They doing electronic voting where you are yet?  :-)

* Forwarded (from: netmail) by Roy J. Tellason using timEd 1.10.y2k.

Date: Mon, 14 Apr 2003 18:24:16 +1000
From: Chris Maltby 
Subject: NSW forced to hand count poll result

  "Computer problems have forced the New South Wales electoral office to
  start manually counting nearly 4 million upper house ballot papers.  NSW
  Electoral Commissioner John Wasson says it will be a mammoth task to have
  all the votes counted and preferences allocated before the declaration of
  the poll at the end of the month.  It is hoped the computer glitches will
  be fixed later this week, but Mr Wasson says he can not afford to delay
  the count any longer.  [...]
  http://www.abc.net.au/news/justin/nat/newsnat-14apr2003-43.htm>

My (slightly informed) guess is that the NSW Electoral Office acquired and
made changes to the Australian Electoral Commission's election management
software. The changes are to allow for the new NSW Upper House voting
system
and they have not been a success. This is probably due to inadequate testing
as the changes to the Electoral Act were made quite some time ago.

To give them some credit, it's quite a challenge to simulate an election
with 4 million voters in a realistic way. My experience with testing the
AEC software in the pre-outsourced mid-1990s was that the stresses imposed
by a real election were always well in excess of anything that could be
simulated -- and some elections were conducted with changes to the counting
requirements made in the last few months before the election...

I'll bet he's hoping the software starts working though. Mind you, it's
hard to be all that confident in the results -- even leaving aside that the
requirement for random sampling of papers in NSW upper house elections
(unlike the Senate) makes exact reproduction of results problematic.

The return of the writs is required by 29 Apr 2003 IIRC.

--

Date: Sun, 13 Apr 2003 01:30:50 -0400
From: Monty Solomon 
Subject: Web Site for posting local election results crashes after virus attack

A Web site designed to tally and publish the results of a local election in
Will County, Illinois was unable to perform as expected because it was
deluged with phony requests.  The Will County Director of Information
Systems has informed the FBI.
  http://www.theage.com.au/articles/2003/04/07/1049567599656.html

  [Excerpted from SANS NewsBites April 9, 2003 Vol. 5, Num. 14
    http://www.sans.org/newsletters/newsbites/vol5_14.php
  along with Eugene Schultz's Editor's Note: 
    Although this news item might superficially appear to not be all that
    important, it is really quite significant.  There is considerable
    apprehension concerning computerized voting systems, and incidents such
    as this one will only increase the level of concern.  ES]



Date: Mon, 14 Apr 2003 14:35:01 -0400
From: "Hanah Metchis" 
Subject: Paypal Meets the Patriot Act

CEI C:\SPIN [Excerpted by PGN]

Paypal Meets the Patriot Act, by Solveig Singleton, Senior Policy Analyst
  http://www.cei.org/dyn/view_bio.cfm/163> , 
Project on Technology and Innovation, CEI http://www.cei.org/>  14 Apr 2003.

Paypal has been in the news lately.  In this case, a Missouri prosecutor
sent eBay a letter
http://news.findlaw.com/news/s/20030401/techebaypaypaldc.html>
insisting that its recent acquisition, Paypal, was violating the Patriot
Act   http://www.epic.org/privacy/terrorism/hr3162.html> by
processing payments from Internet gambling operations.  Internet gambling
is illegal in the U.S., but about 5 million Americans use overseas sites;
eBay discontinued Paypal's gambling operations last fall.  This comes on
top of troubles Paypal has had with the New York attorney general
http://www.auctionbytes.com/pages/abn/y02/m08/i22/s01> and
authorities in
other states. So what's up with Paypal? Is something sinister going on
there? Far from it.  Prosecutors may get paid by the public, but they don't
always serve the public.  [...]

C:\SPIN is produced by the Competitive Enterprise Institute.

--

Date: Mon, 31 Mar 2003 10:59:17 -0500 (EST)
From: David Lesher 
Subject: Risks of *not* being lost

Seems many of the ""embedded"" media procured Thuraya
brand sat/cell phones before departing. These are controlled by a ground
station in Abu Dhabi, and to optimize performance, the phone locates itself
with an on-board GPS and reports back that position to the ground station.

Ooops, current exact location is one thing the US does NOT want the Other
Guys to know. While you could in theory use triangulation or other schemes
to locate any EM emitter, including a phone, making it easy for Them is
hardly ever a good idea. The military has confiscated the phones.

The competitor, Iridium, may well also do this too, but allegedly the GPS
reporting can be turned off [how? hardware or ....software?]  and in any
case, that ground station is in the US. Given that Iridium is running at
all only because Uncle Sam bought a govt-wide license, one could hope that
someone has considered the integrity of that aspect beforehand.

Note that the FBI is mandating tracking of all domestic cell phones as
well, with the already past due-date being slipped back time and again.
Security at our myriad providers can not help but be worse than at that
single Iridium ground station.

And in both TV and real life, cops and FBI agents carry cell phones.  In
the future will oh, Willy Sutton | John Brown | Jonathan Pollard | Paul
Reubens be able to track the FBI agents tracking them?

Risk: Be careful what you wish for; most swords do have two sides.

--

Date: Tue, 15 Apr 2003 18:36:04 +0100
From: M Taylor 
Subject: Nova Scotia police track suspect with GPS

Police in Nova Scotia use the On Star system, a GPS based service included
in the car to locate the car within minutes of contacting On Star operators
in United States.  [Source: *Globe and Mail*, 15 Apr 2003]
http://www.globeandmail.com/servlet/RTGAMArticleHTMLTemplate
?tf=RT/fullstory_print.html&slug=gtbeatapr15&date=20030415

It is nice to know that occasionally technology increases risk of getting
caught to criminals.  M Taylor  http://www.mctaylor.com/



(RJT: More guvamint competence...)

Date: 14 Apr 2003 10:54:08 +0100
From: Nigel Metheringham 
Subject: Double-barrelled surname costs disabled mother

  A disabled mother of three has been barred from receiving tax credits
  worth 190 pounds a week because she is among hundreds of claimants whose
  double-barrel surnames are not recognised by Government computers.  Sue
  Evan-Jones has fought for more than three months to persuade the Inland
  Revenue that her surname has two parts after she was told the system was
  confused by hyphens.

The fact that obvious input validation problems, and properly specifying the
valid forms of input in the original design are still being got horribly
wrong in 2003 fills me with despair.

Source:
  http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2003/04/14/ncred14.xml

--

(RJT:  I've been having to deal with this stuff at work.)

Date: Sat, 12 Apr 2003 22:59:51 -0700
From: Jack Goldberg 
Subject: New comprehensive Federal rules on privacy of medical information

The article in the 12 Apr 2003 *San Jose Mercury News*
http://www.bayarea.com/mld/mercurynews/news/5614657.htm 
is an easy to read summary of the new Federal rules on privacy of medical
information privacy, just being put into effect.  There is a very large
body of literature on the general subject and on the development of the
standards, and the set of rules itself is a huge body of text.  This reader
sees lots of good intentions, but also lots of problems, such as how
medical and computer personnel -- and citizens, can understand the complex
rules to determine what is allowed and what is not, how to help a client
know whether exercising an option is a good idea or not, whether
implementation of the rules will be an intolerable burden on health care
practice, and how the integrity of a given implementation can be verified
and preserved.  On the last point, there seems to be no provision in the
law for certification; rather it seems that it will be up to the courts to
decide if the rules were violated in a particular case.  This development
deserves attention.

--

Date: Tue, 8 Apr 2003 12:34:55 -0400
From: Marc Rotenberg 
Subject: 75+ Organizations urge FBI NCIC database accuracy

A broad coalition of organizations across the United States has endorsed a
letter urging the reestablishment of accuracy requirements for the FBI's
National Crime Information Center (NCIC), the nation's largest criminal
justice database.

More than 3,000 individuals from 47 states and the District of Columbia have
signed an online petition to the Office of Management and Budget (OMB) also
supporting the Privacy Act accuracy requirements.

The petition drive will continue until the OMB acts on the request.
Individuals may sign the petition online at:

  http://www.petitiononline.com/ncic/petition.html

    [Excerpted for RISKS.  See RISKS-22.65 and 22.67 for items on the
    termination of the NCIC accuracy requirements.  PGN]

--

Date: Fri, 04 Apr 2003 19:32:26 -0800
From: Crispin Cowan 
Subject: Re: POW Social Security numbers revealed (Hirose, RISK-22.67)

It is often suggested that disclosure of SSN's is a great risk. In the
current climate, where SSN's are used to *authenticate* an individual
("tell us your SSN so we know it is you") that certainly is true.

However, I suggest an alternate approach to solving the problem of identity
theft. SSN's are hopelessly easy to obtain; attempting to curtail the
broadcast of these numbers (e.g. hoping the Iraqi state television will
control the release) is futile. Instead, I suggest that the US Government
*prohibit* the use of SSN's as authenticators. If all of the US
organizations that currently authenticate with SSN's were forced to use
something else (anything else) the state of the identity theft crisis would
improve drastically.

The "*anything* else" part is important to this proposal. It is
tempting to propose something prescriptive, specifying how organizations
should authenticate people. However, I suspect that such prescriptions
would make the law founder on impracticality, as organizations find high
quality authentication difficult to implement for one reason or anther.

In contrast, simply forcing organizations to choose something else at least
has the scattershot effect that they are unlikely to choose all the same
attributes, making wholesale identity theft much more difficult.

Just me proposing this idea here and getting a few folks to agree that it
would be beneficial is fun & all :-) but won't actually change
anything. More constructive would be if those who do agree with the idea,
and have more influence in the financial regulation space than I do, would
take up the idea and start spreading it around.

Crispin Cowan, Chief Scientist, WireX
http://wirex.com  http://wirex.com/~crispin/

--

Date: Sun, 13 Apr 2003 09:21:39 -0400 (EDT)
From: Bill Gunshannon 
Subject: Re: The reality behind these laws (Re: Shalunov, RISKS-22.68)

Assuming that the failure of one of the postulates results in the failure
of the premise, we can put this one to bed.

Since when is a NAT box "intended to conceal the actual origin of IP
traffic"?  The intended purpose of NAT and the use it is put to in
every case I am aware of is to allow persons with a single IP Address to
have more than one host on their network that can all access the INTERNET
and I am certain that is the reason LinkSYS gives for selling the products
that have NAT built in.  On top of that, NAT hides nothing.  You still need
at least one valid routable IP address and that address is traceable to a
fixed location and person responsible.

If the purpose of NAT were to "conceal the actual origin of IP
traffic", what then of DHCP?

The RISK here is that we start chasing after demons that don't exist while
missing the ones that really do.

Bill Gunshannon, University of Scranton, Scranton, Pennsylvania



Date: Mon, 14 Apr 2003 13:52:48 +0200
From: "Peter B. Ladkin" 
Subject: Re: Friendly Fire (RISKS-22.65 to 22.68)

In RISKS-22.68, I gave some figures from [1, Figure 1.1, p1-2] suggesting
that the number of fratricide incidents in recent conflicts (from WW II)
lay around 1% of casualties. The figure for Desert Storm/Shield that I gave
was mistaken. The figures from FM 100-14 Figure 1.1 are:

                World War II     Korea     Vietnam     Desert Storm/Shield
                   (1942-45)      (1950-53)  (1965-72)       (1990-1991)
Accidents        56%            44%        54%               75%
Friendly Fire     1%             1%         1%                5%
Enemy Actions    43%            55%        45%               20%

Paul Marks of the *New Scientist* pointed out to me that the UK National
Audit Office takes a different view. It says that "American research
shows that, historically, fratricide accounts for between ten and 15 per
cent of friendly casualties during operations." [2, paragraph 1.5]

FM 100-14 speaks simply of "losses". The UK NAO defines
fratricide as "destruction of friendly or allied forces". It is
possible that these are two different concepts. But it is also possible
that people aren't counting very precisely. It's a shame that one cannot
tell from either of these documents what the figures actually represent.

[1] U.S. Army Field Manual 100-14, Risk Management, 23 April 1998,
available from http://www.irwin.army.mil/g3/tacticalsafety.html

[2] National Audit Office, UK, Combat Identification, Report by the
Comptroller and Auditor General, HC661 Session 2001-2002: 7 March 2002,
available from http://www.nao.gov.uk/pn/01-02/0102661.htm

Peter Ladkin, University of Bielefeld, Germany http://www.rvs.uni-bielefeld.de

--

Date: Mon, 14 Apr 2003 14:50:41 -0500
From: Allan Goodall 
Subject: Re: Friendly Fire (Van Meter, RISKS-22.68)

Mr. Van Meter explains that the term "casualty" refers to persons
"killed or injured". This is not correct. Casualties refer to
persons killed, injured, or *missing*.

"Missing" includes anyone whose whereabouts are unknown. The
soldier may have been captured by the enemy, or they may have run away to
-- possibly -- turn up later, or they may have been killed but their
remains hadn't been identified or their remains were unidentifiable.

I agree with Mr. Van Meter that confusion over the term
"casualty" has caused much misinformation. In September 2002, on
the 140th anniversary of the American Civil War battle of Antietam (the
single bloodiest day in American history), CNN Headline News mentioned that
there were 23,000 men killed in the battle. The total casualties were just
less than 23,000, 3600 of whom were killed (though many of the 1700 missing
men were likely dead and buried in unmarked graves, and many of the wounded
would die sometime later). This error is particularly ironic as Ted Turner
is a Civil War buff.

Allan Goodall  agoodall{at}hyperbear.com  http://www.hyperbear.com

--

Date: Sun, 30 Mar 2003 16:41:51 -0500
From: risks{at}Orwellian.Org
Subject: Changing Domain Registration info without verification

I found a reference to a USPS Web site allowing anyone to issue a change of
address via the web in a 1997 issue of RISKS.
  [Actually, it allowed you to print a form that you could mail in.
  See RISKS-19.18 to 19.20.  PGN]

Here's a twist I recently noticed, as conveyed in a message I just sent
Network Solutions:

  I just tried to login to my ******** account for the first time in a long
  time, and it is trying to force me to accept a service agreement before I
  can access my account.

  I don't know if it was in the previous service agreement, but this
  provision is UNACCEPTABLE:

  #  4) You agree that VeriSign is authorized, but not obligated,
  #  to use Coding Accuracy Support System (CASS) certified software
  #  and/or the National Change of Address program (and/or such other
  #  systems or programs as may be recognized by the United States
  #  Postal Service or other international postal authority for
  #  updating and/or standardizing address information) to change
  #  any address information associated with your account (e.g.,
  #  registrant address, billing contact address, etc.), and you agree
  #  that VeriSign may use and rely upon any such changed address
  #  information for all purposes in connection with your account
  #  (including the sending of invoices and other important account
  #  information) as though such changes had been made directly by you. 

  This USPS change-of-address can be done BY ANYBODY WITHOUT VERIFICATION at
  https://moversguide.usps.com/

  I DO NOT authorize that my contact information be changeable by anyone via
  this process. (The USPS site even lets the e-mail address be changed.)

  If you cannot remove this clause from my agreement to service, I will
  transfer my registration to Register.com, which does not have this
  provision.



---