ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
RISKS: US West 10x charges users Houston City Hall voice-mail prank Re: Risks of posting to newsgroups 1992 IEEE Symposium on Research in Security and Privacy Puzzle Boxes: Reply to comments Info on RISKS (comp.risks)
RISKS: US West 10x charges usersHeard on KIRO radio this morning: US West has implemented a new computer system to time long distance calls more closely. The new system, according to US West representatives, will "save long distance customers considerably in the long term." For the short term, however, it will cost them extra. The system breaks calls down to the nearest 6-second period, rather than charging the caller for a full minute when only part was used. However, a programming error caused all bills sent out between July 7th and 10th to be computed at 10 times the normal rate. The error was not discovered until 12 days after the system became active. US West representatives said that "customers who pay the (incorrect) bill will be credited on their next bill."
Houston City Hall voice-mail prankHouston acquired an AT&T telephone system in 1986 for $28M, but configured it with no passwords required for accessing voice mail. Thus, it should not surprise any of you to hear that recently a "prankster intercepted and rerouted confidential telephone messages from voice-mail machines in City Hall, prompting officials to pull the plug on the telephone system." Messages were being delivered to nonintended recipients. [Source: San Francisco Chronicle, 20Jul91, p.A5] [Also noted by Steve Bellovin]
The voice-mail shuffle at City Hall... A few stations even played quick snippets from one message, which appeared to be a kind of verbal "love letter" left for someone. Needless to say, the intended recipient was not the actual recipient. The perpetrator evidently would somehow try to simlulate a message break tone before each misdirected message by whistling a tone on the recording. While some of the redirected messages were, in some people's opinion, harmless, others were matters of City and State affairs, and the ramifications of these messages not being received were more than trivial. Needless to say, the service was down the next day for "upgrade modification". As one newscast put it at the end of their story, "when you leave a message at City Hall, don't leave one you wouldn't want repeated in public." S. Spenser Aden, Lockheed Engineering and Sciences Co. (713) 483-2028 NASA -- Johnson Space Center, Houston -- Flight Data and Evaluation Office
Re: risks of posting to newsgroups
I remember seeing a report that someone was surprised to find out that his
opinion posted to RISKS, a USENET newsgroup, was quoted in a book. I just got
the following message from a mailing list's book review section:
ELECTRONIC MAIL ON CHINA. Vol. 1 (February 18 to June 3, 1989) & Vol. 2 (June
4 to July 4, 1989). Edited by Esbjorn Stahle & Terho Uimonen. Stockholm:
Skifter utgivna av Foreningen for Orientaliska Studier, 1989. pp. 394 & 424.
Reviewed by Zhenqin Li
This two-volume publication is very unusual, in the sense that it is
perhaps the first ever book almost entirely based on articles of a Usenet
newsgroup (soc.culture.china or SCC). It should be of interest to a wide
readership on the computer networks ...
[Li Gong, ORA Corporation, 675 Mass Ave, Cambridge, MA]
1992 IEEE Symposium on Research in Security and Privacy
CALL FOR PAPERS
1992 IEEE Symposium on May 4-6, 1992
Research in Security and Privacy Oakland, California
sponsored by
IEEE Computer Society
Technical Committee on Security and Privacy
in cooperation with
The International Association for Cryptologic Research (IACR)
The purpose of this symposium is to bring together researchers and
developers who work on secure computer systems. The symposium will
address advances in the theory, design, implementation, evaluation and
application of secure computer systems. Papers, panel session
proposals, and position papers are solicited in the following areas:
Secure Systems Privacy Issues Information Flow
Network Security Formal Models Viruses and Worms
Database Security Access Controls Security Verification/Validation
Authentication Data Integrity Auditing & Intrusion Detection
INSTRUCTIONS TO AUTHORS:
Send six copies of your papers, panel session proposals, and position
papers to John McLean, Program Co-Chair, at the address given below.
We provide ``blind'' refereeing. Put names and affiliations of
authors on a separate cover page only. Abstracts, electronic
submissions, late submissions, and papers that cannot be published in
the proceedings will not be accepted. Papers submitted from outside
North America should be sent via Federal Express or other overnight
courier service.
Papers must be received by November 8, 1991 and must not exceed
7500 words. Authors will be required to certify prior to December 20,
1991 that any and all necessary clearances for publication have been
obtained. Authors will be notified of acceptance by January 24, 1992.
Camera-ready copies are due not later than February 28, 1992.
The Symposium will include informal poster sessions. Poster session
papers will appear in a special issue of Cipher that will be published to
coincide with the symposium. Send one copy of your poster session paper
to David Bailey, Cipher editor, at the address given below, by January 31,
1992. Electronic submission of the latex source for poster session papers
is strongly encouraged. Poster session authors must send a certification
with their submittal that any and all necessary clearances for publication
have been obtained.
A limited number of scholarships will be available for student authors.
PROGRAM COMMITTEE
David Bailey, Los Alamos Jeremy Jacob, Oxford John McHugh, UNC
Tom Berson, Anagram Sushil Jajodia, GMU Catherine Meadows, NRL
Martha Branstad, TIS Dale Johnson, MITRE Jon Millen, MITRE
George Dinolt, Loral Paul Karger, OSF Dan Nesset, Livermore
John Dobson, Newcastle Tanya Korelsky, ORA John Rushby, SRI
Jim Gray, NRL Steve Lipner, DEC Ravi Sandhu, GMU
Tom Haigh, SCTC Teresa Lunt, SRI Elizabeth Sullivan, Amdahl
Yacov Yacobi, Bellcore
FOR FURTHER INFORMATION CONCERNING THE SYMPOSIUM, CONTACT:
Deborah Cooper, General Chair John McLean, Program Co-Chair
Unisys Corporation Naval Research Laboratory
5731 Slauson Avenue Code 5543
Culver City, CA 90230 Washington, DC 20375
Tel: (213)338-3727 Tel: (202)767-3852
cooper@culv.unisys.com mclean@itd.nrl.navy.mil
Teresa Lunt, Vice Chair Richard Kemmerer, Program Co-Chair
SRI International, EL245 Computer Science Department
333 Ravenswood Avenue University of California
Menlo Park, CA 94025 Santa Barbara, CA 93106
Tel: (415)859-6106 Tel: (805)893-4232
lunt@csl.sri.com kemm@cs.ucsb.edu
Jeremy Jacob, European Contact David Bailey, Cipher Editor
Oxford Univ. Computing Laboratory USDOE, WQD
11 Keble Road PO Box 5400
Oxford, England OX1 3QD Albuquerque, NM 87115
Tel: +44 865 272562 Tel: (505)845-4600
Fax: +44 865-273839 db@lanl.gov
Jeremy.Jacob@prg.oxford.ac.uk
-----------------------------
Date: Fri, 19 Jul 91 1:17:57 CST
From: Ross Williams
Report problems with the web pages to the maintainer