[RISKS] Risks Digest 25.50

From: RISKS List Owner <risko_at_private>
Date: Sun, 4 Jan 2009 16:07:56 PST
RISKS-LIST: Risks-Forum Digest  Sunday 4 January 2009  Volume 25 : Issue 50

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
  <http://catless.ncl.ac.uk/Risks/25.50.html>
The current issue can be found at
  <http://www.csl.sri.com/users/risko/risks.txt>

  Contents:
Sunrise on the post-leap-second era (Tony Finch)
Zounds! Zinger: Zune Zapped Zealously with Zero-tolerance (PGN, David Magda)
Backward Hebrew writing on iPhone calendar (Steven M. Bellovin)
We can't stop the train because our GPS is broken (Hawkins Dale)
Medical devices lag in iPod age; Patients' safety is at risk
  (Carolyn Y. Johnson via Monty Solomon)
JournalSpace wiped out; no backups (Lindsay Marshall)
Some *digital* reception will go black in February! (Daniel P. B. Smith)
Digital photo frames: risks of infecting PCs (Deborah Gage via PGN)
Risks of Australians shouting at your hard drive? (Alec Muffett)
Firewall product uses man-in-the-middle attack to defeat SSL crypto
  (Mike Coleman)
Peter G. Neumann" <neumann_at_private>
Woman fools Japan's airport security fingerprint system (PGN)
The danger of DNA: It isn't foolproof forensics (Maura Dolan and Jason Felch
  via Monty Solomon)
Phishing Scam Spreading on Twitter (Chris Pirillo via David Farber)
Domain registrar hacked; numerous repointings... (Danny Burstein)
Qwest cuts off Internet subs in NM, including government VoIP
  (Lauren Weinstein)
Computer vs. food and warmth (jidanni)
Yahoo tracking where you go - invasion of privacy (jidanni)
Intelligent Speed Adaptation (Martin Ward)
Re: License plate camera readers (Danny Burstein)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Thu, 1 Jan 2009 08:10 +0001
From: Tony Finch <dot_at_private>
Subject: Sunrise on the post-leap-second era

Just before the start of this year there was a leap second, and I am
looking forward to reading the usual collection of stories about the
problems it caused.

Over the last several years there has been discussion about abolishing leap
seconds, to eliminate the glitches they cause and simplify standard time so
that it agrees with the naive model built in to much software and many API
and protocol standards.  For a recent update on the discussion, see the
following slides.

http://www.navcen.uscg.gov/cgsic/meetings/48thmeeting/Reports/Timing%20Subcommittee/48-LS%2020080916.pdf

The disadvantage is that atomic time has a different length of day to the
Earth, and this difference is increasing more and more rapidly.  Some people
object strongly to the idea of decoupling civil time from the rotation of
the Earth, and the break with historical ways of measuring time that this
implies. The problem is how to reconcile the simple uniformity of atomic
time with the erratic deceleration of the Earth.  I believe that my proposal
for a rational replacement for daylight saving time also provides an answer
to the leap second question.

http://catless.ncl.ac.uk/Risks/25.10.html#subj1

The essence of sunrise time is that we reset our clocks each day (by
slightly adjusting their timezone) to a fixed time when the sun rises at a
benchmark location.  For the UK, the benchmark location would be where the
Greenwich meridian crosses the Tropic of Cancer.  This simple mechanism
makes even more daylight available when people are awake than conventional
DST, and eliminates political argument.

If you are setting civil time according to when the sun rises, then it is by
definition coupled to the rotation of the Earth, and there can be no
accelerating difference between them.  This is true even if the underlying
time scale does diverge in this way because it uses fixed-length SI seconds.
This mechanism even lasts beyond the time when the current leap second rules
become unworkable because we need more than 12 each year.

Our systems would only have to know about atomic time and local time,
translating between them using the existing time zone mechanism.  There
would no longer be any need for complicated and unpredictable UTC.  Instead
we'd gain straight-forward compatibility between the most modern way of
keeping time - the atomic clock - and the most ancient - getting up when the
sun rises!

f.anthony.n.finch  <dot@private>  http://dotat.at/

------------------------------

Date: Fri, 2 Jan 2009 14:40:27 PST
From: "Peter G. Neumann" <neumann_at_private>
Subject: Zounds! Zinger: Zune Zapped Zealously with Zero-tolerance

Starting at midnight on 30 December 2008, the 366th day of the year, Zunes
(Microsoft's portable media players) displayed only a frozen start-up
screen.  [Source: Jenna Wortham, A Year Ticks Over, and Zunes Get Hiccups,
*The New York Times*, 1 Jan 2009, National Edition B9; PGN-ed]

The most logical cause of this bug would seem to be a programmer forgetting
that not all years have 365 days.

[This risk was also noted by Martyn Thomas, Martin Ward, and Peter Gregory
-- who added this comment:
  Microsoft is yearning to expand its market space into embedded systems in
  automobiles, military systems, and other areas. Am I being overly fearful
  of the consequences of a Microsoft whose products are even more deeply
  embedded into the machinery of our lives?  Today is one of those days when
  I am distrustful of technology as a path for an easier life.  PG
See also the following follow-up item from David Magda.  PGN]

This is of course reminiscent of numerous previous leap-year fiascos
previously reported in RISKS.  For leap-year historians, do a search on
"leap" (year and day help narrow it a little).  Even apart from the
leap-year digital watch problems noted repeatedly over the years by Mark
Brader (see RISKS-25.07), the number of RISKS items is quite large --
particularly in volume 6 (1988), 13 (1992), 17 (1996), 20 (2000), and 25
(2008).

------------------------------

Date: Thu, 1 Jan 2009 15:26:18 -0500
From: David Magda <dmagda_at_private>
Subject: Zounds! Zinger: Zune Zapped Zealously with Zero-tolerance

On Dec 31, 2008, at 20:36, David Magda wrote:

> People still can't get leap years right even though they've been
> around since Pope Gregory XIII's decree in 1582:

> Q:  Why did this occur at precisely 12:01 a.m. on December 31, 2008?

> A: There is a bug in the internal clock driver causing the 30GB device
> to improperly handle the last day of a leap year.

> http://forums.zune.net/412486/ShowPost.aspx

The issue is an infinite loop:

> while (days > 365) {
>     if (IsLeapYear(year))    {
>         if (days > 366) {
>             days -= 366;
>             year += 1;
>         }
>     } else {
>         days -= 365;
>         year += 1;
>     }
> }

> Under normal circumstances, this works just fine. The function keeps
> subtracting either 365 or 366 until it gets down to less than a year's
> worth of days, which it then turns into the month and day of month. Thing
> is, in the case of the last day of a leap year, it keeps going until it
> hits 366. Thanks to the if (days > 366), it stops subtracting anything if
> the loop happens to be on a leap year.  But 366 is too large to break out
> of the main loop, meaning that the Zune keeps looping forever and doesn't
> do anything else.

http://www.zuneboards.com/forums/349447-post1.html

------------------------------

Date: Thu, 1 Jan 2009 12:21:24 -0500
From: "Steven M. Bellovin" <smb_at_private>
Subject: Backward Hebrew writing on iPhone calendar

I recently succumbed to the reality distortion field and bought myself an
iPhone.  To make sure I have Jewish holidays on my calendar, I used a Mac to
subscribe to a web-based calendar; this particular one will, on request,
include the name of the holiday in Hebrew as well as in English
transliteration.  The result was amusing: the Hebrew words are written
left-to-right, rather than the proper right-to-left.  It's a display problem
on the iPhone itself; my Mac's iCal program (from which the iPhone got the
data) and the open source Sunbird calendar both display the text correctly.

The iPhone's web browser is even more amusing.  It displays the text of
Hebrew language web pages correctly; however, the characters in the title
bar are reversed.  Again, Safari on MacOS gets it all right (or, rather,
gets it right-to-left).

Ah, well -- at least it's not a 30GB Zune on December 31 of a leap year....
(http://www.nytimes.com/2009/01/01/technology/personaltech/01zune.html)

Steve Bellovin, http://www.cs.columbia.edu/~smb

------------------------------

Date: Fri, 02 Jan 2009 10:18:04 -0500
From: Hawkins Dale <hawkins_at_private>
Subject: We can't stop the train because our GPS is broken

http://new.dailyexpress.co.uk/posts/view/77987/

  "Passengers on a Southern [England] service from East Croydon were stunned
  when they were told that their stopping train would skip six stations and
  go direct to the end of the line in Caterham, Surrey.  When they got there
  the driver said the reason was that the train had lost its satellite link.

Apparently the GPS isn't there to determine where to line up the train with
the platform.  Instead, it senses which station the train's in, so that it
knows not to open doors that may not be lined up with the platform, since
some stations have short platforms.

Other methods, such as having the driver look out the window at the sign,
have apparently been discarded in favor of these more modern techniques.

There'll always be a Nengland, I guess.

  [I cannot res-train myself from chuckling.  PGN]

------------------------------

Date: Wed, 31 Dec 2008 13:46:47 -0500
From: Monty Solomon <monty_at_private>
Subject: Medical devices lag in iPod age; Patients' safety is at risk

[Source: Carolyn Y. Johnson, *The Boston Globe*, 29 Dec 2008]

A 32-year-old woman was on the operating table for routine gall bladder
surgery, and doctors needed a quick X-ray. To keep her chest still while the
image was shot, her ventilator was switched off. But the anesthesiologist,
distracted by another problem, forgot to turn the breathing machine back
on. The woman died.

The case is an extreme example of the kind of error that could be prevented
if medical devices were designed to talk to each other, says Dr. Julian
Goldman, a Massachusetts General Hospital anesthesiologist who has compiled
such instances from across the United States to highlight the need for
medical device "connectivity." In this case, he says, synchronizing the
X-ray machine with the ventilator, so the image was automatically timed to a
natural pause in breathing, would have made it unnecessary to turn it off.

As technology moves forward, people expect the electronic devices of
everyday life to work together, from cellphones that can call or
text-message other phones, to computers that interconnect with a slew of
gadgets. But in the medical world, where the stakes are higher, such
flexible interconnection is rare. Each device operates in its own silo.

"It is really unacceptable, and it's one of the reasons we're unable to make
dramatic improvements in patient safety," said Goldman, a leader in calling
for a new generation of medical devices that talk to each other.

Now the push for greater connectedness in hospital electronics is gaining
momentum. The goal is devices that can not only plug into one another, but
can also "understand" each other and automatically identify potential
life-threatening problems sooner than they would have been caught by busy
nurses and doctors.

In October, a task force -- including Partners HealthCare, Mass.  General,
Johns Hopkins Medicine, Kaiser Permanente, and the Boston-based Center for
Integration of Medicine and Innovative Technology -- released sample
language that hospitals can incorporate into contracts with vendors of
medical devices, requiring that manufacturers create products capable of
communicating with other devices using agreed-upon standards. ...

http://www.boston.com/news/science/articles/2008/12/29/medical_devices_lag_in_ipod_age/

------------------------------

Date: Sun, 4 Jan 2009 09:37:37 +0000
From: Lindsay Marshall <Lindsay.Marshall_at_private>
Subject: JournalSpace wiped out; no backups

Blogging service JournalSpace has been completely wiped out after the drives
that housed their entire database were overwritten.  The problem was that
their backups weren't actually backups at all.  The servers were set up with
a mirrored RAID system so that if the primary drive should fail, the
secondary drive would be used to recover the primary.  As a result, when the
data was overwritten on one drive, the other followed suit and cleared
itself.  A data recovery team was unable to retrieve the database.

http://lifehacker.com/5122848/hard-lessons-in-the-importance-of-backups-journalspace-wiped-out

------------------------------

Date: Wed, 31 Dec 2008 23:03:41 -0500
From: "Daniel P. B. Smith" <usenet2006_at_private>
Subject: Some *digital* reception will go black in February!

I'm pretty sure I'm right about this, but I haven't succeeded in getting a
clear answer from anyone. It isn't discussed in any FAQ I've seen.

On 17Feb 2009, some of the people most surprised by the transition will be
those who carefully prepared in advance and are happily watching digital TV
over the air with an "HDTV antenna."  Because, on February 17th, some of the
stations they are watching in _digital_ now will effectively go black.

The reason is that the antennas that have been sold for years as "HDTV
antennas" or "digital antennas" are UHF-only antennas. This made sense,
because VHF antennas are large, bulky, expensive, and difficult to install,
and because _currently_ all digital television frequency assignments are in
the UHF band.

The problem is that on 17 Feb 2009, when the transition occurs, some
stations will be moving their signals from the UHF band to the VHF band, to
take advantage of VHF spectrum that has been freed up by the cessation of
analog broadcasting.

For example, according to antennaweb.org, WHDH-DT in Boston, which is
currently broadcasting on UHF channel 42, will move to VHF channel 7.

However, you will not find any discussion of this on WHDH's website, which
contains the stock DTV advice and says nothing about any special
considerations in receiving WHDH-DT. Like other FAQs, it refers vaguely to
antennas and does not emphasize any need to be sure that your antenna
includes VHF capability if you want to receive all stations after February
17th.

Not very many people will be affected by this problem. Only those who
actually prepared!

Another issue is that digital television receivers and converter boxes
generally set themselves up automatically when first powered on, scanning
through the channels and identifying and marking those where digital signals
were found. It is a one-time process and people can forget that it ever took
place. I wonder how many DTV receivers will handle the channel reassignments
automatically and gracefully? I suspect many people, even if their antennas
receive VHF, will simply lose the reassigned channels, perhaps for
weeks... until they figure out that they need to initiate a manual rescan
and can remember how to do it.

------------------------------

Date: Fri, 2 Jan 2009 15:02:47 PST
From: "Peter G. Neumann" <neumann_at_private>
Subject: Digital photo frames: risks of infecting PCs

More than 7 million digital frames were sold in 2008, with expectations that
perhaps 10 million more might be sold in 2009.  However, the 2008 holiday
sales included a Samsung 8-inch frame sold by Amazon.com, a 9-inch Element
frame sold by Circuit City and a 1.5-inch Mercury frame sold by Wal-Mart --
all of which were infected with malware.  [Source: Deborah Gage, *San
Francisco Chronicle*, 2 Jan 2009, C1-C2, in a long article, PGN-ed here]

Those of you with good memories may recall this as another example of an old
problem that keeps recurring: similar infections were experienced during the
2007 holiday sales in frames sold by Sam's Club, Best Buy, Target, and
Costco, as reported by Deborah Gage, 15 Feb 2008 and noted in RISKS-25.13.
[Thanks to Deborah and the *Chronicle* for the intellectual history as well
as the new report.]

------------------------------

Date: Fri, 02 Jan 2009 01:52:51 +0000
From: Alec Muffett <Alec.Muffett_at_private>
Subject: Risks of Australians shouting at your hard drive?

ObDisclaimer: I work for Sun, but this is really *neat*: it's a
demonstration of what happens when you shout at hard disks / other loud
noises, visualised as performance impact -- watch the latency spikes:
http://uk.youtube.com/watch?v=tDacjrSCeq4

It makes you think.... maybe "audio tempest" next? A sort of inverse
of http://www.vimeo.com/1109226?pg=embed ? :-)

------------------------------

Date: Fri, 2 Jan 2009 21:32:41 -0600
From: "Mike Coleman" <tutufan_at_private>
Subject: Firewall product uses man-in-the-middle attack to defeat SSL crypto

Here's a new wrinkle on man-in-the-middle attacks I'd not seen before.  Palo
Alto Networks' PA-4000 transparent firewall claims to decrypt SSL traffic
passing through it, so that organizations call apply tracking and blocking
to HTTPS traffic.  As explained in the review (link), users' browsers are
configured to trust a new root CA that the PA-4000 itself has the private
key for.  It then interposes itself into HTTPS requests (and other SSL
requests?) by automatically generating a masquerading certificate for the
site the user is trying to connect to, decrypting the traffic so that it can
be scanned in plaintext on the PA-4000, and finally re-encrypting the
traffic with a second HTTPS connection to the true site.

I invite my fellow RISKS readers to contemplate the technical, legal,
business, and ethical implications of this approach.

http://www.informationweek.com/news/hardware/reviews/showArticle.jhtml?articleID=206904763

------------------------------

Date: Fri, 2 Jan 2009 20:27:02 PST
From: "Peter G. Neumann" <neumann_at_private>
Subject: Woman fools Japan's airport security fingerprint system

[Source: 2 Jan 2009, PGN-ed; thanks to Keith Schwalm]
http://www.smh.com.au/travel/woman-fools-japans-airport-security-fingerprint-system-20090102-78rv.html

A South Korean woman barred from entering Japan last year has reportedly
passed through its immigration screening system by using tape on her fingers
to fool a fingerprint reading machine.  She told investigators that she
placed special tapes on her fingers to pass through a fingerprint reader.
(She had been deported in July 2007 for illegally staying in Japan after she
worked as a bar hostess in Nagano.  She was not allowed to re-enter Japan
for five years after deportation but the Tokyo immigration bureau found her
in August 2008 again in Nagano.)

The biometric system was installed in 30 airports in 2007 to improve
security and prevent terrorists from entering into Japan.  Japan spent more
than Y4 billion ($A64 million) to install the system, which reads the index
fingerprints of visitors and instantly cross-checks them with a database of
international fugitives and foreigners with deportation records.

------------------------------

Date: Thu, 1 Jan 2009 19:16:40 -0500
From: Monty Solomon <monty_at_private>
Subject: The danger of DNA: It isn't foolproof forensics (Dolan/Felch)

[Source: Maura Dolan and Jason Felch, *Los Angeles Times*, 1 Jan 2009]

In 2004, a New Jersey prosecutor announced that DNA had solved the mystery
of who killed Jane Durrua, an eighth-grader who was raped, beaten, and
strangled 36 years earlier.

"Through DNA, we put a face to the killer of Jane Durrua, and that face
belongs to Jerry Bellamy," prosecutor John Kaye said.

The killer, however, turned out to be someone else.

Two years after Bellamy's arrest, investigators discovered that evidence
from the murder scene had been contaminated by DNA from Bellamy, whose
genetic sample was being tested at the same lab in an unrelated case. He was
freed. Another man ultimately was arrested.

DNA has proved itself by far the most effective and reliable forensic
science. Over the past two decades, it has solved crimes once thought
unsolvable, brought elusive murderers and rapists to justice years after
their misdeeds, and exonerated innocent people. In courtrooms and in the
popular imagination, it often is seen as unassailable.

But as the United States rushes to take advantage of DNA's powers, it is
becoming clear that genetic sleuthing has significant limitations:

Although best known for clearing the wrongfully convicted, DNA evidence has
linked innocent people to crimes. In the lab, it can be contaminated or
mislabeled; samples can be switched. In the courtroom, its significance has
been overstated by lawyers or misunderstood by jurors.

The rush to collect DNA and build databases has in some cases overwhelmed
the ability of investigators to process the evidence and follow up on
promising leads. Some crime labs have huge backlogs of untested evidence,
including thousands of rape evidence kits. In some cases, criminals who
might have been caught have offended again. ...

http://www.boston.com/news/nation/articles/2009/01/01/the_danger_of_dna_it_isnt_foolproof_forensics/

------------------------------

Date: Sun, 4 Jan 2009 09:35:25 -0500
From: David Farber <dave_at_private>
Subject: Phishing Scam Spreading on Twitter

[From Dave Farber's IP distribution]

  [Chris Pirillo suggests that you really shouldn't click on the Twitter
  phishing URL he exhibits.  You certainly don't want to sass pirillo [!],
  because he does show you what would happen.  PGN]

http://chris.pirillo.com/2009/01/03/phishing-scam-spreading-on-twitter/

------------------------------

Date: Sat, 3 Jan 2009 00:41:54 -0500 (EST)
From: danny burstein <dannyb_at_private>
Subject: Domain registrar hacked; numerous repointings...

  [This incident is related to the ongoing hostilities in the Mideast. I'm
  posting it here for the technical and security info value. Please keep
  this neighborhood in mind if following up.]

Niv Lillian, Israeli domain registration server hacked, *Israel News*,
2 Jan 2009, from: ynetnews.com (an Israeli based web source)

An Islamic group based on Morocco hacked into DomainTheNet's registration
system server on Friday, effectively "highjacking" various prominent domain
names, the likes of ynetnews.com and Bank Discount, and rerouting users to a
page featuring anti-Israel messages. ...  Appearing as a defacement attempt
at first, the attack soon turned out to be more sophisticated: The hackers
were able to obtain a password which granted them access to the server which
updates and "translates" the websites' IP addresses into a Domain Name
Service; and change the IP's numeral values, effectively rerouting users
away from the original websites. ...  The site formed by the group featured
graphic images of dead bodies and abused Iraqi prisoners. ...

http://www.ynetnews.com/articles/0,7340,L-3649281,00.html

------------------------------

Date: Sat, 3 Jan 2009 18:11:17 -0800 (PST)
From: Lauren Weinstein <lauren_at_private>
Subject: Qwest cuts off Internet subs in NM, including government VoIP

Apparently as a result of a billing dispute and related lawsuit, Qwest
reportedly cut off Internet connectivity to ISP SkyWi in New Mexico,
suddenly leaving some 13000 Internet subscribers and 5400 SkyWi VoIP phone
subscribers without service.  Some reports indicate that those VoIP
subscribers suddenly without working phones included NM public safety
entities.

The NM Public Regulation Commission has now stepped in and ordered Qwest to
restore service, but the process has been taking some time.

Regardless of who is actually at fault in the billing matter, the behavior
of both companies in this situation appears to have been anything but
stellar, and again points to the need for a more proactive regulatory
approach to Internet access service provisioning.

http://tinyurl.com/qwest-cutoff

Lauren Weinstein  +1 (818) 225-2800  http://www.pfir.org/lauren
Blog: http://lauren.vortex.com  Network Neutrality Squad http://www.nnsquad.org

------------------------------

Date: Sat, 03 Jan 2009 04:11:48 +0800
From: jidanni_at_private
Subject: Computer vs. food and warmth

In order to use the computer, I cannot use the frying pan nor electric
blanket.  Their cheap circuits cause the computer's uninterruptible power
supply to emit an awful whine:
http://groups.google.com/groups/search?as_umsgid=87d4f8ow30.fsf%40jidanni.org

  [A fine example of the EXCLUSIVE OR operation.  I hope you don't keep
  the awful w(h)ine in the refrigerator.  PGN]

------------------------------

Date: Sat, 03 Jan 2009 05:20:22 +0800
From: jidanni_at_private
Subject: Yahoo tracking where you go - invasion of privacy

http://permalink.gmane.org/gmane.recreation.radio.hardware.icomr5/150

------------------------------

Date: Wed, 31 Dec 2008 14:41:06 +0000
From: Martin Ward <martin_at_private>
Subject: Intelligent Speed Adaptation (Re: Douglass, RISKS-25.49)

Re: Risks of excessive State data collection (Douglass, RISKS-25.49)

Answers to many of the questions posed by Toby can be found in the original
research paper:
  http://eprints.whiterose.ac.uk/archive/00002008/

The UK has reduced road deaths from 8,000 per year in 1964 to just over
3,000 per year in 2005:

http://www.statistics.gov.uk/CCI/nugget.asp?ID=1208&Pos=&ColRank=1&Rank=374

Most of the reduction is due to "low tech" methods: repainting roads to
create space between traffic lanes, speed bumps and other traffic calming
methods in built up areas, more junctions controlled by lights, and so
on. But the paper above makes a strong case for the "high tech" option.

The savings may be overestimated: but every 1% reduction in fatal accidents
would mean 30 lives saved each year. When 35 people were killed in the
Clapham Junction rail crash, it was in the news for weeks and there was a
public Inquiry which led to major changes in the operation of the
railways. The inquiry recommended the introduction of an Automatic Train
Protection System, at a cost of over £1 billion. Nobody pointed out that in
the week of the crash, about 100 people died on the roads. And another 100
in the next week, and another 100 the week after...  In the time between the
crash and the publication of the report, nine months later, over 100 times
as many people had died on the roads, as had died in the crash.

martin@private http://www.cse.dmu.ac.uk/~mward/

------------------------------

Date: Tue, 30 Dec 2008 17:31:42 -0500 (EST)
From: danny burstein <dannyb_at_private>
Subject: Re: License plate camera readers (Re: Arthur T., RISKS-25.49)

> Fun with speed-trap cameras for revenge

There's actually a very good reason why this won't work, at least in regards
to making people pay up for the bad tickets.

In fact, I've received one myself, which I got dismissed.

The key point is that the digital image is NOT a perfectly cropped
photograph of "just" the license plate. Rather, the picture (and often it's
a sequence of them) includes a hefty portion of the rear of the car, and
generally the sides and top as well.

In my own case the interpreter of the original photograph, whether human or
computer recognition, misread a "0" (the number zero) as an "8", and I
received a ticket in the mail.

I simply wrote back pointing out that the photo showed the license plate
attached to the rear end of a BMW, and that my car was most certainly not
from that line.

The ticket was promptly dismissed.

Annoying? Mildly. But far from critical.

Now finding the "real speeder" is left as an exercise to the student...

------------------------------

Date: Thu, 29 May 2008 07:53:46 -0900
From: RISKS-request_at_private
Subject: Abridged info on RISKS (comp.risks)

 The ACM RISKS Forum is a MODERATED digest, with Usenet equivalent comp.risks.
=> SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent)
 if possible and convenient for you.   The mailman Web interface can
 be used directly to subscribe and unsubscribe:
   http://lists.csl.sri.com/mailman/listinfo/risks
 Alternatively, to subscribe or unsubscribe via e-mail to mailman
 your FROM: address, send a message to
   risks-request_at_private
 containing only the one-word text subscribe or unsubscribe.  You may
 also specify a different receiving address: subscribe address= ... .
 You may short-circuit that process by sending directly to either
   risks-subscribe_at_private or risks-unsubscribe_at_private
 depending on which action is to be taken.

 Subscription and unsubscription requests require that you reply to a
 confirmation message sent to the subscribing mail address.  Instructions
 are included in the confirmation message.  Each issue of RISKS that you
 receive contains information on how to post, unsubscribe, etc.

=> The complete INFO file (submissions, default disclaimers, archive sites,
 copyright policy, etc.) is online.
   <http://www.CSL.sri.com/risksinfo.html>
 The full info file may appear now and then in RISKS issues.
 *** Contributors are assumed to have read the full info file for guidelines.

=> .UK users should contact <Lindsay.Marshall_at_private>.
=> SPAM challenge-responses will not be honored.  Instead, use an alternative
 address from which you NEVER send mail!
=> SUBMISSIONS: to risks_at_private with meaningful SUBJECT: line.
 *** NOTE: Including the string "notsp" at the beginning or end of the subject
 *** line will be very helpful in separating real contributions from spam.
 *** This attention-string may change, so watch this space now and then.
=> ARCHIVES: ftp://ftp.sri.com/risks for current volume
     or ftp://ftp.sri.com/VL/risks for previous VoLume
 <http://www.risks.org> redirects you to Lindsay Marshall's Newcastle archive
 http://catless.ncl.ac.uk/Risks/VL.IS.html gets you VoLume, ISsue.
   Lindsay has also added to the Newcastle catless site a palmtop version
   of the most recent RISKS issue and a WAP version that works for many but
   not all telephones: http://catless.ncl.ac.uk/w/r
 <http://the.wiretapped.net/security/info/textfiles/risks-digest/> .
==> PGN's comprehensive historical Illustrative Risks summary of one liners:
    <http://www.csl.sri.com/illustrative.html> for browsing,
    <http://www.csl.sri.com/illustrative.pdf> or .ps for printing
==> Special Offer to Join ACM for readers of the ACM RISKS Forum:
    <http://www.acm.org/joinacm1>

------------------------------

End of RISKS-FORUM Digest 25.50
************************
Received on Sun Jan 04 2009 - 16:07:56 PST

This archive was generated by hypermail 2.2.0 : Sun Jan 04 2009 - 16:33:54 PST