risks@CSL.SRI.COM (RISKS Forum) (03/08/91)
RISKS-LIST: RISKS-FORUM Digest Thursday 7 March 1991 Volume 11 : Issue 22
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
Contents:
Digitized signatures for the masses - a not so new risk? (Albert M. Berg)
City of Montreal to 'access' caller's voices (Peter Jones)
Risks of telco voice mail [anonymous]
Droid Thinking; Schwab Telebroker (Maddi Hausmann)
Sprint educates customers on risks (David N. Blank)
More hardware risks (Martin Minow)
Computer insecurity in UK government (Paul Leyland)
Book: Computer Addiction, by Margaret A. Shotton (Phil Agre)
Book: Anthology about social issues of computing available (Rob Kling)
The RISKS Forum is moderated. Contributions should be relevant, sound, in
good taste, objective, coherent, concise, and nonrepetitious. Diversity is
welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive
"Subject:" line. Others ignored! REQUESTS to RISKS-Request@CSL.SRI.COM.
FTP VOL i ISSUE j: ftp CRVAX.sri.com<CR>login anonymous<CR>AnyNonNullPW<CR>
CD RISKS:<CR>GET RISKS-i.j<CR> (where i=1 to 11, j is always TWO digits. Vol i
summaries in j=00; "dir risks-*.*<CR>" gives directory; "bye" logs out.
ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY.
Relevant contributions may appear in the RISKS section of regular issues
of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise.
----------------------------------------------------------------------
Date: Sat, 2 Mar 91 19:18 GMT
From: "Albert M. Berg" <0001177220@mcimail.com>
Subject: Digitized signatures for the masses - a not so new risk?
I received a flyer in the mail today that seems to pose a major risk... Orbit
Enterprises, Inc. of Glen Ellyn, IL offers to scan your signature into an HP
Laserjet format so that you'll "never again sign a letter, memo, note, or any
other laser printed document."
This seems to pose a number of threats:
1) If I had my neighbor's signature scanned and then produced a
promissory note for $1000 to myself, I could make lots of
trouble for him/her.
2) How do I know that Orbit Enterprises does not have nefarious
designs on my signature?
Is it possible to detect a laser printed signature easily?
What is the legality of a laser printed signature?
This has been a potential problem for a long time, but the low cost involved
($60) opens up a new criminal method to the masses.
Your comments?
Al Berg 117-7220@mci.com
------------------------------
Date: Thu, 7 Mar 1991 11:00:07 -0500
From: Peter Jones <MAINT@UQAM>
Subject: City of Montreal to 'access' caller's voices
On Tuesday March 5, the City of Montreal approved a motion to install equipment
to record incoming calls to its municipal information service, which is called
Access Montreal. A couple of opposition councillors are planning to go to
court in order to challenge the decision to record callers' voices. I hope they
succeed.
Coincidentally, I also learned from an equipment designer that Bell Canada is
planning to introduce Automatic Caller Identification (the caller's phone
number is flashed to the called phone between rings using a special modulation
scheme). I don't know if callers will be able to block this service.
By combining these technologies, it would be possible to construct a file of
which phones called the city, and what was said.
Peter Jones <MAINT%UQAM.bitnet@ugw.utcs.utoronto.ca>
UUCP: ...psuvax1!uqam.bitnet!maint (514)-987-3542
------------------------------
Date: Thu, 7 Mar 91 12:30:02
From: [anonymous]
Subject: Risks of telco voice mail
The insidious risks of telco centralized voice mail services aren't really when
they don't work--it's when they DO work!
True, nice long PINs being available for the users are nice, but how many
people will ever bother using them? Given the choice, most people pick short,
simple sequences. One must wonder how many choose 1234 or 4321 as their PINs.
It might be argued that given the increasingly short PINs available on newer
answering machines (3 digits is typical, 2 is not rare, and sometimes not even
all of those digits can be changed by the user) the telco PINs are more secure.
Potentially true, if used properly.
But the real danger is all those nice messages spinning around on the disks
down at telco. Of course, we all trust the phone company completely, and when
they tell us that nobody will have access to those messages but "authorized
persons", we believe them don't we? Sure, encryption systems with the user
entering a key could be implemented that would be moderately more secure
(though of course, you'd have no way to know that the system isn't recording
your keys) but even that level of security is not implemented (nor planned,
apparently) in any of the telco offerings.
In any case, telco personnel would never just snoop on people's messages,
right? The fact that for years it was common for speakers to be hooked up in
central offices so that night-shift workers could listen in on "interesting"
lines (just for laughs, right?) shouldn't impact our thinking about today's
totally honest and upright telcos!
And of course, nobody who isn't doing something wrong should be concerned about
the potential for law enforcement or other agencies to go to telco and demand
access to the messages (probably using the same sort of court orders used to do
wiretaps in the case of legal taps, and we all know the government never does
"illegal" taps--don't worry about the stories in "The Puzzle Palace"...)
But just think--all those nice messages all in one place. And even better,
assuming telco keeps (or is ordered to keep) backups and archivals of their
data (and what diligent telco wouldn't keep backups?) it could be possible for
an agency to go in and not only pick up a person's current messages, but their
*past* messages as well, perhaps going back for months or even years! Now
that's service!
But these sorts of things would never happen, right? And after all, you *were*
able to get rid of your answering machine, and you don't *really* care who
listens to your boring old personal messages anyway, do you? And if you can't
trust the phone company, who *can* you trust?
------------------------------
Date: 7 Mar 91 16:10:00 +1600
From: HAUSMANN_MADDI@prune <that's all it said, folks!*>
Subject: Droid Thinking; Schwab Telebroker
[*prune? Look MAddi, the Tandem Mailer Shrunk Your Address! Nonstop, too. PGN]
The Discussion of droid thinking by Nick Andrew (RISKS 11.21) reminds me of
what I went through at Charles Schwab, with the same Telebroker service that
was mentioned in RISKS last month.
I too had some problems with Telebroker. In particular, I could not add a
stock option to a Stock List (a collection of eight stock tickers). The manual
did not explain that options cannot be added. In addition, I wanted to add the
ticker for Wang Labs to my stock list. Wang's tickers is WAN.B since the stock
is Class B. According to the manual, I should enter it as "WANB", e.g. stock
name with the B designation appended. However, this did not work.
I pressed *7 to speak to a representative. While he was able to get the Wang
problem resolved (use a space between the ticker and the designator; of course
nowhere in the manual is a code for space given), it took quite a few
iterations of people to find out that stock options cannot be added to a stock
list. Most annoying was the series of questions he asked me. It was clear he
was following a standard flow-chart on problem-solving, rather than listening
to what I was saying.
Now, having gone through all this nonsense with the Schwab representatives, I
went to my local Schwab office and asked for a new manual. They don't have
one. So, I asked for a contact who was an expert on Telebroker so I could call
that person directly and not deal with the "droids". I thought if I could talk
techno-gack-speak directly with a non-droid I'd get some answers. Well, they
don't give out contact names. You got questions, go through channels. The
office still hasn't gotten back to me on getting a new manual.
I didn't let this drop, though. I dropped a note to the President of Schwab,
who I met in my job-seeking days. I included the RISKS posting with my letter.
He referred me to the head of Telebroker, who happens to be yet ANOTHER
Princeton alum (yes, the old-boy/girl network really DOES work). Maybe I'll
have a happy ending to this for everyone, or, at least some fixes to the
manual.
------------------------------
Date: Thu, 7 Mar 91 19:31:01 EST
From: David N. Blank <dnb@meshugge.media.mit.edu>
Subject: Sprint educates customers on risks
I received the following letter a few days ago from North Shore
Agency ("A National Collection and Debt Recovery Service" as they bill
themselves) on behalf of US Sprint Long Distance. The original is in
all uppercase, but I'll spare the gentle reader the annoyance. Bad
grammar and punctuation is verbatim:
> We know a lot about you, David Blank
> We know where you live. We know your telephone number. In many cases,
> we even know where you work.
>
> After all, that information was requested when US Sprint extended
> credit to you. And you know a lot about US Sprint long distance
> telephone service. Otherwise you wouldn't have placed an order for
> that service.
>
> Since we know so much about each other, how about paying what you owe
> US Sprint. [3 more collection blather sentences deleted]
This was all in reference to a $14.95 sum which had been paid two weeks before
the letter was sent. After I spent my anger in a phone call to US Sprint, I
realized the humor in the situation. This was an effective public campaign to
educate the public in the abuse of a commercial personal information database
(an anti-risk, if you will). I hope the US Sprint customers (who aren't
card-carrying CPSR members already) learn that they can be threatened with the
very information they gave away to a vendor innocently.
dNb
------------------------------
Date: Thu, 7 Mar 91 06:55:17 PST
From: "Martin Minow, ML3-5/U26 07-Mar-1991 0932" <minow@bolt.enet.dec.com>
Subject: More hardware risks
The personal computer revolution have brought huge amounts of computer
power into "ordinary homes." I'm acutely aware of this as I started my
career on Illiac-I (1024 words of memory, and a 10K word drum). Now I
have a 4 Mips machine (whatever that means) with 8 Mbyte main memory and
300 Mbytes of disk sitting on my dining room table (and it probably costs
less than Illiac's daily electric bill).
This has led to an incredible price-crunch in the marketplace, and I'm
afraid that quality has often been left behind. Consider SCSI: the drive
mechanisms are wonderously reliable, but the interconnection has only
single-bit parity error detection. There is no end-to-end data block
error detection (on the data bus itself). To make matters worse, some
manufacturers are abandoning the standard 50 pin SCSI cable in favor of
using a DB-25 "modem" cable. This means that the individual signal wires
are not independently shielded, yielding increased cross-talk. They do this
in the name of "cost savings." (Note that I am not complaining about the
disk mechanisms, but about the boxes they are sold in.)
This problem may be made worse by the proliferation of compression software
(mostly built on the public-domain implementation of the Lempel-Ziv algorithm
that was distributed on Usenet some years back). One of the negative
side-effects of Lempel-Ziv is that a single bit error in the data stream may
turn *all* subsequent data to garbage. In a poor implementation, it will also
crash the decompression program.
I don't know the right solution to the hardware problem: perhaps Consumer
Reports should hire an electrical engineer with an analog oscilloscope
(remember analog?) and test end-market SCSI disks. I don't know if
there is a decent solution to the software problem -- I don't think
"education is the answer" recognizes the reality that the users don't
know about computers, and don't care: they're only interested in their
invoices and medical records and illustrations and books and love letters.
Martin Minow minow@ranger.enet.dec.com (New address)
------------------------------
Date: Wed, 6 Mar 91 15:38:57 GMT
From: pcl@robots.oxford.ac.uk (Paul Leyland)
Subject: Computer insecurity in UK government
From _The Times_ (London) 5th March 1990
Auditors press for wider computer data security
An audit report published today is expected to say that there have been
improvements in how the government administers the security of its networks.
Nevertheless, some experts believe there is little room for complacency and
that, given the breakneck pace of computerisation of everything from social
security offices to the health service, more money needs to be urgently spent.
More than three years ago, the independent National Audit Office issued a
warning of the dangers to government computer systems from floods, fires and
frauds.
Security and so-called disaster recovery was too low across government
departments, with gaps identified everywhere from the Driver and Vehicle
Licensing Centre to the National Savings department -- gaps which, it was
claimed, put at risk huge stores of confidential and commercially sensitive
data and defence information.
Emma Nicholson, Conservative MP for Devon West and Torridge and a former
computer consultant, said that the government, its agencies and quangos[1]
needed to mirror the spending of industry and commerce on disaster recovery.
The private sector spent up to a fifth of budgets on securing computer systems
against fire, floods and fraud, and the public sector should be doing the same,
Miss Nicholson said.
The publication of the audit report brings into focus an area of government
policy which some experts claim is in turmoil amid concern that a serious
review of the way government specifies and buys information technology should
be reviewed[2]. It follows difficulties in implementing the computerisation of
the social security and health service systems.
Up to eight social security offices are on strike because, it is claimed, the
computerisation of the benefits service was made hastily without any notion of
the technical difficulties involved. Michael Meacher, the shadow social
security spokesman, said.
Some experts believe that the government, which spends \pounds 2 billion a year
on information technology, should now consider an information technology
minister to oversee the technical ramifications of legislation. The
computerised community charge[3], which in some cases has needed more staff to
administer than the old rates[3] might never have been passed so swiftly if an
assessment of the computing complexities had been made. Others believe that
there is a need for a panel of industry experts to advise the government and
its own advisers, the Central Computer and Telecommunications Agency.
What concerns some firms is that, in spite of a greater emphasis on competition,
it can take up to three years for the government and the agency to approve a
system, whereas, in the private sector, the time frame is often a few months.
------
Footnotes (by pcl, not in the original).
[1] Quango -- acronym for quasi-autonomous national governmental organisations.
[2] This turgid and repetitious phrasing is how it appears in the original.
[3] Two methods of financing local government. Roughly speaking, the
"community charge" (popularly termed the poll tax) is a universal charge on
adults (with 80% discounts for low income groups such as students, unemployed,
etc), whereas the "rates" is a property tax levied on property owners. In both
cases, the level of the charge is set by the local government, subject to
central government imposed maxima. The old rates system was widely regarded as
corrupt; the newer community charge is even more widely held to be unfair.
It's not yet clear what an acceptable method of local government finance will
be.
------------------------------
Date: Tue, 5 Mar 91 15:42:00 GMT
From: Phil Agre <phila@cogs.sussex.ac.uk>
Subject: computer addiction
This book might be of interest. I'll just make a few descriptive comments,
but the book deserves a more detailed analysis by someone who knows about the
social psychology of addictions.
Margaret A. Shotton, {\em Computer Addiction?: A Study of Computer
Dependency}, London: Taylor and Francis: 1989.
A survey-based sociological study of computer addiction. She defines three
classes of computer-dependent people (Networker, Worker, Explorer), according
to the degree to which computer activity connects with, or displaces, social
relationships, with particular attention to marriage problems. The final
chapter's analysis presents a more or less conventional account of computer
addiction as a safe substitute for social relationships that are experienced
as dangerous, by analogy to a variety of other hobbies, such as auto repair.
Phil Agre, University of Sussex
------------------------------
Date: Wed, 06 Mar 91 17:33:08 -0800
From: Rob Kling <kling@ICS.UCI.EDU>
Subject: Anthology about social issues of computing available
Computerization & Controversy, an anthology of articles about social issues of
computing (including risks), by Charles Dunlop and Rob Kling is now available.
Computerization and Controversy: Value Conflicts and Social Choices
Charles Dunlop and Rob Kling (Editors)
Univ. of Michigan - Flint Univ. of California - Irvine
Many students, professionals, managers, and laymen are hungry for honest,
probing discussions of the opportunities and problems of computerization. This
book introduces some of the major social controversies about the
computerization of society. It highlights some of the key value conflicts and
social choices about computerization. It helps readers recognize the social
processes that drive and shape computerization, and to understand the paradoxes
and ironies of computerization.
Some of the controversies about computerization covered in this collection
include:
* the appropriateness of utopian and anti-utopian scenarios for understanding
the future
* whether computerization demonstrably improves the productivity of
organizations
* how computerization transforms work
* how computerized systems can be designed with social principles in view
* whether electronic mail facilitates the formation of new
communities or undermines intimate interaction
* whether computerization is likely to reduce privacy and personal freedom
* the risks raised by computerized systems in health care
* the ethical issues when computer science researchers accept military
funding
* the extent to which organizations, rather than "hackers,"
are significant perpetrators of computer abuse
The authors include Paul Attewell, Carl Barus, Wendell Berry, James Beninger,
John Bennett*, Alan Borning, Niels Bjorn-Anderson*, Chris Bullen*, Roger
Clarke, Peter Denning, Pelle Ehn, Edward Feigenbaum, Linda Garcia, Suzanne
Iacono, Jon Jacky*, Rob Kling, Kenneth Kraemer*, John Ladd, Kenneth Laudon,
Pamela McCorduck, David Parnas, Judith Perrolle*, James Rule, John Sculley,
John Shattuck, Brian Smith, Clifford Stoll, Lindsy Van Gelder, Fred Weingarten,
Joseph Weizenbaum, and Terry Winograd. (*'d authors have contributed new
essays for the book.)
Each of the seven sections opens with a 20 page analytical essay which
identifies major controversies and places the articles in the context of key
questions and debates. These essays also point the reader to recent additional
research and debate about the controversies.
Published by Academic Press (Boston). 758 pp. Available: March 5 1991. $34.95
ISBN: 0-12-224356-0 Phone: 1-800-321-5068
Individuals may purchase copies directly from Academic Press by calling
1-800-321-5068 or by writing to: Academic Press Ordering Academic Press
Wharehouse, Order Dept., 465 S. Lincoln, Troy, Missouri 63379.
[as in SoftWhare?]
Faculty who offer courses about social issues in computing may order
examination copies from Academic Press. Write on university letterhead or
enclose a business card, and include the following information about your
course: class name and number, department, # of students, books used --in the
past, adoption deadline.
Send your requests for examination copies to: Amy Yodannis, College and
Commercial Sales Supervisor, Academic Press, 1250 Sixth Avenue, San Diego, CA
92101, tel: 619-699-6547, fax: 619-699-6715
------------------------------
End of RISKS-FORUM Digest 11.22
************************