31 Years of the Digest ... founded August 21, 1981
The Telecom Digest for November 7, 2012
====== 31 years of TELECOM Digest -- Founded August 21, 1981 ======
Telecom and VOIP (Voice over Internet Protocol) Digest for the
Internet. All contents here are copyrighted by Bill Horne and
the individual writers/correspondents. Articles may be used in other
journals or newsgroups, provided the writer's name and the Digest are
included in the fair use quote. By using any name or email address
included herein for any reason other than responding to an article
herein, you agree to pay a hundred dollars to that person, or email address
Addresses herein are not to be added to any mailing list, nor to be sold or given away without the explicit written consent of the owner of that address. Chain letters, viruses, porn, spam, and miscellaneous junk are definitely unwelcome.
We must fight spam for the same reason we fight crime: not because we are naive enough to believe that we will ever stamp it out, but because we do not want the kind of world that results when no one stands against crime. - Geoffrey Welsh
See the bottom of this issue for subscription and archive details and the name of our lawyer, and other stuff of interest.
Date: Tue, 6 Nov 2012 08:45:11 -0400 From: Monty Solomon <email@example.com> To: firstname.lastname@example.org. Subject: Risky business: New Jersey to allow e-mail voting in storm's wake Message-ID: <email@example.com> Risky business: New Jersey to allow e-mail voting in storm's wake Any Internet or e-mail voting scheme is prone to hacking, experts warn. by Timothy B. Lee Nov 5 2012 Ars Technica http://arstechnica.com/tech-policy/2012/11/risky-business-new-jersey-to-allow-e-mail-voting-in-storms-wake/ -or- http://goo.gl/YGswB
Date: Tue, 06 Nov 2012 09:18:52 -0500 From: Bill Horne <bill@horneQRM.net> To: firstname.lastname@example.org. Subject: Re: Internet Voting in the U.S. Message-ID: <email@example.com> On 11/5/2012 6:01 PM, John Levine wrote: >> Telecom Digest Moderator wrote: >>> When the authors say "no email program in widespread use today >>> provides direct support for encrypted email", I think they're >>> wrong. ... > > Outlook and Outlook Express support S/MIME, but I would estimate that > 0.001% of users actually have a certificate configured, so in practice > the other 99.999% don't do encrypted mail. You're right, of course, but the authors of the ACM paper said that there's no "Direct support for encrypted email", and that's a different thing. I don't know if they were simply misinformed, or if they consider "direct support" to be something other than what is available, but I think the paper is inaccurate on this point. Bill, who has to go choose between the Neanderthal and the Cro-Magnon candidates for office. -- Bill Horne (Remove QRM from my address to write to me directly)
Date: Tue, 6 Nov 2012 08:45:11 -0400 From: Monty Solomon <firstname.lastname@example.org> To: email@example.com. Subject: A Fort Knox for Web crypto keys: Inside Symantec's SSL certificate vault Message-ID: <firstname.lastname@example.org> A Fort Knox for Web crypto keys: Inside Symantec's SSL certificate vault Storing the keys at the heart of encrypted Web communications is no simple task. by Dan Goodin Nov 5 2012 Ars Technica http://arstechnica.com/security/2012/11/inside-symantecs-ssl-certificate-vault/ ***** Moderator's Note ***** Back when PKI was supposed to solve all the Internet's problems, I went to the trouble of becoming a Thawte Notary, which entitled me to charge a fee for affirming the identities of those applying for digital identity certificates. I think I certified three people in the years the program was active: Thawte was eventually absorbed (by Verisign, IIRC) and the program terminated. Bill Horne Moderator
Date: Tue, 6 Nov 2012 08:45:11 -0400 From: Monty Solomon <email@example.com> To: firstname.lastname@example.org. Subject: Wi-Fi chips in phones, tablets, vulnerable to DoS attack Message-ID: <email@example.com> Wi-Fi chips in phones, tablets, vulnerable to DoS attack Summary: A vulnerability discovered in two Wi-Fi chipsets has placed a number of wireless devices at risk of a denial-of-service attack. By Michael Lee October 25, 2012 ZDNet http://www.zdnet.com/wi-fi-chips-in-phones-tablets-vulnerable-to-dos-attack-7000006352/ ***** Moderator's Note ***** All anyone has to do to conduct a DDOS attack on an 802.11N network is pick up a 2.4GHz corless phone and dial a number. It's a radio signal, after all, and radios can be jammed. Bill Horne Moderator
Date: 6 Nov 2012 16:00:57 -0500 From: firstname.lastname@example.org (Scott Dorsey) To: email@example.com. Subject: Re: When Hacking Was in Its Infancy Message-ID: <firstname.lastname@example.org> >If kids in high school were "breaking into master accounts" in 1970, >I'd like to see the news reports and/or court records that show >it. These vague claims don't cut it. > >Bill Horne >Moderator I refuse to answer on the grounds that it may incriminate me, but suffice it to say that things like password protection, proper disposal of printouts and the like were once uncommon. There was a day when people's passwords would be echoed back on the teletype when they entered them, and their session would be printed out and left in the terminal room. Or it would be printed on their JOB card which was left unattended on the top of their deck in a bin. Or someone would call up a remote computer which did not have proper modem control, to discover themselves in the middle of someone else's existing session. Or they would notice that at a particular site the default password for any account was the account name spelled backwards and that the default passwords that came with the OS were still set so OPERATOR/OPERATOR got you a prompt. --scott -- "C'est un Nagra. C'est suisse, et tres, tres precis."
Date: 6 Nov 2012 16:01:39 -0500 From: email@example.com (Scott Dorsey) To: firstname.lastname@example.org. Subject: Re: When Hacking Was in Its Infancy Message-ID: <email@example.com> HAncock4 <firstname.lastname@example.org> wrote: > >A year or so later the school district got an HP-2000 machine for >BASIC timesharing which was supposedly hacker proof since chief >executive functions were performed only by the computer's console, not >by any account. However, the kids discovered a glitch in the software >in which they could cause the computer to crash and shut down, and >crashed it from time to time. The school district was not amused >because service was disrupted. The kids were caught and punished, but >again it was handled internally. Let me guess, it was running MONTANA BASIC.... --scott -- "C'est un Nagra. C'est suisse, et tres, tres precis."
TELECOM Digest is an electronic journal devoted mostly to telecom- munications topics. It is circulated anywhere there is email, in addition to Usenet, where it appears as the moderated newsgroup 'comp.dcom.telecom'. TELECOM Digest is a not-for-profit, mostly non-commercial educational service offered to the Internet by Bill Horne. All the contents of the Digest are compilation-copyrighted. You may reprint articles in some other media on an occasional basis, but please attribute my work and that of the original author. The Telecom Digest is moderated by Bill Horne.
43 Deerfield Road
Sharon MA 02067-2301
bill at horne dot net
This Digest is the oldest continuing e-journal about telecomm- unications on the Internet, having been founded in August, 1981 and published continuously since then. Our archives are available for your review/research. We believe we are the oldest e-zine/mailing list on the internet in any category! URL information: http://telecom-digest.org Copyright (C) 2012 TELECOM Digest. All rights reserved. Our attorney is Bill Levant, of Blue Bell, PA.
Finally, the Digest is funded by gifts from generous readers such as yourself who provide funding in amounts deemed appropriate. Your help is important and appreciated. A suggested donation of fifty dollars per year per reader is considered appropriate. See our address above. Please make at least a single donation to cover the cost of processing your name to the mailing list. All opinions expressed herein are deemed to be those of the author. Any organizations listed are for identification purposes only and messages should not be considered any official expression by the organization.