tbyfield on Sat, 6 Jun 1998 22:14:32 +0200 (MET DST)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

<nettime> RISKS DIGEST 19.78 [excerpted]


[Heavily excerpted for redistribution on nettime. All "<...>" are mine.
 For a more detailed explanation of the Indian nuclear plant hack, see
 http://www.antionline.com/SpecialReports/milworm/hack.jpg (a jpeg).-T]

RISKS-LIST: Risks-Forum Digest  Thursday 4 June 1998  Volume 19 : Issue 78

   FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
   ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at http://catless.ncl.ac.uk/Risks/19.78.html 

  Contents:
 <...>
Senate talks martial law and Y2K; Indian nuke-hackers (Declan McCullagh)
 <...>
Texas accent required for voice recognition in UK (Mich Kabay)
 <...>
Referer-log security hole (Jorn Barger)
 <...>
Re: CzERT group of hackers ravage Czech & Slovak cyberspace (Steven Slatem)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

 <...>

Date: Thu, 4 Jun 1998 14:21:28 -0700 (PDT)
From: Declan McCullagh <declan@well.com>
Subject: Senate talks martial law and Y2K; Indian nuke-hackers

http://cgi.pathfinder.com/netly/afternoon/0%2c1012%2c2038%2c00.html

time.com / The Netly News / Afternoon Line, 4 Jun 1998

The Martial Plan

Think the Year 2000 problem means mere elevator snafus? Try dealing with a
platoon of Marines who show up in your front yard to confiscate your hoarded
lentils. Sen. Robert Bennett (R-Utah) asked the deputy secretary of defense
at a hearing this morning what plans the Pentagon has "in the event of a
Y2K-induced breakdown of community services that might call for martial
law." John Hamre replied carefully, but none too reassuringly, "We've got
fundamental issues to deal with that go beyond just the Year 2000
contingency planning. And I think you're right to bring that up." Another
distressing point that came up at the Senate Armed Services committee
hearing was the fact that the military directs one quarter of U.S. air
traffic. "You may be flying across the country and an air traffic controller
may be a military guy in certain areas as opposed to it being an FAA
person," Hamre said. Although the FAA's head Y2K guru assured us this
afternoon that the agency will have its Y2K fixes complete by October 1998,
the military appears to be in much worse shape. And other countries? "We can
be sure that there will be social unrest in many parts of the world as a
result of Y2K," Bennett said. For the record, though, Bennett did say, "I am
not one of those who says that Y2K will automatically produce martial law,"
and blamed "alarmists, extremists out there on the Internet" for unnecessary
scaremongering. --By Declan McCullagh/Washington

Hackistan

As if the accelerating arms race on the subcontinent weren't disturbing
enough, a group of hackers broke into the local area network of India's
Bhadha Atomic Research Center (BARC) and copied five megabytes' worth of
data, including e-mail between scientists and files from India's nuclear
research program.  [...]

  [According to an article by James Glave in WiReD News, 3 Jun 1998, James
  interviewed the three teenage "Milw0rm" crackers (in New Zealand and
  England) by Internet Relay Chat.  They apparently gained control over 6 of
  the 8 servers in *.barc.ernet, altered the BARC Web site, and deleted
  many files -- in protest against the Indian nuclear testing.  (The BARC is
  worse many bytes?)  They also e-mailed some of their discoveries to James.
  They say they are now going to take a closer look at the Pakistanis.  PGN]

------------------------------

 <...>

Date: Wed, 3 Jun 1998 17:05:18 -0400
From: "Mich Kabay [ICSA]" <Mich_Kabay@compuserve.com>
Subject: Texas accent required for voice recognition in UK

According to an article in _The Guardian Weekly_ (May 10, 1998; p. 11),
biometric authentication using voice recognition has hit a stumbling block
because of trans-oceanic differences in accent.

> Tagging Test Pines for Texas, by Alan Travis

> A British experiment using an American device to monitor convicted
> criminals to be introduced later this year has hit a snag -- the high-tech
> "voice recognition" system only responds to a Texas drawl.

> The Home Office scheme involves ordering offenders to carry dedicated
> pagers with them to ensure check-ins several times a day.

The author explains that the paroled convicts are supposed to respond to the
request for check-in by phoning a toll-free number and identifying
themselves.  The biometric authentication system then authenticates their
identity.  I guess the system must also use automatic number identification
to track their physical location (although auto-forwarding of calls poses an
unmentioned threat to such a scheme).

The problem occurred when the unnamed brand of voice recognition system
failed to respond reliably to British accents.  Seems the Texas company
"trained" the system using only Texas drawls.

One additional problem: if the manufacturers in Texas assume that all
British people sound the same, they are in for a nasty surprise.  I suspect
that the variations of pronunciation and even of prosody in that tight
little isle exceed the variations found in television-drenched America (not
counting the wonderful flavours added by immigrants' accents).

M.E. Kabay, PhD, CISSP (Kirkland, QC), Director of Education International
Computer Security Association (Carlisle, PA) <http://www.icsa.net>

  [Quick-drawl artists need not apply.  
  The AYES of Taxes are a pun us. PGN]

------------------------------

 <...>

Date: Tue, 26 May 1998 16:30:32 -0700
From: "George C. Kaplan" <gckaplan@gangrene.net.berkeley.edu>
Subject: Re: Failure modes when the power fails (Weaver, RISKS-19.76)

In RISKS-19.76, Nicholas C. Weaver described various failure modes in the CS
department during the power failure that hit UC Berkeley on 19 May.  The
entire campus network was, of course, offline during this period, and all
the major network equipment was turned off to prevent damage due to surges
when the power returned.

When it became apparent that the power wouldn't come back before the 
end of the working day the network support personnel went home, leaving
instructions with the skeleton operations crew to page them when the 
power came back on.

By now we all know about that *other* little problem that afternoon.
Because our pagers weren't working, we didn't hear that power had returned
until someone happened to call in to work to check.  So restoration of
network operations took about an hour longer than it would have if Galaxy IV
hadn't failed.

George C. Kaplan, Communication & Network Services, University of California
at Berkeley  1-510-643-0496  gckaplan@ack.berkeley.edu

------------------------------

 <...>

Date: Wed, 27 May 1998 17:14:23 -0500
From: jorn@mcs.com (Jorn Barger)
Subject: Referer-log security hole

On 11 May, CNet reported a security hole with the "My Excite" web 'portal',
where a subscriber's private ID (effectively their private password) may
show up in the referer-log of the next site they visit.  The article is at:

 <URL:http://www.news.com/News/Item/0,4,21994,00.html>

...and I doublechecked it today with "Pascal's Header Echo" at
<URL:http://echo.znet.de:8888/> -- by pasting the Pascal URL into my
Netscape Location Bar, Pascal *or anyone* will see much more in my
headers than they ought:

===
I. Your Browser sent the following request to this server:

GET / HTTP/1.0 Referer: http://my.excite.com/?uid=12345ABC654321A0 
Connection: Keep-Alive 
User-Agent: Mozilla/4.03 (Macintosh; I; PPC, Nav) 
Host: echo.znet.de:8888 
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */* 
Accept-Language: en 
Accept-Charset: iso-8859-1,*,utf-8 

===

I've changed the "uid" to a random equivalent, but anyone who found it in
their Referer-log would gain full access to my customized Excite data.

I don't remember even seeing this discussed, but presumably it applies just
as well if you've been browsing pornography, etc, or even looking at an HTML
file in your local filesystem... it would happily deliver up the full path
to that file.

[Added note:] It gets worse and worse:

Going to Altavista and querying "+my.excite.com.uid" turns up 200 pages,
many with usable My Excite passwords.

I EDIT THE NET: <URL:http://www.mcs.net/~jorn/html/weblogs/weblog.html>

------------------------------

<...>

Date: Wed, 03 Jun 1998 21:57:18 +0200
From: Steven Slatem <steven.slatem@intellitech-media.cz>
Subject: Re: CzERT group of hackers ravage Czech & Slovak cyberspace (R 19 77)

Herewith are the links, mistakenly omitted in the last RISKS posting, to
the full story "CzERT lives on":

http://www.intellitech-media.cz/public-access/nbisn/19980524-75x.htm

Central & East European Hack Archive/CzERT Hack Archive:

http://www.intellitech-media.cz/public-access/cee-hack-archive/czert-hack-ar
chive

The author (me) welcomes your comments, questions and opinions in regards
to this story as well as the last posting to RISKS which contained points
exclusive to that posting.

- Steven Slatem, Editor-In-Chief, Networked Business & Information Security
News (NBISN), IntelliTech Media, Inc.  http://www.intellitech-media.cz

  [When including URLs in RISKS submissions, please remember to use only
  long-term URLs as in the case of these archival ones.   TNX.  PGN]

------------------------------

Date: 31 Mar 1998 (LAST-MODIFIED)
From: RISKS-request@csl.sri.com
Subject: Abridged info on RISKS (comp.risks)

 The RISKS Forum is a MODERATED digest.  Its Usenet equivalent is comp.risks.
=> SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) 
 if possible and convenient for you.  Alternatively, via majordomo, 
 SEND DIRECT E-MAIL REQUESTS to <risks-request@csl.sri.com> with one-line, 
   SUBSCRIBE (or UNSUBSCRIBE) [with net address if different from FROM:] or
   INFO     [for unabridged version of RISKS information]
 .MIL users should contact <risks-request@pica.army.mil> (Dennis Rears).
 .UK users should contact <Lindsay.Marshall@newcastle.ac.uk>.
=> The INFO file (submissions, default disclaimers, archive sites, 
 copyright policy, PRIVACY digests, etc.) is also obtainable from
 http://www.CSL.sri.com/risksinfo.html  ftp://www.CSL.sri.com/pub/risks.info
 The full info file will appear now and then in future issues.  *** All 
 contributors are assumed to have read the full info file for guidelines. ***
=> SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line.
=> ARCHIVES are available: ftp://ftp.sri.com/risks or
 ftp ftp.sri.com<CR>login anonymous<CR>[YourNetAddress]<CR>cd risks
   [volume-summary issues are in risks-*.00]
   [back volumes have their own subdirectories, e.g., "cd 18" for volume 18]
 or http://catless.ncl.ac.uk/Risks/VL.IS.html      [i.e., VoLume, ISsue].
 The ftp.sri.com site risks directory also contains the most recent 
 PostScript copy of PGN's comprehensive historical summary of one liners:
   get illustrative.PS

------------------------------

End of RISKS-FORUM Digest 19.78 [excerpted for redistribution on nettime-l]
************************
---
#  distributed via nettime-l : no commercial use without permission
#  <nettime> is a closed moderated mailinglist for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: majordomo@desk.nl and "info nettime-l" in the msg body
#  URL: http://www.desk.nl/~nettime/  contact: nettime-owner@desk.nl