[RISKS] Risks Digest 24.12

From: RISKS List Owner (risko@private)
Date: Mon Dec 12 2005 - 16:11:02 PST


RISKS-LIST: Risks-Forum Digest  Monday 12 December 2005  Volume 24 : Issue 12

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
  <http://catless.ncl.ac.uk/Risks/24.12.html>
The current issue can be found at
  <http://www.csl.sri.com/users/risko/risks.txt>

  Contents:
Unmanned shuttle system suspended after collision (Gerrit Muller)
EFF sues North Carolina over electronic voting-machine certification
  (Peter Ludemann)
A Little Sleuthing Unmasks Writer of Wikipedia Prank (Katharine Seelye 
  via PGN)
False WHOIS Data Still Bedevils (Jim Wagner)
Miniature Golf Course on Terror Target List (Paul Saffo)
Trouble for LAPD computer system (Dan Laidman via PGN)
Trading Error Leads to $225 Million Loss for Japanese Firm
Bulls or bears?  Depends on parameter order (Jeremy Epstein)
Anti-piracy gone awry in MacInTouch (Monty Solomon)
Electronic Switch Fire Exits / Uniform Fire Code (Daniel Norton)
Privacy implications of Microsoft's Windows Live Local (David Pescovitz
  via Monty Solomon)
Live Tracking of Mobile Phones Prompts Court Fights on Privacy
  (Matt Richtel)
Letter to Employees about Benefits from Meijer (James Bauman)
Re: In-car GPS navigation (William Ehrich)
Re: Y2K++ (Paul E. Ford)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Thu, 08 Dec 2005 21:30:00 +0100
From: Gerrit Muller <gerrit.muller@private>
Subject: Unmanned shuttle system suspended after collision

(From NRC handelsblad, Tuesday December 6, my translation)

The fully automatic, unmanned public transport system Parkshuttle in
Rotterdam and Capelle aan den Ijssel (in The Netherlands) has been suspended
this morning. Two vehicles collided and were severely damaged.  According to
a spokesman of Connexxion no passengers were present in the
shuttles. Connexxion does not have any clue about the cause of the
collision. "As long as we don't know that, the shuttles won't ride",
according the spokesman. The shuttles are unmanned. They ride on demand and
bring passengers from the metrostation Kralingsezoom in Rotterdam to the
business park Rivium in Capelle aan den Ijssel. Prime minister Balkenende
formally started the system last Thursday. The system appeared to have a
second youth after a trial period between 1999 and 2001.

Gerrit Muller   System Architecting  http://www.gaudisite.nl/

------------------------------

Date: Fri, 09 Dec 2005 15:25:06 -0800
From: Peter Ludemann <p_ludemann@private>
Subject: EFF sues North Carolina over electronic voting-machine certification

http://blogs.siliconvalley.com/gmsv/2005/12/babababba_immac.html

So by "independent" you mean "independent of any public oversight," right?

North Carolina is being called to account for its decision to certify
electronic voting machines made by three companies that refused to
comply with the state's election transparency rules. The Electronic
Frontier Foundation (EFF) on Thursday filed a complaint
  <http://www.siliconvalley.com/mld/siliconvalley/13361799.htm>
against the North Carolina Board of Elections and the North Carolina Office
of Information Technology Services, asking the Superior Court to void the
recent "immaculate certifications" they awarded last week
  <http://www.eff.org/Activism/E-voting/EFF_Mandamus_Complaint_TRO_20051208140945.pdf>.
North Carolina law requires the Board of Elections to rigorously review all
voting system code "prior to certification." But last week the state's Board
of Elections certified voting systems from Diebold Election Systems, Sequoia
Voting Systems, and Election Systems and Software without bothering to do so
(see "Election transparency law damn near invisible
  <http://blogs.siliconvalley.com/gmsv/2005/12/so_much_for_nor.html>").
"This is about the rule of law," said EFF Staff Attorney Matt Zimmerman
  <http://www.eff.org/news/archives/2005_12.php#004237>.
"The Board of Elections has simply ignored its mandatory obligations under
North Carolina election law. This statute was enacted to require election
officials to investigate the quality and security of voting systems before
approval, and only approve those that are safe and secure. By certifying
without a full review of all relevant code, the Board of Elections has now
opened the door for North Carolina counties to purchase untested and
potentially insecure voting equipment." Keith Long, a North Carolina voting
systems manager, defended the state's decision, telling News.com that
reports from "independent testing authorities" were sufficient for
certification.
  <http://news.com.com/EFF+moves+to+block+e-voting+system+certification/2100-1028_3-5988243.html?tag=nefd.top>

But that comes as poor reassurance. Because if the "independent testing
authorities" to which Mr. Long refers are as impartial as he is, North
Carolina is in big trouble. Long, you see, worked for Diebold Election
Systems as recently as Oct. 1, 2004. And between 1983 and 1992 he worked for
Sequoia
  <http://www.news-record.com/apps/pbcs.dll/article?AID=/20051113/NEWSREC0101/511130328>.

Posted by John Paczkowski on 06:46 AM December 09, 2005

------------------------------

Date: Sun, 11 Dec 2005 17:59:31 PST
From: "Peter G. Neumann" <neumann@private>
Subject: A Little Sleuthing Unmasks Writer of Wikipedia Prank

John Seigenthaler Sr. (a former editor of *The Tennessean* in Nashville, and
founder of the First Amendment Center) was startled to find an entry on
himself in Wikipedia that included defamatory false personal information
about him -- for example, suggesting that Mr. Seigenthaler had been involved
in the assassinations of John and Robert Kennedy.  Mr. Seigenthaler then
wrote an op-ed article in *USA Today*, noting among other things that he was
especially annoyed that he could not track down the perpetrator because of
Internet privacy laws.

The culprit's IP address led to his employer by Daniel Brandt of San Antonio
-- who has been a frequent critic of Wikipedia after reading false
information about himself!  See his www.wikipedia-watch.org.

This led Brian Chase in Nashville to admit having written the offensive
material as a joke, stating that he thought that Wikipedia was a "gag" Web
site!  [Source: Katharine Q. Seelye, *The New York Times*, 11 Dec 2005;
PGN-ed]

  Coincidentally, that story broke on about the same day that the December
  2005 issue of the *Communications of the ACM* came out, the inside back
  cover Inside Risks column of which is ``Wikipedia Risks''
    http://www.csl.sri.com/neumann/insiderisks05.html
  -- written by four long-time RISKS contributors, Peter Denning, Jim
  Horning, David Parnas, and Lauren Weinstein who are on my ACM Committee on
  Computers and Public Policy.  This case points up just one of the risks
  associated with Wikipedia noted in the Inside Risks article, namely that
  of having an encyclopedia contributed by thousands of volunteers, with few
  controls on content.  PGN

------------------------------

Date: Sun, 11 Dec 2005 16:23:31 PST
From: "Peter G. Neumann" <neumann@private>
Subject: False WHOIS Data Still Bedevils (Jim Wagner)

A U.S. Government Accountability Office (GAO) report in Nov 2005 says that
there are roughly 2,310,000 Web addresses for which the owner or contact
information is unknown.  That represents 5% of all .com, .net, and .org
domain names.  This provides anonymity for spammers, scammers, phishers, and
other illegal activities, and untraceability for malware-containing sites.
[Source: Jim Wagner, *Internet News*, 8 Dec 2005; PGN-ed]
  http://www.internetnews.com/ent-news/article.php/3569521

------------------------------

Date: Sat, 10 Dec 2005 18:17:29 -0800
From: Paul Saffo <pls@private>
Subject: Miniature Golf Course on Terror Target List

Emerald Hills Golfland, in San Jose, California, is a theme park with two
miniature golf courses.  It was discovered by San Jose Police to be on a
Homeland Security watch list (to prevent it from boarding planes?).  Of
course, the list is secret.  [Source: AP item, 9 Dec 2005; PGN-ed]
  http://www.kron.com/Global/story.asp?S=4226663

------------------------------

Date: Wed, 30 Nov 2005 6:47:36 PST
From: "Peter G. Neumann" <neumann@private>
Subject: Trouble for LAPD computer system

A software glitch has interrupted the sweeping overhaul of city emergency
communications, which could delay the upgrade of police car computer systems
by up to two years, officials said Monday.  News about the glitch in the
city's $15 million contract with Northrop Grumman Information Technology
drew a strong reaction from the City Council's Public Safety Committee.
[Source: Dan Laidman, Glitch triggers outcry on panel; Woes may delay police
car computer upgrade, *Los Angeles Daily News*, 29 Nov 2005; PGN-ed; thanks
to Lauren Weinstein for contributing this item.]

------------------------------

Date: Thu, 1 Dec 2005 13:47:36 PST
From: "Peter G. Neumann" <neumann@private>
Subject: Trading Error Leads to $225 Million Loss for Japanese Firm

Japanese financial-services firm Mizuho Securities Co. said Thursday it
erroneously placed sell orders because of a simple human data-input mistake
that apparently ignored an error warning.  This cost Mizuho at least 27
billion yen ($225 million).  The company mistakenly sold 610,000 shares of
J-Com Co. at 1 yen (less than 1 cent) per share, instead of the request to
sell just one share at 610,000 yen ($5,080).  The mishap sent the benchmark
Nikkei 225 index down 1.95 percent on the Tokyo Stock Exchange.  Mizuho
Financial Group dropped 3.4 percent to 890,000 yen ($7,416.67).  [Source: AP
item, 8 Dec 2005; PGN-ed]
  http://www.timesonline.co.uk/article/0,,3-1917093,00.html

  [Many thanks to Chuck Weinstock, George Mannes, FJReinke, and Tomas
  Uribe, all of whom sent in the full item.  Tomas commented:
    One would think that "money-critical" systems would have more stringent
    safeguards against this type of thing. Also, someone must have made
    $225 million as well---who might have been the lucky ones who bought
    the discounted shares?
  PGN]

------------------------------

Date: Mon, 12 Dec 2005 14:21:45 -0500
From: Jeremy Epstein <jeremy.epstein@private>
Subject: Bulls or bears?  Depends on parameter order

Seems that we don't learn from mistakes (as if that should be a revelation
to readers of this list)!

    Trouble began Thursday morning, when Mizuho Securities tried to sell
    610,000 shares at 1 yen (less than a penny) apiece in a job recruiting
    firm called J-Com Co., which was having its public debut on the
    exchange.  It had actually intended to sell 1 share at 610,000 yen
    ($5,041).
http://www.washingtonpost.com/wp-dyn/content/article/2005/12/09/AR2005120900
087.html
Also at http://www.nytimes.com/aponline/business/AP-Japan-Botched-Trade.html
and many other places.

As this problem sounded rather familiar, I searched the RISKS archive, and
found it in RISKS-21.81.  That posting, almost exactly four years ago,
included the following excerpt:

  Before the Tokyo market opened Friday, a UBS Warburg trader entered what
  was intended to be an order to sell 16 Dentsu shares at 610,000 yen
  ($4,924.53) each or above.  Instead, the trader keyed in an order to sell
  610,000 Dentsu shares at 16 yen apiece ...

That was also on the day of a "public debut" (aka IPO).  However, it was a
bargain - it cost UBS Warburg about $100M vs. about $235M for Mizuho
Securities.

I assume it's just coincidence that these two failures were both on the
Tokyo Stock market.

  [I knew the new case sounded familiar!  Perhaps the 610,000 is a default
  number for an erroneous field?  That's quite a coincidence.  PGN]

------------------------------

Date: Thu, 8 Dec 2005 01:27:21 -0500
From: Monty Solomon <monty@private>
Subject: Anti-piracy gone awry in MacInTouch

Found on MacInTouch

We received an unconfirmed report that Printer Setup Repair 5.0.3
incorporates a hidden and dangerous anti-copying mechanism, and the company
responded to our follow-up with an explanation:

  [MacInTouch Reader]
  Printer Setup Repair, the widely-used utility for Mac OS X printers, has
  taken a malicious approach to combatting software piracy. With version
  5.0.3 for Mac OS X Tiger, if the user enters a pirated serial number known
  to the program, the program will immediately and without any warning
  remove all user preferences and the user keychain, and possibly do other
  unknown damage to the user's system. [...]

  [John Goodchild, President, Fixamac Software, Inc]
  Thank you for bringing this to our attention. We have examined our code
  and discovered an error in the area that rejects pirated registration
  codes. The original objective was to delete the Printer Setup Repair
  preferences but a misplaced space in the code allowed the entire user
  preferences folder to be erased. This would only occur if a pirated code
  was used. The error was probably overlooked since there was a need to
  block a new batch of pirated codes quickly.  There was no such error in
  the area that handles legitimate registration codes and in no way can
  occur if a legitimate registration code is entered incorrectly since the
  user name is also a part of our internal tests. We have fixed the problem
  and posted an update.  This was not a malicious act on our part, rather an
  effort to protect our product from software pirates, and we regret any
  damage that may have been caused by the use of pirated registration codes.
  Anyone who downloaded Printer Setup Repair 5.0.3 between 11-05-05 and
  12-06-05 should download the current release from our web site.

------------------------------

Date: 9 Dec 2005 09:39:22 -0800
From: "Daniel Norton" <danorton@private>
Subject: Electronic Switch Fire Exits / Uniform Fire Code

Is there something in the Uniform Fire Code that addresses electronic
switches on exit doors?  I work in a building that has two sets of doors
towards the exit that both have electronic switches that have failed in
several instances.

The first set of doors has a capacitance touch switch which won't work
if one is wearing gloves or has a prosthesis.  The second set of doors
uses a motion detector, which fails if you stand too close to the doors
for more than five seconds (you have to subsequently wave at the
detector to trigger it).

This seems fundamentally flawed and hazardous.  I've just learned that my
employer was informed by the Austin Fire Department that touch switches are
specifically allowed and they're preferred over motion sensors (which are no
longer allowed in new installations).

It doesn't seem to me that someone would naturally know that they need to
actually touch a metal bar with their skin in order to exit a door and there
have been several instances of fellow employees stalled at the door waiting
from someone else to come along and "magically" open the door.

------------------------------

Date: Sat, 10 Dec 2005 22:29:20 -0500
From: Monty Solomon <monty@private>
Subject: Privacy implications of Microsoft's Windows Live Local

Privacy implications of Microsoft's Windows Live Local
David Pescovitz, 9 Dec 2005

Mike Liebhold, my colleague at the Institute for the Future, is deep into
the geohacking scene. He just took a look at Microsoft's new Virtual Earth
incarnation, Windows Live Local and found some big privacy concerns

  [Mike's entire post to the Geowanking listserv on Microsoft's "Location
  Finder" is online:
    http://www.boingboing.net/2005/12/09/privacy_implications.html
  PGN]

------------------------------

Date: Sun, 11 Dec 2005 19:55:01 PST
From: "Peter G. Neumann" <neumann@private>
Subject: Live Tracking of Mobile Phones Prompts Court Fights on Privacy
  (Matt Richtel)

Cellular operators know, within about 300 yards, the location of their
subscribers whenever a phone is turned on.  The operators have said that
they turn over location information when presented with a court order to do
so.  However, in the last four months, three federal judges have denied
prosecutors the right to get cellphone tracking information from wireless
companies without first showing "probable cause" to believe that a crime has
been or is being committed.  That is the same standard applied to requests
for search warrants.  [Source: Matt Richtel, *The New York Times*, 10 Dec
2005; PGN-ed]
http://www.nytimes.com/2005/12/10/technology/10phone.html?ei=5094&en=4dace02ac3105d11&hp=&ex=1134190800&partner=homepage&pagewanted=print

  [Note: Missouri has granted a contract for statewide cell-phone tracking.]

------------------------------

Date: Thu, 8 Dec 2005 15:03:23 -0500
From: "Bauman, James" <James.Bauman@safety-kleen.com>
Subject: Letter to Employees about Benefits from Meijer

My teenaged-daughter works at a Meijer store (http://www.meijer.com/ -- they
have retail superstores in Ohio, Illinois, Indiana, Michigan and Kentucky)
near us, and she'd waived any health insurance benefits, because she's
covered under my plan.

Recently, she received a letter about the benefit's choices that she'd made.
On the first side of the letter is a standard form letter with her name and
address and employee number.  On the other side of the letter is a detailed
accounting of her benefits package.  The only problem is that the name on
this other side is not hers, and it lists the benefits chosen by another
employee from another state with an employee number two digits before hers.

The benefits side of the letter listed the other person's name, address,
employee number, home phone, and date of birth, but not a social security
number.  Because the other person had waived his benefits like my daughter
had, there was little information.  But, if the person had chosen a benefits
package and had decided to cover their dependents, then the following
information for the dependents would have been listed: names, relationship,
birth date, sex, and social security number.

I called the 1-800 number on the letter about the mistake, and the person
that answered immediately said that there's a message about that.  I was
transferred to a pre-recording.  It said that the company was aware that
this had affected a lot of their employees, and that employees who'd receive
someone else's information are asked to destroy the letters.

I hope their employees do the right and honorable thing, and do not use the
identifying information for nefarious purposes, but we all know that the
lamp of Diogenes would go out when within a mile of a few people...the ones
we all worry about.

Jim Bauman, S-K Lotus Notes Group, 1-847-468-3014 jbauman@safety-kleen.com

------------------------------

Date: Thu, 8 Dec 2005 12:07:15 -0600
From: William Ehrich <ehrich@private>
Subject: Re: In-car GPS navigation (Scott, RISKS-24.10)

The GPS algorithms include measures of the accuracy and reliability
of the current solution. These should be displayed, for instance with 
an appropriately large fuzz ball on a map display.

------------------------------

Date: Wednesday, December 07, 2005 2:57 PM
From: Paul E. Ford <pef@private>
Subject: Re: Y2K++ (Horning, RISKS-24.11)

I would conjecture that the list of dates you present are poorly formatted,
but correct.  Given the rising sequence in the last 2 digits and selective
set in the first digit, I would surmise that these represent some sort of
quarter data.  So, 98Q4 through 05Q3.  [...]

Any possibility the second position 0s are actually Qs?

>  4098 3099 2000 1001 4001 4002 2003 1004 4004 3005

  [Jim responded:
    Paul, What sharp eyes you have!  You could see those Qs even when I
    transcribed the data by hand.  I can barely see them as Qs on the
    original, even given your helpful suggestion, but I do believe that you
    are correct.  Jim H.]

  [Also noted by Amos Shapir, who observed that the date labels are placed
  three quarters apart.  But that still does not explain the "4002", which
  looks as if it should have been "3002".  Before running Jim's item in
  RISKS-24.11, I explicitly asked him to check whether the "4002" was
  accurately represented by him, and he did verify that.  So, I suspect
  that the "4002" may have been a recording error in the original,
  or else a lapse in the reporting schedule.  PGN]

------------------------------

Date: 2 Oct 2005 (LAST-MODIFIED)
From: RISKS-request@private
Subject: Abridged info on RISKS (comp.risks)

 The ACM RISKS Forum is a MODERATED digest, with Usenet equivalent comp.risks.
=> SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent)
 if possible and convenient for you.   The mailman web interface can
 be used directly to subscribe and unsubscribe:
   http://lists.csl.sri.com/mailman/listinfo/risks
 Alternatively, to subscribe or unsubscribe via e-mail to mailman your
 FROM: address, send a message to
   risks-request@private
 containing only the one-word text subscribe or unsubscribe.  You may
 also specify a different receiving address: subscribe address= ... .
 You may short-circuit that process by sending directly to either
   risks-subscribe@private or risks-unsubscribe@private
 depending on which action is to be taken.

 Subscription and unsubscription requests require that you reply to a
 confirmation message sent to the subscribing mail address.  Instructions
 are included in the confirmation message.  Each issue of RISKS that you
 receive contains information on how to post, unsubscribe, etc.

=> The complete INFO file (submissions, default disclaimers, archive sites,
 copyright policy, etc.) is online.
   <http://www.CSL.sri.com/risksinfo.html>
 The full info file may appear now and then in RISKS issues.
 *** Contributors are assumed to have read the full info file for guidelines.

=> .UK users should contact <Lindsay.Marshall@private>.
=> SPAM challenge-responses will not be honored.  Instead, use an alternative
 address from which you NEVER send mail!
=> SUBMISSIONS: to risks@private with meaningful SUBJECT: line.
 *** NOTE: Including the string "notsp" at the beginning or end of the subject
 *** line will be very helpful in separating real contributions from spam.
 *** This attention-string may change, so watch this space now and then.
=> ARCHIVES: ftp://ftp.sri.com/risks [subdirectory i for earlier volume i]
 <http://www.risks.org> redirects you to Lindsay Marshall's Newcastle archive
 http://catless.ncl.ac.uk/Risks/VL.IS.html gets you VoLume, ISsue.
   Lindsay has also added to the Newcastle catless site a palmtop version
   of the most recent RISKS issue and a WAP version that works for many but
   not all telephones: http://catless.ncl.ac.uk/w/r
 <http://the.wiretapped.net/security/info/textfiles/risks-digest/> .
==> PGN's comprehensive historical Illustrative Risks summary of one liners:
    <http://www.csl.sri.com/illustrative.html> for browsing,
    <http://www.csl.sri.com/illustrative.pdf> or .ps for printing

------------------------------

End of RISKS-FORUM Digest 24.12
************************



This archive was generated by hypermail 2.1.3 : Mon Dec 12 2005 - 16:53:57 PST