Subject: RISKS DIGEST 14.76 REPLY-TO: risks@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Tuesday 20 July 1993 Volume 14 : Issue 76 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Earthquake `early' warning system (Bill Owens) DSS as a stamp tax (Mark Seecof) Privacy report in Canada (Mich Kabay) Remote Control Car Locks (David Plumpton) Airline entertainment systems - a true captive audience (Jon Leech) Re: Strasbourg A320 crash: "Pilot Error" (Flint Pellett) Re: Medical Reimbursements (Dan Yurman, Amos Shapir, Bob Frankston) ATM Fraud/Databases/Ouch! (Russ Smith [2]) CFP94 (George Trubow via Willis Ware) Science and Technology Through Science Fiction Workshop (Miquel Barcelo) The RISKS Forum is a moderated digest discussing risks; comp.risks is its Usenet counterpart. Undigestifiers are available throughout the Internet, but not from RISKS. Contributions should be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with appropriate, substantive "Subject:" line. Others may be ignored! Contributions will not be ACKed. The load is too great. **PLEASE** INCLUDE YOUR NAME & INTERNET FROM: ADDRESS, especially .UUCP folks. REQUESTS please to RISKS-Request@CSL.SRI.COM. Vol i issue j, type "FTP CRVAX.SRI.COMlogin anonymousAnyNonNullPW CD RISKS:GET RISKS-i.j" (where i=1 to 14, j always TWO digits). Vol i summaries in j=00; "dir risks-*.*" gives directory; "bye" logs out. The COLON in "CD RISKS:" is essential. "CRVAX.SRI.COM" = "128.18.10.1". =CarriageReturn; FTPs may differ; UNIX prompts for username, password. For information regarding delivery of RISKS by FAX, phone 310-455-9300 (or send FAX to RISKS at 310-455-2364, or EMail to risks-fax@vortex.com). ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. Relevant contributions may appear in the RISKS section of regular issues of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise. ---------------------------------------------------------------------- Date: Wed, 14 Jul 1993 22:02:28 -0400 (EDT) From: Bill Owens Subject: Earthquake `early' warning system The latest Scientific American has a short piece in the Science and the Citizen department titled 'Fast Moves: Instant earthquake analysis may beat the waves' (August 1993, pp. 22-24). The primary topic is a system being developed at the California Institute of Technology which attempts to analyze seismological data immediately upon receipt, locating the quake and providing information to interested parties within minutes or even seconds. To achieve this, they are building a network of seismological labs in southern California. They appear to be thinking about the risks: Fast-analysis systems like the one at Harvard need not worry about small errors, because "they're not intended to support emergency operations... CUBE [the network] cannot afford to make mistakes" But the real danger becomes apparent from the first paragraph of the article: ...researchers may soon be able to anticipate the effects of an initial tremor, enabling railroads to stop or slow their trains and permit [sic] elevator systems to halt at the nearest floor. While that sort of automatic response would have the potential to be very helpful, it's obviously worrisome. Unfortunately, the system appears to require automation to achieve sufficiently fast response time. It would seem to be a difficult problem to not only analyze tremors without false alarms, but to predict damage well enough to activate only those safety measures necessary... owens@cc.rochester.edu Bill Owens, 727 Elmwood Avenue, Rochester, NY 14620 716/275-9120 ------------------------------ Date: Tue, 20 Jul 93 17:05:57 -0700 From: Mark Seecof Subject: DSS as a stamp tax Many people raised in the U.S. are unfamiliar with general stamp taxes. We know about excise taxes (e.g., liquor) with payment evidenced by stamps, and tax stamps to validate specific documents (e.g., hunting licenses). But (to my perhaps inadequate knowledge) the U.S. hasn't had a general stamp tax since the War of Independence. England had one years ago... most signatures on receipts for money or bills of sale were invalid unless scrawled across postage stamps. England still imposes stamp taxes on some business transactions, e.g., transfer of real property. NIST's proposal to "license" the DSS to PKP, forcing "the rest of us" including all who wish to transact business with the U.S. government to pay PKP every time we sign something digitally amounts to the imposition of a general stamp tax. Worse, it is a tax imposed by the government for the benefit of private persons (those who are paid by PKP). Attempts by George III's government to impose various stamp taxes on American colonists 200-odd years ago fueled revolutionary sentiment among them... ------------------------------ Date: 15 Jul 93 10:02:09 EDT From: "Mich Kabay / JINBU Corp." <75300.3232@compuserve.com> Subject: Privacy report in Canada A report in the Globe and Mail newspaper in Canada (Wed, 14 July 1994; #44801, page 1) by Geoffrey York of the Parliamentary Bureau is entitled "Privacy report warns of `Big Brother' computer; Linked government databases called ominous." Here is a summary. The Canadian federal government's privacy commissioner, Bruce Phillips, submitted a report warning that electronic data interchange among government computers could bring Orwellian Big Brother consequences to society. The government is proposing to establish booths where residents could transact government business; however, users would have to provide personal identification numbers, photographs, and fingerprints to be permitted to use these booths. The commissioner is concerned about the routine exchange of private information among people "whose right to the information is, at best, debatable." He also criticized the growing use of electronic surveillance and monitoring in the workplace. He urged Canadians to push for broader privacy rights and guidelines to control government use of electronic networks. Michel E. Kabay, Ph.D., Director of Education, National Computer Security Assn. ------------------------------ Date: Thu, 15 Jul 1993 13:48:44 +1000 From: plumpton@cc.uow.edu.au (David Plumpton) Subject: Remote Control Car Locks There was an article on the news the other night featuring a rather homemade looking device that a man had purchased for A$150 in Malaysia. This gizmo records and then transmits the codes that unlock car doors (or garages etc). A thief loiters around with the device set to receive as somebody is leaving their expensive looking car. When a remote control is used to lock the car, the signal is picked up and recorded by the device. The car owner wanders off, thinking that the car is secure. The thief sets the device to transmit, and hey presto the car unlocks itself for the thief. Such an elegant and simple idea; I'm surprised that it took this long for someone to think of it (I certainly didn't). [*] The Australian police want the device made illegal (possession of it, I guess). What's the bet that the police will have legal use of it, though. Looks like pretty soon, remote controls will need time-stamped encryption techniques... [* Remember the movie *WarGames*, and the door-control touch-tones beaten by a record-and-playback attack? It's an old form of vulnerability for fixed authenticators. However, remember that even one-time tokens may be compromised if they are not properly incorporated into the system. PGN] ------------------------------ Date: Tue, 20 Jul 93 14:23:27 -0400 From: Jon Leech Subject: Airline entertainment systems - a true captive audience An article "Bottom Line Key In Video Systems" (Aviation Week, July 19, 1993, page 53) describes upcoming per-seat interactive video systems which will be eventually be installed in many aircraft. The last paragraph touches on privacy concerns: "On-board passenger entertainment systems also offer airlines a powerful marketing research tool. Master control unit software can be modified to log passenger viewing habits and game use. Inventory records can be adjusted automatically as meals and beverages are served. Passengers also can be asked to provide selected demographic data." This is similar to the credit-card supermarket checkout systems, with the added bonus (for the airline) that they know just who is sitting in every seat - even the fact that someone *doesn't* watch TV will be noted. Not that this seems like a significant privacy concern. But it's bad enough that we have to put up with advertisements for the airline blasting out of the speakers and garrulous twits who rattle away on Airphones in the next seat, without new annoyances such as this. Jon (leech@cs.unc.edu) ------------------------------ Date: 9 Jul 93 14:22:04 GMT From: flint@gistdev.gist.com (Flint Pellett) Subject: Re: Strasbourg A320 crash: "Pilot Error" (Mellor, RISKS-14.74) > The conclusion on the cause of the accident is "pilot error". More of a user-interface design error, if you ask me. If you overload a person with things to do and input to consider to the point where they can no longer keep up, it is hardly reasonable to simply brush it off as "human error" when they fail to keep up. This particular risk is one in which I think more computerization ought to be possible, and even good. A computer in the cockpit ought to be able to monitor the fact that "we're dropping 1100 m/s and we're only at 1500 m altitude" (along with quite a number of other things as well), prioritize potential problems, and then issue a verbal warning to the pilots if any problem gets life threatening like this. (Hopefully before it is too late to do anything.) The frequency of warnings are critical of course: if it cries "wolf" too often, it will get ignored. Flint Pellett, Global Information Systems Technology, Inc., 100 Trade Centre Drive, Suite 301, Champaign, IL 61820 (217) 352-1165 flint@gistdev.gist.com ------------------------------ Date: Thu, 15 Jul 93 10:30:03 PDT From: Dan Yurman Subject: System Dynamics of Medical Reimbursements SYSTEM DYNAMICS OF MEDICAL REIMBURSEMENT PROBLEMS Sanford Sherizen (3965782@mcimail.com) writes in Risks Digest 14.75 regarding the risks of incomplete management processes as well as faulty computer systems regarding medical reimbursement systems. The emphasis is more on the dynamics of the system than any particular computer risk. 1st: many physician practices "offload" their entire billing operation to service bureaus. 2nd: these service bureaus earn a fee for timely payment regardless of source, e.g., the patient or his/her insurance carrier. 3rd: some group practices, and large practices like HMOs, offer their service bureaus incentives for timely turnaround on receivables as well as penalties for failure to produce. This creates an incentive for the service bureau to aggressively bill both the patient and the insurance carrier and worry about sorting out double payments, if at all, later on. The reinforcing loop for the service bureau is to churn payments as fast as possible regardless of source. The more quickly their doctor customers get paid, the more robust their incentive fee. From a systems perspective there is no balancing loop to insure integrity in the service bureau's records with regard to the source of the payment, only that an amount has been tallied and the client physician office has covered its receivables. The service bureau cheerfully "offloads" the issue of reconciling mistakes in the source of payment to the patient. Their view is that patients will "know" and have "proof" that the bill for service has been covered. Here is tiny (pop. 45,000) Idaho Falls, ID, we have one such service bureau which exactly follows this model of aggressive practice in double billing the patient and the insurer. Further, there is an long lag (60+ days) in reconciling payments from insurers with copayments from patients. Complaints to the provider have little effect. Once billing is offloaded to the service bureau, there is no one left in the doctor's office who is able, besides the doctor, to deal with the problem. As long as he/she is getting paid, the doctor has no special interest in patient billing problems with the service bureau. Typically, the doctor's office computer system is tied in directly to the service bureau. When the doctor looks at the system, the accounts are ok, and problems of double billing to the patient are invisible. Patients have an opportunity to create a balancing loop if it is external to the doctor/service bureau system. Patients could form a consumer action organization which would intervene on their behalf, privately and publically, with service bureaus and their customers. The annual cost to a patient, e.g, on the order of $25/year, would be cost effective when compared to the average annual health bill of a family of four, e.g, $2,000-3000/year at a minimum. Insurance companies, which are probably also fed up with aggressive double billing from service bureaus, might have an incentive to support such organizations. This would be especially true for those employers who self-insure and hire companies like Mutual of Omaha or Prudential to simply process the paperwork. The reference to these firms is for example purposes only, and is not intended to imply any connection to service bureau practices. Dan Yurman, PO Box 1569, Idaho Falls, ID 83403 dyurman@igc.apc.org 3641277@mcimail.com ------------------------------ Date: Sun, 18 Jul 1993 17:02:38 +0300 From: Amos Shapir Subject: Re: Medical Reimbursements and Computer Glitches This indeed may be quite common - an almost exactly identical incident happened to me -- about 10 years ago. It seems the lab bill is handled separately, and the lab computer (or their collection agency's computer) is not informed that the bill has been paid. Amos Shapir, The Hebrew Univ. of Jerusalem, Dept. of Comp. Science. Givat-Ram, Jerusalem 91904, Israel amos@cs.huji.ac.il Tel: +972 2 585706 ------------------------------ Date: Wed, 14 Jul 1993 23:50 -0400 From: Bob_Frankston@frankston.com Subject: Re: Medical Reimbursements and Computer Glitches I've long tried to track medical insurance payments. It isn't easy. In this example the user relied on the lab to assure that there records were correct and become aware of a specific case where they were probably wrong and followed through. In general, however, each component system is designed in isolation with no thought being given to auditability on the part of the user. There are lots of uncorrelated pieces of paper mailed around with payments in varying amounts according to arcane rules going to various parties including the patient. The insurance companies seem to have some concept of medical events in an attempt to avoid double payments. But there is never a summary so the user can understand what is happening without collecting every slip of paper into one central set of records that correspond to the insurance company's representation. One particular offender locally is Newton-Wellesley Hospital where each entity seems to be a separate corporation that does its own billing for each aspect of each procedure for combination of locations. This is compounded by having multiple members of a family with slightly differing names. And then there are lab tests... Simple ideas like replacing bills that contain a single amount past do with summaries of payments and events and some common identification of events would go a long way. Such a system would be in the interest of the insurance agents as a way to discover errors and fraud. In the meantime, I'll continue to use standard system methodology. Whenever things are confused let things quiesce. Don't pay bills until the insurance company and the doctors have had their chance to go around a few times and then take a guess at whether what remains to be paid is appropriate. ------------------------------ Date: Mon, 19 Jul 93 13:14:30 EDT From: e3urcs@fnma.com (Russ Smith) Subject: ATM Fraud/Databases/Ouch! To extend the much-trod ATM-fraud path... My MasterCard number was recently used to fraudulently make $8000 worth of ATM cash advances over a 4 day period. Seems that the number itself was obtained via some standard illegal route which by now has undoubtedly been discussed (just the number was obtained, not the card itself) thus will not be addressed further in this note. Much more interesting, however, was how my PIN was obtained, allowing the perpetrators of the fraud to use a fake MasterCard in an ATM 4 times a day, 4 days in a row, $500 each time... Seems a written request for change-of-address was received by my Credit Union (backers of the MasterCard); this change was processed sometime on Wednesday, July 7th. The request included all sorts of identity-confirming information such as date of birth, social security number, and my mother's maiden name. The address was changed to a Brooklyn NY apartment (I live in a single-family house in Virginia). IN THE SAME LETTER a request was made for a copy of the PIN for the MasterCard (not unusual for people to forget a PIN and request it again). The PIN, the most important secret piece of information for the card, was dutifully mailed off to the fraudulent address in Brooklyn. Starting Monday, the 12th, the fraudulent cash advances were made from two different Brooklyn banks' ATMs. Upon finding out about the fraud (tried to use the card myself and was declined for the first time in my life), I immediately called every financial institution I do business with -- fortunately, they all require some crucial bit of information for phone account manipulations (like a mother's maiden name...), send a change-of-address notice to BOTH the new AND old addresses, and won't send money/crucial info to the NEW address for 30 days. Hope YOUR financial institutions protect your PINs as well... Oh yeah, one more thing...on calling my MasterCard Service Center I was told that requests for PINs are handled by regenerating the same PIN and mailing it off to the address -- the SAME PIN is -always- regenerated (not just retrieved) from the same MasterCard #; if you want a DIFFERENT PIN, you have to get an entirely new MasterCard number...hmmm... Russ ------------------------------ Date: Tue, 20 Jul 93 10:41:44 EDT From: e3urcs@fnma.com (Russ Smith) Subject: ATM Fraud/Databases/Ouch!, Part II After many calls and faxes I've found out a little more about the mechanisms behind ATM transactions and the fraudulent use of a MasterCard number of mine. It turned out that the previously-related fraud was done using an EXPIRED MasterCard number to withdraw cash from an ATM machine, not my current MasterCard number. When the request for both the change-of-address and the PIN number came via a letter, an old EXPIRED MasterCard number was used (had expired more than a month earlier). The change-of-address and PIN number for the expired card were processed and sent off to the fake address The perpetrators then used the expired card number and its PIN number to make the cash advances. How is it possible to use an EXPIRED card to make $8000 in cash advances? It's possible because the ATM's verification center ONLY checks if the card number is on a list of STOLEN/LOST cards. If the card is not stolen/lost, the verification center then performs a verification check of the information FROM THE CARD ITSELF, not from some other database. So the perpetrators just wrote a new expiration date on the magnetic stripe of their fake card; the ATM verification center verified that the date hadn't yet passed and that was that. Russ "Cancelled Credit" ------------------------------ Date: 14 Jul 93 11:04:30 CST From: CFP94@jmls.edu (George Trubow, John Marshall Law School) Subject: CFP94 (Sent to RISKS via Willis Ware) Conference Announcement and Call for Papers Computers, Freedom, and Privacy 1994 23-26 March 1994 The fourth annual conference, "Computers, Freedom, and Privacy," will be held in Chicago, Il., March 23-26, 1994. This conference will be jointly sponsored by the Association for Computing Machinery (ACM) and The John Marshall Law School. George B. Trubow, professor of law and director of the Center for Informatics Law at The John Marshall Law School, is general chairman of the conference. The series began in 1991 with a conference in San Francisco\Burlingame, and subsequent meetings took place in Washington, D.C. and again in San Francisco\Burlingame, in successive years. Each conference has addressed a broad range of issues confronting the "information society" in this era of the computer revolution. The advance of computer and communications technologies holds great promise for individuals and society. From conveniences for consumers and efficiencies in commerce to improved public health and safety and increased knowledge of and participation in government and community, these technologies are fundamentally transforming our environment and our lives. At the same time, these technologies present challenges to the idea of a free and open society. Personal privacy is increasingly at risk from invasions by high-tech surveillance and monitoring; a myriad of personal information data bases expose private life to constant scrutiny; new forms of illegal activity may threaten the traditional barriers between citizen and state and present new tests of Constitutional protection; geographic boundaries of state and nation may be recast by information exchange that knows no boundaries as governments and economies are caught up in global data networks. Computers, Freedom, and Privacy '94 will present an assemblage of experts, advocates and interested parties from diverse perspectives and disciplines to consider the effects on freedom and privacy resulting from the rapid technological advances in computer and telecommunication science. Participants come from fields of computer science, communications, law, business and commerce, research, government, education, the media, health, public advocacy and consumer affairs, and a variety of other backgrounds. A series of pre-conference tutorials will be offered on March 23, 1994, with the conference program beginning on Thursday, March 24, and running through Saturday, March 26, 1994. The Palmer House, a Hilton hotel located at the corner of State Street and Washington Ave. in Chicago's "loop," and only about a block from The John Marshall Law School buildings, will be the conference headquarters. Room reservations should be made directly with the hotel, mentioning The John Marshall Law School or "CFP'94" to get the special conference rate of $99.00, plus tax. The Palmer House Hilton 17 E. Monroe., Chicago, Il., 60603 Tel: 312-726-7500; 1-800-HILTONS; Fax 312-263-2556 Call for Papers and Program Suggestions The emphasis at CFP'94 will be on examining the many potential uses of new technology and considering recommendations for dealing with them. Specific suggestions to harness the new technologies so society can enjoy the benefits while avoiding negative implications are solicited. Proposals are requested from anyone working on a relevant paper, or who has an idea for a program presentation that will demonstrate new computer or communications technology and suggest what can be done with it. Any proposal must: state the title of the paper or program; describe the theme and content in a short paragraph; set out the credentials and experience of the author or suggested speakers; and should not exceed two pages. If an already completed paper is being proposed for presentation, then a copy should be included with the proposal. Student Papers and Scholarships It is anticipated that announcement of a student writing competition for CFP'94 will be made soon, together with information regarding the availability of a limited number of student scholarships for the conference. Timetables Proposals for papers and programs are being accepted at this time. It is intended that program committees will be finalized by August 1, 1993. Proposals must be received by October 1, 1993. Communications Conference communications should be sent to: CFP'94 The John Marshall Law School 315 S. Plymouth Ct. Chicago, IL 60604 (Voice: 312-987-1419; Fax: 312-427-8307; E-mail: CFP94@jmls.edu) ------------------------------ Date: Thu, 15 Jul 1993 14:24:18 UTC+0100 From: Miquel Barcelo Subject: STSF WORKSHOP CALL FOR PAPERS SCIENCE AND TECHNOLOGY THROUGH SCIENCE FICTION workshop next summer in Barcelona, Spain (22nd and 23rd, June 1994) This will be the first edition of such a Workshop. If you know more people that could be interested, please help in making this information available by forwarding this message. If you need more information, please feel free to contact blo@lsi.upc.es, Dr. Miquel Barcels, Software Department - UPC Pau Gargallo, 5, E 08028 BARCELONA (Spain) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - First Announcement and CALL FOR PAPERS STSF '94 An International Workshop on SCIENCE and TECHNOLOGY through SCIENCE FICTION 22nd-23rd June 1994 - BARCELONA (Spain) Organized by CONSELL SOCIAL (Board of Trustees) of Universitat Polithcnica de Catalunya (UPC) in cooperation with: Software Department (UPC) Physics and Nuclear Engineering Department (UPC) WORLD SF (Hispanic Chapter) THE WORKSHOP A good working definition of science fiction is "speculative extrapolation about the effect of science and technology on society". The aim of this International Workshop is to provide a forum for identifying, encouraging and discussing research about science and technology, or their consequences, as portrayed in science fiction. The Workshop will bring together researchers, scientists, and other academics with science fiction professionals to share information and explore new ideas about the relationship between science fiction, science and technology. TOPICS OF INTEREST The topics of interest include but are not limited to: - Biotechnology, genetic engineering - Computer science, robotics, artificial intelligence - Macroengineering - Nanotechnology - Physics, astronomy, cosmology - Professional activity of scientists and engineers - Social impact of science and technology - Teaching science and technology with science fiction PROGRAM COMMITTEE * Miquel Barcels (Software Dept., UPC, SPAIN) * Joe Haldeman (SFWA president, M.I.T. Associate Professor, USA) * Elizabeth A. Hull (SFRA past-president, USA) * Frederik Pohl (SFWA and WSF past-president, USA) * Vernor Vinge (Dept. of Math Sciences, SDSU, USA) ORGANIZING COMMITTEE * Miquel Barcels (Software Dept., UPC) * Laura Cabarrocas (Board of Trustees (secr.), UPC) * Gay Haldeman (Writing Program, M.I.T.,USA) * Pedro Jorge (Hispanic Chapter of WORLD SF) * Jordi Josi (Physics and Nuclear Engineering Dept., UPC) * Louis Lemkow (Sociology Dept., UAB) * Manel Moreno (Physics and Nuclear Engineering Dept., UPC) INSTRUCTIONS TO AUTHORS Paper submissions must be in English and no more than 6000 words long. The Proceedings of the Workshop will be published by the organizing institution. Authors are requested to submit a "Letter of Intention" with the title of the paper and a short abstract (less than one page) before November 30, 1993. Authors must submit five copies of each paper, before January 31, 1994, to the Program Chairperson: Miquel Barcels Facultat d'Inform`tica Universitat Polithcnica de Catalunya Pau Gargallo, 5 E 08028 BARCELONA (Spain) Tel: 34.3.401.6958 Fax: 34.3.401.7113 E-mail: blo@lsi.upc.es IMPORTANT DATES * Deadline for Letter of Intention: November 30, 1993 * Deadline for Paper Submission: January 31, 1994 * Notification of Acceptance: March 15, 1994 * Camera Ready Papers Due: April 30, 1994 * Workshop: June, 22-23, 1994 ------------------------------ End of RISKS-FORUM Digest 14.76 ************************