|
Risks Digest 10.47
NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.
From: RISKS Forum <[email protected]>
Date: Thu, 4 Oct 1990 13:23:16 PDT
Subject: RISKS DIGEST 10.47
To: ;@risks-list.ncsl.nist.gov
RISKS-LIST: RISKS-FORUM Digest Thursday 4 October 1990 Volume 10 : Issue 47
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
Contents:
California DMV and their new computer (Cecil Lee (2))
Report of Nat Semi clock chip flaw (Martyn Thomas)
BA 747-400 Engine Failure (Martyn Thomas)
Novel on corporate computer espionage (Philip Brewer)
CERT Advisory - NeXT systems (Edward DeHart)
Fair Information Principles (Jeff Johnson)
Television rating (nee universal listening) device (Tim Wood)
From under a Rock??? (Subliminal message lawsuits) (Ed Hall)
Operation Sun Devil invades the InterNet?
(Ed Luke via Michael Packer via John M. Chapin)
The RISKS Forum is moderated. Contributions should be relevant, sound, in good
taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome.
CONTRIBUTIONS to [email protected], with relevant, substantive "Subject:" line
(otherwise they may be ignored). REQUESTS to [email protected].
TO FTP VOL i ISSUE j: ftp CRVAX.sri.com<CR>login anonymous<CR>AnyNonNullPW<CR>
cd sys$user2:[risks]<CR>GET RISKS-i.j <CR>; j is TWO digits. Vol summaries in
risks-i.00 (j=0); "dir risks-*.*<CR>" gives directory; bye logs out.
ALL CONTRIBUTIONS ARE CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY.
The most relevant contributions may appear in the RISKS section of regular
issues of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise.
----------------------------------------------------------------------
Date: Sat, 29 Sep 90 21:57:26 PDT
From: Master Of Darkness <[email protected]>
Subject: California DMV and their new computer
I just received my registration notice from the DMV (Department
of Motor Vehicles). This piece of paper shows the amount of money I
need to pay, so that I can drive my car for the next year in California.
Imagine my surprise when I saw the amount: $2214. An extremely big
surprise since I only paid ~$600 last year, when I purchased the car new. The
reason for this new method of making money?
This is the excuse from the clerks at the DMV. Seems that they have
just started using a new computer program for billing purposes, apparently on
their new Tandem computers. Surprise Surprise it seems that everybody who got
a recent registration statement, has an invalid amount. I had to go to the
local office so that they could print up a new form with the correct amount. I
don't know if registration statements were the only incorrect items produced.
They didn't volunteer the information and I didn't ask.
Supposedly some people received bills for less then the correct amount.
I wonder if they will still get their registration tags when (if) the computer
notices the underpayment. Will those who might have paid too much get refunds?
BTW, the correct amount I'm supposed to pay? $351.
Cecil Lee, Intel Corp.
[email protected] or CLee%SC9%[email protected]
UUCP : {pur-ee,qantel,amdcad,oliveb,decwrl,hplabs}!intelca!mipos3!sc9!clee
------------------------------
Date: Sun, 30 Sep 90 16:42:30 PDT
From: Master Of Darkness <[email protected]>
Subject: California DMV Troubles
The following was an article in the Sept 30, 1990 issue of "The Argus."
One of the local papers in the SF Bay area.
DMV computer goof overbills car owners
By Mark van de Kamp (staff writer)
Sham Dixit of Livermore was one of many California drivers who felt
they were being asked to pay too much when they got notices this week to renew
their motor vehicle registrations between now and November. And they were
right. The state Department of Motor Vehicles admitted Friday that it had made
a blunder which caused some drivers to be overbilled by hundreds, even
thousands of dollars. In Dixit's case, he was asked to pay $2,832 for his 1987
Nissan Sentra. It cost him $166 to register the car last year. Likewise,
three members of a Pleasanton family were overbilled by $1,000 each.
The DMV does not know how many vehicle registrations are involved.
There are 25 million registered vehicles in the state. The agency said the
incorrect billing notices involve drivers whose vehicle registration was set to
expire Nov. 16, 18 and 20. Most of the incorrect bills arrived in mailboxes
Thursday and Friday. [...]
The problem surfaced late Thursday when DMV offices started receiving
calls from motor vehicle owners asking why registration fees had changed
significantly from the previously year, the agency said. "At first thought I'd
made a mistake. Then I heard that the DMV screwed up. Boy, did they ever,"
Dixit said. "But I work with computers, so I know it must be a programming
error. Computers are only as smart as the people who use them." [...]
Cecil Lee, Intel Corp. [PGN Excerpting Service]
[email protected] or CLee%SC9%[email protected]
UUCP : {pur-ee,qantel,amdcad,oliveb,decwrl,hplabs}!intelca!mipos3!sc9!clee
------------------------------
Date: Thu, 4 Oct 90 12:38:35 BST
From: Martyn Thomas <[email protected]>
Subject: Report of Nat Semi clock chip flaw
Electronics Times (4 Oct, front page) reports that National Semiconductor's
real-time clock chip (part number MM58274B) "has a tendency to switch from a
24hr clock to a 12hr clock when subjected to electronic noise ..".
Two examples are given of problems allegedly caused by the chip.
"... the chip caused the time clock in a financial system to skip from
Thursday to Saturday, leaving employees without paychecks".
"It has also caused problems for the United Nations Atomic Energy Agency
which uses the chip in a televised security system for guarding nuclear fuel
.... ".
Martyn Thomas, Praxis (Software Engineers), 20 Manvers Street, Bath BA1 1PX UK.
Tel: +44-225-444700. Email: [email protected]
------------------------------
Date: Wed, 3 Oct 90 15:21:58 BST
From: Martyn Thomas <[email protected]>
Subject: BA 747-400 Engine Failure
Flight International (3-9 October) reports that a British Airways Boeing
747-400's No 1 engine electronic controls failed on takeoff at London
Heathrow causing the engine to shut down.
The crew [two pilots, there is no flight engineer] reported the status
message "engine controls" and asked their technical support staff, by radio,
for advice. They were told "You've obviously lost control of that engine.
It's a FADEC failure" [FADEC = Full Authority Digital Engine Controller].
BA says that the problem was a spurious signal from the electronic "thrust
reverse resolver". If so, the early diagnosis of FADEC failure could be
wrong. There has been a number of instances of spurious signals causing
747-400 engines to throttle back or shut down, according to Flight [ This
may be a reference to the earlier reports of spurious signals from flap and
gear sensors, reported in an earlier RISKS].
Flight adds that FADEC failure is extremely unusual.
Martyn Thomas, Chairman, Praxis plc. Software Engineers.
Tel: +44-225-444700. Email: [email protected]
------------------------------
Date: 1 Oct 1990 14:29:40-BST
To: risks <[email protected]>
Subject: Equinox on the A320: Programme summary
Below is a summary of the Channel 4 (UK TV) programme on the A320
transmitted at 7pm Sunday 30 September. I took notes during the
programme but I may have got some details wrong.
Equinox asked an independent air accident investigator named Ray Davis to
examine the report on the Habsheim crash where an A320 being flown in a display
made a slow pass over the runway and could not pull up in time to avoid the
trees at the end of the airport. He made four major findings which were put to
the Chief engineer (I think) at Airbus Industries.
1: A 4 second discrepancy between the Cockpit Voice Recorder, the
Aircraft Data Recorder and the Tower Voice Recorder. Sorry but I
cannot remember the Airbus reply to this.
2: There was no record of the impact with the trees in the flight
data. This might be expected in (say) a collision with a mountain,
but the recorders should have been able to operate until the
aircraft disintegrated. Any crash which could be survived by all
but three passengers should not have caused an abrupt stop in the
flight data record. Again I cannot recall the Airbus reply.
3: The final seconds of the record showed forward acceleration. The
airbus Chief Eng claimed that Davis had this graph upside down and
a positive reading indicated deceleration. He also claimed that
the deceleration was caused by the trees, and that Davis was
incompetent if he did not know that this format was an
international standard. Equinox stated that the international
standard was for a forward acceleration to give a positive reading
and that this was the one used by the A320. Airbus later stated
that the CE had been referring to a French standard.
4: The final seconds of the record also showed the pilot giving full
stick back but being overridden by the computer. The CE stated
that this was the safety systems stopping the aircraft from
stalling. Equinox said something about the Pilot manuals saying
that at the indicated airspeed the aircraft should have been able
to climb.
The possibility of an engine compressor stall leading to loss of power was
discussed. According to Equinox this would lead to a small explosion (I assume
this would be as unburnt fuel vapour was pushed out of the tailpipe) and a drop
in power. A survivor and a ground witness stated that they had heard such
explosions, but Airbus deny they occurred and point out that no such explosions
are audible on the videotapes. An early transcript of the CVR did include the
text "(boume) (boume)" (sp?). Airbus claim this is the sound of impact with
trees.
About 30 seconds were devoted to a pilot employed by Airbus who had publicly
spoken out in support of Capt. Asseline (sp?) who was the pilot at Habsheim.
This pilot claimed that 4 days later he was given an unscheduled medical
examination and had his license withdrawn due to "mental instability".
The authenticity of the "black boxes" recovered from the crash was
questioned. Officially the boxes are being held by a French court.
Equinox was not allowed to film these, but a magistrate looked at a
video alleged to be of the boxes immediately after being removed from
the crash site and stated that if these were in fact the boxes from
the A320 then something was very wrong. The implication was that the
boxes delivered to the court were not the boxes recovered from the
crash.
A video of the programme can be obtained by phoning +44 532 438283
ext. 4060 or 4075.
BTW, one of the interviewees had a box file labeled "RISKS" in the
background. Perhaps he could fill in the holes in my report. Thanks.
Please note that this report is in no way connected with my employers. Paul.
------------------------------
Date: Tue, 02 Oct 90 10:07:13 CDT
From: [email protected]
Subject: Novel on corporate computer espionage
Corporate espionage by computer is the subject of a new novel _The
Fool's Run_ by John Camp. When plans for the latest fighter plane
target acquisition hardware and software are stolen, a defense
contractor decides that only by sabotaging the development work of a
competitor can it be sure of being the only company in a position to
demonstrate the system by the deadline. The company hires Mr. Kidd
(artist, software designer, former commando) to invade the competitor's
computers and disrupt their operations for a few weeks. They say:
the best way ... is through their computer systems--design systems,
accounting systems, information systems, scheduling and materials.
Altering them, destroying them, faking them out.
In the style of a classic caper novel, Kidd assembles a team including a
burglar and a sleezy reporter and attacks the defense contractor,
disrupting their operations from all sides.
The author handles the computer entry techniques well. There is only a
small amount of "magic" involved, and most of that is performed in the
background by "Bobby" (a former phone-phreak we meet only by way of a
data link) who handles such things as telephone trace bypasses. The
discussions of computer security techniques are right on target, and the
supposed level of security at the target company is on par with what
I've seen at several of the places I've worked. When it comes to the
actual disruptions things get a little fuzzier, although not to the
point that it fails to work as a novel.
In real life, most malicious computer attacks have been committed by
disgruntled employees or former employees. Most computer viruses have
been written by misguided enthusiasts. I haven't heard of this kind of
attack against one company by another. That doesn't mean it hasn't
happened, and it certainly doesn't mean that it won't happen. I fear,
this book may give some people ideas.
Camp, John _The Fool's Run_ ISBN 0-451-16712-0 Signet $4.95
Philip Brewer [email protected]
Motorola Urbana Design Center ...!uiucuxc!udc!pbrewer
------------------------------
Date: Tue, 2 Oct 90 14:57:03 -0400
From: [email protected]
Subject: CERT Advisory - NeXT systems
CA-90:06 CERT Advisory
October 2, 1990
NeXT's System Software
This message is to alert administrators of NeXT Computers of four
potentially serious security problems.
The information contained in this message has been provided by David Besemer,
NeXT Computer, Inc. The following describes the four security problems,
NeXT's recommended solutions and the known system impact.
Problem #1 DESCRIPTION: On Release 1.0 and 1.0a a script exists in
/usr/etc/restore0.9 that is a setuid shell script. The existence of
this script is a potential security problem.
Problem #1 IMPACT: The script is only needed during the installation
process and isn't needed for normal usage. It is possible for any
logged in user to gain root access.
Problem #1 SOLUTION: NeXT owners running Release 1.0 or 1.0a should
remove /usr/etc/restore0.9 from all disks. This file is installed by
the "BuildDisk" application, so it should be removed from all systems
built with the standard release disk, as well as from the standard
release disk itself (which will prevent the file from being installed
on systems built with the standard release disk in the future). You
must be root to remove this script, and the command that will remove
the script is the following:
# /bin/rm /usr/etc/restore0.9
---
Problem #2 DESCRIPTION: On NeXT computers running Release 1.0 or
1.0a that also have publicly accessible printers, users can gain
extra permissions via a combination of bugs.
Problem #2 IMPACT: Computer intruders are able to exploit this security
problem to gain access to the system. Intruders, local users and remote
users are able to gain root access.
Problem #2 SOLUTION: NeXT computer owners running Release 1.0 or
1.0a should do two things to fix a potential security problem.
First, the binary /usr/lib/NextPrinter/npd must be replaced with a
more secure version. This more secure version of npd is available
through your NeXT support center. Upon receiving a copy of the more
secure npd, you must become root and install it in place of the old
one in /usr/lib/NextPrinter/npd. The new npd binary needs to be
installed with the same permission bits (6755) and owner (root) as
the old npd binary. The commands to install the new npd binary are
the following:
# /bin/mv /usr/lib/NextPrinter/npd /usr/lib/NextPrinter/npd.old
# /bin/mv newnpd /usr/lib/NextPrinter/npd
(In the above command, "newnpd" is the npd binary
that you obtained from your NeXT support center.)
# /etc/chown root /usr/lib/NextPrinter/npd
# /etc/chmod 6755 /usr/lib/NextPrinter/npd
The second half of the fix to this potential problem is to change the
permissions of directories on the system that are currently owned and
able to be written by group "wheel". The command that will remove
write permission for directories owned and writable by group "wheel"
is below. This command is all one line, and should be run as root.
# find / -group wheel ! -type l -perm -20 ! -perm -2 -ls -exec chmod
g-w {} \; -o -fstype nfs -prune
---
Problem #3 DESCRIPTION: On NeXT computers running any release of the
system software, public access to the window server may be a
potential security problem.
The default in Release 1.0 or 1.0a is correctly set so that public access
to the window server is not available. It is possible, when upgrading from
a prior release, that the old configuration files will be reused. These
old configuration files could possibly enable public access to the window
server.
Problem #3 IMPACT: This security problem will enable an intruder to gain
access to the system.
Problem #3 SOLUTION: If public access isn't needed, it should be disabled.
1. Launch the Preferences application, which is located in /NextApps
2. Select the UNIX panel by pressing the button with the UNIX
certificate on it.
3. If the box next to Public Window Server contains a check, click on
the box to remove the check.
---
Problem #4 DESCRIPTION: On NeXT computers running any release of the
system software, the "BuildDisk" application is executable by all users.
Problem #4 IMPACT: Allows a user to gain root access.
Problem #4 SOLUTION: Change the permissions on the "BuildDisk" application
allowing only root to execute it. This can be accomplished with the
command:
# chmod 4700 /NextApps/BuildDisk
To remove "BuildDisk" from the default icon dock for new users, do the
following:
1. Create a new user account using the UserManager application.
2. Log into the machine as that new user.
3. Remove the BuildDisk application from the Application Dock by dragging
it out.
4. Log out of the new account and log back in as root.
5. Copy the file in ~newuser/.NeXT/.dock to /usr/template/user/.NeXT/.dock
(where ~newuser is the home directory of the new user account)
6. Set the protections appropriately using the following command:
# chmod 555 /usr/template/user/.NeXT/.dock
7. If you wish, with UserManager, remove the user account that you created
in step 1.
In release 2.0, the BuildDisk application will prompt for the root password
if it is run by a normal user.
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
CONTACT INFORMATION
For further questions, please contact your NeXT support center.
NeXT has also reported that these potential problems have been fixed in
NeXT's Release 2.0, which will be available in November, 1990.
Thanks to Corey Satten and Scott Dickson for discovering, documenting, and
helping resolve these problems.
Edward DeHart, Computer Emergency Response Team/Coordination Center (CERT/CC)
Software Engineering Institute, Carnegie Mellon University Pittsburgh, PA
15213-3890 E-mail: [email protected]
Telephone: 412-268-7090 24-hour hotline: CERT personnel answer
7:30a.m.-6:00p.m. EST, on call for emergencies other hours.
Past advisories and other information are available for anonymous ftp
from cert.sei.cmu.edu (128.237.253.5).
------------------------------
Date: Wed, 03 Oct 90 14:40:57 PDT
From: Jeff Johnson <[email protected]>
Subject: Fair Information Principles
This is a summary of the Fair Information Principles, excerpted with permission
from an e-mail message sent by Marc Rotenberg, directory of CPSR's Washington
D.C. office and head of its Computers and Civil Liberties Project.
I thought RISKS readers might be interested.
FAIR INFORMATION PRINCIPLES
The Fair Information Principles were developed by a U.S. Government
Study Committee in 1973, chaired by Willis Ware of the Rand
Corporation. Shortly after the commission released its final report
("Records, Computers and the Rights of Citizens"), Congress passed
comprehensive privacy legislation: the Privacy Act of 1974. Much of
the privacy law that followed the Privacy Act (e.g., the Right to
Financial Privacy Act, the Cable Policy Act, the Electronic
Communications Privacy Act, and the Video Privacy Protection Act) are
based on the Fair Information Principles.
Many other countries follow the Fair Information Principles. Recently
in Paris, European Data Protection commissioners recommended that the
EC 92 charter include mandatory provisions for the enforcement of Fair
Information Principles across all European countries.
These are the Principles:
1. There must be a way for a person to prevent information about the
person that was obtained for one purpose from being used or made
available for other purposes without the person's consent.
2. There must be no personal data record-keeping systems whose very
existence is secret.
3. There must be a way for a person to find out what information about
the person is in a record and how it is used.
4. There must be a way for a person to correct or amend a record of
identifiable information about the person.
5. Any organization creating, maintaining, using, or disseminating records of
identifiable personal data must assure the reliability of the data for their
intended use and must take precaution to prevent misuses of the data.
Jeff Johnson, HP Labs
------------------------------
Date: Mon, 1 Oct 90 11:30:28 PDT
From: [email protected] (Tim Wood at home)
Subject: Television rating (nee universal listening) device
Found in the Oakland Tribune "Patents" column, Oct. 1, reprinted from
The New York Times:
In search of a more accurate way to measure television and
radio audiences, a small company in Chicago has patented a
pocket-sized device that silently monitors and logs the
programs a person listens to.
The battery-powered device is based on "acoustic matching."
[this term is not precisely defined] ... [A] microphone senses
sounds near the person being monitored and a microprocessor
converts these sounds into a digital code.
... Users would place the monitoring devices on
battery chargers when they go to bed. The battery charger
would be connected to a telephone line, enabling the device to
transmit the day's data to a central computer at the audience
measurement company.
Hope all of your RISKS alarms are ringing as loudly as mine are. The
frightening prospect of creation of libraries of users' private sounds
comes to mind. As does the funny, if Machiavellian, image of public
broadcasting of these sounds, a la the tryst between Majors Hoolihan
and Burns in the movie "MASH."
This development is interesting in light of (what I see as) a duality
in society`s view of high tech of simultaneous infatuation and distrust.
Hopefully the latter view will be applied to the new device.
-TW
------------------------------
Date: Thu, 04 Oct 90 11:56:40 PDT
From: Ed Hall <[email protected]>
Subject: From under a Rock???
I've been loosely following the various ``subliminal message'' lawsuits which
have been winding their way through the courts recently. These are
product-liability suits alleging that subliminal messages in rock music have
driven people to suicide. One such case, against British group Judas Priest,
was recently dismissed. Another against Ozzy Osbourne is now pending.
There is a computer RISK here. According to today's Los Angeles Times:
... Sound Analyst Evans [a lecturer at Univ. of Nevada with
masters degrees in physics and computer science] said she had
spent about a month analyzing audio subliminal messages
allegedly implanted on the "Blizzard of Oz" cassette using the
same home-computer software package employed in the Judas Priest
case. ...
I can only guess at what this "home-computer software package" is. (If
anyone has additional information about it, please let me know). One
thing I'm sure of, however: it hardly affords an accurate model of human
auditory perception (unless its author has managed to leapfrog what
would no doubt be decades of neurophysiological research). Its use in
court no doubt arises from the persisting association of The Computer
with unchallengeable accuracy and authority.
I foresee nothing but trouble in the interaction between the notion of
"subliminal messages" (whether auditory or visual) and the increasing
capability for computers to perform extensive signal processing--whether that
"processing" is meaningful or not. As the recent "Face on Mars" flap
illustrates, people will see (or hear) just what they want to see (or hear),
given the tools to create "evidence". Computers greatly enhance the power for
self-delusion.
-Ed Hall, [email protected]
[Disclaimer: This all is my personal opinion ONLY.]
------------------------------
Date: Tue, 2 Oct 90 08:21:10 -0700
From: John M. Chapin <[email protected]>
Subject: Operation Sun Devil invades the InterNet?
I found the following posting on alt.sex.pictures.d. It is probably a hoax; in
particular, the "National Computing Defence Council" reference seems to be a
mistaken attempt to implicate the NCSC. If not a hoax, the RISKS here are
appalling. If this is a hoax, the RISK is that a climate of fear, created by
government use of computer monitoring, makes such hoaxes believable and hence
can limit the exercise of individual liberties.
Background: over the last year or so, sites offering X-rated bitmap archives
for anonymous FTP have been under increasing pressure to remove public access
to the files. This message refers to one such site, the MARS bbs, that
recently caused a spate of complaints by removing access to its bitmaps. "Gif"
is a popular format for the interchange of bitmap data. The "bogus NSF story"
refers to a very real letter, sent to many archive administrators by an
individual within the NSF, threatening cutoff of funding due to illegal
non-academic use of the InterNet.
-John Chapin ([email protected])
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
From: [email protected] (Michael Packer)
Newsgroups: alt.sex.pictures.d
Message-ID: <[email protected]>
Date: 1 Oct 90 15:09:20 GMT
...this is a message that a friend of mine got off of their BBS:
[= copy of message =]
Posted By: lush (Ed Luke)
~Date: Sat Sep 29 21:54:03 1990
~Title: The story about the GIF files.
Ok, since everyone has been asking about the gif files, here's the story of
what happened with the gifs... It seems that the secret service under
direction of Pres. Bush is on a campaign against computer crime. You've read
about some of this probably. It's called Operation Sun Devil. Some of the
older users will remember when this bbs was called the Pirates Resource BBS and
was on athena.ee.mssate.edu. Well we eventually got shut down in a fashion
similar to that of the victims of operation sun devil. However, in our case,
since we were such an allegedly large center for computer criminal activity,
the Secret Service, along with the National Computing Defence Council decided
to conduct an ongoing investigation. If you want to catch mice, you don't just
plug their holes. You lay traps. Well they allowed us to set up again at mars
on the strict requirement that we would do strict accounting. We have been
keeping records of every (timestamped) upload and download that's been made to
this board. In addition, in hopes of cooperating with the Feds for obvious
reasons, I instituted the monitoring system software on mars. When anyone did
an ftp it logged the date, did a finger on the system that was connecting and
snarfed up the userid via ftp protocol and made a complete record of all files
downloaded and uploaded. Also, users that download files from the bbs had the
machine name they were connecting to, and any other evidence collected in a
similar manner. After enough information was collected, we gave them the reams
of data files and removed the gifs, giving y'all the bogus NSF story. So there
it is. The GIFS and GL's aren't the biggest part of the story, but they are
illegal in some states and the FCC has been interested in cracking down on
computer obscenity for a long time. I can't say I like it, but that we have to
live with it.
Ed Luke
------------------------------
End of RISKS-FORUM Digest 10.47
************************
From: RISKS Forum <[email protected]>
Date: Thu, 4 Oct 1990 13:23:16 PDT
Subject: RISKS DIGEST 10.47
To: ;@risks-list.ncsl.nist.gov
RISKS-LIST: RISKS-FORUM Digest Thursday 4 October 1990 Volume 10 : Issue 47
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
Contents:
California DMV and their new computer (Cecil Lee (2))
Report of Nat Semi clock chip flaw (Martyn Thomas)
BA 747-400 Engine Failure (Martyn Thomas)
Novel on corporate computer espionage (Philip Brewer)
CERT Advisory - NeXT systems (Edward DeHart)
Fair Information Principles (Jeff Johnson)
Television rating (nee universal listening) device (Tim Wood)
From under a Rock??? (Subliminal message lawsuits) (Ed Hall)
Operation Sun Devil invades the InterNet?
(Ed Luke via Michael Packer via John M. Chapin)
The RISKS Forum is moderated. Contributions should be relevant, sound, in good
taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome.
CONTRIBUTIONS to [email protected], with relevant, substantive "Subject:" line
(otherwise they may be ignored). REQUESTS to [email protected].
TO FTP VOL i ISSUE j: ftp CRVAX.sri.com<CR>login anonymous<CR>AnyNonNullPW<CR>
cd sys$user2:[risks]<CR>GET RISKS-i.j <CR>; j is TWO digits. Vol summaries in
risks-i.00 (j=0); "dir risks-*.*<CR>" gives directory; bye logs out.
ALL CONTRIBUTIONS ARE CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY.
The most relevant contributions may appear in the RISKS section of regular
issues of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise.
----------------------------------------------------------------------
Date: Sat, 29 Sep 90 21:57:26 PDT
From: Master Of Darkness <[email protected]>
Subject: California DMV and their new computer
I just received my registration notice from the DMV (Department
of Motor Vehicles). This piece of paper shows the amount of money I
need to pay, so that I can drive my car for the next year in California.
Imagine my surprise when I saw the amount: $2214. An extremely big
surprise since I only paid ~$600 last year, when I purchased the car new. The
reason for this new method of making money?
This is the excuse from the clerks at the DMV. Seems that they have
just started using a new computer program for billing purposes, apparently on
their new Tandem computers. Surprise Surprise it seems that everybody who got
a recent registration statement, has an invalid amount. I had to go to the
local office so that they could print up a new form with the correct amount. I
don't know if registration statements were the only incorrect items produced.
They didn't volunteer the information and I didn't ask.
Supposedly some people received bills for less then the correct amount.
I wonder if they will still get their registration tags when (if) the computer
notices the underpayment. Will those who might have paid too much get refunds?
BTW, the correct amount I'm supposed to pay? $351.
Cecil Lee, Intel Corp.
[email protected] or CLee%SC9%[email protected]
UUCP : {pur-ee,qantel,amdcad,oliveb,decwrl,hplabs}!intelca!mipos3!sc9!clee
------------------------------
Date: Sun, 30 Sep 90 16:42:30 PDT
From: Master Of Darkness <[email protected]>
Subject: California DMV Troubles
The following was an article in the Sept 30, 1990 issue of "The Argus."
One of the local papers in the SF Bay area.
DMV computer goof overbills car owners
By Mark van de Kamp (staff writer)
Sham Dixit of Livermore was one of many California drivers who felt
they were being asked to pay too much when they got notices this week to renew
their motor vehicle registrations between now and November. And they were
right. The state Department of Motor Vehicles admitted Friday that it had made
a blunder which caused some drivers to be overbilled by hundreds, even
thousands of dollars. In Dixit's case, he was asked to pay $2,832 for his 1987
Nissan Sentra. It cost him $166 to register the car last year. Likewise,
three members of a Pleasanton family were overbilled by $1,000 each.
The DMV does not know how many vehicle registrations are involved.
There are 25 million registered vehicles in the state. The agency said the
incorrect billing notices involve drivers whose vehicle registration was set to
expire Nov. 16, 18 and 20. Most of the incorrect bills arrived in mailboxes
Thursday and Friday. [...]
The problem surfaced late Thursday when DMV offices started receiving
calls from motor vehicle owners asking why registration fees had changed
significantly from the previously year, the agency said. "At first thought I'd
made a mistake. Then I heard that the DMV screwed up. Boy, did they ever,"
Dixit said. "But I work with computers, so I know it must be a programming
error. Computers are only as smart as the people who use them." [...]
Cecil Lee, Intel Corp. [PGN Excerpting Service]
[email protected] or CLee%SC9%[email protected]
UUCP : {pur-ee,qantel,amdcad,oliveb,decwrl,hplabs}!intelca!mipos3!sc9!clee
------------------------------
Date: Thu, 4 Oct 90 12:38:35 BST
From: Martyn Thomas <[email protected]>
Subject: Report of Nat Semi clock chip flaw
Electronics Times (4 Oct, front page) reports that National Semiconductor's
real-time clock chip (part number MM58274B) "has a tendency to switch from a
24hr clock to a 12hr clock when subjected to electronic noise ..".
Two examples are given of problems allegedly caused by the chip.
"... the chip caused the time clock in a financial system to skip from
Thursday to Saturday, leaving employees without paychecks".
"It has also caused problems for the United Nations Atomic Energy Agency
which uses the chip in a televised security system for guarding nuclear fuel
.... ".
Martyn Thomas, Praxis (Software Engineers), 20 Manvers Street, Bath BA1 1PX UK.
Tel: +44-225-444700. Email: [email protected]
------------------------------
Date: Wed, 3 Oct 90 15:21:58 BST
From: Martyn Thomas <[email protected]>
Subject: BA 747-400 Engine Failure
Flight International (3-9 October) reports that a British Airways Boeing
747-400's No 1 engine electronic controls failed on takeoff at London
Heathrow causing the engine to shut down.
The crew [two pilots, there is no flight engineer] reported the status
message "engine controls" and asked their technical support staff, by radio,
for advice. They were told "You've obviously lost control of that engine.
It's a FADEC failure" [FADEC = Full Authority Digital Engine Controller].
BA says that the problem was a spurious signal from the electronic "thrust
reverse resolver". If so, the early diagnosis of FADEC failure could be
wrong. There has been a number of instances of spurious signals causing
747-400 engines to throttle back or shut down, according to Flight [ This
may be a reference to the earlier reports of spurious signals from flap and
gear sensors, reported in an earlier RISKS].
Flight adds that FADEC failure is extremely unusual.
Martyn Thomas, Chairman, Praxis plc. Software Engineers.
Tel: +44-225-444700. Email: [email protected]
------------------------------
Date: 1 Oct 1990 14:29:40-BST
To: risks <[email protected]>
Subject: Equinox on the A320: Programme summary
Below is a summary of the Channel 4 (UK TV) programme on the A320
transmitted at 7pm Sunday 30 September. I took notes during the
programme but I may have got some details wrong.
Equinox asked an independent air accident investigator named Ray Davis to
examine the report on the Habsheim crash where an A320 being flown in a display
made a slow pass over the runway and could not pull up in time to avoid the
trees at the end of the airport. He made four major findings which were put to
the Chief engineer (I think) at Airbus Industries.
1: A 4 second discrepancy between the Cockpit Voice Recorder, the
Aircraft Data Recorder and the Tower Voice Recorder. Sorry but I
cannot remember the Airbus reply to this.
2: There was no record of the impact with the trees in the flight
data. This might be expected in (say) a collision with a mountain,
but the recorders should have been able to operate until the
aircraft disintegrated. Any crash which could be survived by all
but three passengers should not have caused an abrupt stop in the
flight data record. Again I cannot recall the Airbus reply.
3: The final seconds of the record showed forward acceleration. The
airbus Chief Eng claimed that Davis had this graph upside down and
a positive reading indicated deceleration. He also claimed that
the deceleration was caused by the trees, and that Davis was
incompetent if he did not know that this format was an
international standard. Equinox stated that the international
standard was for a forward acceleration to give a positive reading
and that this was the one used by the A320. Airbus later stated
that the CE had been referring to a French standard.
4: The final seconds of the record also showed the pilot giving full
stick back but being overridden by the computer. The CE stated
that this was the safety systems stopping the aircraft from
stalling. Equinox said something about the Pilot manuals saying
that at the indicated airspeed the aircraft should have been able
to climb.
The possibility of an engine compressor stall leading to loss of power was
discussed. According to Equinox this would lead to a small explosion (I assume
this would be as unburnt fuel vapour was pushed out of the tailpipe) and a drop
in power. A survivor and a ground witness stated that they had heard such
explosions, but Airbus deny they occurred and point out that no such explosions
are audible on the videotapes. An early transcript of the CVR did include the
text "(boume) (boume)" (sp?). Airbus claim this is the sound of impact with
trees.
About 30 seconds were devoted to a pilot employed by Airbus who had publicly
spoken out in support of Capt. Asseline (sp?) who was the pilot at Habsheim.
This pilot claimed that 4 days later he was given an unscheduled medical
examination and had his license withdrawn due to "mental instability".
The authenticity of the "black boxes" recovered from the crash was
questioned. Officially the boxes are being held by a French court.
Equinox was not allowed to film these, but a magistrate looked at a
video alleged to be of the boxes immediately after being removed from
the crash site and stated that if these were in fact the boxes from
the A320 then something was very wrong. The implication was that the
boxes delivered to the court were not the boxes recovered from the
crash.
A video of the programme can be obtained by phoning +44 532 438283
ext. 4060 or 4075.
BTW, one of the interviewees had a box file labeled "RISKS" in the
background. Perhaps he could fill in the holes in my report. Thanks.
Please note that this report is in no way connected with my employers. Paul.
------------------------------
Date: Tue, 02 Oct 90 10:07:13 CDT
From: [email protected]
Subject: Novel on corporate computer espionage
Corporate espionage by computer is the subject of a new novel _The
Fool's Run_ by John Camp. When plans for the latest fighter plane
target acquisition hardware and software are stolen, a defense
contractor decides that only by sabotaging the development work of a
competitor can it be sure of being the only company in a position to
demonstrate the system by the deadline. The company hires Mr. Kidd
(artist, software designer, former commando) to invade the competitor's
computers and disrupt their operations for a few weeks. They say:
the best way ... is through their computer systems--design systems,
accounting systems, information systems, scheduling and materials.
Altering them, destroying them, faking them out.
In the style of a classic caper novel, Kidd assembles a team including a
burglar and a sleezy reporter and attacks the defense contractor,
disrupting their operations from all sides.
The author handles the computer entry techniques well. There is only a
small amount of "magic" involved, and most of that is performed in the
background by "Bobby" (a former phone-phreak we meet only by way of a
data link) who handles such things as telephone trace bypasses. The
discussions of computer security techniques are right on target, and the
supposed level of security at the target company is on par with what
I've seen at several of the places I've worked. When it comes to the
actual disruptions things get a little fuzzier, although not to the
point that it fails to work as a novel.
In real life, most malicious computer attacks have been committed by
disgruntled employees or former employees. Most computer viruses have
been written by misguided enthusiasts. I haven't heard of this kind of
attack against one company by another. That doesn't mean it hasn't
happened, and it certainly doesn't mean that it won't happen. I fear,
this book may give some people ideas.
Camp, John _The Fool's Run_ ISBN 0-451-16712-0 Signet $4.95
Philip Brewer [email protected]
Motorola Urbana Design Center ...!uiucuxc!udc!pbrewer
------------------------------
Date: Tue, 2 Oct 90 14:57:03 -0400
From: [email protected]
Subject: CERT Advisory - NeXT systems
CA-90:06 CERT Advisory
October 2, 1990
NeXT's System Software
This message is to alert administrators of NeXT Computers of four
potentially serious security problems.
The information contained in this message has been provided by David Besemer,
NeXT Computer, Inc. The following describes the four security problems,
NeXT's recommended solutions and the known system impact.
Problem #1 DESCRIPTION: On Release 1.0 and 1.0a a script exists in
/usr/etc/restore0.9 that is a setuid shell script. The existence of
this script is a potential security problem.
Problem #1 IMPACT: The script is only needed during the installation
process and isn't needed for normal usage. It is possible for any
logged in user to gain root access.
Problem #1 SOLUTION: NeXT owners running Release 1.0 or 1.0a should
remove /usr/etc/restore0.9 from all disks. This file is installed by
the "BuildDisk" application, so it should be removed from all systems
built with the standard release disk, as well as from the standard
release disk itself (which will prevent the file from being installed
on systems built with the standard release disk in the future). You
must be root to remove this script, and the command that will remove
the script is the following:
# /bin/rm /usr/etc/restore0.9
---
Problem #2 DESCRIPTION: On NeXT computers running Release 1.0 or
1.0a that also have publicly accessible printers, users can gain
extra permissions via a combination of bugs.
Problem #2 IMPACT: Computer intruders are able to exploit this security
problem to gain access to the system. Intruders, local users and remote
users are able to gain root access.
Problem #2 SOLUTION: NeXT computer owners running Release 1.0 or
1.0a should do two things to fix a potential security problem.
First, the binary /usr/lib/NextPrinter/npd must be replaced with a
more secure version. This more secure version of npd is available
through your NeXT support center. Upon receiving a copy of the more
secure npd, you must become root and install it in place of the old
one in /usr/lib/NextPrinter/npd. The new npd binary needs to be
installed with the same permission bits (6755) and owner (root) as
the old npd binary. The commands to install the new npd binary are
the following:
# /bin/mv /usr/lib/NextPrinter/npd /usr/lib/NextPrinter/npd.old
# /bin/mv newnpd /usr/lib/NextPrinter/npd
(In the above command, "newnpd" is the npd binary
that you obtained from your NeXT support center.)
# /etc/chown root /usr/lib/NextPrinter/npd
# /etc/chmod 6755 /usr/lib/NextPrinter/npd
The second half of the fix to this potential problem is to change the
permissions of directories on the system that are currently owned and
able to be written by group "wheel". The command that will remove
write permission for directories owned and writable by group "wheel"
is below. This command is all one line, and should be run as root.
# find / -group wheel ! -type l -perm -20 ! -perm -2 -ls -exec chmod
g-w {} \; -o -fstype nfs -prune
---
Problem #3 DESCRIPTION: On NeXT computers running any release of the
system software, public access to the window server may be a
potential security problem.
The default in Release 1.0 or 1.0a is correctly set so that public access
to the window server is not available. It is possible, when upgrading from
a prior release, that the old configuration files will be reused. These
old configuration files could possibly enable public access to the window
server.
Problem #3 IMPACT: This security problem will enable an intruder to gain
access to the system.
Problem #3 SOLUTION: If public access isn't needed, it should be disabled.
1. Launch the Preferences application, which is located in /NextApps
2. Select the UNIX panel by pressing the button with the UNIX
certificate on it.
3. If the box next to Public Window Server contains a check, click on
the box to remove the check.
---
Problem #4 DESCRIPTION: On NeXT computers running any release of the
system software, the "BuildDisk" application is executable by all users.
Problem #4 IMPACT: Allows a user to gain root access.
Problem #4 SOLUTION: Change the permissions on the "BuildDisk" application
allowing only root to execute it. This can be accomplished with the
command:
# chmod 4700 /NextApps/BuildDisk
To remove "BuildDisk" from the default icon dock for new users, do the
following:
1. Create a new user account using the UserManager application.
2. Log into the machine as that new user.
3. Remove the BuildDisk application from the Application Dock by dragging
it out.
4. Log out of the new account and log back in as root.
5. Copy the file in ~newuser/.NeXT/.dock to /usr/template/user/.NeXT/.dock
(where ~newuser is the home directory of the new user account)
6. Set the protections appropriately using the following command:
# chmod 555 /usr/template/user/.NeXT/.dock
7. If you wish, with UserManager, remove the user account that you created
in step 1.
In release 2.0, the BuildDisk application will prompt for the root password
if it is run by a normal user.
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
CONTACT INFORMATION
For further questions, please contact your NeXT support center.
NeXT has also reported that these potential problems have been fixed in
NeXT's Release 2.0, which will be available in November, 1990.
Thanks to Corey Satten and Scott Dickson for discovering, documenting, and
helping resolve these problems.
Edward DeHart, Computer Emergency Response Team/Coordination Center (CERT/CC)
Software Engineering Institute, Carnegie Mellon University Pittsburgh, PA
15213-3890 E-mail: [email protected]
Telephone: 412-268-7090 24-hour hotline: CERT personnel answer
7:30a.m.-6:00p.m. EST, on call for emergencies other hours.
Past advisories and other information are available for anonymous ftp
from cert.sei.cmu.edu (128.237.253.5).
------------------------------
Date: Wed, 03 Oct 90 14:40:57 PDT
From: Jeff Johnson <[email protected]>
Subject: Fair Information Principles
This is a summary of the Fair Information Principles, excerpted with permission
from an e-mail message sent by Marc Rotenberg, directory of CPSR's Washington
D.C. office and head of its Computers and Civil Liberties Project.
I thought RISKS readers might be interested.
FAIR INFORMATION PRINCIPLES
The Fair Information Principles were developed by a U.S. Government
Study Committee in 1973, chaired by Willis Ware of the Rand
Corporation. Shortly after the commission released its final report
("Records, Computers and the Rights of Citizens"), Congress passed
comprehensive privacy legislation: the Privacy Act of 1974. Much of
the privacy law that followed the Privacy Act (e.g., the Right to
Financial Privacy Act, the Cable Policy Act, the Electronic
Communications Privacy Act, and the Video Privacy Protection Act) are
based on the Fair Information Principles.
Many other countries follow the Fair Information Principles. Recently
in Paris, European Data Protection commissioners recommended that the
EC 92 charter include mandatory provisions for the enforcement of Fair
Information Principles across all European countries.
These are the Principles:
1. There must be a way for a person to prevent information about the
person that was obtained for one purpose from being used or made
available for other purposes without the person's consent.
2. There must be no personal data record-keeping systems whose very
existence is secret.
3. There must be a way for a person to find out what information about
the person is in a record and how it is used.
4. There must be a way for a person to correct or amend a record of
identifiable information about the person.
5. Any organization creating, maintaining, using, or disseminating records of
identifiable personal data must assure the reliability of the data for their
intended use and must take precaution to prevent misuses of the data.
Jeff Johnson, HP Labs
------------------------------
Date: Mon, 1 Oct 90 11:30:28 PDT
From: [email protected] (Tim Wood at home)
Subject: Television rating (nee universal listening) device
Found in the Oakland Tribune "Patents" column, Oct. 1, reprinted from
The New York Times:
In search of a more accurate way to measure television and
radio audiences, a small company in Chicago has patented a
pocket-sized device that silently monitors and logs the
programs a person listens to.
The battery-powered device is based on "acoustic matching."
[this term is not precisely defined] ... [A] microphone senses
sounds near the person being monitored and a microprocessor
converts these sounds into a digital code.
... Users would place the monitoring devices on
battery chargers when they go to bed. The battery charger
would be connected to a telephone line, enabling the device to
transmit the day's data to a central computer at the audience
measurement company.
Hope all of your RISKS alarms are ringing as loudly as mine are. The
frightening prospect of creation of libraries of users' private sounds
comes to mind. As does the funny, if Machiavellian, image of public
broadcasting of these sounds, a la the tryst between Majors Hoolihan
and Burns in the movie "MASH."
This development is interesting in light of (what I see as) a duality
in society`s view of high tech of simultaneous infatuation and distrust.
Hopefully the latter view will be applied to the new device.
-TW
------------------------------
Date: Thu, 04 Oct 90 11:56:40 PDT
From: Ed Hall <[email protected]>
Subject: From under a Rock???
I've been loosely following the various ``subliminal message'' lawsuits which
have been winding their way through the courts recently. These are
product-liability suits alleging that subliminal messages in rock music have
driven people to suicide. One such case, against British group Judas Priest,
was recently dismissed. Another against Ozzy Osbourne is now pending.
There is a computer RISK here. According to today's Los Angeles Times:
... Sound Analyst Evans [a lecturer at Univ. of Nevada with
masters degrees in physics and computer science] said she had
spent about a month analyzing audio subliminal messages
allegedly implanted on the "Blizzard of Oz" cassette using the
same home-computer software package employed in the Judas Priest
case. ...
I can only guess at what this "home-computer software package" is. (If
anyone has additional information about it, please let me know). One
thing I'm sure of, however: it hardly affords an accurate model of human
auditory perception (unless its author has managed to leapfrog what
would no doubt be decades of neurophysiological research). Its use in
court no doubt arises from the persisting association of The Computer
with unchallengeable accuracy and authority.
I foresee nothing but trouble in the interaction between the notion of
"subliminal messages" (whether auditory or visual) and the increasing
capability for computers to perform extensive signal processing--whether that
"processing" is meaningful or not. As the recent "Face on Mars" flap
illustrates, people will see (or hear) just what they want to see (or hear),
given the tools to create "evidence". Computers greatly enhance the power for
self-delusion.
-Ed Hall, [email protected]
[Disclaimer: This all is my personal opinion ONLY.]
------------------------------
Date: Tue, 2 Oct 90 08:21:10 -0700
From: John M. Chapin <[email protected]>
Subject: Operation Sun Devil invades the InterNet?
I found the following posting on alt.sex.pictures.d. It is probably a hoax; in
particular, the "National Computing Defence Council" reference seems to be a
mistaken attempt to implicate the NCSC. If not a hoax, the RISKS here are
appalling. If this is a hoax, the RISK is that a climate of fear, created by
government use of computer monitoring, makes such hoaxes believable and hence
can limit the exercise of individual liberties.
Background: over the last year or so, sites offering X-rated bitmap archives
for anonymous FTP have been under increasing pressure to remove public access
to the files. This message refers to one such site, the MARS bbs, that
recently caused a spate of complaints by removing access to its bitmaps. "Gif"
is a popular format for the interchange of bitmap data. The "bogus NSF story"
refers to a very real letter, sent to many archive administrators by an
individual within the NSF, threatening cutoff of funding due to illegal
non-academic use of the InterNet.
-John Chapin ([email protected])
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
From: [email protected] (Michael Packer)
Newsgroups: alt.sex.pictures.d
Message-ID: <[email protected]>
Date: 1 Oct 90 15:09:20 GMT
...this is a message that a friend of mine got off of their BBS:
[= copy of message =]
Posted By: lush (Ed Luke)
~Date: Sat Sep 29 21:54:03 1990
~Title: The story about the GIF files.
Ok, since everyone has been asking about the gif files, here's the story of
what happened with the gifs... It seems that the secret service under
direction of Pres. Bush is on a campaign against computer crime. You've read
about some of this probably. It's called Operation Sun Devil. Some of the
older users will remember when this bbs was called the Pirates Resource BBS and
was on athena.ee.mssate.edu. Well we eventually got shut down in a fashion
similar to that of the victims of operation sun devil. However, in our case,
since we were such an allegedly large center for computer criminal activity,
the Secret Service, along with the National Computing Defence Council decided
to conduct an ongoing investigation. If you want to catch mice, you don't just
plug their holes. You lay traps. Well they allowed us to set up again at mars
on the strict requirement that we would do strict accounting. We have been
keeping records of every (timestamped) upload and download that's been made to
this board. In addition, in hopes of cooperating with the Feds for obvious
reasons, I instituted the monitoring system software on mars. When anyone did
an ftp it logged the date, did a finger on the system that was connecting and
snarfed up the userid via ftp protocol and made a complete record of all files
downloaded and uploaded. Also, users that download files from the bbs had the
machine name they were connecting to, and any other evidence collected in a
similar manner. After enough information was collected, we gave them the reams
of data files and removed the gifs, giving y'all the bogus NSF story. So there
it is. The GIFS and GL's aren't the biggest part of the story, but they are
illegal in some states and the FCC has been interested in cracking down on
computer obscenity for a long time. I can't say I like it, but that we have to
live with it.
Ed Luke
------------------------------
End of RISKS-FORUM Digest 10.47
************************
X-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-X
|
|
