[risks] Risks Digest 21.98

From: RISKS List Owner (riskoat_private)
Date: Fri Mar 29 2002 - 11:53:02 PST

  • Next message: RISKS List Owner: "[risks] Risks Digest 22.01"

    RISKS-LIST: Risks-Forum Digest  Friday 29 March 2002  Volume 21 : Issue 98
    
       FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
       ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
    
    ***** See last item for further information, disclaimers, caveats, etc. *****
    This issue is archived at <URL:http://catless.ncl.ac.uk/Risks/21.98.html>
    and by anonymous ftp at ftp.sri.com, cd risks .
    
      Contents:
    Friendly Fire deaths traced to dead battery (Jamie McCarthy, KNHaw)
    British Air Traffic Control system outage (Alistair McDonald)
    Clinton cartoon carries virus (NewsScan)
    Low-tech election risks: mice (Mike Martin)
    Black box or Pandora's box? (Monty Solomon)
    eBay identity theft (Scott Nicol)
    Software "glitch" changes the colour of the universe (Pete Mellor)
    Bioinformatics start-of-the-art (Richard A. O'Keefe)
    Windows XP disables own firewall (Scott Miller)
    Re: LED lights can reveal computer data (Anthony DeRobertis)
    Re: Disclaimers (Malcolm Cohen)
    Re: PayPal's tenuous situation (Ray Todd Stevens, Alun Jones)
    Re: The RISK of ignoring permission letters (Gene Spafford, Ray Blaak)
    Pearl Harbor Dot Com, by Winn Schwartau (PGN)
    REVIEW: "Authentication: From Passwords to Public Keys", R.E. Smith (Rob Slade)
    Abridged info on RISKS (comp.risks)
    
    ----------------------------------------------------------------------
    
    Date: Tue, 26 Mar 2002 10:47:52 -0500
    From: Jamie McCarthy <jamieat_private>
    Subject: Friendly Fire deaths traced to dead battery
    
    In one of the more horrifying incidents I've read about, U.S. soldiers and
    allies were killed in December 2001 because of a stunningly poor design of a
    GPS receiver, plus "human error."
      http://www.washingtonpost.com/wp-dyn/articles/A8853-2002Mar23.html
    
    A U.S. Special Forces air controller was calling in GPS positioning from
    some sort of battery-powered device.  He "had used the GPS receiver to
    calculate the latitude and longitude of the Taliban position in minutes and
    seconds for an airstrike by a Navy F/A-18."
    
    According to the *Post* story, the bomber crew "required" a "second
    calculation in 'degree decimals'" -- why the crew did not have equipment to
    perform the minutes-seconds conversion themselves is not explained.
    
    The air controller had recorded the correct value in the GPS receiver when
    the battery died.  Upon replacing the battery, he called in the
    degree-decimal position the unit was showing -- without realizing that the
    unit is set up to reset to its *own* position when the battery is replaced.
    
    The 2,000-pound bomb landed on his position, killing three Special Forces
    soldiers and injuring 20 others.
    
    If the information in this story is accurate, the RISKS involve replacing
    memory settings with an apparently-valid default value instead of blinking 0
    or some other obviously-wrong display; not having a backup battery to hold
    values in memory during battery replacement; not equipping users to
    translate one coordinate system to another (reminiscent of the Mars Climate
    Orbiter slamming into the planet when ground crews confused English with
    metric); and using a device with such flaws in a combat situation.
    
    ------------------------------
    
    Date: Tue, 26 Mar 2002 14:35:01 -0800
    From: <knhawat_private>
    Subject: Friendly Fire deaths traced to dead battery
    
      [...]
    
    The article states: "Nonetheless, the [anonymous, senior defense department]
    official said the incident shows that the Air Force and Army have a serious
    training problem that needs to be corrected.  "We need to know how our
    equipment works; when the battery is changed, it defaults to his own
    location," the official said.  "We've got to make sure our people understand
    this."
    
    It also states: "...it is not a flagrant error, a violation of a procedure,"
    the official said. "Stuff like that, truth be known, happens to all of us
    every day -- it's just that the stakes in battle are so enormously high."
    
      [Full article submitted by several others.  TNX.  PGN]
    
    ------------------------------
    
    Date: Thu, 28 Mar 2002 06:52:50 +0000
    From: Alistair McDonald <alistairat_private>
    Subject: British Air Traffic Control system outage
    
    One of the British air-traffic control systems crashed on 27 Mar 2002, and
    affected airports across Britain.  Hundreds of flights were canceled or
    delayed.  A spokesman said that this computer was not connected with the
    computers at the new Swanwick ATC centre in Hampshire (which opened six
    years late and millions of pounds over budget).  ["connected with" is of
    course ambiguous in this context.  PGN-ed]
      http://uk.news.yahoo.com/020327/80/cvck5.html
    
        [Simon Waters reported this case also at
          http://news.bbc.co.uk/hi/english/uk/newsid_1897000/1897885.stm  
        PGN]
    
    ------------------------------
    
    Date: Wed, 27 Mar 2002 08:17:36 -0700
    From: "NewsScan" <newsscanat_private>
    Subject: Clinton cartoon carries virus
    
    McAfee, the anti-virus software company, says a new virus called MyLife.B.,
    is being circulated as an e-mail attachment featuring a cartoon about former
    president Bill Clinton. A McAfee executive says, "If this one does reach
    large proportions, it will be a very costly virus because most consumers
    don't have good backup methods for their operating system or important files
    on the C drive." The virus e-mails itself to everyone in a user's Microsoft
    Outlook address book or MSN Messenger contact list. The virus will cause
    damage only if you open the attachment -- so don't open it! (*USA Today*, 
    26 Mar 2002; NewsScan Daily, 27 March 2002)
      http://www.usatoday.com/life/cyber/tech/2002/03/26/viruses.htm
    
    ------------------------------
    
    Date: Wed, 27 Mar 2002 12:58:46 +0900
    From: "Mike Martin" <mike_martinat_private>
    Subject: Low-tech election risks: mice
    
    Those concerned about the risks of high technology voting methods should
    remind themselves that low-tech methods (ballot papers marked with a pencil,
    transported and counted under the watchful eye of scrutineers) present their
    own risks.  *The Bangkok Post* reports,
    http://www.bangkokpost.net/News/27Mar2002_news06.html, that, following
    voting in a by-election on March 3, mice managed to climb into one of the
    ballot boxes and chew up ballots.
    
    The winning candidate had a 65 vote lead when the undamaged votes were
    counted, and it was estimated that scraps left by the mice represented
    another 40 papers. "This result still has to be endorsed by the Election
    Commission," reports *The Post*.
    
    ------------------------------
    
    Date: Sun, 24 Mar 2002 17:19:07 -0500
    From: Monty Solomon <montyat_private>
    Subject: Black box or Pandora's box?
    
    Black box or Pandora's box?
    
    Most new vehicles come equipped with data recording technology that 
    can help accident investigators. But the computer device has its 
    critics, who fear the overstepping of "Big Brother."  [...]
      http://www.phillyburbs.com/intelligencerrecord/article1.asp?F_num=1484073
    
    ------------------------------
    
    Date: Wed, 27 Mar 2002 13:13:49 -0500
    From: Scott Nicol <sbnicolat_private>
    Subject: eBay identity theft
    
    Interesting article at <http://zdnet.com.com/2100-1106-868306.html>.
    
    Summary: You can run a dictionary attack on an eBay account, because eBay 
    doesn't lock an account for invalid logins, no matter how many invalid 
    login attempts are made.
    
    eBay doesn't lock accounts for invalid login attempts because "unscrupulous
    bidders might try to sabotage their competitors by locking out their
    accounts or that legitimate users may find themselves unable to log in after
    an attempted dictionary attack".  So I guess identity theft is not as bad as
    these other possibilities?
    
    Then there's this quote: "We're trying to figure out a way that we can adopt
    it without disclosing how the process works".  It's a pretty simple
    processes - 3 strikes (or whatever) and you're out.  I assume from this
    quote that they mean they want to implement something that is not so simple,
    i.e. locking only if it appears to be a dictionary attack.  This is security
    through obscurity - it won't take much time until somebody figures out what
    constitutes a dictionary attack pattern, then modifies their dictionary
    attack to avoid the pattern.
    
    Scott Nicol <sbnicolat_private>
    
    ------------------------------
    
    Date: Wed, 13 Mar 2002 00:35:43 +0000 (GMT)
    From: Pete Mellor <pmat_private>
    Subject: Software "glitch" changes the colour of the universe 
    
    As reported on the "Broadcasting House" programme on BBC Radio 4, 
    Sunday 10th March:- 
    
    Scientists at John Hopkins University have spent several years calculating
    the weighted average of the electromagnetic frequency of emissions from all
    galaxies in the observable universe.  They concluded their research by
    announcing last month that, on average, the universe is turquoise.
    
    Last week, they announced that, due to a software "glitch", they had
    miscalculated, and that the universe is, in fact, beige.
    
    Broadcasting House are threatening legal action, claiming that they have
    just had their studio painted turquoise in order to be in harmony with the
    rest of the universe.
    
    Peter Mellor, Centre for Software Reliability, City University,
    Northampton Square, London EC1V 0HB UK  NEW Tel.: +44 (0)20 7040 8422
    
    ------------------------------
    
    Date: Wed, 13 Mar 2002 18:26:28 +1300
    From: "Dr Richard A. O'Keefe" <okat_private>
    Subject: Bioinformatics start-of-the-art
    
    Bioinformatics is a hot topic at this university, and the computer science
    department is just starting to get involved.  As part of trying to learn
    about this field, I thought I'd read a couple of the better-known programs.
    To be honest, I thought I'd run splint (formerly known as lclint) over them
    and find a minor buig or two.  I'm not going to name either of these
    programs, but one of them was particularly interesting because we were
    thinking of having a student make a parallel version to try out a parallel
    architecture one of our people is interested in, because normal runs of this
    program on recent PCs can take about 3 weeks.
    
    I don't know what art these programs are state-of; possibly macrame.
    They certainly aren't even 1970's state of the programming art.
    
    * indentation inconsistent, crazy, or both (fix with indent) - lines up
      to 147 columns wide (fix with indent)
    * lots of dead variables (fix with quick edit)
    * array subscripts that could go negative (use unsigned char rather than
      char in a couple of dozen places, phew)
    * failure to comprehend that C++ prototypes and C prototypes are
      different (fix by changing () to (void) in too many places)
    * #define lint ... so that lint falls over (rename lint to Lint in a
      dozen files)
    * assumption that long int = 32 bits (one program) or that int = 32 bits
      (the other) (not yet done, but use inttypes.h with a local backup)
    * string->integer code that gets INT_MIN wrong (rip out, plug in code
      known since 60s)
    * using %ld format with int arguments (*printf and *scanf), a real
      problem because the machines
      (I have access to are 64-bitters and it'd be nice if the programs ran
      in LP64 mode.)
    * gcc, liint, splint find variable used before initialised (see next
      item)
    * technically legal syntax with no semantics: double matrix[][] as
      function argument,. (Scream, bang head on wall, write this message.)
    
    Is it reasonable to expect people with a biochemistry or mathematics
    background to write clean well-engineered code?  No.  For the importance of
    the topic, and the sums of money involved, is it reasonable to expect that
    they'll have their programs cleaned by someone else before release?  I think
    it is.  With the pervasive lack of quality I'm seeing, I don't trust _any_
    of the results of these programs.  I have to wonder how many published
    results obtained using these programs (and fed back into databases that are
    used to derive more results which are ...) are actually valid.
    
    ------------------------------
    
    Date: Thu, 14 Mar 2002 05:43:05 -0500
    From: Scott Miller <scottamillerat_private>
    Subject: Windows XP disables own firewall
    
    Caveat: this is third hand, I've no way to test. However, the original
    reporter seems to have done sound observation and corroboration, and this
    could be important. Extract from a report from Tim Loeb posted on Jerry
    Pournelle's mail page (www.jerrypournelle.com/mail/currentmail.html):
    ...What happens is this: either during the initial setup of Earthlink as a
    network connection via the Network Connection Wizard or later as an explicit
    modification the user attempts to activate XP's Internet Connection
    Firewall.  All seems to go well. If the user is on-line with the target
    connection active at the time he/she will be advised that not all features
    can be implemented until sign-off and a fresh log-on. Reviewing the status
    of that active connection will show that the check box for Enable Internet
    Connection Firewall IS checked, and the user would naturally think the
    protection is in place. Running the tests on Steve Gibson's site right then,
    with the active connection unbroken since enabling the firewall, will show
    that the machine is indeed in full "stealth" mode, and naturally most people
    would now assume the issue has been successfully addressed. WRONG! A fresh
    log-on (via Earthlink using their dialer at least - I have no way to test
    other ISP connections and/or associated software) DISABLES the firewall, and
    the machine is completely open to probes and hacks! I've spent hours testing
    this scenario, and the result is always the same: while I can enable the
    Internet Connection Firewall and have it work ONCE, as soon as I log off the
    network and back on again the protection disappears, and the "enable
    Internet Connection Firewall" box reverts to being unchecked. Frankly I
    don't know what's happening here, but it is happening on two separate
    machines that have never been on a network together...
    
    ------------------------------
    
    Date: Wed, 13 Mar 2002 22:17:53 -0500
    From: Anthony DeRobertis <asdat_private>
    Subject: Re: LED lights can reveal computer data (Simicich, RISKS-21.95)
    
    My Lego Mindstorms set communicates with both infrared and visible LED's. So
    does your television remote control.  And many other things.
    
    If you want to communicate with LEDs, you can. However, I doubt very much
    that it is easy to read data passing over a modem from the activity light!
    Unless it only lights for, e.g., 1's. Even then, at reasonable data rates
    --- especially since you have no ECC coding or even clock sync --- it seems
    nearly impossible.
    
    ------------------------------
    
    Date: Wed, 13 Mar 2002 11:15:21 +0000 (GMT)
    From: Malcolm Cohen <malcolmat_private>
    Subject: Re: Disclaimers (Bacon, RISKS-21.95)
    
    >...  "Was the original e-mail monitored - WITHOUT the recipient's consent?"
    
    The recipient has nothing to do with it.  It is the sender who has copyright
    on the email (the recipient is not entitled to publish it).
    
    Just like letters and other "ordinary" correspondence, the sender can show
    it to anyone else.  Obviously, by choosing to use a monitored email system,
    he has chosen to let it be monitored.
    
    >How long before the 'thought police' in the BBC extend their monitoring...
    
    Well, actually, it is normal company policy at most places to open all
    incoming correspondance (e.g. letters) as a matter of course!  And it's not
    unheard of for certain companies (e.g. mail-order ones) to record all
    telephone calls as a matter of course.
    
    And how you imagine that postcards and faxes are "not examined" by anyone
    involved with the delivery, I don't know!  They have to start reading the
    thing to see who to give it to, it's human nature to look at the rest.
    
    Use of company phones (some places run a "no private calls" policy), company
    fax machines, and the company mail service is obviously all down to company
    policy.  Why one would imagine that these things are provided for the personal
    benefit of employees rather than to conduct company business, I don't know.
    
    As long as the employees know what the policy is I see no grounds for
    complaint (other than to grumble about the policy being strict).
    
    Malcolm Cohen, NAG Ltd., Oxford, U.K.  (malcolmat_private)
    
    ------------------------------
    
    Date: Wed, 13 Mar 2002 11:04:32 -5
    From: "Ray Todd Stevens" <raytoddat_private>
    Subject: Re: PayPal's tenuous situation (Max, RISKS-21.94)
    
    I use PayPal from the vendor side, and I can assume you that you did not
    quite understand the system.  Actually, most people I know of who make
    extensive use of PayPal end up with a "fraud investigation hold" on their
    accounts from time to time.  PayPal seems to have a system that monitors
    transactions for weird activity and automatically puts such a hold on
    accounts.  Then it appears that a human reviews the activity and
    investigates.  If you recieve a drastic increase in the number of
    transactions you get flagged.  What got me was having money arrive and then
    immediately sent somewhere else.  So a fraud hold does not mean that there
    is fraud, but that there appears there may be.
    
    A fraud hold does mean that you don't have access to the funds coming in.
    You can not issue bills to people.  (That is, you can't use the PayPal
    system to ask people to pay you.)  More important, a person with a fraud
    hold can't access the funds.  They can issue refunds, but may not send the
    money to other people.  They also may not withdraw funds.  This means that
    PayPal probably has your money and you will get it back.  It also means
    that, if their automatic system flags your account, you can continue to do
    business for the period of time the investigation takes.  In my case one
    hold was about 2 hours and another was about 8 hours.
    
    I hope this helps you and the group understand this system better.
    
    Ray Todd Stevens, Senior Consultant, Stevens Services, Suite 21
    3754 Old State Rd 37 N,  Bedford, IN 47421  1-812-279-9394  Raytoddat_private
    
    ------------------------------
    
    Date: Tue, 12 Mar 2002 20:26:35 -0600
    From: Alun Jones <alunat_private>
    Subject: Re: PayPal's tenuous situation (Bayley, RISKS-21.94)
    
    As a merchant myself, accepting credit cards for some time, I can state
    quite categorically (and with some rancour) that the approval from the
    credit-card company is by no means whatsoever a guarantee of payment.  It
    provides a merchant with pretty close to no protection at all.  I've been
    provided with chargebacks (which are automatically deducted from my
    business' accounts) on transactions where I have meticulously verified that
    the credit-card company gave me authorisation.
    
    As far as I can make out, the only "guarantee" is that the checksum 
    matches, the card hasn't expired through old age, and probably hasn't been 
    reported as stolen any time longer than a week ago.
    
    Oh, and chargebacks may get submitted to you many months after the original 
    purchase.  I had one bank try to process a chargeback about two years after 
    the original purchase.  The number of chargebacks submitted works against 
    you, as well, as the credit-card company will increase your "discount rate" 
    (the percentage of the transaction that they take from you) if you have too 
    many.  Is this to cover their expenses in handling those chargebacks?  Why, 
    no, of course not.  After all, every chargeback is not only charged at that 
    same discount rate both coming and going, but also has the helpful addition 
    of a "service charge" of $25 added on for your convenience.
    
    For as much as credit-card holders may feel concerned about whether their 
    money is safe in an online transaction (in the USA, law requires it to be 
    so), the merchants are _always_ the ones left holding the bag.
    
    Texas Imperial Software, 1602 Harvest Moon Place, Cedar Park TX 78613-1419  
    Fax/Voice +1(512)258-9858 
    
    ------------------------------
    
    Date: Tue, 12 Mar 2002 21:57:30 -0500
    From: Gene Spafford <spafat_private>
    Subject: Re: The RISK of ignoring permission letters (Knox, RISKS 21.94)
    
    I have a fairly simple response to spam e-mail that claims I requested it,
    or can only opt out, or whatever.
    
    I determine the actual sending address, and the domain of any associated
    URLs in the message, and I add them to my "black hole" list.  Any future
    mail from that address is bounced.  Domains that offer repeated abuses are
    added, too.  E-mail in languages other than English with embedded prices,
    porno, or URLs to commerce sites automatically go into the list. I also have
    added addresses collected in like manner by several friends; I have not used
    any of the major anti-spam sites (yet).
    
    It doesn't matter what they claim -- I no longer see their spam.
    
    Based on a multi-year history of e-mail, I now completely block any e-mail
    from msn.com, any version of yahoo.com, and hotmail.com --- I have had
    (literally) thousands of spam messages from there, but only 6 legit
    correspondents.  I am also blocking 3200 separate addresses and over 6400
    other domains.
    
    My spam load is down to only about 10-15 new pieces per day. :-(
    
    And by the way, if this is being read by the pinheads who keep sending out
    ads for reconditioned printer cartridges, please know that we will *never*
    do business with your firms.  We're keeping a list.
    
    ------------------------------
    
    Date:   Thu, 14 Mar 2002 04:39:16 GMT
    From: Ray Blaak <blaakat_private>
    Subject: Re: The RISK of ignoring permission letters (Slade, RISKS-21.95)
    
    > Does a failure to respond to this type of message constitute a legitimate
    > "acceptance" on my part?  (Particularly for those of us from outside the US?)
    
    This can't be right. So, if the e-mail is lost in cyperspace and you never
    even recieve it, is that the same as implicitly consenting?
    
    Does this not have direct precedence with snail mail? I am imagining CD
    clubs here. You can't be legally obligated by anything that you receive in
    the mail and just throw away.
    
    ------------------------------
    
    Date: Sun, 24 Mar 2002 16:36:15 PST
    From: "Peter G. Neumann" <neumannat_private>
    Subject: Pearl Harbor Dot Com, by Winn Schwartau
    
    Pearl Harbor Dot Com
    A novel by Winn Schwartau
    Interpact Press
    Seminole, Florida, 1-727-393-6600
    2002
    ISBN 0-9628700-6-4
    512 pages
    
    We do not normally review or analyze RISKS-relevant fiction, but this book
    seems to make a rather compelling novel out of a surprisingly large number
    of security and reliability risk threats that we have discussed here over
    the years.  The story echoes one of the fundamental problems confronting
    Cassandra-like risks-avoidance protagonists and agonists alike, namely,
    that, because we have not yet had the electronic Pearl Harbor, people in
    power perceive that there is little need to fix the infrastructural
    problems, so why bother to listen to the doom-sayers who hype up the risks?
    Well, in this novel, one man's massive craving for vengeance reaches major
    proportions, and significant effects result on critical infrastructures.  In
    the end, the good hackers contribute notably to the outcome.  
    
    The book is somewhere within the genre of technothrillers, with a typical
    mix of murder, mayhem, intrigue, computer-communication surveillance, and
    non-explicit s*x.  I enjoyed it.  It is entertaining, and the convoluted
    plot is quite consistent, fairly tight, and to RISKS readers, each incident
    is technologically quite plausible -- because many of the attacks seem
    almost reminiscent of past RISKS cases, sometimes just scaled up a little.
    
    If you read the book, try not to let the sloppy proof-reading bother you;
    there are too-frequent typos and grammar glitches, and lots of mispelingz --
    for example, Naugahyde is subjected to two different versions, each with at
    least two letters wrong, and Walter Reade is mispelt twice, differently, on
    the same page!  Incidentally, the author and his previous writings make
    several self-referential appearances throughout the story, which might seem
    rather self-serving, but does draw attention to the author's long-standing
    role in trying to combat what has now become known as cyberterrorism.
    
    ------------------------------
    
    Date: Mon, 18 Mar 2002 11:57:50 -0800
    From: Rob Slade <rsladeat_private>
    Subject: REVIEW: "Authentication: From Passwords to Public Keys", R.E. Smith
    
    BKAUTHNT.RVW   20020220
    
    "Authentication: From Passwords to Public Keys", Richard E. Smith,
    2002, 0-201-61599-1, U$44.99/C$67.50
    %A   Richard E. Smith
    %C   P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
    %D   2002
    %G   0-201-61599-1
    %I   Addison-Wesley Publishing Co.
    %O   U$44.99/C$67.50 416-447-5101 fax: 416-443-0948 bkexpressat_private
    %P   549 p.
    %T   "Authentication: From Passwords to Public Keys"
    
    Chapter one looks at the history and evolution of password technology,
    and introduces a system of discussing attacks and defences that
    provides an easy structure for an end-of-chapter summary.  A more
    detailed history appears in chapter two, while chapter three discusses
    the enrolling of users.
    
    Chapter four is rather odd: it brings up the concept of "patterns" as
    defined in the study of architecture, but doesn't really explain what
    this has to do with authentication or the book itself.  The closest
    relation seems to be the idea of determining a security perimeter. 
    The material poses a number of authentication problems and touches on
    lots of different technologies, but the various difficulties are not
    fully analyzed.
    
    Chapter five is supposed to be about local authentication, but mostly
    examines encryption.
    
    Strangely, chapter six inveighs against the complex rules for password
    choice and management that are commonly recommended--and then adds to
    the list of canons the requirement to assess the security of a system
    when choosing a password.  Ultimately the text falls back on the
    traditional suggestions, with a few good suggestions for password
    generation.  This place in the text also marks a change in the volume:
    the content moves from a vague collection of trivia to a much more
    practical and useful guide.
    
    Chapter seven is a decent overview of biometrics, although there is an
    odd treatment of false acceptance and rejection rates, and some
    strange opinions.  Authentication by address, emphasizing IP spoofing,
    is covered in chapter eight, while hardware tokens are discussed in
    chapter nine.  Challenge/response systems are reviewed in chapter ten,
    as well as software tokens.  Indirect or remote authentication,
    concentrating on the RADIUS (Remote Authentication Dial In User
    Services) system, is examined in chapter eleven.  Chapter twelve
    outlines Kerberos, and has a discussion of the Windows 2000 version,
    albeit with limited analysis.  The study of public key (asymmetric)
    cryptography in chapter thirteen would be more convincing with just a
    few more sentences of explanation about how keys are established. 
    Chapter fourteen talks about certificates and signing, while fifteen
    finishes with some vague thoughts on password storage.
    
    After a slow (but interesting) start, the book does have a good deal
    of useful material in the later chapters.  Long on verbiage and a bit
    short on focus, this text does have enough to recommend it to security
    practitioners serious about the authentication problem.
    
    copyright Robert M. Slade, 2002   BKAUTHNT.RVW   20020220
    rsladeat_private  rsladeat_private  sladeat_private p1at_private
    http://victoria.tc.ca/techrev    or    http://sun.soci.niu.edu/~rslade
    
    ------------------------------
    
    Date: 12 Feb 2001 (LAST-MODIFIED)
    From: RISKS-requestat_private
    Subject: Abridged info on RISKS (comp.risks)
    
     The RISKS Forum is a MODERATED digest.  Its Usenet equivalent is comp.risks.
    => SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent)
     if possible and convenient for you.  Alternatively, via majordomo,
     send e-mail requests to <risks-requestat_private> with one-line body
       subscribe [OR unsubscribe]
     which requires your ANSWERing confirmation to majordomoat_private .
     [If E-mail address differs from FROM:  subscribe "other-address <x@y>" ;
     this requires PGN's intervention -- but hinders spamming subscriptions, etc.]
     Lower-case only in address may get around a confirmation match glitch.
       INFO     [for unabridged version of RISKS information]
     There seems to be an occasional glitch in the confirmation process, in which
     case send mail to RISKS with a suitable SUBJECT and we'll do it manually.
       .MIL users should contact <risks-requestat_private> (Dennis Rears).
       .UK users should contact <Lindsay.Marshallat_private>.
    => The INFO file (submissions, default disclaimers, archive sites,
     copyright policy, PRIVACY digests, etc.) is also obtainable from
     http://www.CSL.sri.com/risksinfo.html  ftp://www.CSL.sri.com/pub/risks.info
     The full info file will appear now and then in future issues.  *** All
     contributors are assumed to have read the full info file for guidelines. ***
    => SUBMISSIONS: to risksat_private with meaningful SUBJECT: line.
    => ARCHIVES are available: ftp://ftp.sri.com/risks or
     ftp ftp.sri.com<CR>login anonymous<CR>[YourNetAddress]<CR>cd risks
       [volume-summary issues are in risks-*.00]
       [back volumes have their own subdirectories, e.g., "cd 20" for volume 20]
     http://catless.ncl.ac.uk/Risks/VL.IS.html      [i.e., VoLume, ISsue].
       Lindsay Marshall has also added to the Newcastle catless site a
       palmtop version of the most recent RISKS issue and a WAP version that
       works for many but not all telephones: http://catless.ncl.ac.uk/w/r
     http://the.wiretapped.net/security/info/textfiles/risks-digest/ .
     http://www.planetmirror.com/pub/risks/ ftp://ftp.planetmirror.com/pub/risks/
    ==> PGN's comprehensive historical Illustrative Risks summary of one liners:
        http://www.csl.sri.com/illustrative.html for browsing,
        http://www.csl.sri.com/illustrative.pdf or .ps for printing
    
    ------------------------------
    
    End of RISKS-FORUM Digest 21.98
    ************************
    



    This archive was generated by hypermail 2b30 : Fri Mar 29 2002 - 13:18:05 PST