Subject: RISKS DIGEST 13.43 REPLY-TO: risks@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Wednesday 22 April 1992 Volume 13 : Issue 43 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Subject: Typos? They've been around for centuries! (Cliff Stoll) Phantom ATM withdrawals (Lord Wodehouse) Re: Potentially disastrous bug in MacInTax (John Stanley) Re: Risks of too-subtle April Fools Jokes (Pete Mellor) Re: Long call wait for London Ambulances (Lord Wodehouse) A New Species in the Food Chain (Ruth Bork) Re: FBI and telephones (James Zuchelli) Re: Telephone Foibles (James Zuchelli) More on electronic anklet (Brinton Cooper) Michelangelo - Avoidance report (Klaus Brunnstein) Congressional Vote & The Electronics Industry (Philip Greenspun via Carl Baltrunas & Cherie Marinelli) Industrial Strength Formal Methods -- Call for Papers (Cliff B Jones) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line. Others may be ignored! Contributions will not be ACKed. The load is too great. **PLEASE** INCLUDE YOUR NAME & INTERNET FROM: ADDRESS, especially .UUCP folks. REQUESTS please to RISKS-Request@CSL.SRI.COM. Vol i issue j, type "FTP CRVAX.SRI.COMlogin anonymousAnyNonNullPW CD RISKS:GET RISKS-i.j" (where i=1 to 13, j always TWO digits). Vol i summaries in j=00; "dir risks-*.*" gives directory; "bye" logs out. The COLON in "CD RISKS:" is essential. "CRVAX.SRI.COM" = "128.18.10.1". =CarriageReturn; FTPs may differ; UNIX prompts for username, password. ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. Relevant contributions may appear in the RISKS section of regular issues of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise. ---------------------------------------------------------------------- Date: Mon, 20 Apr 92 20:46:30 -0700 From: Cliff Stoll Subject: Typos? They've been around for centuries! (Re: Ellison, RISKS-13.42) Well, you sure don't need a computer to make typos. 1562 - Geneva bible Matt. v, 9 reads: "Blessed are the placemakers: for they shall be called the children of God." ^^^^^^^^^^^ (oughta be peacemakers) 1653 - Cambridge printer screws up I Cor. vi, 9: "know ye not that the unrighteous shall inherit the Kingdom of God? 1691 - Barker & Lewis in London printed a bible with the seventh commandment, "Thou shalt commit adultery." (they were fined 300 pounds and went out of business) 1702 - London firm prints bible with Psalms cxix, 161: "Printers have persecuted me" (should be "Princes..." 1716 - First bible printed in Ireland has John v, 14 as: "sin on more" (instead of sin no more) Things might have improved since then. But maybe not... [No. Now it would be "Blessed are the pacemakers." By the way, Pete Mellor sent in a further collection, not included here, but suggested that this subject be moved to rec.humor. I agree with him. No more typos unless really RISKS relevant, e.g., life critical. PGN] ------------------------------ Date: 21 Apr 92 14:35:00 BST From: Lord Wodehouse Subject: Phantom ATM withdrawals The state of affairs in the UK with the banks over "phantom" withdrawals from ATMs is still unresolved. However recently the Abbey National PLC have suffered a spate of thieves driving up with a JCB and removing completely the ATM from the branch office. The last one got away with about 60,000 pounds. They strike at about 4am and they normally have stolen the JCB as well from a local building site. (By the way any puns made on the basis that the Abbey National was once a building society are too "awefull" to mention.) Lord John - The Programming Peer. ------------------------------ Date: Mon, 20 Apr 1992 03:20:03 GMT From: stanley@skyking.OCE.ORST.EDU (John Stanley) Subject: Re: Potentially disastrous bug in MacInTax (Knapp, RISKS-13.42) As a user of another ChipSoft product, I am not surprised. _TurboTax_ provides absolutely no way to indicate that a distribution from a retirement plan that was rolled into an IRA, yet is shown as taxable in the 1099's, should not be taxable income, other than changing the data on the 1099. This is not the more serious error. Unknown codes on the 1099's cause _TurboTax_ to lose track of income that really should be taxed. There is a warning notice (shown without the "*" that marks "serious" problems), but none of the codes that _TurboTax_ DOES know about cause it to handle this information properly. The only apparent solution is to delete the offending 1099 and enter the numbers in a fake w-2. Is this a risk of computers, though, or a risk of the overly complex tax codes, which cause some less than competent accountants to report sales of stock as "self-employment" income, which TurboTax quite happily calculates self-employment tax on? Or is it truly a risk of computers, and software authors who assume that nobody needs anything but codes 1-7 and A-B defined for 1099's? ------------------------------ Date: Tue, 21 Apr 92 13:45:59 BST From: Pete Mellor Subject: Re: Risks of too-subtle April Fools Jokes (RISKS-13.37) One year when April 1st fell on a Sunday, the UK national Sunday paper The Observer carried a story about a proposed new method of operating London buses without drivers. Each vehicle would be fitted with a video camera in the cab, and the images would be relayed to a control centre where, with the aid of a computer control system, one controller would "drive" up to seven buses remotely, sitting in front of a bank of monitor screens on which the view of the road ahead of each bus would be displayed. I was a bit cross when I got to the end of the article and realised that I had been taken in. However, having seen some of the serious proposals for "drive-by-wire" cars, I think that maybe I was being too hard on myself! :-) Peter Mellor, Centre for Software Reliability, City University, Northampton Sq., London EC1V 0HB, Tel: +44(0)71-477-8422, JANET: p.mellor@city.ac.uk ------------------------------ Date: 21 Apr 92 14:50:00 BST From: Lord Wodehouse Subject: Re: Long call wait for London Ambulances (Tompsett, RISKS-13.42) One point not made by Brian Tompsett in his contribution was the problem of a single event generating multiple calls. The controller stated that often a single accident in central London could generate 30 calls to the control room. Each one of these needed to be screened, as until this is done, no one can know if the call is new or old. With eleven staff on duty, it is no surprise that the system fails to cope, as the operator must stay connected to the caller until it is confirmed that an ambulance has been despatched to the scene. With this sort of system, any problem can quickly overcome the reserves in the system and thus leave the new callers "trapped" talking to the BT operator, who is listening to the recorded message. The computer system should allow for faster despatch, but again the problem is the number of vehicles available at the time. The solution of many more operators does not solve the problem when costs are constrained, so what is needed is a method of clearing through the calls fast to get rid of the duplicates. I am aware of this myself, having recently called the Fire service, having seen a car on fire, and not been the first caller. However I needed to call, because I could not tell if anyone else had reported the problem, and I did not want to ignore it in case everyone else had ignored it too. Lord John - The Programming Peer. ------------------------------ Date: Mon, 20 Apr 1992 22:11 EST From: OHS@northeastern.edu Subject: A New Species in the Food Chain Many risks, and in such a short announcement; I quote from our local Johnnie's Foodmaster grocery-chain store advertisement: Charlestown, MA (April 27th, 1992)--Foodmaster Supermarkets is pleased to announce a new electronic payment system to be used for making purchases at three Foodmaster stores. Foodmaster is excited to be the first in the area to offer this new service to its customers. Any customer who has a Yankee 24(R), BayBank or X-Press 24(R) [ATM] Card can utilize this system. The customer at the point of checkout simply passes their card through the magnetic reader located at the checkout and punches in their secret I.D. number and the transaction is automatically processed. Foodmaster is pleased to be working in conjunction with Yankee 24, BayBank and Manta Systems, a division of BUYPASS [a sad play upon words]. This new service will be available in...stores in the month of April." Although the language carefully and slightly hints otherwise, I assume the service is optional (or perhaps the copy writer is prophetic). The usual obvious risks apply, such as PIN protection (both external and internal), sale to others of both the customers' names and/or their buying-habits and multi- bank information (remember the Denver supermarket note a few RISKS issues back?), etc. However, there is now a new twist: banks, _never_ tiring of riding herd on their yet-to-succeed debit-card pursuits, are now putting this pressure on with attractions via one of the consumer's most vulnerable points, viz., the basic staple of food. I wonder if supermarket check-cashing will shortly become more "complicated".... Ruth Bork OHS@NUHUB.ACS.NORTHEASTERN.EDU ------------------------------ Date: 20 Apr 92 08:16 GMT From: TMUG@applelink.apple.com (Tri-Valley Macintosh Users Group,UG) Subject: Re: FBI and telephones (RISKS-13.41) It seems rather frightening that the FBI needs to be able to monitor the telephone conversations of any individual in the nation at any time. In their zeal to protect us from criminals they seem to be intent on being able to snoop without warrant or reason. Further, from my reading of the bill, encrypted messages could be included in the list of forbidden technology. Wouldn't this please the NSA? Has the FBI done any type of study that shows there is a wholesale use of the telephone system by criminals or is this merely a smoke screen to enable the federal police to have the ability to monitor any individual or group at any time. What happens when non-governmental persons learn of the access techniques. If the entire nation's phone system is set up so it can be tapped, then no conversation can be considered secure. This proposed law sounds like a terrible abuse of power by the FBI. Until they can show some valid reason for having the ability to tap every conversation in the country this bill should be tabled. Furthermore, from what I have read over the years, the equipment is already available to enable the government to tap any phone anywhere whenever they want to. James Zuchelli ------------------------------ Date: 20 Apr 92 08:04 GMT From: TMUG@applelink.apple.com (Tri-Valley Macintosh Users Group,UG) Subject: Re: Telephone Foibles The alternate phone company was located in Texas. They assumed that it was toll fraud call and credited me for the calls. Michigan Bell said that my local phone company (Pacific Bell) would have to investigate if it was a fraudulent call. Pacific Bell said they wouldn't do anything about it. I got the number where the calls were billed from, from the alternate carrier and tried to call it, but the call would not go through. A Michigan Bell operator said the phone booth was set up to only send calls out, no incoming calls would be accepted. She said that *** a nationally known company is located in Ada and one of their employees probably made the call, but offered no explanation as to why someone who might have stolen my card number would only make two calls. When I pointed out that public phones that won't take incoming calls are usually located in high crime areas, the operator seemed surprised. I got the feeling that there are a lot of fraudulent calls made from Ada. If I ever can find out exactly what happened I will relay the info to Risks Forum. James Zuchelli ------------------------------ Date: Thu, 16 Apr 92 0:14:54 EDT From: Brinton Cooper Subject: More on electronic anklet (Re: RISKS-13.38) Subtitled: Risks of Quote without Comment RISKS-13.38 quotes AP from Paterson, NJ, that a drug offender under house arrest killed another man after a computer error enabled him to break his electronic anklet and leave the house. The risk in such a posting, without some sort of qualifying comment is to seem to endorse the notion that society should not use electronic, computer-controlled house arrest systems because the "prisoners" can break away and commit murder. At some point in our evolving history, we need hard information (hard to come by?) comparing the risks to society of electronic house arrest vs 1. having to set some prisoners free because the jails are full; 2. cramming more prisoners into fixed-size jails, thus ensuring their everlasting rage and resentment, fixing forever what mental ills brought them there in the first place so that, when they finally serve their sentences, they'll kill someone with probability one; 3. taxing law-abiding citizens ever more heavily to build more jails to house the criminals, thus increasing everyone's resentment levels, pushing more "over the edge," creating yet more criminals. If our interest in the failure of electronic house arrest monitors is purely scientific/technical, if such postings are made only so that we can discuss how to make such systems more robust and less susceptible to overload, then, once in a while someone should say so. Well, I may have overreacted, but I think it needed to be said. _Brint ------------------------------ Date: 8 Mar 92 13:27 +0100 From: Klaus Brunnstein Subject: Michelangelo - Avoidance report [An old item. I meant to run it sooner, when it was timely, but it is still relevant. PGN] In Germany, early warnings and high press activity helped to avoid data loss on March 6, 1992. From the German CERT's (Computer Emergency Response Teams, as installed by German Information Security Agency, GISA, similar to US centers as organised by CMU), including MicroBIT Virus Center, Technical University of Karlsruhe (Christoph Fischer), Virus Test Center, University of Hamburg and GISA itself, the following figures have been given: - Between Jan.1st and March 5, 1992, about 1,000 cases of Michelangelo had been reported to one of the centers. Roughly estimated, about one third each came from individuals, small enterprises and medium to larger enterprises. As a rough estimate, these 1,000 reports (mostly via telephone asking for advice after detection) represent about 5-10,000 PCs. - On March 5, 1992, the first accident was reported to VTC; a local enterprise followed some press advice to change the date. In order to avoid March 6 the next day, they changed the date to March 6 at afternoon of March 5, evidently without checking for Michelangelo. After some reset, Michelangelo hit one PC. Moreover, there were rumors that some PCs had suffered from Michelangelo as Feb.29 1992 was not available on their PCs. - On March 6, 1992, about 50 cases were reported in the 3 centers; apart from individuals, small enterprises called but no large ones. This low figure may be slightly too low as telephone lines were busy most of the time with media asking for recent data; in VTC, we had even a TV team waiting for accident reports to come in. >From the media point ov view, the warning was inadequate as nothing happened. This view was assisted by some "experts" such as Chaos Computer Club that the press reports and warnings were essentially advertisements for Hannover fair's next week beginning CeBit (world's largest exhibition in IT), and to assist antivirus industry. CCC's representative Mr. Steffen Wernery even argued that the virus should not been named "Michelangelo" but after one warner (myself), and that the only 100 viruses (sic; in VTCs database, we presently have 1,200 viruses) are no real danger! >From the warner's point of view, the warning was successful as it probably avoided accidents. But as is usual since ancient times, the messenger is punished for the warnings - I was even asked whether I received more invitations for lectures etc (I did not). After we first informed the public (German press agency, DPA, end-of-January), VTC received more than 6,000 telephone calls (as recorded by university telephone computer), most of them asking for general antivirus advice. MicroBIT (Christoph Fischer) and VTC both (Morton Swimmer) produced and distributed (free-of-charge) special aNTI-MICHelangelo programs easy to use which also detect and diagnose possible variations of date (not yet detected). When we informed the public (via DPA etc) about availability of NTIMICH (on Friday 21, 1992), we received about 18,000 diskettes with prepared envelopes. My students copied 14,000 diskettes (they even found viruses on some diskette sent, esp. Stoned, Michelangelo), the rest being copied and distributed by Siemens-Nixdorf (SNI) which kindly assisted us. All diskettes were sent back until Wednesday March 4, 1992. Moreover, NTIMICH was available from FTP, mailboxes, BTX and even from some radio/TV stations. In addition, a German TV magazine (1st channel: WISO, specialized in economic and social features) dis tributed 100,000 copies of McAfee's Scan at low price (2 DM) via consumer organisation's offices. As a SUMMARY, this was probably the first time that many users and enterprises had prepared some data backup and practices some antivirus methods. Consequently, many other virus (Stoned, Cascade/170x, Jerusalem/Isreali/Friday 13) were also detected and eradicated. Moreover, public attention was drawn to inherent insecurity of PCs. Some CONSEQUENCES will follow: some users who bought PCs with installed Michelangelo or on some diskettes (mouse, VGA drivers etc) think of prosecuting the resp. dealers. Some PC dealers (and hopefully some software houses) have installed improved methods of quality (e.g. virus testing on golden master). Many now ask for improved LEGISLATION to prosecute virus authors. This will be very difficult as those countries with presently most productive virus factories (Bulgaria, Taiwan, Former Soviet Union) lack any legislation about copyrights or computer criminal acts. For US and European prosecutors, it will be impossible to prosecute the (probably Taiwanese) authors of the original Michelangelo virus (detected in Australia 1990, with a text on Michelangelo's birthdate replacing the usual Stoned text) or those (probably European) authors which updated the original version not to contain any detectable text (this version now found in Europe, USA and Africa was detected in March 1991 in Sweden and Netherland; both countries have no adequate legislation). Klaus Brunnstein, University of Hamburg, March 8, 1992 (13:00 pm German time) ------------------------------ Date: Sat, 18 Apr 92 03:42:26 PDT From: carl@udwarf.tymnet.com (Carl Baltrunas & Cherie Marinelli 1.5v4) Subject: Congressional Vote & The Electronics Industry I had this article forwarded to me and since I had not seen anything in RISKS about this particular congressional vote, I thought it might be of interest to other risks readers. -Carl ------- Forwarded Article from misc.legal.computing Date: 17 Apr 92 19:32:31 GMT From: philg@zurich.ai.mit.edu (Philip Greenspun) Newsgroups: misc.legal.computing Subject: US Congress votes to subsidize Japanese electronics industry Message-ID: In the decades to come, every American computer user who purchases floppy disks will pay a tax. Most of the money collected will go to record companies owned by foreigners, notably Sony, Philips and Matsushita. Congress, after receiving substantial campaign contributions from the recording industry, has decided that Americans are criminals who don't want to pay for CDs. Therefore digital audio media such as DAT tapes and writable optical disks will be taxed and the money handed over to record companies and artists. Just as consumer DAT and 8mm video tape have become the standard high-capacity backup media for workstations/minis, it is likely that writable optical digital audio disks will replace today's magnetic floppy disks. Sony and Matsushita own two of the largest record companies in the US and would get the most money from this bill. Two years from now, every time American users of IBM computers make a backup, they'll be paying a tax to help out IBM's Japanese competitors. Additional reasons to dislike this bill are varied. It will be illegal to sell consumer digital audio recorders in the US that can make digital-to-digital copies after one generation. You'll pay a tax on your shiny new Japanese machine, you'll pay a tax on the tape and when you try to assemble a recording of your own music, all you'll get is a big flashing "you are a criminal sign." You'll have to spend $5,000 on a "professional" machine in order to gain any real benefit from the new products. Congress is creating a new government bureaucracy to administer the tax collection from Americans and subsequent distribution to foreign-owned record companies. Manufacturing digital audio equipment will now require hiring a lawyer to wade through over one hundred pages of legal requirements and technical specifications, thus hindering small American companies in competing with large foreign ones. Finally, now one seems to have considered whether this will "promote the progress of the arts", which is the constitutional justification for expanding copyright. Since the money is distributed linearly according to sales, only the biggest record companies and most popular stars will get any significant money. You can stop this bill from passing. Congress is sticking it to us because the recording industry paid them and they don't think anyone will notice. CSPAN and most newspapers haven't covered this issue at all because the bill has dozens of co-sponsors and is therefore considered non-controversial. If a Congressman gets even a few letters regarding this bill, which he's probably hardly thought about at all, it might be enough to make him think that subsidizing Japanese computer vendors isn't such a great idea. The bill is going to be voted on in about two weeks. It is called the "Audio Home Recording Act of 1991" and is S-1623 in the Senate and HR-3204 in the House. You can write to your elected representatives this way: Senator Foo Bar The Capitol Washington, DC 20510 Representative Foo Bar The Capitol Washington, DC 20515 If you want any more information, please feel free to contact me (philg@altdorf.ai.mit.edu). I testified before the relevant Senate subcommittee last Fall as the "nerd witness from MIT." ------- End of Forwarded Article from misc.legal.computing PS: I make NO claim for the accuracy of this article. Please contact the author as listed in the mail header for more information. -Carl Carl A Baltrunas - Catalyst Art Cherie Marinelli - Bijoux Internet: carl@udwarf.tymnet.com, carl@udwarf.UUCP carl@tymnet.com cherie%udwarf@tardis.tymnet.com UUCP: uunet!oliveb!tymix!udwarf!{carl or cherie} [I include this in RISKS with some trepidation. Recognizing that RISKS is a truly international medium and that this message is quite nationalistic, I anticipate some other opinions -- although I would like to see them primarily on the potential impact on computer usage (not on the Japanese competition issue or whether to feed the artists, which are well beyond the scope of RISKS). PGN] ------------------------------ Date: Mon, 20 Apr 92 13:06:45 BST From: Cliff B Jones Subject: Industrial Strength Formal Methods -- Call for Papers FME '93 SYMPOSIUM "INDUSTRIAL STRENGTH FORMAL METHODS" Sponsored by the Commission of the European Communities (CEC) Organised by Formal Methods Europe The first FME Symposium will be held at Odense Technical College in Denmark, during the week of 19 to 23 April, 1993. It is being organised by Formal Methods Europe, as the successor to the last four VDM symposia, to promote the interests of users, researchers and developers of precise mathematical methods in program development. The last few years have borne witness to the remarkable diversity of formal methods, with applications to sequential and concurrent software, to real-time and reactive systems, and to hardware design. In that time, many theoretical problems have been tackled and solved, and many continue to be worked upon. Yet it is by the suitability of their industrial application and the extent of their usage that formal methods will ultimately be judged. This symposium will focus on the application of industrial-strength formal methods. We encourage all papers to address the difficulties of scaling their techniques up to industrial-sized problems, and of their suitability in the work-place. Papers should discuss techniques that are formal (that is, they have a mathematical basis), and that are industrially applicable. Papers tackling theoretical issues are much encouraged, providing that they contain a justification of the practical advantages that follow. Full-length research papers, industrial reports, proposals for tutorials and tool demonstrations are solicited, particularly in the following areas: * Practical use * Case studies * Tools * Linking formal and informal methods * Comparisons of formal methods * Proof * Concurrency * Real-time and reactive systems * Refinement techniques * Object orientation * Secure systems * Safety-critical systems * The development process * Education and technology transfer 1 October 1992: Submissions - Full, original research papers (6 copies, 12pt, single spaced, max 20pp) - Industrial usage reports (6 copies, 12pt, single spaced, maximum 10pp) - Proposals for tutorials (half day, maximum 50pp of notes) - Proposals for tool demonstrations (with hardware/software requirements) Proposals for tools demonstrations should be send to the organising chairman, while all other proposals should be send to the programme chairman. Industrial usage reports do not need to conform to usual standards for academic papers. 1 December 1992: Notification of acceptance 1 February 1993: Camera-ready copy due for publishers Programme Chairman Organising Chairman Jim C.P. Woodcock, Peter Gorm Larsen, Oxford University The Institute of Applied Computing Laboratory, Computer Science (IFAD), Programming Research Group Forskerparken 10, 11 Keble Road, DK-5230 Odense M Oxford OX1 3QD, UK Denmark tel: +44 865 272576 tel: +45 65 93 23 00 fax: +44 865 273839 fax: +45 65 93 29 99 email: jimw@prg.ox.ac.uk email: peter@ifad.dk Executive Programme Committee J.-R. Abrial (F) Tim Denvir (GB) Eugene Durr (NL) Ian Hayes (AUS) Steve King (GB) Hans Langmaack (D) Micheal Mac an Airchinnigh (IRL) Kees Middelburg (NL) Soren Prehn (DK) Hans Toetenel (NL) ------------------------------ End of RISKS-FORUM Digest 13.43 ************************