risks@CSL.SRI.COM (RISKS Forum) (03/14/91)
RISKS-LIST: RISKS-FORUM Digest Wednesday 13 March 1991 Volume 11 : Issue 27
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
Contents:
Incredible backlog of RISKS contributions -- Risks of RISKS again (RISKS)
New Utility to Unlock Passwords (Martin Minow)
Medical image compromise (Roy Smith)
MCI's Computer Said It Is NOT OK (Li Gong)
Examinations by Phone (James K. Huggins)
Confident Extrapolation of Worst-Case Failures (Anthony E. Siegman)
Re: A pulsar repulsed! (Matti Aarnio)
EM solution for new buildings - risk solved? (Olivier M.J. Crepin-Leblond)
Cellular surveillance (Les Earnest)
Cellular phone usage (anonymous, Ed Hall)
Secret Service Foils Cellular Phone Fraud (P.J. Karafiol)
Telephone risks revisited (W.A. Simon)
Re: Apathy and viral spread (Steven King)
The RISKS Forum is moderated. Contributions should be relevant, sound, in
good taste, objective, coherent, concise, and nonrepetitious. Diversity is
welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive
"Subject:" line. Others ignored! REQUESTS to RISKS-Request@CSL.SRI.COM. For
vol i issue j, type "FTP CRVAX.SRI.COM<CR>login anonymous<CR>AnyNonNullPW<CR>
CD RISKS:<CR>GET RISKS-i.j<CR>" (where i=1 to 11, j always TWO digits). Vol i
summaries in j=00; "dir risks-*.*<CR>" gives directory; "bye<CR>" logs out.
ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY.
Relevant contributions may appear in the RISKS section of regular issues
of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise.
----------------------------------------------------------------------
Date: Wed, 13 Mar 1991 17:21:44 PST
From: RISKS Forum <risks@csl.sri.com>
Subject: Incredible backlog of RISKS contributions -- Risks of RISKS again
OK, folks, I have never before asked you to slow down in your contributions,
and am not about to do so now. Perhaps the evident lag time will help to do
that naturally. But the recent volume of mail to RISKS is horrendous -- on
droids, dumbing-down, qwertyuiop, EMI (as of 2 March), warranties and free
software (as of 28 Feb, with a double-size issue's worth of stuff still
backlogged waiting for my immoderation), etc., all under consideration. (And
BARFmail is on the increase again, for no apparent reasons, just the usual net
flakiness, people moving, host names changing, FROM: addresses TO which I
cannot even answer your mail, especially unregistered portions of UUCP, etc.).
I was away most of today and noticed that my backlog of UNSEEN NEW messages was
over 100, and the backlog of UNSEEN messages was about almost twice that, just
over the past few days. Thanks for all your enthusiasm!
On an old subject, I get complaints from some of you when I do NOT use
draconian pruning shears, because you would like to rely on my moderation to be
incisively oriented toward exciting and really interesting material, so that
you do not have to wade through the less interesting stuff. But what is
interesting to some may not be interesting to others. I also get queries from
some of you when your message has not appeared after a while. I know I cannot
please everyone, but I'll continue to try to do the best I can. I am currently
batching heavy-response items together into self-contained issues, so that if
you are bored with the topic you may simply ignore the entire issue.
I long ago gave up trying to acknowledge every message. If you really want to
make sure a particular message got through or try to wedge it out of the
queueueueueueue, please feel free to do so. Otherwise, please just have
patience. Thanks. PGN
------------------------------
Date: Tue, 12 Mar 91 08:45:47 PST
From: "Martin Minow moved to LJO2-A2, RANGER::MINOW" <minow@bolt.enet.dec.com>
Subject: New Utility to Unlock Passwords
>From MacWeek, Mar 12, 1991: [edited for space].
"New Visions Limited Partnership last month shipped a new [Macintosh] password-
recovery utility called MasterKey.
"MasterKey comes in three versions [for WingZ, Excel, and WordPerfect 1.0].
... MasterKey is intended for use by law-enforcement agencies to access
files belonging to drug criminals, embezzlers and terrorists; by companies
to access files that disgruntled or terminated employees have locked; and
by users to access their own files.
"Features ... include the ability to rever passwords from MS-DOS files,
[and] an access code to prevent use by unauthorized users...."
I rather like the fact that they decided to password-protect their utility:
maybe I should write a utility to break their password scheme!
Martin Minow minow@ranger.enet.dec.com
------------------------------
Date: Tue, 12 Mar 91 11:56:07 EST
From: Roy Smith <roy@alanine.phri.nyu.edu>
Subject: Medical image compromise
Slightly off the original subject, but I noticed in a recent visit to a
hospital that in the public hallway outside of the CAT/MRI scan area were open
rack upon open rack of magtapes, no doubt containing images of patients. It
struck me that anybody could just pick up a tape and walk off with it. Surely
they would not be so sloppy with "official medical records". My guess is that
it never really occurred to them that these tapes are part of the medical
records, just as surely as the bit of paper charts the doctors scribble in are.
-- Roy Smith, Public Health Research Institute 455 First Avenue, New York, NY
10016 roy@alanine.phri.nyu.edu -OR- {att,cmcl2,rutgers,hombre}!phri!roy
[Clearly not an integrity concern, but it could be a privacy concern
if some eager journalist stole a tape, or a denial of service concern
if the tape goes astray. PGN]
------------------------------
Date: Tue, 12 Mar 91 17:56:09 EST
From: li@oracorp.COM (Li Gong)
Subject: MCI's Computer Said It Is NOT OK
I wanted to subscribe to MCI's three major calling packages: Prime Time, Call
Europe, and Call Pacific. I was told by MCI representatives that I couldn't do
so because their computer couldn't handle the complicated billing computation.
The maximum is two packages per account.
Li Gong, ORA Corp, 675 Mass Ave, Cambridge, MA
------------------------------
Date: Wed, 13 Mar 91 11:32:53 EST
From: James K. Huggins <huggins@zip.eecs.umich.edu>
Subject: Examinations by Phone
With the recent discussion on voting-by-phone in RISKS, I thought
the following (excerpted) article, taken from "U.: The National
College Newspaper" might be of interest to readers.
"Test Taking Goes Touch-Tone": Seema Desai, _The_Daily_Pennsylvanian_
(student newspaper of the University of Pennsylvania)
At Governors State U., a wrong number can cost students more than a quarter.
It can cost them their grade point averages. The small university near Chicago
recently adopted a telephone system that lets students take multiple-choice
exams over a touch-tone telephone.
Donald Fricker, a management professor who spent about two years developing the
application, said students call a special number and respond to recorded
multiple choice questions by pressing digits on their phones. The system,
named Big Mouth, has been in operation since this fall, and four professor
currently use it to administer exams. Fricker said more than 100 students in
classes ranging from psychology to management have taken exams on the system,
adding that most students have responded positively to the new technology.
[student and faculty testimonial deleted]
Some students and faculty have raised concerns about abuse of the system.
Currently, students have to enter their social security number to access the
system. Students are on their honor not to cheat, Fricker said. And because
students have only five seconds to answer, Scherzinger said cheating is
difficult. [quote deleted]
In the near future, Big Mouth will have the ability to repeat questions and
accept short essay answers. Fricker said he also plans to add more security
measures to the system, including offering multiple versions of exams and
giving each student a special security code. [...]
Despite some of the system's drawbacks, Scherzinger said he thinks it will gain
wide acceptance in the academic community. "I personally believe that the
system will come to every college within the next 10 years."
The RISKS here are abundant: students hiring other students to take their exams
for them (a risk that is somewhat minimized by an in-person exam) using their
identification number, students deliberately using someone else's Social
Security number to flunk the exam for them, and students recording the exam as
it is being given in order to distribute copies to their friends.
I hope Big Mouth never comes to Michigan.
Jim Huggins, Univ. of Michigan (huggins@zip.eecs.umich.edu)
[This is getting to be an old-hat topic. But it will recur. PGN]
------------------------------
Date: Tue, 12 Mar 91 11:39:51 PST
From: Anthony E. Siegman <siegman@sierra.stanford.edu>
Subject: Confident Extrapolation of Worst-Case Failures
>From Henry Spencer at U of Toronto Zoology ...
> because we must rely on such extrapolation and we already do;
> the questions are how best to do such extrapolation and what
> form of testing must be done to permit confident extrapolation.
Surely it's also very important to assess the magnitude of the damage that
could be done by overconfident extrapolation.
Failure of a large airliner due to some unanticipated worst-case behavior
(e.g., the early Comets) will kill at most a few thousands (in the air and on
the ground).
(I suppose a really worst-case failure in which an airliner comes down in
Yankee stadium could kill several tens of thousands; but one can at least
estimate with fair confidence the probability that a falling airline will hit
Yankee Stadium.)
[Shea, Hey, Willie?]
In any event one can accept this level of tragedy and then use it to improve
the system. Indeed that's more or less how large-scale civil aviation has made
progress. The ``confident extrapolation'' in this instance, based on several
decades of experience, is really that unanticipated worst-case behavior
probably WILL happen; and one is nonetheless willing to accept this risk.
Worst-case failure of a nuclear power plant in Sacramento, California, on the
other hand, could render the entire San Francisco Bay Area uninhabitable for
generations if not centuries (perhaps I'm exaggerating here, but it's hard to
be certain). In any event, an really ``confident extrapolation'' that this
worst-case event can't happen may be near to impossible; and past performance
(Browns Ferry, Three Mile Island, Chernobyl) may lead one to have doubts about
the ability (or wisdom?) of those who put such forth confident extrapolations.
This is NOT an anti-nuclear message; I merely wish to make the points that:
1) The conservative confident extrapolation, based on past experience, may be
that in most cases a worst case failure IS LIKELY to happen.
2) The most crucial question then is not "Will it happen?", but "Can we live
with it, if it does?" (or "when it does").
--AES
------------------------------
Date: Tue, 12 Mar 91 23:35:20 EET
From: mea@mea.utu.fi (Matti Aarnio)
Subject: Re: A pulsar repulsed! (RISKS-11.25)
> The 1989 discovery of an apparent supernova-remnant pulsar, blinking 2000
> times per second, has now been attributed to electrical interference from a
> closed-circuit television camera used to operate the telescope in Chile.
> [Source: an AP item in the San Francisco Chronicle, 11 Mar 91, p.A8]
Interesting that this item has now surfaced thru AP. This was news item on
Sky & Telescope magazine a few months back when it was debugged. (Reported
around August-90?) What your extract doesn't tell is whether or not SFC
mentioned it was a suspected OPTICAL pulsar -- which vanished next night. (No
radio pulsar has been detected either.)
It is very difficult to measure small but fast variations on very low levels
of light intensity.
Long lags from news to their appearance in newspapers seem to be common,
also time lag and amount of errors correlate positively. Maybe feeding some
RISKS to papers like Datamation would help? (I doubt they know what ACM is..)
> I suppose it would have been much more obvious had it been blinking at 60
> cycles (or is it 50 in Chile?), although certainly less spectacular. A little
> like hearing a loud thumping in a quiet room and discovering it the pulse of
> your own heart beat?
Or faint ticking at 2Hz, and you start to suspect bugs until you notice your
watch... Anyway, it tells that while we use complex systems we must be
carefull to spot all possible interference sources before we jump to
conclusions. (Aren't we always?)
About two weeks ago I saw on national TV news something telling that
Australian radio astronomers had spotted an "ET" signal (me: immediate frown),
but the way it was told on TV (as their "ending joke"), associated picture
material etc., gave me conclusion: this is a red herring, forget it.
"Hey, lets tell this joke from Down Under about those Radio Astronomers..."
(Maybe 15 seconds total.)
Today I went to do some UNIX system maintenance at the University of Turku
Astronomy departement. Professor asked if I had heard anything about those
Aussies, because local commercial radio wanted to make a program about this ET
signal, and to interview some local radio astronomer...
Our problem? No word about it from verifiable sources, thus do we
dare to dip into USENET to fish out POSSIBLE information about it?
(I hope there is information, but I doubt it... Good luck for SETI anyway!)
/Matti Aarnio <mea@utu.fi>
------------------------------
Date: Mon, 11 Mar 91 18:07 BST
From: "Olivier M.J. Crepin-Leblond" <UMEEB37@vaxa.cc.imperial.ac.uk>
Subject: EM solution for new buildings - risk solved?
I have read in this month's British Airways Business magazine that
Pilkington's, the UK's glass manufacturer has attempted to tackle the problem
of electromagnetic spying with a new "shielded" glass.
The glass sheets are similar to the ones usually mounted on new sky-scrapers,
with a shiny surface. However, this metallic film can be tied to earth, thus
providing shielding which stops any electromagnetic radiation from leaving the
building. It is therefore impossible to hack inside information from outside by
picking-up electromagnetic radiation. Solutions were very costly up to now,
with actual physical shielding of the building using metallic plates etc.
Olivier M.J. Crepin-Leblond, Comms.Sys., Imperial College, London, UK.
disclaimer: I am NOT related to Pilkington Glass or British Airways in any way !
------------------------------
Date: Wed, 13 Mar 91 13:55:56 -0800
From: les@Gang-of-Four.Stanford.EDU (Les Earnest)
Subject: Cellular surveillance
I am seeking information on current practices and prospects for
the use of cellular telephone systems in surveillance of individuals.
1. Given that the telephone companies have traditionally facilitated the
tapping of individual telephones by law enforcement agencies if a court order
has been obtained, I would assume that most cellular telephone systems have
been instrumented to provide this capability. True?
2. Given that cellular telephone systems must track each individual instrument
as it moves between cells (by checking relative signal strengths at cellular
receiving stations) and given that phones can be tracked even when they are not
in use, it would be a simple task for the cellular computers to record a time
log of the movements of any selected phone. Has this capability been included
in the software of these systems?
3. By using signal strength information from more than one cellular receiving
station it is possible to estimate the location of a given phone more
accurately than just which