Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: RISKS List Owner (riskocsl.sri.com)
Date: Fri Dec 07 2001 - 16:21:00 CST
RISKS-LIST: Risks-Forum Digest Friday 7 December 2001 Volume 21 : Issue 81
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <URL:http://catless.ncl.ac.uk/Risks/21.81.html>
and by anonymous ftp at ftp.sri.com, cd risks .
Trader's error causes multi million-dollar loss (George C. Kaplan)
Security hole at WorldCom left internal computer networks at risk (PGN)
Judge ordered hack of Interior Department trust fund system (James H. Paul)
NatWest bank turns debits into credits (Bob Buxton)
Cops get speeding tickets from cameras (Monty Solomon)
Gwinnett County GA keeps prison inmates list online (Nick Brown)
"Late-night" Internet-porno-ban (Debora Weber-Wulff)
Optimizations at kiosks can be costly (Seth Arnold)
Grocery self-checkout risks (Scott Nicol)
Swedish police reportedly doctor video evidence, admit it
(Jerry via Declan McCullagh, Ulf Lindqvist)
E-voting and international law (Lucas B. Kruijswijk)
Re: "Light turnout" for election (Andrew Fleisher)
Re: Connecticut AG website wants Microsoft ... (Roland Roberts, Nathan Sidwell)
Re: PLEASE REMOVE me from the CAL database (RootsWeb HelpDesk)
Re: REVIEW: "Hackers Beware", Eric Cole (Mark Brader)
Abridged info on RISKS (comp.risks)
Date: Tue, 04 Dec 2001 08:19:18 -0800
From: "George C. Kaplan" <gckaplanack.berkeley.edu>
Subject: Trader's error causes multi million-dollar loss
An article in the *Wall Street Journal* on 3 Dec 2001 describes how a simple
data-entry error could end up costing UBS Warburg up to $100 million:
Dentsu Inc., one of the world's biggest advertising companies, was making
its trading debut Friday on the Tokyo Stock Exchange after completing one
of the year's biggest initial public offerings -- a deal arranged by UBS
Warburg, a unit of Switzerland's UBS AG, ...
Before the Tokyo market opened Friday, a UBS Warburg trader entered what
was intended to be an order to sell 16 Dentsu shares at 610,000 yen
($4,924.53) each or above. Instead, the trader keyed in an order to sell
610,000 Dentsu shares at 16 yen apiece ...
The order was canceled by 9:02 AM, but not before 64,915 shares, almost half
of the 135,000 shares in the IPO, had been sold. The price of Dentsu
shares, which had been bid up to 600,00 yen before the market opened, fell
to 405,000 yen. Now, UBS Warburg is obligated to deliver the shares it
sold, and will have to buy them on the open market.
The article doesn't say anything about sanity checks in UBS's trading
software. These have their own risks, of course, but you'd think that an
error of 4 orders of magnitude in the selling price would at least merit an
"Are you sure?" before the order went through.
Once again, we see how computers let people make really big mistakes quickly.
George C. Kaplan. Communication & Network Services, University of California
at Berkeley 1-510-643-0496 gckaplanack.berkeley.edu
Date: Thu, 6 Dec 2001 10:16:14 PST
From: "Peter G. Neumann" <neumanncsl.sri.com>
Subject: Security hole at WorldCom left internal computer networks at risk
A security hole at WorldCom Inc. left internal networks at several of the
nation's top companies (e.g., AOL Time Warner, Bank of America, CitiCorp,
News Corp., JP Morgan, McDonald's Corp., Sun Microsystems) open to hackers.
Adrian Lamo, a consultant in San Francisco, worked with WorldCom to fix the
months-old problem over the weekend. There is no evidence that the security
hole had been exploited, although it was possible to reconfigure or shut
down corporate networks. Lamo: ``These networks were never designed to be
connected to the Internet, They were private circuits running between
locations.'' [Source: eponymous AP item, 05 Dec 2001, PGN-ed]
Date: Wed, 05 Dec 2001 15:17:56 -0500
From: "James H. Paul" <jpaulCapaccess.org>
Subject: Judge ordered hack of Interior Department trust fund system
In an extraordinary step approved by a federal judge, a computer expert
hacked his way into a government-run, Denver-based financial system last
summer, created a false account and later altered yet another account. All
this happened without the hacker being detected. Those steps, endorsed by
U.S. District Judge Royce C. Lamberth in advance, were revealed Tuesday as
part of a court case involving the Interior Department's handling of more
than 300,000 trust accounts it is supposed to manage for American Indians.
A court-appointed master said the ease with which the government's computer
system could be penetrated was "deplorable and inexcusable." In a report
ordered released by Lamberth, the special master, Alan Balaran, called on
the judge to seize control of the system. [Source: Court-appointed hacker
altered Indian accounts, by Bill McAllister <bmcallisterdenverpost.com>,
*Denver Post* Washington Bureau Chief, 5 Dec 2001
[The DoI Web site is now OFF THE NET. PGN]
Date: Mon, 03 Dec 2001 11:35:36 +0000
From: Bob Buxton <bob_buxtonuk.ibm.com>
Subject: NatWest bank turns debits into credits
NatWest Bank (UK) online banking service offers the ability to download bank
statement information into Quicken and Microsoft Money on your PC and until
recently this worked correctly.
Previously you could choose to download all of your transactions from
multiple accounts in a single download, now you have to download each
account separately which takes much longer - especially since when using
Netscape it forces you to go through the long winded logon procedure each
But the real problem is that the information that you download into Quicken
or Microsoft money in the .OFX file format is plain wrong. It shows
standing orders out of my account as credits into the account!
This of course results in the account balance appearing to be much higher
than it should be and as a result I went overdrawn before I realized what
was going on.
The NatWest help desk acknowledge that this is a known problem but don't
know when the problem will be fixed and have done nothing to warn customers
or disable the function from the web site.
Date: Sat, 1 Dec 2001 16:10:41 -0500
From: Monty Solomon <montyroscom.com>
Subject: Cops get speeding tickets from cameras
Cops get speeding tickets from cameras
By Brian DeBose, *The Washington Times*, 1 Dec 2001
Some D.C. police officers say they are slowing their response to emergencies
because photo-radar cameras are ticketing them for speeding on Code One
calls, and they are being forced to pay the fines.
At least three D.C. police officers told The Washington Times they were
caught by the cameras and ticketed while on official police business. They
said they and other officers have been forced to pay the fines, and are now
on edge about speeding to a crime scene and running red lights in
emergencies. Like area motorists, they have little chance of getting a
reprieve from the D.C. Bureau of Traffic Adjudication without evidence to
present in their defense. ...
Some officers have paid so many tickets that they are no longer speeding or
running red lights to get to their dispatched calls even in emergency
situations, Sgt. Neill said. ...
Date: Thu, 6 Dec 2001 13:48:45 +0100
From: Nick Brown <Nick.BROWNcoe.int>
Subject: Gwinnett County GA keeps prison inmates list online
As reported at the excellent www.cruel.com:
Wondering what happened to that acquaintance from Gwinnett County, Georgia,
from whom you haven't heard in a while ? Try
The RISKs are many and varied, but to get you started, click on the link to
see the list of charges against any inmate, at the end of which you find:
"If you have reason to believe this information is inaccurate, you may
submit a request for review to:
Gwinnett County Sheriff's Department
2900 University Parkway
Lawrenceville, Georgia 20043"
No indication is given of how long it takes between one's (postal)
application to have incorrect details removed, and the update to the Web
site, but presumably the interval can be reduced if your lawyer can spell
Date: Wed, 05 Dec 2001 15:02:30 +0100
From: Debora Weber-Wulff <weberwufhtw-berlin.de>
Subject: "Late-night" Internet-porno-ban
German officials are apparently attempting to prove that the PISA results
(Germany is pretty much at the bottom of the pack in regards to education
world-wide) are true and anyone, no matter how ignorant, can be a politician
The German Federal Government and the State governments have agreed to new
measures for protecting youth from pornography on the Internet: according to
the "Financial Times Deutschland" (http://www.ftd.de/pw/de/FTDPRAR3MUC.html)
all such content is banned from 11 p.m. until 6 a.m.
No, this is not April Fools' Day. Really. The German government seems to
think that when it is 11 p.m. in Germany, it is 11 p.m. everywhere else. And
that all those XXX folks on the Internet will happily turn off the sleaze
during the German day when the kiddies are awake.
This has of course caused an uproar amongst those in the know.
Spiegel-on-line wrote an open letter to the guy in charge of publishing this
nonsense, Frank-Walter Steinmeier
[The sarcastic wit in the letter may not make it through Babelfish
intact, but it is quite funny]
What a sorry state of affairs. The risks posed by ignorant politicians may
yet be far more dangerous that the odd virus and software mistake.....
Prof. Dr. Debora Weber-Wulff, FHTW Berlin, Treskowallee 8, 10313 Berlin
Date: Tue, 27 Nov 2001 18:28:30 -0800
From: Seth Arnold <sarnoldmarcelothewonderpenguin.com>
Subject: Optimizations at kiosks can be costly
Like Richard Akerman and Geoffrey Brent, an automated vending machine's
failure mode caught me by surprise. However, what I interpreted as a failure
mode may just be an optimization:
When purchasing a bus pass from an automated credit-card kiosk, I was
informed "Authorization Denied" after selecting the pass I wanted, so I took
my card and walked away. A kind soul ran up to me, handing me my receipt. An
unkind soul didn't bother to hand me my bus pass.
As far as I can figure, the Authorization Denied screen was probably the
last screen displayed on an off-screen buffer -- upon switching the display
to the previously off-screen buffer, the machine did not clear the old
screen. I imagine had I waited two more seconds, the machine would have
informed me of the successful transaction.
While I can think of several technological solutions to this problem, I
decided to do something more pragmatic: purchase my bus tickets from the
human-operated vending station a few blocks away.
(And yes, several phone calls and two days later, my money was refunded to
Date: Thu, 06 Dec 2001 00:37:22 -0500
From: Scott Nicol <sbnicolmindspring.com>
Subject: Grocery self-checkout risks
This past summer, two major grocery store chains in my city installed
self-checkout lines. They are arranged in groups of four, with one cashier
station supervising the group.
Credit-card purchases can be signed for at the self-check line (electronic
pad), but sometimes the line's register will prompt you to go to the
cashier's station to finish your transaction. In other words, credit-card
transactions for 4 different stations are handled at one register.
On my August credit-card statement, I noticed two charges on the same day in
the same store. To make a long story short, the charge was finally reversed
today. The "extra" charge was for the checkout line adjacent to the one I
used, and was completed before my checkout was complete (it showed up
first). The head cashier volunteered today that she had dealt with one
other customer who had the same thing happen.
The only strange thing about the checkout was that, at the end of the
transaction, I was prompted to swipe my card twice, then prompted to go to
the cashier station to sign the receipt. Swiping a card twice isn't unusual
- credit cards and credit-card readers aren't perfect. Having 4 different
card readers connect to one cash register is. I assume, in this case, the
system assigned the first swipe to the order from the adjacent line, and the
second swipe to my order.
Scott Nicol <sbnicolmindspring.com>
Date: Sat, 01 Dec 2001 19:07:13 -0500
From: Declan McCullagh <declanwell.com>
Subject: Swedish police reportedly doctor video evidence, admit it
Date: Sun, 2 Dec 2001 01:19:37 +0100
Subject: Swedish police files complaint against themselves
interesting article re Video Evidence in belgium newspaper;
&ArticleID=DST01122001_034 (in Dutch)
Swedish police filed a complaint against themselves after a sewdish TV show
revealed that police used manipulated video footage as evidence.
The TV show Uppdrag Granskning [http://www.svt.se/granskning/] compared its
own footage with the evidence used by the attorney general.
The comparison shows that images were swapped, sound was edited, and police
brutality cut out. Scenes where 19 year old Hannes Westberg gets shot in the
belly have been tampered with.
PS. The complaint is about copyrights and abuse of power. Jerry
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
Declan McCullagh's photographs are at http://www.mccullagh.org/
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
Date: Sun, 2 Dec 2001 21:38:01 -0800 (PST)
From: Ulf Lindqvist <ulfsdl.sri.com>
Subject: Swedish police reportedly doctor video evidence, admit it
This is in agreement with what I have read in Swedish media. What is
missing here is that the prosecutor's office has repeatedly tried to obtain
raw film footage from TV stations, presumably to compare with the police
videos, but they refused and the Supreme Court agreed with the media. Out of
context, it sounds pretty nasty that a teenager was shot by police, but it
is apparently proven that he was hurling 4x4x4 inch solid cubic pavement
stones at an officer who was already badly wounded from previous stones,
bleeding and semiconscious. The police, relatively inexperienced with riots,
were armed with nightsticks and pistols only, nothing "in between" such as
water cannons, teargas/pepper spray or rubber bullets.
Date: Mon, 3 Dec 2001 00:18:25 +0100
From: "Lucas B. Kruijswijk" <L.B.Kruijswijkinter.NL.net>
Subject: E-voting and international law
Many articles were posted about the risks of computers with elections. I
wondered to which extend the national Constitutions and International Law
protects the election process and reduces the risks. After some research I
made the conclusion that some kinds of voting are indeed violating
International Law. This means that there is a risk that a judge may forbid
some kind of voting methods, making the investment worthless. I also asked
my government (the Dutch government) to react on the issues which led to
The Dutch government is investigating the possibilities of two new ways of
voting. Voting at home with the use of the Internet and voting with a
"voting pillar". The voting pillars can be placed in public areas. There are
no officials nearby and the pillar is controlled remotely. The voter has to
identify itself with an electronic card with biometric information (iris
Both ways of voting can not ensure that the voter is alone when he/she casts
his/her vote. There are no technical solutions known that prevent that
couples votes together at home. It might be possible to ensure this for a
voting pillar, but with the different body sizes this is certainly not
trivial. These limitations conflict with International Law.
First of all, there is article 21.3 of the Universal Declaration of Human
"The will of the people shall be the basis of the authority of government;
this shall be expressed in periodic and genuine elections which shall be
by universal and equal suffrage and shall be held by secret vote or by
equivalent free voting procedures."
But more precise and more important is article 25.b of the International
Covenant on Civil and Political Rights:
"To vote and to be elected at genuine periodic elections which shall be by
universal and equal suffrage and shall be held by secret ballot,
guaranteeing the free expression of the will of the electors."
When I read this article I conclude that the primary concern is the "free
expression of the will". However, the only legal way to achieve this is by
"secret ballot". So, if a government chooses a voting method where there is
no indication that the free expression of will is compromised but where the
vote is not secret, then this method is still not allowed to be used
(obvious the reason for this is that it is very hard to determine whether a
will is free or not).
The interpretation of "secret ballot" is now very important. Note that word
'ballot' refers to "voting balls" and not to the vote itself. There is a
risk in translating this into another language, because a literal
translation of 'ballot' might not exist. In such case a translation from
"secret paper" is maybe better than a translation from "secret
vote". According to the New Shorter Oxford Dictionary, the words "secret
ballot" means "in which votes are cast in secret". So, the circumstances in
which the vote is cast are important. If someone tells his/her vote
afterwards, it is still a secret ballot (because the vote was *cast* in
secret), but if two persons vote together with their personal computer, then
it is not a secret ballot.
This does not necessarily imply that voting at home or with voting pillars
are violating the Covenant. First of all if the voter is in such situation
that there is no realistic possibility to ensure that he/she casts his/her
vote in secret (for instance when he/she is abroad), then of course the
right to vote is more important then the secrecy of the vote. Second, the
article in the Covenant does not specify the responsibilities of the
States. You may argue that the secrecy of the vote is also the
responsibility of the voter to some extend.
The Human Rights Committee made comments on this article. The Committee is
allowed to make such comments under article 40 of the same Covenant. If a
State did also sign the first optional protocols, then individuals (and they
are admissible in this case) can ask the Committee for a judgment when
domestic remedies are exhausted. So, the Committee is the highest court.
On paragraph 20 of the comments, the Committee says:
"States should take measures to guarantee the requirement of the secrecy
of the vote during elections including absentee voting, where such a
The States are not fully responsible for the secrecy, but they are obliged
to make effort to ensure the secrecy.
To my opinion the "voting pillars" violate the Covenant. The government can
give the same service to the voter and ensuring the secrecy. It just adds a
supervising official to the voting pillar. So, the government is not
fulfilling its obligation of making this effort.
Voting at home via the Internet, is allowed for those people that live in
remote areas or abroad. However, a judge might forbid it for people that
live in urban areas where polling stations are not a practical problem. A
judge is probably more willingness to listen when is realized that voting
via the Internet will finally lead to the elimination of polling
stations. In the Netherlands the introduction of voting machines led to a
10% reduction of polling stations, because of the expensive voting machines
and budgets policies of the local governments (according to documents of the
national government). When voting at home is possible, then less people will
go to the polling stations, which result that polling stations are closed,
which will result that more people will vote at home etc.
I have requested 'Het Ministerie van Binnenlandse Zaken en
Koninkrijksrelaties' (the Ministry of the Interior or Home Department), to
react on the matter of the Constitution and International Law in relation
with the new ways of voting. The Ministry responded that the responsibility
of the State for the secrecy of the vote is "facilitating". So, according to
this principle the State is not responsible in anyway to ensure that the
votes are cast in secret; it should only guarantee that the voters have the
possibility to vote in secret. I think the Ministry is in error on this
point. First of all, if that would be the case, then the Covenant should say
something like "one has to right to vote in secret", but that are not the
words of the Covenant. Second, it would mean that it is allowed to give the
voter the option to make his/her vote with his/her name public on the
Internet (the voter has still the possibility to vote in secret). I think
one does not consider this as a proper way of voting.
In a new letter I explicitly asked the Ministry to react on the text of the
Human Rights Committee. I also pointed on the inaccuracy of the Dutch
translation on the words "secret ballot". Since I wrote this letter
recently, I did not have a response yet.
Despite the fact that serious questions can be raised about the
compatibility of the new voting methods with national Constitutions and
International Law, the Ministry does not mention these in the official
documents at all.
I hope they do a better job with security.
Lucas B. Kruijswijk <L.B.Kruijswijkinter.nl.net>
Date: Mon, 03 Dec 2001 14:09:35 +1000
From: Andrew Fleisher <andrew8start.com.au>
Subject: Re: "Light turnout" for election (Rhodes, RISKS-21.80)
[With respect to] power/phone outages and online voting, what about the case
where there is localised damage to power or phone systems preventing people
from using online voting systems in significant elections which are close?
It makes the recent Florida debacle during the Presidential election seem
Date: 03 Dec 2001 12:28:57 -0500
From: Roland Roberts <rolandastrofoto.org>
Subject: Re: Connecticut AG website wants Microsoft ... (Ravin, RISKS-21.80)
I took a look at this with both Netscape 4.77 and Mozilla 0.95 (both on
Linux) and it displayed fine. The only "functionality" provided by
800x600 or 1024x768.
I think the real issue here is general stupidity: turning a "nice" feature
(the pop-up about resolution) into an absolute requirement.
Roland B. Roberts, PhD, RL Enterprises, 76-15 113th Street, Apt 3B
Forest Hills, NY 11375 rolandrlenter.com rolandastrofoto.org
Date: Mon, 03 Dec 2001 11:13:35 +0000
From: Nathan Sidwell <nathanacm.org>
Subject: Re: Connecticut AG website wants Microsoft ... (Ravin, RISKS-21.80)
I've noticed more and more of this kind of brokenness over the last 12
months. (This is with Netscape on Solaris or Linux.)
1) An Internet bank (which no longer has my custom), broke the 'print'
capability of all but IE. And then failed to understand that (a) the Web !=
Microsoft, and (b) a standalone machine would not be connected to the web.
2) A credit-card company had the same problem. It used to work, but back in
May it broke. I reported the problem and nothing has happened since then.
3) Many Flash sites claim I have not got flash enabled. One of these has
enough smarts to say something like 'You don't appear to have Flash, go
<here> to get it or go <here> to continue, if you know our check bombed out'
Dr Nathan Sidwell :: Computer Science Department :: Bristol University
nathanacm.org http://www.cs.bris.ac.uk/~nathan/ nathancs.bris.ac.uk
Date: Sat, 1 Dec 2001 13:35:12 -0700
From: RootsWeb HelpDesk <helpdesk-postrootsweb.com>
Subject: Re: PLEASE REMOVE me from the CAL database (RootsWeb, RISKS-21.80)
[This was the reply many of us received in response to requests to be
removed from the RootsWeb database noted in RISKS-21.80. Apparently quite
a few RISKS readers made such requests! PGN]
A response to your Help Desk message, "PLEASE REMOVE me from the CAL
database," of Saturday, 1 December 2001, at 12:52 p.m. follows [...]:
As some states have passed laws to make their records publicly available,
many of these records have been made searchable on RootsWeb.com for
genealogical purposes. This data is a great asset to many individuals
doing family history research.
In addition to our goal to provide outstanding genealogical resources to
our users, MyFamily.com is very committed to the privacy of those using
our services, whether on MyFamily.com, Ancestry.com or RootsWeb.com. For
this reason we have removed the CA and TX birth records from our site.
Date: Sat, 1 Dec 2001 20:57:46 +0000 (UTC)
From: msbvex.net (Mark Brader)
Subject: Re: REVIEW: "Hackers Beware", Eric Cole (Slade, Risks-21.80)
> %T "Hackers Beware: Defending Your Network from the Wiley Hacker"
> ... within [the first] six sentences , misspells the word "brakes."
It would be still more impressive if the title was misspelled [Wiley] as
shown above. Or was that one the reviewer's error, perhaps induced by
familiarity with books published by Wiley?
Mark Brader, Toronto, msbvex.net
[Note: It is actually wrong [Wiley, and not too wily!] on the cover page
as shown on the Wiley Web site:
The Wiley Coyote Editor must have been working overtime. PGN]
Date: 12 Feb 2001 (LAST-MODIFIED)
Subject: Abridged info on RISKS (comp.risks)
The RISKS Forum is a MODERATED digest. Its Usenet equivalent is comp.risks.
=> SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent)
if possible and convenient for you. Alternatively, via majordomo,
send e-mail requests to <risks-requestcsl.sri.com> with one-line body
subscribe [OR unsubscribe]
which requires your ANSWERing confirmation to majordomoCSL.sri.com .
[If E-mail address differs from FROM: subscribe "other-address <xy>" ;
this requires PGN's intervention -- but hinders spamming subscriptions, etc.]
Lower-case only in address may get around a confirmation match glitch.
INFO [for unabridged version of RISKS information]
There seems to be an occasional glitch in the confirmation process, in which
case send mail to RISKS with a suitable SUBJECT and we'll do it manually.
.MIL users should contact <risks-requestpica.army.mil> (Dennis Rears).
.UK users should contact <Lindsay.Marshallnewcastle.ac.uk>.
=> The INFO file (submissions, default disclaimers, archive sites,
copyright policy, PRIVACY digests, etc.) is also obtainable from
The full info file will appear now and then in future issues. *** All
contributors are assumed to have read the full info file for guidelines. ***
=> SUBMISSIONS: to risksCSL.sri.com with meaningful SUBJECT: line.
=> ARCHIVES are available: ftp://ftp.sri.com/risks or
ftp ftp.sri.com<CR>login anonymous<CR>[YourNetAddress]<CR>cd risks
[volume-summary issues are in risks-*.00]
[back volumes have their own subdirectories, e.g., "cd 20" for volume 20]
http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue].
Lindsay Marshall has also added to the Newcastle catless site a
palmtop version of the most recent RISKS issue and a WAP version that
works for many but not all telephones: http://catless.ncl.ac.uk/w/r
==> PGN's comprehensive historical Illustrative Risks summary of one liners:
http://www.csl.sri.com/illustrative.html for browsing,
http://www.csl.sri.com/illustrative.pdf or .ps for printing
End of RISKS-FORUM Digest 21.81