RISKS-LIST: Risks-Forum Digest Friday 17 August 2001 Volume 21 : Issue 61 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <URL:http://catless.ncl.ac.uk/Risks/21.61.html> and by anonymous ftp at ftp.sri.com, cd risks . Contents: Censorship in action: why I don't publish my HDCP results (Niels Ferguson) Florida relies on students, not experts (Adam Shostack) PDAs increasingly vulnerable to hackers (Monty Solomon) Welland Canal Bridge runs into ship (Chris Smith) U.S. Web sites fall short of global privacy standards (NewsScan) DejaGoogle rides again (Dave Weingart) Risks to lose sleep over (Mike Knell) Re: AT&T Worldnet exposes all user passwords (Dylan Northrup, Mike Tuffs) Telephone "*" codes (Alan Miller) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Fri, 17 Aug 2001 22:49:48 +0200 From: Niels Ferguson <nielsat_private> Subject: Censorship in action: why I don't publish my HDCP results [Copyright Niels Ferguson. Published with permission of the author. PGN] Censorship in action: why I don't publish my HDCP results Niels Ferguson, 15 Aug 2001 Summary I have written a paper detailing security weaknesses in the HDCP content protection system. I have decided to censor myself and not publish this paper for fear of prosecution and/or liability under the US DMCA law. Introduction My name is Niels Ferguson. I'm a professional cryptographer. My job is to design, analyse, and attack cryptographic security systems, a bit like a digital locksmith. I work to make computer systems and the Internet more secure. You would think that people would be in favour of that, right? Computer security and cryptography are hard. It is easy to make mistakes, and one mistake is all it takes to create a weakness. You learn from your mistakes, but there are too many mistakes to make them all yourself. That's why we publish. We share our knowledge with others, so that they don't have to repeat the same mistake. Take a look at <http://www.macfergus.com/niels/dmca/index.html../pubs/publist.html>my publications. You will see a mixture of new designs, analyses, and attacks. This is how we learn and how we improve the state of the art in computer security. HDCP Recently I found the documentation of the <http://www.digital-cp.com>High-bandwidth Digital Content Protection (HDCP) system on the Internet. HDCP is a cryptographic system developed by Intel that encrypts video on the DVI bus. The DVI bus is used to connect digital video cameras and DVD players with digital TVs, etc. The aim of HDCP is to prevent illegal copying of video contents by encrypting the signal. HDCP is fatally flawed. My results show that an experienced IT person can recover the HDCP master key in about 2 weeks using four computers and 50 HDCP displays. Once you know the master key, you can decrypt any movie, impersonate any HDCP device, and even create new HDCP devices that will work with the 'official' ones. This is really, really bad news for a security system. If this master key is ever published, HDCP will provide no protection whatsoever. The flaws in HDCP are not hard to find. As I like to say: "I was just reading it and it broke." What do you do when you find a result like this? First, you have to write it down and explain it. Then you publish your paper so that the mistakes can be fixed, and others can learn from it. That is how all science works. I wrote a paper on HDCP, but I cannot publish it. DMCA There is a US law called the Digital Millennium Copyright Act (DMCA), that makes it illegal to distribute "circumvention technology", such as systems that break copyright protection schemes. HDCP is used to protect copyrights. There are lawyers who claim that a scientific paper like mine is a circumvention technology within the meaning of the DMCA, because it explains the weaknesses of a system. I have been advised by a US lawyer who works in this field that if I publish my paper, I might very well be prosecuted and/or sued under US law. This is outrageous. The risk to me I travel to the US regularly, both for professional and for personal reasons. I simply cannot afford to be sued or prosecuted in the US. I would go bankrupt just paying for my lawyers. I want to make it quite clear that Intel, who developed the HDCP system, has not threatened me in any way. But the threat does not come only from Intel. The US Department of Justice could prosecute me. Any other affected party, such as a movie studio whose films are protected with HDCP, could sue me under the DMCA. That is a risk I cannot afford to take. The simple alternative would be to never travel to the US again. This would harm me significantly, both professionally and personally. It would lock me out of many conferences in my field, and keep me away from family and friends. It all sounds a bit too far-fetched, right? Who would sue over the publication of an article? Well, there are very good reasons to believe that I risk a lawsuit if I publish my paper. A team of researchers led by Professor Edward Felten was recently threatened with a DMCA-based lawsuit if they published their own scientific article. The resulting court case is still pending. Freedom of speech We have this little principle called the freedom of speech. It is codified in the <http://www.hrweb.org/legal/udhr.html>Universal Declaration of Human Rights, the <http://www.law.emory.edu/FEDERAL/usconst.html>US Constitution, and Dutch law. The whole point of freedom of speech is to allow the free circulation of ideas and to let the truth be heard. There can be no doubt that my paper is protected by the free speech rights. The DMCA imposes a serious restriction on the freedom of speech. The DMCA makes it illegal to talk about certain security systems. The equivalent law for non-digital protection systems would make it illegal to warn people about a cheap and very weak door lock being installed on their houses because criminals could also use that same information. In western society we restrict the freedom of speech only for very serious reasons, and after careful consideration. For example, it is illegal to shout "fire" in a crowded theatre, or to ask someone to commit a murder. The DMCA restricts the freedom of speech because the movie industry is afraid of losing money. Below I will argue that the DMCA does not achieve that goal, but that aside: do we really want to sell our freedom of speech for money? The DMCA is a scary development. Next time that commercial interests clash with the freedom of speech, the industry will point to the DMCA and claim they need equivalent protection. They might outlaw the publication of a report detailing bad safety features in a car, or of flaws found in a particular brand of tires. After all, those publications harm industry too. Where will it stop? Jurisdiction The DMCA is a US law. I am a citizen of the Netherlands, and I live and work in Amsterdam in the Netherlands. Why do I care about the DMCA at all? The USA is apt to apply its own laws way beyond its own borders. Dmitry Sklyarov, a Russian programmer, was arrested last month in the US. He is charged with violating the DMCA while performing his work in Russia as an employee for a Russian firm. As far as we know, what he did was perfectly legal in Russia, and in most other countries in the world. He is now out on bail, but cannot leave northern California until further notice. Where does this lead to? What if countries start applying their own laws to the things people do in other countries? Will you be arrested next time you go abroad? Do you really want to take that holiday in China if you have more than one child? Are you sure that Germany allows you to have those links to political pamphlets on your web site? This type of extraterritorial application of national law violates a basic human right, because you cannot possibly know which laws apply to you. Imagine living in a country where the laws are kept secret, and you never know whether you are violating a law. Suppose a US citizen works for a firearms manufacturer in the US, making guns. One of those guns turns up here in Amsterdam and is used to commit a crime. This person takes a holiday over here in Europe, and is arrested for violating the Dutch firearms laws because he helped manufacture the gun in the US. That is what happened to Dmitry. Is that fair? Is that how we want to run this world? The principle of applying national laws to anybody that publishes anything anywhere in the world is terrifying. If we allow this principle to be used, we will never be free again. You will get a choice. You can decide to never leave your country for any reason whatsoever. This means you might not even be able to attend a wedding or funeral of a loved one. Alternatively, you can restrict all your statements to satisfy the laws of all the countries you could conceivably travel to. You might as well not say anything, because it is very hard to find something that is legal in all jurisdictions. We either lose our right to travel, or our right to speak and be heard. Which fundamental human right do you want to give up today? DMCA does not work The DMCA is a fundamentally flawed law. It is ineffective, and actually harmful to the interests it tries to protect. It stops me publishing my paper now, but someday, someone, somewhere will duplicate my results. This person might decide to just publish the HDCP master key on the Internet. Instead of fixing HDCP now before it is deployed on a large scale, the industry will be confronted with all the expense of building HDCP into every device, only to have it rendered useless. The DMCA ends up costing the industry money. No points for guessing who ends up paying for it in the end. In the long run, the DMCA will make it much easier to create illegal copies. Why? If we cannot do research in this area, we will never develop good copyright protection schemes. We will be stuck with flawed systems like HDCP, to the delight of the criminals. The DMCA has been called the Snake Oil Protection Act. When a manufacturer makes a defective product, you expect them to fix it. Not in this case. The DMCA protects the manufacturer of a defective product by making it illegal to show that the product is defective. Who came up with this idea? Copyright law Copyright law is a careful balance between the rights of the author and the public interest. The author gets a limited-time exclusive right to reproduce his work. The public gets free use of the work once the copyright expires. Furthermore, the public gets certain "fair use" rights. These include the right to use short quotes from the work in a review, for example, and the right to create a parody. If you buy a copy of a copyrighted work, you also have the right to make an extra copy for your own use. A student can make a copy of a page in his textbook to mark it up while he studies. In a sneaky way the DMCA eliminates all these "fair use" rights of the public. As long as the work is protected using copyright protection technology, none of the "fair use" rights can be exercised, because it is illegal to create or own the tool with which you can exercise your fair use rights. Copyright expires, but the DMCA ensures that even when it does, the work still does not enter the public domain. The US supreme court has held that the "fair use" rights are exactly the safety valve that prevent the copyright law from violating free speech rights. This might be another reason why the DMCA is unconstitutional. In Dmitry's case, he wrote software that decoded encrypted digital books. His software has many uses. Many digital books only allow the book to be viewed on the screen. If you are blind and want to read the book on your braille display you have to use something like Dmitry's software. This is perfectly legal under the "fair use" rules of copyright law, but the DMCA forbids it thereby prohibiting blind people from accessing such books. Why this mess? Why did the movie industry campaign for the DMCA if it doesn't work? The movie and record industry have a history of claiming that new technologies will bankrupt them. When video recorders were first introduced, they swore that they would go bankrupt if people could record movies. Now they make a lot of money selling video tapes. Now they swear that they will go bankrupt if we do not restrict the freedom of speech and the public's fair use rights. Why should we believe them this time around? The DMCA exists because the movie and record industry lobbied heavily for it. It is a very one-sided law that clearly has not been thought through properly. The industry has managed to eliminate the careful balance of the copyright law and replace it with a law that effectively gives them an unlimited monopoly on copyrighted works. Could it just be that this is the real motive behind their lobby? Can we fix the DMCA? Sure. That wouldn't even be very difficult. Making and selling unauthorised copies of copyrighted works is already illegal in most jurisdictions. We could change the copyright law to impose stiffer penalties if the copyright violation involves breaking a copyright protection scheme. A bit like the difference between trespassing and breaking and entering. A law like this would achieve exactly what we want: it would restrict illegal copying of copyrighted works. It would not restrict the freedom of speech, or do away with our fair use rights. More information You can find lots more information about the DMCA and the cases of Professor Felten and Dmitry Sklyarov on the <http://www.eff.org>EFF web site. My <http://www.macfergus.com/niels/dmca/index.htmlfelten_declaration.html> declaration in the Felten court case. Copyright 2001 by Niels Ferguson, last update 2001-08-16, comments to <mailto:nielsat_private>nielsat_private <http://www.macfergus.com/niels/dmca/index.html../index.html>[home page] ------------------------------ Date: Fri, 17 Aug 2001 13:26:15 -0400 From: Adam Shostack <adamat_private> Subject: Florida relies on students, not experts > FORT LAUDERDALE, Fla. (AP) - Broward County officials considering > the $20 million purchase of a touchscreen voting system want > students to try to tamper with the computers during a mock election. > > "One of the biggest concerns raised is whether there is the > potential for computer abuse, and we really need to see how > foolproof or tamperproof this equipment is," county commission > Chairman John Rodstrom said. "If there is a problem, it will happen > now or later. And some of these kids are pretty smart." > http://ap.tbo.com/ap/florida/MGAJ6W8YGQC.html The risks are legion, and well documented. It's too bad that Florida officials are relying on students to reproduce them, but hey, one of them may learn the value of reading the literature, instead of re-inventing it. [And if someone with very little experience can demonstrate the lack of security, *that* might impress some of the folks who are either supremely gullible or counting on opportunities for fraud. But please remember that some of the most insidious riskful vulnerabilities are those that can be exploited by insiders in the development and maintenance process. Once again, recognize that all of the touch-screen systems today have absolutely no independent voter-verified audit record such as a printed ballot image that can be stored in ballot boxes guarded at least as well as paper ballots are today -- whether punched-card or optically scanned. Thus, there is no reasonable guarantee in touch-screen systems that your ballot as cast is actually equivalent to the ballot that is counted. This could be remedied relatively easily, as recommended in Rebecca Mercuri's PhD thesis <http://www.notablesoftware.com/evote.html>. PGN] ------------------------------ Date: Fri, 17 Aug 2001 02:50:22 -0400 From: Monty Solomon <montyat_private> Subject: PDAs increasingly vulnerable to hackers Handheld computers are increasingly vulnerable to hacker attacks and should not be trusted to store "any critical or confidential information," security experts warned Thursday. [Reuters, 16 Aug 2001] http://news.cnet.com/news/0-1006-200-6894699.html ------------------------------ Date: Fri, 17 Aug 2001 13:01:17 EDT From: Chris Smith <smithat_private> Subject: Welland Canal Bridge runs into ship [Three parts, sent separately, merged into one item. PGN] 1. Sent 13 Aug 2001 The following two news reports from the Canadian Broadcasting Corporation cover a Saturday evening accident in the Welland Canal (southern Ontario, Canada, near the border with Buffalo, NY) when a lift bridge was lowered too soon, shearing off the top of the wheelhouse of a 700 ft bulk freighter. Damage to the out-of-control freighter followed, first in collision with the canal, and then with a fire breaking out on board. The fire flared up again briefly Monday morning. At least one news report stated that the bridge is under remote control, with bridge cameras monitored from the remote control location. For now, the clear risk is not having a working fallback to deal with situations that are never supposed to happen. We await news of what went wrong (we hope something did actually go wrong!) that gave rise to this accident. http://cbc.ca/cgi-bin/templates/view.cgi?/news/2001/08/12/shipfire_010812 http://cbc.ca/cgi-bin/templates/view.cgi?/news/2001/08/13/shipfire_010813 Here is a good location to read further details and watch for continuing details. This page is maintained by a regular canal and ship watcher in the area: http://www.wellandcanal.ca/transit/2001/august/windocstory.htm 2. Sent 16 Aug 2001 Just to make me look silly, I'm certain, the report is now that the bridge is run directly from a command cabin on the lift section itself. (I checked the CBC video stream, and they did explicitly say the bridge was under remote control.) This makes a lot more sense, especially from the point of view of avoiding accidents. Which leaves us with an open RISKS question to be checked later when it is known what caused this collision. 3. Sent 17 Aug 2001 As the referenced newspaper article makes clear, the Welland Canal bridge that collided with the freighter "Windoc" was *not* a remotely-operated bridge: http://www.scstandard.com/news/010814/5106699.html This contradicts -- authoritatively -- the statement earlier in a Canadian Broadcasting Corporation report that the bridge was remotely controlled. Only one of eight lift-bridges across the canal is remotely controlled. The rest are staffed 24 hours a day during the shipping season. The article gives a good description of the ship-bridge passage protocol. Chris Smith <smithat_private> ------------------------------ Date: Fri, 17 Aug 2001 08:52:25 -0700 From: "NewsScan" <newsscanat_private> Subject: U.S. Web sites fall short of global privacy standards A survey of 75 U.S. corporate Web sites found that none were in compliance with a set of international privacy guidelines developed by the U.S. and the European Union last year. The guidelines require companies to: notify consumers how their personal data is used; use the information only for its stated purpose; allow consumers to examine and correct data collected about them; give consumers an option to forbid sharing that data for marketing purposes; store the data in a secure manner; and provide recourse for consumers whose privacy has been violated. The survey, conducted by Andersen, found that travel and leisure companies scored the best on notice and security provisions, while financial services firms were most likely to offer adequate choice. U.S. companies must make progress on revamping their Web privacy standards or "Disruption to the conduct of business is a real risk," says Andersen principal Kerry Shackelford. [Reuters 16 Aug 2001; NewsScan Daily, 17 August 2001] <http://news.excite.com/news/r/010816/11/net-tech-privacy-dc> ------------------------------ Date: Fri, 17 Aug 2001 13:30:19 -0400 From: Dave Weingart <dave.weingartat_private> Subject: DejaGoogle rides again I recently had to look for a message in rec.arts.sf.fandom, one of the Usenet groups I follow and popped onto http://groups.google.com (Google having taken over Deja's Usenet archives). Knowing the thread title and the approximate date, I entered those into Google's advanced group search. Bingo, one result returned, with a notice that read: "In order to show you the most relevant results, we have omitted some entries very similar to the 1 already displayed. If you like, you can repeat the search with the omitted results included." Whoops. The omitted entries were *all* the other entries in the rest of the thread -- clicking on the link they provide shows all the other messages. I leave the risks of this behavior as an exercise for the reader. Dave Weingart, Randstad North America dave.weingartat_private 1-516-682-1470 ------------------------------ Date: Sat, 11 Aug 2001 10:01:33 +0100 From: Mike Knell <mpkat_private> Subject: Risks to lose sleep over While staying in a German youth hostel a couple of weeks ago, I was woken up at midnight by someone telling me I hadn't paid to stay that night, so would have to pay them DEM33 or leave. Ungh, gnurgh, I said (having been freshly woken up), no, I've definitely paid in advance for two nights. This is the second night. No, they said, you've only paid for one. Okay, okay. Look, I've got a receipt. Can I come downstairs and sort this out? Sure thing, they said. Better be down in five minutes at the most. So I put some clothes on, found the receipt in my wallet and presented it at the front desk. Sure enough, it was a receipt for 2*DEM33 == DEM66. Two nights, all paid. But no, they said. Look, the departure date printed on your receipt shows you've only paid for one night, and the computer agrees, so you'll have to pay us DEM33 for tonight or leave. By now I was beginning to wonder whether I was hallucinating. My receipt for two nights wasn't being accepted as such? Why not? At about this point I stopped speaking German and switched to English, because arguing in a foreign language when you've been awake for two minutes and you're starting to doubt your sanity anyway is tricky. After a bit more arguing of the "I've paid!" "No, you haven't!" sort, and a lot more fiddling about with the registration computer, the problem was solved. Yes, I'd paid two nights at DEM33 each. But this had been recorded in the booking system as 2 persons for one night, not one person for two nights, so I'd been flagged as having departed. This also explains the discrepancy in the departure date on the receipt. Since everything was now In Order, I was graciously permitted to return to my dorm and go back to sleep. The RISKS here are obvious -- the computer's not always right when it's been given the wrong information in the first place. This was, however, the first time I've encountered anyone not believing the evidence of their own eyes -- my receipt for two paid nights and my keycard with the correct departure date written on it -- because the computer didn't agree with it. I'd also mention the RISKS of waking me up in the middle of the night just to annoy me like this, but they're pretty obvious too. Mike <mpkat_private> ------------------------------ Date: Tue, 7 Aug 2001 15:35:56 -0500 (CDT) From: Dylan Northrup <docxat_private> Subject: Re: AT&T Worldnet exposes all user passwords (RISKS-21.57) An infinite number of monkeys in the guise of a RISKS contributor wrote: :=Then she asked for my e-mail password. When I refused she :=informed me my password is not a secret, and that *all passwords* connected :=to my Worldnet account (a Worldnet account can have up to 6 e-mail accounts) :=are *visible* on her screen. This is not surprising. When working for another major ISP, the database for their users also had passwords available for each customer and were used by customer service as well as system administrators to help diagnose specific problems with customers. When working with a problem that affects a specific customer, sometimes the best way to reproduce it from the other end is to use the service as the customer. That the CS representative asked for your password is unique or at least questionable (our user base was instructed to never give that information over the phone and that CS reps would be able to access that information if necessary). Dylan Northrup <*> docxat_private <*> http://www.io.com/~docx/ ------------------------------ Date: Wed, 8 Aug 2001 09:47:55 -0700 From: "Tuffs, Mike" <mike_tuffsat_private> Subject: Re: AT&T Worldnet exposes all user passwords (Smith, RISKS-21.57) WRT the comments in this posting about blocking caller-id when used for credit-card authorisation purposes, I recently called a credit-card company to authorize my new card, using a blocked caller-id. The system was able to identify me without anything other than my card number, due to caller-id. When I asked how they were able to do this, as the id was blocked, they informed me that their equipment simply ignored the blocked bit in the id string. I assume this is possible for anyone? Mike Tuffs, Mentor Graphics Corp (503) 685 0736 mike_tuffsat_private ------------------------------ Date: Tue, 14 Aug 2001 12:36:12 -0500 From: Alan Miller <ajmat_private> Subject: Telephone "*" codes (Re: Burstein, RISKS-21.59) Danny Burstein writes on CNID/Caller ID: >The former, which is what is used by (the vast majority of) homes and >"regular" (non "800") business lines, can be blocked by the caller on >either a permanent per-line basis, or as a choice per-call. (Usually by >prepending a special code, generally "*70", before dialing out). Actually, "*70" is almost always the code to toggle call waiting notification, primarily used so incoming calls won't cause a beep on the line while a data call is in progress. "*67" is the most commonly used code to toggle outgoing caller ID information. This was discussed fairly heavily in RISKS or the Telecom Digest (or both) when caller ID first became available, since for customers with per-line blocking it's the code to _enable_ caller ID for the following call, and there's no way to find out whether caller ID is enabled for a line or call. In some areas, "*69" is used for "last number callback," which calls the number that originated the previous call (answered or not, I believe). I believe that this service has a range of options and is handled differently by different LECs. ------------------------------ Date: 12 Feb 2001 (LAST-MODIFIED) From: RISKS-requestat_private Subject: Abridged info on RISKS (comp.risks) The RISKS Forum is a MODERATED digest. Its Usenet equivalent is comp.risks. => SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) if possible and convenient for you. Alternatively, via majordomo, send e-mail requests to <risks-requestat_private> with one-line body subscribe [OR unsubscribe] which requires your ANSWERing confirmation to majordomoat_private . [If E-mail address differs from FROM: subscribe "other-address <x@y>" ; this requires PGN's intervention -- but hinders spamming subscriptions, etc.] Lower-case only in address may get around a confirmation match glitch. INFO [for unabridged version of RISKS information] There seems to be an occasional glitch in the confirmation process, in which case send mail to RISKS with a suitable SUBJECT and we'll do it manually. .MIL users should contact <risks-requestat_private> (Dennis Rears). .UK users should contact <Lindsay.Marshallat_private>. => The INFO file (submissions, default disclaimers, archive sites, copyright policy, PRIVACY digests, etc.) is also obtainable from http://www.CSL.sri.com/risksinfo.html ftp://www.CSL.sri.com/pub/risks.info The full info file will appear now and then in future issues. *** All contributors are assumed to have read the full info file for guidelines. *** => SUBMISSIONS: to risksat_private with meaningful SUBJECT: line. => ARCHIVES are available: ftp://ftp.sri.com/risks or ftp ftp.sri.com<CR>login anonymous<CR>[YourNetAddress]<CR>cd risks [volume-summary issues are in risks-*.00] [back volumes have their own subdirectories, e.g., "cd 20" for volume 20] http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue]. Lindsay Marshall has also added to the Newcastle catless site a palmtop version of the most recent RISKS issue and a WAP version that works for many but not all telephones: http://catless.ncl.ac.uk/w/r http://the.wiretapped.net/security/info/textfiles/risks-digest/ . http://www.planetmirror.com/pub/risks/ ftp://ftp.planetmirror.com/pub/risks/ ==> PGN's comprehensive historical Illustrative Risks summary of one liners: http://www.csl.sri.com/illustrative.html for browsing, http://www.csl.sri.com/illustrative.pdf or .ps for printing ------------------------------ End of RISKS-FORUM Digest 21.61 ************************
This archive was generated by hypermail 2b30 : Fri Aug 17 2001 - 15:06:15 PDT