RISKS-LIST: Risks-Forum Digest Tuesday 9 July 2002 Volume 22 : Issue 14 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <URL:http://catless.ncl.ac.uk/Risks/22.14.html> and by anonymous ftp at ftp.sri.com, cd risks . Contents: DCS/SCADA Security (Eytan Adar) Fishermen rescued after dam malfunction (Thomas Dzubin) China bans toxic American computer junk (Mich Kabay) A Microsoft Medley in RISKS-22.13 (Peter da Silva) Windows Media Player security update EULA gives MS permission to keep you from using "other software" on your computer (Bill Tolle) Re: E-mail address parsing (George Roussos) MI5 hates encryption so much, they don't use it! (Ben Laurie) More on The Telecom Crash of 2002 (Joe Pistritto via Dave Farber) Security in General - wireless - simplicity (M Simon) FORTH (M Simon) 11th USENIX Security Symposium (Alex Walker) REVIEW: "Decrypted Secrets", F. L. Bauer (Rob Slade) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Thu, 27 Jun 2002 09:33:59 -0700 (PDT) From: Eytan Adar <eytanadarat_private> Subject: DCS/SCADA Security >From an article about security of various control systems (dams, trains, etc.). My favorite quote from this article: "Most of these devices are now being connected to the Internet. But because the digital controls were not designed with public access in mind, they typically lack even rudimentary security, with fewer safeguards that accompany the purchase of flowers online." (this and other good stuff at: http://www.siliconvalley.com/mld/siliconvalley/3554402.htm) ------------------------------ Date: Fri, 28 Jun 2002 15:29:19 -0700 (PDT) From: Thomas Dzubin <dzubintat_private> Subject: Fishermen rescued after dam malfunction (*The Vancouver Sun*, 27 Jun 2002) Four anglers were rescued by helicopter Wednesday from a small island in the Capilano River after a control malfunction at the Greater Vancouver regional district's Cleveland Dam released an unexpected torrent of water. The malfunction of the drum-gate water-control mechanism, which occurred during a computer upgrade, is expected to prompt the installation of more signs along the river warning fishermen of the potential for rapid increases in water levels. The Cleveland Dam had been releasing snow-melt water through the drum-gate at the rate of about 1,000 cubic feet per second when the malfunction occurred at 7 a.m. Wednesday. By the time dam employees brought the problem under control about an hour later, the flow had increased four-fold to about 4,000 cubic feet per second. At that rate, it would take about 30 seconds to fill an Olympic-sized swimming pool. Thomas Dzubin note: the GVRD does not tightly control physical access to the land around the Capilano river and I've walked by various points along its banks quite a few times. I guess the Risk here might be that you shouldn't automate a system where you can't control access to all directly affected points or at least have an independent feedback system in place to not allow (or send an alarm) a 4x increase in flow over a short period of time. (Although, I'm not a civil engineer...such a feedback mechanism might be tough to implement and still allow the dam to "let-go" water in emergency situations such as the week-long rainstorms which we sometimes have in Vancouver.) Thomas Dzubin, Vancouver, Calgary, or Saskatoon, CANADA ------------------------------ Date: Sun, 30 Jun 2002 11:24:34 -0400 From: Mich Kabay <mkabayat_private> Subject: China bans toxic American computer junk John Gittings in Shanghai, writing for the Guardian Weekly, published an article entitled "China bans toxic American computer junk: Electronic scrap puts the lives of rural villagers at risk" (GW, 2002-06-01, < http://www.guardian.co.uk/international/story/0,3604,725756,00.html >). "Beijing has announced a clampdown on the import of electronic junk from the US and other developed countries which is being stripped by Chinese peasants in primitive and dangerous conditions. The ban follows an outcry by western environmental groups and in the Chinese press about reports that young children are employed to smash up computers and that local water supplies have been poisoned by toxic waste. A new list of banned items will include "TV sets, computers, Xerox machines, video cameras and telephones", according to the national environment agency." The article goes on to describe threats to the health of >100,000 unprotected workers, including children, who extract heavy metals from circuit boards plus severe environmental degradation to farmland surrounding the recycling centers. Most of the waste comes from the US because, "The US is the only industrialised country to have failed to ratify the 1989 UN Basel convention which calls for a total ban on the export of hazardous waste." This article highlights the RISKS of assuming that bringing our defunct computer gear to a recycling center is "protecting the environment." It may be protecting our part of the environment, but on a global basis, we seem to be causing a great deal of harm to many poor people and to the long-term future of our planet. In addition, we ought to look at the morality of treating other human beings as if they are expendable tools for protecting ourselves at their expense. Seems to me that the only sustainable approach to reducing the harm we can cause by discarding computer gear is to include the price of safe recycling in the purchase price and to have manufacturers, wholesalers and retailers contribute to an economically viable treatment process where users live -- not in some shantytown on the far side of the planet. Perhaps signing and abiding by the Basel convention would be a good first step. M. E. Kabay, PhD, CISSP, Dept CompInfoSys, Norwich University, Northfield VT http://www2.norwich.edu/mkabay/index.htm ------------------------------ Date: Thu, 4 Jul 2002 18:22:20 -0500 (CDT) From: Peter da Silva <peterat_private> Subject: A Microsoft Medley in RISKS-22.13 Four fascinating articles in RISKS-22.13: > Microsoft's secret plan to secure the PC (Monty Solomon) The referenced article included such gems as "Palladium stops viruses and worms. The system won't run unauthorized programs, preventing viruses from trashing your system." Setting aside all the other issues in the article, this by itself is a remarkable piece of misdirection. Why? Well, let's look at viruses... There are four main avenues that viruses and worms use to spread. There are others, but the vast majority of outbreaks have used these avenues of attack. The first, and oldest, is "social engineering". You trick a human into running a program for you. This is the electronic equivalent of calling up the sysop at a company and saying "hey, this is Jack Smith in accounting, I can't get in, I forgot my password because I had it programmed into my mail program, can you clear it for me?". Making the OS more secure can help somewhat, but you don't need to wait for Palladium to do this... most multi-user operating systems are designed so that users normally run with restricted privileges, and so can only damage their own files... not the OS or other user's programs. The second is exploiting a straightforward bug, usually a buffer overflow. To fix this you don't need a new security model, you need a programming language that doesn't allow buffer overflows. The third is a "cross frame attack": you trick the client software (web browser, e-mail program, music player) into running untrusted code without restrictions. This is almost always an attack on Microsoft's poorly-advised merge of the web browser (which is almost always dealing with untrusted objects) with the desktop, mail software, and so on. If they had integrated the HTML rendering engine in the OS and left the Internet access code in a separate program that used the HTML rendering code but otherwise managed its own access controls... at least 90% of the widespread virus outbreaks would never have happened. The fourth is conversion attacks. You encode the message containing the attack code inside a package the outer layers of the OS or application don't know how to open. Ironically, Palladium is likely to make this kind of attack easier, because it's almost certain that part of the security model will involve separating the system up into components that don't have the keys to each other's files. Ironically, one of the latest security issues with a Microsoft product is due to the first Palladium-type software having three of the kind of security holes I just listed above... Windows Media Player. The second of the three holes would not exist if Media Player didn't have to have access to the OS internals to implement Digital Rights Management. Of more concern, the integration of the browser and the desktop and other components that created the possibility of "cross frame attacks" is due specifically to Microsoft's attempt to avoid complying with their original agreement with the Justice Department by bundling the Browser and the OS. Microsoft has maintained this dangerous design despite years of massive virus outbreaks caused by this decision, because otherwise they'd have to admit fault. Even now, when they have been found at fault, and there's nothing left to lose, they refuse to unbundle the Internet access from the rendering code. So, not only has Microsoft never before shown much concern for this problem, they have actively worked to prevent a straightforward fix that they are legally required to implement. Using this issue as a hook to get more control of the computer is, well, there are polite terms for it and I'll let you decide which one to apply. Even if you don't care about this specific issue, what does this say about their likely behaviour if security problems crop up in the design of Palladium? > Risks to your privacy from using MSN Messenger 4.6? (Michael Weiner) > Microsoft sent Nimda worm to developers (Mike Hogsett) The implications of these two, in light of the first, are obvious. > Microsoft's Allchin: API disclosure may endanger U.S. (Brien Webb) This article basically says that Microsoft knows they have fundamental design flaws in their protocols, which if discovered will open up your computer to uncontrolled access. So now they want us to trust them that this time, honest, they'll really get it right? ------------------------------ Date: Sun, 30 Jun 2002 10:56:11 -0500 From: Bill Tolle <BillTolleat_private> Subject: Windows Media Player security update EULA gives MS permission to keep you from using "other software" on your computer The latest from MS is buried deep in the EULA if you download the Windows Media Player security update: "You agree that in order to protect the integrity of content and software protected by digital rights management ('Secure Content'), Microsoft may provide security related updates to the OS Components that will be automatically downloaded onto your computer. These security related updates may disable your ability to copy and/or play Secure Content and use other software on your computer. If we provide such a security update, we will use reasonable efforts to post notices on a web site explaining the update." "may disable your ability to copy and/or play Secure Content and use other software on your computer" is an interesting phrase. If you remove one item from the sentence it becomes "may disable your ability to ....................... use other software on your computer". Wonder what "other software" Bill G. might decide to not let us use at some point in the future? See http://www.theregus.com/content/4/25435.html Bill Tolle <BillTolleat_private> ------------------------------ Date: Mon, 1 Jul 2002 00:28:08 +0100 (BST) From: George Roussos <grat_private> Subject: Re: E-mail address parsing {RISKS-22.13} >The risk is that the customer-relations programmers are living in a >world of [a-z0-9_] for mailbox names, while the standard has long >allowed for virtually any character (including NULL). Actually, they live in an MS Outlook world (try to send e-mail to "@ @"@nmt.edu using outlook). In fact, Outlook would refuse to send e-mail to a number of perfectly valid addresses, including any that contain the end dot for the root domain. This is obviously a feature, not a bug! ------------------------------ Date: Wed, 03 Jul 2002 12:39:06 +0100 From: Ben Laurie <benat_private> Subject: MI5 hates encryption so much, they don't use it! According to Network News (the UK rag) today, MI5, the Home Office, and others don't use PGP signing at RIPE (the European Internet registry), although its the only really secure method for updating records. So anyway, I thought I'd look into it, and, well, its true (edited highlights follow): www.mi5.gov.uk. 6715 IN A 128.98.11.23 inetnum: 128.98.0.0 - 128.98.255.255 mnt-by: QINETIQ-UK-MNT mntner: QINETIQ-UK-MNT auth: MD5-PW $1$tSMW1DGk$GIAERGLu5BwBUXabmYjvs1 I'm sure Qinetiq haven't been so foolish as to choose a guessable password (after all, they've shown their IT expertise by the masterly handling of the 1901 Census website), but even so, their e-mail must contain the password in plain text. Of course, if anyone out there runs their password cracker on that and finds I'm wrong, I'd _love_ to hear about it. Note: all data above is from publicly available sources. Incidentally, the article suggests that some people are still using MAIL-FROM auth, which is, frankly, astonishing. I can't be bothered to track down who, though. Ben http://www.apache-ssl.org/ben.html http://www.thebunker.net/ [PS. OK, I lied: I can be bothered. This is just too amazing: www.gov.uk. 35656 IN CNAME www.ukonline.gov.uk. www.ukonline.gov.uk. 283 IN A 195.33.102.13 inetnum: 195.33.96.0 - 195.33.127.255 mnt-by: AS12967-MNT mntner: AS12967-MNT auth: MAIL-FROM .*@att.nl auth: MAIL-FROM .*@icoe.att.com Yes, folks. The UK government's Website uses MAIL-FROM auth. And not even .uk addresses!] ------------------------------ Date: Sun, 30 Jun 2002 19:15:06 -0400 From: Dave Farber <daveat_private> Subject: More on The Telecom Crash of 2002 ------ Forwarded Message >Date: Sun, 30 Jun 2002 12:00:36 -0700 >From: "Joseph C. Pistritto" <jcpat_private> >Subject: Re: IP: The Telecom Crash of 2002 The most telling comment here is the comment about bankruptcy allowing new players to take over bandwidth debt-free, dropping prices. We've seen this pattern before. In Iridium for instance. Further, we see it in the equipment markets, where companies can buy equipment on the secondary market for 20% of list price. This is hurting all the equipment companies as well. (especially Sun, which is very vulnerable to this.) Cisco is probably hurting as well because of it. Its an interesting vicious circle: 1) People install something, (bandwidth, satellites, Sun machines, etc.) and don't have enough revenue to support the cost of it. 2) They go into debt, sometimes spectacularly 3) They go bankrupt servicing the debt, which gets written off. 4) Other people buy the assets debt-free, and can now cut prices 5) Driving all other providers to go into *more* debt. (if they can), or go bankrupt (if they can't). 6) Making more of them go bankrupt. - iterate to step (3). This can't stop until everyone's gone through bankruptcy, to get back on a "level" playing field. As a programmer at heart, I have to believe there's a bug here. Its clear that the worst iterations of this are where the item involved can only be used to provide *one kind* of service. If it's Sun machines, companies could buy them to put in their internal networks, they don't have to only build e-<something> web sites with them. But with Telecom bandwidth, you're stuck. Fiber only moves bits. Voice bits or Data bits, but still bits. Which is why this bug is much worse for the Telecom people than for other kinds of equipment makers, which have multiple non-competitive uses. jcp Dave's archives: http://www.interesting-people.org/archives/interesting-people/ ------------------------------ Date: Thu, 27 Jun 2002 12:33:50 +0100 From: msimon <msimonat_private> Subject: Security in General - wireless - simplicity I think that wireless networks and www based networks for hardware control are a thing of the past. I had often thought that this was the stupidest thing I had ever heard of and so despite the personal cost had never bothered to learn the technology. Sadly events are beginning to prove me correct. I expect my retro skills to be in high demand shortly. Remember the days when everything was going to be hooked up to the net? Let us hope those days are gone for good. Wires and hard connections. Still vulnerable but at least you need physical access. No doubt this will raise costs. But you have to balance that against what a plant is worth. I am aware of new aircraft designs that are using IP for moving data in an aircraft rather than a proprietary protocol as was usual in the past. Dumb, dumb, dumb. BTW I worked on the original Raytheon ATC when I got out of the Navy in '67. It is interesting to see how badly Raytheon has bungled the replacement. If only they had gone with advanced hardware capable of future expansion and simply directly replaced the old terminals and systems 1:1. No bells and whistles. Then once they had the simple replacements proved start doing revs. But no - like all fools they got too ambitious. All they could see was how much money and how much more capable the new system was going to be. And in C yet. Where you are at the mercy of the compiler writer rather than the now relatively defunct FORTH system which produces code that is always defined the same way in every instance and is much easier to test. Simpler is better. But try telling that to any young fool who never fought in the clone wars. ------------------------------ Date: Thu, 27 Jun 2002 13:00:23 +0100 From: msimon <msimonat_private> Subject: FORTH Did I mention that FORTH could be the assembly language of a relatively simple processor? The advantage is that you get a language on a par with C that runs directly on the processor. I know of no processor that runs C code directly. You need a relatively complex compiler and lots of hardware tricks to make it run fast. The compiler becomes untestable because of all of the possible combinations and the million transistor chips become untestable for the same reason. The FORTH model is a simple processor (30,000 transistors for 16 bit - 100,00 transistors for 32 bit) with lots of stack and local memory. Memory is very testable. So are simple processors. Because of the simplicity of design the FORTH chip needs only a one level deep pipeline and no branch predictors since a pipeline miss only costs you one cycle at most. Sometimes depending on the code there is no penalty. A few years back they were getting speeds of 500 MIPs from 1 micron design rules and a 32 bit wide bus. Instructions were 5 bits so you got 6 instructions per fetch (best case). With a memory rate of 90 million fetches a second. Go to 64 bits if you need to reduce the external memory rate to a very comfortable 45 million fetches a second. But every one today is in love with complexity. Stupid, stupid, stupid. Except from a marketing standpoint. Yechh. Did I mention that all the new complexity requires a very expensive and hard to test and verify BGA package for all the interconnects vs a less dense PQFP type package that is visually inspectable vs X-ray inspection which degrades the silicon.? Yechh again. But no one listens to me. I'm not bleeding edge enough. Too simple. ------------------------------ Date: Mon, 01 Jul 2002 15:08:08 -0700 From: Alex Walker <alexat_private> Subject: 11th USENIX Security Symposium San Francisco. Check out http://www.usenix.org/sec02 for our early registration and student discounts. This year's program brings together an exceptional group of speakers to inform and educate including Keynote speaker Whitfield Diffie, co-inventor of public key cryptography and Chief Security Officer at Sun Microsystems. Diffie will talk about security policy and challenges for the 21st century. Other Invited Talks teach you why common security systems fail; how to validate and test security designs; how to make biometrics authentication work; legal aspects of the DMCA; and much more. For detailed information and to register, please visit our Web site at: http://www.usenix.org/sec02 Alex Walker, Production Editor, USENIX Association 2560 Ninth Street, Suite 215, Berkeley, CA 94710 1-510-528-8649 x33 ------------------------------ Date: Tue, 25 Jun 2002 07:44:48 -0800 From: Rob Slade <rsladeat_private> Subject: REVIEW: "Decrypted Secrets", F. L. Bauer "Decrypted Secrets", F. L. Bauer, 2002, 3-540-42674-4, U$44.95 %A F. L. Bauer %C 175 Fifth Ave., New York, NY 10010 %D 2002 %G 3-540-42674-4 %I Springer-Verlag %O U$44.95 212-460-1500 800-777-4643 rjohnson@springer-ny.com %P 474 p. %T "Decrypted Secrets: Methods and Maxims of Cryptology, 3rd Ed." Cryptology is the study of the technologies of taking plain, readable text, turning it into an incomprehensible mishmash, and then recovering the initial information. There are two sides to this study. Cryptography is the part that lets you garble something, and then recover it if you have the key. Cryptanalysis is usually seen as the "dark side" of the operation, because it is the attempt to get at the original meaning when you *don't* have the key. Most current and popular works on cryptology actually only speak about cryptography. For one thing, nobody wants to get into trouble by telling people how to break encryption. However, it is also much easier to blithely talk about key lengths and algorithms and pretend to know what you are doing than it is to demonstrate a sufficient mastery of mathematics to enable you to go about cracking a particular cipher. Bauer examines both sides, which is an important plus. If you need to decide how strong an encryption algorithm or system is, it is important to know how difficult it might be to break it. Chapter one looks at steganography, the science of hiding in plain sight, or concealing the fact that a message exists at all. In this he first demonstrates a wide ranging historical background which is quite fascinating in its own right. Basic encryption concepts are introduced by the same historical background, but move on to a very dense mathematical discussion of cryptographic characteristics in chapter two. Encryption functions are started in chapter three, and it is delightful to have examples other than Julius Caesar's substitution code. Polygraphic substitutions are in chapter four and the math for advanced substitutions is in chapter five. Chapter six introduces transpositions. Families of alphabets, and rotor encryptors such as ENIGMA, are reviewed in chapter seven. Keys are discussed in chapter eight, ending with a brief look at key management. Chapter nine covers the combination of methods resulting in systems such as DES (Data Encryption Standard). The basics of public key encryption are introduced in chapter ten. The relative security of encryption is introduced in chapter eleven, leading to part two. However, Chapter eleven also ends with a discussion of cryptology and human rights, concentrating mainly, although not exclusively, on the US public policy debates. Part two examines the limits of functions used in cryptography, and thus the points of attack on encryption systems. Chapter twelve calculates complexity, and thus the size of brute force attacks. Known plaintext attacks are the basis of chapters thirteen to fifteen, looking first at general patterns, then at probable words, and finally at frequencies. Frequency leads to a discussion of invariance in chapter sixteen. Chapter seventeen follows with a look at key periodicity. Alignment of alphabets is covered in chapter eighteen. Of course, cryptographic users sometimes make mistakes, and chapter nineteen reviews the different errors and various ways to take advantage of them. Chapter twenty one looks at anagrams as an effective attack on transposition ciphers. The concluding chapter muses on the relative effectiveness of attacks and of cryptanalysis overall. Those seriously interested in cryptology will really *need* to be serious: brush up on your number theory if you want to use this book for anything. This third edition is essentially and structurally unchanged from its predecessors, although it has been updated to reflect the latest algorithms and technologies. Bauer's history and vignettes from the story of codes and the codebreakers are interesting, amusing, and accessible to anyone. copyright Robert M. Slade, 1998, 2002 BKDECSEC.RVW 20020520 rsladeat_private rsladeat_private sladeat_private p1at_private http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade ------------------------------ Date: 29 Mar 2002 (LAST-MODIFIED) From: RISKS-requestat_private Subject: Abridged info on RISKS (comp.risks) The RISKS Forum is a MODERATED digest. Its Usenet equivalent is comp.risks. => SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) if possible and convenient for you. Alternatively, via majordomo, send e-mail requests to <risks-requestat_private> with one-line body subscribe [OR unsubscribe] which requires your ANSWERing confirmation to majordomoat_private . If Majordomo balks when you send your accept, please forward to risks. [If E-mail address differs from FROM: subscribe "other-address <x@y>" ; this requires PGN's intervention -- but hinders spamming subscriptions, etc.] Lower-case only in address may get around a confirmation match glitch. INFO [for unabridged version of RISKS information] There seems to be an occasional glitch in the confirmation process, in which case send mail to RISKS with a suitable SUBJECT and we'll do it manually. .MIL users should contact <risks-requestat_private> (Dennis Rears). .UK users should contact <Lindsay.Marshallat_private>. => The INFO file (submissions, default disclaimers, archive sites, copyright policy, PRIVACY digests, etc.) is also obtainable from http://www.CSL.sri.com/risksinfo.html ftp://www.CSL.sri.com/pub/risks.info The full info file will appear now and then in future issues. *** All contributors are assumed to have read the full info file for guidelines. *** => SUBMISSIONS: to risksat_private with meaningful SUBJECT: line. => ARCHIVES are available: ftp://ftp.sri.com/risks or ftp ftp.sri.com<CR>login anonymous<CR>[YourNetAddress]<CR>cd risks [volume-summary issues are in risks-*.00] [back volumes have their own subdirectories, e.g., "cd 21" for volume 21] http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue]. Lindsay Marshall has also added to the Newcastle catless site a palmtop version of the most recent RISKS issue and a WAP version that works for many but not all telephones: http://catless.ncl.ac.uk/w/r http://the.wiretapped.net/security/info/textfiles/risks-digest/ . http://www.planetmirror.com/pub/risks/ ftp://ftp.planetmirror.com/pub/risks/ ==> PGN's comprehensive historical Illustrative Risks summary of one liners: http://www.csl.sri.com/illustrative.html for browsing, http://www.csl.sri.com/illustrative.pdf or .ps for printing ------------------------------ End of RISKS-FORUM Digest 22.14 ************************
This archive was generated by hypermail 2b30 : Tue Jul 09 2002 - 12:10:41 PDT