[RISKS] Risks Digest 23.89

From: RISKS List Owner (risko@private)
Date: Fri Jun 10 2005 - 11:28:27 PDT


RISKS-LIST: Risks-Forum Digest  Friday 10 June 2005  Volume 23 : Issue 89

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
  <http://catless.ncl.ac.uk/Risks/23.89.html>
The current issue can be found at
  <http://www.csl.sri.com/users/risko/risks.txt>

  Contents:
United abandons Denver Airport baggage system (PGN)
More on the FBI Virtual Case File demise (Dan Eggen via PGN)
Plane diverts after erroneous hijack alert (Geoff Kuenning)
Self-service photo kiosk retains images, leads to prosecution
  (Matt Fichtenbaum)
Search Engine Dependence Syndrome (PGN)
Intelligence vs. Common Sense (Kevin N Haw)
The Risks of HTML (William Colburn)
Method discovered of cracking Bluetooth security (Pete Mellor)
Messaging and Security Feature Pack for Windows Mobile 5.0 (Alpha Lau)
Challenge/response e-mail filtering (Atom Smasher)
Wide-scale industrial espionage using Trojan horses in Israel (Gadi Evron)
Bold thieves build complete ATM (James Bauman)
Spammer using Yahoo service and Google's name to hide actual server
  (Joe Smith)
Future ChoicePoint-related flaws (David B. Lewis)
Re: Michigan message board says speed limit 100 mph (Bob Heuman)
Zabasearch, and coverage thereof (Jay R. Ashworth)
Re: MarketScore exploit (Chris Smith, Doug Burbidge)
Re: "Rumplestiltskin worm" on the loose? (James W. Adams)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Thu, 9 Jun 2005 14:27:05 PDT
From: "Peter G. Neumann" <neumann@private>
Subject: United abandons Denver Airport baggage system

United Airlines has decided to stop using its controversial automated
baggage-handling system at Denver International Airport, reverting to a
conventional manual system by the end of 2005.  The automated system (which
began operation in 1995) never lived up to original expectations.  It had
enormous difficulties in its early days, including construction delays, cost
overruns, lost bags, damaged luggage, derailed cars, traffic jams, upgrade
problems, political battles, and so on.  (For example, see RISKS-17.61 and
18.66).  United is apparently obligated to pay $60 million a year for
another 25 years under its lease contract with the city of Denver (which
owns the airport).  However, United expects to save $1 million a month in
operating costs by NOT using the automated system.  The airport cost $250
million to build (BAE Automated Systems of Dallas, no longer in existence),
and the city reportedly put up another $100 million for construction and
$341 million to get it to work.  [Source: AP item, 7 Jun 2005; PGN-ed]
http://msnbc.msn.com/id/8135924/

    [The system will soon be carrion!  Carry on with carry-on.  PGN]

------------------------------

Date: Sun, 5 Jun 2005 18:57:18 PDT
From: "Peter G. Neumann" <neumann@private>
Subject: More on the FBI Virtual Case File demise

A recent report for the House Appropriations Committee has once again put
the FBI's Virtual Case File (VCF, see RISKS-23.66) development effort under
scrutiny.  (The $170 million project was scuttled earlier this year.)  An
FBI report in 2004 had identified 400 problems with early versions, but the
contractor was never informed.  $17 million was spent on a testing program
in December 2004 even after it seemed evident that the project would have to
be scrapped.  The new report documents many "errors and misjudgments that
were made during the software project's troubled history."  [Source: an
article by Dan Eggen, FBI Pushed Ahead With Troubled Software, *The
Washington Post*, 6 June 2005; PGN-ed]

http://www.washingtonpost.com/wp-dyn/content/article/2005/06/05/AR2005060501213.html

------------------------------

Date: 04 Jun 2005 23:34:45 +0200
From: Geoff Kuenning <geoff@private>
Subject: Plane diverts after erroneous hijack alert

The following story:
  http://news.bbc.co.uk/go/rss/-/1/hi/uk/4607657.stm
tells of a U.S.-bound aircraft diverted to Canada (with fighter escort)
after accidentally transmitting a hijack warning.

The thing that strikes me most about the article is the following sentence:

  ...the false alarm was caused by a malfunction which meant that when the
  transponder began transmitting the 4-digit hijack code, the crew were
  unable to shut it off.

Huh?  It seems to me that "unable to shut off the alarm" is the proper
behavior for such a system.  You don't want a hijacker to hold a gun to the
pilot's head, saying "Either shut off the hijack code or I'll kill you and
crash the whole plane."  Much better to make the switch one-way and spend
the extra money and inconvenience to escort the plane to a safe landing spot
while you investigate whether there really was a hijacking or it was a false
alarm.

Sometimes the proper fail-safe response is to insist on a human decision.

Geoff Kuenning   geoff@private   http://www.cs.hmc.edu/~geoff/

------------------------------

Date: Thu, 09 Jun 2005 21:17:39 -0400
From: Matt Fichtenbaum <mattfic@private>
Subject: Self-service photo kiosk retains images, leads to prosecution

*The Boston Globe* 9 Jun 2005 carries an Associated Press story about a man
in New Hampshire who had taken some risque' digital photos of his
granddaughter.  He printed them out at a Kodak self-service print kiosk at a
CVS pharmacy.  Maybe he'd attracted the attention of the clerk -- or maybe
it's normal practice - the store manager looked at the photos *that had been
retained by the innards of the printer* and notified police.  There must
have been some more modest pictures as well, and these were shown on
national TV, leading to the girl's parents calling in and identifying the
perpetrator, who was then arrested.

Want privacy and anonymity?  Buy a printer.

------------------------------

Date: Mon, 9 May 2005 15:54:20 +0100
From: "Peter G. Neumann" <neumann@private>
Subject: Search Engine Dependence Syndrome

"We have allowed concepts from information technology to enter the cognitive
consciousness of physicians without critical analysis of their impact."
Steven Merahn, MD, identifies Search Engine Dependence Syndrome as a
neuropsychological disorder:

  1. The assumption/perception that computers are "smart"
  2. The task interference associated with competing problem-solving paradigms
  3. The loss or lack of development of critical thinking skills that
     comes with prolonged reliance on IT infrastructure

http://www.cliniscience.com/objects/Cliniscience%20TEPR.pdf

  [Thanks to Lindsay Marshall for finding the 25-slide presentation from
  which this item is PGN-ed.]

------------------------------

Date: Wed, 8 Jun 2005 10:09:28 -0700
From: Kevin N Haw
Subject: Intelligence vs. Common Sense

The *London Evening Standard* is reporting that the "world's biggest
computer hacker" has been arrested in London, giving us more evidence once
again that intelligence and common sense do not necessarily go hand in hand:

  The unemployed former computer engineer is accused of causing the US
  government $1 billion of damage by breaking into its most secure computers
  at the Pentagon and NASA.  He is likely to be extradited to America to
  face eight counts of computer crime in 14 states and could be jailed for
  70 years...  Friends said that he broke into the networks from his home
  computer to try to prove his theory that the US was covering up the
  existence of UFOs.

The mind simply boggles.

Full story:
http://www.thisislondon.co.uk/news/articles/19164714?source=Evening%20Standard&ct=5
Commentary:
http://it.slashdot.org/article.pl?sid=05/06/08/137249&tid=172

  [Biggest hacker?  He would perhaps have to exceed 450 pounds in weight
    to justify that claim.
  Pentagon's and NASA's most secure computers?  Wow!  Are we impressed?  PGN]

------------------------------

Date: Mon, 6 Jun 2005 08:49:45 -0600
From: "Schlake (William Colburn)" <schlake@private>
Subject: The Risks of HTML

I received e-mail from B&H Photo video about my order.  I don't use an
HTML-capable e-mail reader, and they don't send a text version.

    <td> <p><br>
        Dear WILLIAM D. COLBURN ,<br>
        <br>
        We are pleased to inform you that the following order has been
        shipped.</p>

     <!-- Comment out by YYW per bug #29992-->
     <!-- <p>PLEASE NOTE:</p>-->
     <!-- <p>You should be receiving your order shortly. </p>-->
     <!-- <p>Please review the information and verify that everything is
     correct.</p>-->

Since I hate waiting, I had ordered prompt delivery of my new possession.
Unfortunately, due to bug 29992 I will not be receiving my order shortly,
and I should not review my order to make sure that it is correct.  I hate
bug 29992.  B&H could be slowly shipping me the wrong thing, and I won't
know it until it arrives.

I'm also pretty baffled by what bug could possibly be fixed by commenting
out a textual note that my order will arrive soon and I should check what I
ordered to make sure it is correct.

------------------------------

Date: Sat, 4 Jun 2005 11:19:41 +0100 (BST)
From: Pete Mellor <pm@private>
Subject: Method discovered of cracking Bluetooth security

Avishai Wool and Yaniv Shaked of Tel Aviv University in Israel have
demonstrated a method of cracking Bluetooth security.  Every Bluetooth
device broadcasts its ID code to everything in the vicinity.  The method is
to pick up an ID code, then send a message to another device, spoofing the
ID code, and telling it that the 'link key' used for encrypting
communication has been 'forgotten'.  This forces the two devices to go
through a 'pairing' exercise to establish another link key.  (Normally this
is done only on the first occasion on which two devices communicate with
each other.)  The attacker can then eavesdrop on the messages exchanged in
the pairing session, and analyse these using software which implements the
Bluetooth algorithm.  The four-digit PIN (set on each device by the
legitimate user) can be cracked by 'brute force'.  The link key can then be
derived, and the attacker can then communicate with either device by
pretending to be the other.

Shaked and Wool will present their findings at the MobiSys conference next
Monday in Seattle.

For a more detailed description, see the on-line news item from New
Scientist magazine:

http://www.newscientist.com/article.ns?id=dn7461

Peter Mellor, Centre for Software Reliability, City University,
Northampton Square, London EC1V 0HB  +44 (0)20 7040 8422

------------------------------

Date: Mon, 6 Jun 2005 18:46:38 -0700 (PDT)
From: Alpha Lau <avlxyz@private>
Subject: Messaging and Security Feature Pack for Windows Mobile 5.0

  Local and remote device wipe. The ability to remove all information, over
  the air, and reset a device to its original state enables IT
  administrators to better manage sensitive information on a misplaced
  Windows Mobile-based device.  In addition, the administrator can choose to
  have the local memory on a device erased if the correct password is not
  entered after a designated number of attempts.
http://www.microsoft.com/presspass/press/2005/jun05/06-06SFPWindowsMobilePR.mspx

Oh sure, just wipe the device. Encryption is not an option, is it? :)

------------------------------

Date: Tue, 10 May 2005 20:40:23 -0400 (EDT)
From: Atom Smasher <atom@private>
Subject: Challenge/response e-mail filtering

I recently received an e-mail challenge to a message claiming to be "From"
me. if i choose to click the link provided, my e-mail address would be added
to the recipients white-list. if i don't click the link then the message
would be deleted... or filed in a folder where no one looks... i'm not
sure...?

this allows two distinct failure modes:
  1) I ignore the challenge and a legitimate message is not delivered
  2) I acknowledge the challenge and spam is delivered, "From" me

regarding the first failure mode: when i post to a mailing list and receive
a challenge, i will always ignore it. if the recipient wants to receive mail
from the list, the list should be white-listed (not necessarily with an
obvious header, such as "To: mailing-list@private").

regarding the second failure mode: this particular challenge (from
earthlink) that i recently received only identified the message by the
recipient and subject line, making it difficult to determine if i sent the
message or not. i did not recognize the recipient or subject, so i had no
reason to respond to the challenge. but, if one were to acknowledge the
challenge without first determining the legitimacy of the message, 1) the
recipient will receive the spam and 2) the person who acknowledged the
challenge may ultimately be blacklisted for "sending" spam.

it is assumed that a challenge/response system such as this works because
spammers usually use invalid "From" addresses, and people would take the
time to scrutinize any challenge they receive before responding to it. i
know plenty of e-mail users who will be more than happy to click on any link
in their e-mail to ensure that someone gets "their" mail.

should the challenge include the original message? this introduces the risk
of using "From" addresses of the intended recipient and "bouncing" the spam
off of an account that generates challenges. the "sender" (as identified in
a forged From address) would then receive the spam.

this is in addition to the other flaw of challenge/response filter systems,
which is that viruses may attack an address book and/or saved messages. this
will facilitate spam that uses addresses that are likely white-listed. more
than once i have received spam "From" my wife... we live and work in a
m$ft-free home in NC, the messages originated from a cable modem in NYC. the
simplest explanation is that our names and e-mail addresses were both
participants in a message or address-book that was harvested by a virus. had
i been white-listing her name and/or e-mail address those spams would have
landed in my inbox; instead they were properly filtered and sent to my spam
folder.

another flaw that may be exploited in these automated challenge/response
systems is if mail is sent "From" evil-spammer@private and that mailbox
is read by a program that clicks every link that comes in.  variations on
this (better mousetraps, better mice, etc) would further destroy the utility
of such filtering systems (while consuming about three times the bandwidth
of normal spam).

my conclusion is that challenge/response systems, although at first seem
like a Good Idea (tm), are no match for a good spam filter (CRM114, DSPAM,
SpamAssassin, etc). i've been enjoying >99.95% accuracy with CRM-114, and
now that i've trained it to recognize e-mail challenges as spam i'm not
bothered by them so often.

------------------------------

Date: Sun, 29 May 2005 19:45:37 +0400
From: Gadi Evron <ge@private>
Subject: Wide-scale industrial espionage using Trojan horses in Israel

Apparently, a Trojan horse was developed for three major private
investigators' companies in Israel, and later used for industrial espionage
with some of the biggest corporations in Israel.

Apart from the technical side of this attack and the extreme wide-scale of
it, another interesting aspect is the use of social engineering.

In one description, I heard that a woman called a certain individual at one
of the companies with a business offer, and later sent him a presentation
via e-mail. When that presentation did not work, she proceeded to send him a
CD, which did not work either.

You can find an article in English detailing some of the events here:
http://www.haaretz.com/hasen/spages/581718.html

This is not the first time this happened, and not the first time we've seen
industrial espionage in IL, or private investigator companies developing
their technological and operational capabilities. I've personally been
approached about such a job twice in the past 2 years.

Interesting tidbit of data:
The perps paid 17K UK pounds per COMPUTER per MONTH.

Gadi Evron, Infosec Manager, Israeli Government Internet Security.

------------------------------

Date: Wed, 11 May 2005 09:47:12 -0400
From: "Bauman, James" <James.Bauman@safety-kleen.com>
Subject: Bold thieves build complete ATM

http://www.reuters.com/newsArticle.jhtml=3Ftype=3DoddlyEnoughNews&storyID=3D8412873&src=3Drss/oddlyEnoughNews

Audacious thieves in Romania have constructed a complete automated teller
machine (ATM), minus the cash box, to steal the details of account holders.
Fake ATMs have appeared at apartment buildings or in areas of the capital
where there are no banks.  Usually criminals only place a fake panel over an
existing ATM, and do not construct a complete machine.  Romania's biggest
bank, Banca Comerciala Romana (BCR), said customers should only use ATMs
situated around bank branches. "Banks do not install ATMs in blocks of
flats," BCR spokesman Cornel Cojocaru said.

Jim Bauman  S-K Lotus Notes Group  847-468-3014  jbauman@safety-kleen.com

------------------------------

Date: Mon, 06 Jun 2005 04:06:35 -0700
From: Joe Smith <Joe.Smith@private>
Subject: Spammer using Yahoo service and Google's name to hide actual server

I expect that many of you have received spam messages containing
"Your existing loan situation makes you eligible..." and
"If your decision is not to make use of this final offer going here...".
The URL for Request Form and opt-out look respectable, but they are not.

They are in the form of
   http://rds.yahoo.com/a=b/*-http://www.google.com_cr3am.net/del.asp
where "a=b" is about 100 characters and the "_" is another period.

Yahoo must be running some sort of redirection service on their RDS server.
It ignores everything between rds.yahoo.com/ and "*-", then issues a
redirect to what's left.  The end result is a URL pointing to a server that
was registered in China on 2005-06-02.  It's using a subdomain of
www.google.com to trap the unwary.

------------------------------

Date: Fri, 3 Jun 2005 14:25:35 -0400
From: "David B. Lewis" <dblen@private>
Subject: Future ChoicePoint-related flaws

I had occasion to contact my ISP to reset the password on an account (which
I had misremembered). But instead of resetting the password to a whatever
value and giving it to me, so that I could change the password to what I
wanted, the ISP told me what the password had been!  We went through a
little back-and-forth about how they shouldn't be storing clear-text
passwords ("but the login screen is secure!")  without any impact.

------------------------------

Date: Tue, 26 Apr 2005 21:49:25 -0400
From: "R.S. Heuman" <rsh@private>
Subject: Re: Michigan message board says speed limit 100 mph (Waters, R 23 85)

I have to wonder if the individual controlling the message board is one of
the people living in Windsor who commute to Detroit to work, and who is more
familiar with kph, as used to the east and north of Michigan :-)

Or, as an alternative, it really said 100 kph and someone expecting the mph
misread the board. After all, when we cross the border at Sarnia/Port Huron
or Windor/Detroit or Sault Ste. Marie/Sault Ste.  Marie perhaps they are
telling us the Michigan speed limit in terms that match our speedometers
[KPH] :-)

If either or those were the case, 100 kph is 62.5 mph and the 'error' makes
more sense or was not an error but a misread of one letter. I wonder if we
will ever know...

------------------------------

Date: Fri, 20 May 2005 11:33:33 -0400
From: "Jay R. Ashworth" <jra@private>
Subject: Zabasearch, and coverage thereof (Re: Zaba, RISKS-23.87)

At http://writ.news.findlaw.com/ramasastry/20050512.html it is written,
amongst other things:

> True, much information was available publicly before. But now it can be
> collected together, online, at the press of a button. One scholar,
> Professor Daniel Solove, calls such collections of data "digital
> dossiers".
>
> And there's no reason these dossiers must be limited to addresses,
> phone numbers, birth years, and property information. Digital
> footprints can be tracked - so that digital dossiers could include
> Internet activity. In theory, they could also be connected to security
> camera footage from private stores, identification photos, and much
> more.
>
> Such dossiers can be permanent, and may be instantaneously disseminated
> around the world.
>
> They can also be stolen: Collecting information on an individual, and
> making the dossier publicly accessible, risks making identity theft
> virtually undetectable. The thief who steals your wallet may not know
> your mother's maiden name, or the name of your pet - common security
> questions. But what if that information ends up in your digital
> dossier?

And, of course, the answer is "then maybe companies will stop using such
puerile choices of authenticators and get serious about security"... but
that's politically incorrect to say aloud.

So I'll say it here, instead.

While Zabasearch may have problems, that's not one of them.

The world is changing, and while there may be some risks involved in that,
we would be well served to think long and hard about what those risks are,
and where they *really* come from... instead of killing the messenger.

Peter Brin's *TheTransparent Society* and Simson Garfinkel's *Database
Nation* have interesting, if opposing, takes on this issue.

Jay R. Ashworth, Ashworth & Associates, St Petersburg FL USA
http://baylink.pitas.com  +1 727 647 1274  jra@private

------------------------------

Date: Thu, 2 Jun 2005 03:26:27 -0400 (Eastern Daylight Time)
From: Chris Smith <smith@private>
Subject: Re: MarketScore exploit (Emigh, RISKS-23.88)

In RISKS-23.88, Aaron Emigh includes a valuable summary of the operation of
MarketScore. However, recent changes have made this description badly out of
date. A different concern, however, is whether this is an "exploit" and an
"attack".

Although MarketScore does not tell their users precisely how the technology
works, they are quite clear about what they are doing.  Their End User
Licence Agreement (EULA) specifically states that the examined data includes
secure sessions. It's not at all clear that it is still a man-in-the-middle
*attack* if one end of the connection has agreed to the process. Like many
technologies, this one can be used for bad things. But just because this
technology is used is not sufficient to make what is done with it a bad
thing.

MarketScore appears to now use a different technology, effectively
summarized in this analysis from Cornell:

http://www.cit.cornell.edu/computer/security/marketscore/technical.html

Simply put: the proxy has been moved from MarketScore servers to the users'
own machines, and MarketScore now simply records a datastream from the
proxy. Where destination sites could formerly detect that proxied traffic
arrived from marketscore servers, now the proxied traffic arrives from the
users' regular IP address.

Furthermore, the use of a LSP (Layered Service Provider) appears to allow
the proxy to examine the contents of secured sessions without having to
re-encrypt traffic under the special trusted certificate. If you check a
site's credentials, it will show as secured by the site's own certificate,
not by Marketscore's.

------------------------------

Date: Thu, 02 Jun 2005 22:15:27 +0800
From: Doug Burbidge <dougburbidge@private>
Subject: Re: MarketScore exploit (Emigh, RISKS-23.88)

They're not the only ones.  Microsoft ISA (Internet Security and
Acceleration) Server 2004 does the same thing: it allows clients to
establish a secure connection with it, and then it establishes a secure
connection with the remote site.

It does not log the content of the session (though future versions of ISA
Server may allow this).  But it does log the full URL, and HTTP headers
(such as user agent) that you would normally expect to be invisible over an
https connection.

It can perform these tricks invisibly from the client's perspective because
it is integrated with the rest of the LAN's infrastructure.  It similarly
needs a root certificate, but since this is automatically installed on the
client when it is joined to a Windows domain with a certificate server, the
added certificate is inconspicuous.

The risk here, I guess, is trusting that the people who wrote the software
have your best interests at heart.  This is not the case for MarketScore,
and is evidently not the case for end users of IE, Windows client, and ISA
proxy.

Doug Burbidge  http://www.dougburbidge.com/  dougburbidge@private

------------------------------

Date: Wed, 01 Jun 2005 02:34:43 -0400
From: "James W. Adams" <jadams84@private>
Subject: Re: "Rumplestiltskin worm" on the loose? (Glass, RISKS-23.88)

> As I've mentioned above, there will be some people who are philosophically
> opposed to the notion of restricting Internet traffic so as to limit abuse...

Yes, I am very opposed to such a notion.  I'm sorry, but the Internet is not
your private playground.  If you have a spam problem, deal with it or buy
your own intranet.  Such "idealism" is what lets people use the Internet to
communicate.  The US FCC rules about devices which use radio frequency
transmissions having to accept any "interference" come to mind.  If some
specific agent is disrupting your operations illegally, track down their
activities, record them, and turn it over to law enforcement.  Otherwise,
just deal with the fact that the Internet is no longer a closed society, and
you may have to deal with the same sorts of mischief you would in any other
public arena, as well as a large number of people who just need to tell
grandma about junior's first bowel movement with photos attached.

I don't like the fact that the USPS promotes the delivery of junk mail to my
home, but I don't demand that we require senders of postage to pass some
sort of security interrogation.  I just recycle or dispose of the junk.  The
fact is that the fees paid to mail this junk subsidize my ability to receive
mail at my home, so I accept it as a cost of doing business or a cost of
living.

Much spam is identifiable and can be blocked by well established means.
What can't is the cost of doing business in any public venue.  Your
convenience and avoidance of risk does not constitute an entitlement to
restrict the expression or actions of others any more than you have the
right to restrict the use of public highways to yourself and your assigned
agents, or, within reason, to dictate what sorts of vehicles they may
operate, who may occupy them or where and when they may travel.

Furthermore, the argument you raise about bandwidth is largely absurd.  One
of the reasons for the collapse of WorldCom was overcapacity.

If I have a dialup feed, I likely won't appreciate someone e-mailing me a
five megabyte graphic file, but I have little right to demand that nobody do
so unless there is obvious malicious intent.  There are also workarounds
such as IMAP.

------------------------------

Date: 29 Dec 2004 (LAST-MODIFIED)
From: RISKS-request@private
Subject: Abridged info on RISKS (comp.risks)

 The RISKS Forum is a MODERATED digest.  Its Usenet equivalent is comp.risks.
=> SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent)
 if possible and convenient for you.   Mailman can let you subscribe directly:
   http://lists.csl.sri.com/mailman/listinfo/risks
 Alternatively, to subscribe or unsubscribe via e-mail to mailman your
 FROM: address, send a message to
   risks-request@private
 containing only the one-word text subscribe or unsubscribe.  You may
 also specify a different receiving address: subscribe address= ... .
 You may short-circuit that process by sending directly to either
   risks-subscribe@private or risks-unsubscribe@private
 depending on which action is to be taken.

 Subscription and unsubscription requests require that you reply to a
 confirmation message sent to the subscribing mail address.  Instructions
 are included in the confirmation message.  Each issue of RISKS that you
 receive contains information on how to post, unsubscribe, etc.

   INFO     [for unabridged version of RISKS information]
 .UK users should contact <Lindsay.Marshall@private>.
=> SPAM challenge-responses will not be honored.  Instead, use an alternative
 address from which you NEVER send mail!
=> The INFO file (submissions, default disclaimers, archive sites,
 copyright policy, PRIVACY digests, etc.) is also obtainable from
   <http://www.CSL.sri.com/risksinfo.html>
 The full info file may appear now and then in future issues.  *** All
 contributors are assumed to have read the full info file for guidelines. ***
=> SUBMISSIONS: to risks@private with meaningful SUBJECT: line.
 *** NOTE: Including the string "notsp" at the beginning or end of the subject
 *** line will be very helpful in separating real contributions from spam.
 *** This attention-string may change, so watch this space now and then.
=> ARCHIVES: ftp://ftp.sri.com/risks [subdirectory i for earlier volume i]
 <http://www.risks.org> redirects you to Lindsay Marshall's Newcastle archive
 http://catless.ncl.ac.uk/Risks/VL.IS.html gets you VoLume, ISsue.
   Lindsay has also added to the Newcastle catless site a palmtop version
   of the most recent RISKS issue and a WAP version that works for many but
   not all telephones: http://catless.ncl.ac.uk/w/r
 <http://the.wiretapped.net/security/info/textfiles/risks-digest/> .
==> PGN's comprehensive historical Illustrative Risks summary of one liners:
    <http://www.csl.sri.com/illustrative.html> for browsing,
    <http://www.csl.sri.com/illustrative.pdf> or .ps for printing

------------------------------

End of RISKS-FORUM Digest 23.89
************************



This archive was generated by hypermail 2.1.3 : Fri Jun 10 2005 - 12:20:33 PDT