precedence: bulk Subject: RISKS DIGEST 19.73 RISKS-LIST: Risks-Forum Digest Sunday 10 May 1998 Volume 19 : Issue 73 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at http://catless.ncl.ac.uk/Risks/19.73.html Contents: Defeat New Copyright Legislation (Simson L. Garfinkel) Woman tackles 'deadbeat-dad' glitches (PGN) Once again, I'm risking my life flying (Bob Frankston) Microsoft Year 2000 Compliance (Simon Waters) Microsoft using Y2k to force sales? (Bob Dubery) Dutch ISPs forced by law to provide built-in wiretapping possibilities (Sander Tekelenburg) CompuServe Germany indicted for forwarding porn (Klaus Brunnstein) C-Guard system jams cellular communications (CrACKeD) More on limited-number risks: GPS, D10K (R. Geoffrey Newbury) Computer glitch turns traffic ticket into sex conviction (PGN) 102-yr old gets a birthday card for 2-yr olds (Mark Corcoran) France 98 Cup Tickets (Mike Ellims) Fidelity Investments PIN procedure hollow (Mark Seecof) REVIEW: "Privacy on the Line", Whitfield Diffie/Susan Landau (Rob Slade) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Thu, 7 May 1998 23:27:53 -0400 From: "Simson L. Garfinkel" Subject: Defeat New Copyright Legislation [This is Simson's article in *The Boston Globe*, 7 May 1998. PGN] Two bills that are up for a vote in the House of Representatives could seriously jeopardize the right of Americans to read in the next century. The backers of these bills say that the legislation is necessary to protect the interests of creative individuals and publishers in the digital age. But the legislation goes further by allow publishers to repeal the "fair use" provisions of today's copyright law and creating a whole new category of intellectual property. The first bill, strongly backed by the Clinton Administration, is the "WIPO Copyright Treaties Implementation Act," (H. R. 2281). This bill is designed to implement sections of the World Intellectual Property Organization treaty that was adopted back in December 1996. The bill creates a new kind of crime in US law, the crime of "circumvention." It's a kind of crime that one would expect in George Orwell's 1984, rather than in the America of the next century. H.R. 2281 is being supported by big publishing interests including Time Warner, Viacom, the Motion Picture Association of America, and Microsoft. These organizations are terrified by the way computers and digital networks make it easy to copy books, songs, videos and computer programs. For years these groups have tried to stop illegal copying with copy-protection systems. H.R. 2281 would make it a crime to subvert these systems for any purpose whatsoever. The problem with this legislation, says Adam Eisgrau, Legislative Counsel of the American Library Association's Washington Office, is that many publishers are likely to use copy-protection systems to restrict activities that are otherwise lawful. For example, many web sites on the Internet today as you to register with your name and e-mail address before you can view the information that they contain. A substantial number of people bristle at this notion, and they have figured out ways to circumvent the registration process. Under the legislation, these people could be sued and awarded $200 to $2,500 in statutory damages for each web page that they viewed. And its not just consumer groups that are upset about the legislation. As it currently exists, the legislation would make it a felony for engineers to open up competing products and see how they work--- "something that is essential for achieving interoperability in the industry," says Lowell Sachs, the government affairs representative of Sun Microsystems. "So far, the House has failed to focus upon the very real threat that its actions could pose to competition and innovation in the United State." The criminal provisions of H.R. 2281 apply even if the offender is legally entitled to the information that is under copyright management control. For example, the Supreme Court has ruled that individuals have a right to record movies off the air and view them at a later time. Nevertheless, the film industry doesn't want us to make our own tapes---they want us to buy pre-recorded tapes. In the future, the film industry might create a new copyright protection system that prevents home taping off the Internet unless a person pays an additional fee. Under the proposed legislation, a person who circumvented this new copy-protection system and made their own legal home copy would nevertheless be guilty of circumvention, and potentially subject to a fine of $500,000 and 5 years imprisonment for the first offense. The author of the bill "are very clever," says Adam Eisgrau. "They don't repeal the legal basis of fair use," which would create a huge political outcry. Instead, the legislation "creates a new law which makes fair use impossible to exercise, unless the appropriate price is paid." And that's not Fair Use at all. The second bill that should give lawmakers pause is H.R. 2652, the "Collections of Information Antipiracy Act." This law, if passed, would give legal protection to the contents of databases over and above what is provided by today's copyright law. The database law finds its genesis in a 1991 Supreme Court decision, Feist Publications, Inc. v. Rural Telephone Service Co., in which the Court ruled that the factual information in a telephone white pages---a large database of names, addresses and phone numbers---cannot be copyrighted. This decision is one of the key factors responsible for the proliferation of "white pages" services on the Internet like Switchboard.COM. H.R. 2652 would basically overturn the Feist decision, making it a crime to extract date from a "collection of information" and use it in a way that harms the real or potential economic interest of the collection's owner. One of the fundamental problems with this bill, says the EFF, is that there's no limit to the kind of information that can receive protection once it is put into a databank. In particular, government information and information that's in that's already in the public domain could be dropped into a computerized databank and then receive new, copyright-like protections. And the Act doesn't have any exemptions for "fair use." So how could all of this impact on our right to read? Just ask Richard Stallman, founder of the Free Software Foundation. In his story "The Right To Read," Stallman argues convincingly that new restrictions on information will ultimately force people to pay for every book and article that they read, whether they are at home, at work, or at school. Stallman's story is a science fiction parable in which one college student risks imprisonment by lending his computer to his girlfriend and telling her his password---in effect, giving her access to books that he has licensed for himself. "Dan knew she came from a middle-class family and could hardly afford the tuition, let alone her reading fees. Reading his books might be the only way she could graduate," Stallman writes. You can find the entire story at http://www.gnu.org/philosophy/right-to-read.html Indeed, if you want find out more about these issues, there's no better place to turn than the Web. A group opposed to the legislation called the Digital Future Coalition has put together a website at http://www.dfc.org/ explaining the problems. Meanwhile, a group of publishers have banded together and created their own competing group, the Creative Incentive Coalition. You can find its website at http://www.cic.org/. Finally, you can download the full text of these bills from the Library of Congress's Thomas system at http://thomas.loc.gov/. But hurry, while you still have a right to read. ------------------------------ Date: Mon, 4 May 1998 13:34:23 -0500 From: "Peter G. Neumann" Subject: Woman tackles 'deadbeat-dad' glitches Danny Woodall was pursued by West Virginia for seven years because the state had falsely tagged him as a deadbeat dad, according to OSCAR, their $20M Online Support Collections and Receipts system. Finally, his wife Lisa implemented software that debunked OSCAR. She proved that the state actually owed her husband money. She has now started a company called Support Scrutiny to help out in other similar cases. In June 1997, a legislative audit found that almost one-third of the West Virginia Child Support Enforcement Division's files contained incorrect data. Those errors led the agency to wrongly collect about $1.7 million from 3,788 parents during the 1995-96 fiscal year, the auditors say. [Source: *USA Today*, 2 May 1998, PGN Abstracting] ------------------------------ Date: Thu, 7 May 1998 21:27 -0400 From: Bob_Frankston@frankston.com Subject: Once again, I'm risking my life flying Caveat: I'm not an expert on avionics. My interest is in creating resilient distributed systems.... I just walked off a DC-10 that had mechanical problems was delayed. The 757 I'm on is racing it to Interop at the moment. DC-10 was already an hour late getting from the hanger to the gate due to either traffic problems (within O'Hare) or a cargo door problem. But the new problem is (was) a bad compass. The third compass on the plane had to be replaced due to FAA rules. After all, we can't take any risks, can we? I asked the crew whether they could travel without it and rely on a GPS. Of course, a DC-10 has no GPS! Not surprising given the age of the plane. But what is of concern is that they couldn't just go out to the store, buy a GPS, and place it in the cockpit.. As a passenger, when I bring my GPS and PC, I've got technology far far ahead to the technology on the plane. Technology to which two hundred (whatever a full DC-10 holds) trust their lives! On the other hand, if both of the other two compasses did fail, there are still lots of ground systems that can find the plane and bring it to a nearby beacon (it is cloudy, so they can't just get out their road maps). I was already thinking about these issues after talking to the crew (while waiting for the plane to appear out of the mists at the gate) about the 727 which has even more primitive avionics. The reason that the systems can't be upgraded is that the whole plane would have to be recertified as a new aircraft. There is something very wrong here. The engineering practices that are supposed to assure our safety seem to work to assure our lack of safety. I can understand the historic necessity of treating the airplane as a single tightly interconnected system. There wasn't the luxury of giving the electronic systems enough capability to act autonomously. I presume, though, that the mechanical systems try to be independent-enough to reduce the propagation of failures. But, if we think about the simple example of just placing a GPS in the cockpit and allowing the airplanes computer to use the data we have a very different model. Of course, the navigation system should fully trust the GPS and must do some reasonable checks as well as cross-check with other sources. If the GPS fails, then it would compensate. Yes, there can be strange systemic interactions. But, instead, we have a situation that assures lousy navigation rather than permitting improvements when available. Understanding how to build such resilient distributed systems is still in the challenge category. But the Web is a very good example. I see the technology growing more due to hacking than design. Effective hackers work against the constraints of others and are thus forced into being tolerant of other's mistakes. Most will get it wrong, but I'd rather a pilot just put a GPS in the cockpit even if not interconnected, than having to get out the sextant for each flight. ------------------------------ Date: Sat, 9 May 1998 10:30:24 +0100 From: Simon Waters Subject: Microsoft Year 2000 Compliance The big risk here is what the site does not tell you. http://www.microsoft.com/year2000 When the resource centre was announced Windows NT 3.51 was listed as not having completed testing! "Compliant with issues" was identified by PGN as involving some trivial issues, but it also may mean that the application (or OS) may not accept 29/02/2000 as a valid date for data input. On a lighter note, Excel is quite happy to believe there is a 29/02/2000, because it believes there is a 29/02/1900, allegedly to be compatible with LOTUS 1-2-3. Back to misc.survivalism for TEOTWAWKI... ------------------------------ Date: Thu, 07 May 1998 19:10:56 GMT From: elvis@theking.org (Bob Dubery) Subject: Microsoft using Y2k to force sales? (Re: Stalzer, RISKS-19.69) > Perhaps Microsoft's real objective is to force everyone to upgrade next > year -- thereby turning the Y2K problem into a profit opportunity. There's going to be a lot of that going on. Here in South Africa we have a couple of locally developed off-the-shelf accounting packages that have achieved good market penetration. Usually you have the option of buying the package with a support contract, or buying just the package. If you got the second route it can be a case of flying solo, but usually the user contracts with a 3rd party for support. Now the developers of one of these packages have admitted (almost advertised) that their product has a Y2k bug. They will provide an upgrade that corrects the problem, but only to people who have a support contract with the development house (not a 3rd party support agent) and who can produce installation disks and an invoice to prove purchase of the product from an approved vendor. This is not just about forcing the owner of the software to buy a support contract - it's also about cocking a snook at people who have illegal software. The question is this: Is this a responsible attitude or not? Say Microsoft adopt a similar policy... Yes, they may make a point to people using pirated software, but imagine the number of businesses that might fold, and the domino effect of that. The e-mail address in the headers is bogus :-) to mail me unknot megapode@KNOTglobal.co.za ------------------------------ Date: Wed, 6 May 1998 07:06:13 +0200 From: Sander Tekelenburg Subject: Dutch ISPs forced by law to provide built-in wiretapping possibilities I was just informed by my ISP that the dutch parliament just passed a law that forces ISPs to 'make it easy' for police to tap consumers on-line. Apparently The Netherlands have chosen for the more then dubious honour to be the first to pass such legislation. See (dutch), and (Englisho). Tomorrow's election day. Guess who I won't be voting for. Sander Tekelenburg, Web site at ------------------------------ Date: Sat, 9 May 1998 11:48:38 +0200 From: Klaus Brunnstein Subject: CompuServe Germany indicted for forwarding porn German media report that, after a year-long analysis by a Bavarian state attorney, a former manager of CompuServe Germany has been formally indicted before a Bavarian court for having made pornographic information available to German subscribers. Possession and distribution of pornographic information is strictly forbidden by German criminal code. According to these reports, the CompuServe manager argues for his defence that the German subsidiary of CompuServe has no control whatsoever over content transmitted from USA. The background of the related case has been controversially discussed here and overseas (some members of the FFI anti-censoring movement have even censored messages of the author of this report concerning backgrounds of this case :-). Evidently, the Bavarian state attorney regards this case as pilot trial to test applicability of the "traditional" anti-pornographic regulations to Internet. Very likely, the case will need technical expertise to answer technical questions such as: was the content anywhere on German territory (where German legislation applies undoubtedly) stored so that CompuServe had a chance to analyse the stuff to exercise its legal responsibility for protecting customers from criminal material. Very likely, there will again be a discussion whether such stuff (rated criminal in German law) should be freely accessible e.g. "for adult usage" - which implies changing criminal law. Klaus Brunnstein (University of Hamburg, May 9,1998) ------------------------------ Date: Mon, 4 May 1998 22:03:12 -0700 (MST) From: CrACKeD Subject: C-Guard system jams cellular communications This seems to me like a classic case of two wrongs (not) equaling a right. Preventing someone from using their cellular telephone, possibly even without their knowledge, will likely end up causing more problems than it solves. If the only reason for suppressing/jamming cell phone traffic is to eliminate unwanted ringing noise, while possibly preventing emergency communications from going through, this "C-Guard" system looks like a not-so-great idea. Using "C-Guard" in a hospital environment where cellular telephones may interfere with medical equipment almost makes it seem beneficial, but considering how critical cellular communications can be in that type of environment, perhaps not. If this or any system like this is implemented into a public area it will bring with it enormous risks, mostly because it will be virtually impossible to warn everyone who carries a cellular telephone that important/emergency communications will not be possible. [The TechWeb article, Israeli Firm Combats Nuisance Cell Phone Traffic, by Neal Sandler, TechWeb, 22 Apr 1998, is at http://www.techweb.com/wire/story/TWB19980422S0006 . PGN] ------------------------------ Date: Fri, 08 May 98 16:22:26 -0500 From: "R. Geoffrey Newbury" Subject: More on limited-number risks: GPS, D10K Further to a comment I previously made about the GPS system, it appears that the problem is limited to some older GPS receivers. The problem is in the receiver's software in that it might not know how to handle a rollover on the 'week' counter from 1023 to 0 on August 21, 1999. The actual GPS satellites have no problem according to the Coast Guard web-site. All recent (4-5 years?) GPS receivers are ok. That leaves, of course, the older (more expensive) units in aircraft.....The FAA is concerned.... Further information at http://vancouver-webpages.com/peter/ Also I thought you would be interested in the following article from the Financial Post, bylined from the Financial Times: Surging Dow poses five-digit danger 5 May 1998 The Financial Post [Re: D10K for the Dow Jones Industrial Average hitting 10,000: * Triggering automatic buy/sell programs... * Effort to fix dominated by Y2K... * Etc. PGN Extremely Stark Abstracting.] R. Geoffrey Newbury, Barrister and Solicitor, Toronto, Ontario, Canada 416-362-4048 newbury@io.org ------------------------------ Date: Mon, 04 May 98 08:16:35 EST From: Neumann@csl.sri.com Subject: Computer glitch turns traffic ticket into sex conviction BOZEMAN, Mont. (April 29, 1998 1:55 p.m. EDT) -- Cody Johnston is suing a weekly newspaper and the court system for libel after a computer glitch transformed a report of a traffic ticket into a conviction for deviate sexual conduct. Johnston had been fined $195 for a commercial trucking weight violation. But the list given to the newspaper contained the sex charge, which covers homosexual acts and bestiality. [Source: *Nando Times of Japan (www.nando.net), courtesy of Keith Rhodes. PGN Abstracting] ------------------------------ Date: Fri, 08 May 1998 15:50:16 +0000 From: Mark.Corcoran@softel.co.uk Subject: 102-yr old gets a birthday card for 2-yr olds The Mail on Sunday (03-MAY-1998) reports that Health officials in Dumfries, Scotland, have apologised for a computer error that sent a local citizen a birthday card designed for 2yr olds, with the message "Brush your teeth every day". The citizen is 102, and doesn't have any real teeth left. Same old story, just a different day... It'd be mighty interesting however to see what happens to computerised records for people who are going to be 100 in the year 2000 though... Mark Corcoran, VMS Systems Manager, Teletext Dept.,Softel Ltd. +44 (0)118 984 2151 PSImail: 234273400398::MARK ------------------------------ Date: Sun, 3 May 1998 18:47:50 +0100 From: Mike Ellims Subject: France 98 Cup Tickets The phone system in Britain coped well with the expected demand, or rather was set up not to cope by British Telecom. Expecting a surge of calls for tickets, BT set the system up to reject most calls to the ticket number once a threshold had been passed. Deliberate degradation of the system to one specific number. The main problems seems to be angry people and broken dreams. One man got though after 4 hours, ordered the tickets he wanted only to find that his credit card (Delta) isn't accepted in France... Mike Ellims - Pi Technology - mike@pires.co.uk www.pi-group.com - +44 (0)1223 441 256 [Also commented on by Lindsay Marshall. Also, report of similar problems in The Netherlands from Malcolm Gillies. PGN] ------------------------------ Date: Thu, 07 May 1998 22:14:50 -0700 From: marks@writ.com Subject: Fidelity Investments PIN procedure hollow When I tried to access the secure area of Fidelity Investments' Web site to mess with my IRA account, I was deflected onto a page saying my account was blocked, and I should telephone customer service. Happily, Fidelity answers the 'phone at 9:30 PM and their representative told me many things. First, they "block" accounts when 3 login errors have accumulated--which happens easily over time. The rep guessed correctly that I didn't access my account very often since it had not been blocked in more than a year. Second, after a short quiz (more on this below) they will "unblock" the account immediately, but this action *clears the PIN* forcing one to choose a new PIN. One may choose a new PIN immediately. One may use the new PIN right away. The quiz seems formidable, but really affords no security. One must provide one's name, SSN, birthdate, and Fidelity account number. The first three are public information (particularly in those states using SSN as drivers-license number), and the last is printed on every statement Fidelity sends one. Fidelity offers neither password security nor call-back confirmation. I ask the rep to "unblock" my account but leave my previously- chosen PIN in place (that being the only secret Fidelity and I shared!). Not possible, I was told. I discussed my concerns with the rep (she wasn't too busy, and offered to forward my comments to some responsible person inside Fidelity). She told me that she had asked me for "four authenticators." When I pointed out their worthlessness, she told me that my real protection lay in their policy of (a) sending me a notice by (paper) mail that my PIN had been changed, and (b) guaranteeing the status-quo-ante of my account up to US$ 1.0e6 if I could convince them someone else had accessed it fraudulently. I give Fidelity high marks for customer service availability. I give them low marks for security. Their "blocking" criterion guarantees frequent PIN changes, probably desensitizing customers to PIN-change notices. Their security quiz is a joke. They will not establish password or call-back security for customers even by special request, which means that they do not share any secrets with customers that they could use to authenticate phone calls. Worse, their "blocking" scheme puts crackers in control--they can get the account "blocked" without knowing the PIN, get it "unblocked" without knowing the PIN, and set a new PIN without knowing any secrets, not even the old PIN. Then they can mess with an account, leaving the true owner the little chore of proving fraud to Fidelity before he will be made whole. It would be very easy for Fidelity to fix up their system; I hope they do. At a minimum, they should permit customers to establish secret passwords to authenticate PIN-change requests. Mark Seecof ------------------------------ Date: Tue, 5 May 1998 08:35:39 -0800 From: Rob Slade Subject: REVIEW: "Privacy on the Line", Whitfield Diffie/Susan Landau BKPRIVLN.RVW 980301 "Privacy on the Line", Whitfield Diffie/Susan Landau, 1998, 0-262-04167-7, U$25.00 %A Whitfield Diffie %A Susan Landau %C 55 Hayward Street, Cambridge, MA 02142-1399 %D 1998 %G 0-262-04167-7 %I MIT Press %O U$25.00 +1-800-356-0343 fax: +1-617-625-6660 manak@mit.edu %P 342 p. %T "Privacy on the Line: The Politics of Wiretapping and Encryption" This seems to be the year for privacy. Hard on the heels of "Technology and Privacy" (cf. BKTCHPRV.RVW), "The Electronic Privacy Papers" (cf. BKELPRPA.RVW), and the related "Borders in Cyberspace" (cf. BKBRDCYB.RVW) comes this volume. Given the emotional content with which the encryption debate has been loaded in recent years, it is important that the introduction, in chapter one, is a neutral and even-handed look at the background of the discussion, presenting the issues on both sides, although little of the case for either. Specific references may be from the United States, but the arguments made are generic enough to be considered by all audiences. Chapter two gives an overview of cryptography, which is, of course, excellent. Not only does it explain the importance of keys and cryptographic strength, but it also gives insightful analysis into business and social factors in the development of the field. Cryptography and public policy, in chapter three, is restricted to developments within (and related to) the US, but looks at all types of issues, both technical and not. Chapter four discusses national security with a quick but clear and thorough overview of the various aspects of intelligence gathering, particularly communications intelligence. There is also brief mention of information warfare. Much of the heat in the current debate about encryption restrictions involves law enforcement. (References are frequently made to drug and child pornography rings.) Therefore, the brevity of chapter five is disappointing. The content, however, is not. It builds a solid framework for the topic, and notes an instructive difference in effectiveness between wiretaps and other electronic bugs. Chapter six is again specific to US history, reviewing activities both in support, and destructive, of privacy. Chapter seven deals specifically with wiretapping technology, activities, and legality in the US. Much of the material in the chapter has been at least touched on previously, and there is noticeable duplication. There is less duplication in chapter eight's discussion of the current communications scene, although little new material. The same is not the case with current cryptography in chapter nine, providing brief backgrounds of the myriad efforts being made to disseminate and suppress encryption capabilities. The conclusion, in chapter ten, seems to come down on the side of opening encryption development and distribution. An extensive, possibly exhaustive, bibliography is a major resource in the book. The thorough research, even tone, and informed analysis make this work an excellent foundation for discussion. It does not, however, provide much in the way of direction. That the authors should tend to support the dropping of restrictions on cryptography is not surprising, but such support is neither strong nor impassioned. copyright Robert M. Slade, 1998 BKPRIVLN.RVW 980301 ------------------------------ Date: 31 Mar 1998 (LAST-MODIFIED) From: RISKS-request@csl.sri.com Subject: Abridged info on RISKS (comp.risks) The RISKS Forum is a MODERATED digest. Its Usenet equivalent is comp.risks. => SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) if possible and convenient for you. Alternatively, via majordomo, SEND DIRECT E-MAIL REQUESTS to with one-line, SUBSCRIBE (or UNSUBSCRIBE) [with net address if different from FROM:] or INFO [for unabridged version of RISKS information] .MIL users should contact (Dennis Rears). .UK users should contact . => The INFO file (submissions, default disclaimers, archive sites, copyright policy, PRIVACY digests, etc.) is also obtainable from http://www.CSL.sri.com/risksinfo.html ftp://www.CSL.sri.com/pub/risks.info The full info file will appear now and then in future issues. *** All contributors are assumed to have read the full info file for guidelines. *** => SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line. => ARCHIVES are available: ftp://ftp.sri.com/risks or ftp ftp.sri.comlogin anonymous[YourNetAddress]cd risks [volume-summary issues are in risks-*.00] [back volumes have their own subdirectories, e.g., "cd 18" for volume 18] or http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue]. The ftp.sri.com site risks directory also contains the most recent PostScript copy of PGN's comprehensive historical summary of one liners: get illustrative.PS ------------------------------ End of RISKS-FORUM Digest 19.73 ************************