RISKS-LIST: RISKS-FORUM Digest Sunday, 15 November 1987 Volume 5 : Issue 58 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Son of Stark (Hugh Miller) Follow-up to Black Hawk Failures article (Dave Newkirk) Jamming the Chopper (Brint Cooper) Computer systems hit by logic bombs (J.D. Bonser) Risk of more computers (Arthur David Olson) Reach out and (t)ouch! (Matthew Kruk) Re: Password truncation and human interfaces (Mark W. Eichin) Mobile Radio Interference With Vehicles (Ian Batten) Computer terrorism (Brint Cooper) [There is a huge backlog on UNIX set[gu]id (still) and on tape labels. I'll try to sort through it and pick the new contributions...] The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, nonrepetitious. Diversity is welcome. Contributions to RISKS@CSL.SRI.COM, Requests to RISKS-Request@CSL.SRI.COM. For Vol i issue j, FTP SRI.COM, CD STRIPE:, GET RISKS-i.j. Volume summaries for each i in max j: (i,j) = (1,46),(2,57),(3,92),(4,97). ---------------------------------------------------------------------- Date: Sun, 15 Nov 87 11:19:15 EST From: Hugh Miller Subject: Son of Stark The following appeared in this morning's edition of the *Toronto Star*, Sunday 15 November 1987. Here we go again: WASHINGTON (AP) - Deficient radar equipment aboard the USS Stark, and not the ship's crew, was chiefly responsible for the frigate's failure to defend itself against an Iraqi missile attack last May, the ship's captain said in his first extensive comment on the incident. Capt. Glenn Brindel acknowledged "deficiencies in the watch" aboard the ship, but wrote, "Their actions or inactions ... are not primary causes for Stark's failure to defend against the ... attack. "Unfortunately, the ship's radars and electronics did not function as advertised." His assertion directly contradicts the official US Navy board of inquiry findings, released in a censored version Oct. 15. It also raises new questions about the ability of similar frigates - at least six ships of the same type are currently deployed in the Persian Gulf - to defend themselves against such attacks. Brindel expressed his views in a lengthy letter to the editor, printed in tomorrow's editions of the weekly newspaper Navy Times. The board of inquiry harshly criticized Brindel and some of his top officers for failing to defend the Stark from two Exocet missiles fired from an Iraqi jet May 17. Brindel said Stark's radar systems should have detected the Exocets. "They did not," he wrote. Brindel, the board of inquiry concluded, "failed to provide combat-oriented leadership, allowing Stark's anti-air warfare readiness to disintegrate to the point that his Combat Information Center team was unable to defend the ship." Thirty-seven sailors died in the attack. Would someone who has quick access to Navy Times be so kind as to send in extracts from Brindel's letter giving details? Specifically, will we now find out that the Phalanx was on after all, and pulled a Divad? Capt. Brindel, it appears, has been made to take a dive for a bad P-sub-k. Hope this doesn't hurt his pension. Hugh Miller, Toronto, Ont. ------------------------------ Date: Sat, 14 Nov 87 17:33:16 PST From: ihnp4!ihlpm!dcn@ucbvax.Berkeley.EDU To: kl.sri.com!risks@ucbvax.Berkeley.EDU Subject: Follow-up to Black Hawk Failures article COPTERS GET SHIELD FROM DEADLY RADIO Wahington - The Army, alarmed by new test results showing that radio waves can shut down the vital hydraulic system of its Black Hawk helicopter, will shield the system's electronic controls from such interference, Army officials said Wednesday [November 11, 1987]. Radio waves triggered a ``complete hydraulic failure'' on a UH-60 Black Hawk by generating false electrical commands in the system, according to test results. The Army's decision comes after a series of crashes in which the helicopters nosedived into the ground. Since 1982, 22 servicemen have been killed in five Black Hawk crashes. (From the Chicago Tribune, November 11, 1987 - dcn) Dave Newkirk, ihnp4!ihlpm!dcn ------------------------------ Date: Thu, 12 Nov 87 8:28:13 EST From: Brint Cooper To: risks@csl.sri.com Subject: Jamming the Chopper From wire service reports: "The Army, alarmed by new test results showing that radio waves can shut down the vital hydraulic system of its Black Hawk helicopter, will shield the system's electronic controls from such interference, t Army officials said yesterday. Radio waves triggered a "complete hydraulic failure" on a UH-60 Black Hawk by generating false electrical commands in the system, according to the Army's latest test results. When that happens, the pilot can't control the aircraft. The Army's decision, disclosed at a private meeting this week with officials from Sikorsky Aircraft Co., the Black Hawk contractor, comes after a series of crashes in which the helicopters nose-dived into the ground. The Black Hawk's logic module...will be replaced with the shielded version already used aboard the Navy Sea Hawk, a derivative of the Army chopper, according to Army officials." Two thoughts: 1. If the Sea Hawk is a derivative of the Black Hawk, why is it that the former has the shielded control module and not the latter? Is the Navy smarter than the Army? 2. Didn't we have a discussion in RISKS of similar problems with electronic anti-skid automotive braking systems some time ago? Did it conclude anything? _Brint [Yes. Not really. PGN] ------------------------------ Date: Fri, 13 Nov 87 16:37:35 EST From: "J.D. Bonser" To: risks@csl.sri.com Subject: Computer systems hit by logic bombs Excerpted without permission from the front page of the Toronto Globe and Mail, 3 November 1987. Computer systems hit by `logic bombs' ------------------------------------- A disgruntled employee of a London Ontario company recently planted a surprise in the corporation's computer - a ``logic bomb,'' which would, on a certain date, knock out the entire system. It was found in time and the man was prosecuted ``but it would have destroyed their complete computer system - it would have been down for months,'' Sergeant Ted Green of the Ontario Provincial Police said yesterday. The London man who planted the ``logic bomb'' ... was later acquitted of the crime ... the trial judge refused to admit evidence of a previous ``bomb'' he had allegedly planted in a computer system of an Alberta company because the firm had refused to press charges. In another case involving a Toronto company, a similar ``logic bomb'' was activated the day the employee's termination notice was processed in the computer system. ``It wiped out the whole system,'', said Sgt. Green, ... a specialist in computer crime. In another case Sgt. Green worked on, a bank branch decided on the occasion of its 10th anniversary to honor the customer who had the most active account. It turned out to be an employee who had accumulated $70,000 funnelling a few cents out of every account into his own. ``He said: `Go ahead and charge me. I will tell the public you have been doing this for years.' It was true. The bank had been rounding off (customers') accounts and putting them into sundry accounts.'' A man in southwestern Ontario acquired a printing press and ran off thousands of bank deposit slips with the computerized code for his own bank account on the bottom of each. Then he discreetly left piles of them on counters at a number bank branches ... [and] the deposits went into his account. A number of employees of a Toronto-area machinery supplier extracted computer lists of clients and blueprints in order to set up their own rival company. The scheme was discovered at the last minute and a trial is scheduled to be held soon. Sgt. Green said current legislation is adequate to deal with the problem. ``Our concern is people are reluctant to bring (information) to us.'' ------------------------------ Date: Sat, 14 Nov 87 14:06:27 EST From: elsie!ado.UUCP@SEISMO.ARPA (Arthur David Olson) To: risks@csl.sri.com Subject: Risk of more computers The November 11, 1987 Washington Post includes a UPI account of President Reagan's proposed legislation on child pornography. The proposal ". . .would give prosecutors the right to move against computer networks and parents who permit their children to be used in pornography." This newly discovered capability of computer networks to have children may explain the volume of mail that's been overwhelming the moderator of late. Had the computing community known earlier what the result of connecting CSNET, BITNET, USENET, and friends would be. . . --ado ------------------------------ Date: Fri, 13 Nov 87 20:10:18 PST From: Matthew_Kruk%UBC.MAILNET@MIT-Multics.ARPA To: RISKS@csl.sri.com Subject: Reach out and (t)ouch! Source: Deutsche Presse-Agentur BONN, West Germany - An elderly West German woman who failed to replace her telephone receiver properly after a five-minute call to a relative in Nairobi, Kenya, received a whopping telephone bill for $2,3000. Because of a fault in the Kenya exchange, the connection was not cut and since German telephone exchanges and billing are all computerized, the live line went unnoticed. The meter ran 10 hours. The 86-year-old woman asked the West German Telephone Agency to excuse the debt, but the agency offered to deduct one third of the bill. She then petitioned Parliament, which ruled this week that she would have to pay one-third of the bill for carelessness. ------------------------------ Date: Fri, 13 Nov 87 15:05:27 EST From: Mark W. Eichin To: tytso@ATHENA.MIT.EDU Cc: imagen!geof@decwrl.dec.com, risks@csl.sri.com Subject: Re: Password truncation and human interfaces What is especially interesting (in the BayBanks case) is that 1) It is only on DieBold machines (cross-network stuff needs the whole string) 2) The screens actually flicker visibly once you have pressed the fourth digit, making this feature easy to suspect... _Mark_ ------------------------------ To: RISKS FORUM (Peter G. Neumann -- Coordinator) Subject: Mobile Radio Interference With Vehicles (RISKS-5.57) Organisation: University of Birmingham Computer Science Department Date: Fri, 13 Nov 87 12:43:43 GMT From: Ian G Batten There was some trouble a year or so ago I read of in one of the Car magazines with engine management systems on several makes of car. It appeared that when driving near Daventry (about 25 miles south of here on the road to London) their engines would die. This was traced to RFI from the powerful transmitter field there (Nationwide Radio Four, on 1500 metres is transmitted from there, along with the local Medium Wave and FM stuff. The level of transmissions around there certainly taxes my car's radio!) ian ------------------------------ Date: Fri, 13 Nov 87 16:57:38 EST From: Brint Cooper To: risks@csl.sri.com Subject: Computer terrorism Article 114 of comp.society: Path: brl-adm!umd5!mimsy!oddjob!hao!ames!sdcsvax!ucsdhub!hp-sdd!hplabs!hplabsz!taylor From: rhorn@infinet.UUCP (Rob Horn) Subject: Computer usage by Solidarity in Poland Date: 10 Nov 87 19:31:54 GMT This is a sketch of the article, ``Of Systems, Solidarity, and Struggle'' in Datamation, 1 November 1987. ``You know why there are so few sophisticated computer terrorists in the United States? Because your hackers have so much mobility into the establishment. Here, there is no such mobility. If you have the slightest bit of intellectual integrity you cannot support the government.... That's why the best computer minds belong to the opposition.'' - Anonymous This opens a good article on how computers are being used by the opposition in Poland. Go find a copy of Datamation and read it. Solidarity is now becoming computerized. Computers are used to write articles, track election fraud, maintain organizations, and maintain communications. Using computers for such illegal purposes is not without penalties. Typical sentences for opposition activities are 1-2 years when the crimes are non-violent. The government has focused its efforts on severing the communications that make opposition efforts effective. When they initially severed the public telephone system, computer operators used internal private line systems to maintain communications. With martial law, these too were shut down. Now the primary modes of communication are either by mail or by courier. A floppy disk is easy to hide in a package or carry unobtrusively. Personal computers are now widespread in Poland, acquired both legally and by smuggling. There are an estimated 500,000 personal computers in Poland, with Sinclair and Amstrad being the most popular. There are an estimated 700 illegal publications being generated by everything from matrix printers to laserwriters. Nearly two thirds of the non-violent crime in Poland is associated with illegal press and opposition activities. The government has had to choose between the serious economic damage that would result from eliminating computers and their elimination as an opposition tool. So far, they have been forced to allow the continued use of computers. The security capabilities of computers are also important to Solidarity. Telephone calls can be traced and monitored; floppy disks are easy to smuggle around. Paper is very bulky, hard to conceal, and hard to destroy. Floppies are very compact, easy to hide, easy to encrypt, and easy to destroy. ``Every Solidarity center had piles and piles of paper .... everyone was eating paper and a policeman was at the door. Now all you have to do is bend a disk.'' Rob Horn ------------------------------ End of RISKS-FORUM Digest ************************