Home page logo

risks logo RISKS Forum mailing list archives

Risks Digest 26.60
From: RISKS List Owner <risko () csl sri com>
Date: Fri, 11 Nov 2011 12:14:44 PST

RISKS-LIST: Risks-Forum Digest  Friday 11 November 2011  Volume 26 : Issue 60

Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
The current issue can be found at

  Contents: Happy 11/11/11
ANA plane goes nearly belly up after wrong knob turned (Rob McCool)
E-voting remains insecure, despite paper trail (Gene Wirchenko)
Alleged Absentee Ballot Fraud in Florida (PGN)
Massive Internet Outage blamed on Juniper routers (Lauren Weinstein)
Gmail goes Colbert (James Morris)
Automated systems that don't use automatic daylight savings (Tim Panton)
NASA Confirms 'Suspicious Events' in Satellite Hacking Report (Rebecca Mercuri)
Apple was OK to fire man for private Facebook comments (Anna Leach via
  Gene Wirchenko)
Re: Blackberry outage saves lives (Geoff Kuenning)
Re: United Airlines uses 11,000 iPads ...  (Andrew Douglass, Geoff Kuenning)
W32.Duqu: As ye sow, so shall ye reap ... (Stanley De Jager via Randall)
New Malicious Program by Creators of Stuxnet Is Suspected (NYTimes via PGN)
UK police using gear to intercept and monitor cell phones via mobile network
  spoofing (Lauren Weinstein)
What happens when *everyone's* PII is leaked? (Jeremy Epstein)
Contract worker stole 9M+ Israelis' personal information (Jeremy Epstein)
Skype flaw allows BitTorrent users to be identified (Jeremy Kirk via
  Gene Wirchenko)
Skype for iPhone makes stealing address books a snap (Dan Goodin via
  Monty Solomon)
Abridged info on RISKS (comp.risks)


Date: Thu, 29 Sep 2011 09:26:36 -0700 (PDT)
From: Rob McCool <robm () robm com>
Subject: ANA plane goes nearly belly up after wrong knob turned


An ANA 737 went nearly belly up during cruise flight after the first officer
turned the wrong knob to let the captain back into the cockpit. The knob for
the rudder is similar to the knob to unlock the door and both are located in
close proximity to each other. Luckily, it was late at night and most
passengers were wearing their seat belts.


Date: Tue, 01 Nov 2011 13:13:08 -0700
From: Gene Wirchenko <genew () ocis net>
Subject: E-voting remains insecure, despite paper trail

InfoWorld Home / InfoWorld Tech Watch
October 31, 2011
E-voting remains insecure, despite paper trail
Microsoft researchers propose using cryptography technique as
temporary Band-Aid for making new e-voting systems more secure
By Ted Samson | InfoWorld

opening and closing paragraphs:

Microsoft Research has revealed a potential flaw in verifiable e-voting
machines through which fraudsters could easily use discarded ballot receipts
as a guide for altering votes. Fortunately, the researchers also offered a
solution -- linking new receipts to previous ones with cryptographic hashes
-- but that alone won't make e-voting entirely secure, they cautioned.

This Microsoft Research report offers a fine example of how
electronic-voting systems have improved to a degree, but it also shows that
there's a lot of work to be done to make e-voting truly secure and
verifiable. The fact that so many lawmakers have continued to drag their
feet on this issue, even in light of documented controversies surrounding
e-voting over the past several years, suggests at best an abysmally high
level of technical ignorance among elected officials. At worst, it implies a
general disregard for the democratic process on which this country was
founded, a high level of corruption, or some combination thereof.


Date: Wed, 19 Oct 2011 09:11:47 -0700
From: Peter G Neumann <neumann () csl sri com>
Subject: Alleged Absentee Ballot Fraud in Florida

In Madison County, Florida, 8 residents have been arrested -- among them
the election supervisor and a school board member -- relating to the
2010 school board election in that county.  Apparently, the winner in one
district was implicated in illegally creating absentee ballots mailed to
false addresses, without voters' knowledge.

This reminds me of an incident in the 2000 election in Florida, in which the
inhabitants of entire rest home had voted 100% for one candidate, although
*none* of those residents who had been interviewed by ABC had actually
requested an absentee ballot -- according to the ABC news reporter recording
me.  I suspect this is not uncommon.


Date: Mon, 7 Nov 2011 10:37:17 -0800
From: Lauren Weinstein <lauren () vortex com>
Subject: Massive Internet Outage blamed on Juniper routers

  "A global internet outage took down sites and services across the web on
  Monday.  The outage began shortly after 2pm, and affected telco Time
  Warner Cable in the US and numerous ISPs in the UK, including Eclipse
  Internet and Easynet.  Several of the affected companies blamed the
  downtime on a problem with the firmware in Juniper Network routers.  "This
  outage has affected other networks running Juniper routers with the
  majority of them seeing their devices core dump and reload," affected ISP
  Phyber Communications said."  http://j.mp/sPisRG  (Silicon)

Time Warner has said their entire Internet network operation was affected by
this.  I've been having connectivity problems on one of my primary circuits
since late yesterday and continuing now that may or may not be related.
I'll see if this message makes it out.


Date: November 11, 2011 11:28:12 AM EST
From: james.morris () cmu edu
Subject: Gmail goes Colbert (From Dave Farber's IP)

The new gmail that apparently is going to be forced on everyone is not an
improvement as far as I can see. It has a lot of cosmetic changes that
someone liked, but the amazing thing is the way they are introducing
it. There is no way to revert to the old version, but they devote special
buttons to tell you how nice the new look is and to ask for you for
feedback. The feed back section has just two Colbert-like questions: "What
do you like about the new version?" and "What, if anything, would you change
about the new version?" Colbert would ask something like "Is this awesome or
super-awesome?" but he's trying to be ironic.

James H. Morris  http://www.cs.cmu.edu/~jhm


Date: Tue, 1 Nov 2011 17:30:02 +0000
From: Tim Panton <thp () westhawk co uk>
Subject: Automated systems that don't use automatic daylight savings

I just got this e-mail from reception of the building I'm in today:

  "With the clocks going back by one hour this has caused the security door
  in the reception area to automatically lock at 17:00 instead of 18:00. Due
  to our system being down at the moment we are unable to change
  this. Please can I remind you that you should carry you pass with you at
  all times for security reasons."

So, of the three security systems mentioned, both the automated ones have
partially failed, the fallback is to *e-mail* me to remind me to carry a
pass so I won't get locked on the landing on my way back from the WC.
Hardly a disaster, but annoying none the less.

  [I was hoping to get this issue out at 11/11/11/11:11.  There's still
  hope to celebrate if you are in Alaska or Hawaii.  Cheers!  PGN]


Date: Sat, 29 Oct 2011 21:19:31 -0400
From: RTMercuri <notable () mindspring com>
Subject: NASA Confirms 'Suspicious Events' in Satellite Hacking Report


Chinese Military Suspected in Hacker Attacks on U.S. Satellites
By Tony Capaccio and Jeff Bliss - Oct 26, 2011 9:01 PM PT

Computer hackers, possibly from the Chinese military, interfered with
two U.S. government satellites four times in 2007 and 2008 through a
ground station in Norway, according to a congressional commission.

The intrusions on the satellites, used for earth climate and terrain
observation, underscore the potential danger posed by hackers,
according to excerpts from the final draft of the annual report by
the U.S.-China Economic and Security Review Commission. The report is
scheduled to be released next month.

"Such interference poses numerous potential threats, particularly if
achieved against satellites with more sensitive functions," according
to the draft. "Access to a satellite's controls could allow an
attacker to damage or destroy the satellite. An attacker could also
deny or degrade as well as forge or otherwise manipulate the
satellite's transmission."

A Landsat-7 earth observation satellite system experienced 12 or more
minutes of interference in October 2007 and July 2008, according to
the report.

Hackers interfered with a Terra AM-1 earth observation satellite
twice, for two minutes in June 2008 and nine minutes in October that
year, the draft says, citing a closed-door U.S. Air Force briefing.

The draft report doesn't elaborate on the nature of the hackers'
interference with the satellites.

Chinese Military Writings

U.S. military and intelligence agencies use satellites to
communicate, collect intelligence and conduct reconnaissance. The
draft doesn't accuse the Chinese government of conducting or
sponsoring the four attacks. It says the breaches are consistent with
Chinese military writings that advocate disabling an enemy's space
systems, and particularly "ground-based infrastructure, such as
satellite control facilities."

U.S. authorities for years have accused the Chinese government of
orchestrating cyber attacks against adversaries and hacking into
foreign computer networks to steal military and commercial secrets.
Assigning definitive blame is difficult, the draft says, because the
perpetrators obscure their involvement.

The commission's 2009 report said that "individuals participating in
ongoing penetrations of U.S. networks have Chinese language skills
and have well established ties with the Chinese underground hacker
community," although it acknowledges that "these relationships do not
prove any government affiliation."
Chinese Denials

China this year "conducted and supported a range of malicious cyber
activities," this year's draft reports. It says that evidence
emerging this year tied the Chinese military to a decade-old cyber
attack on a U.S.-based website of the Falun Gong spiritual group.

Chinese officials long have denied any role in computer attacks.

The commission has "been collecting unproved stories to serve its
purpose of vilifying China's international image over the years,"
said Wang Baodong, a spokesman for the Chinese Embassy in Washington,
in a statement. China "never does anything that endangers other
countries' security interests."

The Chinese government is working with other countries to clamp down
on cyber crime, Wang said.

Defense Department reports of malicious cyber activity, including
incidents in which the Chinese weren't the main suspect, rose to a
high of 71,661 in 2009 from 3,651 in 2001, according to the draft.
This year, attacks are expected to reach 55,110, compared with 55,812
in 2010.

Relying on the Internet

In the October 2008 incident with the Terra AM-1, which is managed by
the National Aeronautics and Space Administration, "the responsible
party achieved all steps required to command the satellite," although
the hackers never exercised that control, according to the draft.

The U.S. discovered the 2007 cyber attack on the Landsat-7, which is
jointly managed by NASA and the U.S. Geological Survey, only after
tracking the 2008 breach.

The Landsat-7 and Terra AM-1 satellites utilize the commercially
operated Svalbard Satellite Station in Spitsbergen, Norway that
"routinely relies on the Internet for data access and file
transfers," says the commission, quoting a NASA report.

The hackers may have used that Internet connection to get into the
ground station's information systems, according to the draft.

While the perpetrators of the satellite breaches aren't known for
sure, other evidence uncovered this year showed the Chinese
government's involvement in another cyber attack, according to the

TV Report

A brief July segment on China Central Television 7, the government's
military and agricultural channel, indicated that China's People's
Liberation Army engineered an attack on the Falun Gong website, the
draft said.

The website, which was hosted on a University of Alabama at
Birmingham computer network, was attacked in 2001 or earlier, the
draft says.

The CCTV-7 segment said the People's Liberation Army's Electrical
Engineering University wrote the software to carry out the attack
against the Falun Gong website, according to the draft. The Falun
Gong movement is banned by the Chinese government, which considers it
a cult.

After initially posting the segment on its website, CCTV-7 removed
the footage after media from other countries began to report the
story, the congressional draft says.

Military Disruption

The Chinese military also has been focused on its U.S. counterpart,
which it considers too reliant on computers. In a conflict, the
Chinese would try to "compromise, disrupt, deny, degrade, deceive or
destroy" U.S. space and computer systems, the draft says.

"This could critically disrupt the U.S. military's ability to deploy
and operate during a military contingency," according to the draft.

Other cyber intrusions with possible Chinese involvement included the
so-called Night Dragon attacks on energy and petrochemical companies
and an effort to compromise the Gmail accounts of U.S. government
officials, journalists and Chinese political activists, according to
the draft.

Often the attacks are found to have come from Chinese
Internet-protocol, or IP, addresses.

Businesses based in other countries and operating in China think that
computer network intrusions are among the "most serious threats to
their intellectual property," the draft says.

The threat extends to companies not located in China. On March 22,
U.S. Internet traffic was "improperly" redirected through a network
controlled by Beijing-based China Telecom Corp. Ltd., the state-owned
largest provider of broadband Internet connections in the country,
the draft said.

In its draft of last year's report, the commission highlighted
China's ability to direct Internet traffic and exploit "hijacked"

To contact the reporters on this story: Jeff Bliss in Washington at
jbliss () bloomberg net; Tony Capaccio in Washington at
acapaccio () bloomberg net

To contact the editor responsible for this story: Mark Silva in
Washington at msilva34 () bloomberg net

  [See also this article.  PGN


Date: Thu, 03 Nov 2011 10:34:33 -0700
From: Gene Wirchenko <genew () ocis net>
Subject: Apple was OK to fire man for private Facebook comments

Anna Leach: 'Image is so central to Apple's success', says tribunal,
*The Register*, 3 Nov 2011

selected text:

Apple was right to fire an employee of one of its UK stores for saying rude
things about the company on his Facebook wall, an employment tribunal in
Bury St Edmunds ruled.*

The tribunal judge upheld Apple's dismissal of the man for gross misconduct
in a case which sets another precedent for social network users who like to
bitch about work online.

The Apple Store worker had made derogatory comments about Apple's brand and
products on his Facebook wall. Although his posts were not public, one of
his unfriendlier "friends" -- also a colleague in the store -- printed the
comments out and showed them to their boss, who fired the man for

A striking feature of the case was that although the man's Facebook comments
were not public - privacy settings had been applied - the judge decided
because that the comments could be easily copied and pasted by his friends
they did not attract any privacy protection.


Date: Wed, 26 Oct 2011 15:40:06 -0700
From: Geoff Kuenning <geoff () cs hmc edu>
Subject: Re: Blackberry outage saves lives (Thorson, RISKS-26.59)

Perhaps this could be exploited by throttling down network traffic during
hazardous driving conditions, such as the first heavy rain of the season,
major holiday evenings, and at the end of large sports events.

This bad idea was already tried by BART, with disastrous results.  There
are many socially beneficial uses for smartphones that don't involve
driving.  Even interfering with communication inside cars is a bad idea,
because it ignores the fact that the passengers might be the ones
contacting the babysitter to inform them they're going to be late.

Geoff Kuenning   geoff () cs hmc edu   http://www.cs.hmc.edu/~geoff/


Date: Tue, 25 Oct 2011 14:56:35 -0400
From: Andrew Douglass <andlass.dougrew () gmail com>
Subject: Re: United Airlines uses 11,000 iPads ... (Stanley, RISKS-26.59)

Good details all, but my concern was with *intentional* interference with
the flight systems, e.g., terrorism. It is a question necessarily suggested
I think by any concerns re interference by consumer electronics. In the
general operation of highly complex, fly-by-wire aircraft, such a deliberate
act could be a very bad thing. I have to hope contingency plans are in
place, and they probably aren't. There are I must believe alternatives (for
example hardened navigation options, like some sort of failsafe gyroscopic
or accelerometer control system (the wiser minds here will have better
ideas). Flying these large planes is a highly abstract exercise and flight
crews unprepared for malfunctions, as apparently with Air France 447, can be
rendered suddenly helpless -- flying at cruising altitude is itself a
flight-critical operation.


Date: Wed, 26 Oct 2011 21:33:36 -0700
From: Geoff Kuenning <geoff () cs hmc edu>
Subject: Re: United Airlines uses 11,000 iPads ... (Irons, R-26.59)

  Not quite. The main reason tablets and laptops are banned during takeoff
  and landing isn't because of concerns over interference, but because they
  might hinder an evacuation, and are potentially dangerous projectiles in
  the event of an impact or rapid deceleration. ...

That's the first sensible justification that I've heard on this list for
prohibiting passengers from using devices that are allowed in the cockpit.

Of course, the airlines still don't get it quite right, since many still
permit (as only one example) the wearing of noise-canceling headphones that
are turned off; those, too, would be unpleasant to encounter at high speed.

Geoff Kuenning   geoff () cs hmc edu   http://www.cs.hmc.edu/~geoff/


Date: October 19, 2011 1:34:20 PM EDT
From: Randall Webmail <rvh40 () insightbb com>
Subject: W32.Duqu: As ye sow, so shall ye reap ... (Stanley De Jager)

From Stanley De Jager:

A new threat is getting some press this week and is being touted as "The
next Stuxnet!" or at least a precursor to the next. The W32.Duqu appears
to be written by either the same folks that brought us Stuxnet, or someone
with access to its original source code. But whereas Stuxnet went after
the control components for a device, this new code seems to be
exfiltrating data to find assets for a possible future attack.

It was Aeschylus, the Greek father of tragedy, that once wrote "For the
impious act begets more after it, like to the parent stock."

W32.Duqu: The Precursor to the Next Stuxnet

And a much deeper public analysis here:
W32.Duqu: The precursor to the next! Stuxnet


Date: Wed, 19 Oct 2011 09:11:47 -0700
From: Peter G Neumann <neumann () csl sri com>
Subject: New Malicious Program by Creators of Stuxnet Is Suspected

... Duqu is intended to steal digital information that may be needed to
mount another Stuxnet-like attack.  According to Symantec researchers,
``Duqu's purpose is to gather intelligence data and assets from entities,
such as industrial control system manufacturers, in order to more easily
conduct a future attack against another third party, The attackers are
looking for information such as design documents that could help them mount
a future attack on an industrial control facility.''  Duqu is designed to
last 36 days and then remove itself from the system it infected.  [Source:
John Markoff, The designers of Stuxnet, the computer worm that was used to
vandalize an Iranian nuclear site, may have struck again, security
researchers say.  Israeli Test on Worm Called Crucial in Iran Nuclear Delay
William J. Broad, John Markoff, David E. Sanger, *The New York Times*, 16
Oct 2011; PGN-ed]


Date: Sun, 30 Oct 2011 16:40:26 -0700
From: Lauren Weinstein <lauren () vortex com>
Subject: UK police using gear to intercept and monitor cell phones via mobile
  network spoofing

  "Britain's largest police force is operating covert surveillance
  technology that can masquerade as a mobile phone network, transmitting a
  signal that allows authorities to shut off phones remotely, intercept
  communications and gather data about thousands of users in a targeted
  area."  http://j.mp/s9aJyb (Guardian)

One way to fight this is to focus on using trusted Wi-Fi networks for
communications when possible in constrained areas. The details are complex
but the principle has promise for special situations.


Date: Mon, 24 Oct 2011 08:06:09 -0400
From: Jeremy Epstein <jeremy.j.epstein () gmail com>
Subject: What happens when *everyone's* PII is leaked?

We've all seen hundreds of cases of PII being lost, stolen, etc.  But what
happens when an entire country's PII gets released?  Is that better or worse
- since absolutely everybody is potentially affected, is the government
forced to reissue authentication information to everyone, and change all the
databases?  (Assuming you can identify everyone to ensure that they get the
right authenticators, that is.)  Does the fact that it affects everyone mean
that people will be more cautious of social engineering attacks, since
everyone knows that they could be the target?  Or does it reduce the value
of the lost/stolen information, since everyone will be more on guard against

"The database provides the personal and familial information of all Israeli
citizens in the Population Registry -- more than nine million people, some
of whom are no longer alive. Each citizen's family relations, personal
identification number and other private information are contained in the
database.  [...] At some point, the registry was sold for the paltry sum of
only a few thousand shekels [less than US$1000], and it is likely that it
was used for malevolent purposes. Since the start of the investigation,
Israeli agents have attempted to track down every copy of the registry and
remove it from the Internet. "

Of course removing "every copy" from the Internet is a fool's errand.

I don't have any answers to what the reaction will be, but we may have
a case study to watch.  The database was leaked several years ago, but
I only just read about it in an article about figuring out how the
information came to be posted on the web.



Date: Tue, 25 Oct 2011 20:21:21 -0400
From: Jeremy Epstein <jeremy.j.epstein () gmail com>
Subject: Contract worker stole 9M+ Israelis' personal information

[source: InfoSecNews, InfoSec News <alerts () infosecnews org>, 24 Oct 2011]

A contract worker from the Ministry of Labor and Welfare was charged with
stealing the personal information of over 9 million Israelis from the
Population Registry, the Justice Ministry announced Monday after a media ban
was lifted.

The worker electronically copied identification numbers, full names,
addresses, dates of birth, information on family connections and other
information in order to sell it to a private buyer.

The information was also given to another individual who used it to design a
software program called "Agron 2006", which exploited the database to allow
queries of all Israeli citizens, allowing information to be illegally sold
based on various parameters. Those parameters could include familial
relationships of the entire Israeli population, over several generations.

Subscribe to InfoSec News - www.infosecnews.org


Date: Fri, 21 Oct 2011 10:26:23 -0700
From: Gene Wirchenko <genew () ocis net>
Subject: Skype flaw allows BitTorrent users to be identified (Jeremy Kirk)

Jeremy Kirk, Skype flaw allows BitTorrent users to be identified
Researchers have demonstrated its possible to link BitTorrent users
to Skype account information via IP addresses. It's a possible risk
to Skype's user privacy, 21 Oct 2011.


Date: Fri, 21 Oct 2011 18:52:22 -0400
From: Monty Solomon <monty () roscom com>
Subject: Skype for iPhone makes stealing address books a snap (Dan Goodin)

Dan Goodin, *The Register*, 20 Sep 2011

If you use Skype on an iPhone or iPod touch, Phil Purviance can steal your
device's address book simply by sending you a chat message.  In a video
posted over the weekend, the security researcher makes the attack look like
child's play. Type some JavaScript commands into the user name of a Skype
account, use it to send a chat message to someone using the latest version
of Skype on an iPhone or iPod touch, and load a small program onto a
webserver. Within minutes, you'll have a fully-searchable copy of the
victim's address book. ...


Date: Mon, 6 Jun 2011 20:01:16 -0900
From: RISKS-request () csl sri com
Subject: Abridged info on RISKS (comp.risks)

 The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
 comp.risks, the feed for which is donated by panix.com as of June 2011.
=> SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent)
 if possible and convenient for you.  The mailman Web interface can
 be used directly to subscribe and unsubscribe:
 Alternatively, to subscribe or unsubscribe via e-mail to mailman
 your FROM: address, send a message to
   risks-request () csl sri com
 containing only the one-word text subscribe or unsubscribe.  You may
 also specify a different receiving address: subscribe address= ... .
 You may short-circuit that process by sending directly to either
   risks-subscribe () csl sri com or risks-unsubscribe () csl sri com
 depending on which action is to be taken.

 Subscription and unsubscription requests require that you reply to a
 confirmation message sent to the subscribing mail address.  Instructions
 are included in the confirmation message.  Each issue of RISKS that you
 receive contains information on how to post, unsubscribe, etc.

=> The complete INFO file (submissions, default disclaimers, archive sites,
 copyright policy, etc.) is online.
 The full info file may appear now and then in RISKS issues.
 *** Contributors are assumed to have read the full info file for guidelines.

=> .UK users may contact <Lindsay.Marshall () newcastle ac uk>.
=> SPAM challenge-responses will not be honored.  Instead, use an alternative
 address from which you NEVER send mail!
=> SUBMISSIONS: to risks () CSL sri com with meaningful SUBJECT: line.
 *** NOTE: Including the string "notsp" at the beginning or end of the subject
 *** line will be very helpful in separating real contributions from spam.
 *** This attention-string may change, so watch this space now and then.
=> ARCHIVES: ftp://ftp.sri.com/risks for current volume
     or ftp://ftp.sri.com/VL/risks for previous VoLume
 http://www.risks.org takes you to Lindsay Marshall's searchable archive at
 newcastle: http://catless.ncl.ac.uk/Risks/VL.IS.html gets you VoLume, ISsue.
   Lindsay has also added to the Newcastle catless site a palmtop version
   of the most recent RISKS issue and a WAP version that works for many but
   not all telephones: http://catless.ncl.ac.uk/w/r
 <http://the.wiretapped.net/security/info/textfiles/risks-digest/> .
==> PGN's comprehensive historical Illustrative Risks summary of one liners:
    <http://www.csl.sri.com/illustrative.html> for browsing,
    <http://www.csl.sri.com/illustrative.pdf> or .ps for printing
  is no longer maintained up-to-date except for recent election problems.
==> Special Offer to Join ACM for readers of the ACM RISKS Forum:


End of RISKS-FORUM Digest 26.60

  By Date           By Thread  

Current thread:
  • Risks Digest 26.60 RISKS List Owner (Nov 12)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]