RISKS-LIST: Risks-Forum Digest Wednesday 4 April 2012 Volume 26 : Issue 77 ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <http://www.risks.org> as <http://catless.ncl.ac.uk/Risks/26.77.html> The current issue can be found at <http://www.csl.sri.com/users/risko/risks.txt> Contents: More April Foolishness ICANN Announces Surprise Termination of Domain Name Expansion Program; Plans Own Dissolution (Lauren Weinstein) Unicode in the modern communications world (Mike Tashker) The Evil Bit, the Angelic Bit, and the "I'm not sure" value! (PGN) Arizona Internet censorship bill on Gov's desk (Lauren Weinstein) Reserved Words Anyone? (Marv Schaefer) DDoS attack disrupts Canadian political party leadership vote (Mark Brader) Why Your Vote Won't Count (Mark E. Smith) Tor traffic disguised as Skype video to fool repressive governments Kazakh gold medal team gets Borat national anthem -- googled! (Rob McCool) Australian Court Finds Google Guilty of Deceptive Ad Tactics (Lauren Weinstein) Tom Tom GPS "Leap Year Bug" (Martyn Thomas) Second Murdoch hacking scandal (Charles C. Mann) An end to phones in every home? (David Cay Johnston) Apple holds the master decryption key when it comes to iCloud security, privacy (Chris Foresman via Monty Solomon) Outage of Visa network kept people from using credit, debit cards for a time Sunday afternoon (Monty Solomon) Re: Texting error leads to lockdowns at two schools (Paul Wallich) Re: Not even a tiny bit creepy. After all, Orwell WAS British (Marcus Rowland) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Sun, 1 Apr 2012 From: Lauren Weinstein <lauren_at_private> Subject: ICANN Announces Surprise Termination of Domain Name Expansion Program; Plans Own Dissolution Lauren Weinstein's Blog Update: ICANN Announces Surprise Termination of Domain Name Expansion Program; Plans Own Dissolution, March 31, 2012 http://lauren.vortex.com/archive/000945.html Sunday, 1 April 2012 MARINA DEL REY, California (ZAP) -- In a stunning and unexpected announcement, the Internet Corporation for Assigned Names and Numbers (ICANN) has announced the immediate termination of its controversial and much criticized plan for a vast expansion of generic top-level Internet domain names (gTLDs), and has set an aggressive timetable for the dissolution of ICANN itself. ICANN has been increasingly condemned for what many observers have called erratic and inappropriate decision-making processes, leading to the U.S. Department of Commerce refusing to renew a key ICANN function last month, and ICANN's own outgoing CEO publicly implying that conflicts of interest on the ICANN board of directors have allowed ICANN to be co-opted by moneyed "domainer" speculation interests. ICANN spokesman Seymour Murdochian discussed his organization's drastic change of course as he snacked on Beluga caviar spread over Wonder Bread, while watching his Rolls-Royce Silver Shadow being washed and detailed in Beverly Hills. "I realize that there are many serious allegations outstanding against ICANN these days," said Mr. Murdochian. "We're blamed for ignoring the best interests of the global Internet community. We're accused of implementing an extortionist protection racket via an enormous domain name expansion program, that would ultimately suck billions of dollars out of the Internet economy and would only serve to enrich the "domain-industrial complex" operating those domains. People claim that we arrogantly ignore legitimate concerns of trademark holders, are complicit in helping the U.S. government disable domains around the world without due process, waste money on unnecessary global travel to exotic locales, have become totally owned by a "gold rush" mentality via wealthy powers at the top of the DNS food chain, and even that we use overly expensive hand soap in our office restrooms," added Mr. Murdochian. "I want to be absolutely clear that the ICANN board of directors takes firm and uncompromising exception to such a characterization. Our hand soap is not outrageously expensive, and given the amount of hand washing we do around here, having quality soap available is a necessity, not a luxury," Murdochian noted. Murdochian then explained ICANN's recent change of heart. "After extensive discussions internally, with our travel agents, and with our personal portfolio managers, we've decided that the time is ripe for us to bow out of formal Internet affairs. We want to make way for the creation of new Internet governance models that can be purpose-built to better serve the entire Internet community around the world, will reduce the risk of Internet fragmentation that has been rising as domestic governments increasingly threaten not to play along with our current schemes, and will help reduce the risk of a potentially disastrous Internet takeover by politically-encumbered organizations such as the United Nations or International Telecommunication Union." "Therefore, we've announced that effective immediately, all ICANN activities related to new Internet top-level domains are permanently ended. We will be refunding all associated fees already paid by applicants, and as a token of our appreciation for past support will be including with each refund an approximately 1.5 carat, 'H' color, 'SI' quality diamond from our vaults." "We have filed appropriate notifications with the Department of Commerce and foreign governments expressing our intention to cease all ICANN operations no later than a year from now on 1 April 2013." "I'll be reachable for additional comments at my summer home on the Riviera if there are any other questions," said Mr. Murdochian, just before his chauffeur whisked him away. Asked about these unexpected, dramatic developments, Lauren Weinstein, a long-time Internet technologist and vocal critic of ICANN's domain name plans, said that, "It's indeed encouraging to see ICANN finally doing what's really right for the entire global Internet community, and abandoning their plans to fleece the Internet at large for the benefit of domain speculators and associated opportunists. A new alternative to ICANN and to existing organizations like the ITU and UN is definitely the way that we need to proceed to make the Internet better for everyone around the world. It's a shame though that this process has taken so long, and that this entire article is only an April Fools' Day posting." ZAP/NYC 20120401 0916 ------------------------------ Date: Sun, 1 Apr 2012 From: "Mike Tashker" <tashkerm_at_private> Subject: Unicode in the modern communications world It's occasionally appropriate to reflect on the beneficial effects of some unsung piece of technology, for example, Unicode. Unicode extends the original Western-alphabet-based encoding of the digital representation of characters to almost any language--it provides a unique number for every character, regardless of the language. This has had a major effect on digital communications. A little over 4 years ago (February 2008), analog cellphone service was turned off in the U.S. Thereafter all cell service (CDMA or GSM) was based on digital protocols. And while previously, all languages could be spoken on a cellphone, after the demise of analog, only Western languages (all letters fit within an octet) plus non-Western languages represented by Unicode could be transmitted due to the new digitization. Unicode is now up to version 6.1 and covers almost every language spoken in the world, making digital cell service near universal from a technical point of view. Some languages are still not supported, see http://tinyurl.com/m979dh for a list. This includes archaic forms such as Linear A as well as. Klingon. But unless you want to speak Klingon on a cellphone, most currently-spoken languages are covered, making digital cellphone communications a reality for linking the peoples of the world. ------------------------------ Date: Sun, 1 Apr 2012 From: "Peter G. Neumann" <neumann_at_private> Subject: The Evil Bit, the Angelic Bit, and the "I'm not sure" value! In his own list, Steve Greenwald noted the following item from RFC 6593 at https://tools.ietf.org/html/rfc6593 : Inherently, services not discovered are more secure than those discovered, due to their obscurity. However, the discoverability or undiscoverability of a given service is largely independent of its security characteristics. Instead, an implementor is guided to [RFC3514] to denote evilness (and associated security) status. Since [RFC3514] only defines evil and non-evil intent of packets, this document suggests assigning an "I am not sure" additional value for the evil bit. The intentional ambiguity of this additional state makes it a perfect third value for a binary bit. Perhaps the fools are winning, and April Fools Day cannot keep up with the irrationality of the fools. In RISKS-22.66 on 1 Apr 2003, Steve Bellovin's Evil Bit (the first item on RFC 3514) and Drew Dean's Angelic Bit (the second item) -- along with Tony Bartoletti's crimeFree bit -- were wonderfool contributions. The idea of fuzzy logic being applied thereto with the "I am not sure" value of a ternary Evil bit (sic) is delicious. PGN ------------------------------ Date: Sun, 1 Apr 2012 14:43:25 -0700 From: Lauren Weinstein <lauren_at_private> Subject: Arizona Internet censorship bill on Gov's desk Arizona Internet censorship bill on Gov's desk (not a April Fool's joke) http://j.mp/H8lReN (Media Coalition) "Arizona House Bill 2549 would update the state's telephone harassment law to apply to the Internet and other electronic communications. It would make it a crime to communicate via electronic means speech that is intended to "annoy," "offend," "harass" or "terrify," as well as certain sexual speech. However, because the bill is not limited to one-to-one communications, H.B. 2549 would apply to the Internet as a whole, thus criminalizing all manner of writing, cartoons, and other protected material the state finds offensive or annoying." ------------------------------ Date: Mon, 02 Apr 2012 15:35:22 -0400 From: Marv Schaefer <bwapast_at_private> Subject: Reserved Words Anyone? Our heating/air condition serviceman just pointed me to news about the NYC school system's newest attempt to eschew vocabulary and concepts that could adversely affect test performance by minority or disadvantaged students. I don't read the *New York Post*, but found their online article. At first, I thought this to be a satirical piece on their part, but there was substantiation from CBS and ABC news. I'm, frankly distraught over this and have difficulty imagining which topics other than some aspects of the hard sciences can still be in the curriculum. I find it particularly jarring given recent anti-higher-education statements by a leading presidential candidate and numerous anti-reason/anti-science statements being made by other politicians at a time of such need for an educated populace in the face of unemployment.. Anyway, the *NYPost* ran a story with the headline "PC student tests forbid dance, dinos & lots more", these words representing topics that are to be banned from future NYC exams. The article, found at http://nyp.st/H8soqi , reads in Part: "In a bizarre case of political correctness run wild, educrats have banned references to dinosaurs, birthdays, Halloween, and dozens of other topics on city-issued tests. That's because they fear such topics ``could evoke unpleasant emotions in the students.'' Dinosaurs, for example, call to mind evolution, which might upset fundamentalists; birthdays aren't celebrated by Jehovah's Witnesses; and Halloween suggests paganism. Even dancing is taboo, because some sects object. But the city did make an exception for ballet." Their list, pulled from the website, is this: Full list of topics banned on NYC school exams Last Updated: 2:36 PM, 30 Mar 2012 Here's the full list of topics that if included on city exams would probably cause a selection to be deemed unacceptable by the New York City Department of Education: Abuse (physical, sexual, emotional, or psychological) Alcohol (beer and liquor), tobacco, or drugs Birthdays Bodily functions Cancer (and other diseases) Catastrophes/disasters (tsunamis and hurricanes) Celebrities Children dealing with serious issues Cigarettes (and other smoking paraphernalia) Computers in the home (acceptable in a school or public library setting) Crime Creatures from outer space Dancing (ballet is acceptable) Death and disease Dinosaurs and prehistoric times Divorce Evolution Expensive gifts, vacations, and prizes Gambling involving money Geological history Halloween Homelessness Holidays Homes with swimming pools Hunting In-depth discussions of sports that require prior knowledge Junk food Loss of employment Movies Nuclear weapons Occult topics (i.e. fortune-telling) Parapsychology Politics Pornography Poverty Rap music Religion Religious holidays and festivals (including but not limited to Christmas, Yom Kippur, and Ramadan) Rock-and-Roll music Running away Sex Slavery Terrorism Television and video games (excessive use) Traumatic material (including material that may be particularly upsetting such as animal shelters) Vermin (rats and roaches) Violence War and bloodshed Weapons (guns, knives, etc.) Witchcraft, sorcery, etc. Source: NYC Department of Education Request for Proposals ------------------------------ Date: Tue, 27 Mar 2012 15:33:21 -0400 (EDT) From: msb_at_private (Mark Brader) Subject: DDoS attack disrupts Canadian political party leadership vote In Canada's federal elections last May, the New Democratic Party (NDP) under leader Jack Layton rose from their usual third-place finish to reach second place for the first time. But in August Layton died. So on March 23-24, the NDP held a convention to choose a new leader, who would therefore become the Leader of the Opposition in Parliament. To maximize turnout, about 130,000 party members were eligible to vote online, either in advance (using a preferential ballot) or during the convention. http://www.cbc.ca/news/politics/story/2012/03/01/pol-cp-ndp-leadership-voting.html In fact some 58,000 advance votes were received. But despite the relatively small number of in-person votes at the actual convention, ballot results were badly delayed and voting was completely shut down for a while. The total delays amounted to hours. http://www.cbc.ca/news/politics/story/2012/03/24/ndp-leadership-voting-problems.html Subsequently it was reported that this was a the result of a distributed denial-of-service attack (DDoS), with spurious connection attempts made from over 10,000 IP addresses. http://www.cbc.ca/news/politics/story/2012/03/27/pol-ndp-voting-disruption-deliberate.html The company that ran the voting, Scytl [http://www.scytl.com], says that an audit showed that the voting itself, which elected Thomas Mulcair to the leadership, was not compromised, and that "Obviously, this has now allowed us to capture additional data to incorporate into the security measures of our system." Mark Brader, Toronto, msb_at_private | "Fast, cheap, good: choose any two." [The Scytl press release is online, but much too long to include here. http://www.newswire.ca/en/story/944715/ndp-leadership-vote-result-not-compromised-by-malicious-orchestrated-effort-to-clog-online-balloting-system-at-weekend-convention-says-scytl-canada PGN] ------------------------------ Date: Sat, 31 Mar 2012 23:54:18 -0700 From: "Mark E. Smith" <mymark_at_private> Subject: Why Your Vote Won't Count The security of the vote casting and tallying processes have nothing to do with whether or not your vote will count. Even with the most secure electoral system possible and imaginable, your vote won't necessarily count. The problem is inherent in the Constitution. In order to ensure that those who owned the country would always run the country, and to prevent ordinary voters from ever being able to use the electoral system to bring about a more democratic form of government where public opinion was able to influence policy decisions, the framers wrote the Constitution in such a way as to ensure that the popular vote would not be the final say in US elections. There is no Constitutional guarantee that the popular vote be counted at all, no less that it be counted in a way that is verifiable and subject to public oversight. The popular vote can be overridden by fraudulent vote counts, the Electoral College, Congress, or the Supreme Court. The risk to the public is not in the way that votes are or are not counted, or even in the fact that more than 90% of US ballots are counted by central tabulators that cannot be verified in a timely manner, it is in the false belief that voting constitutes a voice in government rather than consent to be governed by, and a blank check along with full power of attorney, to whoever wins. No matter how much money and effort is devoted to suppressing the vote or trying to take away the vote, a vote is of no value whatsoever unless 1) it has to be counted, 2) it must be counted in a way that is verifiable in a timely manner, and 3) it can influence policy decisions rather than just delegating such decisions to people who cannot be held accountable. Would anyone take American Idol seriously if they announced that they didn't have to count the votes, the vote count could not be verified until after the winners had been chosen, and that the judges could ignore the votes and select the winners without regard to the votes? A reminder that votes don't have to be counted: http://fubarandgrill.org/node/1353 Why voting isn't a solution: http://fubarandgrill.org/node/1360 Some reasons to boycott elections: http://fubarandgrill.org/node/1172 ------------------------------ Date: Tue, 3 Apr 2012 14:26:38 PDT From: Lauren Weinstein <lauren_at_private> Subject: Tor traffic disguised as Skype video to fool repressive governments "Recently released software makes communications sent through Tor appear almost identical to a Skype video chat to anyone monitoring the connection." http://j.mp/HIzfIO (ars technica) Memo to Ministry of Communications Suppression: Block all Skype traffic effective immediately. ------------------------------ Date: Fri, 23 Mar 2012 11:39:08 -0700 (PDT) From: Rob McCool <robm_at_private> Subject: Kazakh gold medal team gets Borat national anthem -- googled! This situation again illustrates the dangers of relying on Google (and Wikipedia in other cases) without digging any deeper. The article says it all, really: Kazakhstan's shooting team has been left stunned after a comedy national anthem from the film Borat was played at a medal ceremony at championships in Kuwait instead of the real one. The team's coach told Kazakh media the organisers had downloaded the parody from the internet by mistake. People still fail to realize that Google's ranking algorithms do not always rank for correctness. They frequently favor popularity over correctness. http://www.bbc.co.uk/news/world-middle-east-17491344 ------------------------------ Date: Tue, 3 Apr 2012 10:35:14 -0700 From: Lauren Weinstein <lauren_at_private> Subject: Australian Court Finds Google Guilty of Deceptive Ad Tactics [From NNSquad] At issue are sponsored links that show up in search results. "Google's conduct involved the use by an advertiser of a competitors name as a keyword triggering an advertisement for the advertiser with a matching headline," ACCC chairman Rod Sims said in a statement. "As the Full Court said this was likely to mislead or deceive a consumer searching for information on the competitor." http://j.mp/HbTq12 (PC Mag) I can't emphasize enough how potentially dangerous this sort of reasoning is to free speech on the Net generally. If courts are going to hold search engines responsible for the content of materials that they do not themselves generate but that their algorithms select and display, the negative impacts could ultimately go far beyond ads, directly to other forms of content broadly. These are just the sort of perverse restrictions that various repressive individuals, organizations, and governments would love to impose on us all to control and dictate information availability. - Network Neutrality Squad: http://www.nnsquad.org - People For Internet Responsibility: http://www.pfir.org - Data Wisdom Explorers League: http://www.dwel.org - Global Coalition for Transparent Internet Performance: http://www.gctip.org - PRIVACY Forum: http://www.vortex.com Tel: +1 (818) 225-2800 / Skype: vortex.com ------------------------------ Date: Tue, 03 Apr 2012 17:07:37 +0100 From: Martyn Thomas <martyn_at_thomas-associates.co.uk> Subject: Tom Tom GPS "Leap Year Bug" Some GPS devices by the Dutch company Tom Tom had been hit by a leap-year bug. The interesting point was that the devices had failed not on Feb. 29 or March 1, but on March 31. Full story at: http://www.bbc.com/news/technology-17599701 ------------------------------ Date: Mon, 26 Mar 2012 23:28:05 +0000 (UTC) From: "Charles C. Mann" <ccmann_at_private> Subject: Second Murdoch hacking scandal http://www.guardian.co.uk/media/2012/mar/26/news-corp-ondigital-paytv-panorama Snippet: "The witnesses allege a software company NDS, owned by News Corp, cracked the smart card codes of rival company ONdigital. ONdigital, owned by the ITV companies Granada and Carlton, eventually went under amid a welter of counterfeiting by pirates, leaving the immensely lucrative pay-TV field clear for Sky." Unlike the "phone-hacking" scandal, which mainly involved reporters listening to answering machines whose owners hadn't bothered to set their passwords, this (if it pans out) seems to feature actual computer malfeasance. Charles C. Mann, P.O. Box 66, Amherst, MA 01004-0066 www.charlesmann.org ------------------------------ Date: Apr 2, 2012 2:31 PM From: "Dewayne Hendricks" <dewayne_at_private> Subject: An end to phones in every home? (David Cay Johnston) (via Dave Farber's IP) The guarantee of landline telephone service at almost any address, a legal right many Americans may not even know they have, is quietly being legislated away in our U.S. state capitals. AT&T and Verizon, the dominant telephone companies, want to end their 99-year-old universal service obligation known as "provider of last resort." They say universal landline service is a costly and unfair anachronism that is no longer justified because of a competitive market for voice services. http://www.reuters.com/article/2012/03/28/column-dcjohnston-phone-idUSL2E8EROHD20120328 ------------------------------ Date: Tue, 3 Apr 2012 19:53:00 -0400 From: Monty Solomon <monty_at_private> Subject: Apple holds the master decryption key when it comes to iCloud security, privacy (Chris Foresman) Ars recently attempted to delve into the inner workings of the security built into Apple's iCloud service. Though we came away reasonably certain that iCloud uses industry best practices that Apple claims it uses to protect data and privacy, we warned that your information isn't entirely protected from prying eyes. At the heart of the issue is the fact that Apple can, at any time, review the data synced with iCloud, and under certain circumstances might share that information with legal authorities. We consulted several sources to understand the implications of iCloud's security and encryption model, and to understand what types of best practices could maximize the security and privacy of user data stored in increasingly popular cloud services like iCloud. In short, Apple is taking measures to prevent access to user data from unauthorized third parties or hackers. However, iCloud isn't recommended for the more stringent security requirements of enterprise users, or those paranoid about their data being accessed by authorities. ... Chris Foresman, Ars Technica, http://arstechnica.com/apple/news/2012/04/apple-holds-the-master-key-when-it-comes-to-icloud-security-privacy.ars ------------------------------ Date: Sun, 1 Apr 2012 23:32:00 -0400 From: Monty Solomon <monty_at_private> Subject: Outage of Visa network kept people from using credit, debit cards Outage of Visa network kept people from using credit, debit cards for a time Sunday afternoon, Associated Press, 1 Apr 2012 A technical problem affecting the Visa network barred some people around the United States from using their credit and debit cards for about 45 minutes on Sunday. The outage was caused by a recent update Visa has made to its system, said Visa Inc. spokeswoman Sandra Chu. She said Visa had trouble processing some transactions as a result, but the system is operating normally now. ... http://www.washingtonpost.com/politics/outage-of-visa-network-kept-people-from-using-credit-debit-cards-for-a-time-sunday-afternoon/2012/04/01/gIQAZlodpS_story.html ------------------------------ Date: Sun, 01 Apr 2012 12:25:36 -0400 From: Paul Wallich <pw_at_private> Subject: Re: Texting error leads to lockdowns at two schools (Reisert, R-26.76) > The text, saying "gunman be at west hall today," was received and reported > to police around 11:30 a.m. But after police tracked the number, they > learned the auto correct feature on the new cellphone changed "gunna" to > "gunman." It might well still have auto-corrected to "gunman". Or not. Trying this on my oldish android phone, I see "gunman" as the fourth correction offered for "gunna". "Gonna" comes earlier in the list (it's in the phone's dictionary) and is of course recognized when typed. But there are alternate input methods such as swype (recognizes a finger track rather than individual presses) that could do all kinds of things. My phone seemed to want to turn both "gonna" and "gunna" into "funds", although "guns" and "bombs" were available further down the correction list. (I do wonder whether this might eventually lead to a new version of the old O Henry cipher -- or, alternately, cockney rhyming slang -- in which the plaintext is given by some set of alternate spellings of the ciphertext on a particular virtual keyboard.) ------------------------------ Date: Sat, 31 Mar 2012 18:49:55 +0100 From: Marcus Rowland <forgottenfutures_at_private> Subject: Re: Not even a tiny bit creepy. After all, Orwell WAS British (Pfeiffer, RISKS-26.71) An obvious problem with this - a few weeks ago I bought a motorbike that had been off the road for several months and was not insured. Although I arranged insurance by phone before I left the dealer, I very much doubt that it went through the system (which is already used to make sure that people can't get road tax [equivalent to US license plate fees] for an uninsured vehicle) and was on line by the time I stopped to fill the tank with petrol, approximately five minutes later. ------------------------------ Date: Mon, 6 Jun 2011 20:01:16 -0900 From: RISKS-request_at_private Subject: Abridged info on RISKS (comp.risks) The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is comp.risks, the feed for which is donated by panix.com as of June 2011. => SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) if possible and convenient for you. The mailman Web interface can be used directly to subscribe and unsubscribe: http://lists.csl.sri.com/mailman/listinfo/risks Alternatively, to subscribe or unsubscribe via e-mail to mailman your FROM: address, send a message to risks-request_at_private containing only the one-word text subscribe or unsubscribe. You may also specify a different receiving address: subscribe address= ... . You may short-circuit that process by sending directly to either risks-subscribe_at_private or risks-unsubscribe_at_private depending on which action is to be taken. Subscription and unsubscription requests require that you reply to a confirmation message sent to the subscribing mail address. Instructions are included in the confirmation message. Each issue of RISKS that you receive contains information on how to post, unsubscribe, etc. => The complete INFO file (submissions, default disclaimers, archive sites, copyright policy, etc.) is online. <http://www.CSL.sri.com/risksinfo.html> The full info file may appear now and then in RISKS issues. *** Contributors are assumed to have read the full info file for guidelines. => .UK users may contact <Lindsay.Marshall_at_private>. => SPAM challenge-responses will not be honored. Instead, use an alternative address from which you NEVER send mail! => SUBMISSIONS: to risks_at_private with meaningful SUBJECT: line. *** NOTE: Including the string "notsp" at the beginning or end of the subject *** line will be very helpful in separating real contributions from spam. *** This attention-string may change, so watch this space now and then. => ARCHIVES: ftp://ftp.sri.com/risks for current volume or ftp://ftp.sri.com/VL/risks for previous VoLume http://www.risks.org takes you to Lindsay Marshall's searchable archive at newcastle: http://catless.ncl.ac.uk/Risks/VL.IS.html gets you VoLume, ISsue. Lindsay has also added to the Newcastle catless site a palmtop version of the most recent RISKS issue and a WAP version that works for many but not all telephones: http://catless.ncl.ac.uk/w/r <http://the.wiretapped.net/security/info/textfiles/risks-digest/> . ==> PGN's comprehensive historical Illustrative Risks summary of one liners: <http://www.csl.sri.com/illustrative.html> for browsing, <http://www.csl.sri.com/illustrative.pdf> or .ps for printing is no longer maintained up-to-date except for recent election problems. ==> Special Offer to Join ACM for readers of the ACM RISKS Forum: <http://www.acm.org/joinacm1> ------------------------------ End of RISKS-FORUM Digest 26.77 ************************Received on Wed Apr 04 2012 - 13:35:15 PDT
This archive was generated by hypermail 2.2.0 : Wed Apr 04 2012 - 14:06:51 PDT