mailing list archives
Risks Digest 22.97
From: RISKS List Owner <risko () csl sri com>
Date: Thu, 23 Oct 2003 15:13:57 PDT
RISKS-LIST: Risks-Forum Digest Thursday 23 October 2003 Volume 22 : Issue 97
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at http://www.risks.org as
The current issue can be found at
Computers may be bad for your health (NewsScan)
Recent London power outage (Peter Amey)
Justice Department e-censorship error (Kevin Poulsen via jones-gill)
RISKS Offshore: A tough lesson on medical privacy (David Lazarus via
"Victoria's Secret Reaches a Data Privacy Settlement" (Drew Dean)
First DEWEY DEFEATS TRUMAN, and now YANKEES LOSE! (Mark Brader)
Discover cancels 60,000 accounts (Charlie Shub)
Nokia and mobile-phone battery explosions (Monty Solomon)
Teen rides Trojan Horse defense (Keith Rhodes)
Feds admit error in hacking conviction (Robert Lemos via ikanal)
Digital signatures: When will they learn? (Jeremy Epstein)
Senate votes to can spam (NewsScan)
Re: Difficulties with Census Bureau income data (Patrick J. Kobly)
Re: Fun with stolen credit-card numbers (Dimitri Maziuk)
Re: And I thought I had it bad... (Anthony W Youngman)
Re: The Joy of Good Design (Debora Weber-Wulff)
Abridged info on RISKS (comp.risks)
Date: Thu, 23 Oct 2003 09:39:21 -0700
From: "NewsScan" <newsscan () newsscan com>
Subject: Computers may be bad for your health
Nine out of 10 computer users are stressed out by such regular occurrences
as performance slowdown, spam overload and lost files, and the time wasted
fixing problems just makes it worse, according to security firm Symantec.
Anger management experts say computer stress must be alleviated before it
affects productivity and human-to-human interactions. "If you are suffering
from stress, the best thing to do is to breathe deeply, and remind yourself
to keep your cool," says Mike Fisher, of the British Association of Anger
Management. The top five stress triggers, according to Symantec, are: 1)
Slow performance and system crashes; 2) Spam, scams and e-mail overload; 3)
Pop-up ads; 4) Viruses; and 5) Lost or deleted files. Men tend to freak out
over viruses, spam and general information pollution, while crashing systems
and sluggish performance really irk women. More than a third of both sexes
will resort to extreme behavior during computer-related meltdown, including
violence, swearing, showing and desperately hitting random keys. The good
news is that 40% will actually try to fix the problem, often asking someone
else for help. Symantec's Kevin Chapman suggests a few ways to reduce the
potential for problems: "For example, don't download lots of large files and
applications, and remove the clutter left behind by long periods on the
Internet. To avoid spam, don't sign up for lots of mailing lists, and if you
do receive spam-mail, never reply to it asking to be removed from the list
as this will confirm your e-mail address." [Eds. Note: NewsScan never, ever
shares your e-mail addresses with *anyone*, so we hope you'll stay on *our*
list.] [BBC News 23 Oct 2003; NewsScan Daily, 23 Oct 2003]
Date: Mon, 20 Oct 2003 09:49:36 +0100
From: "Peter Amey" <peter.amey () praxis-cs co uk>
Subject: Recent London power outage
The London power cut that followed shortly after the great New York
blackout, was quickly blamed on an unforeseeable chain of events including
the fitting of an incorrect valued relay (widely reported as a "fuse"). It
has now emerged that the root cause, the one which led to reliance on the
incorrect relay and the power loss, was simple, old-fashioned poor
The chain of events started when a sub-station transformer alarm sounded.
The problem at this transformer turns out to have been an oil leak which had
been noticed and reported but not dealt with. A power company spokesman
said on the BBC news that they couldn't necessarily take a transformer out
of service as soon as a problem like this was found but, instead, had a
system of managing the leak until it was convenient to correct the problem
permanently. The problem in this case was that the leak wasn't managed (the
request having passed into a planning centre described by one contributor as
a "black hole"), the oil ran out, the alarm sounded, the transformer was
switched out and the incorrect relay failed.
The risk I think is the rush to blame unforeseeable chains of events and
freak failures rather than to admit to failures of basic preventive
Peter Amey, Principal Consultant, Praxis Critical Systems, 20, Manvers St.
Bath, BA1 1PX UK +44 (0)1225 466991 www.praxis-cs.co.uk www.sparkada.com
Date: Thu, 23 Oct 2003 06:19:33 -0000 (GMT)
From: <jonesgill () jones-gill co uk>
Subject: Justice Department e-censorship error (Kevin Poulsen)
Justice e-censorship gaffe sparks controversy
By Kevin Poulsen, SecurityFocus
Posted: 23/10/2003 at 09:37 GMT
Taken from www.theregister.co.uk
A government watchdog group Wednesday accused the Justice Department of
improperly censoring portions of a key report on internal workplace
diversity, after online activists successfully unmasked the blacked-out
portions of an electronic copy of the document.
The 186-page report was released to the public under the Freedom of
Information Act last week and posted to Justice Department's Web site in
Adobe's "Portable Document File" (PDF) format. But the department blacked
out vast portions of the document's text, citing an exemption to FOIA that
permits agencies to keep internal policy deliberations private.
The text didn't stay concealed for long. On Tuesday a Web site called the
Memory Hole, dedicated to preserving endangered documents, published a
complete version of the report, with the opaque black rectangles that once
covered half of it completely removed. Memory Hole publisher Russ Kick won't
say how he unmasked it, but experimentation shows that the concealed text
could be selected and copied using nothing more than Adobe's free Acrobat
Reader. Once copied, the text is easily pasted into another document and
It turns out the report began its life as a Microsoft Word document, and
whoever was in charge of sanitizing it for public release did so by using
Word's highlight tool, with the highlight color set to black, according to
an analysis by Tim Sullivan, CEO of activePDF, a maker of server-side PDF
tools. The simple and convenient technique would have been perfectly
effective had the end product been a printed document, but it was all but
useless for an electronic one. "Using Acrobat, I'm actually able to move the
black boxes around," says Sullivan. "The text is still there."
In 2000, *The New York Times* made a similar error in publishing on its
Web site a classified CIA file documenting American and British officials'
engineering of the 1953 coup that overthrew Iran's elected leadership.
Before releasing the document as a PDF file, the paper blacked out the names
of Iranians who helped with the plot. But online intelligence archivist John
Young published an unsanitized version of the report after discovering that
the opaque black lines and boxes concealing the names could easily be
Both cases demonstrate that what you see is not always what you get in
electronic documents. Censors could have more effectively eliminated the
text by deleting it, rather than painting it over. Additionally, commercial
software is available that's designed specifically to help government
agencies redact PDF files for release under FOIA and the Privacy
Act. Pennsylvania-based Appligent even sells its "Redax" Acrobat plug-in to
the Justice Department. "The amazing thing is that there are different
divisions in the Department of Justice that are using our software, so it's
a little shocking that they would do this in Word," says company president
Denuded of its censorious kludgework, the report -- produced last year by
KPMG -- reveals much about the Justice Department's gender and ethnic
diversity issues. But, significantly, it also shows that the department is
overly aggressive in cutting documents for public release, according to the
Federation of American Scientists (FAS). On Wednesday FAS wrote a letter to
the Justice Department's Office of the Inspector General -- the DoJ's
internal investigators -- urging a full investigation into officials'
"unauthorized withholding of information."
"Too much information was withheld," says FAS's Steven Aftergood.
"Information that was purely factual was censored as if it were
deliberative... We want agencies to be able to discuss different policy
options and to make recommendations outside of a charged political
environment, and the deliberative exemption allows them to do that. But the
exemption does not apply to factual material."
For example, a section of the text notes, "sexual harassment is not
perceived by attorneys to be a problem in the Department, but racial
harassment is." That should never have been cut from the public version,
says Aftergood. "That's something that ought to be made publicly available."
Much, if not most, of the scores of blacked out pages should have been
released under law, Aftergood says. He credits the PDF blunder with exposing
a systemic problem in the Justice Department's FOIA compliance, and he hopes
an internal review will result in an overhaul of the system. A Justice
Department spokesman declined to comment on the matter, and the
almost-censored document disappeared from the department's Web site Wednesday
Date: Thu, 23 Oct 2003 11:56:32 -0400
From: Scott Miller <SMiller () unimin com>
Subject: RISKS Offshore: A tough lesson on medical privacy (David Lazarus)
"Lazarus at large", David Lazarus, *San Francisco Chronicle*, 22 Oct 2003
"Your patient records are out in the open... so you better track that
person and make him pay my dues."
A woman in Pakistan doing cut-rate clerical work for UCSF Medical Center
threatened to post patients' confidential files on the Internet unless she
was paid more money.To show she was serious, the woman sent UCSF an e-mail
earlier this month with actual patients' records attached.
[Just one of the risks of outsourcing. PGN]
Date: Tue, 21 Oct 2003 14:37:41 -0700 (PDT)
From: Drew Dean <ddean () csl sri com>
Subject: "Victoria's Secret Reaches a Data Privacy Settlement"
That fabulous headline appeared in *The New York Times* online. Quick
summary: Their Web site had a security problem where by anyone could check on
the status of anyone else's order, although they could _not_ get credit card
information. Given the nature of the store, this is even more problematic
than usual. Victoria's Secret paid a fine ($50K) without admitting guilt.
Interestingly enough, this happened under consumer protection laws, because
opening line: "There's private, and then there's private." and "'The core of
it is, what do people expect will be kept secret? And of course when you're
dealing with Victoria's Secret, you expect that a lot will be kept secret.'"
Date: Fri, 17 Oct 2003 16:57:06 -0400 (EDT)
From: msb () vex net (Mark Brader)
Subject: First DEWEY DEFEATS TRUMAN, and now YANKEES LOSE!
The morning after the New York Yankees beat the Boston Red Sox to win the
2003 American League baseball pennant, early editions of the *New York Post*
included an editorial bemoaning that the Yankees had lost. Apparently TWO
versions of the editorial had been prepared, one for each eventuality, and
the wrong one was published -- reportedly because someone hit "the wrong
button." The AP item in the *NYTimes* began with ``The curse of the Bambino
[Babe Ruth, erstwhile Red Sox pitcher, for non-baseball fans!] struck the
*New York Post*, too.'' ["NY Post Editorial Says Yankees Lost", 17 Oct
Date: Wed, 22 Oct 2003 13:07:19 -0600 (MDT)
From: Charlie Shub <cdash () ludell uccs edu>
Subject: Discover cancels 60,000 accounts
On 15 Oct 2003, I received an e-mail from discover saying
Your Discover(R) Card account is part of a group of accounts whose
information may have been illegally obtained by unauthorized persons. As a
protective measure, we will be issuing you a new account number. We
believe this proactive step is necessary to protect your account from
potential fraud activity.
After a heated conversation with the people at the other end of their 800
number, they agreed to keep my particular card active through the weekend as
I was leaving on a trip early the following morning. They also assured me
that in the interval between when the account was turned off and the new
cards arrived, they would be able to authorize individual purchases via a
manual override process. That statement proved to be false.
charlie shub University of Colorado at Colorado Springs
cdash () cs uccs edu http://cs.uccs.edu/~cdash 1-719-262-3492
Date: Fri, 17 Oct 2003 08:00:47 -0400
From: Monty Solomon <monty () roscom com>
Subject: Nokia and mobile-phone battery explosions
Nokia Recommends Using Only Original Batteries with Nokia
Products; All Investigated Mobile Phone Battery Explosions Caused
by Non-Original Batteries
- Oct 17, 2003 07:23 AM (BusinessWire)
Recently, in the Netherlands a battery used in a Nokia 7210 mobile phone
exploded. An investigation by Nokia experts clearly proved that the battery
involved in the incident was not a Nokia battery.
Over the past months, cases have been reported of non-original mobile-phone
batteries exploding, causing damage to both batteries and phones. In all the
reported cases, the battery has been a non-original battery. Nokia offers
its cooperation to authorities in taking legal measures available against
those who sell and distribute poor quality non-original mobile phone
enhancements compatible to Nokia products.
In general, the reported incidents are due to an internal short circuit. An
internal short circuit can be caused by careless design, an uncontrolled
production process or a combination of both. Original Nokia batteries and
chargers are designed and manufactured adhering to stringent safety and
quality measures. These include very strict requirements regarding the
materials and insulation used inside the batteries as well as continuous
production control and intensive product testing. ...
Date: Fri, 17 Oct 2003 09:28:31 -0700 (PDT)
From: rhodesk () gao gov
Subject: Teen rides Trojan Horse defense
A UK teen, accused of launching a DDoS attack, was acquitted as a jury
apparently believed his explanation that a hacker had exploited his computer
with a Trojan Horse. [Source: Munir Kotadia, zdnet]
Date: Fri, 17 Oct 2003 06:35:26 -0700 (PDT)
From: notsp_ikinal () ieee org
Subject: Feds admit error in hacking conviction
Federal prosecutors asked an appeals court to reverse a computer-crime
conviction that punished a California man for notifying a company's
customers of a flaw in its e-mail service. Bret McDanel had already served
his 16-month sentence, and is on supervised release with curtailed computer
access. The original conviction resulted from McDanel having notified
customers of Tornado Development (subsequently defunct) that their e-mail
was susceptible to attack. An appeal was filed by Jennifer Granick in
Stanford's Law School. [Source: Robert Lemos, zdnet, 16 Oct 2003; PGN-ed]
Date: Thu, 23 Oct 2003 14:20:25 -0700
From: Jeremy Epstein <jeremy.epstein () webmethods com>
Subject: Digital signatures: When will they learn?
Microsoft has a deal with the US Postal Service for Office 2003 where USPS
will store a permanent record of a document, so anyone can validate the
document for the next seven years. The goal is "to sign and secure
documents in a way that is legally binding". The record (which is
presumably a signed hash) includes "a unique time- and date-stamped record
based on the file's exact content". Sounds good... an unbiased third party
is part of what you need.
However, there are problems:
* WYSMNBWYS: What You Sign May Not Be What You See. Small fonts, hidden
data, bits & pieces of deleted stuff lying around, etc. 'nuff said,
especially given the legacy of examples in RISKS.
* Incompatibility: How often has Microsoft introduced a version of Office
that was compatible with any other version? Never! So why should we
believe you'll be able to verify one of these signed
documents... especially for the next seven years? Or that it'll look like
the document that was "signed"? C'mon!
* What safeguards this repository against tampering? If I can modify the
document and the repository's view of what was signed, I can change
Date: Thu, 23 Oct 2003 09:39:21 -0700
From: "NewsScan" <newsscan () newsscan com>
Subject: Senate votes to can spam
The U.S. Senate has unanimously approved the "Can Spam" bill, sponsored by
Sens. Conrad Burns (R-Mont.) and Ron Wyden (D-Ore.), which would ban the
sleaziest techniques used by spammers to spew out millions of junk e-mail
messages each day. Under the provisions of the bill, senders of unsolicited
e-mail would be prohibited from disguising their purpose by using a fake
return address or misleading subject line, and would no longer be allowed to
harvest e-mail addresses off the Web to bulk up their lists. In addition,
junk e-mail would be required to include a legitimate "opt out" function
that recipients could use to get off lists. A provision proposed by
Sen. Charles Schumer (D-N.Y.) authorizes the Federal Trade Commission to
establish a "do-not-spam" list, similar to the recently implemented
"do-not-call" list that blocks telemarketing calls. "Kingpin spammers who
send out e-mail by the millions are threatening to drown the Internet in a
sea of trash, and the American people want it stopped," said Wyden, who
urged foreign countries to adopt similar measures. [AP 23 Oct 2003;
NewsScan Daily, 23 Oct 2003]
Date: Tue, 14 Oct 2003 17:31:34 -0600
From: "Patrick J. Kobly" <patrick () kobly com>
Subject: Re: Difficulties with Census Bureau income data (Lima, RISKS-22.95)
Tony Lima <TonyLima2 () att net> relayed comments from Dr. Nan Maxwell that:
The census has always capped income figures (as the article notes) for
reasons of confidentiality.--if there are 26 people in the us making
over $1 million and you know their gender, race, place of residence,
industry, occupation, etc. you can pretty much guess who they are.
This is a red herring. There really is no (or minimal) privacy risk at the
data-collection side of things. These privacy concerns (while very real)
shouldn't be dealt with with this kind of gross clipping at collection-time,
but rather with reasoned bucketing schemes at aggregation and reporting
Once the data is collected, the census bureau then can do bucketing based on
the character of the data - there is plenty of academic work on this subject
and market researchers have been doing this for years -- such that we don't
report on buckets small enough to individually identify people. There are
issues that arise, including methods to infer numbers in an intersection of
two aggregation queries where just requesting the intersection yields
unreportable (for privacy reasons) numbers, but these issues can be
addressed with careful analysis.
Even if the data is reported in unaggregated form (ie. some complete
individual surveys are shown), bucketing of answers can still have an
There are a number of ways of dealing with confidentiality issues without
killing the quality of your data.
Date: Fri, 10 Oct 2003 14:33:33 -0500
From: Dimitri Maziuk <dmaziuk () bmrb wisc edu>
Subject: Re: Fun with stolen credit-card numbers (Maziuk, RISKS-22.94)
I received a few e-mail replies to my post and since I'm not subscribed to
the list I don't know how many replies went there. Or how many bounced
because you didn't check my Reply-To address before sending (sorry, too much
spam). I think I should clarify a couple of points.
Simplified transaction I described comes from personal experience. I worked
at a place that had an EFT server supplied by the bank (vendor approved by
the bank, actually). It talked to the bank via leased line and generally
worked like an ATM -- sans magnetic card reader.
I wrote the software that talked to EFT server so I know exactly what
information my software supplied to it: card number and transaction amount.
Different banks/clearing houses mey have different rules, but unless you
know exactly what the rules are in every particular case, there's no reason
to assume a particular vendor makes use of anything other than card number.
(Obviously, they need an address to ship the goods to, but that has nothing
to do with credit card payment.)
My other point was that none of the other information can be used as 100%
reliable fraud indicator. Even the signature: I could take my wife's credit
card, put my signature on the slip, and -- (in theory) our bank should
honour that transaction. Even though my signature doesn't match the one on
the back of the card, it's still valid for our joint account.
Ergo, if the vendor decides to do fraud detection they have to deal with
false positives. Vendor who makes the living from selling stuff has
financial incentive to assume that the positive was, indeed, false.
The form you signed probably said (in a very small print) that it's your,
not someone else's, responsibility to check your statement for transactions
you didn't authorize. So the vendor doesn't have to bother with fraud
detection at all. (Aside: we ended up building a database of "known
offenders" and analysing the logs for usage patterns. And I spent more time
on the phone to fraud agencies than I ever wanted to.)
So the system is insecure by design. As for secure alternatives (and that's
what keeps coming up in RISKS): there are two ways to authenticate you
(credit card user, airplane passenger, computer user). It's either something
you know (PIN, password), or for something you have (fingerprint, barcode
tattooed into your forearm, face on the photograph on your driver's
license). For either way to work reliably, two conditions must be met:
1. Authentication token must be established beforehand using trusted
channel. (cf. e-mailing passwords unencrypted. (It's not clear if
encrypting them does that much good here, as there's no reason to believe
joe () aol com account really belongs to John A. Doe of 123 Beltway,
Washington, DC, but still...)) (Do you want to have to travel to Amazon's
head office with your driver's license, birth certificate, and two reliable
witnesses to leave your thumbprint there before they let you buy anything?)
(Do you want your fingerprints to be instantly available to (potentialy)
anyone who declares themselves "an on-line vendor"?)
2. Token must be transmitted via trusted channel during the transaction.
(cf. Web sites that accept your credit card information via non-encrypted
HTTP connection.) (With biometrics you have to also verify operation of the
scanner device and make sure the finger, eye, or what have you is actually
attached to a living body -- naturally attached, not surgically.)
Of course for a bad guy ther isn't much difference between torturing you to
learn your PIN and chopping off your thumb to take it to thumbprint reader.
If they want it bad enough, they'll figure out how defeat the system.
Given a choice between having $1000 stolen and having my thumb chopped off,
I think maybe existing system is not that bad after all.
Date: Tue, 21 Oct 2003 10:30:32 +0100
From: "Anthony W Youngman" <Anthony.Youngman () eca-international com>
Subject: Re: And I thought I had it bad... (RISKS-22.96)
Take a look at the guff about Demon's mail screwup ... (demon.co.uk,
They upgraded their mail systems to cope with the ever-increasing tide of
spam etc. Unfortunately, due to a config mistake, this made the problem
worse (I'm guessing their SMTP kick for dial-ups got screwed).
As a result, they ended up backing up and deleting all pending mail on their
servers, correcting the config blunder, and then feeding it all back in over
the next few days.
I very nearly got badly stuffed -- I e-mailed some personal work home on the
Monday to work on. As an exam assignment, it HAD to be delivered to Uni for
marking by the Friday. The e-mail arrived home Friday evening -- past the
deadline! Fortunately I didn't need it to be able to carry on working.
Date: Sun, 19 Oct 2003 23:19:31 +0200
From: Debora Weber-Wulff <weberwu () fhtw-berlin de>
Subject: Re: The Joy of Good Design (Don Norman in NewsScan, RISKS-22.96)
Design guru Don Norman says the way a device looks, feels and gives
pleasure is just as important as how it works, and that good design can
make up for some -- though not all -- shortcomings. [...] Good emotional
design must incorporate all three levels, and Norman cites Apple and Sony
as two companies that have managed to do that well.
Yes, but. It doesn't cover all shortcomings. At least in Europe, Sony has
just as bad a "hotline service" as the rest of the lot. I'm planning on
purchasing a new laptop, and I just realized that my Sony Camera wouldn't
talk to my Sony laptop (and the service center couldn't help) and my Sony
PDA has flaky battery problems (and the service center couldn't help) that
seemed to be linked to the Sony Memory Stick (if I take it out, it is less
flaky). So I asked myself: do I really want another Sony? Of course, they
are beautiful. My answer: no. Since all of the service centers tested "D" or
"F" on a school grading scale (4 or 5 on the German scale), why pay more
just for design?
Prof. Dr. Debora Weber-Wulff, FHTW Berlin, FB 4, Treskowallee 8, 10313 Berlin
Tel: +49-30-5019-2320 http://www.f4.fhtw-berlin.de/people/weberwu/
Date: 30 May 2003 (LAST-MODIFIED)
From: RISKS-request () csl sri com
Subject: Abridged info on RISKS (comp.risks)
The RISKS Forum is a MODERATED digest. Its Usenet equivalent is comp.risks.
=> SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent)
if possible and convenient for you. Alternatively, via majordomo,
send e-mail requests to <risks-request () csl sri com> with one-line body
subscribe [OR unsubscribe]
which requires your ANSWERing confirmation to majordomo () CSL sri com .
If Majordomo balks when you send your accept, please forward to risks.
[If E-mail address differs from FROM: subscribe "other-address <x () y>" ;
this requires PGN's intervention -- but hinders spamming subscriptions, etc.]
Lower-case only in address may get around a confirmation match glitch.
INFO [for unabridged version of RISKS information]
There seems to be an occasional glitch in the confirmation process, in which
case send mail to RISKS with a suitable SUBJECT and we'll do it manually.
.UK users should contact <Lindsay.Marshall () newcastle ac uk>.
=> SPAM challenge-responses will not be honored. Instead, use an alternative
address from which you NEVER send mail!
=> The INFO file (submissions, default disclaimers, archive sites,
copyright policy, PRIVACY digests, etc.) is also obtainable from
The full info file will appear now and then in future issues. *** All
contributors are assumed to have read the full info file for guidelines. ***
=> SUBMISSIONS: to risks () CSL sri com with meaningful SUBJECT: line.
*** NEW: Including the string "notsp" at the beginning or end of the subject
*** line will be very helpful in separating real contributions from spam.
*** This attention-string may change, so watch this space now and then.
=> ARCHIVES: http://www.sri.com/risks
http://www.risks.org redirects you to the Lindsay Marshall's Newcastle archive
http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue]
Lindsay has also added to the Newcastle catless site a palmtop version
of the most recent RISKS issue and a WAP version that works for many but
not all telephones: http://catless.ncl.ac.uk/w/r
==> PGN's comprehensive historical Illustrative Risks summary of one liners:
http://www.csl.sri.com/illustrative.html for browsing,
http://www.csl.sri.com/illustrative.pdf or .ps for printing
End of RISKS-FORUM Digest 22.97
- Risks Digest 22.97 RISKS List Owner (Oct 23)