|
Risks Digest 16.75
NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.
RISKS-LIST: RISKS-FORUM Digest Thurs 19 January 1995 Volume 16 : Issue 75
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
***** See last item for further information, disclaimers, etc. *****
Contents: [Here are a few items from the backlog. I'm away.]
Airline schedules in local time (Matthew Kwan)
Car-radio security code nuisance (Daniel P. B. Smith)
Bugs in Digital RAID Storage Subsystems (Andy Ram)
Maryland Emission testing (Paul Peters)
Computers in nuclear plant (WB Whaley via Jonathan_Welch)
Anik E2 redux (Luis Fernandes)
Shaky testing (Mark Stalzer)
Re: Midnight Batch Run Bites (Paul Robinson)
New Risk from the WWW (John MacInty)
RISKS on the World Wide Web (Lindsay F. Marshall)
Criminal hacker arrested in Winnipeg (Mich Kabay)
Phone Phreaking Explored (Steve O'Keefe)
International Cryptography Institute 1995 (Dorothy Denning)
12th Annual ISSA Conference & Exposition (Jack Holleran)
Info on RISKS (comp.risks), contributions, subscriptions, FTP, etc.
----------------------------------------------------------------------
Date: Mon, 9 Jan 1995 11:53:35 +1100
From: Matthew Kwan <[email protected]>
Subject: Airline schedules in local time
Anyone who has received an itinerary from a travel agent knows that airlines
tend to publish their schedules with departure and arrival times expressed
in local time.
While this is little more than an inconvenience for travelers who want
to figure out flight durations, it can become a more serious problem
when the airlines use local times in their internal computer systems
(and inflict these files on third-party software developers!).
A case in point involves an airline who had a flight out of Athens
at 0205 on 25sep94 (local time). Unfortunately, according to the
airline's timezone information, Athens switches from daylight savings
(UTC+0300) to standard time (UTC+0200) at exactly 0300 on 25sep94.
In other words, 25sep94 0205 occurs twice, so when converting this
time to UTC you have a 50/50 chance of being out by an hour.
In our particular case the only risk was that the system would report
the cabin crew working hours as being one hour less than reality, but
the results could potentially be more serious, especially if the
computers at the airport get confused.
mkwan
----------------------------------------------------------------------
Date: Sun, 8 Jan 1995 20:04:39 +0001 (EST)
From: "Daniel P. B. Smith" <[email protected]>
Subject: Car-radio security-code nuisance
I bought a used 1994 Geo Prizm with a factory-installed Delco radio that
claims to have a "theft deterrent." The owner's manual says "the theft
deterrent feature ... can be used or ignored. If ignored, the system
plays normally. If it is used, your system won't be usable if it's ever
stolen. The instructions below tell you how to enter a security code
into the system. If your vehicle loses battery power for any reason,
you must enter the security code again before the system will turn on."
I was tempted to ignore it, but decided, what the heck, I suppose I'd
better use it. Well, of course, I discovered that the previous owner had
entered a security code, and had not removed it when the car was sold.
So if anyone were to leave the car headlights on overnight and drain the
battery (why, no, _I_ certainly couldn't be so stupid as to do that :-) )
the radio would become unusable.
The used-car dealer had no idea what to do, but suggested I call a Chevy
dealer. The Chevy dealer hadn't ever heard of the situation and wasn't
aware the radio had such a feature, and suggested I call a Chevy 800 number.
The Chevy 800 number know nothing, and suggested I call a Delco 800 number.
At every stage, of course, I had to explain the security feature, which
apparently was new to the 1994 model. And at every stage I had to endure
further misunderstandings, because at each stage, they were initially
unable to understand why there was any problem given that the radio worked.
Delco said, "sure, no problem, we'll fax the dealer the directions, a
lot of them don't know about it." I asked how long the fix took and was
told, "it depends how good they are at following directions. If the
radio isn't inoperative yet it's easy, otherwise it gets pretty involved."
I took the car to the dealer. I had a chance to glance at the faxed
instructions but not read them carefully. I have the impression that if
the radio isn't inoperative, removing the security code just requires
entering a complicated, but fixed series of digits and button-pushes.
(A savvy radio thief would have to remember to do this BEFORE
stealing the radio). After it has had power removed and decided to become
inoperative, there is a much longer procedure, involving calling Delco
to get a dealer code, leaving the radio unpowered for a long time, etc.
Later that morning the dealer called me and said, "We think your ignition
lock security system must be interfering with your radio because we tried
your radio and everything works fine, including the cassette player." So
I explained the problem once again. I came by at noon as agreed to pick it
up and was told it would take a little longer, "because we are waiting for
Delco to call us back with a dealer code." When I picked it up, they HAD
removed the old security code (and installed a new one, but they told me
what it was). It had forgotten all the station settings. I suspect that
they either did the complicated procedure when they only needed to do the
simple one, or someone disconnected the radio as part of their
troubleshooting, or someone couldn't resist disconnecting it to see what
would really happen...
What's the RISK? Well, given that people do sell used cars, and that
many people may not even bother to read that part of the manual--
especially if the radio is working--what has been achieved overall is
to take a highly reliable car radio and reduce its life expectancy to
the same as that of a car battery.
Daniel P. B. Smith
[email protected]
----------------------------------------------------------------------
Date: Sun, 08 Jan 1995 20:48:05 -0500 (EST)
From: "Andy Ram, x1783, Hong Kong" <ARAM%[email protected]>
Subject: Bugs in Digital RAID Storage Subsystems
Does any one know anything about reported bugs in the Digital RAID Storage
System ? One tends to hear so much of this bug.. nothing about it ?
----------------------------------------------------------------------
Date: Mon, 9 Jan 95 09:55 EST
From: Paul Peters <[email protected]>
Subject: Maryland Emission testing
The following article appeared in the 8 Jan 1995 Washington Post:
Maryland Delays New Auto Tests
A computer glitch has forced the delay of Maryland's tough new
auto emissions testing program.
The state Motor Vehicle Administration announced Friday
that the start-up of the program would be delayed for several
weeks to fix the problems in the software used to measure
emissions. The MVA had planned to start mailing notices Friday
to about 25,000 ddrivers to get their cars and trucks tested.
"it's not going to start until we're satisfied we can
give a quick and accurate test." MVA Administrator W. Marshall
Rickert Jr. said.
The General Assembly passed the tougher testing program after the
federal government ordered the state to reduce smog.
Comments heard on this topic include the opinion that it might be an
excuse to delay this testing which includes having a state driver test
your car at 55 mph on a dynamometer. The test will be more costly that
the present test and is expected to result in a high failure rate.
----------------------------------------------------------------------
Date: Mon, 09 Jan 1995 08:34:04 -0500
From: Jonathan_Welch <[email protected]>
Subject: Computers in nuclear plant
I read this in comp.os.vms this morning and it made me wonder
just how well this plant in Georgia is managed.
Jonathan Welch VAX Systems Manager Umass/Amherst [email protected]
- - - - -
Newsgroups: comp.os.vms
Subject: VAX 4000 Upkeep/Maintenance
From: [email protected] (WBwhaley)
Date: 9 Jan 1995 06:33:26 -0500
At work recently we just installed a Vax 4000 with 2 model 100's as our
hosts and numerous model 60's, VLC's, and a few model 90's as our basic
system workstations. Approx 20 workstations total along with an assortment
of LAN Bridge 150's / 200's, local segment repeaters all tied together on
thick wire ethernet and fiber optic cable. Its primary use is being our
plant computer for the nuclear power plant I work at, so it is in constant
use. A vast majority of the extra network equipment is for redundancy
being that we hate to loose any plant info/data in case of a failure.
Anyway, I was curious to see what other system users performed on their
systems as regular preventive maintenance and the such being that we are
new to the system. Defrag HD, cleaning bridges/repeaters/servers, host
cpu's, etc. Right now, we are tied to using built in VMS utilities and I
would like your suggestions. I have gotten a good bit of info from the
system managers manual, but wasn't sure if there were any other tricks I
may have missed. VMS is totally new to me, so pardon my simple
description. <G> Any help would be appreciated.
Bill Whaley Augusta, Ga
----------------------------------------------------------------------
Date: Tue, 17 Jan 1995 14:47:07 +0500
From: [email protected].ryerson.ca (Luis Fernandes)
Subject: Anik E2 redux
Excerpts from the July, 4, 1994 Aviation Week and Space Technology follow:
"Telesat Canada engineers have succeeded in a five-month rescue
effort by reestablishing pointing control over the Anik E2
satellite without the use of its failed momentum wheel systems,
thus salvaging a $203-million asset."
This is the first time that a rescue of a geosynchronous, 3-axis
stabilized satellite without a serviceable momentum wheel on board has
been successful (other satellites with this type of problem have been
abandoned, in the past). No one is certain why the integrated
circuits in the control systems failed, but it is believed that
electrostatic discharge during an intense solar storm is to blame.
"...during the five months that the satellite was out of action,
Telesat Canada lost about $15 million. Engineers devised an
alternative pointing system...and installed two entirely separate
ground-based systems for redundancy. A software program developed
by Telesat Canada engineers...keeps track of the satellite in
three axes and calculates adjustments in pointing."
Anik E2 service life will be shortened by one year because of the
extra fuel used in re-positioning the satellite during it life.
----------------------------------------------------------------------
Date: Thu, 12 Jan 1995 11:43:49 +0800
From: [email protected] (Mark Stalzer)
Subject: Shaky testing
In the Jan. 12 LA Times, Pacific Bell, the US Geological Service, and
CalTech, announced an 18 month trial of a new system for measuring the
effects of earthquakes. The system uses sensors placed around
Southern California that relay data to CalTech's computers during
a 5+ magnitude earthquake. The data is reduced to give emergency
crews the location of large ground accelerations so that they
can tailor their responses. (Large ground motion can occur far
away from the epicenter, e.g. Filmore is about 20 miles from
Northridge yet it was severely damaged in the 6.8 quake.)
One interesting issue is testing the system: a 5+ quake is required.
A Pacific Bell official said they would extend the test period if
an appropriate quake doesn't occur. Talk about waiting a long time
for test runs...
Mark Stalzer, [email protected]
----------------------------------------------------------------------
Date: 9 Jan 95 10:16:00 -0800
From: [email protected]
Subject: Midnight Batch Run Bites (Kowalczyk, RISKS-16.71)
Not so many years ago, I needed a certified check from my large Boston-area
bank. I arrived at my branch office at 9:05am, gave a teller appropriate
paperwork to transfer funds from savings to checking, and then had the
necessary incantations performed to transform my normal everyday check into
a certified check. Among other things, this caused the check amount to be
immediately debited from my checking account; but since I'd just requested a
transfer of the necessary amount into checking, the teller did not complain
about the apparent overdraft. So far so good.
Within a week I received an overdraft penalty notice, because my transaction
at the teller window to do the transfer was not processed until after midnight
thus leaving my checking account short that day. I had to show my transfer
receipt, with its 9:05am timestamp, to an actual human before the bank would
clear the penalty.
The incident taught me to avoid teller transactions whenever possible, though,
because the nice human who cleared the penalty told me that all the ATM
transactions were cleared first, before teller transactions, each evening.
A RISK of avoiding new technology??
Paul T. Robinson
[email protected] (NOT the Paul Robinson of [email protected])
----------------------------------------------------------------------
Date: Tue, 17 Jan 95 07:55:55 PST
From: [email protected].com
Subject: New Risk from the WWW
At the end of January middle of February this year Microsoft will be
introducing Internet Assistant. A HTML creater and WEB browser for Word for
Windows 6.0.
The WEB browser will read Word 6.0 documents directly and therefore the risk.
Word documents can come with programming that will activate on opening. While
this has always been a problem document distribution hasn't generally been
widespread until soon from now.
Three types of things I can see happening.
1. Viral type documents. These are documents that will change your
normal.dot and copy itself from document to document.
2. Trojan Horse type 1 documents. These are documents that do something on
opening, like delete files etc....And possible even harmless things.
3. Trojan Horse type 2 documents. Really scary documents that communicate
BACK to the web-server without your knowing it and sending additional
information gleaned from your machine and or network. There are some truly
scary things that could be done with a creative VBA/CGI programmer.
It is unfortunate that these risks exist, because otherwise the ability to
have "programmable" documents on the web is a really cool concept. But
nonetheless risks like these have to be dealt with
John
----------------------------------------------------------------------
Date: Tue, 17 Jan 1995 15:29:07 GMT
From: "Lindsay F. Marshall" <Lindsay.Marshall@newcastle.ac.uk>
Subject: RISKS on the World Wide Web
You can now read the complete RISKS archives on the World Wide Web (apart
from the very earliest issues which will appear as soon as I have hand
converted them...) Individual issues have a file name of the form
volume.issue.html where issues is always a two digit number:
http://catless.ncl.ac.uk/Risks/16.01.html
is the first issue of volume 16. The URL http://catless.ncl.ac.uk/Risks
gives you an introduction page and leads you to the indices for previous
issues. The latest issue can always be found via the URL
http://catless.ncl.ac.uk/Risks/latest
The translation from RISKS to html is automatic so there may be errors.
Please report any that you find to me so that I can fix them. Currently the
text of messages is left as pre-formatted text. I have hand converted issues
16.74 to use the html formatting commands. Any feed back on what people
would like to see and any improvements that I could make will be most
welcome.
Lindsay
MAIL : Lindsay.Marshall@newcastle.ac.uk
URL : http://catless.ncl.ac.uk/Lindsay.html
POST : Dept. of Comp. Science, U of Newcastle, Newcastle upon Tyne, UK NE1 7RU
VOICE: +44-191-222-8267 (FAX: -8232)
----------------------------------------------------------------------
Date: 09 Jan 95 13:35:38 EST
From: "Mich Kabay [NCSA Sys_Op]" <75300.3232@compuserve.com>
Subject: Criminal hacker arrested in Winnipeg
According to a Canadian Press reported printed in _The Globe and Mail_
(955.01.07, p. A4),
Police crack illegal access to Internet
WINNIPEG -- Police have made what they believe is one of
Canada's first arrests for breaking into the Internet....
a 31-year-old man was arrested...after an eight-month police
investigation into illegal access to the Internet computing
system at the University of Manitoba....
...[T]he man will be charged with two counts of unauthorized
use of a computer service....
The article states that the Crackerjack program "was used to decrypt the
access codes of legitimate users" and that the accused is alleged to have
stored stolen software and porn online.
M.E.Kabay,Ph.D.
DirEd/Natl Computer Security Assn (Carlisle, PA)
Mgmt Consultant/LGS Group Inc. (Montreal, QC)
----------------------------------------------------------------------
Date: 18 Jan 1995 17:37:20 GMT
From: [email protected] (Steve O'Keefe)
Subject: Phone Phreaking Explored
HarperCollins has just released MASTERS OF DECEPTION: The Gang That Ruled
Cyberspace, a new book by New York Newsday journalists Michelle Slatalla
and Joshua Quittner. You might recall the book from a cover story in the
December issue of WIRED. Slatalla and Quittner unravel the story of gang
warfare between the Legion of Doom (LOD) and the Masters of Deception
(MOD), a turf battle fought through the phone system that led to one of
the most high-profile hacker prosecutions ever.
Slatalla and Quittner followed the Masters of Deception story for five
years at Newsday. When the WIRED excerpt appeared, their phone service was
hacked and their e-mail attacked by a group calling themselves the
Internet Liberation Front, or ILF. A police investigation is still in
progress.
The authors begin an 8-city tour in New York today. They are planning to
kick off a "cybertour" in February. The book is available for purchase on
Delphi (Online Bookstore) and CompuServe (Go HAR), or at your local
bookstore.The WIRED excerpt is on HotWIRED at the following URL:
http://www.hotwired.com/Lib/Wired/2.12/features/hacker.html
For more information about the book -- including a tour schedule -- please
send e-mail requesting a "digital flyer" to <[email protected]>
STEVE O'KEEFE
Electronic News & Reviews
----------------------------------------------------------------------
Date: Fri, 13 Jan 95 11:25:27 EST
From: [email protected] (Dorothy Denning)
Subject: INTERNATIONAL CRYPTOGRAPHY INSTITUTE 1995
Call for Participation (Deadline: March 15, 1995)
INTERNATIONAL CRYPTOGRAPHY INSTITUTE 1995: GLOBAL CHALLENGES
September 21-22, 1995
Washington, DC
Presented by
The National Intellectual Property Law Institute
The International Cryptography Institute will focus on the cryptography
challenges associated with meeting the information protection needs of
users and the law enforcement and national security needs of nations.
The Institute will address such topics as:
- national encryption policies and regulations
- meeting user needs for information security and data recovery
- meeting law enforcement and national security needs
- national and global encryption markets and product availability
- international approaches and standards
- creating an international cryptography infrastructure
- the use of encryption technologies in different countries
- cryptography in the financial industry and other industries
- legal and policy issues of digital signatures and digital cash
- new developments in encryption policies and technologies
Persons interested in speaking at the conference are invited to submit
a proposal to the Institute Chair:
Prof. Dorothy E. Denning, Chair ICI '95
Georgetown University
Computer Science Department
225 Reiss Building
Washington DC 20057-0997
ph: 202-687-5703, fax: 202-687-6067
e-mail: [email protected]
Proposals must be received by MARCH 15, 1995, and should include the
following:
- Name, title, organization, address, phone, fax, and e-mail address
- Brief biography
- Title of presentation
- Abstract of presentation or paper
- Amount of time requested for presentation and discussion
Notification of acceptance will be made by April 15, 1995. Papers and
materials for the proceedings will be due on August 15, 1995.
Inquiries about registration or the proceedings should be addressed to:
The National Intellectual Property Law Institute
P.O. Box 27913, Washington, DC 20038-7913
ph: 800-301-MIND or 202-962-9494
, fax: 800-304-MIND or 202-962-9495
----------------------------------------------------------------------
Date: Tue, 17 Jan 95 09:46 EST
From: Jack Holleran <[email protected]>
Subject: 12th Annual ISSA Conference & Exposition
Information Systems Security Association (ISSA) is pleased to announce
LEARNING From EACH OTHER,
the 12th Annual Conference & Exposition
to be held
April 2-5 1995 at Sheraton Hotel and Towers
Toronto, Ontario, Canada
The cost is $795 (ISSA Member), $895 (nonmember); Full Day electives $295.
Canadians may pay in Canadian Dollars (same rates!)
Brochure and registration form are available from:
ISSA Headquarters, 4350 DiPaolo Center, Suite C, Glenview, IL, 60025
Phone: (708) 699-6441; fax (708) 699-6369;
or by sending E-Mail to: ISSA @ MCS.COM
The event begins with Pre-Conference Specialty Seminars on Saturday and Sunday
A Welcome Reception and Vendor Exhibition opening will be held Sunday evening
- an excellent opportunity for networking! Each Day then begins with
Registration at 7:30 and continental breakfast and Vendor Exhibition at 8:00.
April 1 - Saturday (Pre-conference Activities)
Four elective Full Day Seminars to choose among
April 2 - Sunday
The First CISSP Examination sponsored by (ISC)2
Two elective Half Day Seminars to choose
7pm Welcome Reception and Vendor Exhibition
April 3 - Monday's Highlights:
Welcome and General Session will include "How to Handle Internal Investigation
and Establish Successful Compliance Programs" by Terry F. Lenzner, a former
member of the Board of Overseers of Harvard University with a broad range of
experiences in public and private legal investigations.
AM Track Choices: 10:30-noon
A1: Gale Warshawsky of LLNL will explore the merits and processes of
Making Computer Security Information Available Electronically
B1: Charles Blauner of Bellcore will Introduce the security issues
involved in the use of Distributed Systems.
C1: Francis Labayen and Kimberly Clair of Andersen Consulting will discuss
LAN Security issues by component, and their corresponding solutions.
D1: Vendor panel: Viruses: an opportunity to see a virus contained and
neutralized, as well as learn from leaders in the field how to avoid
the beasties!
E1: Lessons Learned: Richard Heffernan and William Haywood increase the
participant's awareness of threats to intellectual property from
industrial espionage.
Lunch in the Exhibit Hall
After Lunch Track Choices 1:30-3:00 pm
A2: Rebecca Duncan of DataPro gives a blueprint for effective network
security strategy.
B2: Charles Blauner of Bellcore leads a discussion of OSF Distributed
Computing Environment (DCE) and its security capabilities.
C2: Robert Kane of Intrusion Detections describe Best Practices for
Securing Novell Netware LANs.
D2: Vendor Panel: PC Security Solutions, and the extent of their
effectiveness.
E2: Lessons Learned: Jamie Trainer examines a real world example of
securing a multinational 1400 heterogeneous node network of
workstations and PCs.
Late PM Track Choices: 3:30-5:00 pm
A3: Peter Davis' Manager's Guide to Internet Security
B3: Tsvi Gal, Bank of America; discusses protecting "the network is the
computer."
C3: Ed Blackwell presents "Primer for PBX and Voice Mail Fraud"
D3: Vendor Panel: Disaster Recovery - Business Resumption
E3: Lessons Learned: L. Dain Gary, CMU SEI, Internet Security and CERTSM
Late-Late Birds of a Feather and Committee meetings
April 4 - Tuesday Highlights:
Plenary: Crossroads, by Steven J. Green, University of Houston; application
and development of computer and communications security responsibility with
in the work setting.
AM Track choices: 10:30-noon
A4: Teresa Donatelli and Ann McHoes present a detailed discussion of
Developing a Security Awareness Program
B4: Will Ozier moderates a panel discussion of the activities of the
ISSA GSSP committee in establishing Generally Accepted System Security
Principles.
C4: John Clark, Andersen Consulting discusses risks introduced by Frame
Relay technology.
D4: Vendor Panel; Pros and Cons of Encryption; determining your need for
it.
E4: Sadie Pitcher Department of Commerce Disaster Plans.
Lunch in the Exhibit Hall
After Lunch Track Choices: 1:30-3:00 pm
A5: Charlotte Greig, Wells Fargo Bank; How to get (management's) Attention
for Information Security Awareness Part I.
B5: Allan Cobb, York University; The Architecture of Audit Facility for a
Distributed Application: using OSF DCE in university student
application processing.
C5: Douglas Conorich, RAXCO, Strengths and weaknesses of TCP/IP Network
Security.
D5: Vendor Panel: What a network manager should consider in Distributed
Informations Systems Security Management.
E5: James P. Litchko; Internet Threats and Countermeasures.
Late PM Track Choices: 3:30-5:00 pm
A6: How to Get Attention for Information Security Awareness - Part II
B6: Gary Baker, Ernst & Young; "Distributed Computing and Client Server -
An Auditor's Perspective"
C6: Ed Blackwell, "Value Added Networks Security Pitfalls" Using the
security features provided by VANs.
D6: Vendor Panel: Discuss the security ramifications of network components
(routers, bridges, etc.)
E6: Fred Sanborn, Booz, Allen and Hamilton; Securing the Enterprisewide
Network.
Late-Late Birds of a Feather and Committee meetings 5:00-6:30 pm
Special ISSA Social Event 7-9 pm
April 5 - Wednesday Highlights:
Annual Meeting of The Information Systems Security Association
AM Track choices: 10:30-noon
A7: Alex Woda, "How to Secure, Audit and Control EDI"- a practical
approach. An EDI audit program will available for participants
B7: Colin Rous, Cerberus, "Distributed Computing and Client/Server
Security: What it means for the Security Administrator."
C7: Robert Clyde, RAXCO, "Multi-Platform Enterprise Security Management"
C8: Panel: Security Issues for Electronic Commerce", Loreto Remorca and
David Lyons, moderators.
D7: Vendor Panel: Awareness and Training; ideas and solutions you can
incorporate into your program.
E7: Bart Burron, Auditor General Canada, "A Top Down Computer Security
Assessment for Senior Management."
After Lunch Committee Meetings 1 - 3 pm
April 6 - Thursday: (Elective) CISSP Preparation Course. This session will
assist in preparation for the CISSP exam and explain test contents as well
as the tools and methods for preparation.
Make your room Reservations with the Sheraton, and tell them you will be
attending the 12th Annual ISSA Conference and the rate will be $127 (plus
15%)
For more information call ISSA headquarters (708) 699-6441.
----------------------------------------------------------------------
Date: 22 December 1994 (LAST-MODIFIED)
From: [email protected]
Subject: Info on RISKS (comp.risks), contributions, subscriptions, FTP, etc.
The RISKS Forum is a moderated digest. Its USENET equivalent is comp.risks.
Undigestifiers are available throughout the Internet, but not from RISKS.
SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) on
your system, if possible and convenient for you. BITNET folks may use a
LISTSERV (e.g., LISTSERV@UGA): SUBSCRIBE RISKS or UNSUBSCRIBE RISKS. U.S.
users on .mil or .gov domains should contact <[email protected]>
(Dennis Rears <[email protected]>). UK subscribers please contact
<Lindsay.Marshall@newcastle.ac.uk>. Local redistribution services are
provided at many other sites as well. Check FIRST with your local system or
netnews wizards. If that does not work, THEN please send requests to
<[email protected]> (which is not yet automated). SUBJECT: SUBSCRIBE
or UNSUBSCRIBE; text line (UN)SUBscribe RISKS [address to which RISKS is sent]
CONTRIBUTIONS: to [email protected], with appropriate, substantive Subject:
line, otherwise they may be ignored. Must be relevant, sound, in good taste,
objective, cogent, coherent, concise, and nonrepetitious. Diversity is
welcome, but not personal attacks. PLEASE DO NOT INCLUDE ENTIRE PREVIOUS
MESSAGES in responses to them. Contributions will not be ACKed; the load is
too great. **PLEASE** include your name & legitimate Internet FROM: address,
especially from .UUCP and .BITNET folks. Anonymized mail is not accepted.
ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY.
Relevant contributions may appear in the RISKS section of regular issues
of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise.
All other reuses of RISKS material should respect stated copyright notices,
and should cite the sources explicitly; as a courtesy, publications using
RISKS material should obtain permission from the contributors.
CURRENT ARCHIVES: "ftp unix.sri.com<CR>login anonymous<CR>YourName<CR>
cd risks<CR> or cwd risks<CR>, depending on your particular FTP.
Issue J of volume 16 is in that directory: "get risks-16.J<CR>". For issues
of earlier volumes, "get I/risks-I.J<CR>" (where I=1 to 15, J always TWO
digits) for Vol I Issue j. Vol I summaries in J=00, in both main directory
and I subdirectory; "bye<CR>" I and J are dummy variables here. REMEMBER,
Unix is case sensitive; file names are lower-case only. <CR>=CarriageReturn;
UNIX.SRI.COM = [128.18.30.66]; FTPs may differ; Unix prompts for username,
password; [email protected] and WAIS are alternative repositories.
Risks can also be read on the web at URL http://catless.ncl.ac.uk/Risks
Individual issues can be accessed using a URL of the form
http://catless.ncl.ac.uk/Risks/VL.IS.html
(Please report any format errors to Lindsay.Marshall@newcastle.ac.uk)
FAX: ONLY IF YOU CANNOT GET RISKS ON-LINE, you may be interested in receiving
it via fax; phone +1 (818) 225-2800, or fax +1 (818) 225-7203 for info
regarding fax delivery. PLEASE DO NOT USE THOSE NUMBERS FOR GENERAL
RISKS COMMUNICATIONS; as a last resort you may try phone PGN at
+1 (415) 859-2375 if you cannot send E-mail to [email protected] .
------------------------------
End of RISKS-FORUM Digest 16.75
************************
|
|
