Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
precedence: bulk
Subject: Risks Digest 32.67

RISKS-LIST: Risks-Forum Digest  Thursday 13 May 2021  Volume 32 : Issue 67

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
  <http://catless.ncl.ac.uk/Risks/32.67>
The current issue can also be found at
  <http://www.csl.sri.com/users/risko/risks.txt>

  Contents:
Colonial Pipeline not likely to pay millions in ransom demanded by hackers
  (CNN Politics)
A Closer Look at the DarkSide Ransomware Gang (Krebs on Security)
Look who's hiring at Colonial (Richard Forno)
Ransomware Gang Leaks Metropolitan Police Data After Failed Negotiations
  (The Hacker News)
Fact Sheet on Biden Cybersecurity EO (The White House)
ICAO Updates Effort To Clean Up NOTAM 'Garbage' (AVweb)
Covid pandemic was preventable, says WHO-commissioned report (Sarah Boseley)
Dark Web Getting Loaded With Bogus Covid-19 Vaccines and Forged Cards
  (The Hacker News)
Re: Marvin Minsky hacked? (Martin Ward0
Re: A mom panicked when her 4-year-old bought $2,600 in SpongeBob Popsicles
  (Bernie Cosell, Martin Ward)
Re: I have been pwned! -- but not really (DJC)
Cybersecurity, Nuclear Weapon Systems and Strategic Stability: Webinar
  (Diego Latella)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Thu, 13 May 2021 15:22:34 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Colonial Pipeline not likely to pay millions in ransom demanded by
  hackers (CNN Politics)

  [Spoiler Alert: The subject line is FALSE.
https://www.bloomberg.com/news/articles/2021-05-13/colonial-pipeline-paid-hackers-nearly-5-million-in-ransom
  PGN]

Meanwhile, new details are emerging about Colonial's decision to proactively
shut down its pipeline last week, a move that has led to panic buying and
massive lines at the gas pump.
https://www.cnn.com/2021/05/12/politics/colonial-pipeline-ransomware-payment/index.html

The company halted operations because its billing system was compromised,
three people briefed on the matter told CNN, and they were concerned they
wouldn't be able to figure out how much to bill customers for fuel they
received.

One person familiar with the response said the billing system is central to
the unfettered operation of the pipeline. That is part of the reason getting
it back up and running has taken time, this person said.

Asked about whether the shutdown was prompted by concerns about payment, the
company spokesperson said, "In response to the cybersecurity attack on our
system, we proactively took certain systems offline to contain the threat,
which temporarily halted all pipeline operations, and affected some of our
IT systems."

At this time, there is no evidence that the company's operational technology
systems were compromised by the attackers, the spokesperson added.

https://www.cnn.com/2021/05/12/politics/colonial-pipeline-ransomware-payment/index.html

------------------------------

Date: Thu, 13 May 2021 11:40:28 -1000
From: geoff goodfellow <geoff@iconia.com>
Subject: A Closer Look at the DarkSide Ransomware Gang (Krebs on Security)

Here's a closer look at DarkSide, the relatively new ransomware-as-a-service
platform that's been holding 5,500 miles of fuel pipeline hostage. Story
includes negotiations btwn DarkSide & a $15B victim that recently negotiated
a $30M demand down to $11M.

https://krebsonsecurity.com/2021/05/a-closer-look-at-the-darkside-ransomware-gang/

------------------------------

Date: Thu, 13 May 2021 10:50:25 -0400
From: Richard Forno <rforno@infowarrior.org>
Subject: Look who's hiring at Colonial

(via RSK's list)

You can't make this stuff up.

> Cyber Security Manager At Colonial Pipeline
> https://www.daybook.com/jobs/jDuPoWB4gbFMpS8x5
> Date Posted: May 12th 2021
> Location: Atlanta GA, USA
>
> This appears to have been written quickly, because parts of the corporate
> boilerplate are repeated.  Let's get to the good stuff:

>   "As the Manager, Cyber Security, you are accountable for managing a team
>   of cyber security certified subject matter experts and specialists >
>   including but not limited to network security engineers, SCADA & field >
>   controls network engineers and a cyber security architect. As the
>   Manager, > you will lead the development of the enterprise strategy for
>   > cybersecurity; will oversee the development of standards and processes
>   for > cyber security; lead the recovery from security incidents; and
>   guide > forensics of incidents. You are someone who has an understanding
>   of > emerging security threats in order to design security policies and
>   > procedures to mitigate threats where possible."

> I can't decide who's having a worse month: the person who until recently
> held this position, or the person who will next occupy it.

------------------------------

Date: Wed, 12 May 2021 09:06:48 -1000
From: geoff goodfellow <geoff@iconia.com>
Subject: Ransomware Gang Leaks Metropolitan Police Data After Failed
  Negotiations (The Hacker News)

The cybercrime syndicate behind Babuk ransomware has leaked more personal
files belonging to the Metropolitan Police Department (MPD) after
negotiations with the DC Police broke down, warning that they intend to
publish all data if their ransom demands are not met.

"The negotiations reached a dead end, the amount we were offered does not
suit us, we are posting 20 more personal files on officers, you can download
this archive, the password will be released tomorrow. if during tomorrow
they do not raise the price, we will release all the data," the gang said in
a statement on their data leak site.

"You still have the ability to stop it," it added.

The Babuk group is said to have stolen 250GB of data
<https://thehackernews.com/2021/04/hackers-threaten-to-leak-dc-police.html>,
including investigation reports, arrests, disciplinary actions, and other
intelligence briefings.

Like other ransomware platforms, DarkSide adheres to a practice called
double extortion, which involves demanding money in return for unlocking
files and servers encrypted by the ransomware, as well as for not leaking
any data stolen from the victim prior to cutting off access to them.

"We are some kind of a cyberpunks, we randomly test corporate networks
security and in case of penetration, we ask money, and publish the
information about threats and vulnerabilities we found, in our blog if
company doesn't want to pay," the group describes itself on the dark web
site, calling its attacks an "audit."

Screenshots shared by the Babuk group, and seen by The Hacker News, reveal
that the data was published after the amount DC Police was willing to pay
did not match their ransom amount of $4 million. The MPD has allegedly
offered $100,000 to fend off the release of stolen information.   [...]

https://thehackernews.com/2021/05/ransomware-gang-leaks-metropolitan.html

------------------------------

Date: May 13, 2021 20:55:48 JST
From: Richard Forno <rforno@infowarrior.org>
Subject: Fact Sheet on Biden Cybersecurity EO (The White House)

  via Dave Farber

https://www.whitehouse.gov/briefing-room/statements-releases/2021/05/12/fact-sheet-president-signs-executive-order-charting-new-course-to-improve-the-nations-cybersecurity-and-protect-federal-government-networks/

FACT SHEET: President Signs Executive Order Charting New Course to Improve
the Nation's Cybersecurity and Protect Federal Government Networks
12 May 2021

Today, President Biden signed an Executive Order to improve the nation's
cybersecurity and protect federal government networks. Recent cybersecurity
incidents such as SolarWinds, Microsoft Exchange, and the Colonial Pipeline
incident are a sobering reminder that U.S. public and private sector
entities increasingly face sophisticated malicious cyber activity from both
nation-state actors and cyber criminals. These incidents share
commonalities, including insufficient cybersecurity defenses that leave
public and private sector entities more vulnerable to incidents.=20

This Executive Order makes a significant contribution toward modernizing
cybersecurity defenses by protecting federal networks, improving
information-sharing between the U.S. government and the private sector on
cyber issues, and strengthening the United States' ability to respond to
incidents when they occur.  It is the first of many ambitious steps the
Administration is taking to modernize national cyber defenses.  However, the
Colonial Pipeline incident is a reminder that federal action alone is not
enough. Much of our domestic critical infrastructure is owned and operated
by the private sector, and those private sector companies make their own
determination regarding cybersecurity investments. We encourage private
sector companies to follow the Federal government's lead and take ambitious
measures to augment and align cybersecurity investments with the goal of
minimizing future incidents.

Specifically, the Executive Order the President is signing today will:

Remove Barriers to Threat Information Sharing Between Government and the
Private Sector. The Executive Order ensures that IT Service Providers are
able to share information with the government and requires them to share
certain breach information. IT providers are often hesitant or unable to
voluntarily share information about a compromise.  Sometimes this can be due
to contractual obligations; in other cases, providers simply may be hesitant
to share information about their own security breaches. Removing any
contractual barriers and requiring providers to share breach information
that could impact Government networks is necessary to enable more effective
defenses of Federal departments, and to improve the Nation's cybersecurity
as a whole.

Modernize and Implement Stronger Cybersecurity Standards in the Federal
Government. The Executive Order helps move the Federal government to secure
cloud services and a zero-trust architecture, and mandates deployment of
multifactor authentication and encryption with a specific time
period. Outdated security models and unencrypted data have led to
compromises of systems in the public and private sectors. The Federal
government must lead the way and increase its adoption of security best
practices, including by employing a zero-trust security model, accelerating
movement to secure cloud services, and consistently deploying foundational
security tools such as multifactor authentication and encryption.

Improve Software Supply Chain Security. The Executive Order will improve the
security of software by establishing baseline security standards for
development of software sold to the government, including requiring
developers to maintain greater visibility into their software and making
security data publicly available. It stands up a concurrent public-private
process to develop new and innovative approaches to secure software
development and uses the power of Federal procurement to incentivize the
market. Finally, it creates a pilot program to create an ``energy star''
type of label so the government =93 and the public at large =93 can quickly
determine whether software was developed securely. Too much of our software,
including critical software, is shipped with significant vulnerabilities
that our adversaries exploit. This is a long-standing, well-known problem,
but for too long we have kicked the can down the road. We need to use the
purchasing power of the Federal Government to drive the market to build
security into all software from the ground up.

Establish a Cybersecurity Safety Review Board. The Executive Order
establishes a Cybersecurity Safety Review Board, co-chaired by government
and private sector leads, that may convene following a significant cyber
incident to analyze what happened and make concrete recommendations for
improving cybersecurity. Too often organizations repeat the mistakes of the
past and do not learn lessons from significant cyber incidents. When
something goes wrong, the Administration and private sector need to ask the
hard questions and make the necessary improvements. This board is modeled
after the National Transportation Safety Board, which is used after airplane
crashes and other incidents.

Create a Standard Playbook for Responding to Cyber Incidents. The Executive
Order creates a standardized playbook and set of definitions for cyber
incident response by federal departments and agencies. Organizations cannot
wait until they are compromised to figure out how to respond to an
attack. Recent incidents have shown that within the government the maturity
level of response plans vary widely. The playbook will ensure all Federal
agencies meet a certain threshold and are prepared to take uniform steps to
identify and mitigate a threat.  The playbook will also provide the private
sector with a template for its response efforts.

Improve Detection of Cybersecurity Incidents on Federal Government
Networks. The Executive Order improves the ability to detect malicious cyber
activity on federal networks by enabling a government-wide endpoint
detection and response system and improved information sharing within the
Federal government. Slow and inconsistent deployment of foundational
cybersecurity tools and practices leaves an organization exposed to
adversaries. The Federal government should lead in cybersecurity, and
strong, Government-wide Endpoint Detection and Response (EDR) deployment
coupled with robust intra-governmental information sharing are essential.

Improve Investigative and Remediation Capabilities. The Executive Order
creates cybersecurity event log requirements for federal departments and
agencies. Poor logging hampers an organization's ability to detect
intrusions, mitigate those in progress, and determine the extent of an
incident after the fact.  Robust and consistent logging practices will solve
much of this problem.

------------------------------

Date: Wed, 12 May 2021 20:15:27 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: ICAO Updates Effort To Clean Up NOTAM 'Garbage' (AVweb)

“(NOTAMs) are just a bunch of garbage that nobody pays any attention to,”
said NTSB Chairman Robert Sumwalt during the 2018 hearing on the infamous
Air Canada incident, in which pilots missed a critical piece of
information. Unnoticed on page eight of a 27-page briefing package was the
fact that one of the destination airport’s two runways was closed.  [...]

Finally, the organization suggests updating the format of NOTAMs to make
them more reader-friendly. Australian Federation of Air Pilots Safety and
Technical Director Stuart Beveridge said, “So, we’ve actually suggested they
move into the 21st century and look at upper and lower case, punctuation,
plain standardized language, and time formats that are not just strings of
numbers.”

https://www.avweb.com/aviation-news/icao-updates-effort-to-clean-up-notam-garbage/

------------------------------

Date: May 13, 2021 7:09:01 JST
From: Dewayne Hendricks <dewayne@warpspeed.com>
Subject: Covid pandemic was preventable, says WHO-commissioned report
  (Sarah Boseley)

  [Note:  This item comes from reader Randall Head.  DLH]  <via Dave Farber>

Sarah Boseley, *The Guardian*, May 12 2021 Covid pandemic was preventable,
says WHO-commissioned report Independent panel castigates global leaders and
calls for major changes to ensure it cannot happen again

<https://www.theguardian.com/world/2021/may/12/covid-pandemic-was-preventable-says-who-commissioned-report>

The Covid pandemic was a preventable disaster that need not have cost
millions of lives if the world had reacted more quickly, according to an
independent high-level panel, which castigates global leaders and calls for
major changes to bring it to an end and ensure it cannot happen again.

The report of the panel, chaired by the former New Zealand prime minister
Helen Clark and Ellen Johnson Sirleaf, a former president of Liberia, found
``weak links at every point in the chain''.

It said preparation was inconsistent and underfunded, the alert system too
slow and too meek, while the World Health Organization was underpowered. It
concluded the response had exacerbated inequalities. ``Global political
leadership was absent,'' the report said.

Clark described February 2020 as ``a month of lost opportunity to avert a
pandemic, as so many countries chose to wait and see''.

``For some, it wasn't until hospital ICU beds began to fill that more action
was taken,'' she said. ``And by then it was too late to avert the pandemic
impact. What followed then was a winner takes all scramble for PPE and
therapeutics. Globally, health workers were tested to their limits and the
rates of infection, illness and death soared and continue to soar.''

Sirleaf said: ``The situation we find ourselves in today could have been
prevented. An outbreak of a new pathogen, Sars CoV-2 became a catastrophic
pandemic that has now killed more than 3.25 million people, and continues to
threaten lives and livelihoods all over the world. It is due to a myriad of
failures, gaps and delays in preparedness and response. This was partly due
to failure to learn from the past.''

Urgent action must be taken, she said. ``There are many reviews of previous
health crises that include sensible recommendations. Yet, they sit gathering
dust in UN basements and on government shelves =A6 Our report shows that
most countries of the world were simply not prepared for a pandemic.''

The report was commissioned by the WHO director general at the instigation
of member states, who called at the World Health Assembly in May last year
for an impartial review of what happened and what could be learned from the
pandemic.

The panel calls for radical changes to bring heads of state together to
oversee pandemic preparations, ensuring the finance and tools the world
needs are in place. They want a faster-moving, better-resourced WHO. And
they want a commitment now from leaders of affluent countries to supply
vaccines for the rest of the world.

The report says the Chinese detected and identified the new virus promptly
when it emerged at the end of 2019 and gave warnings that should have been
heeded.

``When we look back to that period in late December, 2019, clinicians in
Wuhan acted quickly when they recognised individuals in a cluster of
pneumonia cases that were not normal,'' said Sirleaf.

An alert was sent out in Wuhan about a potentially new virus, which was
``picked up quickly by neighbouring areas, countries, the media =93 on an
online disease reporting site =93 and by the WHO,'' she said.

``This shows the benefit and speed of open-source reporting, but then the
systems that were meant to validate and respond to this alert were too
slow. The alert system does not operate with sufficient speed when faced
with a fast-moving respiratory pathogen.''

The WHO ``was hindered and not helped by the international health
regulations and procedures'', said Clark. The regulations that govern when
the WHO can declare a public health emergency of international concern were
adopted in 2007. They bind WHO to confidentiality and verification,
preventing rapid action, and prohibit countries from unnecessarily closing
their borders against trade.

Every day counts, said the panel, which believes the emergency could have
been declared by 22 January, instead of 30 January, as happened.

During ``the lost month'' of February, countries should have been preparing.
Some did and have suffered far less than those that did not. ``Countries
with the ambition to aggressively contain and stop the spread whenever and
wherever it occurs have shown that this is possible,'' says the report.

Some countries ``devalued and debunked'' the science, denying the severity
of the disease. ``This has had deadly consequences,'' said Clark. ``This has
been compounded by a lack of global leadership and coordination of
geopolitical tensions and nationalism weakening the multilateral system,
which should act to keep the world safe.''

The report recommends the creation of a ``global health threats council'',
to be led by heads of state, to keep attention on the threats of pandemics
between emergencies and ensure collective action. It calls for a special
session of the UN general assembly later this year to agree a political
declaration. The WHO must have more power and more funding, while its
regional directors and the director general should serve just a single term
of seven years.

The panel says it is ``deeply concerned and alarmed'' about the current high
rates of transmission of the virus and the emergence of variants. Every
country must take the necessary measures to curb the spread, says the
report. High-income countries with enough vaccines ordered for their own
needs must commit to providing at least 1bn doses by 1 September to Covax,
the UN-backed initiative to get vaccines to 92 low- and middle-income
countries, and more than 2bn doses by mid-2022.

------------------------------

Date: Thu, 13 May 2021 01:06:23 -1000
From: geoff goodfellow <geoff@iconia.com>
Subject: Dark Web Getting Loaded With Bogus Covid-19 Vaccines and Forged
  Cards (The Hacker News)

Bogus COVID-19 test results, fraudulent vaccination cards, and questionable
vaccines are emerging a hot commodity on the dark web in what's the latest
in a long list of cybercrimes capitalizing
<https://thehackernews.com/2020/12/hackers-targeting-companies-involved-in.html>
on the coronavirus
<https://thehackernews.com/2020/12/north-korean-hackers-trying-to-steal.html>
pandemic.

"A new and troubling phenomenon is that consumers are buying COVID-19
vaccines on the black market due to the increased demand around the world,"
said
<https://www.mcafee.com/blogs/other-blogs/mcafee-labs/fools-gold-questionable-vaccines-bogus-results-and-forged-cards/>
Anne An, a senior security researcher at McAfee's Advanced Programs Group
(APG).  "As a result, illegal COVID-19 vaccines and vaccination records are
in high demand on darknet marketplaces."

The growing demand and the race towards achieving herd immunity means at
least a dozen underground marketplaces are peddling COVID-19 related
merchandise, with Pfizer-BioNTech vaccines purchasable for $500 per dose
from top-selling vendors who rely on services like Wickr, Telegram,
WhatsApp, and Gmail for advertising and communications.

Darknet listings for the supposed vaccines are being sold for anywhere
between $600 to $2,500, enabling prospective buyers to receive the product
within two to 10 days. A second vendor has been identified as selling 10
doses of what's purportedly Moderna COVID-19 vaccine for $2,000. The
vaccines are said to be either imported from the U.S. or packed in the U.K.
and then shipped to other countries worldwide.

What's more, fake vaccination cards allegedly issued by the U.S. Centers for
Disease Control and Prevention (CDC) are available starting for $50 and
going all the way to $1,500. Likewise, another unnamed seller on a different
dark web market is offering counterfeit German COVID-19 certificates for a
mere $22.35.  [...]

https://thehackernews.com/2021/05/dark-web-getting-loaded-with-bogus.html

------------------------------

Date: Thu, 13 May 2021 14:43:37 +0100
From: Martin Ward <martin@gkc.org.uk>
Subject: Re: Marvin Minsky hacked? (THVV, RISKS-32.66)

A "Universal Turing Machine" is a machine that simulates an arbitrary Turing
machine on arbitrary input: in other words it is designed to execute
arbitrary code.

So a "hack" which allows arbitrary code execution is just the machine
running as designed.

------------------------------

Date: Wed, 12 May 2021 15:49:45 -0400
From: "Bernie Cosell" <cosell@alum.mit.edu>
Subject: Re: A mom panicked when her 4-year-old bought $2,600 in SpongeBob
  Popsicles (RISKS-32.65)

Easy enough to find other stories about it:

https://www.msn.com/en-us/news/world/boy-accidentally-orders-2600-worth-of-spongebob-ice-cream-online

Seems that he used his Mom's Amazon account and it was probably set up with
her credit card.

  [Richard Stein suggested
   https://www.hawaiinewsnow.com/2021/05/10/boy-secretly-orders-more-than-spongebob-popsicles-amazon/
  PGN'

------------------------------

Date: Thu, 13 May 2021 15:02:46 +0100
From: Martin Ward <martin@gkc.org.uk>
Subject: Re: A mom panicked when her 4-year-old bought $2,600 in SpongeBob,
  Popsicles (RISKS-32.65)

Install the NoScript Firefox extension and ensure that
washingtonpost.com is blocked. You can then read all the articles
without the annoying popup asking you to subscribe or login.

------------------------------

Date: Thu, 13 May 2021 12:11:50 +0200
From: DJC <djc@resiak.org>
Subject: Re: I have been pwned! -- but not really (Slade, RISKS-32.65)

My Gmail account -- which I use rather little -- gets lots of mail intended
for others with my name.  People enter their own addresses wrong (should be
my.name.DIGITS@gmail.com, but they enter my.name@gmail.com) or they're
transcribed wrong... the whole mess.

I've gotten personal notes to friends and spouses, diplomatic mail,
invitations to job interviews (and their outcomes), work documents, health
records, meeting notices, lots of invoices and bills, invitations to
parties, you name it, including evidence of many scams.  Plus signup
confirmation requests for Facebook and other channels.

Where they look harmless I often write to the senders let them know.
They're often clueless.  Occasionally someone thanks me, but they're
sometimes angry:

     How did you get my address, you *%%#@! (ranting on...)

     If it wasn't for you, why did you read it, stupid?

     Why are you bothering me about this?

Where I see a scam in action I usually try to interrupt it.  (I hope those
people had a long wait and got proper attention when they arrived at the
airport to make a flight paid for with a stolen credit card -- not mine, but
email confirmation to me -- and found that their travel had been canceled.
They wouldn't have known about the cancellation, which I handled personally,
because the confirmation came to me only the day before the flight.)

At worst, it's a temporary bother, and at best a source of innocent merriment.

------------------------------

Date: Thu, 13 May 2021 14:02:08 +0200
From: "Diego.Latella" <diego.latella@isti.cnr.it>
Subject: Cybersecurity, Nuclear Weapon Systems and Strategic Stability:
  Webinar

Thursday 27 May 2021 at 5:30 pm (CEST)

* Antonello Provenzale, President - Area della Ricerca CNR di Pisa
  Diego Latella, CNR-ISTI (IT)

* Cyber-security and Critical Infrastructures, a Global Challenge
  Domenico Laforenza, CNR-IIT (IT)

* Strategic Stability and Cyber and Space Dependency in Nuclear Assets
  Beyza Unal, Chatham House (UK)

The webinar is organised by

Gruppo Interdisciplinare su Scienza, Tecnologia e Società (GI-STS) dell'Area
della Ricerca di Pisa del CNR

In cooperation with

Areaperta - Area della Ricerca CNR di Pisa
Centro Interdisciplinare Scienze per La Pace dell'Università di Pisa
Istituto di Biofisica del CNR
Istituto di Scienza e Tecnologie dell'Informazione ``A. Faedo'' del CNR
Laboratorio Informatica e Società del CINI
Pugwash Conferences on Science and World Affairs
Unione degli Scienziati Per Il Disarmo

Under the auspices of La Nuova Limonaia, Rete Università per la Pace
https://us02web.zoom.us/j/85979020637?pwd=ZmNMbWxoVllXUmxBVUw4TllXZFBVdz09

------------------------------

Date: Mon, 1 Aug 2020 11:11:11 -0800
From: RISKS-request@csl.sri.com
Subject: Abridged info on RISKS (comp.risks)

 The ACM RISKS Forum is a MODERATED digest.  Its Usenet manifestation is
 comp.risks, the feed for which is donated by panix.com as of June 2011.
=> SUBSCRIPTIONS: The mailman Web interface can be used directly to
 subscribe and unsubscribe:
   http://mls.csl.sri.com/mailman/listinfo/risks

=> SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that
   includes the string `notsp'.  Otherwise your message may not be read.
 *** This attention-string has never changed, but might if spammers use it.
=> SPAM challenge-responses will not be honored.  Instead, use an alternative
 address from which you never send mail where the address becomes public!
=> The complete INFO file (submissions, default disclaimers, archive sites,
 copyright policy, etc.) is online.
   <http://www.CSL.sri.com/risksinfo.html>
 *** Contributors are assumed to have read the full info file for guidelines!

=> OFFICIAL ARCHIVES:  http://www.risks.org takes you to Lindsay Marshall's
    searchable html archive at newcastle:
  http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
  Also, ftp://ftp.sri.com/risks for the current volume/previous directories
     or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
  If none of those work for you, the most recent issue is always at
     http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-32.00
  ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
 *** NOTE: If a cited URL fails, we do not try to update them.  Try
  browsing on the keywords in the subject line or cited article leads.
  Apologies for what Office365 and SafeLinks may have done to URLs.
==> Special Offer to Join ACM for readers of the ACM RISKS Forum:
    <http://www.acm.org/joinacm1>

------------------------------

End of RISKS-FORUM Digest 32.67
************************