Interesting new covert channel

[Udhay Shankar N]

http://www.firstmonday.dk/issues/issue2_5/rowland/

The TCP/IP protocol suite has a number of weaknesses that allow an attacker
to leverage techniques in the form of covert channels to surreptitiously
pass data in otherwise benign packets. This paper attempts to illustrate
these weaknesses in both theoretical and practical examples.


--
_
http://www.unimobile.com/ http://pobox.com/~udhay
Unimobile - the world's first internet mobile
  Now Live !

Re: GPS and cell phones

[Marc Horowitz]

Lyle Seaman <[EMAIL PROTECTED]> writes:

>> This is e911 service.
>> Much as I dislike government intrusion, I sure would like to have a 
>> device with a button that says "call help and *tell them where I am*"

The question is if the device will tell them *only* when I press the
button.

Marc

GPS and cell phones

[Lenny Foner]

The real question here is, "Is it possible to turn the tracking on
without the user's control or notice?"  This might include phones that
-always- know where they are, or phones that can be remotely commanded
to reveal this information.  Either of these two alternatives are the
real threat, and it's important that work to defuse them focuses on
ensuring that manufacturers are very strongly discouraged from
building in such capabilities to phones (and that any backdoors
installed but not advertised are widely trumpeted by the media).  [1]

http://www.snaptrack.com/pdf/ion.pdf is an interesting technical paper
along these lines.  These guys are proposing a celphone GPS location
service that -requires assistance from the base stations- in computing
a fix.  This assistance greatly decreased the computational load
required to do the computation, and increases the ability of the
receiver to lock on to the GPS signals; the result is a system that
can operate up to 25 dB below where convention GPS's can (hence, it
can work inside buildings), and can compute a fix extremely rapidly
(on the order of a second or so), -but- which requires sufficient help
from the infrastructure that you can be pretty sure it won't simply be
ubiquitously left on for all phones on the network (since the base
stations would collapse under the load).  [2]

Given such a system, you still have to ensure that vendors don't
provide any way -besides- the user pushing the button on the phone for
the phone to start computing continuous or semi-continuous positions,
but at least you've decreased the risk that continuous position
readouts will be the network default.  This at least means that
individuals must be specifically targetted by surveillance, rather
than allowing everyone's positions to retroactively determined at any
time in the future simply by doing a database search.


[1] Yes, position information can be computed crudely using the
existing cellular infrastructure, and can be quite handy for tracking
people surreptitiously given the the political power to influence the
cellular providers---something that is not unreasonable even in many
democracies and downright trivial in any highly-repressive government.
But ~5 meter fixes are something else again---you can use those to
build dossiers of who associates with whom, a terrifyingly powerful
technique for blackmail, intimidation, or simple prosecution (or
worse).  Widespread knowledge that one might be "disappeared" simply
for being near someone who might be a troublemaker could squelch any
political movement very rapidly.  And, of course, the lack of a good
deployed crypto infrastructure means that the targets -must- meet
physically, since they can't trust the security of electronic
communication.  The one bright spot in this scenario, and the reason
for trying to hard to push phone network providers and phone builders
-not- to make it easy to track without users' permission, is that most
repressive governments simply aren't large enough to build their own
tracking infrastructure and must rely on equipment they can buy from
the less repressive governments.  (China may be a notable exception.)
This means that it behooves the less repressive governments to -not-
try to make life easier for the more repressive ones.  [This is one
reason that the US's CALEA is such a bad idea---we are building phone
switches with all the built-in tapping capabilities that any truly
repressive government could want, and we can't exactly export any laws
limiting its use when we export the switch!]

[2] The problem with SnapTrack, of course, is one of its very
features.  Because it's so fast to compute a fix, the GPS portion of
the phone need not be on for more than a second or so (several seconds
from a cold start).  This means that, -if such a phone were able to be
remotely queried-, it would be possible to set something up that could
provide, say, minute-by-minute location information and the user might
not even notice that the battery was running down unusually quickly.
Thus, targetting -particular- individuals would be stealthier than in
a system where the phone must leave its GPS receiver on all the time
(except in systems where -all- phones -always- leave their GPS
receivers on all the time).

Re: GPS and cell phones

[John R Levine]

> This is e911 service.
> Much as I dislike government intrusion, I sure would like to have a 
> device with a button that says "call help and *tell them where I am*"

Me too.  The problem seems to be that the "call help" and "tell them where I
am" functions aren't as closely coupled as we'd like. 

So, how long will it be until the vendors of such fine devices as cellular
ESN tumblers start selling enhancement kits for your cell phone to put the
noise back into the GPS data?  Or maybe some extra noise while they're at it,
I've used my cell phone via a tower 25 miles away, and over salt water I hear
that people routinely talk to towers 100 miles away.  And will the GPS
software on the switch notice if the GPS data wildly disagrees with the
location of the cell, and if so, what will it do? 

Regards,
John Levine, [EMAIL PROTECTED], Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be, http://iecc.com/johnl, Sewer Commissioner
Finger for PGP key, f'print = 3A 5B D0 3F D9 A0 6A A4  2D AC 1E 9E A6 36 A3 47 

Re: Automatic passphrase generation

[Rick Smith]

At 11:42 AM 05/10/2000 +0200, Sergio Tabanelli wrote:
>Perhaps this can be out of topic, but recently I was involved in a
>discussion on metods to generate strong password starting from easy to
>remember word or sentence, there I proposed  to use a private key to encrypt
>easy to remember words. Is this is a valid or applicable metod?
>
>[Ex Nihil, Nihil. If you start with only the universe of easy words,
>the maximum entropy of your passphrase is is limited. Pull, stretch,
>squish and mangle it any way you like -- you cannot increase the
>entropy of something by a deterministic algorithm. You can at best
>obscure it well --Perry]

Perry speaks the truth -- you can't use an algorithm to make a secret word
harder to guess. 

On the other hand, there are strategies to counter particular threats
against passwords containing low entropy (i.e. easy to remember passwords).
If you can control the risk of off-line attacks (i.e. theft of the password
file) then attackers are stuck performing on-line attacks. The system under
attack can usually detect on-line attacks and take countermeasures to
reduce the risk of a successful penetration.

A related strategy is to combine the simple secret with a larger, more
random secret. But this provides better security only if you can keep
attackers from stealing the larger secret. One approach is to embed the
larger secret inside a tamper resistant device like a smart card, and set
up a protocol that doesn't allow the secret to leak out. But there's still
the challenge of protecting the copy of the secret stored on the server.

These alternatives aren't perfect, they just rearrange the risk a bit and
pose different challenges to the attacker. But that's enough protection for
some environments.

Rick.
[EMAIL PROTECTED]

Re: Are these things crypto accellerators? (was Re: Edupage, 8 May 2000)

[Paul Holman]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

IPivot just uses Rainbow cards for crypto acceleration.  Still, I 
don't know what the hell an XML accelerator is.  Sounds like a 
buzzword product to me.

pablos.

>Hi Robert,
>
>Yes, they include crypto acceleration, based on the ssl accelerators that
>Intel got when they bought iPivot.
>Seems like they have added XML support to the two current products in their
>line of network based ssl accelerators, the 7180 and the 7110:
>http://www.intel.com/netstructure/ecommerce_equipment.htm
>
>Patrik
>
>
>At 23:03 2000-05-08  R. A. Hettinga wrote:
>>At 4:44 PM -0600 on 5/8/00, EDUCAUSE wrote:
>>
>>
>>  > INTEL TO INTRODUCE 2 NEW DEVICES
>>  > The new Intel NetStructure 7280 XML Director and 7210 XML
>>  > Accelerator, devices that will make online business transactions
>>  > 150 times faster, will be introduced by the company today.
>>  > The new products are designed to remove a portion of the weight
>>  > carried by network servers, and are intended for use in data
>>  > centers and by application service providers on the Internet.
>>  > The devices are based on XML, a format that is becoming more
>>  > commonly used in business transactions on the Internet for
>>  > structured documents such as invoices and purchase orders.  The
>>  > introduction of the two devices is a continuation of Intel's
>>  > drive to provide e-commerce tools that accelerate business on the
>  > > Web. (New York Times, 8 May 2000)
>  >
- --
Paul Holman
Chief Technologist
Fort Nocs, Inc.

408.861.3970 office
877.834.7723 fax
[EMAIL PROTECTED]

PGP fingerprint: CFBF CC8D 7BC8 FDE3 74BD
  9DB0 88E6 B201 3F5A B569

-BEGIN PGP SIGNATURE-
Version: PGP Personal Privacy 6.5.2
Comment: The magic words are squeamish ossifrage.

iQA/AwUBORmMw4jmsgE/WrVpEQII3wCfUaXdg3XiiSEslFb8hQl9TjSJNRgAoPw1
WCX18MqYRY2Tx+vUxLeWgx4q
=tl44
-END PGP SIGNATURE-

Re: GPS and cell phones

[Lyle Seaman]

This is e911 service.
Much as I dislike government intrusion, I sure would like to have a 
device with a button that says "call help and *tell them where I am*"


[EMAIL PROTECTED] wrote:
> 
> I came across this in my local newspaper and figured it might be of some
> interest.  Earlier, on this thread, I received an email regarding Motorola's
> patents and the government using that information to track cell phones.  It
> seems they have expanded their power a bit:
> 
> "Manufacturers of cellular telephones, who will be required by the Federal
> Communications Commission next year to make sure all cell phones are capable
> of revealing their positions, will benefit from the increased accuracy as
> well."
> -Baltimore Sun (Monday, May 8, 2000)
> 
> The article mentioned accuracy is now around 48 to 60 feet of resolution due
> to the decrypting of civilian GPS signals.
> 
> Bob

Re: SSLeay.Org Still A Trusted Source?

[Eric Young]

"Salz, Rich" wrote:
> 
> SSLeay is dead, long live OpenSSL.
> The domain is now owned by a squatter.
> C'est la vie.
> /r$

Just as an update, I'm looking into seeing if I can do about this.
I feel it should point to a 'historical' SSLeay page if nothing else.

eric (who has just lodged last years tax return, only 10 month late...).
--
[EMAIL PROTECTED]
[EMAIL PROTECTED] (which is why SSLeay is not being developed)

Re: Automatic passphrase generation

[Sergio Tabanelli]

Perhaps this can be out of topic, but recently I was involved in a
discussion on metods to generate strong password starting from easy to
remember word or sentence, there I proposed  to use a private key to encrypt
easy to remember words. Is this is a valid or applicable metod?

[Ex Nihil, Nihil. If you start with only the universe of easy words,
the maximum entropy of your passphrase is is limited. Pull, stretch,
squish and mangle it any way you like -- you cannot increase the
entropy of something by a deterministic algorithm. You can at best
obscure it well --Perry]

Sergio Tabanelli

-Original Message-
From: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED] <[EMAIL PROTECTED]>; [EMAIL PROTECTED]
<[EMAIL PROTECTED]>
Date: martedì 9 maggio 2000 21.46
Subject: Re: Automatic passphrase generation


>-BEGIN PGP SIGNED MESSAGE-
>
>Steve Reid <[EMAIL PROTECTED]> wrote:
>>
>> This is not nearly as good as I had hoped. Does anyone have any
>> suggestions for producing output that is more correct english? I'm
>> wondering if maybe the lexicon I'm using isn't so good. Or maybe my
>> knowledge of sentence structure hmm, with Yoda on par it is.
>
>I tend to favor long passphrases with full meaning taken from real
>works:
> "d God said, Let there be light: and there was light. And God
> saw the light, that it was good: and God divided the light
> from the darkness. And God called the light Day, a"
>
>Obviously, if you know it comes from a book you don't need to random
>try for the key. But still, and if you don't take actual sentences,
>you get a nice number of options (e.g. starting at any word and using
>the next 20-40 ones you'd get ~[size-range] * [number-of-words-in-book
>- - min-size-of-passphrase]). Using partial words would increase options
>proportionately. That's still too little.
>
>But, make it be a bigger number of books and you get a bigger number of
>options.
>
>Use a thesaurus to substitute words by synonyms and increase it (just
>think how many alternate versions of Murphy's law there are around).
>
> "...
> peered the light, that it was fine: & Deity parted the flame
> ..."
>
>Makeing use of alternate (mis)spellings you may further increase
>uncertainty.
>
> "...
> peered the lit; that 'twas fin -- & deity parted the phlame
> ..."
>
>Making its length have greater variability does so even more. Mixing
>various languages (if feasible) helps a bit more...
>
> "...
> vu la lumier; that 'twas fin -- & deity parted the phlame
> ..."
>
>Yet, for automatic generation you are bounded by electronic books,
>which are still relatively few. But there's the Internet with a
>source of electronic text in the form of web pages, e-mail, USENET
>news messages; and there are translation tools, and so on...
>
>Oh, and don't forget acrostics: take the first (or second or...)
>letter/word from a poem and off you go.
>
>So it would run something like
>
> pos = random number between 0 and collection-size
> go to pos in literary-collection
> size = random number between min-len and max-len
> phrase = fetch size characters/words starting at pos
> for every work in phrase
> randomly select synonym in thesaurus
> with probability p = f(x)
> randomly select equivalent in language Y
> with p = f(y)
> randomly select alternate (mis)spelling in
> degenerate thesaurus with p = f(z)
> for every symbol/character in phrase
> randomly select alternate equivalent with p = f(v)
> & so on...
>
>Obviously too, after several transformations you may as well end up
>with a nonsensical sentence. Note that repeating the steps more than
>once will result in sensible meaning drifts (adding to the fun and the
>entropy).
>
>I may be wrong, but my impression is that increasing entropy may not
>be so difficult with long enough (>150 char) fragments.
>
>It may also help producing the passphrase and showing the user the
>process used to develop it so s/he may learn to do it by him/herself.
>
>Just my 2c worth.
>
> j
>
>
>-BEGIN PGP SIGNATURE-
>Version: 2.6.3i
>Charset: noconv
>
>iQEVAwUBORgtvrgsTQLvQjxFAQEzEAf/e1f1OvfBDaOimrPJb3fh75sHm+vxHtmK
>Bo13sYdfd+PF3+c9Cp8oPv00dC68L2XazS4AeWqYJNaIUjeCrI7GwncSxZycKlBa
>UF30PJCWR/pg8fiBva4Ay+kL+6sR5cPtPzjpW/0SeYHyJ6wuxxulhqUt5fR7BsMq
>V/ChQyrV/8jMCmOYILTmcwtgVJ4Zg0mGdNqDbUmIE2bqKwowmc5FosS8GBSQp9mz
>LVouObnZ6qTwO+Pb78YOLLAphA/sA7f6NddWGfqHcEsAm69CtGXM5rUhiw4J6Iyg
>0ezqDzvYSVXNQtZ6pGOMXhMH3D9J2CWHjwrpXXPUlEPPKRlMoZfxhw==
>=rqo8
>-END PGP SIGNATURE-
>

Re: Clinton signs bill to count wiretaps that encounter encryption

[Bill Stewart]

Jaap-Henk Hoepman <[EMAIL PROTECTED]>
>>Any tap on the GSM cell phone will _not_ be on the encrypted over-the-air
>>interface but simply on the plaintext leaving the base station on the fixed
>>network.

Legal wiretaps on cellphones might tap at the base station,
but illegal wiretaps may be  mostly over-the-air.
(It's possible that those won't be included in the official count:-)
However, legal wiretaps can attempt to use over-the-air as well,
especially in the US, and they will probably report encryption there.

Of course, as the GSM folks told Lucky and Ian, it's simply not possible
to crack GSM A5/1 phones in a purely over-the-air attack
In reality it might still be too difficult for the average
police department to crack.  In the US, GSM is rare;
analog and unencrypted digital are the most common formats,
and the standard digital encryption is far weaker than GSM -
the radio effort to follow CDMA or TDMA is more work than the crypto.

At 09:18 PM 05/07/2000 -0400, Arnold G. Reinhold wrote:
>According to the White House press release the test was "encountered 
>encryption" and they could well have counted GSM even if they could 
>get around the encryption as you describe. Declan points out that the 
>law was worded more carefully than the press release, so things are 
>not as bad as I feared. Point for Congress.


Thanks! 
Bill
Bill Stewart, [EMAIL PROTECTED]
PGP Fingerprint D454 E202 CBC8 40BF  3C85 B884 0ABE 4639

GPS and cell phones

[Flanagannn]

I came across this in my local newspaper and figured it might be of some 
interest.  Earlier, on this thread, I received an email regarding Motorola's 
patents and the government using that information to track cell phones.  It 
seems they have expanded their power a bit:

"Manufacturers of cellular telephones, who will be required by the Federal 
Communications Commission next year to make sure all cell phones are capable 
of revealing their positions, will benefit from the increased accuracy as 
well."
-Baltimore Sun (Monday, May 8, 2000)

The article mentioned accuracy is now around 48 to 60 feet of resolution due 
to the decrypting of civilian GPS signals.

Bob

Re: GPS integrity

[Derek Atkins]

Lenny Foner <[EMAIL PROTECTED]> writes:

> As for corrupting the signal, I think that would require a bit more
> work, but I personally think it could be done.  I don't think there is
> any kind of cryptographic integrity protection of GPS signals.
> 
> Not correct.  (And finally relevant to this list!)  Military receivers
> make use of the P(Y) code, which can be -jammed- but not -spoofed-
> unless you already have the relevant keys.  These keys can be rotated
> weekly (they use the concept of "GPS week").  Civilian receivers
> -sometimes- have warnings that all is not right---RAIM alerts on civil
> aviation receivers may warn you that the computed fix seems way off,
> even if the receiver cannot determine what it -should- be, and there
> is a fair bit of research out there for making civilian receivers more
> jamproof.

Unfortunately this doesn't help those of us without military
receivers.  Indeed, I was under the impression that most people here
were interested in the integrity of the C/A signal, as that is pretty
much all most of us mere mortals can read.

As for RAIM, my Garmin GNS430 (spiffy aviation GPS) has RAIM.  Luckily
I've never actually seen the RAIM warning flag.  My understanding of
RAIM matches what's been said before, position information is
heuristically computed and when an anomalous position/speed occurs,
the flag is raised.  Sudden changes in position, altitude, speed, etc.
would set off the flag, taking under consideration that an airplane
would generally not invoke an implulse accelleration :)

However, RAIM is not cryptographically computed (or protected).  Also,
I BELIEVE that if you have a consistent (albeit incorrect) signal,
RAIM will not flag.  Assume there is an impulse from correct to
incorrect signal, and then incorrect signal drifts further and further
off in a "consistent" manner.  RAIM will only notice this at the impulse,
but if you turn on the receiver after the impulse, your RAIM circuitry
wont notice the difference.

Personally, I'd like to see cryptographically signed C/A data...
Maybe this is where elliptic curve would be useful?  Small signature
sizes.

-derek

-- 
   Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
   Member, MIT Student Information Processing Board  (SIPB)
   URL: http://web.mit.edu/warlord/  PP-ASEL  N1NWH
   [EMAIL PROTECTED]PGP key available

Re: GPS integrity

[Steve Cook]

A company called Certified Time offers secure NIST-based time data and has
many unkind things to say about the integrity of GPS time signals. You
might find some useful references among the documents they have posted at
http://www.certifiedtime.com/site/repository/index.html


At 09:24 AM 5/8/00 +0300, [EMAIL PROTECTED] wrote:
>
>
>I'm looking for info on GPS security, specifically, its integrity /
>authentication mechanisms to protect against spoofing.
>This is important since many systems assume GPS is a secure source of time
>and location. (My interest in this began as we are completing paper on
>proactive secure clock synchronization, and figured we ought to compare
>this to the approach of using GPS receivers to provide secure time.)
>
>As recently discussed on this and other lists, the accuracy of commercially
>available (civilian) GPS has recently been improved by the removal of the
>Selective Availability degradation of the Coarse Acquisition (C/A) signal.
>However, after (very limited) digging up some GPS papers/web sites, I
>didn't find any mention of authentication/integrity/anti-spoofing
>mechanisms to the C/A signal. I did find a brief mention that the (still
>encrypted) P/Y signal has some anti-spoofing mechanism; but I didn't see
>any details on how that is done (such details may be confidential).
>
>I'm interested in both the C/A and the P/Y integrity mechanisms. The
>anti-spoofing of the P/Y signal is, to me, more of academical interest. I
>find the C/A signal integrity more interesting as it is available for
>commercial use. How hard is it to spoof it? Is there any real difficulty in
>protecting its integrity ? Or is it protected well?
>
>Thanks for any help/info.
>
>Best Regards,
>Amir Herzberg
>
>IBM Research Lab in Haifa (Tel Aviv Office)
>http://www.hrl.il.ibm.com
>
>
>

GPS integrity

[Lenny Foner]

Date: 09 May 2000 11:14:28 -0400
From: Derek Atkins <[EMAIL PROTECTED]>

I think the answer you will find is that standard GPS is fairly easy
to jam.  The satellite transmissions are fairly weak, which means that
a strong ground-based transmitter on the same set of frequencies could
effectively jam GPS reception.  Indeed, the US military has stated
that they can jam GPS in a region if necessary.

To decrease the jamming power required (this -is- spread spectrum,
after all), it's helpful to have your jammer hop the same way your
receiver will be hopping.  This is pretty easy to do, since your
jammer can trivially figure out the hops by observing the satellites
you can see.  Note also that any outfit that makes GPS's typically
buys test equipment that generates valid but fake GPS signals, which
they use for prototyping, etc.  If one were to put this signal through
an amplifier and an antenna instead of an attenuator and a coax, one
could presumably cause large amounts of mischief with no technical
skill whatsoever.

However, it's pretty easy to be inadvertently jammed, too---standing
anywhere near an active radar will typically raise the noise floor
sufficiently that GPS won't work.  [There is a harbor cruise in Boston
that passes fairly close to Logan's main radar; GPS's lose lock for
about 1km of that passage, -unless- you're standing on the far side of
a large metal structure, such as the chimney for the engines...]  I've
seen reports that as little as 5W, properly applied, can jam GPS for
hundreds of square kilometers (there was a report in Risks a while
back about a test lab that accidentally left their transmitter on for
a few weeks and figured it out from reports of the resultant GPS
outage in their area; I can dig this up if someone cares).

Btw, an excellent book on how GPS works, which goes very in-depth on
technical details, is _GPS Satellite Surveying_, by Alfred Leick.

As for corrupting the signal, I think that would require a bit more
work, but I personally think it could be done.  I don't think there is
any kind of cryptographic integrity protection of GPS signals.

Not correct.  (And finally relevant to this list!)  Military receivers
make use of the P(Y) code, which can be -jammed- but not -spoofed-
unless you already have the relevant keys.  These keys can be rotated
weekly (they use the concept of "GPS week").  Civilian receivers
-sometimes- have warnings that all is not right---RAIM alerts on civil
aviation receivers may warn you that the computed fix seems way off,
even if the receiver cannot determine what it -should- be, and there
is a fair bit of research out there for making civilian receivers more
jamproof.

As an example, consider this message sent to Risks Digest, several
years ago; I remembered it and dug this one specifically out of the
archives, but there may be others which are relevant.

- - - Begin forwarded message - - -

Date: Tue, 3 Sep 1996 20:54:42 -0700
From: [EMAIL PROTECTED] (Jim Easton)
Subject: Warning on the use of GPS

Over the last few weeks I have experienced a series of GPS navigation errors
ranging from minor (triggering RAIM) to as large as 20 miles horizontally
and calculated GPS altitudes of below NEGATIVE 5000' MSL. I have never been
given a NOTAM telling me to expect this performance.

Reading the current issue of AOPA Pilot, I now understand.

* First: Kudos to AOPA for finally telling us what is going on.

The military has been conducting GPS jamming exercises in Southern
California affecting at least the Los Angeles and San Diego areas (that I
have observed) lasting for times up to some 15 minutes (again that I have
observed).

You should note that the vast majority of GPS units flying do NOT have RAIM
and will NOT automatically flag an erroneous GPS position.

I would seriously warn pilots against trusting VFR GPS navigation in
Southern California without cross-checks. Should a RAIM flag go on in an IFR
GPS do NOT assume that because you are receiving lots of healthy satellites
with good signal strength that you can ignore the warning. This is exactly
what you will see when you are receiving jamming.  Look at the calculated
GPS altitude and calculated position error and cross check with any other
available navigation source.

Note that the government has decided to take down LORAN and VORs which will
leave you dead when GPS is jammed. In spite of the absolutely predictable
loss of airplanes and lives that this decision will cause, it is apparently
cast in concrete. I believe that the plan may be to have a multibillion
dollar fix to GPS after all alternative means of navigation have been shut
down and a thousand or so people have been killed by GPS failure.

Jim Easton  4364 Bonita Rd., No. 166  Bonita, CA, 91902-1421
Tel: (619) 548-0138  FAX: (619) 470-8616

- - - End forwarded message - - -