RISKS-LIST: Risks-Forum Digest Friday 6 November 2009 Volume 25 : Issue 83 ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <http://www.risks.org> as <http://catless.ncl.ac.uk/Risks/25.83.html> The current issue can be found at <http://www.csl.sri.com/users/risko/risks.txt> Contents: "Jimmy Carter era" computer causes traffic jams (Jeremy Epstein) Central Traffic unControl === gridlock (David Lesher) Washington Metro system communications depend on single data center (Jon Eisenberg) T-Mobile suffers major outage: nationwide or nearly so (Lauren Weinstein) File share leaks data on US Congress members under investigation (Jeremy Epstein, PGN) Fugitive caught via Facebook updates (Mark Brader) Facebook 'Suggests Contacting Dead Friends' (Matthew Kruk) Massive Gene Database Planned in California (David Talbot via Jim Schindler) Drivers ticketed for not speaking English - misapplication of UI (Frank Jimenez) Privacy of health care info & health insurers (Henry Baker) Spam forged from .gov and .mil (PGN) AMEX sends USB trojan keyboards in ads (David Lesher) Risks of Using Encryption (Roger Grimes via Gene Wirchenko) 'Robot' computer to mark English essays (Polly Curtis via Randall) Is Net Neutrality a Communist Plot? "Declassified DoD Film" (Lauren Weinstein) Speaking of cable modem insecurity (Danny Burstein) Re: Toyota uncontrolled acceleration (Anton Ertl, Matt Roberds) Re: Danger and Paris Hilton (Peter Houppermans) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Thu, 5 Nov 2009 06:44:46 -0500 From: Jeremy Epstein <jeremy.j.epstein_at_private> Subject: "Jimmy Carter era" computer causes traffic jams 4 Nov 2009. A "Jimmy Carter era" computer that controls traffic light timing in Montgomery County, Maryland (suburban Washington DC) failed, which meant that traffic lights throughout the county stopped being timed properly (i.e., to allow more green southbound in the mornings and northbound in the evenings). Setting 750 traffic lights by hand each morning and evening is ineffective. I don't know what the article means by a Jimmy Carter era computer (other than presumably something purchased in the late 1970s), but it's fair to say that finding replacement parts for whatever went wrong isn't easy. And for those young'uns on the list, computers in that era weren't a single chip or a single board - the CPU alone probably fills several 6' (1.8 meter) tall cabinets, with discrete components and wires. Troubleshooting requires lots of training and intuition, not something you can pick up from a book... The computer had been scheduled for replacement. Hopefully not by a Windows box that decides to reboot itself at inconvenient times.... The RISK, I'm guessing, is of being so reliant on a piece of hardware that can't be readily repaired (with no backup). http://www.washingtonpost.com/wp-dyn/content/article/2009/11/04/AR2009110402413.html ------------------------------ Date: Thu, 5 Nov 2009 15:40:25 -0500 (EST) From: "David Lesher" <wb8foz_at_private> Subject: Central Traffic unControl === gridlock Montgomery County MD, north of DC, has an extensive network of traffic controls including cameras on hundreds to thousands of traffic signals. (Those cameras are allegedly for motion sensing only but I have no proof of that; mission creep seems obvious...) They have their own fiber backbone to interconnect all this with one central computer. It failed, and thus far they have not been able to restart it. As a result, the signals have all reverted to autonomous local operation, and traffic is a major mess. [This is a region where normal rush hours runs from 0530-0930, and 1500-1900...] RISK: While they HAVE fallback control; [bravo..] here it is not all that is needed. Gridlock for several days will not win any votes. Traffic signals disrupted, creating chaos in Montgomery - washingtonpost.com http://www.washingtonpost.com/wp-dyn/content/article/2009/11/04/AR2009110402413.html ------------------------------ Date: Wed, 4 Nov 2009 08:55:42 -0500 From: "Jon Eisenberg" <JEisenbe_at_private> Subject: Washington Metro system communications depend on single data center -- power failure causes multiple problems http://www.washingtonpost.com/wp-dyn/content/article/2009/11/04/AR200911 0401104.html?hpid=newswell Jon Eisenberg, Director, Computer Science and Telecommunications Board, The National Academies ------------------------------ Date: Tue, 3 Nov 2009 17:23:42 -0800 From: Lauren Weinstein <lauren_at_private> Subject: T-Mobile suffers major outage: nationwide or nearly so? NNSquad - Network Neutrality Squad <nnsquad.nnsquad.org> T-Mobile suffered a major outage today. The exact scale is still unclear, but clearly various areas around the U.S. were affected, including voice, data, and SMS. Service currently appears to be completely up here in my area of L.A., though I haven't tried to use T-M in several hours and could have missed any outage (Update: user reports on the T-M discussion forum do indicate that L.A. was down at some point -- for up to four hours). Anecdotal reports suggest that service has been restored in some areas but not necessarily for all of voice/data/SMS, and that in some areas voice calls were disrupted but 3G data continued working throughout the outage. Obviously some failure of their backbone network and/or authentication services. More to come. One other point for now. AP is reporting that they were unable to reach the cell phones of various T-Mobile media spokespersons, because calls to those cell phones couldn't complete ... due to the T-Mobile outage itself. A lesson re network diversity, it seems. ------------------------------ Date: Fri, 30 Oct 2009 13:54:08 -0400 From: Jeremy Epstein <jeremy.j.epstein_at_private> Subject: File share leaks data on US Congress members under investigation The Washington Post's Oct 30 lead article notes that "more than 30 lawmakers and several aides" are under investigation for various possible misdeeds associated with "defense lobbying and corporate influence peddling". What's technology relevant is that the information leaked because a report was (presumably accidentally) placed on an unprotected computer (not clear whether it was a web site, a file share, or something else). No word on whether the problem was a misconfiguration (i.e., mis-set file permissions, whether accidentally or intentionally) or due to a bug in software that allowed bypassing protections. No indication that the data was encrypted... perhaps this is an opportunity for Congress to learn the need for more usable security systems, including encryption, to reduce the RISK of accidental sharing? http://www.washingtonpost.com/wp-dyn/content/article/2009/10/29/AR2009102904597.html?hpid=topnews ------------------------------ Date: Fri, 30 Oct 2009 13:44:58 PDT From: "Peter G. Neumann" <neumann_at_private> Subject: Re: File share leaks data on US Congress members under investigation Congressional investigation kimono opened? Some not-so-senior Congressional employee working from home with peer-to-peer file sharing software apparently blew the security on the ongoing internal congressional investigations. http://www.comcast.net/articles/news-politics/20091030/US.Congress.Leaked.Ethics.Report/ ------------------------------ Date: Sat, 24 Oct 2009 16:04:04 -0400 (EDT) From: msb_at_private (Mark Brader) Subject: Fugitive caught via Facebook updates Maxi Sopo was living in Cancun, and allegedly living high on the proceeds of bank fraud in the US. He maintained a Facebook entry under his own name. His status was public, but his profile was only accessible to his Facebook "friends" -- but one of them was a former US Department of Justice official. Story at: http://news.bbc.co.uk/2/hi/americas/8306032.stm http://www.guardian.co.uk/technology/2009/oct/14/mexico-fugitive-facebook-arrest Commentary and discussion at: http://www.schneier.com/blog/archives/2009/10/helpful_hint_fo.html ------------------------------ Date: Mon, 26 Oct 2009 11:28:49 -0600 From: "Matthew Kruk" <mkrukg_at_private> Subject: Facebook 'Suggests Contacting Dead Friends' http://news.sky.com/skynews/Home/Technology/Facebook-Changes-Upset-Users-Reconnect-Feature-Suggests-Dead-Friends/Article/200910415417724 Facebook 'Suggests Contacting Dead Friends' 12:51pm UK, Monday October 26, 2009 Ruth Barnett, Sky News Online Facebook's latest revamp has upset some members by recommending they get in touch with friends who have died. The social networking site, which is used by 300 million people worldwide, made the controversial changes at the weekend. One of the most prominent additions is an automatically-generated box suggesting the user "reconnect" with a specific person they have not contacted for a while. But within hours, dozens of users reported feeling distressed when the new feature told them to get in touch with someone deceased. More than 900,000 have reacted against the changes by joining a group calling for the site to go "back to normal". "Facebook just suggested that I reconnect with someone who passed away two years ago. That's messed up," one person wrote on Twitter. Another user, Emma, 27, was confronted by the image of a deceased friend when she logged into the site at the weekend. "Like many of his friends I haven't deleted his profile as that would feel weird. I'm sure thousands of Facebook users are in the same position," she told Sky News Online. "When someone dies there doesn't seem to be much you can do about their profile. It would be nice to keep it as a memorial but there is no way of acknowledging what has happened to that person. "There should be a way of recognising this on their profile or Facebook should remove the feature altogether to avoid causing offence." Facebook does offer a "memorialisation" option and invite users to alert them to a death but it is not widely known or publicised. The glitch reveals the "insensitivity of the algorithm," according to Mashable blogger Pete Cashmore. He also found examples of the site suggesting ex husbands and wives. "Facebook is investigating the situation," a spokeswoman for the site told Sky News Online. ------------------------------ Date: Tue, 20 Oct 2009 21:30:00 -0800 From: Jim Schindler <jimschin_at_private> Subject: Massive Gene Database Planned in California (David Talbot) David Talbot, Massive Gene Database Planned in California; The data will be compared against electronic health records and patients' personal information. *Technology Review*, 21 Oct 2009 www.technologyreview.com/biomedicine/23777/?nlid=2446 Plans for genetic analyses of 100,000 older Californians--the first time genetic data will be generated for such a large and diverse group--will accelerate research into environmental and genetic causes of disease, researchers say. "This is a force multiplier with respect to genome-wide association studies," says Cathy Schaefer, a research executive at Kaiser Permanente <http://www.kaiserpermanente.org/>, a health-care provider based in Oakland, CA, whose patients will be involved. Researchers will be able to study the data and seek insights into the interplay between genes, the environment, and disease, thanks to access to detailed electronic health records, patient surveys, and even records of environmental conditions where the patients live and work. "The importance of this project is that it will, almost overnight--well, in two years--produce a very large amount of genetic and phenotypic data that a large number of investigators and scientists can begin asking questions of, rather than having to gather data first," Schaefer says. The effort will make use of existing saliva samples taken from California patients, whose average age is 65. Their DNA will be analyzed for 700,000 genetic variations called single-nucleotide polymorphisms, or SNPs, using array analysis technology from Affymetrix in Santa Clara, CA. Through the National Institutes of Health (NIH), the resulting information will be available to other researchers, along with a trove of patient data including patients' Kaiser Permanente electronic health records, information about the air and water quality in their neighborhoods, and surveys about their lifestyles. The result will be the largest genetic health research platform of its kind, says Schaefer, who directs Kaiser Permanente's research program on genes, the environment, and health. The study is being undertaken together with the University of California, San Francisco (UCSF), with a $25 million, two-year NIH grant that tapped federal stimulus funds allocated earlier this year. The potential for study is nearly limitless. Researchers will likely seek the genetic influences that determine why some people suffering from, say, cardiovascular disease and type 2 diabetes deteriorate more rapidly than others; and tease out which genetic factors reduce the effectiveness of various drugs or, indeed, make them hazardous, Schaefer says. As doctors obtain more such insights, this will allow them to tailor drug regimens and focus resources on higher-risk patients. Given the high average age of the group, the platform will also be a boon to studying diseases of aging. "One might want to ask," Schaefer says, "what are the genetic influences on changes in blood pressure as people age, and how are those changes in blood pressure related to diseases of aging, like stroke and Alzheimer's and other cardiovascular diseases?" ------------------------------ Date: Sat, 24 Oct 2009 09:20:10 -0700 From: "Frank Jimenez (franjime)" <franjime_at_private> Subject: Drivers ticketed for not speaking English - misapplication of UI Apparently, in the USA, there is a Federal Law requiring holders of commercial driving licenses to speak English. However, the user interface for citations in the Dallas Police Department also made this option available when citing drivers of private vehicles. Recently, a particular case was publicized in the local media, and it was later discovered that 38 tickets had been issued improperly to non-commercial drivers. The risk here is the ability to choose an option from a drop-down box that doesn't actually apply to a particular law enforcement situation. More details here: http://www.nbcdfw.com/news/local-beat/Dallas-Cop-Cites-Driver-for-Not-Speaking-English-65793662.html ------------------------------ Date: Thu, 29 Oct 2009 13:02:24 -0700 From: Henry Baker <hbaker1_at_private> Subject: Privacy of health care info & health insurers Since Congress & various states passed laws to protect our health info from being sold to drug companies, we thought our mail boxes would be safe from spam advertisements targeted to us on the basis of our health information. Apparently we were wrong. The drug companies are now paying our health insurers to send out advertisements for their drugs to us on the basis of our health insurance information. I recently received an advertisement from my insurance company for a shingles drug which costs a bundle just for the copay. In the letter accompanying this advertisement: "The development and distribution of these materials is supported by Merck & Co., Inc." The letter included a phone number to be dropped from the distribution of these advertisements. I think that this letter indicates whose pocket "our" health insurer is in, and it isn't ours, the customer/taxpayer. ------------------------------ Date: Tue, 27 Oct 2009 13:56:12 PDT From: "Peter G. Neumann" <neumann_at_private> Subject: Spam forged from .gov and .mil Recent "FDIC" spam messages were forged to appear to be sent from fdic.gov. In the past, spammers have steered clear of forging their messages from ".gov" and ".mil" addresses due to the associated legal consequences if they were caught and prosecuted. As a result, SRI is now spam-filtering .gov and .mil. [PGN-ed from an SRI facilities message.] ------------------------------ Date: Tue, 27 Oct 2009 01:14:59 -0400 From: David Lesher <wb8foz_at_private> Subject: AMEX sends USB trojan keyboards in ads A fellow user group member reported getting a USB-fob from American Express. When he plugged in to a port, it attempted to send his xterm command line to <http://VCGW.NET/..../.....> {the dots were hex digits, it appears.... [and PGN changed x to dot to avoid filtering]} but didn't succeed. [It may be Windows and Mac compatible, but not Linux...] That address redirects to an Amex URL: <https://www201.americanexpress.com/> It identified itself on the USB chain as: Bus 003 Device 003: ID 05ac:020b Apple, Inc. Pro Keyboard [Mitsumi, A1048/US layout] Since it's clearly NOT an Apple Pro Keyboard; one wonders why the manufacturer <http://www.ikyp.com> chose that false identity. The masquerade as a keyboard might also have been to penetrate those machines that do not blindly mount USB storage devices. Risks: While we now look for incoming malware on the TCP/IP connections, clearly we need to similarly monitor the other ports as well; you can do just as much damage (or more) with a insider keyboard attack, given some social engineering. Is the power line next? [I'm somewhat reminded of the DOS era story of a voice recognition product demo where someone in the audience yelled "FORMAT C:" and "YES"....] This is tangential: <http://www.digitalsociety.org/2009/08/apple-keyboards-hacked-and-possessed/> ------------------------------ Date: Fri, 23 Oct 2009 14:49:32 -0700 From: Gene Wirchenko <genew_at_private> Subject: Risks of Using Encryption (Roger Grimes) Roger Grimes had an interesting column on security recently: http://www.infoworld.com/d/security-central/dont-trust-public-pc-your-digital-identity-126?source=IFWNLE_nlt_daily_2009-10-23 Excerpt of particular interest: "Similarly, I need the recipient's public key so that I can send him or her encrypted content. We should never share private keys. That's why they are called private. Pretty simple -- or so you would think. More often than not, if the person isn't overly familiar with PGP/SMIME, even if they've been using it, they send me their private key. Being the good citizen that I am, I delete their private key and ask again for their public key, explaining that with their private key, I could be them, for all digital purposes. About half the newly educated group then sends back my public key back or, if they're using PGP, their private key ring, which contains all their private keys. You might think that I'm making this stuff up, but it's pretty much been this way with PKI and PGP exchanges since they were invented. PGP's own Phil Zimmerman has often written on this subject." ------------------------------ Date: October 23, 2009 11:04:18 EDT From: Randall Webmail <rvh40_at_private> Subject: 'Robot' computer to mark English essays (Polly Curtis) [From Dave Farber's IP, johnmac, ...] [I guess it's not so different from using grad students: autograding. RVH] 'Robot' computer to mark English essays Exam board denies system will be extended to GCSEs Union fears 'a disaster waiting to happen' The owner of one of England's three major exam boards is to introduce artificial intelligence-based automated marking of English exam essays in the UK from next month. Pearson, the American-based parent company of Edexcel, is to use computers to "read" and assess essays for international English tests in a move that has fueled speculation that GCSEs and A-levels will be next. All three exam boards are now investing heavily in e-assessment but none has yet perfected a form of marking essays using computers -- or "robots" -- that it is willing to use in mainstream exams. Academics and leaders in the teaching profession said that using machines to mark papers would create a "disaster waiting to happen". [Source: Polly Curtis, *The Guardian*, 25 Sep 2009; PGN-ed] [IP Archives: https://www.listbox.com/member/archive/247/=now] ------------------------------ Date: Tue, 27 Oct 2009 14:18:39 -0700 From: Lauren Weinstein <lauren_at_private> Subject: Is Net Neutrality a Communist Plot? "Declassified DoD Film" Is Net Neutrality a Communist Plot? ("Declassified DoD Film") http://lauren.vortex.com/archive/000627.html Greetings. As a strong supporter of Net Neutrality (http://lauren.vortex.com/archive/000625.html), I've been increasingly concerned by recent accusations from some anti-neutrality forces and media commentators, who claim that Net Neutrality is actually an insidious and dangerous "communist plot" that must be destroyed at all costs. Such a characterization has seemed utterly ridiculous to me, and hopefully also to most other reasonable observers. However, a friend of mine working at a certain "Three-Initial Agency" (that must remain unnamed) recently uncovered a long-lost U.S. government film that appears to shed unexpected light on accusations of a linkage between communist/Marxist ideologies and Net Neutrality. He managed to get the short film (only a few minutes long) rapidly declassified and shipped it out to me. I've now digitized the 16mm print and brought it online. The complete film (with associated very brief explanatory text, etc. that I've included) can be viewed at the YouTube link: Is Net Neutrality a Communist Plot? http://www.youtube.com/watch?v=4fCLFKlYW3c I must admit, the film certainly had an impact on me! Lauren Weinstein +1 (818) 225-2800 http://www.pfir.org/lauren Co-Founder, PFIR http://www.pfir.org and NNSquad http://www.nnsquad.org GCTIP Global Coalition for Transparent Internet Performance http://www.gctip.org PRIVACY Forum - http://www.vortex.com Lauren's Blog: http://lauren.vortex.com ------------------------------ Date: Fri, 23 Oct 2009 02:08:04 -0400 (EDT) From: danny burstein <dannyb_at_private> Subject: Speaking of cable modem insecurity Chen, founder of a software startup called Pip.io, said he was trying to help a friend change the settings on his cable modem and discovered that Time Warner had hidden administrative functions from its customers with Javascript code. By simply disabling Javascript in his browser, he was able to see those functions, which included a tool to dump the router's configuration file. That file, it turned out, included the administrative login and password in cleartext. Chen investigated and found the same login and password could access the admin panels for every router in the SMC8014 series on Time Warner's network - a grave vulnerability, given that the routers also expose their web interfaces to the public-facing Internet. All of this means that a hacker who wanted to target a specific router and change its settings could access a customer's admin panel from anywhere on the net through a web browser, log in with the master password, and then start tinkering. Among the possibilities, the intruder could alter the router's DNS settings - for example, to redirect the customer's browser to malicious websites - or change the Wi-Fi settings to open the user's home network to the neighbors. ------------------------------ Date: Sun, 25 Oct 2009 19:59:04 GMT From: anton_at_private (Anton Ertl) Subject: Re: Toyota uncontrolled acceleration (Lesher, Risks 25.82) Motorcycles in Austria and Germany (and maybe other places) are equipped with kill switches that can be easily reached, in addition to having an ignition key. Given the number of incidents with runaway cars one reads about, maybe that should be a required feature of cars, too (even with a traditional ignition key, there is the risk of activating the steering lock when shutting off the engine with it). On one of my first rides with my motorcycle, the engine tried to run away (probably a mechanical thing, few or no computers on that 1986 motorcycle) which created a few moments of horror, but then I pulled the clutch and activated the kill switch, and had everything under control. M. Anton Ertl http://www.complang.tuwien.ac.at/anton/home.html ------------------------------ Date: Mon, 26 Oct 2009 22:50:50 -0500 (CDT) From: Matt Roberds <mroberds_at_private> Subject: Re: Toyota uncontrolled acceleration (David Lesher, RISKS-25.82) The brake performance of new cars sold in the US since about 2000 is regulated by Federal Motor Vehicle Safety Standard 135, 49 CFR 571.135. (Previously it was FMVSS 105. The analogous Canadian standards are CMVSS 135 and CMVSS 105.) The US standards can be navigated to from http://www.gpoaccess.gov/ecfr/ ; a very quick read of FMVSS 135 doesn't show any tests that are supposed to be done with the throttle open during the test. There *are* tests that are done with the vehicle loaded to its maximum weight rating, both with the braking system intact and with various failures present. An acquaintance of mine has worked for various car manufacturers and has described doing brake tests that seem to be in excess of the federal requirements, such as testing a fully loaded vehicle descending a mountain in Colorado. To the best of my recollection, however, these were also done with the throttle closed. Several of the other FMVSSs touch various aspects of the user interface of a car, including at least 101, 102, 114, and 124. 114 does cover the possibility of using something other than a physical key, but does not specify too much about its behavior. This may be a case where the available products are outpacing the regulations. ------------------------------ Date: Wed, 21 Oct 2009 22:34:32 +0200 From: Peter Houppermans <peter_at_private> Subject: Re: Danger and Paris Hilton (Re: Risks 25.82, Danger-ous services) * I consider it unlikely that Paris Hilton would call tech support - that's what you have assistants for. * I'm amazed nobody commented on the irony of a Microsoft company asking people NOT to reboot :-). ------------------------------ Date: Thu, 29 May 2008 07:53:46 -0900 From: RISKS-request_at_private Subject: Abridged info on RISKS (comp.risks) The ACM RISKS Forum is a MODERATED digest, with Usenet equivalent comp.risks. => SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) if possible and convenient for you. The mailman Web interface can be used directly to subscribe and unsubscribe: http://lists.csl.sri.com/mailman/listinfo/risks Alternatively, to subscribe or unsubscribe via e-mail to mailman your FROM: address, send a message to risks-request_at_private containing only the one-word text subscribe or unsubscribe. You may also specify a different receiving address: subscribe address= ... . You may short-circuit that process by sending directly to either risks-subscribe_at_private or risks-unsubscribe_at_private depending on which action is to be taken. Subscription and unsubscription requests require that you reply to a confirmation message sent to the subscribing mail address. Instructions are included in the confirmation message. Each issue of RISKS that you receive contains information on how to post, unsubscribe, etc. => The complete INFO file (submissions, default disclaimers, archive sites, copyright policy, etc.) is online. <http://www.CSL.sri.com/risksinfo.html> The full info file may appear now and then in RISKS issues. *** Contributors are assumed to have read the full info file for guidelines. => .UK users should contact <Lindsay.Marshall_at_private>. => SPAM challenge-responses will not be honored. Instead, use an alternative address from which you NEVER send mail! => SUBMISSIONS: to risks_at_private with meaningful SUBJECT: line. *** NOTE: Including the string "notsp" at the beginning or end of the subject *** line will be very helpful in separating real contributions from spam. *** This attention-string may change, so watch this space now and then. => ARCHIVES: ftp://ftp.sri.com/risks for current volume or ftp://ftp.sri.com/VL/risks for previous VoLume <http://www.risks.org> redirects you to Lindsay Marshall's Newcastle archive http://catless.ncl.ac.uk/Risks/VL.IS.html gets you VoLume, ISsue. Lindsay has also added to the Newcastle catless site a palmtop version of the most recent RISKS issue and a WAP version that works for many but not all telephones: http://catless.ncl.ac.uk/w/r <http://the.wiretapped.net/security/info/textfiles/risks-digest/> . ==> PGN's comprehensive historical Illustrative Risks summary of one liners: <http://www.csl.sri.com/illustrative.html> for browsing, <http://www.csl.sri.com/illustrative.pdf> or .ps for printing ==> Special Offer to Join ACM for readers of the ACM RISKS Forum: <http://www.acm.org/joinacm1> ------------------------------ End of RISKS-FORUM Digest 25.83 ************************Received on Fri Nov 06 2009 - 13:49:49 PST
This archive was generated by hypermail 2.2.0 : Fri Nov 06 2009 - 14:44:41 PST