Subject: RISKS DIGEST 13.81 REPLY-TO: risks@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Friday 18 September 1992 Volume 13 : Issue 81 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Bounced cheque libel (Terry Gerritsen) NYT reports on Smart autos; on Computer graphics at trials (John Sullivan) A simpler risk of computerized warrant systems (Phil Karn) Outstanding Warrants? (William D. Bauserman) More Arrest warrant database problems (Kraig R. Meyer) Re: Arrest Warrants (Lauren Weinstein, Randall Davis) Airliners playing chicken (David Wittenberg) Postal service privacy RISK (Daniel Burstein) Re: Phone numbers in popular entertainment (Sneakers) (David Paschich) Re: Drunk driving (Toby Gottfried, Jim Haynes) CPSR Files Suit Against FBI Over Wiretap Proposal (David A. Banisar) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line. Others may be ignored! Contributions will not be ACKed. The load is too great. **PLEASE** INCLUDE YOUR NAME & INTERNET FROM: ADDRESS, especially .UUCP folks. REQUESTS please to RISKS-Request@CSL.SRI.COM. Vol i issue j, type "FTP CRVAX.SRI.COMlogin anonymousAnyNonNullPW CD RISKS:GET RISKS-i.j" (where i=1 to 13, j always TWO digits). Vol i summaries in j=00; "dir risks-*.*" gives directory; "bye" logs out. The COLON in "CD RISKS:" is essential. "CRVAX.SRI.COM" = "128.18.10.1". =CarriageReturn; FTPs may differ; UNIX prompts for username, password. For information regarding delivery of RISKS by FAX, phone 310-455-9300 (or send FAX to RISKS at 310-455-2364, or EMail to risks-fax@cv.vortex.com). ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. Relevant contributions may appear in the RISKS section of regular issues of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise. ---------------------------------------------------------------------- Date: Sat Sep 19 21:02:45 1992 From: ember!vicuna@math.uwaterloo.ca From: terry@gtm-inc.com (Terry Gerritsen) Subject: Bounced cheque libel SPALDING, England - -In what is being hailed as a landmark decision, a bank that mistakenly bounced a client's cheques will pay more than 50,000 pounds in libel damages, a British court has ruled. The July decision from the High Court concluded a nine-year legal battle between Brian and Margaret Allen, operators of a Lincolnshire meat firm, and Llyods Bank. The conflict began in 1983 when several cheques from the Allen's company were returned by the bank unpaid and marked "Refer to drawer, please re-present," even though there were sufficient funds in the account to cover them. The Allen's counsel, Micheal Tugendhat, said that the couple took the bank to court because they wanted to "eradicate publicly any doubt about their financial soundness and credit worthiness" created by the error. The libel case is believed to be the first of its kind to reach British courts in this century. Expert Mark Stephens commented that the problem is common but "very few people, including lawyers, are aware that it amounts to libel. The suggestion is that someone issued a cheque knowing he had insufficient funds to meet it, and that can be a very serious libel. (The Lawyers Weekly) Terry Gerritsen, G.T.M. Incorporated, Kingston, Ontario (613) 384 0162 terry@gtm-inc.com Fax: (613) 389 4594 ------------------------------ Date: Thu, 17 Sep 92 12:01:21 CDT From: sullivan@geom.umn.edu Subject: NYT reports on Smart autos; on Computer graphics at trials The New York Times business section for Sun 6 Sep 1992 had an article on Forensic Animation, using computer graphics reconstructions of events as trial evidence. Lawyers seem enthusiastic, because this will entertain the jury. One (who lost his case) said jury members told him afterwards that they liked the "cartoons". There have been challenges to the use of such animations. In one murder trial, the defendant said he thought the victim had a raised gun in his hands. The prosecution's animation showed a [stick?] figure of the victim walking with arms down, but the judge only let that segment be shown with the victim "represented by a gray dot". A Houston lawyer is quoted as saying that once one side has an animation, the other side "starts scrambling" to get its own, since "they are so taken with" the idea. Thus they don't tend to challenge the animations. The Sun 13 Sep business section has a short note on computer backups during Hurricane Andrew at Grand Met's Miami computer center. These are presented as quite successful, though I was surprised that this involved spending 8 hours making tape backups, hiding them while the storm came through, and then flying them out by helicopter once it had passed. This issue (13Sep) also has a long article on "intelligent cars", discussing infrared vision systems for night driving, an "autonomous" cruise control, and collision avoidance. These are being investigated by the European Prometheus project, and the article reports on tests made by Jaguar. The infrared image would be displayed on a CRT or on a heads-up display on the windshield. The new cruise control would attempt to keep two seconds behind another car. Developers (at the British firm Lucas Automotive) say they chose not to give it the ability to apply the brakes fully, so as not to scare drivers. But they hope that "once people trust the computers to operate the various functions on the car for them, they will then allow the computer to do more for them in the future". They do seem to be paying attention to the fact that (unlike fighter pilots) drivers of these cars will not be specially trained: "the average guy must drive the vehicle". Thus "company secretaries" have been testing the cars at Jaguar. The collision avoidance system is envisioned at the moment as only providing warnings, not actually interfering with the driver. It might be able to warn drivers who are dozing off. The Europeans hope to have these systems available within 5 or 10 years; American car companies admit they are a bit behind "because of all the government subsidizing" in Europe. -John Sullivan, The Geometry Center, Univ of Minnesota sullivan@geom.umn.edu ------------------------------ Date: Sat, 19 Sep 92 16:49:26 -0700 From: karn@servo.Qualcomm.COM (Phil Karn) Subject: A simpler risk of computerized warrant systems There's another risk associated with these new computerized warrant systems, at least when they're installed in police cars where they can be used by the drivers. An exhibit at the San Diego Computer Fair features a police car equipped with a new MDT (Mobile Data Terminal). They're about a year old, and are now in just about every marked San Diego police car. It consists of a specialized keyboard and display mounted to the right of the driver. It allows the user to run license plates and drivers licenses, check for warrants, etc. The system also allows for routine communications, such as checking in and out of service, car-to-car chatting, etc. It can be used for emergency communications such as ordering ambulances, but the officer said that voice was usually quicker for such things. There is, however, a prominent button labeled "EMERGENCY". The equipment was on a swivel mount so it can be used by anyone in the front seat. When I saw it, it was turned to the left so the driver could use it. I asked the officer demonstrating the system whether there was any official policy on the driver's use of the terminal while in motion. He said the only policy so far was to "use the minimum number of keystrokes necessary" while in motion. And, he added with a wry smile, if you have an accident while using it, then by definition you've just exceeded the minimum number of keystrokes necessary. When I pressed him a little further, he admitted to having had a few close calls already. Because the system is so fast and easy to use, the officers run plates with it much more often than when they had to do it by voice. So instead of calling in a request only when they really suspect somebody (e.g., during a stop), they like to drive around semi-continuously punching in license plate numbers. Car-to-car chatting also seems to be popular. Although things will probably improve as the novelty of the system wears off, the safety risk here should be fairly obvious. Phil ------------------------------ Date: 21 Sep 92 20:19:00 UT From: WILLIAM.D.BAUSERMAN@gte.sprint.com Subject: Outstanding Warrants? The recent postings on outstanding warrants reminded me of a problem a friend of mine had about a year ago. This friend owns several wholesale outlets and must travel quite often to procure stock. Because of this frequent travel, he had a tendency to become "lead-footed" and as a result he had quite a few speeding tickets. To make a long story short, a letter from the Roanoke (VA) Police Department arrived at his house one day while he was out of town on business. The letter was addressed to both him and his wife, and since he had not told her he had been to Roanoke in the last few years, she had to open it. The letter basically asked them to come to Roanoke and turn themselves in for hit and run (their van had been seen leaving the accident). Well, since, she had not been to Roanoke the mess hit the fan when he got home. When he finally calmed her down enough to believe that he had not been to Roanoke, they called the police. What they discovered was that, yes there had been a hit and run accident in Roanoke, but the only information the eyewitness could give was that the vehicle was a blue Chevy Astro with license plates AR?-???. Since this was the only lead they had, they pulled the DMV records for all the vans that fit this description and mailed them all a letter. Because he could provide a ironclad alibi the matter was dropped at this point. But what if he couldn't provide an alibi or what if he had really been in Roanoke but still didn't commit hit and run. I imagine it could have been pretty ugly - if not with the police at least with his wife! william.d.bauserman@gte.sprint.com ------------------------------ Date: Wed, 23 Sep 92 13:16:05 PDT From: kmeyer@aero.org Subject: More Arrest warrant database problems (Hanlon, RISKS-13.79) Organization: Trusted Computer Systems Dept, The Aerospace Corp, El Segundo, CA In RISKS 13.79, James Hanlon mentions the problem of people being detained by law enforcement officials because of incorrect or outdated arrest warrants. This apparently is a big problem in California, at least in Southern California. In my two years at college in Los Angeles, I knew two people who were erroneously taken in by the LAPD after being pulled over for routine traffic violations (speeding, etc). A fairly common cause for this may be the traffic school system. In California, if you get a traffic ticket you can usually go to traffic school rather than just pleading guilty and paying your fine. However, if you don't either go to traffic school or pay your fine, eventually the ticket triggers an arrest warrant. My traffic school instructor specifically told us to keep our traffic school completion certificates in our glove compartments for 7 years or there was a reasonably good chance that we'd get hauled down to the station next time we were pulled over for a routine traffic violation. Kraig R. Meyer ------------------------------ Date: Wed, 16 Sep 92 20:19 PDT From: lauren@cv.vortex.com (Lauren Weinstein) Subject: Re: Arrest Warrants (Hall, RISKS-13.80) Greetings. The phenomenon of "surprise" arrests for "minor" offenses is by no means a new one, but the masses of computerized records have probably exacerbated the problem. A friend of mine tells how about ten years ago when she was staying at her parent's home, Culver City police showed up unexpectedly at the front door with an arrest warrant. (Culver City is small city completely surrounded by the City of L.A. Its main claim to fame is the number of film studios, including MGM, within its borders). Anyway, they handcuffed this teenager and led her away. Great fun for the neighbors watching. Why? Turned out she had what they claimed were some unpaid *parking* tickets, which shouldn't have been charged against her in any case since she was a resident of the area who was supposed to be "immune" from that ticketing. The judge they brought her before immediately dismissed them all, but it was still a very embarrassing episode for her. There's just no telling what will pop out of the machines to "roll on" if it's a "slow" day. The classic treatment of the "computer-induced" nightmare through "minor" errors must be the humorous (fictional) piece done by "Datamation" in the early 70's. It shows a trail of correspondence between an unfortunate book club member and a wide variety of computerized systems, and tells, with tongue held firmly in cheek, of his unfortunate demise. (A clue: at the end of the piece, the governor's order to stop the execution is accidentally misrouted...) Lauren ------------------------------ Date: Thu, 17 Sep 92 11:30:18 edt From: davis@ai.mit.edu (Randall Davis) Subject: Re: Arrest Warrants (Hall, RISKS-13.80) ... (I wonder whether there was any human intervention up to the point where the judge issued the warrant.) How can you imagine there wasn't any? How did the information get from the bank to the police? Did the bank computer take the initiative to dial up the police computer? How did the police decide to accept the information as valid and initiate the warrant process? Disclaimer: This story was related to me a few years ago by a former employer. I believe that the facts as I have stated them are essentially correct, though the details are no longer clear in my memory. The story has a strong tone of urban legend. Many crimes involving money have categories of severity depending on amount. Given the alleged facts here the amount in question must have been on the order of $3; perhaps someone with knowledge of criminal law can indicate if there is in fact any state in which a crime involving $3 is a felony. Given that ``looking for him for a while'' had to involve some human action (even to put him on the ``wanted'' list), there was some opportunity for sanity checking; no guarantee of course but unlikely to be missed. If this happened at all, it's far more likely that some serious sized bad checks were written (perhaps ordinary oversight) just before leaving the state, and the combination of events triggered serious action (as it should). The service charges may also have accumulated, but not caused the problem. ------------------------------ Date: Tue, 22 Sep 92 14:22:52 EDT From: "David Wittenberg" Subject: Airliners playing chicken In November (presumably 1991), a Fokker 100, flight 1163 landed on runway 22L at O'Hare. Winds were from 240 at 25 kts. Shortly after landing, they discovered that the thrust reversers weren't working, but the multi-function display unit showed no problems. They then found out that the brakes weren't working either. The stick shaker was on. (A stick shaker literally shakes the yoke to warn that a stall may be imminent.) They took the high speed turnoff onto a taxiway, and then turned back onto runway 22L (going in the other direction, so it could also be called 4 R), just as a United 737 landed on the far end of 22L. Denny Cunningham described it: "The UAL 737 had already touched down on 22L and was rolling head on toward the Fokker. [The Controller] immediately issued a go-around to the next arrival, then started a persuasive campaign to convince the pilot of the 737 on rollout that it would be in the best interest of aviation safety to make the highspeed taxiway without delay. With the radome of the Fokker starting to fill his windshield, the 737 pilot concurred in a tone of amazement not usually heard on ATC frequencies. He managed to clear the runway a few seconds before the Fokker flashed by going in the opposite direction. The Fokker pilot kept one engine running to provide hydraulic power to the steering. At the end of 22L, he turned onto runway 27L, which was being used for take-offs. The planes which were waiting to takeoff were unable to make any room for the Fokker on the taxiway. At this point there were 3 jets rolling on runway 27L. The tower said that it looked like Oshkosh for airliners. The plane just starting its takeoff roll rushed his takeoff to get out of the way. The Fokker finally stopped in the middle of runway 27L, and was towed off safely. Noone was hurt, and there was no damage to any of the airplanes. It turns out that the "squat" switch which determines if the plane is in the air had jammed, so the plane "thought" it was in the air, and safety switches prevented the brakes or thrust reversers from working while the plane was in the air. Shortly after this incident, a captain attended school on Fokker 100s and asked what the appropriate procedure was in the event of malfunctioning ground/flight switches. He was told that there wer no such procedures, because it couldn't happen. This is excerpted from two articles in "IFR: The Magazine for the Accomplished Pilot", Vol. 8, number 9 (sept. 92). They were published under the title "EEK! No Brakes! Ho Hum, just another day at O'Hare; Two airliners playing chicken on runway 22L" "Cockpit View" by Joseph J Poset taken from the May issue of "Airline Pilot", and "From the Tower" by Denny Cunningham. This incident was not directly caused by a computer. Switches are used in all sorts of safety devices, both with and without computers. The danger from computers is that they tempt us to add many more such switches, which will eventually fail. In case anyone is tempted to say that safety features such as the one which prevented the brakes from working should be removed, remember that they are often crucial. The opposite kind of accident happened on 5 July, 1970 near Malton Airport in Toronto, where a DC-8 crew accidentally deployed the aircraft's spoilers in flight, killing all aboard. The (US) FAA then required a placard reading "DEPLOYMENT IN FLIGHT PROHIBITED" over the spoiler lever. A Canadian official called this ridiculous, and instead proposed a placard reading "DO NOT CRASH THIS PLANE". In fact the placard did not prevent a similar (but non-fatal) accident on 23 June, 1973 at JFK. So, placards don't work, and we install safety devices to prevent people from doing stupid things. Then the safety devices fail and cause crashes. All one can do is to try to only add safety devices which help more often than they do damage, and not panic when a safety device does cause damage. We know that will happen, despite all attempts to reduce the frequency. ------------------------------ Date: Fri, 18 Sep 92 05:49 GMT From: Daniel Burstein <0001964967@mcimail.com> Subject: postal service privacy RISK There have been quite a few articles discussing the privacy aspects (or lack thereof), based on the US Postal Service's databases - especially the "forwarding" system. The following article, from "Labor Notes" (7435 Michigan Avenue, Detroit, Mich. 48210, (313) 842-6262) #160, July 1992, is targeted towards labor issues, but people reading this Digest will quickly grasp the RISKS involved with videotaping all postal envelopes. (see additional comments added at end). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Title: Fighting Privatization. Postal workers urge campaign to organize the new, private sector, mailing industry, by Sarah Ryan Text: If top US Postal Service officials have their way, private corporations will sort most of the mail by the mid 1990s. And the jobs will pay little better than minimum wage. But some members of the American Postal Workers Union are hoping to block management's plan with an organizing drive in the private sector mailing industry. A resolution will be presented to the August APWU national convention would, if passed, require the union, which has until now included only governmentemployees, to begin to organize workers in privately-held automated mail processing plants. Over 40,000 postal union jobs have been eliminated in the last two and a half years, and at least 55,000 more are slated to go by 1995. While many postal workers and union officials believe they are losing jobs to "automation," postal work is being pushed into the hands of an alternate, privately-owned, mailing industry. Management calls the process "worksharing." Contractors are eager to jump into mail processing and take advantage of the extremely low wages, absence of unions, new high-speed mail processing equipment, and public subsidies. subtitle: Worksharing A year ago USPS announced that the new Remote Video Encoding operation would be contracted out. Remote encoding was developed as a way to sort mail which cannot be "read" by optical character readers and bar code sorting machines. RVE also allows mail to be sorted without highly trained workers. Some mail, such as handwritten letters, cannot now be read by machines. The new process will transmit the image of these letters through telephone lines to a data entry operator at a video terminal. The worker enters an extract code, and a bar code is chosen by computer and applied to the letter. The operator can be thousands of miles away from the mail. According to former Postmaster General Anthony Frank, the remote video operation will eventually replace most to the nation's 49,000 mechanical letter sorting machine jobs. Over 200 remote keying sites are planned; the first ones are already on line. [the article then goes on to discuss the various financial incentives being proposed by the USPS -and- local governments for the companies setting up these remote operations. It also compares the salaries for the workers. Other tidbits in the piece describe some specific labor issues, use of convicts by the USPS, and the like) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Added comments: No doubt the first few machines will only be used for sorting and bar-code spraying handwritten addresses. HOWEVER, given OCR technology, it would be quite trivial to have EVERY piece of correspondence going through the USPS scanned, and a data list of who sent what to whom could be generated. I can't cite the reference this moment, but I'm pretty sure the courts have ruled that "mail covers" are legal WITHOUT a search warrant. In other words, "they" can look at the return addresses on the letters in your mailbox (or the addresses you send "to") without legal hassles. (Contents, though, are protected, a little...) Seems it may be time to change some laws... ------------------------------ Date: Wed, 16 Sep 92 22:38:14 PDT From: Subject: Phone numbers in popular entertainment (was Re: Sneakers, the movie) In RISKS-13.80, James Zuchelli points out that the movie _Sneakers_ used a real phone number, that of the East Bay IRS office, instead of the normal 555-xxxx used in movies an on TV. PGN then points out that the phone number will be more or less useless for the rest of time because people will be watching the movie on videotape. On a similar vein, I'm sure lots of the RISKS readers are familiar with Douglas Adams' _The Hitchhikers Guide to the Galaxy_, in which a phone number appears and is identified as such early on in the book. The number is the real phone number of the flat in London in which Adams lived while writing the radio series which the book is based on. An introduction to a later collection of Adams' books contained an exhortation not to call the number, as the people currently living there have nothing to do with the book and really wish people would quit calling them up. I think this brings up an interesting issue as we move into an era in which people are identified on the net by their account names and site. We've all heard of incidents where one person's credit record gets confused with that belonging to another person with the same name. The main student system here has recycled several account names as older students graduate and new students with the same name show up, request an account with the now freed name, and inherit that person's net reputation and hate mail. David Paschich ------------------------------ Date: Fri, 18 Sep 92 09:51:08 PDT From: toby@felix.filenet.com (Toby Gottfried) [but this address bounced for PGN] Subject: Re: Drunk driving (Haynes, RISKS-13.80) [The following message, although drifting in RISKS-relevance, is brought to you as a public service. Good advice. PGN] Advice to (responsible) drivers is: don't drink. If you are arrested for DUI, you'll have full confidence in passing any test by a wide enough margin to avoid worrying about the minor inaccuracies of any machine. If you know you are guilty, then be thankful that you were stopped before something serious happened. The RISKS are to life, limb, and property, not the passing or failing of a breathalyzer test. Drivers are tasked with safe driving, not seeing how close they can come to getting away with anything. I apologize if this is off the subject of computer risks, but I tried and was unable to let Jim Haynes' last paragraph go unanswered. ------------------------------ Date: Fri, 18 Sep 92 11:35:09 -0700 From: haynes@cats.UCSC.EDU (Jim Haynes) Subject: Re: Drunk driving (Gottfried, RISKS-13.81) Well, I agree - I druther people didn't drink at all when they drive, and when I gave that advice it was with misgivings that it might be construed as "how to beat the test" rather than scientific advice. I was being a little tongue-in-cheek when I said take the test and fight the results in court -- meaning only to say the machine isn't infallible. I was trying to say with a little bit of humor that you shouldn't risk your future on a breath test when there are better tests available. ------------------------------ Date: Thu, 17 Sep 1992 16:43:51 -0400 From: David A. Banisar Subject: CPSR Files Suit Against FBI Over Wiretap Proposal WASHINGTON, DC, September 17, 1992 Contact: Marc Rotenberg, CPSR Director (202/544-9240) rotenberg@washofc.cpsr.org David Sobel, CPSR Legal Counsel (202/544-9240) sobel@washofc.cpsr.org CPSR Sues FBI For Information About Wiretap Proposal: Seeks Reasons for New Plan Washington, DC - Computer Professional for Social Responsibility filed suit today against the FBI for information about a new wiretap proposal. The proposal would expand FBI wiretap power and give the Bureau authority to set technical standards for the computer and communications industry. The suit was filed after the FBI failed to make the information public. In April, CPSR requested documents from the Bureau about the reasons for the proposal. The FBI denied that any information existed. But when CPSR pursued the matter with the Department of Justice, the Bureau conceded that it had the information. Now CPSR is trying to force the Bureau to disclose the records. The proposal expands the FBI's ability to intercept communications. It would mandate that every communication system in the United States have a built-in "remote monitoring" capability to make wiretap easier. The proposal covers all communication equipment from office phone systems to advanced computer networks. Companies that do not comply face fines of $10,000 per day. The proposal is opposed by leading phone companies and computer manufacturers, including AT&T, IBM, and Digital Equipment Corporation. Many charge that the FBI has not been adequately forthcoming about the need for the legislation. According to CPSR Washington Office director Marc Rotenberg, "A full disclosure of the reasons for this proposal is necessary. The FBI simply cannot put forward such a sweeping recommendation, keep important documents secret, and expect the public to sign off." In a related effort, a 1989 CPSR FOIA suit uncovered evidence that the FBI established procedures to monitor computer bulletin boards in 1982. CPSR is a national membership organization of computer professionals with over 2,500 members based in Palo Alto, California with offices in Washington, DC and Cambridge, Massachusetts and chapters in over a dozen metropolitan areas across the nation. For membership information, please contact CPSR, P.O. Box 717, Palo Alto, CA 94303, (415) 322-3778, cpsr@csli.stanford.edu. ------------------------------ End of RISKS-FORUM Digest 13.81 ************************