RISKS@CSL.SRI.COM (RISKS FORUM, Peter G. Neumann -- Coordinator) (12/05/86)
RISKS-LIST: RISKS-FORUM Digest, Friday, 5 December 1986 Volume 4 : Issue 24
FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
Contents:
Criminal Encryption & Long Term effects (Baxter)
Criminals and encryption (Phil Karn)
Re: ATC Near-Collisions (Rony Shapiro)
High Availability Systems (PGN)
Plug-compatible modules (PGN)
"Satellite interference" (Lauren Weinstein)
Re: Privacy in the office (Brint Cooper)
ACARD Report (Samuel B. Bassett)
The RISKS Forum is moderated. Contributions should be relevant, sound, in good
taste, objective, coherent, concise, nonrepetitious. Diversity is welcome.
(Contributions to RISKS@CSL.SRI.COM, Requests to RISKS-Request@CSL.SRI.COM)
(Back issues Vol i Issue j available in CSL.SRI.COM:<RISKS>RISKS-i.j. MAXj:
Summary Contents Vol 1: RISKS-1.46; Vol 2: RISKS-2.57; Vol 3: RISKS-3.92.)
----------------------------------------------------------------------
To: risks@csl.sri.com
Subject: Criminal Encryption & Long Term effects
Date: Thu, 04 Dec 86 17:54:14 -0800
From: baxter@ICSD.UCI.EDU
In a previous RISKS article, mention was made of a prostitution ring that
used computers to keep track of the customer base. It was only moderately
surprising that "criminal elements" would finally arrive at a use for data
processing technology (as opposed to victimizing it...). Having built file
systems which automatically decrypt records when accessed (for password
storage, etc.), I have long been surprised that the use of encryption as a
technique for storing such transactions has not received widespread use, or
that at least a spectacular instance has not been uncovered. For a bookie,
surely the convenience of pulling the plug on a computer during a police
raid and taking the 5th when asked for an encryption key must outweigh the
difficulty of handling and destroying flimsy tissues (no, I'm not sure what
technology bookies actually use). The first conclusion is that computing
(and technology supporting privacy) may make a life of crime more convenient
and safer, raising the spectre of a permanently entrenched criminal
computing element.
A more chilling thought is perhaps the long term consequence of police
reaction to this: acquisition of privacy-breaking technology, and use of
such technology to detect criminal transactions before arrests occur.
------------------------------
Date: Fri, 5 Dec 86 03:17:51 EST
From: karn@ka9q.ampr.net (Phil Karn)
To: risks@csl.sri.com
Subject: Criminals and encryption
I am interested in documented criminal cases where defendants have encrypted
their communications or incriminating computer files and refused to divulge
the keys under their Fifth Amendment rights. I am particularly interested
in the response of the legal system in such cases and the effect, if any,
encryption technology might have had on the outcome. I can think of many
possible scenarios, such as:
1. The police either trick the defendent into revealing the key, or by
exploiting his carelessness (by finding it written down or easily guessed,
etc) recover the information which is then used in the prosecution.
2. When more than one person knows the key, one is given immunity and
compelled to divulge it to produce evidence against the other(s).
3. The police perform a successful cryptanalysis.
4. The police and prosecution are unable to recover the encrypted
information, but obtain a conviction anyway in the traditional way (through
witnesses, physical evidence, etc).
5. Without the encrypted information, the case is dropped due to lack of
evidence.
Much of the evidence in certain types of criminal cases consists of paper
records and intercepted telephone conversations obtained through warrants.
(Political corruption, drug rings and organized crime come to mind). I am
interested in the issue of how the widespread availability of computers and
encryption devices will affect the criminal justice system. Clearly, it
will be impossible to keep this technology out of the hands of criminals (at
least in the US). Will prosecutors find other, equally successful ways to
get convictions? Or will there be mounting pressure to erode Constitutional
due-process guarantees and the right against self-incrimination? Even
worse, will there be misguided and futile attempts (along the lines of the
Electronic Communications Privacy Act) to control the availability of
computers within the United States in the name of "law and order" or
"national security"?
Phil
------------------------------
From: Rony Shapiro <ronys%wisdom.bitnet@jade.berkeley.edu>
Date: Thu, 4 Dec 86 11:13:19 -0200
To: risks@csl.sri.com
Subject: Re: ATC Near-Collisions
I would like to comment on the article from Chicago (UPI) Dec 2 1986.
The fact that the transponder on the light aircraft was defective may be
misleading. Air-traffic controllers are trained (at least here) NEVER to
rely on tranponder altitude reports when assigning altitudes to other
aircraft. In other words, the controller appeared to have erred in trusting
the transponder when giving the jet clearance to land.
Transponders are not perfect, & their transmissions may get garbled,
especially in a crowded airspace, such as Chicago. However, as long as they
are regarded as such, they are a useful aid in air traffic controlling.
Trusting transponders too much is a great temptation under heavy workloads
(easier than asking the pilot of the aircraft in question his altitude - the
only sure method), but the blame is with the ATC, & not with the transponder.
Rony Shapiro. <ronys@wisdom>
------------------------------
Date: Thu 4 Dec 86 09:30:22-PST
From: Peter G. Neumann <Neumann@CSL.SRI.COM>
Subject: High Availability Systems
To: RISKS@CSL.SRI.COM
There is an ad in the 4 Dec 86's SF Chron for "California's most convenient
ATMs". The banner across a depicted terminal screen says "NOW 24 HOURS A DAY"
(implying that until recently it wasn't?). The text of the ad says
"VERSATELLER ATMs are there ... when you need them ... With 24-hour service
all day and all night.*" (as opposed to 24-hour service just during the
day?) The footnote in VERY fine print says "* Available at most locations
and subject to routine system maintenance 2 a.m. to 6 a.m. Sumday."
[There was a time when ATMs would run stand-alone when the central
computer was down, but there were some cases of people grossly
exceeding limits intentionally during such times. Is this no
longer the case? The Airline reservation systems also have the
maintenance problem of having to shut down, but that is presumably
because of large numbers of schedule changes that for some peculiar
reason cannot be queued up dynamically and cut over at a particular
time. There are lots of interesting risks associated with upgrading
and/or maintaining more time-critical systems that cannot afford to
be down at all... PGN]
------------------------------
Date: Thu 4 Dec 86 09:36:38-PST
From: Peter G. Neumann <Neumann@CSL.SRI.COM>
Subject: Plug-compatible modules
To: RISKS@CSL.SRI.COM
The 4 Dec 86 SF Chron has an AP story on a 4-year old girl who was
electrocuted when a nurse accidentally plugged her heart-monitoring line
into an electrical circuit. (Children's Hospital, Seattle WA) Using a
standard male electrical plug on such a line seems incredible. I mention
it here as a generalized example of the lack of strong typing (type safety).
Compatibility among different types is a common and serious problem in computer
programming languages and system calls, but this case is somehow amazing...
------------------------------
Date: Wed, 3-Dec-86 12:33:42 PST
From: vortex!lauren@rand-unix.ARPA (Lauren Weinstein)
Subject: "Satellite interference" (CNN Headline News)
To: RISKS@CSL.SRI.COM
While misaimings and such are fairly common, they rarely result in total
capture of a satellite transponder, since it takes considerable power
to completely override the main signal. In the case of the described
problem with CNN Headline News, the explanation is almost certainly
very simple and has nothing whatever to do with interfering signals.
Both CNN services (as are a variety of other satellite services) are scrambled
with the VideoCipher II system (designed by MA/COM, now owned by General
Instruments). The system uses DES technology and has the capability of an
in-the-clear "barker" audio channel that promotes the service and (in the case
of CNN) the sale of decoders as well. The VC II technology is very sensitive
to signal levels and quality--if the level drops off or glitches momentarily
the unit will fall back into its "deaddressed" mode and send the encrypted
video and the audible barker to the output (in most cases a cable system).
It can take anywhere from a second or two to many minutes (sometimes hours
under poor conditions) for the VC II to resync and restore normal output.
The case described almost certainly was a VC II dropout at the local
cable company that resulted in the encrypted picture and clear barker
being sent to the cable system subscribers.
By the way, the proposal the FCC has made about ID's in the vertical
interval will not sit well with many programmers--the vertical interval
is sometimes used for other purposes (teletext, audio services, etc.)
and those programmers can be expected to vigorously object to "wasting"
their interval on a visible I.D. Of course, if only "occasional"
uplinkers (such as remote news crews) were required to do this, it would
not be such a problem since such crews virtually never are sending
any special vertical interval information.
--Lauren--
------------------------------
Date: Wed, 3 Dec 86 23:13:16 EST
From: Brint Cooper <abc@BRL.ARPA>
To: csl.sri.com!risks@AMSAA.ARPA
Subject: Re: Privacy in the office
All offices are not equivalent. In components of the DoD, as we
are made painfully aware, "Use of official telephones implies consent to
monitoring." How "they" monitor, whether computers are used, and how the
monitored content is validated, are anyone's guess.
Brint
------------------------------
Date: Wed, 3 Dec 86 23:35:11 pst
From: well!samlb@lll-crg.ARPA (Samuel B. Bassett)
To: lll-crg!RISKS@CSL.SRI.COM
Subject: ACARD Report
In regard to the ACARD report, it strikes me that what the British
commission is trying to do is to force businesses and organizations to
accept the idea of product liability in an increasingly critical area. The
British system allows the sort of "persuasion from on high" that we in the
U.S. would never put up with. (Can you imagine how much money would be
available to a PAC to _defeat_ the first Congresscritter to introduce such
a bill here?)
It may be that this is a political "stalking horse" -- an early
attempt to put the idea in the public domain, let it get argued over for a
few years, and avoid a direct political battle in the near future. The
wording has that peculiar British Civil Servant flavor to it, which
indicates to me that it is mostly a thoeretical exercise at the moment.
In any event, serious programmers and software engineers should
welcome the news of the report -- it will strengthen their hands when
talking to management about realistic time scales for software projects.
The literature has been full of breast-beating about how good software
would be if management didn't persist in rushing it out the door without
proper testing? Now they have a good arguement to hit 'em with.
Then too, in the last analysis, even if the report were enacted into
law, it is doubtful if many (or any) programmers would go to jail -- but it
would be almost certain that more than a few companies would lose a _lot_
of money. Managers pay attention to such things . . .
Sam'l Bassett, Self-Employed Writer
34 Oakland Ave., San Anselmo CA 94960;
DDD: (415) 454-7282; / dual\
UUCP: {...known world...}! lll-crg!well!samlb;
Compuserve: 71735,1776; \hplabs/
------------------------------
End of RISKS-FORUM Digest
************************
-------