[RISKS] Risks Digest 26.83

From: RISKS List Owner <risko_at_private>
Date: Sat, 12 May 2012 22:00:18 PDT
RISKS-LIST: Risks-Forum Digest  Saturday 12 May 2012  Volume 26 : Issue 83

Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
The current issue can be found at

6 Disasters Caused by Poorly Designed User Interfaces (John Hillabin via
  Brian Westley)
Never Trust a Robot (Earl Boebert)
Robot Soldiers Will Be a Reality -- and a Threat (Jonathan D. Moreno via
  John F. McMullen)
Automatic cars?  Not so fast.. (Peter Houppermans)
"Fire risk: Lenovo expands recall of ThinkCentre all-in-ones" (Agam Shah
  via Gene Wirchenko)
Disruptions: Indiscreet Photos, Glimpsed Then Gone (Nick Bilton via
  Monty Solomon)
USPS curtailing international lithium battery shipments... no iPads,
  laptops, cameras... (Danny Burstein)
Man jailed for accepting call in court (Gene Wirchenko)
FBI issues warning on hotel Internet connections (Michael Cooney via
  Monty Solomon)
".secure" TLD proposed (Lauren Weinstein)
More details on the .secure TLD proposal -- and why I believe it is
  fundamentally flawed (Lauren Weinstein)
Re: The Campus Tsunami (David Alexander)
Re: The Power of Individual Voters to Transform Their Government
  (Roderick A Rees, Andrew Douglass)
Abridged info on RISKS (comp.risks)


Date: Sat, 12 May 2012 01:37:10 -0500
From: "Brian Westley" <westley_at_private>
Subject: 6 Disasters Caused by Poorly Designed User Interfaces:
  John Hillabin

  [John Hillabin has chosen 6 incidents at least partially blamed on bad
  UIs.  As we have noted many times before, blame can usually be more widely
  distributed.  Most of these should be familiar to long-time RISKS readers.
  PGN-ed from a detailed illustrated item by John Hillabin, cracked.com, 17
  Apr 2012]

6. The Vincennes shootdown of an Iranian commercial airliner -- inability
   to distinguish between a fighter and the airliner
5. Three Mile Island -- light on a console
4. Air Inter flight 148 crash -- display screen too small
3. Herald of Free Enterprise capsized -- because of an open door
2. Kegworth air disaster -- a digital dial
1. Space Shuttle Columbia burned up -- because of PowerPoint



Date: Fri, 11 May 2012 12:52:25 -0600
From: Earl Boebert <boebert_at_private>
Subject: Never Trust a Robot

  [From Steve Greenwald's distribution]

Each year an ocean race for sailboats is run from Newport, CA to Ensenada,
Mexico. Owing to diminishing entries, the organizers some years ago allowed
cruising sailboats to enter. These are generally largish, slowish motor
sailors intended for comfortable recreational sailing. Since the race occurs
in a time and place known for light winds, the rules permit the cruising
sailboats to proceed under motor during nighttime, so that they may reach
the finish in time for the party.

This year, dawn broke after the first night to reveal a debris field and
three bodies near a set of rocky islets known as Coronado Island. The
remains were identified as that of an entered boat and three of her four-man
crew. The body of the fourth crew member was discovered a week later. These
were the first fatalities in the 60 year history of the race.

The boat was equipped with every possible electronic aid, and the captain
(the fourth crewmember) was an electronics executive and highly experienced
sailor. One of the aids was a commercial tracking system called SPOT, which
permits shoreside viewing on the Web of the track of the vessel carrying
it. When the SPOT track surfaced it showed a dead straight line headed into
the northernmost of the Coronados. The point of intersection was a sheer
rocky cliff.

The most plausible inference (which may be invalidated by later evidence) is
that the crew started the motor, set a waypoint at the entrance to Ensenada
harbor, and turned on the turned on the autopilot. A further inference is
that in doing so they had the electronic chart zoomed out to a point where
the Coronado Islands no longer showed up, and so had no warning that their
track would take them straight into a rock. It then seems likely that the
three crew members went below to sleep and sometime later the captain fell
overboard. The robot then motored the boat and the sleeping crew straight
into the cliff. Given the sea state and the speed shown on the track it is
estimated that impact velocity was in the order of 11 kt, sufficient to
split the hull and flood the boat, which was then pounded to pieces by the
surf beating against the sheer cliff. Even if the crew had survived the
impact, survival that close to the rocks in that sea state was impossible.

One comment in a long forum thread about this incident claimed that the UK
maritime safety organizations have now adopted an acronym called "SNIG,"
which stands for "Sat-Nav Induced Grounding." A half-smart robot (smart
enough to steer a straight line, but not smart enough to know the line goes
through a rock) is a dangerous thing.


Date: May 12, 2012 1:35 PM
From: "John F. McMullen" <johnmac13_at_private>
Subject: Robot Soldiers Will Be a Reality -- and a Threat: Jonathan D. Moreno

Given the obvious dangers, fully autonomous offensive lethal weapons should
never be permitted.  Jonathan D. Moreno, *The Wall Street Journal [PGN-ed]

Much controversy has surrounded the use of remote-controlled drone aircraft
or "unmanned aerial vehicles" in the war on terror. But another, still more
awe-inducing possibility has emerged: taking human beings out of the
decision loop altogether. Emerging brain science could take us there. ...

[J,D, Moreno is a professor of medical ethics and health policy at the
University of Pennsylvania and a senior fellow of the Center for American
Progress. He is the author of "Mind Wars: Brain Research and the Military
in the 21st Century" (Bellevue, 2012).]

For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml

http://johnmacrants.blogspot.com http://johnmac13.pulsememe.com/
Editor - Web2.0 The Magazine -- www.web2themag.com  http://bit.ly/johnmac


Date: Sat, 12 May 2012 16:50:08 +0200
From: Peter Houppermans <peter_at_private>
Subject: Automatic cars?  Not so fast..

I have read with amusement a lot of pieces such as the BBC article linked
below that predicts a rosy future now Google is on its way (sorry) to test
its driverless car in Nevada:


I even came across a piece that predicted a brutal drop in insurance rates

Not so fast, if you pardon the pun, all of this is based on the assumption
that it (a) all will work wonderfully and (b) third parties will not find a
way to get creative with it.

Point (a) really needs no elaboration - the development of such software is
several million dollars of manhours and innovation behind of the telematics
that keeps planes in the air, and we're aware of enough bugs in that
environment to make a RISK aware professional nervous.  Furthermore, Google
may be a hothouse of innovation according to some, but if their code
controls are so shoddy that an engineer "accidentally" can throw a Wifi
snooping application into the Streetview data gathering process (including
the required data storage back end) I would hazard a guess that there is
room for improvement.  It would put a whole new spin on their "I feel lucky"

I assume point (b) to be an almost instinctive focus for faithful readers of
RISKS.  I would be rather concerned about ANY data exchange from such a
vehicle - not just from the privacy angle (not to harp on about Google), but
also from the kind of mischief that could be had from messing with the car.
It should no longer be news that present embedded systems in cars can be
hacked to the point of disabling the brakes remotely (www.autosec.org) - I
dare say that that ought to inspire some better focus on shielding such
systems first.  For the James Bond fans, this could otherwise work out
neater than shipping a dessert portion of polonium abroad..

On the plus side, it does open the perspective of a new era of car tuneups,
and I personally would not want a Jetsons style flying car above me without
automation (because of the driving styles I encounter daily in the present
2D environment) - there certainly is room for progress.

I would simply like to repeat the theme of a Swiss speed awareness campaign:
  Slow down - take it easy.


Date: Thu, 10 May 2012 09:03:36 -0700
From: Gene Wirchenko <genew_at_private>
Subject: "Fire risk: Lenovo expands recall of ThinkCentre all-in-ones":
  Agam Shah

Agam Shah, Fire risk: Lenovo expands recall of ThinkCentre all-in-ones
Some of Lenovo's ThinkCentre M70z and M90z models could catch fire
due a faulty power supply, *IT Business* 9 May 2012


Date: Wed, 9 May 2012 10:49:53 -0400
From: Monty Solomon <monty_at_private>
Subject: Disruptions: Indiscreet Photos, Glimpsed Then Gone: Nick Bilton

Nick Bilton, 6 May 2012

People once took photographs so they could capture a moment for themselves
and keep it forever. Then digital cameras and cellphones turned photos into
something more ephemeral and more easily shared.  But as the case of Anthony
Weiner demonstrated, photos that are shared but are not meant to last,
sometimes stick around.

Mr. Weiner's downfall does not seem to have discouraged people from sharing
risque photos. According to a study by the Pew Research Center's Internet
and American Life Project that is due out later this year, 6 percent of
adult Americans admit to having sent a "sexually suggestive nude or nearly
nude photo or video" using a cellphone. Another 15 percent have received
such material. Three percent of teenagers admit to sending sexually explicit

All of this sexting, as the practice is known, creates an opening for
technology that might make the photos less likely to end up in wide

This is where a free and increasingly popular iPhone app called Snapchat
comes in. Snapchat allows a person to take and send a picture and control
how long it is visible by the person who receives it, up to 10 seconds.
After that, the picture disappears and can't be seen again. If the person
viewing the picture tries to use an iPhone feature that captures an image of
whatever is on the screen, the sender is notified.



Date: Sat, 12 May 2012 18:27:39 -0400 (EDT)
From: USPS curtailing international lithium battery shipments... no iPads,
  laptops, cameras...

If you're a servicemember overseas planning to order the latest smartphone
or laptop from the United States, take a second look at your options.
Effective 16 May 2012, new U.S. Postal Service restrictions will ban air
shipping of any electronics containing lithium batteries - such as iPads,
smart phones and digital cameras - between the United States and overseas
locations.  [stripes.com]


the USPS info sheet clarifies that you can't send lithium batteries, even if
in their own box:

"Primary lithium metal or lithium alloy (non-rechargeable) cells and
batteries, or secondary lithium-ion cells and batteries (rechargeable),
regardless of quantity, size, or watt hours, and regardless of whether the
cells or batteries are packed in the equipment they are intended to operate
with the equipment they are intended to operate, or without equipment
(individual batteries). This standard applies to all APO, FPO, or DPO

* and looks like this also applies to Canada/Mexico.  Don't know about
  Hawaii. (The service rep at my local Post Office just got the notice Fri.,
  May 11th, and it left the question of Hawaii up in the air, so to speak).

* There are *plenty* of consumer items that have these batteries, sometimes
  obviously (such as a laptop), but frequently hidden away and/or built in.

hmm, wonder what's in my ultrasonic tapeless tape measure?


Date: Wed, 9 May 2012 10:49:31 -0700
From: Lauren Weinstein <lauren_at_private>
Subject:  Net Neutrality and Economic Equality Are Intertwined

  [*The New York Times* via NNSquad]

http://j.mp/Jyv0xe  (New York Times)

  "If I watch last night's 'S.N.L.' episode on my Xbox through the Hulu app,
  it eats up about one gigabyte of my cap, but if I watch that same episode
  through the Xfinity Xbox app, it doesn't use up my cap at all,"
  Mr. Hastings wrote on his Facebook page. "In what way is this neutral?"
  Comcast argues that its Xfinity move is not subject to the Federal
  Communications Commission's neutrality rules because the video travels
  exclusively on its network and not on the public Internet.

I will note that Comcast's excuse is -- in my opinion -- specious, since
they alone determine how much of their total cable bandwidth they devote to
"outside" Internet access services, how much those cost, where arbitrary
bandwidth caps are set, and so on. All without any effective regulatory
oversight whatsoever. This is *exactly* the anticompetitive scenario that
many of us have been warning about for years.


Date: Thu, 10 May 2012 23:48:43 -0400
From: Monty Solomon <monty_at_private>
Subject: Neurosurgeon pulled off cruise after fake bioterrorism tweet

Posted by Erin Mulvaney, 9 May 2012

A Nashville neurosurgeon was pulled off a Carnival cruise suspected of
planning to commit a bio-terrorist attack, after a tweet from an impostor
account claimed the doctor had a vial of harmful bacteria on board. ...



Date: Fri, 11 May 2012 13:10:17 -0400
From: James Nettesheim <james.nettesheim_at_private>
Subject: Humorous Doctor Office Interaction?

My Doctor's Office Asked me to Lie-- Richard Stallman
  [From Steve Greenwald's distribution]

I saw a doctor this week. Before the appointment, I was asked to sign a
privacy policy consent form which started out this way

   1. The Practice's privacy Notice has been provided to me prior to my
   signing this consent...
   2. The Practice reserves the right to change its privacy practices that
   are described in its Privacy Notice, in accordance with applicable law.

Since I was unwilling to sign a false statement, I asked to see the privacy
notice. The receptionist offered me another copy of the consent form. I
said I already had that, but that it referred to a "privacy notice" and
that's what I didn't have a copy of. The receptionist said, "The rest of
this page gives a summary of the privacy notice." It was a very brief
summary and treated few points. I said, "This clearly refers to some other
Privacy Notice, and it asks me to sign a statement that I have seen it. I
cannot sign that if it is not true."

She said it was a binder 3,000 pages long. I said that I would not ask for
a copy, but I did want to take a look at it. She went to look for it, then
came back and said she could not find it, but asked me to sign anyway.

I said, "Are you asking me to lie?" She said, "No, I am asking you to sign
a piece of paper." I said. "I cannot sign a statement that is not true."
She said, "You can reschedule your appointment for some other time." I
suggested, "How about if I add 'not' to make it a true statement?" She
accepted this. So I had my appointment.

The substance of the issue probably doesn't matter much. There is no real
confidentiality of medical records in the US, since the police can get them
under very easy conditions. Nonetheless, it is a dishonest proceeding,
systematically asking patients to accept policies they have not seen and
then make false statements.

Copyright 2011 Richard Stallman released under Creative Commons Attribution
Noderivs 3.0 unported  http://www.stallman.org/articles/asked_to_lie.html


Date: Fri, 11 May 2012 12:19:50 -0700
From: Gene Wirchenko <genew_at_private>
Subject: "Facebook file-sharing could be security, piracy nightmare"

InfoWorld Home / InfoWorld Tech Watch
May 11, 2012
Facebook file-sharing could be security, piracy nightmare
Users won't be able to pass along music or .exe files -- but infected
PDFs and other forms of pirated content are permissible
By Ted Samson | InfoWorld


Date: Fri, 11 May 2012 15:44:45 -0400 (EDT)
From: danny burstein <dannyb_at_private>
Subject: USPS curtailing international lithium battery shipments...
 no iPads, etc...


If you're a servicemember overseas planning to order the latest smartphone
or laptop from the United States, take a second look at your options.

Effective May 16, new U.S. Postal Service restrictions will ban air shipping
of any electronics containing lithium batteries - such as iPads, smart
phones and digital cameras - between the United States and overseas


- the USPS website doesn't seem to have any "press releases"
   or other "recent announcements" menu choice


Date: Thu, 10 May 2012 21:14:23 -0700
From: Gene Wirchenko <genew_at_private>
Subject: Man jailed for accepting call in court

  I like this risk!  I would like to see it happen more often.

*The Daily News* (Kamloops, British Columbia, Canada); Thurday, May 10,
2012; p. A2:


Man jailed for accepting call in court

DUBLIN, Ireland, via the Associated Press": Letting your cellphone ring in a
courtroom is rarely a good idea.  Taking the call is worse.  A Northern
Ireland man received a brief jail sentence Wednesday after his phone rang.
The judge told him to turn it off, but instead he took the call and had a
brief chat.

The judge ordered 36-year-old Paddy Sweeney behind bars for two hours, then
fined him $322 for willfully interrupting the court in Londonderry, Northern
Ireland's second-largest city.  Sweeney had been watching a civil trial at
the time.


Date: Thu, 10 May 2012 11:18:56 -0400
From: Monty Solomon <monty_at_private>
Subject: FBI issues warning on hotel Internet connections: Michael Cooney

Michael Cooney, FBI says malware lurking in hotel room connections,
particularly overseas *Network World*, 9 May 2012

The FBI today warned travelers there has been an uptick in malicious
software infecting laptops and other devices linked to hotel Internet

The FBI wasn't specific about any particular hotel chain, nor the software
involved but stated: "Recent analysis from the FBI and other government
agencies demonstrates that malicious actors are targeting travelers abroad
through pop-up windows while they are establishing an Internet connection in
their hotel rooms.

The FBI recommends that all government, private industry, and academic
personnel who travel abroad take extra caution before updating software
products through their hotel Internet connection.  Checking the author or
digital certificate of any prompted update to see if it corresponds to the
software vendor may reveal an attempted attack. The FBI also recommends that
travelers perform software updates on laptops immediately before traveling,
and that they download software updates directly from the software vendor's
website if updates are necessary while abroad."

The FBI said typically travelers attempting to set up a hotel room Internet
connection were presented with a pop-up window notifying the user to update
a widely used software product. If the user clicked to accept and install
the update, malicious software was installed on the laptop. The pop-up
window appeared to be offering a routine update to a legitimate software
product for which updates are frequently available.  ...



Date: Fri, 11 May 2012 11:06:16 -0700
From: Lauren Weinstein <lauren_at_private>
Subject: ".secure" TLD proposed

http://j.mp/Ku8Cau  (Wired via NNSquad)

  "A security researcher has won investments of more than $9 million to
  incorporate a tightly policed section of the Internet reserved for banks,
  healthcare providers, and other groups that are regularly targeted in
  malware, phishing, and similar online attacks."

Describing the many reasons why this idea is fundamentally flawed will
be left as an exercise for the reader -- for now.


Date: Sat, 12 May 2012 09:20:42 -0700
From: Lauren Weinstein <lauren_at_private>
Subject: More details on the .secure TLD proposal -- and why I believe
  it is fundamentally flawed

More details on the .secure TLD proposal (and why I believe it is
fundamentally flawed)
http://j.mp/JlSaLU  (This message on Google+)

You may recall my posting yesterday ( http://j.mp/Ku8pEd [Google+] )
where I suggested that the .secure TLD proposal is fundamentally
flawed for many reasons. The CTO of the company involved contacted me
this morning, pointing at their blog with more details:

http://j.mp/JlRXZ2  (Unhandled)

After reviewing this information, which includes their proposals for a
broader "domain policy framework," I'm forced to stand by my earlier
characterization.  I won't get into the technical analysis now, but just
point out a few facts.

First, the business model for .secure is obvious enough. I mean, hell, if
you're not using .secure, you don't care about your users, right?  How can
you possibly be "secure" if you're not in ... dot-secure? I'm reminded more
than a bit of the model used by the dot-xxx slimeballs to try coerce firms
into that TLD.

Not to say that the .secure folks are slimeballs. Nor that they're not
genuinely concerned about security. But their model is not realistic --
except as a profit center for them. There are no obvious benefits to be
derived from their model for the Internet community at large, and the most
likely outcome is yet another replay of the protective registrations rush.

The most common reaction I received yesterday regarding .secure was "LOL" --
but many respondents immediately caught on to one of the most glaring
problems with .secure -- that it would present an irresistible target for
hackers, denial of service attacks, and all manner of other mischief.

The concept of .secure is essentially 180 degrees away from the model I
believe we should be working towards. Rather than centralizing security, we
need to be distributing it, and doing this effectively means more
fundamental changes than new policy frameworks can provide, and certainly
cannot take place if we buy into the .secure sort of model.

Lauren Weinstein (lauren@private): http://www.vortex.com/lauren
People For Internet Responsibility: http://www.pfir.org
Network Neutrality Squad: http://www.nnsquad.org +1 (818) 225-2800
PRIVACY Forum: http://www.vortex.com  Lauren's Blog: http://lauren.vortex.com


Date: Thu, 10 May 2012 18:31:43 +0100 (BST)
From: David Alexander <davidalexander440_at_private>
Subject: Re: The Campus Tsunami (David Brooks, RISKS-26.82)

I feel well-placed to comment on the article by David Brooks, having
recently completed an MSc in Information Security through Royal Holloway,
University of London (RHUL) entirely by Distance Learning (DL). I should at
this point declare that I am now one of the RHUL DL tutors for the MSc
Network Security module, so they do now employ me in a part-time capacity,
but it also means that I have seen both sides of the fence -  A student and
academic staff, in quick succession.  The online program opens up
qualifications to people who couldn't afford to go to university full-time,
and to mature students like me (pulling 40 with a very long rope :) ) who
have a mortgage and bills, families, etc. and couldn't afford time off the
corporate treadmill to study full-time. I'm now considering doing a PhD by
DL, yes I am a glutton for punishment :)  There is no question that
it is possible to study successfully for a higher level academic
qualification by distance learning and remote lecturing/tutoring. All of my
learning materials were provided as hard copy books, material on CD and
access to the lecture material and a discussion area through a 'Virtual
Learning Environment' (VLE) based on Moodle. Four online seminars (three on
course material and one exam question revision) were held regularly with
distance learning tutors to provide advice and help, and reviewing answers
by students to question set for them.  I think that the biggest
risk/challenge is actually ensuring that DL students are studying
effectively and understand the material to a high enough standard. I noticed
all the way through my student days, and now as a tutor, that less than half
the students participate in the seminars and some don't even log in to the
VLE, or do so very rarely. I have no statistics for the drop-out rate or
pass rate for those DL students who do sit the exams or pass rates for those
who participate on the VLE against those who don't. I can say that I was an
active participant all the way through and it helped me a great deal.  David
Alexander, Towcester, England.


Date: Thu, 10 May 2012 06:57:58 -0700
From: "Rees, Roderick A" <roderick.a.rees_at_private>
Subject: Re: The Power of Individual Voters to Transform Their Government
  (Mark E Smith, RISKS-26.81)

Those who control the processes control the declared result.  The blank
votes, or refusal to vote, can be overcome just like the elections that
declare 99% support for dictators.

Roderick Rees, Reliability, Maintainability and Testability B-Q26 425-342-5729


Date: Thu, 10 May 2012 10:40:53 -0400
From: Andrew Douglass <douglass_at_private>
Subject: Re: The Power of Individual Voters to Transform Their Government
  (Mark E Smith, RISKS-26.81)

> The only way to get honest elections is to refuse to vote until we do. If
> you're willing to vote in elections where your vote doesn't have to be
> counted and isn't verifiable, you have no leverage with which to demand
> honest elections. Boycott 2012!

Isn't boycotting to protest exclusion ironic? Not unlike suicide to ease the
executioner's burden.

Besides litigation, the way to honest elections is to elect or persuade
concerned representatives to enact legislation and enforce existing law such
as the Voting Rights Act. Such people most certainly do exist, as in the
legislative success of the Verifiable Voting Coalition of Virginia [my
state] to ban DREs.  It's not hard to judge who most resists enfranchisement
and least supports accurate vote counts (granted the contrast is nowhere
near as much as it should be!). If you don't vote or influence others to
vote, you might as well not exist.


Date: Mon, 6 Jun 2011 20:01:16 -0900
From: RISKS-request_at_private
Subject: Abridged info on RISKS (comp.risks)

 The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
 comp.risks, the feed for which is donated by panix.com as of June 2011.
=> SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent)
 if possible and convenient for you.  The mailman Web interface can
 be used directly to subscribe and unsubscribe:
 Alternatively, to subscribe or unsubscribe via e-mail to mailman
 your FROM: address, send a message to
 containing only the one-word text subscribe or unsubscribe.  You may
 also specify a different receiving address: subscribe address= ... .
 You may short-circuit that process by sending directly to either
   risks-subscribe_at_private or risks-unsubscribe_at_private
 depending on which action is to be taken.

 Subscription and unsubscription requests require that you reply to a
 confirmation message sent to the subscribing mail address.  Instructions
 are included in the confirmation message.  Each issue of RISKS that you
 receive contains information on how to post, unsubscribe, etc.

=> The complete INFO file (submissions, default disclaimers, archive sites,
 copyright policy, etc.) is online.
 The full info file may appear now and then in RISKS issues.
 *** Contributors are assumed to have read the full info file for guidelines.

=> .UK users may contact <Lindsay.Marshall_at_private>.
=> SPAM challenge-responses will not be honored.  Instead, use an alternative
 address from which you NEVER send mail!
=> SUBMISSIONS: to risks_at_private with meaningful SUBJECT: line.
 *** NOTE: Including the string "notsp" at the beginning or end of the subject
 *** line will be very helpful in separating real contributions from spam.
 *** This attention-string may change, so watch this space now and then.
=> ARCHIVES: ftp://ftp.sri.com/risks for current volume
     or ftp://ftp.sri.com/VL/risks for previous VoLume
 http://www.risks.org takes you to Lindsay Marshall's searchable archive at
 newcastle: http://catless.ncl.ac.uk/Risks/VL.IS.html gets you VoLume, ISsue.
   Lindsay has also added to the Newcastle catless site a palmtop version
   of the most recent RISKS issue and a WAP version that works for many but
   not all telephones: http://catless.ncl.ac.uk/w/r
 <http://the.wiretapped.net/security/info/textfiles/risks-digest/> .
==> PGN's comprehensive historical Illustrative Risks summary of one liners:
    <http://www.csl.sri.com/illustrative.html> for browsing,
    <http://www.csl.sri.com/illustrative.pdf> or .ps for printing
  is no longer maintained up-to-date except for recent election problems.
==> Special Offer to Join ACM for readers of the ACM RISKS Forum:


End of RISKS-FORUM Digest 26.83
Received on Sat May 12 2012 - 22:00:18 PDT

This archive was generated by hypermail 2.2.0 : Sat May 12 2012 - 22:36:57 PDT