Subject: RISKS DIGEST 12.26 REPLY-TO: risks@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Friday 6 September 1991 Volume 12 : Issue 26 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: The Dead Sea Scrolls and Data Security (Jerry Leichter) Charging batteries (Erling Kristiansen) ``Returns for Senders'' (US Postal Service handling of forwardings) (Dinah Wisenberg Brin in Common Cause, via PGN) Re: Portability of E-mail Addresses (Robert Neff) DDN Management Bulletin 84 on NIC transfer (NIC) Re: +&*#$ (David J. Fiander, Tom Blinn) Re: Story of O (Will Martin) Re: A number is no name (Merlyn LeRoy, Bob Frankston) Re: RISKS of using electronic mail ... (Brinton Cooper, Bob Frankston) Re: National Character variations in ASCII (Bob Frankston) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line. Others ignored! REQUESTS to RISKS-Request@CSL.SRI.COM. For vol i issue j, type "FTP CRVAX.SRI.COMlogin anonymousAnyNonNullPW CD RISKS:GET RISKS-i.j" (where i=1 to 12, j always TWO digits). Vol i summaries in j=00; "dir risks-*.*" gives directory; "bye" logs out. The COLON in "CD RISKS:" is essential. "CRVAX.SRI.COM" = "128.18.10.1". =CarriageReturn; FTPs may differ; UNIX prompts for username, password. ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. Relevant contributions may appear in the RISKS section of regular issues of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise. ---------------------------------------------------------------------- Date: Thu, 5 Sep 91 22:04:34 EDT From: Jerry Leichter Subject: The Dead Sea Scrolls and Data Security Today's New York Times contains a front-page article on an event also widely reported elsewhere: The use of a computer to "re-construct" one of the Dead Sea Scrolls. As readers may recall, the Scrolls were found in a series of caves in the desert in Israel over forty years ago. Some of the Scrolls contain the earliest known texts of books of the Bible; at least one is apparently a sixth book of the Old Testament, which along the way was lost. Control of the Scrolls was given to a small group of scholars, who've been slowly - very slowly - publishing them. Their practices have lead to many protests by other scholars, who have been denied any access to the unpublished Scrolls - at this point, more than half of them. While much of the material remains unpublished, the controlling group has published extensive concordances of most of it. (A concordance lists each word that occurs in the text, together with an indication of exactly where it occurs - i.e., it's a cross-reference map.) A group at Union Hebrew College in Cincinnati realized that a concordance contains all the information necessary to reconstruct the text. They wrote a program for a Mac to do just that, and have just published their first reconstructed version of a previously-unpublished Dead Sea Scroll. A controversy has, of course, been ignited by this action. The group that control the Scrolls claim this is plagiarism, for example. What I find interesting about the whole business is the way it brings to attention the degree to which the widespread availability of computation make it very hard to release partial information. Partial information about some set of data usually implicitly constrains additional information about the same set of data, information that the releaser may not have intended to make release. Actually determining the implicitly-specified information may involve a very large amount of work - but computers make it quite practical. This issue has, of course, come up before. Much work has been done on the problem of allowing access to broad statistics from large databases without allowing information about individual records to be determined. This work is too technical for most people to integrate. The Reagan administration tried to create a new class of "unclassified by sensitive" information, which would be protected in some way because when pooled it could reveal valuable, perhaps classified, data. The broad mistrust of administration motives in the national security area, coupled with a lack of convincing examples, kept this from really entering the national consciousness either. The Dead Sea Scrolls case is easy for people to understand - they can clearly see how the approach works. It will certainly be the example I use in the future for explaining the difficulty of security problems. How much of an impact it will have on people's understanding and views, I don't know - I suspect little. But a few more instances of this use of computers - perhaps in more threatening circumstances, for example a data-matching program that led to large numbers of IRS actions against "the common man" - and the impact could become significant. How people will react when the realization comes home, and what kind of protections they will want, I have no idea. -- Jerry ------------------------------ Date: Fri, 06 Sep 91 08:51:51 CET From: EKRISTIA@estec.bitnet (E. Kristiansen - WMS) Subject: Charging batteries We use several small, portable computers to control some mobile communication equipment. These computers are powered by rechargeable batteries. We have had problems charging the batteries of some units, even some brand new ones. We consulted the supplier who told that the battery charging is UNDER SOFTWARE CONTROL, as is the charging indicator LED. So, if you discharge far enough for the processor to stop operating, you can sometimes not charge the batteries! There is some bypass circuitry which allows very slow charging, it takes about 4 days to charge to operating condition. Since the LED is also non-operational, you do not know whether you are charging or not. Erling Kristiansen, ESTEC, Noordwijk, The Netherlands. ------------------------------ Date: Fri, 6 Sep 91 10:38:39 PDT From: "Peter G. Neumann" Subject: ``Returns for Senders'' (US Postal Service handling of forwardings) [The following article by Dinah Wisenberg Brin appeared in the July/August issue of the Common Cause Magazine, vol.17, no.4, pp.8-9, and is reprinted with permission of Deborah Baldwin, Common Cause, 2030 M St. NW, Washington DC 20036, 202-833-1200. PGN] The U.S. Postal Service -- the butt of so many complaints about inefficient service -- is on its toes in one way the average mail recipient might not appreciate. The same system that enables the Postal Service to forward your mail to a new address also alerts scads of direct marketers -- from the folks at your favorite mail-order company to those pesky tricksters who say they have a special gift waiting if only you'll call - to your new whereabouts. The system seems to work for better and for worse. For better: You get the mail you want and the Postal Service saves time and money by not delivering mail to the wrong address. For worse: Junk mailers you never wanted to hear from discover your new address and waste no time making use of it. Postal officials insist that they share change-of-address information only with those who already have your old address. But thanks to the large-scale selling and renting of customer lists among direct mail marketers, some companies that never knew you existed will have your particulars. The Postal Service forwards about 2.3 billion pieces of mail a year for the 40 million Americans who move annually, at a cost of some $1 billion, says Bob Krause, director of the Postal Service's National Change of Address (NCOA) system. Meanwhile 19 companies, including some of the largest direct-marketing list management firms, pay the Postal Service an annual fee of roughly $48,000 to receive computerized NCOA updates every two weeks. These "licensees" then provide the updated information to their customers, who pay for address changes for consumers already on their mailing lists. The Post Office places great importance on keeping address-correction information secure, Krause says, and the licensees must follow strict guidelines on what they can do with it. They may not use the information to develop mailing lists. But direct marketers who properly obtain the information from the Post Office or its licensees can make it available to others with impunity. Ann Zeller, vice president for information and special projects of the Direct Marketing Association, concedes that firms can buy names from a direct mailer who has a consumer's new address. Evan Hendricks, editor of the Washington-based Privacy Times newsletter, is "very suspicious" of the system. Without realizing it, individuals who complete change-of-address cards are ``permanently giving away their addresses to anyone who asks for them,'' he says, and that should be clearly explained on the card. Of course a change-of-address card is only one of many methods direct mailers have for learning a person's new address. Those who would sell you their wares also mine motor vehicle records, voter rolls, magazine subscription bases, home purchase records and other sources. There is a way out. Individuals who want their names removed from various mailing lists can contact the New York-based Direct Marketing Association, which runs a name and address "suppression" service. But, Krause notes, "If you buy something at your new address from any direct marketer, your name will be on a number of lists within weeks." -- Dinah Wisenberg Brin (a freelance writer now living in Hollidaysburg PA) ------------------------------ Date: Thu, 5 Sep 91 15:17:57 -0700 From: neff@janus.Berkeley.EDU (Robert Neff) Subject: Re: Portability of E-mail Addresses A previous post on this topic notes that in the snail-mail world we have one central Post Office, and they perform services for us such as mail forwarding, and that many companies do not extend such courtesies with E-mail. In my view, there is no reason why should we expect private firms to provide us with a full service E-mail address. It is not their business. It is the business of the post office to forward the regular mail. If you want an E-mail service which will be a universal address, from one job to the next, then it is available on public access bulletin boards (or whatever you call them) such as the Well in San Francisco, or Portal Communications in the South Bay. Just have everyone send mail to you at those addresses, and have it forwarded to your work account automatically. My point is that free access to the internet is a service we have all come to expect, even though we don't pay for it (at least not directly). If you really want the service, all the time, you'll have to pay for it. -- Robert [Several people noted that NIC.DDN.MIL provides a "whois" service. It seems appropriate that everyone should register, although its primary charter in the past has been to include all MILNET folks (and earlier, all ARPANET folks), and it is not at all clear what would happen if everyone in internetland were to register. I see that David Parnas is NOT listed, but I am, for example. If you wish to be added, send mail to NIC@NIC.DDN.MIL and see what happens. Following is an excerpt from the latest DDN bulletin, put out by DISA (formerly DCA), which suggests that the transition on 1 Oct 91 is supposed to be almost seamless... PGN] ------------------------------ Date: Wed, 4 Sep 91 13:28:18 PDT From: DDN Reference Subject: DDN Management Bulletin 84 ********************************************************************** DDN MGT Bulletin 84 DCA DDN Defense Communications System 4 Sept 91 Published by: DDN Network Info Center (NIC@NIC.DDN.MIL) (800) 235-3155 DEFENSE DATA NETWORK MANAGEMENT BULLETIN The DDN MANAGEMENT BULLETIN is distributed online by the DDN Network Information Center under DCA contract as a means of communicating official policy, procedures and other information of concern to management personnel at DDN facilities. Back issues may be read through the TACNEWS server ("@n" command at the TAC) or may be obtained by FTP (or Kermit) from the NIC.DDN.MIL host [192.67.67.20] using login="anonymous" and password="guest". The pathname for bulletins is DDN-NEWS:DDN-MGT-BULLETIN-nn.TXT (where "nn" is the bulletin number). ********************************************************************** The transition of the Network Information Center from SRI International in Menlo Park, CA, to Government Systems Inc. in Chantilly, VA, is officially scheduled for 1 October 1991. This includes the transition of services currently offered to DDN and Internet users by SRI, such as network/user registration, on-line information services, and Help Desk operations. SRI will continue to provide all NIC services, to include responding to all user calls and requests, until 30 September 1991. DISA and GSI will make every effort to ensure a smooth and timely transition of NIC services from SRI. Network users should be minimally impacted. With a few minor exceptions, all on-line services currently offered by SRI will appear the same to the user when a connection is established to the new (GSI) NIC host. These exceptions are due to the change from the TOPS20 operating system to the SunOS operating system. The new NIC host is a Sun 470 SPARCserver running SunOS 4.1. All users on the DDN and the Internet should carefully note the following changes: Government Systems, Inc., Attn: Network Information Center, 14200 Park Meadow Drive, Suite 200, Chantilly, VA 22021 Help Desk Telephone Numbers [after 1 Oct 1991]: 1-800-365-3642 (1-800-365-DNIC) 1-703-802-4535 Help Desk Hours of Operation: 7:00 am to 7:00 pm Eastern Standard Time Fax Number: 1-703-802-8376 Network Address: 192.112.36.5 (NIC.DDN.MIL) Root Domain Server: 192.112.36.4 (NS.NIC.DDN.MIL) During the period of 26 to 30 September 1991 the ID (WHOIS) database will not be changed. All registration actions for this five day period will be suspended. This action is necessary in order to transfer the master database to GSI. Starting 26 September 1991, all U.S. mail and fax requests should be addressed to the GSI address and fax number shown above. All electronic mail requests should continue to be directed to the "HOSTMASTER" and "REGISTRAR" mailboxes at NIC.DDN.MIL. As appropriate, SRI will redirect electronic mail to GSI. On 1 October 1991 all registration activities will resume to include the normal generation of DDN TAC access cards. Currently-valid TAC access cards will remain valid until the normal expiration date. IMPORTANT! Hosts not using the domain naming system should edit their host tables prior to 1 October 1991 to reflect the change in GSI's domain name DIIS.DDN.MIL (192.112.36.5) to NIC.DDN.MIL and delete the current NIC.DDN.MIL (192.67.67.20) from their tables. The GSI IP address, 192.112.36.5, will not change and may be used in lieu of the domain name. GSI will re-generate all informational and network tables (i.e., host tables) no later than 8 October 1991. All tables will be available using the same access method currently used to download from the SRI NIC. We hope that the transition and its accompanying changes will not greatly inconvenience network users, and we thank you in advance for your patience and understanding. For general questions regarding the transition, users may call the new NIC Help Desk after September 1, 1991 at 1-800-365-3642. Questions regarding NIC operations policy should be referred to Mr. Wil Pitre of DISA/DODS at (703) 692-2771 (DSN) 222-2771. Questions regarding NIC contractual matters should be referred to Mr. Tyrone Smallwood of DISA/DISCA. ------------------------------ Date: Thu, 05 Sep 91 10:44:44 -0400 From: "David J. Fiander" Subject: Re: +&*#$ (RISKS-12.21) In Ontario, the "bizarre character" is a small crown. Every non-vanity plate has one, which is used as a separator between the first three-character group and the second. However, the crown _is_ user-selectable in vanity plates, so it is quite possible to have a plate reading "M*A*S*H" (where stars are substituted for the crowns). According to some local discussion, however, they are identical to spaces (but not identical to nothing). Hence "M*A*S*H" == "M A S H" != "MASH". You can guess how much trouble this causes. David J. Fiander, SCO Mail Technology Group, SCO Canada, Inc. ------------------------------ Date: Thu, 5 Sep 91 17:30:55 PDT From: Tom Blinn Subject: More RE: +&*#$ (RISKS DIGEST 12.21 et. seq.) I was not aware that NH allows spaces in license plates (when I asked for the plate "DR TOM" I was told I could not have an embedded space, and got the plate "DR-TOM" instead; my NY plate used to be "DR BLINN", which I've embellished with a "::" to match my node/user name and have posted on the wall in my office). [...] On the matter of unusual characters (both on and off license plates): In New Hampshire, "handicapped" plates have a graphic representation of a wheelchair on them -- all the ones I've seen have it at the front, with a sequence of letters and digits following. I have no idea how this gets represented on, say, a parking ticket. In Massachusetts, some plates have "EX POW" (stacked "EX" over "POW"), and then a three or four-character plate number. I somehow doubt the standard ticket blanks can readily record this, and I also doubt that the automated systems can easily cope with it -- especially outside Massachusetts. And so on.. There's a rumor that John Sununu's personal NH license plate bears the legend "Fly Free or Drive", but I can't confirm that one, either.. Dr. Thomas P. Blinn, Digital Equipment Corporation, Digital Drive -- MKO2-2/F10 Merrimack, New Hampshire 03054 ...!decwrl!dr.enet.dec.com!blinn (603) 884-4865 ------------------------------ Date: Thu, 5 Sep 91 10:30:03 CDT From: Will Martin Subject: Re: Story of O While Mr. O's particular problems may have been exacerbated by the referenced software that looks at "O" as part of "O'" names, I do find it surprising that single-letter last names would have not been considered and programmed for in current versions of software. How many years ago was it that Malcolm X was a national figure? There have been decades since then! Plenty of time for the accommodation of such "initial-names" to have percolated throughout the banking/billing/governmental computer systems, one would think... Or is it part of the mentioned ethnocentrism to assume that people with single-letter names would not wish to participate in the established economic and social systems? Someone who was angry enough to change their name to "X" wouldn't want a driver's license, or to borrow money, or to be on any computerized records or database? Seems a rash assumption... Will ------------------------------ Date: Fri, 6 Sep 91 14:15:12 CDT From: merlyn@digibd.com (Merlyn LeRoy) Subject: Re: A number is no name A similar case (somewhat earlier) of a Minnesota man who wanted to change to 1069; his legal name had to be One Zero Six Nine. Merlyn LeRoy ------------------------------ Date: 5 Sep 1991 09:35 -0400 From: Subject: Re: A number is no name (RISKS-12.20)[EKRISTIA@estec.bitnet] There is a proposed character set, Unicode, that is intended to encode all glyphs. That is a bit ambitious since a lobster picture will still present a problem, but does go a long way towards dealing with national alphabet problems. Don't forget that Risks Digest is mired in limited AmericanSCII and thus cannot provide an effective representation for much that we talk about. Of course, we have some workarounds such as saying "Umlaut" (I can't even backspace to use a " as an umlaut as per ASCII conventions!). ------------------------------ Date: Wed, 4 Sep 91 13:13:07 EDT From: Brinton Cooper Subject: Re: RISKS of using electronic mail, and universal addressing David Parnas writes: What is needed is a personal communication system, one where the individual's address is independent of his (or her) location on the computer network... Peter Neumann adds: But it certainly would be nice... Gee, fellows, it sounds very much like an Internet Social Security Number, and we've had endless discussions over the years about the computer-oriented (and other) risks of having and using universal identifiers! In the context of "privacy," which also commands attention in this and other forums (fora?), perhaps one need only keep a list of those folks with home he/she wishes to maintain communication and send them "change of address" notices. _Brint ------------------------------ Date: 5 Sep 1991 21:55 -0400 From: Subject: Re: RISKS of using electronic mail There is a simpler way to confuse electronic mail. Change your last name. Often happens when people get married. Trivial to overcome the problem, but my impression is that corporate mail managers don't think about these things. A closely related issue is role vs personal addresses. In paper mail systems people will guess at whether mail is addressed to the current "Sales Manager" or the previous one. Email systems can force one to do it "right" by mindlessly forwarding based on the exact address given, but the corresponding social conventions don't exist -- people will bind to whichever address works once and irregardless of the official purpose of the given address (I call this the "turn left at the cow" syndrome). The Risk here is that the technology exists for a more elegant solution that the users are ready to understand. ------------------------------ Date: 5 Sep 1991 22:07 -0400 From: Subject: Re: National Character variations in ASCII (RISKS-12.24) We have a curious mixture of various interpretations of ASCII. ^C , for example is ETX (End of Text) and has evolved into an interrupt key on some systems. But keys on a PC labelled ESC and Break (for example) have a obvious semantic meanings. Since ASCII is utterly meaningless in PC keyboard (VS TTY Keyboard) decoding, it is better design to feed into user's naive intepretations than to try to teach them arcane history. Actually, the battle between ASCII and UI designers has been going on for a long time. Back in the 60's the QED editor on the SDS-940 used mnemonic bindings of control keys (predated Emacs by nearly a decade). Of course, violating ASCII has its costs, the use of ^S/XON and ^Q/XOFF be Emacs is rather unfortunate. ------------------------------ End of RISKS-FORUM Digest 12.26 ************************