-mail requests to with one-line body subscribe [OR unsubscribe] which requires your ANSWERing confirmation to majordomo@CSL.sri.com . If Majordomo balks when you send your accept, please forward to risks. [If E-mail address differs from FROM: subscribe "other-address " ; this requires PGN's intervention -- but hinders spamming subscriptions, etc.] Lower-case only in address may get around a confirmation match glitch. INFO [for unabridged version of RISKS information] There seems to be an occasional glitch in the confirmation process, in which case send mail to RISKS with a suitable SUBJECT and we'll do it manually. .UK users should contact . => SPAM challenge-responses will not be honored. Instead, use an alternative address from which you NEVER send mail! => The INFO file (submissions, default disclaimers, archive sites, copyright policy, PRIVACY digests, etc.) is also obtainable from http://www.CSL.sri.com/risksinfo.html ftp://www.CSL.sri.com/pub/risks.info The full info file will appear now and then in future issues. *** All contributors are assumed to have read the full info file for guidelines. *** => SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line. => ARCHIVES: http://www.sri.com/risks http://www.risks.org redirects you to the Lindsay Marshall's Newcastle archive http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue] Lindsay has also added to the Newcastle catless site a palmtop version of the most recent RISKS issue and a WAP version that works for many but not all telephones: http://catless.ncl.ac.uk/w/r http://the.wiretapped.net/security/info/textfiles/risks-digest/ . http://www.planetmirror.com/pub/risks/ ftp://ftp.planetmirror.com/pub/risks/ ==> PGN's comprehensive historical Illustrative Risks summary of one liners: http://www.csl.sri.com/illustrative.html for browsing, http://www.csl.sri.com/illustrative.pdf or .ps for printing ------------------------------ End of RISKS-FORUM Digest 22.92 ************************