RISKS@KL.SRI.COM (RISKS FORUM, Peter G. Neumann -- Coordinator) (11/16/87)
RISKS-LIST: RISKS-FORUM Digest Sunday, 15 November 1987 Volume 5 : Issue 58
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
Contents:
Son of Stark (Hugh Miller)
Follow-up to Black Hawk Failures article (Dave Newkirk)
Jamming the Chopper (Brint Cooper)
Computer systems hit by logic bombs (J.D. Bonser)
Risk of more computers (Arthur David Olson)
Reach out and (t)ouch! (Matthew Kruk)
Re: Password truncation and human interfaces (Mark W. Eichin)
Mobile Radio Interference With Vehicles (Ian Batten)
Computer terrorism (Brint Cooper)
[There is a huge backlog on UNIX set[gu]id (still) and on tape labels.
I'll try to sort through it and pick the new contributions...]
The RISKS Forum is moderated. Contributions should be relevant, sound, in good
taste, objective, coherent, concise, nonrepetitious. Diversity is welcome.
Contributions to RISKS@CSL.SRI.COM, Requests to RISKS-Request@CSL.SRI.COM.
For Vol i issue j, FTP SRI.COM, CD STRIPE:<RISKS>, GET RISKS-i.j.
Volume summaries for each i in max j: (i,j) = (1,46),(2,57),(3,92),(4,97).
----------------------------------------------------------------------
Date: Sun, 15 Nov 87 11:19:15 EST
From: Hugh Miller <HUGH%UTORONTO.BITNET@wiscvm.wisc.edu>
Subject: Son of Stark
The following appeared in this morning's edition of the *Toronto
Star*, Sunday 15 November 1987. Here we go again:
WASHINGTON (AP) - Deficient radar equipment aboard the USS Stark,
and not the ship's crew, was chiefly responsible for the frigate's
failure to defend itself against an Iraqi missile attack last May,
the ship's captain said in his first extensive comment on the
incident.
Capt. Glenn Brindel acknowledged "deficiencies in the watch"
aboard the ship, but wrote, "Their actions or inactions ... are
not primary causes for Stark's failure to defend against the ...
attack.
"Unfortunately, the ship's radars and electronics did not
function as advertised."
His assertion directly contradicts the official US Navy board
of inquiry findings, released in a censored version Oct. 15.
It also raises new questions about the ability of similar
frigates - at least six ships of the same type are currently
deployed in the Persian Gulf - to defend themselves against
such attacks.
Brindel expressed his views in a lengthy letter to the editor,
printed in tomorrow's editions of the weekly newspaper Navy Times.
The board of inquiry harshly criticized Brindel and some of
his top officers for failing to defend the Stark from two Exocet
missiles fired from an Iraqi jet May 17.
Brindel said Stark's radar systems should have detected the
Exocets.
"They did not," he wrote.
Brindel, the board of inquiry concluded, "failed to provide
combat-oriented leadership, allowing Stark's anti-air warfare
readiness to disintegrate to the point that his Combat Information
Center team was unable to defend the ship."
Thirty-seven sailors died in the attack.
Would someone who has quick access to Navy Times be so kind as to send in
extracts from Brindel's letter giving details? Specifically, will we now
find out that the Phalanx was on after all, and pulled a Divad? Capt.
Brindel, it appears, has been made to take a dive for a bad P-sub-k. Hope
this doesn't hurt his pension.
Hugh Miller, Toronto, Ont.
------------------------------
Date: Sat, 14 Nov 87 17:33:16 PST
From: ihnp4!ihlpm!dcn@ucbvax.Berkeley.EDU
To: kl.sri.com!risks@ucbvax.Berkeley.EDU
Subject: Follow-up to Black Hawk Failures article
COPTERS GET SHIELD FROM DEADLY RADIO
Wahington - The Army, alarmed by new test results showing that radio waves
can shut down the vital hydraulic system of its Black Hawk helicopter, will
shield the system's electronic controls from such interference, Army officials
said Wednesday [November 11, 1987]. Radio waves triggered a ``complete
hydraulic failure'' on a UH-60 Black Hawk by generating false electrical
commands in the system, according to test results. The Army's decision
comes after a series of crashes in which the helicopters nosedived into the
ground. Since 1982, 22 servicemen have been killed in five Black Hawk crashes.
(From the Chicago Tribune, November 11, 1987 - dcn)
Dave Newkirk, ihnp4!ihlpm!dcn
------------------------------
Date: Thu, 12 Nov 87 8:28:13 EST
From: Brint Cooper <abc@BRL.ARPA>
To: risks@csl.sri.com
Subject: Jamming the Chopper
From wire service reports:
"The Army, alarmed by new test results showing that radio waves
can shut down the vital hydraulic system of its Black Hawk helicopter,
will shield the system's electronic controls from such interference, t
Army officials said yesterday.
Radio waves triggered a "complete hydraulic failure" on a UH-60
Black Hawk by generating false electrical commands in the system,
according to the Army's latest test results. When that happens, the
pilot can't control the aircraft.
The Army's decision, disclosed at a private meeting this week
with officials from Sikorsky Aircraft Co., the Black Hawk contractor,
comes after a series of crashes in which the helicopters nose-dived into
the ground.
The Black Hawk's logic module...will be replaced with the
shielded version already used aboard the Navy Sea Hawk, a derivative of
the Army chopper, according to Army officials."
Two thoughts:
1. If the Sea Hawk is a derivative of the Black Hawk, why is it
that the former has the shielded control module and not the latter? Is
the Navy smarter than the Army?
2. Didn't we have a discussion in RISKS of similar problems with
electronic anti-skid automotive braking systems some time ago? Did it
conclude anything?
_Brint
[Yes. Not really. PGN]
------------------------------
Date: Fri, 13 Nov 87 16:37:35 EST
From: "J.D. Bonser" <jdb%watsup.waterloo.edu@RELAY.CS.NET>
To: risks@csl.sri.com
Subject: Computer systems hit by logic bombs
Excerpted without permission from the front page of the
Toronto Globe and Mail, 3 November 1987.
Computer systems hit by `logic bombs'
-------------------------------------
A disgruntled employee of a London Ontario company recently planted
a surprise in the corporation's computer - a ``logic bomb,'' which
would, on a certain date, knock out the entire system. It was found
in time and the man was prosecuted ``but it would have destroyed
their complete computer system - it would have been down for months,''
Sergeant Ted Green of the Ontario Provincial Police said yesterday.
The London man who planted the ``logic bomb'' ... was later acquitted
of the crime ... the trial judge refused to admit evidence of a
previous ``bomb'' he had allegedly planted in a computer system of an
Alberta company because the firm had refused to press charges.
In another case involving a Toronto company, a similar ``logic bomb''
was activated the day the employee's termination notice was
processed in the computer system. ``It wiped out the whole system,'',
said Sgt. Green, ... a specialist in computer crime.
In another case Sgt. Green worked on, a bank branch decided on the
occasion of its 10th anniversary to honor the customer who had the
most active account. It turned out to be an employee who had
accumulated $70,000 funnelling a few cents out of every account into
his own. ``He said: `Go ahead and charge me. I will tell the public
you have been doing this for years.' It was true. The bank had been
rounding off (customers') accounts and putting them into sundry
accounts.''
A man in southwestern Ontario acquired a printing press and ran off
thousands of bank deposit slips with the computerized code for his
own bank account on the bottom of each. Then he discreetly left
piles of them on counters at a number bank branches ... [and] the
deposits went into his account.
A number of employees of a Toronto-area machinery supplier extracted
computer lists of clients and blueprints in order to set up their
own rival company. The scheme was discovered at the last minute and
a trial is scheduled to be held soon.
Sgt. Green said current legislation is adequate to deal with the
problem. ``Our concern is people are reluctant to bring (information)
to us.''
------------------------------
Date: Sat, 14 Nov 87 14:06:27 EST
From: elsie!ado.UUCP@SEISMO.ARPA (Arthur David Olson)
To: risks@csl.sri.com
Subject: Risk of more computers
The November 11, 1987 Washington Post includes a UPI account of
President Reagan's proposed legislation on child pornography.
The proposal ". . .would give prosecutors the right to move against computer
networks and parents who permit their children to be used in pornography."
This newly discovered capability of computer networks to have children may
explain the volume of mail that's been overwhelming the moderator of late.
Had the computing community known earlier what the result of connecting
CSNET, BITNET, USENET, and friends would be. . .
--ado
------------------------------
Date: Fri, 13 Nov 87 20:10:18 PST
From: Matthew_Kruk%UBC.MAILNET@MIT-Multics.ARPA
To: RISKS@csl.sri.com
Subject: Reach out and (t)ouch!
Source: Deutsche Presse-Agentur
BONN, West Germany - An elderly West German woman who failed to
replace her telephone receiver properly after a five-minute call to a
relative in Nairobi, Kenya, received a whopping telephone bill for
$2,3000.
Because of a fault in the Kenya exchange, the connection was not cut
and since German telephone exchanges and billing are all computerized,
the live line went unnoticed. The meter ran 10 hours.
The 86-year-old woman asked the West German Telephone Agency to excuse
the debt, but the agency offered to deduct one third of the bill.
She then petitioned Parliament, which ruled this week that she would
have to pay one-third of the bill for carelessness.
------------------------------
Date: Fri, 13 Nov 87 15:05:27 EST
From: Mark W. Eichin <eichin@ATHENA.MIT.EDU>
To: tytso@ATHENA.MIT.EDU
Cc: imagen!geof@decwrl.dec.com, risks@csl.sri.com
Subject: Re: Password truncation and human interfaces
What is especially interesting (in the BayBanks case) is that
1) It is only on DieBold machines (cross-network stuff needs
the whole string)
2) The screens actually flicker visibly once you have pressed
the fourth digit, making this feature easy to suspect...
_Mark_
------------------------------
To: RISKS FORUM (Peter G. Neumann -- Coordinator) <RISKS@KL.SRI.COM>
Subject: Mobile Radio Interference With Vehicles (RISKS-5.57)
Organisation: University of Birmingham Computer Science Department
Date: Fri, 13 Nov 87 12:43:43 GMT
From: Ian G Batten <BattenIG@CS.BHAM.AC.UK>
There was some trouble a year or so ago I read of in one of the Car
magazines with engine management systems on several makes of car. It
appeared that when driving near Daventry (about 25 miles south of here
on the road to London) their engines would die. This was traced to RFI
from the powerful transmitter field there (Nationwide Radio Four, on
1500 metres is transmitted from there, along with the local Medium Wave
and FM stuff. The level of transmissions around there certainly taxes
my car's radio!)
ian
------------------------------
Date: Fri, 13 Nov 87 16:57:38 EST
From: Brint Cooper <abc@BRL.ARPA>
To: risks@csl.sri.com
Subject: Computer terrorism
Article 114 of comp.society:
Path: brl-adm!umd5!mimsy!oddjob!hao!ames!sdcsvax!ucsdhub!hp-sdd!hplabs!hplabsz!taylor
From: rhorn@infinet.UUCP (Rob Horn)
Subject: Computer usage by Solidarity in Poland
Date: 10 Nov 87 19:31:54 GMT
This is a sketch of the article, ``Of Systems, Solidarity, and
Struggle'' in Datamation, 1 November 1987.
``You know why there are so few sophisticated computer
terrorists in the United States? Because your hackers have so
much mobility into the establishment. Here, there is no such
mobility. If you have the slightest bit of intellectual
integrity you cannot support the government.... That's why the
best computer minds belong to the opposition.'' - Anonymous
This opens a good article on how computers are being used by the
opposition in Poland. Go find a copy of Datamation and read it.
Solidarity is now becoming computerized. Computers are used to
write articles, track election fraud, maintain organizations, and
maintain communications. Using computers for such illegal
purposes is not without penalties. Typical sentences for
opposition activities are 1-2 years when the crimes are
non-violent.
The government has focused its efforts on severing the
communications that make opposition efforts effective. When they
initially severed the public telephone system, computer
operators used internal private line systems to maintain
communications. With martial law, these too were shut down. Now
the primary modes of communication are either by mail or by
courier. A floppy disk is easy to hide in a package or carry
unobtrusively.
Personal computers are now widespread in Poland, acquired both
legally and by smuggling. There are an estimated 500,000
personal computers in Poland, with Sinclair and Amstrad being the
most popular. There are an estimated 700 illegal publications
being generated by everything from matrix printers to
laserwriters. Nearly two thirds of the non-violent crime in
Poland is associated with illegal press and opposition
activities.
The government has had to choose between the serious economic
damage that would result from eliminating computers and their
elimination as an opposition tool. So far, they have been forced
to allow the continued use of computers.
The security capabilities of computers are also important to
Solidarity. Telephone calls can be traced and monitored; floppy
disks are easy to smuggle around. Paper is very bulky, hard to
conceal, and hard to destroy. Floppies are very compact, easy to
hide, easy to encrypt, and easy to destroy.
``Every Solidarity center had piles and piles of paper ....
everyone was eating paper and a policeman was at the door. Now
all you have to do is bend a disk.''
Rob Horn
------------------------------
End of RISKS-FORUM Digest
************************
-------