RISKS DIGEST 6.67
Peter G. Neumann
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
Contents:
Prestel case concluded (Peter Dickman, M. Douglas McIlroy)
Mysterious British Death Toll at 10 -- another computer engineer dead (PGN)
SDI feasibility and the OTA report (PGN)
Trustworthiness of time-stamps (PGN)
KAL 007 once again
Military Aircraft Crashes in Germany (Michael Wagner)
BIX Ad (Risks of US Mail) (Fred Baube)
"Momentum" of engineering projects (Charles H. Buchholtz)
Viruses at Customs (Robert Slade)
Viruses -- SCIENCE and Computers&Society (Howard Israel)
RISK! in Datamation (Jim Horning)
Re: Engine explosions due to overspeed, crew stupidity [Unverified]
(Joseph Nathan Hall)
The RISKS Forum is moderated. Contributions should be relevant, sound, in good
taste, objective, coherent, concise, nonrepetitious. Diversity is welcome.
Contributions to RI...@CSL.SRI.COM, Requests to RISKS-...@CSL.SRI.COM.
For Vol i issue j, ftp kl.sri.com, get stripe:<risks>risks-i.j ... .
Volume summaries in (i, max j) = (1,46),(2,57),(3,92),(4,97),(5,85).
----------------------------------------------------------------------
Date: 24 Apr 88 01:08:39 +0100 (Sunday)
From: Peter Dickman <pwd%computer-lab.c...@NSS.Cs.Ucl.AC.UK>
Subject: Prestel case concluded
Organisation: University of Cambridge Computer Laboratory
Overseas readers of the article below should note that:
The House of Lords is the final court of appeal as well as (the unelected)
half of the legislature in the UK. Five 'Law Lords' (usually ex-judges and
the like) will sit in judgement on cases that get that far.
Legal precedents can be set in the courts when it comes to interpreting the
law, hence Lord Lane's comments in what follows: the judges can decide if
the existing Forgery Acts apply to passwords etc but cannot spontaneously
make up a new law to cover the problem in question.
Prestel is a dial-up electronic mailing system.
The Duke of Edinburgh is Prince Philip (the spouse of the Queen) - this case
therefore gained some notoriety, at the time, in the tabloid press because of
its 'Royal connection'. [And the mailbox was not really his private
mailbox, but rather a demonstration mailbox for him, according to private
communication to PGN from someone at Prestel.]
= = = = = = = = = = = = = = = = = = = = = =
Reprinted without permission from 'The Guardian', London 22 April 1988:
COMPUTER HACKERS WIN TEST CASE
The House of Lords yesterday ruled that the two computer "hackers" who broke
into British Telecom's Prestel computer information service were not guilty of
forgery.
In what was regarded as a test case, five Law Lords unanimously upheld a
Court of Appeal ruling that accountant Stephen Gold and computer magazine
editor Robert Schifreen had gained access to the data bank by a "trick" which
was not a criminal offence.
Mr Gold, of Watt Lane, Sheffield, and Mr Schifreen, of Edgeware Gardens,
Edgeware, North-West London, had used micro-computers to gain entry to Prestel
computers in 1984.
They made unauthorised alterations to data and charged account-holders
without their knowledge.
Mr Schifreen was said to have got into the Duke of Edinburgh's Prestel
messages file and left messages. "They were not terribly interesting," he
said. They were mostly about the birth of Prince William.
Lord Brandon of Oakbrook said: "Their object in carrying on these activities
was not so much to gain any profit for themselves as to demonstrate their
skill as hackers. It never occurred to them that they might be committing any
offence under the Forgery and Counterfeiting Act, 1981." In the Appeal Court,
Lord Lane, the Lord Chief Justice, had said: "Their conduct amounted in
essence to dishonestly gaining access to the relevant Prestel data bank by a
trick. That is not a criminal offence. If it is thought desirable to make it
so that is a matter for the legislature rather than the courts."
Lord Brandon said that he shared Lord Lane's view that the prosecution was
an attempt to "force the facts of the case into the language of an act not
designed to fit them."
The men had been convicted of nine offences at Southwark crown court in
1986. Last year they successfully overturned that ruling.
Lords Keith of Kinkel, Templeman, Oliver and Goff agreed in dismissing the
prosecution's appeal against the Court of Appeal's ruling.
Afterwards Mr Schifreen said: "I knew from the start that the Forgery Act is
not designed to apply to unauthorised access to computers."
------------------------------
Date: Sun, 24 Apr 88 08:40:18 EDT
From: doug%al...@research.att.com
Subject: Prestel case concluded
[Doug McIlroy happened to be in London that day.
Here are some excerpts from his message. PGN]
London Times, Page 1, April 22:
The courts held that the prosecution had to prove that the hackers had
made a "false instrument" which they intended to pass off as genuine.
But this thesis was absurd because one and the same machine served as
both instrument and dupe. [Turing hoist on his own petard.] The facts
of the case did not fit the language of the act. The two hackers had
wanted to prove their skill, rather than to gain any benefit.
The Times also observed that hacking for gain or to inflict damage can be
construed as an offense, such as fraud or malicious damage, and that a
commission is studying whether a bill is needed to stop hacking for amusement.
------------------------------
Date: Sun 24 Apr 88 15:41:02-PDT
From: Peter G. Neumann <NEU...@csl.sri.com>
Subject: Mysterious British Death Toll at 10 -- another computer engineer dead
The total is now 10 of British scientist involved in defense work who have
died under mysterious circumstances in the past two years. Russell Smith, 23,
assistant scientific officer at ultrasecret UK Atomic Research Energy Plant in
Harwell, was ruled to have killed himself on 2 February 1988 by jumping from a
cliff. Trevor Knight, 52, was found dead in his car in March 1988. He worked
for the Marconi defense firm, as did several of the previous dead scientists.
Most of the 10 mysterious deaths resembled suicides, but only three cases were
actually ruled so by inquests. [Source: San Francisco Chronicle, 22 April
1988, p. A30. Previous cases were noted in earlier RISKS.]
------------------------------
Date: Sun 24 Apr 88 15:28:43-PDT
From: Peter G. Neumann <NEU...@csl.sri.com>
Subject: SDI feasibility and the OTA report
Today's Washington Post and AP wires have some more info on the unpublished
congressional report that the system would likely "suffer a catastrophic
failure" the first time (and only) time it was used. The OTA report cautioned
that the sheer complexity suggested that "there would always be unresolvable
questions about how dependable ... (the computer) software was."
... "extrapolating from past experience ... it appears to OTA that the
complexity of (ballistic missile defense), the uncertainty ... of the
requirements it must meet, and the novelty of the technology it must control
would impose a significant probability of software-induced catastrophic failure
in the system's first real battle." (The Post, quoting the report)
------------------------------
Date: Sun 24 Apr 88 17:02:24-PDT
From: Peter G. Neumann <NEU...@csl.sri.com>
Subject: Trustworthiness of time-stamps
In a classical asynchronous-attack scam (somewhat similar to the time-of-check-
to-time-of-use [TOCTTOU] perpetrations), fourteen postal employees and three
associates in NY City were accused of using insider knowledge to postmark their
envelopes on time in the 1987 Super Bowl "Pick the Score" contest, and then
stuff in the actual final score: NY Giants 39, Denver 20. Only 167 entries had
the exact score, and at least 107 of those came from insiders. Selected
randomly from those entries, there were 14 contest winners -- 8 of whom
apparently won through fraudulent means, collecting $85,000 out of the $100,000
awarded. The tip-off came when the $50,000 grand prize winner had a fight with
her postal employee boyfriend, and reported the scam. [Source: New York Times,
20 April 1988, p.1] The implications on the opportunities to fake on-line
computer time-stamps are self-evident.
------------------------------
Date: Fri 22 Apr 88 10:52:27-PDT
From: Peter G. Neumann <NEU...@csl.sri.com>
Subject: KAL 007 once again
The 9 April 1988 issue of the Washington Post carried a news item on the
shoot-down of KAL Flight 007.
A KAL pilot said that the pilot of the downed plane may have been the indirect
victim of his autopilot computer. He asserted that KAL pilots had previously
been reprimanded for having to return to their take-off point to correct an
autopilot error. This involved an expensive fuel dumping in each case.
The autopoilot is designed so that if one of its three computers disagrees, or
the crew enters the trip coordinates (start and ending) incorrectly, the
aircraft must return to its starting point (!!) so that the data can be
re-entered.
It has been suspected that the pilot of KAL 007 entered incorrect course data,
but did not take action to correct the error, so as to avoid punishment.
[For those of you new to this problem, the most plausible theory thus
far seems to be that the copilot had inadvertently left the autopilot
set on HDG 246 instead of switching to INERTIAL when passing over the
outbound checkpoint, at which point they should have changed course.]
------------------------------
Date: Fri, 22 Apr 88 14:30
From: Michael Wagner +49 228 8199645 <WAGNER%DBNGMD2...@CUNYVM.CUNY.EDU>
Subject: Military Aircraft Crashes in Germany
I haven't seen this reported in RISKS, so I thought I'd pass it along. In the
last 3 weeks, 3 military aircraft have crashed in Germany. All were
practicing low-flying maneuvers at the time. Two were F-16s; one was a
Mirage. The press says that, in each case, a much worse disaster was only
narrowly avoided (I can't judge how accurate this is). The crashes occured
just down the flight path from: a nuclear generating station, a munitions
dump, and an inhabited village. It seems that many air forces use the Eiffel
and Hunsruck areas (not far from me, actually, as the jet flies!) as practice
areas for low-flying missions (presumably because it's so challenging). The
German government is reported to be considering disallowing or restricting
such flights in future.
In all, 35 military aircraft have fallen out of the skies here since 1960. I
have no idea how this compares with other countries.
Michael
------------------------------
Date: Fri, 22 Apr 88 14:07:11 -0500
From: Fred Baube <fba...@note.nsf.gov>
Subject: BIX Ad (Risks of US Mail)
I just got an offer in the mail to try BIX. The mailing includes
a BIX login name, in the same impression as my name and address,
so I presume the login name is associated with me. They say that
should I cancel, I'll be billed only for access time.
What's to stop someone from fishing the card out of the trash ? if I use
the offer, can I claim that as an excuse not to pay ? These are familiar
issues I'd think, it's just that the delivery system they use is prone to
abuse. I do not believe that I am under any obligation to shred, burn, or
otherwise render unreadable unsolicited mail.
------------------------------
Date: Fri, 22 Apr 88 18:33:53 edt
From: ch...@eniac.seas.upenn.edu (Charles H. Buchholtz)
Subject: "Momentum" of engineering projects
Rob Horn brought up an interesting issue when he spoke of the momentum that
a project gathers, which prevents it from changing direction when objections
are raised. I have an understanding with my supervisors which, among other
things, serves as a governor on a projects momentum.
When I first begin working, I (metaphorically) give my supervisor a number
of tokens, "good for one emergency each". My supervisor also receives
tokens at a given rate per year. One token is "spent" each time I am asked
to do something outside usual practice. "It's an emergency! Can you come in
on the weekend and finish it?" - one token. "I know it's not clean, and not
documented, but we need a fast and dirty fix!" - one token. The theory is
that occasional emergencies are unavoidable, but constant emergencies are
poor planning; the tokens provide a method of determining which is the case.
On a few occasions my supervisor has decided, "it's not such an emergency,
after all", to save the token for a *real* emergency.
The number of tokens provided, and the definition of an "emergency", can vary
according to the company and individuals involved. I have noticed that this
system motivates supervisors not to make commitments that can't be met without
"cutting corners".
---Chip
------------------------------
Date: Wed, 20 Apr 88 07:43:16 PDT
From: Robert...@mtsg.ubc.ca <Robert...@mtsg.ubc.ca@um.cc.umich.edu>
Subject: Viruses at Customs
I am still working on the virus file (cf volume 6 number 45). It is now longer
than 360K and so will be archived and shipped with a copy of PKXARC (if you
use it etc.) However, the means of distribution to the States is through
my wife, who runs a theological college in Vancouver. American mail is
stamped with US postage and taken to border towns in Washington where some
of the American students live and work. Often there are challenged at the
border as to what they are carrying.
What with all the concerns over technology transfer and so forth, I can just
see the conversation between the hapless student (my wife told him he was
carrying a file of virus material) and the customs agent ("...you're trying
to bring *what* into the country?") If some of you don't get your disks
back, contact customs and immigration. (Come to think of it, we haven't
seen Russ since he took that last set of disks down last week...)
------------------------------
Date: Mon, 18 Apr 88 18:11 EDT
From: Howard Israel <HIs...@DOCKMASTER.ARPA>
Subject: Viruses
There is an article in "SCIENCE", Vol 240, 8 April 1988, pg 133-4 (News &
Commentary Section) by Eliot Marshall about viruses: "The Scourge of
Computer Viruses". This article among other things, says that "Computers &
Security" April issue is devoted to the subject of viruses.
AT&T Bell Laboratories, Whippany, NJ
------------------------------
Date: 19 Apr 1988 1457-PDT (Tuesday)
From: hor...@src.dec.com (Jim Horning)
Subject: RISK! [DATAMATION -- more]
The cover of the April 15, 1988 DATAMATION features the teaser "RISK! A new,
potentially dangerous element has been introduced into global markets and
businesses. The very same information systems that have enabled both to
flourish in the 1980s could cause them to perish in the '90s. In a world of
highly distributed pc power, complex networks, and database systems, risk has
become the third factor in the IS equation." The cover story itself ends with
"If you think today's vulnerabilities are going to be tough to cope with, wait
until tomorrow." [...]
Jim H.
------------------------------
Date: Sun, 24 Apr 88 20:54:07 EDT
From: j...@ece-csc.ncsu.edu (Joseph Nathan Hall)
Subject: Re: Engine explosions due to overspeed, crew stupidity [Unverified]
I don't have the particulars of the following event, although I could probably
come up with them if necessary ...
I remember hearing a story about a cockpit wager where one member of the
crew asserted that the autopilot got its engine speed (or something similar)
info directly from the speed sensor, while another member of the crew disagreed
and said that the autopilot got its info from the RPM gauge circuit. They
decided to test this out in flight (this was a commercial airliner) by
shutting off one of the RPM gauges at the breaker ...
Sure enough, the autopilot got the message that the engine had slowed down
dramatically (to 0 RPM) and so it increased fuel flow. Shortly the
engine oversped and stalled, blew up, and sent a blade through the cabin.
The story goes that everything went fine until a woman began screaming
hysterically, saying that the man who had been sitting next to her in the
window seat had just *vanished*, seatbelt and all, through the 1-1/2 foot
hole in the cabin wall ...
The details probably aren't correct -- it's been a while since I heard
this -- but the spirit of the thing is.
-joseph hall
------------------------------
End of RISKS-FORUM Digest
************************
-------