RISKS-LIST: Risks-Forum Digest Monday 2 January 2012 Volume 26 : Issue 70 ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <http://www.risks.org> as <http://catless.ncl.ac.uk/Risks/26.70.html> The current issue can be found at <http://www.csl.sri.com/users/risko/risks.txt> Contents: Election integrity (Bob Fitrakis/Harvey Wasserman) 3 of 2011's worst data breaches involved medical records (Healthcare Tech Review) Skype Information Leakage and decoding of encrypted packets (Stephan Burschka via Lauren Weinstein) Re: Risks and aircraft control - how does voting fit into this? (John Levine) AZ Humane Society lies, kills man's cat, blocks Facebook comments () Re: Internet of things (David Magda) Re: IMDb and Amazon vs. the "Ageless Actress" (Peter Houppermans) Re: "Risks of focusing on risks" (Bob Paddock) Expiring CharlieCards causing confusion and frustration (Monty Solomon) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Sat, 31 Dec 2011 12:28:47 PST From: "Peter G. Neumann" <neumann_at_private> Subject: Election integrity (Bob Fitrakis/Harvey Wasserman, commondreams.org) Bob Fitrakis and Harvey Wasserman Has America's Stolen Election Process Finally Hit Prime Time? http://www.commondreams.org/view/2011/12/30-2 It took two stolen US Presidential elections and the prospect of another one coming up in 2012. For years the Democratic Party and even much of the left press has reacted with scorn for those who've reported on it. But the imperial fraud that has utterly corrupted our electoral process seems finally to be dawning on a broadening core of the American electorate---if it can still be called that. The shift is highlighted by three major developments: 1. The NAACP goes to the United Nations In early December, the National Association for the Advancement of Colored People (NAACP), the largest civil rights organization in America, announced that it was petitioning the United Nations over the orchestrated GOP attack on black and Latino voters. In its landmark report entitled Defending Democracy: Confronting Modern Barriers to Voting Rights in America, the NAACP directly takes on the new Jim Crow tactics passed in fourteen states that are designed to keep minorities from voting in 2012. The report analyzes 25 laws that target black, minority and poor voters ``unfairly and unnecessarily restrict[ing] the right to vote.'' It notes ``a coordinated assault on voting rights.'' The Free Press has been reporting on this coordinated assault since the 2000 election, including the heroic struggle of voters in Ohio to postpone the enactment of the draconian House Bill 194 that was the most restrictive voting rights law passed in the United States. (See Voting rights activists fight back against new Republican Jim Crow attack in Ohio.) http://www.freepress.org/columns/display/3/2011/1894 The NAACP points out that this most recent wave of voter repression is a reaction to the ``historic participation of people of color in the 2008 presidential election and substantial minority population growth according to the 2010 consensus.'' It should be no surprise that the states of the old Confederacy -- Florida, Georgia, Texas, and North Carolina -- are in the forefront of repressing black voters. Three other Jim Crow states with the greatest increase in Latino population -- South Carolina, Alabama, and Tennessee -- also implemented drastic measures to restrict minority voting. The report documents that a long-standing tactic under fire since the 1860s -- the disenfranchisement of people with felony convictions -- is back in vogue. This has been coupled with `severe restrictions' on persons conducting voter registration drives and reducing opportunities for early voting and the use of absentee ballots complete these template legislative acts. Most of these new Jim Crow tactics were initially drafted as model legislation by the American Legislative Exchange Council (ALEC), a secretive and conservative corporate policy group whose founder, according to the NAACP, is on record in favor of reducing the voting population in order to increase their own `leverage'. The Brennan Center for Justice estimates that the 25 laws passed in these 14 states could prevent as many as 5 million voters from voting, a number easily exceeding the margin of victory in numerous presidential elections. Ohio's HB 194, which awaits a 2012 referendum vote, would disenfranchise an estimated 900,000 in one of our nation's key battleground states. An important statistic in all the legislation is that 25% of African Americans lack a state photo identification, as do 15% of Latinos, but by comparison, only 8% of white voters. Other significant Democratic constituents -- the elderly of all races and college students -- would be disproportionately impacted. Ohio voters have just repealed a draconian anti-labor law passed by the GOP-dominated legislature and the state's far-right governor John Kasich. Whether they will do the same to this massive disenfranchisement remains to be seen. But the fact that it's on a state ballot marks a major leap forward. Ohio activists are also drafting a constitutional amendment that includes revamping the registration, voting and vote count procedures.(Can we transform labor's Buckeye victory into a new era of election protection? <http://www.freepress.org/departments/display/19/2011/4386>) 2. The Justice Department awakens On Friday, December 23, 2011, the U.S. Justice Department called South Carolina's new voter ID law discriminatory. The finding was based in part on the fact that minorities were almost 20% more likely than whites to be without state-issued photo IDs required for voting. Unlike Ohio, South Carolina remains under the 1965 Voting Rights Act and requires federal pre-approval to any changes in voting laws that may harm minority voters. The Republican governor of South Carolina Nikki Haley denounced the Justice Department decision as `outrageous' and vowed to do everything in her power to overturn the decision and uphold the integrity of state's rights under the 10th Amendment. The US Supreme Court has upheld the requirement of photo ID for voting. Undoubtedly the attempt by US Attorney General Eric Holder to challenge this will go to the most thoroughly corporate-dominated Court in recent memory. The depth of the commitment of the Obama Administration to the issue also remains in doubt. 3. The EAC finally finds that voting machines are programmed to be partisan Another federal agency revealed another type of problem in Ohio. On December 22, 2011, the U.S. Election Assistance Commission (EAC) issued a formal investigative report on Election Systems & Software (ED&D) DS200 Precinct County optical scanners. The EAC found ``three substantial anomalies'': * Intermittent screen freezes, system lock-ups and shutdowns that prevent the voting system from operating in the manner in which it was designed * Failure to log all normal and abnormal voting system events * Skewing of the ballot resulting in a negative effect on system accuracy The EAC ruled that the ballot scanners made by ES&S electronic voting machine firm failed 10% of the time to read the votes correctly. Ohio is one of 13 states that requires EAC certification before voting machines can be used in elections. The Cleveland Plain Dealer reported in 2010 that the voting machines in heavily Democratic Cuyahoga County had failed during testing for the 2010 gubernatorial election. Cleveland uses the same Republican-connected ES&S ballot scanners -- the DS200 opti-scan system. Ohio's Mahoning County, home of the Democratic enclave of Youngstown, also uses the DS200s. The same opti-scan system is also used in the key battleground states of Florida, Illinois, Indiana, New York, and Wisconsin. Voting rights activists fear a repeat of the well-documented vote switching that occurred in Mahoning County in the 2004 presidential election when county election officials admitted that 31 of their machines switched Kerry votes to Bush. But a flood of articles about these realities---including coverage in the New York Times---seems to indicate the theft of our elections has finally taken a leap into the mainstream of the American mind. Whether that leads to concrete reforms before another presidential election is stolen remains to be seen. But after more than a decade of ignorance and contempt, it's about time something gets done to restore a semblance of democracy to the nation that claims to be the world's oldest. Bob Fitrakis [bio and various succeeding commentaries omitted. Some RISKS readers may consider Fitrakis's analysis politically motivated. From a RISKS perspective, it is merely a reevaluation of many issues that have appeared here in the past. Democracy should be for Everyone, just as The Internet is for Everyone! PGN] ------------------------------ Date: Mon, 02 Jan 2012 15:07:22 -0500 From: Healthcare Tech Review <weekly_at_private> Subject: 3 of 2011's worst data breaches involved medical records Special Report: 3 of 2011's worst data breaches involved medical records -- From Healthcare Tech Review <http://healthcaretechreview.com/> We've reported before on how valuable health information is for criminals. http://healthcaretechreview.com/stolen-medical-records-lucrative/ patients' That explains why a few of the worst data breaches organizations experienced in the past year involved the theft of electronic medical records. http://to.healthcaretechreview.com/az?ue=QQG&pulb=1&Id=6834011986&L=HealthcareTechReview_5_A 29 Dec 2011 by Scott Gibson <http://healthcaretechreview.com/author/snarisi/> <http://healthcaretechreview.com/worst-data-breaches-involved-medical-records/> Privacy Rights Clearinghouse (PRC), a nonprofit consumer protection group, recently published its list of the six worst data breaches of 2011. Of those that made the list, three involved health information. <https://www.privacyrights.org/top-data-breach-list-2011> Medical records are a big target for criminals, PRC said, because of the amount of sensitive information they contain. Those records often contain not just coveted Social Security numbers and dates of birth, but also data that can be used to commit insurance fraud or buy and resell prescription drugs. These were the three most significant health data breaches of 2011: * Sutter Physicians Services and Sutter Medical Foundation: A desktop computer containing patient data was stolen from Sutter's administrative offices in Sacramento, CA. The PC was password-protected, but data was not encrypted, and approximately 3.3 million patients whose providers use Sutter's services had sensitive information exposed. Sutter has been sued for negligence in protecting the patients' information and failing to notify affected patients in a timely manner. * Health Net: Nine servers went missing from Health Net's data center in Rancho Cordova, CA, containing the names, addresses, Social Security numbers, and health and financial information of 1.9 million policy holders. The theft was discovered in January, but affected customers weren't informed until three months later. * Tricare/SAIC: Backup data tapes containing information about patients from military hospitals and clinics were stolen from an employee's car. The data on the tapes was unencrypted and included patient medical information potentially spanning years from 1992 to 2011. An estimated 5.1 million patients may have been affected, and a $4.9 billion lawsuit has been filed against Tricare and SAIC. Those breaches had some elements in common -- they all involved data that was unencrypted and were carried out by stealing physical equipment containing data. Also, in two of the incidents, a major issue was the failure to notify people whose information may have been stolen. The lessons for health IT professionals: 1. Make sure all sensitive data is kept encrypted 2. Pay attention to physical security as well as information security 3. Create policies and train employees to be careful when they transport sensitive data outside of the office, and 4. If a breach does occur, organization must make sure law enforcement and affect people are notified as soon as possible -- it pays to have a breach plan in place before an incident occurs. [PRC's 6 Worst Data Breaches among 535 cases noted by PRC in 2011 (not just healthcare) were also reported in *Information Week*: Sony, Epsilon, RSA, Sutter, Tricare/SAIC, and Nasdaq. PGN] http://www.informationweek.com/news/security/attacks/232301079 ------------------------------ Date: Thu, 29 Dec 2011 13:18:05 -0800 From: Lauren Weinstein <lauren_at_private> Subject: Skype Information Leakage and decoding of encrypted packets Stephan Burschka, Chaos Computer Club Congress (YouTube / ~1 hour) Datamining for Hackers - Skype Information Leakage and decoding of encrypted packets [via NNSquad] http://j.mp/spIFdh http://bit.ly/rBS7SW "This talk presents Traffic Mining (TM) particularly in regard to VoiP applications such as Skype. TM is a method to digest and understand large quantities of data. Voice over IP (VoIP) has experienced a tremendous growth over the last few years and is now widely used among the population and for business purposes. The security of such VoIP systems is often assumed, creating a false sense of privacy. Stefan will present research into leakage of information from Skype, a widely used and protected VoIP application. Experiments have shown that isolated phonemes can be classified and given sentences identified. By using the dynamic time warping (DTW) algorithm, frequently used in speech processing, an accuracy of 60% can be reached. The results can be further improved by choosing specific training data and reach an accuracy of 83% under specific conditions." ------------------------------ Date: 30 Dec 2011 05:17:05 -0000 From: John Levine <johnl_at_private> Subject: Re: Risks and aircraft control - how does voting fit into this? >vote online", but also "if we can rely on software to fly our planes, why >can't we rely on software to run our elections". If people were trying as hard to subvert avionics software as they are to subvert voting software, we wouldn't use software to fly our planes either. It's a totally different environment. It certainly doesn't help that most voting software seems to be written by people who flunked out of junior high school programming classes, but even if it were better written, the threat models are not even a little bit comparable. ------------------------------ Date: Sat, 31 Dec 2011 3:30:11 PST From: "Peter G. Neumann" <neumann_at_private> Subject: AZ Humane Society lies, kills man's cat, blocks Facebook comments Rescue group in crisis mode after cat euthanized http://j.mp/vHgXOn (AP / TriCityHerald, Phoenix, Arizona) "Animal lovers threatened to pull donations to an animal rescue group and the public flooded the agency with scathing comments and calls after a man's cat was euthanized when he couldn't afford its medical care, prompting the Arizona Humane Society to go into damage-control mode Wednesday.The group has hired a publicist, removed dozens of comments on its Facebook page and directed a team of five volunteers to respond to the overwhelming calls and emails it has received since The Arizona Republic published a weekend story about Daniel Dockery and his 9-month-old cat, Scruffy." ------------------------------ Date: Fri, 30 Dec 2011 13:25:44 -0500 From: David Magda <dmagda_at_private> Subject: Re: Internet of things In RISKS-26.65 and 26.66 there were reports of HP printers being vulnerable to being compromisable. The original researcher, Ang Cui, has now given the technical details at this year's Chaos Communications Congress (28C3): Weaknesses within the firmware update process allows the attacker to make arbitrary modifications to the NVRAM contents of the device. The attacks we present exploit a functional vulnerability common to all HP printers, and do not depend on any specific code vulnerability. These attacks cannot be prevented by any authentication mechanism on the printer, and can be delivered over the network, either directly or through a print server (active attack) and as hidden payloads within documents (reflexive attack). http://events.ccc.de/congress/2011/Fahrplan/events/4780.en.html http://boingboing.net/2011/12/30/printer-malware-print-a-malic.html (via) A video of his one hour presentation is available: http://www.youtube.com/watch?v=njVv7J2azY8 As Boing Boing mentions, there was also a paper on attacking via PostScript, which is found in just about every medium- to high-end printer out there: http://events.ccc.de/congress/2011/Fahrplan/events/4871.en.html ------------------------------ Date: Fri, 30 Dec 2011 19:33:39 +0000 From: Peter Houppermans <peter_at_private> Subject: Re: IMDb and Amazon vs. the "Ageless Actress" (Weinstein, R-26.69) There is an interesting gap in privacy legislation between the US and EU. This is why European (and Swiss) privacy laws demand that such permission is given EXPLICITLY. Having it buried in another contract in six point light grey Sanskrit characters on a white background is not acceptable - the section that deals with handing of personal data must be separate, needs to clearly spell out what that data is going to be used for and may NOT be defaulted to "yes" in the case of the use of tick boxes. ------------------------------ Date: Fri, 30 Dec 2011 20:21:13 -0500 From: Bob Paddock <bob.paddock_at_private> Subject: Re: "Risks of focusing on risks" (RISKS-26.68) Some items from my blog: "In the Law of Unintended Consequences, the site Insurance Institute for Highway Safety, Highway Loss Data Institute, tells us in their September 28th, 2010 report that, Texting bans don't reduce crashes; effects are slight crash *increases* because the Texter is trying harder to hide what they are doing, becoming even more distracted." http://blog.softwaresafety.net/2010/11/emergency-broadcast-alerts-coming-to.html based on report from: http://www.iihs.org/news/rss/pr092810.html . Now we also have Distracted Doctors: http://blog.softwaresafety.net/2011/12/distracted-doctoring-better-or-worse.html and the potential for Distracted Pilots (the paper being replaced by a device may have already been a distraction): http://blog.softwaresafety.net/2011/12/distracted-pilots.html As Bob Frankston points out, it is not the device that is the problem, it is the persons behavior that is the problem. http://blog.softwaresafety.net/ http://www.designer-iii.com/ http://www.wearablesmartsensors.com/ ------------------------------ Date: Mon, 2 Jan 2012 02:09:46 -0500 From: Monty Solomon <monty_at_private> Subject: Expiring CharlieCards causing confusion and frustration Excerpt from Expiring CharlieCards causing confusion and frustration http://www.bostonglobe.com/metro/2012/01/01/expiring-charliecards-causing-confusion-and-frustration/aCFuYJF2erbu5072enGKFI/story.html?s_campaign=8315 For frequent riders, the expiration proves largely invisible: Their cards get an automatic software upgrade, and two-year extension, when swiped. But irregular riders may find themselves suddenly unable to use their plastic CharlieCard. .. A few weeks ago, reader Irene Gruenfeld of Sudbury and her husband took their 5-year-old twins on a stroll through the city with a promise of a Red Line ride from Charles/MGH back to their car in South Boston. They had more than $10 on each of their cards, but the station gates failed to open, displaying an "expired'' message. The vending machines presented similarly cryptic information. No staff was present, forcing them to buy the paper CharlieTickets spit out by the machine, which cost 30 cents more per ride. When the CharlieCard was introduced, five years was the industry standard for the still-emerging smartcard technology. Manufacturers at the time recommended a programmed "sunset date'' to stave off problems that might arise from frequently used cards nearing the end of their useful life, he said. As it became clear the cards could last longer, more recently issued CharlieCards have been given sunset dates of 10 years. Most of the 6 million issued have the longer lifespan, he said. ------------------------------ Date: Mon, 6 Jun 2011 20:01:16 -0900 From: RISKS-request_at_private Subject: Abridged info on RISKS (comp.risks) The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is comp.risks, the feed for which is donated by panix.com as of June 2011. => SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) if possible and convenient for you. The mailman Web interface can be used directly to subscribe and unsubscribe: http://lists.csl.sri.com/mailman/listinfo/risks Alternatively, to subscribe or unsubscribe via e-mail to mailman your FROM: address, send a message to risks-request_at_private containing only the one-word text subscribe or unsubscribe. You may also specify a different receiving address: subscribe address= ... . You may short-circuit that process by sending directly to either risks-subscribe_at_private or risks-unsubscribe_at_private depending on which action is to be taken. Subscription and unsubscription requests require that you reply to a confirmation message sent to the subscribing mail address. Instructions are included in the confirmation message. Each issue of RISKS that you receive contains information on how to post, unsubscribe, etc. => The complete INFO file (submissions, default disclaimers, archive sites, copyright policy, etc.) is online. <http://www.CSL.sri.com/risksinfo.html> The full info file may appear now and then in RISKS issues. *** Contributors are assumed to have read the full info file for guidelines. => .UK users may contact <Lindsay.Marshall_at_private>. => SPAM challenge-responses will not be honored. Instead, use an alternative address from which you NEVER send mail! => SUBMISSIONS: to risks_at_private with meaningful SUBJECT: line. *** NOTE: Including the string "notsp" at the beginning or end of the subject *** line will be very helpful in separating real contributions from spam. *** This attention-string may change, so watch this space now and then. => ARCHIVES: ftp://ftp.sri.com/risks for current volume or ftp://ftp.sri.com/VL/risks for previous VoLume http://www.risks.org takes you to Lindsay Marshall's searchable archive at newcastle: http://catless.ncl.ac.uk/Risks/VL.IS.html gets you VoLume, ISsue. Lindsay has also added to the Newcastle catless site a palmtop version of the most recent RISKS issue and a WAP version that works for many but not all telephones: http://catless.ncl.ac.uk/w/r <http://the.wiretapped.net/security/info/textfiles/risks-digest/> . ==> PGN's comprehensive historical Illustrative Risks summary of one liners: <http://www.csl.sri.com/illustrative.html> for browsing, <http://www.csl.sri.com/illustrative.pdf> or .ps for printing is no longer maintained up-to-date except for recent election problems. ==> Special Offer to Join ACM for readers of the ACM RISKS Forum: <http://www.acm.org/joinacm1> ------------------------------ End of RISKS-FORUM Digest 26.70 ************************Received on Mon Jan 02 2012 - 15:48:41 PST
This archive was generated by hypermail 2.2.0 : Mon Jan 02 2012 - 21:43:36 PST