Subject: RISKS DIGEST 13.25 REPLY-TO: risks@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Thursday 5 March 1992 Volume 13 : Issue 25 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Sizewell (and RISKS) on UK TV (Perry Clarke) Musical risks (Geoff Kuenning) ``Helpful'' self-configuring programs (Steve Bellovin) A RISK architecture? (DEC's Alpha) (Sites/Witek quoted by Brian Randell) Re: Private SS Data Sold to Information Brokers (Jerome H Saltzer) Re: 7-character PO key (Christine Piatko, Jenn Turney, Irving Chidsey, Dan Hankins) Repetitive stress injuries (Steve Bellovin) [longish] The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line. Others may be ignored! Contributions will not be ACKed. The load is too great. **PLEASE** INCLUDE YOUR NAME & INTERNET FROM: ADDRESS, especially .UUCP folks. REQUESTS please to RISKS-Request@CSL.SRI.COM. Vol i issue j, type "FTP CRVAX.SRI.COMlogin anonymousAnyNonNullPW CD RISKS:GET RISKS-i.j" (where i=1 to 13, j always TWO digits). Vol i summaries in j=00; "dir risks-*.*" gives directory; "bye" logs out. The COLON in "CD RISKS:" is essential. "CRVAX.SRI.COM" = "128.18.10.1". =CarriageReturn; FTPs may differ; UNIX prompts for username, password. ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. Relevant contributions may appear in the RISKS section of regular issues of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise. ---------------------------------------------------------------------- Date: Thu, 5 Mar 92 13:18:06 GMT From: "Perry Clarke - Oracle Data Query Development - Chertsey" Subject: Sizewell (and RISKS) on UK TV On Wednesday, 04-MAR-92 Channel 4 TV in the UK broadcast a program concerning the difficulty of testing complex software systems - specifically the reactor shutdown system for the Sizewell B Pressurized Water Reactor that is currently under construction. Nothing very new was said; it was the usual mix of nuclear industry suspicion of people's intentions when requesting information and people's concern with living in the same country as a nuclear power plant whose safety system cannot be properly tested. The angle that the program's producers had choosen to highlight was that it is software based and we have not figured out how to test (reliably) 100,000 lines of code. The best bit was an implication that Nuclear Electric (the builders) had an inkling of the scale of the effort required to test the system properly and their attitude was that it would take so long and cost so much that it was obviously not practical :-) In the course of the program we saw many screens purporting to show "computer programs"; a selection: o A .newsrc scrolling by (comp.risks makes a guest appearance!) o A UNIX directory listing o What looked like an abbreviated PostScript program It seems that the risks associated with the untestability of complex software systems are beginning to be recognised by the layman. The message that the TV program gave me was of the concern of people outside the (software) industry that we do not know how to guarantee the reliability of our products. The licensing of Software Engineers was not mentioned once. UNIX Mail: dpclarke@uk.oracle.com (Soon to be: perry@unify.com) ------------------------------ Date: Thu, 5 Mar 92 01:45:35 PST From: desint!geoff@uunet.UU.NET (Geoff Kuenning) Subject: Musical risks The city of Los Angeles was recently graced with the world premiere of the new opera "Kullervo" by Aulis Sallinen, a talented Finnish composer. At the open dress rehearsal, I noted that the score seemed to include some synthesized sounds, which I later confirmed by an inspection of the orchestra pit. The synthesizer used was a Yamaha DX-7 II, which aficionados will recognize as an already-obsolete instrument which is no longer manufactured. I suspect that Mr. Sallinen (who appears to be in his 60's) is completely unaware that in twenty years it is going to be nearly impossible to acquire a working DX-7 to duplicate the sounds he intended. Perhaps synthesizer manufacturers will recognize this problem and include a backwards-compatibility mode, but more probably works written for live synthesizer performance (I seem to remember that "The Phantom of the Opera" uses a couple of synthesizers) are going to have to compromise on timbral quality. It's already well-nigh impossible to duplicate the sounds of the old analog synthesizers with modern digital ones, but so far this problem hasn't affected mainstream classical music (rock and jazz have a double advantage, both because recordings dominate in listening to older works, and because flexibility in performance is not only accepted but expected). This all gives a whole new meaning to the "original instruments" school of classical performance. I wonder if I could interest Christopher Hogwood in building a collection of DX-7's? :-) Geoff Kuenning geoff@ITcorp.com uunet!desint!geoff ------------------------------ Date: Thu, 05 Mar 92 12:17:31 EST From: Steve Bellovin Subject: ``helpful'' self-configuring programs On our Internet gateways, we run a variety of security monitors. Among other things, these detect attempts to connect to services that are generally of no legitimate interest to outsiders. But the alarm that went off the other day was a bit different; the services contacted weren't the usual targets. The answer turned out to be fairly interesting. It seems that a university 5 timezones away was installing a new network management system. This program was, it seems, self-configuring -- it went out and tried to discover the topology of the network. The *WHOLE* network, as best I can tell. I wonder how many sites were probed -- and didn't notice -- before I alerted the administrators. There are all sorts of other implications, of course. For one thing, I don't know if I was being told the truth, though I have little reason to doubt it. And such a comprehensive network map can be used to commit all sorts of mischief. But as far as I know, that didn't happen this time. Steve Bellovin ------------------------------ Date: Tue, 3 Mar 92 15:12:14 GMT From: Brian.Randell@newcastle.ac.uk Subject: A RISK architecture? (DEC's Alpha) Quoting from: ALPHA ARCHITECTURE TECHNICAL SUMMARY (Dick Sites, Rich Witek) in comp.arch: "Alpha is also unconventional in the approach to arithmetic traps. In contrast to conventional RISC architectures, Alpha arithmetic traps (overflow, underflow, etc.) are imprecise -- they can be delivered an arbitrary number of instructions after the instruction that triggered the trap, and traps from many different instructions can be reported at once. This makes implementations that use pipelining and multiple issue substantially easier to build." ... and to use safely? However, the next paragraph does provide what I would classify as a sop to DEC's technical conscience by stating: "If precise arithmetic exceptions are desired, trap barrier instructions can be explicitly inserted in the program to force traps to be delivered at specific points." Brian Randell, Computing Laboratory, The University, Newcastle upon Tyne, NE1 7RU, UK EMAIL = Brian.Randell@newcastle.ac.uk PHONE = +44 91 222 7923 ------------------------------ Date: Thu, 05 Mar 92 14:18:39 EST From: Jerome H Saltzer Subject: Re: Private SS Data Sold to Information Brokers (RISKS-13.24) > "Information brokers" will pay Social Security employees $25 for a > person's earnings history and then sell the data for as much as $300. In that case we had better on the watch for the enterprising congressperson who can do arithmetic and who notices that the SSA could go into the retail market itself, sell 200,000,000 records for $60B, and close next year's budget gap. The number seems high; one wonders whether $300 is the market price for an SSA record selected at random, or for selected records in the Iacocca-and-above class. Jerry Saltzer ------------------------------ Date: Wed, 4 Mar 92 14:15:03 -0500 From: piatko@cs.cornell.edu (Christine Piatko) Subject: 7-character PO key (Piatko, RISKS-13.21) The ending of my last message should have read "it's *not* as much of a coincidence as you might think" -- here it is in it's corrected form: I don't doubt that there were human errors as this particular piece of mail tried to make its way from the bank to my house. However, I think you are wrong about the seven characters being "one piece of odd coincidence." A significant fraction of Ithaca's population is made up of students (probably more than 1/4, but less than 1/2), and students move frequently. If you have a common last name it is pretty likely there's someone else with a similar last name who's also a student and lives in the neighborhood. And there are lots of street numbers in the 100 to 300 range in the areas where students live! I looked at the student phone book and picked two common last names, Chen and Smith, and found 2 Chens that live at a house numbered 109 and two Smiths that live at a house numbered 210 in the Collegetown area. They all live on different streets and have different first names. I don't know if these particular examples would involve the same mail carrier, but I'm sure there are examples that do. So it's not as much of a coincidence as you might think! That's why I think one or two more characters for the hash code would help. Christine Piatko (piatko@cs.cornell.edu) ------------------------------ Date: Wed, 4 Mar 92 11:18:30 -0500 From: turney@cs.cornell.edu (Jenn Turney) Subject: 7-character PO key (Piatko, RISKS-13.21; Seidel, Risks-13.23) As the other person Christine mentioned who's had similar problems with mail forwarding in Ithaca, I have a hard time attributing the problem to "odd coincidence." I received occasional misforwarded mail (including, at one point, a COD delivery notice) over a period of about six months. As was the case with Richard Chang, the person's 7-letter key matched mine, but the names and addresses were clearly different. I would write "incorrectly forwarded" on the front of each and put them back in my mailbox. I sincerely hope they all eventually reached her; I never saw them again. I had moved from Ithaca to Schenectady and back -- some of the mail forwarded made the round trip. Ever wondered whether "Return address requested" is attended to? The answer's yes -- I got a credit card bill with her name and my address on it! The last straw was an envelope from a local community college with my name and address handwritten on the outside and a loan form with her name and address on the inside. So not only did the postal employee not check that the names/addresses matched, but neither did the recipient of the forwarding information. The addition to the key of one letter from either the first name or the street name would have avoided the problem in my case and, by quick perusal of the phone book, several others. Ithaca is a university town so naturally there are certain times when a large number of people move at once. This would seem to imply that it is especially important that we have a reasonable forwarding process. This one doesn't behave quite reasonably enough for me. Jennifer (not Shelley) Turney (not ... well, you can guess) ------------------------------ Date: 4 Mar 92 14:12:12 GMT From: Irving Chidsey Subject: Re: 7 characters (Piatko, RISKS-13.21) Now I know why the post office for greater metropolitan Selinsgrove, Pa. (all fits quite comfortably in one zip code) included one stray letter in my mother-in-law's forwarded mail when she stayed with us for a while last year. It may also explain why my income tax refund was returned to the IRS about five years ago. Still, considering how much mail is handled, and the large number of customers the post office serves, this seems to be a rare error. Much more common, in my experience, is getting mail intended for the family at the same street number, one street away, and I believe that is mostly 'operator error', because the letter carriers sort that themselves, by hand. Irv ------------------------------ Date: Tue, 3 Mar 92 22:19:36 EST From: HANKINS@pkedvm8.vnet.ibm.com Subject: Re: Post Office uses only 7 characters... (Seidel, RISKS-13.22) Perhaps it's worth noting that this is one of those situations where adding redundancy to quality control -decreases- quality in what I like to call the "Kitty Genovese" effect. I first noticed this in one of W. Edwards Deming's books. For each inspector one adds in series to a process, the greater the likelihood that a defect will go unnoticed. It works something like this: With a single inspector, she knows that the next person to check the item she's inspecting is the customer. If something goes wrong, she is the one to take the blame. With two inspectors, each relies on the other to inspect, so his inspection is somewhat less thorough. Also, if a defective unit gets through, the inspectors share the blame equally. With 100 inspectors, almost no inspection at all is done; each thinks, "Surely with 99 other inspectors a defective unit will be caught!" As a result, all but the most glaring defects get through. I counted three "inspections" in the mail handling process described; sorting by the mail carrier, typing in of the seven-digit code, and checking of the name by the person whose job it is to affix the yellow change-of-address stickers. Dan Hankins ------------------------------ Date: Wed, 04 Mar 92 15:05:05 EST From: smb@ulysses.att.com Subject: Repetitive stress injuries By coincidence, the New York Times has just run a pair of articles on the subject of repetitive stress injuries. I've enclosed substantial extracts from the two articles. Speaking personally, I find that I have more trouble with my wrist when I'm very tired to start with. (I'm very tired right now, and I almost didn't prepare this message because my tendonitis is acting up again.) A wrist rest helps me immensely. Conversely, too much mouse activity is problematic, since I don't have effective support for my wrist then. Typing on too high a surface -- such as a regular desk, as opposed to a typing table -- is a sure-fire recipe for trouble (again, for me). It's even worse if the desk has a sharp edge I have to avoid. Most important -- I've learned to listen to my hands. If I'm starting to feel pains, it's probably a good day to catch up on journal articles, rather than to start writing a paper. --Steve Bellovin [I don't think I ever mentioned to you all that I got one of our tech wizards to rig up foot pedals for the CONTROL and META keys, so that I could practice my organ-pedal action and keep my left wrist/pinky from spasming in EMACS. It made a big difference. The following is starkly excerpted by Steve, and is reproduced here despite its length, because of its importance to RISKS. PGN] EPIDEMIC AT THE COMPUTER: HAND AND ARM INJURIES, by JANE E. BRODY c.1992 N.Y. Times News Service Work-related injuries, long the plague of those who do heavy manual labor, have become a scourge among white-collar workers, too. Experts say hundreds of thousands of office workers are being disabled each year in an epidemic of motion-related damage to the hands and arms that is costing the nation many billions of dollars annually. The problem is expected to worsen in the current recession as businesses demand greater output from fewer employees and workers ignore symptoms for fear of losing their jobs. Over the last decade disorders caused by movements repeated many thousands of times a day, long a plague on assembly lines and in processing plants, have invaded the once low-risk environment of the office worker along with the computer. Computer operators spend many hours in the same position doing the same task without breaks or variation, giving no time for stressed tissues to recover. Over time, this behavior can induce crippling changes in the sensitive tissues of the wrist and hand. High rates of injury have been reported among data entry workers, telephone operators and newspaper reporters and editors who work for many hours a day typing on a computer keyboard. ... People with the disorders, which can sometimes be permanent, can find themselves unemployable or forced to change careers. Favorite sports activities, housework, carrying groceries, or even holding a coffee cup may become difficult or impossibly painful. The disorders have many names -- repetitive stress or repetitive motion injuries, cumulative trauma disorders, of which carpal tunnel syndrome is one, and most recently, work-related musculoskeletal disorders, the designation of the World Health Organization. But it all boils down to damage caused principally to tissues within the hand and arm by seemingly innocent actions that are repeated perhaps thousands of times each work day, like typing on a computer, cutting meat or poultry or etching glass. ... The American Academy of Orthopedic Surgeons estimated in 1984 that the problem cost the nation more than $27 billion a year in lost wages and medical care, an amount that could well have doubled by now since there has been more than a doubling in reported cases. Dr. Marvin J. Dainoff, a psychologist who is the director of the Center for Ergonomic Research at Miami University in Oxford, Ohio, has called repetitive stress injury the ``occupational disease of the 90s'' similar to the asbestos crisis of the 1980s. ... ``Those with problems that are caught early can expect to recover in a few months,'' said Dr. Emil Pascarelli, director of ambulatory care at [St. Luke's-Roosevelt Medical Center]. ``But workers with severe injuries can take a year or more to get better.'' In some parts of the country, workers diagnosed with carpal tunnel syndrome are often treated with surgery to reduce pressure on the nerve that is compressed by swollen or enlarged tissue passing through the wrist. While some surgeons say the procedure is remarkably helpful to 60 to 80 percent of patients, other experts say it is abused by doctors who do not try more conservative remedies first. Carpal tunnel surgery is now the second most common operation performed in this country. ... But repetitive motion disorders received only a flicker of expert attention until they began striking white-collar workers and especially newspaper reporters, who had been all but immune to the job-related injuries that other laborers have endured for centuries. Some of the rise in cases is widely attributed to increased recognition of the problem and a new willingness to report it. Dr. Laura Punnett, an ergonomist and epidemiologist at the University of Massachusetts at Lowell, said ``historically there's been lots of underreporting'' of these disorders. As she explained, ``Many workers did not recognize the problem as being job-related; others who did worried about losing their jobs if they reported their injuries.'' ... A common experience of workers in America who report hand and wrist injuries to their employers is to find themselves suspected of malingering. Employers' doubts are bolstered by the fact that victims of repetitive stress injury take longer to recover and are less likely to return to work if they have filed worker's compensation claims, according to a study of 28,000 workers conducted by Dr. Gary Franklin, a neurologist who serves as medical director for Washington State's Department of Labor and Industries. Franklin also noted that the disabilities suffered by many workers were ``out of proportion'' to measurable abnormalities in their wrists, a widely acknowledged finding that has prompted Nortin M. Hadler, a rheumatologist at the University of North Carolina, to dispute whether the problem is real. Hadler maintains that musculoskeletal activity that is ``reasonable, comfortable and customary and which can be repeated without undue distress,'' such as typing on a computer, is unlikely to result in tissue damage. Others, like Silverstein, report that although dissatisfied workers are prone to exaggerate their injuries or discomforts, she found in studying workers with problems at Newsday that the most devoted and talented reporters typically suffered the most. ``These are high-production people who don't listen to their bodies,'' Silverstein said. ``They don't stop working when they start hurting. The same with musicians. It is the high-performance people who are at highest risk of musculoskeletal disorders. And one could hardly accuse musicians of seeking to get paid without working, since they don't.'' In a seven-industry study of factory workers, she also found no differences in overall job satisfaction and in views about work in general among employees afflicted with hand-wrist disorders and those who were not. Still, she and Franklin agreed that psychological and social factors can make work-related muscular stress worse by increasing muscular tension. ... Among the physical factors Dainoff lists as raising a worker's risk of hand-wrist disorders are these: High rates of repetition of the same action. A computer operator who types 60 words a minute can make 18,000 keystrokes in an hour. Awkward or unnatural posture while working. The ideal position of the wrist is flat and straight, which positions the hand level with the arm and extended in a straight line from it. Those who work with hands bent up, down or to the side risk damage to the tissues in the wrist. Use of excessive force while working. In Silverstein's factory study, workers who had to use high force and a high rate of repetition had 29 times the rate of hand-wrist disorders as workers using low force and a low rate of repetition. Lack of adequate rest periods or recovery time. Experts estimate that hands should be relieved of repetitive motion for at least 15 minutes every 2 hours to reduce the risk of injury. ``Try telling that to a reporter writing against a deadline,'' Silverstein remarked. People who work on computers, which do not require much force to operate, may nonetheless fall victim to repetitive stress injuries. Dainoff explained that in many computer-reliant offices like newsrooms, almost every activity is done with the keyboard, including writing, editing, taking notes, searching for information and sending messages. ... Some computer-based jobs are ``the sweatshops of the 90s,'' said Dr. John Kella, a musician and biomechanic who directs a rehabilitation and retraining program for injured workers at the Miller Institute in New York. He pointed out that computer keyboards are unforgiving and many operators press the keys too hard, causing an almost imperceptible kickback as the fingertips hit the keyboard's rock-hard bottom. [In my own personal opinion, keyboard feel has gone vastly downhill since the days of the IBM Selectric typewriter. --smb] His colleague, Pascarelli, likened it to dancers performing day after day on a concrete floor. ``Eventually, they are going to get injured,'' he said. The injuries that he treats are often not ``classical'' syndromes with readily identifiable pathological changes in structures of the hands and wrists. Some, perhaps a quarter of those complaining of symptoms, have clear cases of carpal tunnel syndrome. Some have tendinitis, an inflammation of the tendon that passes through the wrist, and others have tenosynovitis, an inflammation of the sheath around the tendon. But many fit no recognized classification. Dr. Lawrence Fine, an occupational medicine specialist for the National Institute of Occupational Safety and Health in Cincinnati, said: ``Yet these people are in a lot of pain and are forced to take time off from work. It's hard for me as a physician to say it's all in people's heads, especially when the frequency and severity of the disorders abates when the risk factors are reduced.'' Even when a rational remedy is applied, the workplace setting can sometimes cause it to backfire. Silverstein gave on-the-job exercises to workers in a dental floss manufacturing plant. A year into the program she found no improvement in the rate of repetitive stress injuries because the workers, forced to meet production quotas, had worked harder to make up for the time lost during their exercise sessions. ==== COMPUTER USERS' INJURIES ARE OFTEN PREVENTABLE By JANE E. BRODY c.1992 N.Y. Times News Service ... Researchers who have analyzed the conditions that seem to lead up to hand-wrist problems and clinicians who treat them have identified factors both within and outside the workplace that when properly adjusted can help prevent hand-wrist injuries. Dr. Marvin J. Dainoff, director of the Center for Ergonomic Research and a professor of psychology at Miami University in Oxford, Ohio, insists that physiologically sensible use of the computer starts with the user's chair. A well-designed chair not only helps protect your back but also reduces strain on your shoulders, neck and arms and ultimately your hands. Most experts recommend a chair that allows you to adjust the height of the seat and the tilt of the back and possibly also of the seat. An adjustable table may also be necessary for people who are very tall or very short. You should be able to sit with your feet flat on the floor (or on a footrest), your thighs at right angles to your torso, your arms and hands parallel to the floor or perhaps slightly elevated, your head erect and your eyes looking slightly down (about 15 degrees below the horizontal) to see the screen. To minimize stress, the chair should support your lower back and should swivel and roll on casters. To allow for relaxation of muscles and shifts in working postures, the seat back should be able to tilt backward to an angle of 15 degrees or more from the vertical. The desirability of arm rests is a matter of debate. Some experts suggest they can aggravate wrist problems and encourage poor posture if the arms are rested on them while typing. Others laud their usefulness as a resting place when not typing. Next comes the surface on which the computer keyboard rests. When sitting properly in your chair, you should be able to type with a flat wrist. Avoid bending your wrist up or down or twisting it sideways when you type. If the keyboard is very wide or deep, learn to lift your hand to reach outlying keys instead of trying to stretch your fingers to them, which distorts your wrist position. While typing, avoid resting your wrists on the edge of the work surface; to reduce pressure on the wrists, consider using a padded wrist and palm rest in front of the keyboard. Keep fingernails trimmed; long nails force you to extend your fingers to hit the keys. Try to avoid other potentially wrist-damaging activities when you are not typing. Dainoff cautions against moves that bend the wrist, especially if force is involved, like pushing a heavy door, opening jars, holding a telephone handset at an angle or resting your head in your hand. Also think about home and recreational activities that might aggravate a sore wrist, including excessive use of a kitchen knife, playing a musical instrument with a distorted wrist, skating with the hand bent up at the wrist or pushing a power mower. Use your whole hand (not just thumb and forefinger) and minimal force when gripping, grasping or lifting an object. Take frequent brief rests while typing. Switch to another activity that uses the hands differently. Do not use more force than necessary to hit the keys. When taking notes or writing an original work, avoid holding your hands in a tensed ``ready'' position when waiting to type. Do exercises that strengthen hand and arm muscles and improve circulation in the upper extremities, like squeezing a handgripper and swimming. When typing, try to rely more on the larger, stronger muscles of the arms and shoulders to reduce strain on the wrists and hands. When detected and intercepted in their early stages, hand and wrist problems are relatively easy to reverse. Experts caution against trying to work through pain, since that will only make the injury worse and could result in irreversible damage to the nerve that passes through the wrist into the hand. Therapy may involve analysis of your typing technique and retraining, adjustments in your office furniture and keyboard, physical conditioning and the use of wrist splints at night to prevent abnormal wrist positions during sleep. Dr. Emil Pascarelli, director of ambulatory care at St. Luke's-Roosevelt Medical Center in New York, who established a hand clinic to treat injured keyboard users, said that anti-inflammatory drugs, like ibuprofen, do not seem to work well in treating work-related injuries to the wrists and hands. He also maintains that surgery, which has become a very popular remedy nationwide, should be considered a treatment of last resort, when more conservative measures seem unable to relieve the problem or when the nerve is becoming scarred or is degenerating. ------------------------------ End of RISKS-FORUM Digest 13.25 ************************