Subject: RISKS DIGEST 12.06 REPLY-TO: risks@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Tuesday 16 July 1991 Volume 12 : Issue 06 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Bay-Area Long-Distance Service Disrupted (again!) Computer Showers a Briton with Gifts (Henry Cate III via Mark Brader&rec.humor) Computer "assistance" in the UK Grand Prix (Brian Randell) Re: auto telemetry records (Erik Nilsson) Free [Canadian] Money? (Mark Batten) Nitwit ideas (Niven and Pournelle) (Clive Feather) Puzzle boxes for critical device interfacing (Ross Williams) U.S. Electronic Data Move Challenged on Privacy Issue (NYT via Jeff Helgesen) NPTN Infosphere Report (Sue Anderson) Re: Risks of Posting to RISKS (Chuck Dunlop) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line. Others ignored! REQUESTS to RISKS-Request@CSL.SRI.COM. For vol i issue j, type "FTP CRVAX.SRI.COMlogin anonymousAnyNonNullPW CD RISKS:GET RISKS-i.j" (where i=1 to 12, j always TWO digits). Vol i summaries in j=00; "dir risks-*.*" gives directory; "bye" logs out. The COLON in "CD RISKS:" is essential. "CRVAX.SRI.COM" = "128.18.10.1". =CarriageReturn; FTPs may differ; UNIX prompts for username, password. ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. Relevant contributions may appear in the RISKS section of regular issues of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise. ---------------------------------------------------------------------- Date: Tue, 16 Jul 91 9:08:41 PDT From: "Peter G. Neumann" Subject: Bay-Area Long-Distance Service Disrupted (again!) At 9:29am on 15 July, a US Sprint fiber-optic cable was cut by a construction crew working at Tassajara Road near Interstate 580 in the SanFrancisco/Oakland East-Bay area. Repairs were completed 3.5 hours later. Long distance calls from 415 and 408 area codes were affected. In the interim, some Sprint customers were rerouted through AT&T's long distance network. However, this caused `congestion problems' [for both AT&T and Sprint!]. This was the third outage in the Bay Area this month. [Source: San Francisco Chronicle article, 16Jul91, by Carl T. Hall] ------------------------------ Date: Tue, 16 Jul 91 05:55 EDT From: msb@sq.com (Mark Brader) Subject: COMPUTER SHOWERS A BRITON WITH GIFTS (from rec.humor) [NY Times via, at least, Henry Cate III, meo@dixie.com, and Mark Brader, SoftQuad Inc., Toronto, utzoo!sq!msb, msb@sq.com] According to a posting in rec.humor, the following story appeared in the New York Times in April 1972. COMPUTER SHOWERS A BRITON WITH GIFTS Eveashan, England. -- Joseph Begley saved 2,000 cigarette coupons and mailed them in to a British cigarette company in order to get a watch. When the watch didn't arrive he wrote and asked why. Back came three watches. Mr. Begley only wanted one so he mailed back the other two. The next day 10 parcels arrived from the cigarette company. The following day 18 parcels arrived. The day after that 10 more parcels came. All were trade-in gifts given by the cigarette company in exchange for coupons Mr. Begley never had. Among the gifts were three tape recorders, a doll, a golf bag, two electric blankets, a cot, saucepans, a pressure cooker, and long-playing records. Mr. Begley wrote a long, pleading letter to the company asking them to stop. In the return mail came a reply saying: "It was a computer error." The company gave Mr. Begley 10,000 coupons in compensation for his troubles. With these Mr. Begley ordered some tools and a bedspread. He received a plant stand and two stepladders. ------------------------------ Date: Tue, 16 Jul 91 10:34:11 BST From: Brian.Randell@newcastle.ac.uk Subject: Computer "assistance" in the UK Grand Prix Today's issue of the Independent (a UK national newspaper) has an article about the British Formula 1 Grand Prix held at Silverstone on Sunday (14/7/91) which was won by Nigel Mansell, with Ayrton Senna running out of fuel within sight of the finishing line. The article contains the following paragraphs: For the second successive week, Senna was fooled by a computer read-out. In France, he was led to believe that the car was low on fuel. It was not. At Silverstone, he was told it had plenty. It had not. Mansell, meanwhile, was attempting to outwit the gearbox computer which left him stranded on the last lap of the Canadian Grand Prix. He said: "It was just like Canada. I felt it just the same. But you learn from experience. I was able to identify the problem and knew what to do about it. I kept up the revs and kept it in fifth gear as long as possible. "I'm increasingly worried about being controlled by computers. The driver is becoming more and more the prisoner of the computer." [Computing Laboratory, The University, Newcastle upon Tyne, NE1 7RU, UK PHONE = +44 91 222 7923 FAX = +44 91 222 8232] ------------------------------ Date: Thu, 20 Jun 91 17:44:13 PDT From: erikn@boa.mitron.tek.com (Erik Nilsson) Subject: Re: auto telemetry records (John Moore, RISKS-11.86) One of our customers makes a part used with air bags. The controls for air bags use accelerometers to determine when an air bag should be deployed. Apparently, the speed of the vehicle is also factored into the deploy decision. Because the auto companies are afraid of lawsuits over faulty deployment, the airbag control includes a flight-recorder-like telemetry record. It isn't clear how accurate this record is. The advice our customer gave us was, if we were in an accident, find and destroy the black box as soon as possible. - Erik Nilsson erikn@boa.MITRON.TEK.COM ------------------------------ Date: Wed, 10 Jul 91 15:42:05 EDT From: mark@shl.com (Mark Batten) Subject: Free Money? A few weeks ago (June 1991) I saw a news article on Canada's NewsWorld (a 24 hour news channel) which related the following story (paraphrased from memory): A man decided to use his Royal Bank ATM card to get some money out of his account. He used a Co-op (trust company, I believe) ATM machine. He entered his id number and received the money he requested. He then noticed that there was a problem with the printed receipt. It was missing the balance, a transaction number, and similar items. He checked the ATM card and discovered that he had accidentally used his Bell Calling Card rather than the Royal Bank card he intended. He immediately reported the problem to the Co-op branch. They called in the Royal Bank and Bell to determine what had happened. It turns out the money he received had not been deducted from his account. It had come out of the Co-op's general fund or something like that. The Co-op spokesperson assured the reporter that the problem had been determined and resolved by the end of the day and that it was unique to Bell Calling Cards and the Co-op's ATM software. (It was not clear from the report but I believe this happened in Toronto.) Does anyone know anything more about this? Mark Batten mark@shl.com uunet!shl!mark ------------------------------ Date: Mon, 15 Jul 91 12:07:09 BST From: Clive Feather Subject: Nitwit ideas (Niven and Pournelle) Re: Patriot missile specifications, Robert I. Eachus, RISKS-12.01, "This is NOT a failure of design or specification or production, it is often the result of someone trying something because he is dead anyway if it doesn't work. Such successful tactics quickly become the normal way the weapon is used." I am reminded of something from _The_Mote_in_God's_Eye_ by Niven and Pournelle: "It's a nitwit idea. Nitwit ideas are for emergencies. The rest of the time you go by the Book, which is mostly a collection of nitwit ideas that worked." Clive D.W. Feather, IXI Limited, 62-74 Burleigh St. Cambridge CB1 1OJ UK clive@x.co.uk Phone: +44 223 462 131 ------------------------------ Date: 21 Jun 91 15:18:49 GMT From: ross@spam.ua.oz.au (Ross Williams) Subject: Puzzle boxes for critical device interfacing INTRODUCTION: I have had an idea for the reliable interfacing of computer systems with critical hardware that I would like to air in this newsgroup. IDEA: The idea is to place some kind of "puzzle" between the microprocessor and the critical hardware device such that in order to activate the critical device, the microprocessor must send a complex sequence of signals, the sequence being the solution to a puzzle. I call such a device a "puzzle box". BENEFIT: The benefit of the puzzle box is that the microprocessor is far less likely to activate the critical device under failure conditions than if a simpler interface were used (e.g. address decoder and one bit latch). GRAY CODE PUZZLE BOX: In order to avoid interface problems themselves, puzzle boxes must be extremely simple. The simplest, most efficient puzzle box I have invented consists of a row of switches wired in serial (through which the critical signal must pass) controlled by simple logic that requires the microprocessor to transmit a Gray code sequence (a "Gray Code Puzzle Box"). Thus, in order to fire the rocket, the microprocessor has to solve the Towers of Hanoi puzzle! PROVISIONAL PATENT: I have submitted an Australian Provisional Patent application for this invention (January 1991, June 1991) and am looking for feedback on its originality and usefulness. I am also looking for people to help manage this patent. A copy of the provisional patent application is available upon request (I can email it to you or snail mail it). The application gives an accessible description of the idea and answers common objections. Although the idea is simple, I have chosen to patent as I view it as somewhat perverse. Engineers spend a lot of their time trying to make it EASIER for pieces of hardware to talk to each other. The puzzle box goes totally against this principle, but in doing so increases safety. I look forward to reader responses. Ross Williams Net: ross@spam.ua.oz.au Fax: +61 8 373-4911 Home phone: +61 8 379-5020 (South Australian Time) Snail Mail: 16 Lerwick Avenue, Hazelwood Park 5066, South Australia, Australia ------------------------------ Date: Mon, 1 Jul 91 12:52:46 -0500 From: Jeff Helgesen Subject: U.S. Electronic Data Move Challenged on Privacy Issue (NY Times) U.S. ELECTRONIC DATA MOVE CHALLENGED ON PRIVACY ISSUE Fears Rise on Possibility of Scrutiny by Federal Agencies NY Times -- 29 June 1991 The government said Thursday that it would introduce a Federal standard for authenticating electronic data later this summer, but the announcement prompted an angry reaction from one of the leading private providers of software that protects computer data. The company, RSA Data Security Inc. of Redwood City, Calif., said the Government had failed to address fears about the possibility of a secret "trapdoor," which would permit intelligence and law-enforcement agencies to look at private data. The issue of providing special mechanisms to permit Government access to private information has caused a growing public debate recently. Earlier this year an anti-terrorism bill in Congress called on the computer and telecommunication industries to permit Federal agencies to look at private data. But the statement was later dropped from the bill after extensive public opposition. Government officials said that it would be possible for technical experts to examine the standard when it is released this summer and the could decide for themselves whether there were any shortcomings in the design of the standard. "It will be openly published and people can inspect it to their heart's content," said James H. Burrows, head of the computer systems laboratory at the National Institute of Standards and Technology [NIST]. He added that the new standard was not intended to encrypt computer data, and that the Government would continue to rely on an earlier technology known as the Data Encryption Standard to actually hide information from potential electronic eavesdroppers. He said there was a project underway to develop a successor to that standard, but that it was years away from completion. In testimony before the House Subcommittee of the Committee on Science, Space and Technology, Raymond J. Kammer, deputy director of the NIST, said on Thursday that the Government was working on final arrangements for a planned "data signature" standard that would permit electronic authentication of documents and access systems as well as protecting against computer viruses and other forms of electronic tampering. He added that the new standard did not include capabilities for coding messages so that only one person or a group of people could read them. Mr. Kammer acknowledged that the agency's efforts to develop a standard had been, "slow, difficult, and complex." He said his agency had worked with the National Security Agency to develop the new standard and called the relationship between the two "productive." Dr. Burrows said the standards institute had relid heavily on the intelligence agency for the fundamental work that has led to the new standard. "A public key standard would help promote communications privacy," said Marc Rotenberg, Washington director of Computer Professionals for Social Responsibility. "The problem today is that there is a legitimate concern about the role the NSA might play in the development of such a standard." Officials at RSA, and other computer security experts, have challenged the Government standard-setting process saying that it was difficult to have confidence in the software being proposed by the Federal agencies because of security agencies' roles in the process. A number of computer security experts have said the security agency has objected to adopting the RSA standard because the system is too difficult for the intelligence agency to crack. ------------------------------ Date: Mon, 24 Jun 91 15:58:16 -0400 From: aq941@cleveland.freenet.edu (Sue Anderson) Subject: NPTN Infosphere Report Below is the final version of our "Infosphere" report summary. We have formulated general question areas to which we will attempt to respond using, whenever possible, existing data. We also expect that the report will point to many avenues for further research, particularly in areas where data is simply unobtainable. Computer networking is often heralded for its capacity to facilitate collaboration among researchers, scholars, scientists, authors, etc. We would like to capitalize on this potential... Therefore, if you have any comments on the summary below, would like to offer assistance (by making suggestions, locating/supplying information, or providing funding), or if you want more information, please feel free to contact us (addresses and phone numbers can be found at the end of the following summary). -- -- -- -- -- -- -- -- -- -- -- -- The National Public Telecomputing Network -- Infosphere Report In 1955 an important transition occurred in American society. In that year, for the first time, more than half of our work force became "information workers" -- people whose main activity was producing, processing, or distributing information, and producing information technology. In the 1980's, with the development of low-cost personal computers and high-powered computerized communications networks, the pace of that transition both quickened and deepened. For the first time rapid exchange of information could occur, over globe-spanning distances, within seconds, at extremely low cost. For the first time also, the average citizen had on their desktops the means to tap into those resources from their homes, schools, and workplaces. Unfortunately, as with many preceding technologies, access to these resources developed unequally. Some individuals and segments of society were able to take immediate advantage of it; others were not (and still are not). The result is a society which appears to be entering the Information Age the way a child enters an ocean for the first time--partly in, partly out, partly fearful, partly intrigued, and not really quite sure what to do next. This summer and fall, the National Public Telecomputing Network (NPTN), a nonprofit public computer network headquartered in Cleveland, Ohio, will be working on its first annual "Infosphere Report"--a research project similar to those conducted in areas such as economics, population growth, and the environment--which will attempt to assess the nation's capacity to effectively and equitably utilize telecomputing as a medium for meeting its information and communication needs. We are defining the "infosphere" as: the technical and organizational environment in which the general public can remotely access computer-mediated communication and information resources. We expect that over-time a portrait will emerge which will describe this nation's progress, with regard to telecomputing, as it encounters the information age. The report will be cumulative, comparative, and prescriptive. It will show where we have been, where we are now, what we are doing well, and where more emphasis is needed. In general, we see the infosphere as being composed of three interactive components: People: The individuals who are (or could be) using the technology and resources. Technology: The hardware, software and network connections needed to access the resources (e.g., computers, modems, phone lines, network connections, etc.). Resources: The communication and information facilities that can (or could be) remotely accessed via computer (e.g., databases, archives, electronic mail, computer conferencing). The Infosphere Report will attempt to gauge our progress with regard to each of these areas. The first chapter will be an introduction describing the scope and limitations of the study. Chapters two through four will address each infosphere component: people, technology, and resources. Questions that will be addressed in these chapters include: People Who uses the currently available communication and information resources? What are the general public's communication/information needs and desires? Do they know what's available? How can they find out about it? Do they have the knowledge and skills to use it? Do they have access to the necessary resources to use it? Technology What technology exists for accessing communication and information resources? What is its availability and cost to the general public? What are its strengths and weaknesses? (e.g., ease of use, reliability) Resources What remotely accessible communication and information resources exist? What are their availability and cost to the general public? What are their strengths and weaknesses? (e.g., quantity, quality, appropriateness) The final chapter of the report will summarize the findings, draw conclusions, discuss implications, and make recommendations for improving our nation's ability to make use of telecomputing to effectively and equitably utilize computer-mediated communication and information resources. The principal investigator on the project will be T.M. Grundner, Ed.D. As an assistant professor at Case Western Reserve University, Dr. Grundner was an early pioneer in the development of community-based computerized information services. His "St. Silicon Project" in 1984 provided the first data on the effectiveness of using modem equipped microcomputers to deliver community health information. His Cleveland Free-Net Project in 1986 developed the nation's first free, open-access, community computer system. As a result of the success of the Free-Net, in 1989 he founded the National Public Telecomputing Network to foster the growth of community computer systems and to link them together into a common nationwide communications and information network similar to National Public Radio or PBS on television. The research coordinator is Sue Anderson, Ed.D. (Cand.). Ms. Anderson is a doctoral candidate at the University of Virginia with extensive background in electronic networking and computer conferencing. She will be supervising a staff of volunteer research associates from around the country in the development and analysis of the data for the report. Persons who are interested in assisting on this project, those seeking more information in general, and (especially) potential funding sources wishing to participate in continuing support, should contact the project at: The Infosphere Report National Public Telecomputing Network Box 1987 Cleveland, Ohio 44106 Voice: 216-368-2733 FAX: 216-368-5436 Internet: aq941@cleveland.freenet.edu (Sue Anderson) aa001@cleveland.freenet.edu (Tom Grundner) BITNET: aq941%cleveland.freenet.edu@cunyvm (Sue Anderson) aa001%cleveland.freenet.edu@cunyvm (Tom Grundner) CompuServe: 71550,2602 (Sue Anderson) 72135,1536 (Tom Grundner) ------------------------------ Date: Thu, 4 Jul 91 11:33:00 EDT From: Chuck_Dunlop@ub.cc.umich.edu Subject: Re: Risks of Posting to RISKS In RISKS 12.02, Jerry Hollombe describes our publication of his 1989 RISKS posting about the "censorship" of rec.humor.funny at Stanford University. Mr. Hollombe's piece was reprinted (with his permission) in Charles Dunlop and Rob Kling (eds), _Computerization and Controversy: Value Conflicts and Social Choices_ (Boston, Academic Press, 1991, ISBN: 0-12-224356-0). (See pp.376-379). In one section of our book, we published 3 excerpts from RISKS in order to document an important debate about a university's cutting off access to a BBS when some people found postings to be personally offensive (a continuing issue!). Les Earnest and John McCarthy criticized Stanford's censorship while Jerry Hollombe argued that the term "censorship" was inappropriate and that Stanford had a right to cut off access to any BBS. We included this debate as one short selection in an 80 page section that examines controversies about "Social Relationships in Electronic Communities". Our anthology examines many debates about computerization pertinent to quality of worklife, productivity, system design, privacy, social control, gender bias, system security and risks, ethical codes, and social relationships on networks. However, we did not effectively anticipate this new controversy about computerization: one's ability to fairly reprint RISKS (or any BBS) postings after posters have given explicit permission! Although Mr. Hollombe now regards his February 1989 RISKS posting as "a bit embarrassing", he acknowledges that he gave us explicit permission to reprint it in _Computerization and Controversy_, with the stipulation that a footnote be added detailing his current position on the subject. We appreciated Mr. Hollombe's willingness to allow us to reprint his Feb. 1989 posting since it was a counterpoint to McCarthy and Ernest. Without his posting, we would only have been able to portray one side of the debate and might have dropped these particular RISKS excerpts entirely. Unfortunately, Mr. Hollombe attributes his problem with the reprinting of his RISKS posting solely to publishers and editors, and he conveniently ignores his control over the publication. In RISKS 12.02 he writes: >The risk? The words we exchange here aren't as ephemeral as they may >appear on a VDT screen, so be careful what you say and how you say it. >You never know who might decide to package and ship it to a customer. >(-: This complaint strikes us as unfair. It incorrectly suggests that Mr. Hollombe had no control over the reprinting of his RISKS postings. He knew that we wanted to "package and ship" his Feb 1989 RISKS posting to readers of _Computerization & Controversy_. And he consented to our doing so. We can understand that Mr. Hollombe might now regret having given us permission; people sometimes regret all sorts of things they have agreed to under "fair" conditions. But that is very different from having his comments published WITHOUT his permission (a kind of theft or coercion). Furthermore, we printed the additional footnote that he requested (and also sent him a complimentary copy of the book). We believe that in following those procedures we were VERY FAIR to Mr. Hollombe. At the time when we assembled the articles for _Computerization and Controversy_ (mostly previously published articles), we discussed the copyright status of RISKS postings with Peter Neumann. It seemed then that there was no clear legal ruling regarding rights and ownership of BBS postings. We took a very conservative and respectful position in seeking permission from authors wherever possible. For example, if Mr. Hollombe had denied us permission, we would not have published his RISKS posting. We also note that our position that editors should seek a poster's permission can have significant practical difficulties. The longer the time that elapses between BBS posting dates and the time when editors assemble materials for publication, the harder it it may be to locate posters. If someone writes a book about the changing nature and debates of computer risks between 1980-2000 in the year 2005, it may be hard to locate most posters at the mail addresses in their message headers from 1985-1995 (grin). This issue may be important to RISKS posters, as well as posters on other boards (e.g., political boards, technical and scientific boards, sex boards, personal discussion boards). In all these venues, many people may post with the expectation that their keystrokes are ephemeral, whereas some readers may see them as contributions to the public domain unless they explicitly say otherwise (e.g., through a copyright notice appended to their messages). Significantly, the heading of each RISKS volume now addresses this issue, at least in a limited context (i.e., the reprinting of postings in ACM SIGSOFT's SOFTWARE ENGINEERING NOTES). Does anyone know the state of the law on these matters? Or the status of the controversies? Chuck Dunlop Rob Kling U of Michigan - Flint UC-Irvine Chuck_Dunlop@ub.cc.umich.edu kling@ics.uci.edu ------------------------------ End of RISKS-FORUM Digest 12.06 ************************