Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: RISKS List Owner (riskocsl.sri.com)
Date: Sun Jun 29 2008 - 10:48:14 CDT
RISKS-LIST: Risks-Forum Digest Sunday 29 June 2008 Volume 25 : Issue 21
ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy
***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
The current issue can be found at
Federal Agency Grounds Light Jet Used as Air Taxi (Matthew Wald)
Spyware bill cloaks a mini-UCITA (Ed Foster via Monty Solomon)
Wireless systems called disruptive (Robert P Schaefer)
More on election system integrity (Gene Wirchenko)
Re: Risks in Instant Runoff Voting (Scot Drysdale)
Chrysler announces the rolling WiFi hotspot automobile (Drew Lentz)
X-rated SMS case gives employees some privacy guarantees (John Timmer
via Monty Solomon)
Attorney-client calls from jail recorded (Joel Garry)
HTML comments reveal corporate weakness (jidanni)
Photos and laptop crypto (Rob Slade)
Michael Fiola fired (Gene Wirchenko)
REVIEW: "Challenges to Digital Forensic Evidence", Fred Cohen (Rob Slade)
Abridged info on RISKS (comp.risks)
Date: Sun, 15 Jun 2008 21:12:54 PDT
From: "Peter G. Neumann" <neumanncsl.sri.com>
Subject: Federal Agency Grounds Light Jet Used as Air Taxi: Matthew Wald
On 5 Jun 2008, both engines of an Eclipse 500 (a light jet popular as an air
taxi of small corporate plane) became stuck at full throttle on approach to
landing. The pilots aborted the landing, flew around while looking through
the manual, and discovered procedures for failure of one engine control or
the other, but not both. ``They shut down one engine and then lost control
of the other, because of a possible software flaw.'' They were able to land
safely, although blowing out the tires.
``A week later, the Federal Aviation Administration issued an emergency
order Thursday grounding the planes of that model until the throttle
controls can be inspected.''
[Source: Matthew L. Wald, *The New York Times*, 13 Jun 2008; PGN-ed]
Date: Mon, 16 Jun 2008 14:28:51 -0400
From: Monty Solomon <montyroscom.com>
Subject: Spyware bill cloaks a mini-UCITA
By Ed Foster, Section The Gripelog, Mon Jun 16, 2008
The holy grail for the software industry's political muscle has long been
what in UCITA was called "electronic self help" - the right of software
publishers to remotely disable their software on the mere suspicion that it
hasn't been paid for. UCITA was ultimately stopped, but last Wednesday the
Senate Commerce Committee held a hearing on a bill that nominally is
supposed to fight spyware but seems intended to make remote disabling legal.
Date: Wed, 25 Jun 2008 08:23:40 -0400
From: "Schaefer, Robert P \(US SSA\)" <robert.p.schaeferbaesystems.com>
Subject: Wireless systems called disruptive
I caught this in *The Boston Globe*, 25 Jun 2008, under "Wireless systems
are called disruptive", but found a better reference here:
"Wireless systems used by many hospitals to keep track of medical
equipment can cause potentially deadly breakdowns in lifesaving devices
such as breathing and dialysis machines, researchers reported Tuesday in a
study that warned hospitals to conduct safety tests."
The research was published in JAMA under the title "Electromagnetic
Interference From Radio Frequency Identification Inducing Potentially
Hazardous Incidents in Critical Care Medical Equipment".
A quote: "Results In 123 EMI tests (3 per medical device), RFID induced 34
EMI incidents: 22 were classified as hazardous, 2 as significant, and 10 as
Date: Wed, 25 Jun 2008 08:51:22 -0700
From: Gene Wirchenko <genewocis.net>
Subject: More on election system integrity
Yet another story on the vulnerability of voting systems:
Rogue code could seriously skew US presidential election results
Date: Mon, 16 Jun 2008 22:37:02 -0400
From: Scot Drysdale <scotcs.dartmouth.edu>
Subject: Re: Risks in Instant Runoff Voting (Koenig, RISKS-25.20)
I don't know what Martin Gardner said, but if "voting insincerely" means
voting something other than your true preference in order to get a desired
result, then there certainly can be a reason for voting insincerely under
approval voting. Suppose 60% of the voters prefer A but also are happy with
B, 20% like only B, and 20% like only C. Then if the 60% vote sincerely
they would list A and B, and B (with 80% approval) would be the elected
candidate. But if the 60% only vote for A, then A gets elected. Thus
voting insincerely (saying that you do not approve B when in fact you do
approve B) leads to a better result.
Instant runoff can also lead to unfortunate results. Suppose that there are
11 candidates. A1 through A10 are each preferred by 10% of the voters and
hated by the other 90%. B is everybody's strong second choice, liked almost
as much as their first choice. In instant runoff B is eliminated in the
first round, and the election will eventually elect a candidate that 90% of
the voters hate, instead of a candidate that everybody is happy with. Here
approval voting works much better, because B will appear on every ballot and
will be elected (if voters vote sincerely).
Date: Mon, 23 Jun 2008 6:11 xDT
From: Drew Lentz [drewdrewlentz.com]
Subject: Chrysler announces the rolling WiFi hotspot automobile
[From Dave Farber's IP]
Thought you (and the list) might be interested in this. Chrysler's
announcement to deploy Wi-Fi in vehicles to me spells opportunity for
malicious script kiddies and a "rolling" increase in the 2.4 noise floor.
[See IP archives for further discussion. PGN]
IP Archives: http://www.listbox.com/member/archive/247/=now
Date: Fri, 20 Jun 2008 11:46:17 -0400
From: Monty Solomon <montyroscom.com>
Subject: X-rated SMS case gives employees some privacy guarantees
John Timmer, Arstechnica, 20 Jun 2008
Yesterday, the 9th Circuit Court released a ruling with huge implications
for privacy rights. In a case involving personal use of a work-provided
messaging service by a police officer, the court held that the employee had
a right to expect that the privacy of his messages would be honored, and
that any police access to those messages had to meet the standards of a
reasonable search. The ruling provides an extensive space for workspace
privacy, at least as long as the NSA isn't involved.
The decision arises from Quon vs. Arch Wireless (PDF), which has a rather
complicated background. Jeff Quon was a member of the city of Ontario, CA
SWAT team. The city provides its officers with access to a wireless text
messaging pager provided by Arch Wireless, which came with a monthly
character limit. Formally, the announced departmental policy was that the
content of the messages sent could be audited at any time. In practice,
however, the pagers were handled quite differently. The department never
viewed their content, and simply asked users to pay any charges for running
over the character limit.
Things proceeded uneventfully until the day when, as the decision phrases
it, "Lieutenant Duke grew weary of his role as bill collector." The
department decided to determine if the character limit was too low for
departmental business, so they requested a copy of all messages on their
account from Arch Wireless with the intent of determining whether business
or personal use was driving the overage charges. With the contents in hand,
they discovered many of Quon's messages were both personal and X-rated. An
internal investigation ensued, and Quon and the people he exchanged messages
with sued the city, its police department, and Arch Wireless. ...
Date: Sat, 21 Jun 2008 10:50:38 -0700
From: Joel Garry <joel-garrycox.net>
Subject: Attorney-client calls from jail recorded
A jail telephone system would record all calls, except those to numbers
listed in an attorney database. The database was incomplete - most
obviously in not containing attorney's direct lines or cellphones.
California law prohibits recording calls from jail between inmates and
attorneys (just as doctors and patients, and ministers and penitents). It
may be a felony with up to a $5,000 penalty per call. One attorney found
out when the prosecutors gave him a cd with his recorded calls on it. The
San Diego County Sheriff's Department says it was a glitch in the telephone
system. The extent of the problem is unknowable. Prosecutors had access to
the recordings from their PC's. "We thought we had a better database" said
Sheriff's Department Legal Advisor Sanford Toyen.
The system has been turned off; investigations and court paper filings are
underway. The system is being changed to give a number for attorneys to
call to be added to the database.
One risk would be assuming a poorly designed technology driven system will
be adequate to protect legally-required privacy. Poor design decisions
include assuming perfect data in the database, assuming Sheriff's Department
users would be able to assess such risk, and assuming telephone users would
both hear and properly understand an aural message that the call is being
recorded. Another risk may be added by the change: an opt-out system isn't
fast enough unless done properly (read: expensive). Lawyer involvement is
left as an exercise for the cynical.
Date: Tue, 24 Jun 2008 02:03:01 +0800
Subject: HTML comments reveal corporate weakness
We all know of the supposedly invisible parts of PDF documents, but
how about HTML comments? Beside the typical
<!-- headline Comes Here -->
<!-- Quick Links Section -->
<!-- Main Content Section -->
here's one from my million dollar retirement account:
<!-- ~~~~~~~concreate row that makes ns47 beahve~~~~~~~-->
So we see behind the steely corporate facade that if they don't
"concreate" that row, then "ns47" won't "beahve", probably bringing
the entire house of cards down.
Date: Sun, 15 Jun 2008 13:21:10 -0800
From: Rob Slade <rMsladeshaw.ca>
Subject: Photos and laptop crypto
The lead article/editorial in Bruce Schneier's latest CryptoGram
(http://www.schneier.com/crypto-gram.html) points out the foolishness in
warning people to beware of terrorists taking pictures. Millions of people
take billions of pictures every year for legitimate or innocent reasons, and
the major terrorist attacks have not involved terrorists walking around
taking photographs of the targets. It doesn't make sense to try and protect
yourself by raising an alarm about an activity that is probably (*extremely*
probably) not a threat.
Rather ironically, the second piece talks about the fact that your laptop
may be searched when you fly to another country, and the advisability of
laptop encryption. Leaving aside privacy and legality concerns, Schneier is
Now, I don't fly as much as some, but more than many. Since I'm a security
researcher, I've got all kinds of materials on my laptop that would probably
raise all kinds of flags. I've got files with "virus," "malware," "botnet,"
and all kinds of other scary terms in the filenames. (I've got a rather
extensive virus zoo in one directory.) Nobody at immigration has ever
turned a hair at these filenames, since nobody at immigration has ever asked
to look at my laptop. (Even the security screeners don't ask me to turn it
on as much as they used to, although they do swab it more.)
I'm not arguing that people shouldn't encrypt materials on their laptops:
it's probably a good idea for all kinds of reasons. However, unless I'm
very fortunate in my travels (and, from my perspective, I tend to have a lot
more than my fair share of travel horror stories), the risk of having
immigration scan your laptop is not one of them.
rsladevcn.bc.ca sladevictoria.tc.ca rsladecomputercrime.org
Date: Thu, 19 Jun 2008 08:14:32 -0700
From: Gene Wirchenko <genewocis.net>
Subject: Michael Fiola fired
This one is nasty. Mr. Fiola was abruptly fired for having child
pornography on his employee-issued laptop, but now, it seems that there was
insufficient evidence to show that he downloaded it. His life has been
hellish for the last 18 months though:
Date: Mon, 23 Jun 2008 12:19:36 -0800
From: Rob Slade <rmsladeshaw.ca>
Subject: REVIEW: "Challenges to Digital Forensic Evidence", Fred Cohen
"Challenges to Digital Forensic Evidence", Fred Cohen, 2008,
%A Fred Cohen
%C 572 Leona Dr, Livermore, CA 94550
%I Fred Cohen and Associates
%O U$39.00 925-454-0171 all.net
%O Audience s+ Tech 2 Writing 2 (see revfaq.htm for explanation)
%P 122 p.
%T "Challenges to Digital Forensic Evidence"
Fred Cohen knows his stuff when it comes to digital forensics, despite
the fun he has with legalities in the frontmatter of this book. Cohen
states, in chapter one, he wrote the book because of the mistakes he
had seen people make when bringing technical materials into a legal
setting. The work is a sold background for a forensic examiner, and
covers a number of areas that are missed in most of the current
literature on this topic. Forensics is more than simply getting bits
out of a given operating filesystem.
Chapter two concentrates on the errors or problems that arise in the
process of collecting evidence. Many computer forensics books list
the sections that should be included in a written report, but this
author provides, in chapter three, practical advice on both wording
and approaches, including such aspects as the reporting of errors in
previously submitted reports. Chapter four demonstrates difficult
situations, some covered in prior chapters and some new, based on
Chapter five reiterates and emphasizes a point that Cohen raises
frequently throughout the book: as an expert, you are working within,
and subject to, an adversarial system and all its attendant
limitations, but your primary responsibility is to the truth. Being
honest in your work and statements is the basis for all of your
testimony. As chapter six points out, it is also the best way to
avoid being challenged.
There are many books that talk about forensic tools: this isn't one of
them. There are a number of works that address specifics of file
systems and storage devices: this isn't one of them. A few texts even
address some aspects of the investigative process and management:
Cohen addresses some of those issues. However, I have not seen any
other guides that will tell you, clearly and plainly, how to avoid the
most common failings of technical experts trying to provide evidence
in a decidedly non-technical legal system.
copyright Robert M. Slade, 2008 BKCHTDFE.RVW 20080318
rsladevcn.bc.ca sladevictoria.tc.ca rsladecomputercrime.org
Date: Thu, 29 May 2008 07:53:46 -0900
Subject: Abridged info on RISKS (comp.risks)
The ACM RISKS Forum is a MODERATED digest, with Usenet equivalent comp.risks.
=> SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent)
if possible and convenient for you. The mailman web interface can
be used directly to subscribe and unsubscribe:
Alternatively, to subscribe or unsubscribe via e-mail to mailman
your FROM: address, send a message to
containing only the one-word text subscribe or unsubscribe. You may
also specify a different receiving address: subscribe address= ... .
You may short-circuit that process by sending directly to either
risks-subscribecsl.sri.com or risks-unsubscribecsl.sri.com
depending on which action is to be taken.
Subscription and unsubscription requests require that you reply to a
confirmation message sent to the subscribing mail address. Instructions
are included in the confirmation message. Each issue of RISKS that you
receive contains information on how to post, unsubscribe, etc.
=> The complete INFO file (submissions, default disclaimers, archive sites,
copyright policy, etc.) is online.
The full info file may appear now and then in RISKS issues.
*** Contributors are assumed to have read the full info file for guidelines.
=> .UK users should contact <Lindsay.Marshallnewcastle.ac.uk>.
=> SPAM challenge-responses will not be honored. Instead, use an alternative
address from which you NEVER send mail!
=> SUBMISSIONS: to risksCSL.sri.com with meaningful SUBJECT: line.
*** NOTE: Including the string "notsp" at the beginning or end of the subject
*** line will be very helpful in separating real contributions from spam.
*** This attention-string may change, so watch this space now and then.
=> ARCHIVES: ftp://ftp.sri.com/risks for current volume
or ftp://ftp.sri.com/VL/risks for previous VoLume
<http://www.risks.org> redirects you to Lindsay Marshall's Newcastle archive
http://catless.ncl.ac.uk/Risks/VL.IS.html gets you VoLume, ISsue.
Lindsay has also added to the Newcastle catless site a palmtop version
of the most recent RISKS issue and a WAP version that works for many but
not all telephones: http://catless.ncl.ac.uk/w/r
==> PGN's comprehensive historical Illustrative Risks summary of one liners:
<http://www.csl.sri.com/illustrative.html> for browsing,
<http://www.csl.sri.com/illustrative.pdf> or .ps for printing
==> Special Offer to Join ACM for readers of the ACM RISKS Forum:
End of RISKS-FORUM Digest 25.21