RISKS-LIST: RISKS-FORUM Digest Monday, 28 September 1987 Volume 5 : Issue 40 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Yet another "hackers break MILNET" story (Jon Jacky) Military role for software sabotage cited ... (Jon Jacky) $80,000 bank computing error reported in 'Ann Landers' (Jon Jacky) Add Vice to the Loveworn (Scot Wilcoxon) Concorde tires burst: RISKS without the automatic system (Henry Spencer) Risks of hot computers (Mark Brader) Re: Risks in the Misuse of Databases? (Ross Patterson) [SDI] Simulation (Jerry Freedman,Jr) Re: An Aporkriffle Tail (William R. Somsky) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, nonrepetitious. Diversity is welcome. Contributions to RISKS@CSL.SRI.COM, Requests to RISKS-Request@CSL.SRI.COM. FTP back issues Vol i Issue j from F4.CSL.SRI.COM:RISKS-i.j. Volume summaries for each i in max j: (i,j) = (1,46),(2,57),(3,92),(4,97). ---------------------------------------------------------------------- From: jon@june.cs.washington.edu (Jon Jacky) To: risks@csl.sri.com, mkd@russell.stanford.edu Subject: Yet another "hackers break MILNET" story, some interesting twists Date: Mon, 28 Sep 87 10:53:17 PDT The following story appeared in the paper almost two months ago. Since it hasn't been reported in RISKS before, I thought I would pass it along. It is interesting mainly because of comments by DDN spokesmen and consultants. While taking pains to assure reporters that classified data is not kept on the network, they also made the point that information on MILNET might be useful "in aggregrate" - foreign intelligence agencies could piece together information from diverse sources to infer some classified information. This same argument has been used to justify restrictions on presentations of non-classified material judged "sensitive." I find it interesting that this doctrine is invoked in this case; it mitigates against the usual attempt of the breakin victims to assure the press that the breakin was really no big deal. I think usually it is the press that exaggerates the importance of these incidents, but clearly the blame must be shared here. Incidentally, it appears that the breakins were accomplished by taking advantage of well-known holes in typical Unix security practices that have been explained at length in RISKS, in articles in CACM and lots of other places, probably including THE WEEKLY READER by now. Here are some excerpts from the August 3, 1987, story in THE SEATTLE TIMES, p. A5. It is attributed to NEWSDAY: 'HACKERS MAY HAVE CRACKED PENTAGON COMPUTER SYSTEM' NEW YORK - Young computer users under investigation in connections with recent seizures of equipment and records in Brooklyn and elsewhere have penetrated ... a network of computers used by military researchers and bases - MILNET - that the Pentagon said in 1983 it overhauled to prevent casual breakins and data vandalism. A Pentagon computer specialist, Lt. Col. Taylor Landrum of the architecture and planning group of the Defense Department's Defense Data Network ... said the methods the youths described were plausible ... He and other security experts emphasized that the Pentagon does not keep classified data on the network. But he agreed taht some data on the network was sensitive and could be useful "in aggregate" - by piecing together the work product of many people - to foreign intelligence agencies." ... A 15-year-old West Coast youth who calls himself "Solid State" (said) "They (the Secret Service) told me I was a national security problem. They said I could have comitted treason and stuff." The Secret Service will not comment on the case. (End of excerpts. There was a lot more largely accurate information on the difficulties of network security. - Jon Jacky ) ------------------------------ From: jon@june.cs.washington.edu (Jon Jacky) To: risks@csl.sri.com, ... Subject: Military role for software sabotage cited in big CHICAGO TRIBUNE story Date: Mon, 28 Sep 87 11:16:21 PDT The following story got a full page, with artwork, inside the front section of the Sunday, Sept. 20 1987 SEATTLE TIMES: A NEW BATTLEFIELD: SOFTWARE WARFARE - RISING FORM OF COMPUTER SABOTAGE MAY BE NEXT GREAT MILITARY EQUALIZER by Scott A. Boorman and Paul R. Levitt - Chicago Tribune If members of the John Walker spy ring could betray their positions of trust to the Soviets for nearly 20 years, what could US adversaries do to sabotage- quietly, from the inside - the complex computer programs on which US weapons vitally depend? ... Software warfare - attacking the software that controls or operates such weapons - may be the cheapest, simplest, and most effective way to cripple US defenses. Such sabotage is coming of age as a new type of systematic warfare, which can be waged far removed from space and time from any battlefield to influence not only combat outcomes but also peacetime balances of power ... Given a host of recent US spy scandals, it is easy to envision a computer programmer offering, if the price is right, to add or modify critical lines of software to benefit a hostile country... Given its scale and mission ... it is SDI that merits special scrutiny in light of software concerns. ... The effort to develop and coordinate all the necessary SDI software seems destined to involve several thousand software professionals working alone, working over many years. ... The extreme complexity of SDI software also suggests that significant bugs may be nearly impossible to trace - even after some future software saboteur is caught... Software warfare's relative cheapness .. may make it the next great military equalizer. ... (It) certainly lies well within the grasp of any number of agressive lesser military poweers with the means to buy insiders to plant crippling bugs ... It is vital to bring software warfare into focus in broad arenas of US national security planning. (End of excerpts) The story cited an article by the late Rear Adm. Henry Eccles in the June 1986 Naval War College Review. It did not cite other sources who have mentioned this idea, including David Parnas and the French authors of a thriller titled SOFTWAR that appeared in translation in the USA a few years ago. The article also claims "American teenagers using home computers have developed the capability to alter orbits of commercial satellites, as demonstrated by a recent incident in New Jersey." Surely this must be an exaggeration? - Jon Jacky ------------------------------ From: jon@june.cs.washington.edu (Jon Jacky) To: risks@csl.sri.com Subject: $80,000 bank computing error reported in 'Ann Landers' Date: Mon, 28 Sep 87 10:24:34 PDT The following appeared in the "Dear Ann Landers" advice column in the Seattle Post Intelligencer, Saturday Sept. 26 1987, under the headline, "HERE'S PROOF THAT COMPUTERS CAN GOOF UP." It is interesting for several reasons: the correspondent's apparent prior unfamiliarity with computer bug stories, and the antics of the service people. I pass it along without permission from the newspaper or from Ann Landers: Dear Ann Landers: I've read one too many articles that proclaim "computers don't make mistakes." Five of us would like to challange that statement. We made an audit of one month's business and found that accounts were out of balance by more than $80,000. Everything was on the computer. We worked far into the night and finally discovered that 21 bank deposits were on the printout but the total was dropping one. A programmer was called in. He worked seven days and called another from the home office. They worked another two weeks. They had the original entries re-entered 50 times. More than 150 reprintouts were made, but the same error kept occurring. They admitted it was not a human error. The machine was crated and sent back to the factory. A replacement arrived within days. We were asked not to discuss this matter with anyone. - It Happened in Texas (End of excerpt from 'Ann Landers' - Jon Jacky) ------------------------------ Date: 26 Sep 87 15:50:15 CDT (Sat) From: umn-cs!sewilco@datapg.MN.ORG (Scot Wilcoxon) To: RISKS@csl.sri.com Subject: Add Vice to the Loveworn Three men in Rochester, Minnesota, have been arrested after they telephoned the police for a prostitute. After a family complained that men were calling their new phone number and asking for women, Northwestern Bell agreed to give the number to the Rochester Law Enforcement Center. If a call comes in and a vice team is available, a female officer wired for sound is sent out. Lt. Barry Fritz, supervisor of the vice unit in Richfield, MN, says they have not used abandoned outcall service numbers because of the difficulty of finding such numbers and possible data privacy violations. The above information is from a well-balanced article by Bill McAuliffe in the 9/25 Minneapolis Star Tribune, pg 14B. Scot E. Wilcoxon, Data Progress sewilco@DataPg.MN.ORG +1 612-825-2607 ------------------------------ Date: Mon, 28 Sep 87 18:17:33 EDT From: mnetor!utzoo!henry@uunet.UU.NET (Henry Spencer) To: RISKS@csl.sri.com Subject: Concorde tires burst: RISKS without the automatic system Flight International for Aug. 29 reports that a British Airways Concorde burst five tires on landing at JFK on Aug. 11. Nobody was hurt and no emergency evacuation was necessary, but two engines were later replaced as a precaution because they had ingested debris. (If the Concorde was being designed over again, in hindsight one definitely would not put the landing gear directly in front of the engine intakes!) The interesting part is the reason for the tirebursts: the main hydraulic system was down due to a "minor fault", leaving the brakes on the standby hydraulic system... which has no antiskid control. The disturbing aspect here is that the crew evidently had come to rely completely on the antiskid braking system. Unless, perhaps, the pilots were unaware that they were back to "dumb" brakes -- seems unlikely -- it's disturbing that they made such a drastic error in braking procedure. These were not second-rate pilots, by the way; my understanding is that the Concorde is the most sought-after assignment in BA, and it is likely to have BA's best crews. Henry Spencer @ U of Toronto Zoology {allegra,ihnp4,decvax,pyramid}!utzoo!henry ------------------------------ Date: Sun, 27 Sep 87 05:40:49 EDT From: msb@sq.com (Mark Brader) To: risks@csl.sri.com Subject: Risks of hot computers [sic!] I wouldn't ever pay for a copy of the Toronto Sun, but if I find one abandoned on the subway, I flip through it. In this morning's Sun, I found this rendering of a UPI article: U.S. Computers Snatched Stockholm (UPI) -- Swedish police issued a national alert for two stolen U.S. microcomputers classified as strategic materials, fearing a thief would sell them to Soviet-bloc countries. The two Micro-Wax 2 computers were stolen Saturday from Uppsala University. Mark Brader utzoo!sq!msb [If only Icarus had had one of them! PGN] ------------------------------ Date: Mon, 28 Sep 1987 13:41:11 EDT From: Ross Patterson To: RISKS list Subject: Re: Risks in the Misuse of Databases? [RISKS-5.38] >From: Brint Cooper >Correct me if I'm wrong but isn't this info used merely for the enforcement >authorities to decide where to search for unlicensed TV receivers? They >won't arrest you solely because you're not in the database, will they? I can't speak about the UK, but here in New Jersey, any evidence obtained through such a database cross-match would probably be ruled inadmissable in court. The N.J. Supreme Court has held on several occasions that a search warrant (as would be needed to actually enter a house to find a TV set) cannot be issued on the basis of such "fishing expeditions". Rather, the Court expects the person requesting the warrant to show "probable cause" that a crime has been committed, thus justifying the search. The legal requirements to demonstrate probable cause do not allow generalizations, such as "No persons without a TV License may own a TV set, therefore all persons not owning TV Licenses should be searched." The preferred form is to limit the request to those suspected of committing a crime, as in "No persons without a TV License may own a TV set, therefore all persons whose homes openly sport a TV antenna and who do not own a TV License should be searched." This, of course, means that the database cross-match provides the police with no additional homes to be searched, since they still must identify the homes in question by some criminal criteria. >What's the alternative? When we uncover risks or abuses in the use of >computer systems, we are obliged to compare these with the risks or abuses >in accomplishing the same job without computer systems. The only effect of >the automated databases is to help find unlicenced TV sets more quickly than >by searching manually. In either case, some number of such sets will be >found. Only the numbers differ. More important is the ability to derive a new datum from the conjoining of existing data. Specifically, the cross-matching of a list of all addresses in Berlin with a list of all Christians in Berlin would yield a list which would contain all Jews in Berlin. This is a far more efficient method of locating groups of people that Hitler had at his disposal, and as you say, provides quicker results than by searching manually. Only the numbers differ. Before the flamers start complaining about the use of loaded terms, my point is that ethics and social responsibility, while largely ignored in computing to date, are rapidly becoming critical to our continued survival as a planet and a race. Ross Patterson, Rutgers University ------------------------------ Date: Mon, 28 Sep 87 13:57:38 EDT From: jfjr@mitre-bedford.ARPA (Freedman) To: Neumann@csl.sri.com [For RISKS] Subject: [SDI] Simulation (RISKS-5.39) I was/am quite offended by the use of my letter out of context to advertise the uncertainty of star wars. I said nothing about SDI itself nor about my beliefs. All I was talking about were detailed problems in a distributed simulation. That letter was part of a larger discussion. Taking what I said out of context, and making assumptions about my perceptions, judgements and opinions on the real thing and then indicating surprise and indignance over the result is intellectually dishonest and unfair. I think the issues raised by SDI are important enough not to need this sort of puerile potboiling. Jerry Freedman,Jr ------------------------------ To: comp-risks@princeton.edu From: wrs%pupthy2@princeton.edu (William R. Somsky) Subject: Re: An Aporkriffle Tail [On the detection of bogus mail site names] Date: 29 Sep 87 01:38:54 GMT Organization: Physics Dept, Princeton Univ Of course the site "IPFRCVM" must be ficticious! There might be an "Iowa HOG Farm Research Center" but never an "Iowa PIG Farm Research Center"! :-) "Billy Bob" Somsky - A transplanted Iowan William R. Somsky Physics Dept ; Princeton Univ wrs@pupthy.Princeton.EDU PO Box 708 ; Princeton NJ 08544 ------------------------------ End of RISKS-FORUM Digest ************************