[risks] Risks Digest 22.61

From: RISKS List Owner (riskoat_private)
Date: Thu Mar 06 2003 - 17:33:38 PST

  • Next message: RISKS List Owner: "[risks] Risks Digest 22.62"

    RISKS-LIST: Risks-Forum Digest  Thursday 6 March 2003  Volume 22 : Issue 61
    
       FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
       ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
    
    ***** See last item for further information, disclaimers, caveats, etc. *****
    This issue is archived at <URL:http://catless.ncl.ac.uk/Risks/22.61.html>
    and by anonymous ftp at ftp.sri.com, cd risks .
    
      Contents: [Possible duplicate resulting from partial distribution]
    Slight change in RISKS e-mail procedure (RISKS List Owner)
    Computer error means 2.3-trillion-pound electricity bill (Fuzzy Gorilla)
    Computer error halts fuel payments (Fuzzy Gorilla)
    Indiana University Center's computers breached by hacker (Sheri Alpert)
    Risks of using Tax IDs for other things (Peter Wayner)
    28 Krispy Kreme customers each charged over $84,000 (Fuzzy Gorilla)
    Visa moves to improve customers' privacy (PGN)
    Credit-card fraud (Thomas Kristmar)
    Credit company's customer list leaked to an underground gang (Chiaki Ishikawa)
    16M Yen stolen from sniffed bank passwords at Internet Cafe (Chiaki Ishikawa)
    Wrongly jailed woman blames system (Fuzzy Gorilla)
    Re: Reversed 2002 election results in Alabama still unexplained
      (Dale Pennington, PGN)
    Re: Computer error grounds Japanese flights (Chiaki Ishikawa)
    Re: BSA Accuses OpenOffice ftp sites of piracy (Fritz Whittington)
    New IEEE Security and Privacy magazine (Gary McGraw)
    REVIEW: "Security in Computing", Charles Pfleeger/Shari Pfleeger (Rob Slade)
    Abridged info on RISKS (comp.risks)
    
    ----------------------------------------------------------------------
    
    Date: Thu, 6 Mar 2003 10:48:55 PST
    From: RISKS List Owner <riskoat_private>
    Subject: Slight change in RISKS e-mail procedure
    
    Although it should be largely invisible to you, this issue is being sent out
    in a way that should dramatically simplify our processing of the steadily
    large number of e-mail bounces (including unresolvable black-hole bounces
    for no-longer-existing mail exchangers).  This will enable us to more easily
    cull out the offending addresses.  We will still be very conservative in not
    removing temporarily offending addresses.  Please let us know if you find
    yourself inadvertently no longer receiving RISKS.  Many thanks to Mike
    Hogsett, who has been superb in putting up with the strain that RISKS puts
    on our e-mail servers.
    
      [The upgrade did not work perfectly.  Apologies if this is a duplicate.]
    
    ------------------------------
    
    Date: Tue, 04 Mar 2003 18:35:36 -0500
    From: "Fuzzy Gorilla" <fuzzygorillaat_private>
    Subject: Computer error means 2.3-trillion-pound electricity bill
    
    The *Yorkshire Post* reports that after a man had forgotten to pay an
    earlier electricity bill of 59 pounds from British Gas for a house in
    Fartown, Huddersfield, he received a final demand for 2,320,333,681,613
    pounds.  After he was threatened with court action, the local media
    intervened.  At that point, British Gas admitted there had been a mistake,
    ``with a computer mixing up the reference number for the property.''  On the
    other hand, a BG spokeswoman was quoted as saying that it was a ``simple
    clerical mistake''.  [PGN-ed]
      http://www.ananova.com/news/story/sm_756911.html
    
    ------------------------------
    
    Date: Tue, 04 Mar 2003 18:41:51 -0500
    From: "Fuzzy Gorilla" <fuzzygorillaat_private>
    Subject: Computer error halts fuel payments
    
    1,128 people over 60 are still waiting for their 200-pound winter fuel
    payments, two months after they should have been paid.  The Department for
    Work and Pensions (DWP) told the BBC that the computer system which handles
    payments has 'lost' their records, and that they would have to trace back to
    the original applications.  [Source: BBC, Money Box, Paul Lewis, 18 Feb
    2003; PGN-ed]
      http://news.bbc.co.uk/1/hi/programmes/moneybox/2764451.stm
    
    ------------------------------
    
    Date: Wed, 5 Mar 2003 14:54:01 -0500 (EST)
    From: Sheri Alpert <salpertat_private>
    Subject: Indiana University Center's computers breached by hacker
    
    [Source: Article by Terry Horne <terry.horneat_private>, telephone
    1-317-444-6082, *The Indianapolis Star*, 28 Feb 2003; PGN-ed]
    http://www.indystar.com/print/articles/3/025875-2223-P.html
    (another story at: http://www.sagamore.iupui.edu/32/32-24/24hacker.html)
    
    About 7,000 patients of the Indiana University Center for Sleep Disorders
    have had the confidentiality of their Social Security numbers and other
    personal information compromised by a hacker who broke into the center's
    computer on 27 Nov 2002, although it was not discovered until 3 Jan 2003.
    Reportedly, there is no evidence any identities were
    stolen or even that files were offloaded.  Intent had apparently to use
    this computer system as a bridge to other university computers.
    
      [This intrusion might have caused some additional sleep disorders after
      the patients were notified.  PGN]
    
    ------------------------------
    
    Date: Thu, 6 Mar 2003 14:03:55 -0500
    From: Peter Wayner <pcwat_private>
    Subject: Risks of using Tax IDs for other things
    
    A Princeton student tried PNC's new Internet banking Web site to check his
    student organization's funds and found he could access *all* of the
    university's accounts holding almost $10 million in total.  The student
    organization used the same taxpayer ID number as the rest of the university,
    and the bank's Web site used the ID to link the records.
    
      http://story.news.yahoo.com/news
      ?tmpl=story2&cid=816&ncid=816&e=5&u=/ap/20030306/ap_on_fe_st/banking_glitch
    
    ------------------------------
    
    Date: Tue, 04 Mar 2003 19:31:54 -0500
    From: "Fuzzy Gorilla" <fuzzygorillaat_private>
    Subject: 28 Krispy Kreme customers each charged over $84,000
    
    A Krispy Kreme doughnut shop in Albuquerque seemingly greased its coffers
    while figuratively deep-frying over two dozen customers.  Irrespective of
    what they ordered, each of 28 customers using a credit card were charged
    EXACTLY $84,213.60 for the purchase.  KK blamed Heartland Payment Systems,
    which processes their credit-card transactions.  [Source: KRQE News 13,
    Albuquerque, N.M., 19 Feb 2003; PGN-ed]
      http://www.krqe.com/Global/story.asp?S=1140274
    
      [These charges were actually APPROVED, and of course also blew the
      customers' credit ratings for a few days.  Amazing!
        ``The $84,000 charge, were it legitimate, would have purchased over
        170,000 ... doughnuts, enough to stretch over 9 miles if placed
        end-to-end.''
      (But a few days later, the doughnuts might have settled into substantial
      paving bricks.  Or do Krispy Kremes have a shelf-life of years, like
      the bread and chocolate used in Des(s)ert Shield?)  Of course, stacked
      vertically, they would reach almost 2 miles high.
      Somehow, the name ``Heartland'' seems incompatible with the concept of
      Krispy Kremes, unless it is related to a hospital with the same name.
      PGN]
    
        [Three sentences back, I have added "(s)" in the archive copy, 
        inspired by Mike Yuhas.  PGN]
    
    ------------------------------
    
    Date: Thu, 6 Mar 2003 07:43:42 -0800
    From: "Peter G. Neumann" <neumannat_private>
    Subject: Visa moves to improve customers' privacy
    
    Visa International (with over 1 billion credit cards in circulation) is
    introducing a new company policy today prohibiting the display of all but
    the last four digits of a credit-card number on consumer receipts, a move
    intended to better protect customers' privacy and reduce identity theft.
    The policy will also remove the expiration date from receipts.  The newly
    proposed Senate Identity Theft Protection Act would make this policy
    mandatory for all credit-card companies.  (Since 2000, identity theft has
    consistently been the most common complaint to the Federal Trade Commission,
    with over 160,000 complaints in 2002.)  [Source: Chris Baker, *The
    Washington Times*, 6 Mar 2003; PGN-ed]
      http://washingtontimes.com/business/20030306-3647521.htm
    
    ------------------------------
    
    Date: Wed, 05 Mar 2003 12:11:38 +0100
    From: "Thomas Kristmar" <TKat_private>
    Subject: Credit-card fraud
    
    An interesting story in a Danish newspapar (in danish,alas)
    http://www.bt.dk/Forside.pl?aid=130204
    
    A postman intercepted the new credit card sent to a bank client and waited a
    few days and then intercepted the pincode also. The postman made a copy of
    the credit card and read the pincode before delivering the card and pincode
    a few days later to the client.  Then he waited a few months.  The postman
    was caught because he used the card excessively in a 14-day period, stealing
    the equivalent of 24.000 euros.  [That's 24,000 euros in English.  PGN]
    
    The problem here is that all Danish credit cards and pincodes are issued
    from one location in plain envelopes with a return address. A postman can
    easily identify the cards and pincode letters. The pincode is printed in a
    tamperproof envelope, but affixing a "sorry, the envelope was damaged during
    handling" from the Postoffice will fool the average customer.
    
    ------------------------------
    
    Date: Wed, 05 Mar 2003 21:04:52 +0900
    From: Chiaki Ishikawa <ishikawaat_private>
    Subject: Credit company's customer list leaked to an underground gang
    
    On Japanese TV nightly news, I just learned that a large Japanese credit
    corporation, called Orient Corporation, fired a local branch manager-level
    senior employee who had leaked the list of about 15,000 customers with
    credit card usage, etc. to a member of a Japanese gang syndicate, who in
    turn blackmailed the company and demanded 200,000,000 YEN.  Both were
    arrested by police today.
    
    Computers have made it so easy to steal such large list of customer
    information (to wit, involving 8 million credit-card users in the past
    couple of weeks).  If such weakness is employed by an insider, then it would
    be really difficult to protect such information at all.
    
    In this case, it was a senior employee, who was second in command to the
    local branch manager, and so my hope of protecting such information from
    abuse is now getting very thin.
    
    Orient Corporation web page (in Japanese)
    http://www.orico.co.jp/orico/index.asp
    
    PS: At least, this company is quick to publicize the response to this
    incidence: the web page has a link to this blackmailing incident. Oh, wait,
    the link failed to show the contents yet. Since the arrest was announced
    only a couple of hours ago, maybe the web site is going through change at
    21:00.  I saw the TV news only about 10 minutes ago.
    
    ------------------------------
    
    Date: Fri, 07 Mar 2003 00:40:28 +0900
    From: Chiaki Ishikawa <ishikawaat_private>
    Subject: 16M Yen stolen from sniffed bank passwords at Internet Cafe
    
    On March 6th, two men have been arrested for illegally transferring 16
    million YEN from someone's CityBank online banking service account to a
    third party account and then take the money from it, Tokyo police announced.
    
    From the descriptions of newspaper articles, it seems that one of the
    culprits has installed keyboard sniffer programs on about hundred PCs at a
    dozen or so Internet Cafes in Tokyo and Kanagawa prefecture (south of
    Tokyo).  He has regularly visited the cafes and brought back the recorded
    data with him, and searched for ID/password, and other identification
    information.
    
    At the charged man's home, the police has found ID/password for 719
    accounts, and about a couple of hundred user profiles meant for dating
    services.
    
    One such ID/password for a man's City Bank online banking service was used
    to transfer 16 million Yen to a different account at another bank from which
    the money was withdrawn.
    
    This is the first time that a keyboard sniffer is implicated in a large
    scale ID theft in Japan, from what I know.
    
    It beats me, though, why anyone wants to use a PC at Internet cafe for one's
    banking service.  (We should assume doing something on it, like writing a
    memo, for example, is akin to writing on a memo pad on a desk at a public
    library under which a carbon paper may be secretly placed to record
    information and we never know. For that matter, even without the carbon
    paper, we often can see the telephone number, etc. left by the previous user
    by looking at the indented marks on the next paper sheet, don't we? )
    
    I think the general public should be taught more about the security
    implications of various Internet services, which may look useful and handy
    on the surface, but may not be so attractive if the security implications
    are taken into account. I think it should be the responsibility for the
    service provider to tell such risks, but I am not sure how to go about
    writing a law because "risk" is a relative thing.
    
    This has been a busy week for computer security professionals in Japan.
    First the computer system for handling nations's flight plans collapsed on
    the morning March 1st.  Then a large credit card company, Oriental Corp.,
    announced the leak of 15,000 user profiles to a member of an underground
    gang group who blackmailed the company and was arrested.  Then this
    incident.
    
    I hope the general public will start to pay more attention to the computer
    security issues thanks to these high-profile incident.  (The ID theft using
    keyboard sniffer was the front page head line article in the evening edition
    of *Asahi Shimbun*.  It occupies about 1/5 of the paper and is very
    conspicuous.)
    
    ------------------------------
    
    Date: Tue, 04 Mar 2003 19:21:38 -0500
    From: "Fuzzy Gorilla" <fuzzygorillaat_private>
    Subject: Wrongly jailed woman blames system
    
    Excerpts, FG-highlights and PGN-ed summarization of a long item
    from 11Alive News, Jennifer Leslie, 30 Jan, 10 Feb, 24 Feb 2003:
      http://www.11alive.com/news/news_article.asp?storyid=27020
      http://www.11alive.com/news/news_article.asp?storyid=28128
    
      "In the first part of this report, 11Alive News Investigative Reporter
      Jennifer Leslie focused on problems with some information in the National
      Criminal Information Computer System that led to as many as 25 percent of
      all arrest warrants in Metro Atlanta being inaccurate and incomplete or
      invalid.  In the second part, Leslie's report focuses on what happens when
      police officers arrest the wrong person because of problems in the
      system."
    
    Highlights (FG):
     * As many as 25 percent of all arrest warrants in Metro Atlanta
       are inaccurate, and incomplete or invalid.  This average is eight times
       the national average.
     * It is easy to confuse two people that share part of a name in common.
     * It is easy to have cascading errors -- once the name was wrong,
       someone else added a wrong SSN.
     * Guilty until proven innocent -- if you lose your receipt, you can
       spend a long time trying to correct a mistake.
     * It is hard to justify success/failure rates if no records are kept.
    
    Mistaken identity (PGN-ed):
     * Melissa Long (8.5 months pregnant) and her husband were stopped by police
       for a missing license plate.  After an NCIC check, she was handcuffed
       and jailed for 10 hours in a 6x8 cell with five other women, supposedly
       for an outstanding warrant for domestic violence.  It was eventually
       realized that the warrant was for someone else with the same name, but
       different middle names and birth dates.  The Sheriff's office had added
       to the confusion by putting the wrong SSN on the NCIC warrant and leaving
       other information unspecified.  Because she was already in the county
       computer as a witness in an unrelated case, the police used THAT info
       to fill out her arrest warrant!
    
    Expired warrants (PGN-ed): 
     * Innocent people across Metro Atlanta are going to jail because their old
       arrest warrants were never taken out of a statewide computer system.
     * Nicole Thomas needed a criminal background check to apply for a job as 
       a teacher at her son's daycare center in August 2001,  As a result, she
       was jailed -- because of a warrant for an expired tag.  But that warrant
       should have been withdrawn because she had already paid the fine.  (She
       was not allowed the customary phone call.)
     * One other similar case discussed in detail.
     * Procedures to prevent this kind of abuse are not followed.
    
    Error rates for the 11 metro departments:
    
    Atlanta Police Dept.
    2001 18%
    1999 1.8%
    
    Cherokee County Sheriff's Dept.
    2002 16%
    2000 22%
    
    Clayton County Sheriff's Dept.
    2001 21.6%
    1998 16%
    
    Cobb County Sheriff's Dept.
    2001 22%
    1998 22%
    
    Dekalb County Sheriff's Dept.
    2000 57% 
    1998 40% 
    
    Douglas County Sheriff's Dept.
    2001 7% 
    2000 22%
    
    Fayette County Sheriff's Dept.
    2000 0% 
    2002 0% 
    
    Fulton County Sheriff's Dept.
    2000 80% (more recent audit shows 5%)
    1998 28%
    
    Gwinnett County Sheriff's Dept.
    2001 28% (more recent audit shows 6.6%)
    1999 31%
    
    Henry County Sheriff's Dept.
    2002 20%
    2000 30%
    
    Smyrna Police Dept.
    2001  16%
    1998  16%
    
    ------------------------------
    
    Date: Tue, 4 Mar 2003 08:49:41 -0600 
    From: "Dale Pennington" <Dale.Penningtonat_private>
    Subject: Re: Reversed 2002 election results in Alabama still unexplained
      (PGN-ed, RISKS-22.60)
    
    I wish you had read the article a little more carefully. As I live in
    Alabama I followed this story carefully.
    
    The time line is that on election night the unofficial total posted to the
    press by the county showed Don Siegelman(D) as winning. This was considered
    suspicious as the county is question tends to vote heavy Republican. It was
    determined that while the precinct totals were correct, the overall total
    (which was not official) was wrong by 6300 votes in Siegelman's favor. When
    corrected, Bob Riley(R) was the winner of the county and the state.
    
    *The Mobile Register* article is consistent with the above. It says the
    cartridge that was used to get the first night total (Siegelman wins) was in
    error and the ballot count backed up the eventual (Riley) winner.  The
    question is how the cartridge used to get the unofficial totals the first
    night went bad.
    
    To sum it up, the person who got the most votes DID win.
    
    ------------------------------
    
    Date: Wed, 5 Mar 2003 8:58:30 PST
    From: "Peter G. Neumann" <neumannat_private>
    Subject: Re: Reversed 2002 election results in Alabama still unexplained
      (Pennington, RISKS-22.61)
    
    Many thanks to Dale.  I'm glad to be able to correct the RISKS record.
    
    I reread the original article repeatedly, and I can see why I reached a
    misinterpretation in my conclusions.  The article was ambiguous as to how
    the final official count was reached.  In this case, the overall process is
    complicated, with integrity and reliability risks throughout -- relating to
    the optical-scan ballots, the local tabulation device that scans them, the
    cartridge that records the local results, the paper record of the local
    results, the aggregate centralized counting process, and the resolution of
    any conflicts.
    
    Here are two of the relevant paragraphs from the cited article.
    
      Initial, unofficial results from Baldwin County showed that Democrat Don
      Siegelman garnered about 19,070 votes in the county, enough to give him a
      razor-thin victory over Republican challenger Bob Riley.  The next
      morning, however, officials said those totals were inaccurate and
      certified returns giving Siegelman about 6,300 fewer votes -- enough to
      swing the election to Riley.
    
        [...]
    
      Officials have traced the problem to a data pack from the Magnolia Springs
      voting location. They said the vote-counting machine there printed out
      accurate results when the polls closed at 7 p.m.  But they said the
      cartridge, which resembles an eight-track cassette, gave bogus figures
      when it was plugged into the computer in Bay Minette.
    
    An important conclusion from this case remains.  In the absence of an actual
    recount of the hardcopy ballots (which is especially a problem with
    all-electronic voting systems in which there is no voter-verified paper
    record), there remain questions as to whether there was fraud or error.  In
    this case, the detected discrepancy among the paper counts, the cartridges,
    and the final total forced a reassessment (but not a recount).  But in cases
    of disagreement, it is important to be able to ascertain what is correct.
    
    The deeper implication of this case is of course that in the absence of
    meaningful audit trails and voter-verified ballots or ballot images, the
    entire election process can be subject to unresolvable questions.  In
    all-electronic systems, the absence of a voter-verified ballot image makes
    it possible in any voting machine for the electronic totals at the end of
    the day to agree completely with the printed totals, but for both of them to
    be seriously in error, for any of a variety of reasons.
    
    ------------------------------
    
    Date: Wed, 05 Mar 2003 21:04:52 +0900
    From: Chiaki Ishikawa <ishikawaat_private>
    Subject: Re: Computer error grounds Japanese flights (RISKS-22.60)
    
    The Ministry Web page finally had a short comment about the incident (in
    Japanese, of course) on 3 Mar, whereas the incident occurred on 1 Mar.  I
    know it was a weekend, but since I noticed a well-attended press conference
    about the incident over TV, I would think a brief transcript of the
    presentation would have been enough and useful to put on the Web to the many
    Japanese who tried to learn what was going on on Saturday.
    
    The following is the short notice, mostly the expression of the apology, not
    much detail about the technical problem which I learned from newspaper
    articles.
      http://www.mlit.go.jp/koku/030301.html
    
    ------------------------------
    
    Date: Tue, 04 Mar 2003 17:19:57 GMT
    From: Fritz Whittington <f.whittingtonat_private>
    Subject: Re: BSA Accuses OpenOffice ftp sites of piracy (RISKS-22.60)
    
    Since they state "the information in this notification is accurate and
    states, under penalty of perjury, that it is authorized to act in this
    matter" then, considering that the information is patently false, to which
    jurisdiction do we report their perjury?  The EU courts, the US courts?
    Perhaps both? Is it possible to commit perjury when you aren't testifying?
    
    Sigh.  The computer-related risk here is enormous.  Dependence on computers
    is apparently making a significant fraction of the population incurably
    stupid.
    
    ------------------------------
    
    Date: Thu, 6 Mar 2003 08:56:22 -0500
    From: Gary McGraw <gemat_private>
    Subject: New IEEE Security and Privacy magazine
    
    The IEEE Computer Society has created a new magazine called "Security and
    Privacy" specifically for the security community
    <http://www.computer.org/security/>.  The magazine intends to present a
    balanced mix of scientific research and practical security discussion.  One
    key aim is to cut through the security hype promulgated by commercial trade
    magazines.  The first issue came out last month.  The editorial board is
    eager to publish cutting edge research in the peer-reviewed section of the
    magazine.  Send your best papers to <sprivacyat_private>.  Also as a
    member of the task force, I welcome candid feedback via e-mail.
    
    ------------------------------
    
    Date: Wed, 5 Mar 2003 08:01:41 -0800
    From: Rob Slade <rsladeat_private>
    Subject: REVIEW: "Security in Computing", Charles Pfleeger/Shari Pfleeger
    
    BKSCNCMP.RVW   20030209
    
    "Security in Computing", Charles P. Pfleeger/Shari Lawrence Pfleeger,
    2003, 0-13-035548-8, U$79.00/C$122.99
    %A   Charles P. Pfleeger
    %A   Shari Lawrence Pfleeger s.pfleegerat_private
    %C   One Lake St., Upper Saddle River, NJ   07458
    %D   2003
    %G   0-13-035548-8
    %I   Prentice Hall
    %O   U$79.00/C$122.99 +1-201-236-7139 fax: +1-201-236-7131
    %O  http://www.amazon.com/exec/obidos/ASIN/0130355488/robsladesinterne
      http://www.amazon.co.uk/exec/obidos/ASIN/0130355488/robsladesinte-21
    %O   http://www.amazon.ca/exec/obidos/ASIN/0130355488/robsladesin03-20
    %P   746 p.
    %T   "Security in Computing"
    
    This work is still obviously a textbook.  The attempts to target it at a
    "professional" audience are possibly more convincing than in the first
    edition, but it still reads like a text, and includes material that is
    addressed at a scholastic, rather than experienced, audience.  Even as a
    textbook it difficult to say that it succeeds.  It addresses a broad range
    of computer security related topics, although there is a notable shortage of
    material dealing with formal security models, access concepts, operational
    procedures, physical security, and business continuity.  The level of detail
    in the different areas varies greatly, but the shortcomings of the book
    could be addressed in the hands of a competent teacher.
    
    The ten chapters in the book are not divided into parts, but seem, in some
    cases, to come in chunks.  The introductory chapter is an overview of basic
    concepts involved with system security.  Unfortunately, not all of them are
    explained fully.  The idea of controls, for example, is a vital one, but the
    full ranges and types of controls are not outlined.  There are also some
    not-quite-standard additions to the lexicon, such as an attempt to divide
    threats into four classes: interception, interruption, modification, and
    fabrication.  It is difficult to see why fabrication is added to the list,
    or why this provides a clearer view of threats than simply looking to the
    opposites of confidentiality, integrity, and availability.  Cryptography
    starts in chapter two (and, oddly, ends in chapter ten).  The early coverage
    steps through different types of simple encryption algorithms, followed up
    by cryptanalysis of the same.  It strenuously avoids using any arithmetic,
    which makes discussions of key sizes and strengths a bit difficult, but
    throws in lots of symbolic logic, which seems to serve only to cloud the
    issue.
    
    Chapter three starts what might be seen as a section on secure systems
    development.  This is an important, and often neglected, topic, and is
    generally covered reasonably well.  However, the material is not always
    completely clear and rigorous.  For example, it is implied that Thompson,
    rather than Cohen, was the first to investigate viruses.  Leaving aside the
    fact that Cohen's work started a year before Thompson's lecture (only the
    date of Cohen's graduation is given), Thompson's thought experiment proposed
    only an extremely limited form of reproduction.  Again, when discussing
    covert channels, both the terms "timing channel" and "storage channel" are
    used, but all the examples given relate only to timing channels.  Operating
    system protections are supposed to be covered in chapter four, but the
    content is an odd amalgam of computer architecture and high level access
    control.  In regard to designing trusted operating systems, chapter five
    starts with a very poor outline of formal models (the test is not clear,
    and, again, the addition of symbolic logic fails to assist in the tutorial),
    presents a fair review of operating system requirements, and then spends a
    lot of time going over various evaluation criteria, without presenting much
    content of any use.  The outline of database security is disappointing:
    chapter six spends too much time on specific details, while almost ignoring
    major concepts such as aggregation.
    
    Chapter seven, the longest in the book, devotes excessive space to basic
    communications technologies, including two copies of the section on
    transmission methods.  Administration, in chapter eight, provides the usual
    generic advice on planning, risk, and policies.  Intellectual property,
    computer crime, and ethics are presented as problems with no solutions, in
    chapter nine.  The closing chapter provides a whirlwind of the mathematics
    related to cryptography in an impressive, disorganized, and basically
    pointless display.
    
    This book could definitely use a wholesale reorganization and cleanup.  The
    level and tone of the content varies tremendously from section to section,
    even within given chapters.  While most computer security topics appear
    somewhere within the work, there is very little in the way of logical flow
    or links between subjects.  Major areas seem to be thrown in with minor
    sections simply because they had to be put somewhere.  In terms of
    textbooks, I do not know that there is much to choose between this volume
    and Bishop's "Computer Security: Art and Science" (cf. BKCMSCAS.RVW),
    although Pfleeger and Pfleeger might have a slight edge.  Certainly
    Gollman's "Computer Security" (cf.  BKCOMPSC.RVW) is superior to both.  And,
    depending upon the course, Anderson's "Security Engineering"
    (cf. BKSECENG.RVW) probably outranks them all.
    
    copyright Robert M. Slade, 1993, 2003   BKSCNCMP.RVW   20030209
    rsladeat_private  rsladeat_private  sladeat_private p1at_private
    http://victoria.tc.ca/techrev    or    http://sun.soci.niu.edu/~rslade
    
    ------------------------------
    
    Date: 29 Mar 2002 (LAST-MODIFIED)
    From: RISKS-requestat_private
    Subject: Abridged info on RISKS (comp.risks)
    
     The RISKS Forum is a MODERATED digest.  Its Usenet equivalent is comp.risks.
    => SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent)
     if possible and convenient for you.  Alternatively, via majordomo,
     send e-mail requests to <risks-requestat_private> with one-line body
       subscribe [OR unsubscribe]
     which requires your ANSWERing confirmation to majordomoat_private .
     If Majordomo balks when you send your accept, please forward to risks.
     [If E-mail address differs from FROM:  subscribe "other-address <x@y>" ;
     this requires PGN's intervention -- but hinders spamming subscriptions, etc.]
     Lower-case only in address may get around a confirmation match glitch.
       INFO     [for unabridged version of RISKS information]
     There seems to be an occasional glitch in the confirmation process, in which
     case send mail to RISKS with a suitable SUBJECT and we'll do it manually.
       .UK users should contact <Lindsay.Marshallat_private>.
    => The INFO file (submissions, default disclaimers, archive sites,
     copyright policy, PRIVACY digests, etc.) is also obtainable from
     http://www.CSL.sri.com/risksinfo.html  ftp://www.CSL.sri.com/pub/risks.info
     The full info file will appear now and then in future issues.  *** All
     contributors are assumed to have read the full info file for guidelines. ***
    => SUBMISSIONS: to risksat_private with meaningful SUBJECT: line.
    => ARCHIVES are available: ftp://ftp.sri.com/risks or
     ftp ftp.sri.com<CR>login anonymous<CR>[YourNetAddress]<CR>cd risks
       [volume-summary issues are in risks-*.00]
       [back volumes have their own subdirectories, e.g., "cd 21" for volume 21]
     http://catless.ncl.ac.uk/Risks/VL.IS.html      [i.e., VoLume, ISsue].
       Lindsay Marshall has also added to the Newcastle catless site a
       palmtop version of the most recent RISKS issue and a WAP version that
       works for many but not all telephones: http://catless.ncl.ac.uk/w/r
     http://the.wiretapped.net/security/info/textfiles/risks-digest/ .
     http://www.planetmirror.com/pub/risks/ ftp://ftp.planetmirror.com/pub/risks/
    ==> PGN's comprehensive historical Illustrative Risks summary of one liners:
        http://www.csl.sri.com/illustrative.html for browsing,
        http://www.csl.sri.com/illustrative.pdf or .ps for printing
    
    ------------------------------
    
    End of RISKS-FORUM Digest 22.61
    ************************
    



    This archive was generated by hypermail 2b30 : Thu Mar 06 2003 - 18:12:35 PST