mailing list archives
Risks Digest 27.33
From: RISKS List Owner <risko () csl sri com>
Date: Thu, 6 Jun 2013 11:43:19 PDT
RISKS-LIST: Risks-Forum Digest Thursday 6 June 2013 Volume 27 : Issue 33
ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy
***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
The current issue can be found at
Re: BA plane's emergency landing at LHR caused by maintenance error
Data protection in the EU: the certainty of uncertainty
NSA collecting phone records of millions of Americans daily (Paul Owen via
"In digital era, privacy must be a priority. Is it just me,
or is secret blanket surveillance obscenely outrageous" (Al Gore)
"The BYOD Mobile Security Threat Is Real" (Tom Kaneshige via Gene Wirchenko)
Re: The Hazards of Gambling (FriedBadger)
Re: Risks of spreadsheets -- and leap seconds (Bob Frankston)
Re: Apple says you can't use the iTunes/App Store ... abroad
Abridged info on RISKS (comp.risks)
Date: Wed, 05 Jun 2013 19:04:44 +0100
From: Clive Page <usenet () page2 eu>
Subject: Re: BA plane's emergency landing at LHR caused by maintenance error
Regarding the BA plane which took off with both engine cowls unlatched.
The bit of the story that frightened me most was from one of the BBC
accounts which said:
``Last July Airbus said there had been 32 reported fan cowl door
detachment events, but none of the cases resulted in a fire.''
This suggests to me that maintenance crews are not paying anything like
enough attention to this. If the cowl comes loose it might, as in this
case, cause a fire and an emergency landing. But it could even be worse.
A lump of metal falling from a preceding plane is now thought to have caused
the Concorde disaster at Paris some years ago.
Date: Wed, 5 Jun 2013 9:37:27 PDT
From: "Peter G. Neumann" <neumann () csl sri com>
Subject: Data protection in the EU: the certainty of uncertainty
Cory Doctorow, *The Guardian*'s technology blog, 5 Jun 2013
"As I write this, the European Parliament is involved in a world-beatingly
gnarly wrangle over the new General Data Protection Regulation.''
Cory's blog item on the relative ease of de-identifying supposed
anonymizations should be no surprise to RISKS readers. It is a very nice
assessment of some of the risks. Ed Felten (Princeton) and Seth David
Schoen (EFF) are quoted, among others. It is very well worth your reading,
as it opens up some gigantic cans of worms (although quite unlike the Diet
of Worms). PGN
Date: Wed, 5 Jun 2013 19:53:05 -0400
From: dfarber <dave () farber net>
Subject: NSA collecting phone records of millions of Americans daily
Revealed: NSA collecting phone records of millions of Americans daily
Paul Owen, *The Guardian*, 6 Jun 2013
Under the terms of the order, the numbers of both parties on a call are
handed over, as is location data and the time and duration of all calls.
The National Security Agency is currently collecting the telephone records
of millions of US customers of Verizon, one of America's largest telecoms
providers, under a top secret court order issued in April.
The order, a copy of which has been obtained by the Guardian, requires
Verizon on an "ongoing, daily basis" to give the NSA information on all
telephone calls in its systems, both within the US and between the US and
The document shows for the first time that under the Obama administration
the communication records of millions of US citizens are being collected
indiscriminately and in bulk -- regardless of whether they are suspected of
The secret Foreign Intelligence Surveillance Court (Fisa) granted the order
to the FBI on April 25, giving the government unlimited authority to obtain
the data for a specified three-month period ending on July 19.
Under the terms of the blanket order, the numbers of both parties on a call
are handed over, as is location data, call duration, unique identifiers, and
the time and duration of all calls. The contents of the conversation itself
are not covered.
The disclosure is likely to reignite longstanding debates in the US over the
proper extent of the government's domestic spying powers.
Under the Bush administration, officials in security agencies had disclosed
to reporters the large-scale collection of call records data by the NSA, but
this is the first time significant and top-secret documents have revealed
the continuation of the practice on a massive scale under President Obama.
The unlimited nature of the records being handed over to the NSA is
extremely unusual. Fisa court orders typically direct the production of
records pertaining to a specific named target who is suspected of being an
agent of a terrorist group or foreign state, or a finite set of individually
The Guardian approached the National Security Agency, the White House and
the Department of Justice for comment in advance of publication on
Wednesday. All declined. The agencies were also offered the opportunity to
raise specific security concerns regarding the publication of the court
The court order expressly bars Verizon from disclosing to the public either
the existence of the FBI's request for its customers' records, or the court
"We decline comment," said Ed McFadden, a Washington-based Verizon spokesman.
The order, signed by Judge Roger Vinson, compels Verizon to produce to the
NSA electronic copies of "all call detail records or 'telephony metadata'
created by Verizon for communications between the United States and abroad"
or "wholly within the United States, including local telephone calls".
The order directs Verizon to "continue production on an ongoing daily basis
thereafter for the duration of this order". It specifies that the records to
be produced include "session identifying information", such as "originating
and terminating number", the duration of each call, telephone calling card
numbers, trunk identifiers, International Mobile Subscriber Identity (IMSI)
number, and "comprehensive communication routing information".
The information is classed as "metadata", or transactional information,
rather than communications, and so does not require individual warrants to
access. The document also specifies that such "metadata" is not limited to
the aforementioned items. A 2005 court ruling judged that cell site location
data -- the nearest cell tower a phone was connected to -- was also
transactional data, and so could potentially fall under the scope of the
While the order itself does not include either the contents of messages or
the personal information of the subscriber of any particular cell number,
its collection would allow the NSA to build easily a comprehensive picture
of who any individual contacted, how and when, and possibly from where,
It is not known whether Verizon is the only cell-phone provider to be
targeted with such an order, although previous reporting has suggested the
NSA has collected cell records from all major mobile networks. It is also
unclear from the leaked document whether the three-month order was a
one-off, or the latest in a series of similar orders.
The court order appears to explain the numerous cryptic public warnings by
two US senators, Ron Wyden and Mark Udall, about the scope of the Obama
administration's surveillance activities.
For roughly two years, the two Democrats have been stridently advising the
public that the US government is relying on "secret legal interpretations"
to claim surveillance powers so broad that the American public would be
"stunned" to learn of the kind of domestic spying being conducted.
Because those activities are classified, the senators, both members of the
Senate intelligence committee, have been prevented from specifying which
domestic surveillance programs they find so alarming. But the information
they have been able to disclose in their public warnings perfectly tracks
both the specific law cited by the April 25 court order as well as the vast
scope of record-gathering it authorized.
Julian Sanchez, a surveillance expert with the Cato Institute, explained:
"We've certainly seen the government increasingly strain the bounds of
'relevance' to collect large numbers of records at once -- everyone at one
or two degrees of separation from a target -- but vacuuming all metadata up
indiscriminately would be an extraordinary repudiation of any pretence of
constraint or particularized suspicion." The April order requested by the
FBI and NSA does precisely that.
The law on which the order explicitly relies is the so-called "business
records" provision of the Patriot Act, 50 USC section 1861. That is the
provision which Wyden and Udall have repeatedly cited when warning the
public of what they believe is the Obama administration's extreme
interpretation of the law to engage in excessive domestic surveillance.
In a letter to attorney general Eric Holder last year, they argued that
"there is now a significant gap between what most Americans think the law
allows and what the government secretly claims the law allows."
"We believe," they wrote, "that most Americans would be stunned to learn the
details of how these secret court opinions have interpreted" the "business
records" provision of the Patriot Act.
Privacy advocates have long warned that allowing the government to collect
and store unlimited "metadata" is a highly invasive form of surveillance of
citizens' communications activities. Those records enable the government to
know the identity of every person with whom an individual communicates
electronically, how long they spoke, and their location at the time of the
Such metadata is what the US government has long attempted to obtain in
order to discover an individual's network of associations and communication
patterns. The request for the bulk collection of all Verizon domestic
telephone records indicates that the agency is continuing some version of
the data-mining program begun by the Bush administration in the immediate
aftermath of the 9/11 attack.
The NSA, as part of a program secretly authorized by President Bush on 4
October 2001, implemented a bulk collection program of domestic telephone,
Internet and e-mail records. A furore erupted in 2006 when USA Today
reported that the NSA had "been secretly collecting the phone call records
of tens of millions of Americans, using data provided by AT&T, Verizon and
BellSouth" and was "using the data to analyze calling patterns in an effort
to detect terrorist activity." Until now, there has been no indication that
the Obama administration implemented a similar program.
These recent events reflect how profoundly the NSA's mission has transformed
from an agency exclusively devoted to foreign intelligence gathering, into
one that focuses increasingly on domestic communications. A 30-year employee
of the NSA, William Binney, resigned from the agency shortly after 9/11 in
protest at the agency's focus on domestic activities.
In the mid-1970s, Congress, for the first time, investigated the
surveillance activities of the US government. Back then, the mandate of the
NSA was that it would never direct its surveillance apparatus domestically.
At the conclusion of that investigation, Frank Church, the Democratic
senator from Idaho who chaired the investigative committee, warned: "The
NSA's capability at any time could be turned around on the American people,
and no American would have any privacy left, such is the capability to
monitor everything: telephone conversations, telegrams, it doesn't matter."
Additional reporting by Ewen MacAskill and Spencer Ackerman
Date: Thu, 6 Jun 2013 08:57:55 -0400
From: David Farber <farber () gmail com>
Subject: Al Gore "In digital era, privacy must be a priority. Is it just me,
or is secret blanket surveillance obscenely outrageous"
Al Gore, 6 Jun 2013, http://t.co/KONSBtTWjc
The former vice president slammed the overreach of the NSA's surveillance
powers on Twitter.
Date: Wed, 05 Jun 2013 11:26:44 -0700
From: Gene Wirchenko <genew () telus net>
Subject: "The BYOD Mobile Security Threat Is Real" (Tom Kaneshige)
Tom Kaneshige, *CIO*, 30 May 2013
Cloud storage, text messaging, poor accountability and the "Bad Leaver"
open the doors to data breaches in a BYOD environment, says a cyber-crime
expert in this CIO.com interview.
Date: Wed, 05 Jun 2013 10:29:10 +0100F
From: spam trap <nospam.1.friedbadger () spamgourmet com>
Subject: Re: The Hazards of Gambling (Drewe, RISKS-27.32)
If the Government takes money off rich people and gives it to poor people,
this may seem to be "fairer" and reduce inequality,
It does. A previous poster has eloquently explained this.
but it rewards people who rely on welfare and punishes those who provide
I would not use the term 'reward' or 'punish'. People on low incomes who
rely on benefits are often struggling to afford the basics. Many are not
able to find well-paid work. OTOH taking a little from the wealthiest will
not hurt them.
(hence in the UK a lifetime on welfare is quite a popular career option).
This is a myth often spread by certain elements in the media. In truth the
majority of benefits goes to those who do work but are on low-incomes.
Describing a lifetime on welfare as a 'popular' career option is
insulting to the majority who would get a (better) job if they could.
Date: Tue, 4 Jun 2013 20:43:28 -0400
From: "Bob Frankston" <bob2-39 () bobf frankston com>
Subject: Re: Risks of spreadsheets -- and leap seconds (Kaiser, RISKS-27.32)
Hidden dependencies are a risk with any program. And then we get
dependencies on the bug. We get away with this because if typically doesn't
matter in a world that isn't very precise. I wonder how many financial
instruments depended on the 1-2-3 bug which treated 2000 as a leap year. I
happened to be well-aware of the problem because my very first program in
1963 calculated leap years on an IBM 1620.
We often get away with accepting these problems because proportionality
rules in the analog arena. And typically the models we are using are indeed
in the analog domain. But when we operate in the digital domain we can run
into trouble. (I posted related comments about big data as
This is why I keep complaining about the leap second. In the analog world
it's just a pesky second but in the digital world we don't round "1/2/2020
23:59:59" because we know that that is really 1/2/2020 though using
epoch+seconds it might not be. For that matter essentially none of the
date/times in databases for the last 40 years are correct since they just
pretend leap seconds don't exist. They can't because time function simply
don't have the information to do interval calculations.
Date: Wed, 5 Jun 2013 07:47:31 -0400
From: Steve Wildstrom <steve () wildstrom com>
Subject: Re: Apple says you can't use the iTunes/App Store ... abroad (R-27.32)
This has to do with content licensing issues and the blame falls on the
content owners, not Apple. In a sense, it is related to the DVD zone
problem. Content owners license Apple to distribute movies and other content
on a country-by-country basis. To comply with the terms of these agreements,
Apple has to limit sales to the customer's home country, thus the ToS
restrictions. And the EU doesn't help here; licensing, like much else, is
still on a national basis.
Steve Wildstrom www.wildstrom.com/steve
Date: Sun, 7 Oct 2012 20:20:16 -0900
From: RISKS-request () csl sri com
Subject: Abridged info on RISKS (comp.risks)
The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
comp.risks, the feed for which is donated by panix.com as of June 2011.
=> SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent)
if possible and convenient for you. The mailman Web interface can
be used directly to subscribe and unsubscribe:
Alternatively, to subscribe or unsubscribe via e-mail to mailman
your FROM: address, send a message to
risks-request () csl sri com
containing only the one-word text subscribe or unsubscribe. You may
also specify a different receiving address: subscribe address= ... .
You may short-circuit that process by sending directly to either
risks-subscribe () csl sri com or risks-unsubscribe () csl sri com
depending on which action is to be taken.
Subscription and unsubscription requests require that you reply to a
confirmation message sent to the subscribing mail address. Instructions
are included in the confirmation message. Each issue of RISKS that you
receive contains information on how to post, unsubscribe, etc.
=> The complete INFO file (submissions, default disclaimers, archive sites,
copyright policy, etc.) is online.
*** Contributors are assumed to have read the full info file for guidelines.
=> .UK users may contact <Lindsay.Marshall () newcastle ac uk>.
=> SPAM challenge-responses will not be honored. Instead, use an alternative
address from which you NEVER send mail!
=> SUBMISSIONS: to risks () CSL sri com with meaningful SUBJECT: line.
*** NOTE: Including the string "notsp" at the beginning or end of the subject
*** line will be very helpful in separating real contributions from spam.
*** This attention-string may change, so watch this space now and then.
=> ARCHIVES: ftp://ftp.sri.com/risks for current volume
or ftp://ftp.sri.com/VL/risks for previous VoLume
http://www.risks.org takes you to Lindsay Marshall's searchable archive at
newcastle: http://catless.ncl.ac.uk/Risks/VL.IS.html gets you VoLume, ISsue.
Lindsay has also added to the Newcastle catless site a palmtop version
of the most recent RISKS issue and a WAP version that works for many but
not all telephones: http://catless.ncl.ac.uk/w/r
==> PGN's comprehensive historical Illustrative Risks summary of one liners:
<http://www.csl.sri.com/illustrative.html> for browsing,
<http://www.csl.sri.com/illustrative.pdf> or .ps for printing
is no longer maintained up-to-date except for recent election problems.
*** NOTE: If a cited URL fails, we do not try to update them. Try
browsing on the keywords in the subject line or cited article leads.
==> Special Offer to Join ACM for readers of the ACM RISKS Forum:
End of RISKS-FORUM Digest 27.33
- Risks Digest 27.33 RISKS List Owner (Jun 06)