Subject: RISKS DIGEST 15.49 REPLY-TO: risks@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Thursday 10 February 1994 Volume 15 : Issue 49 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: FireFly in the ointment? (Don Watts) Aging software ages suddenly! (Don Watts) Clinical diagnosticians and diagnostic clinicians (David Honig) UK bank preparing for electronic money trial (John Gray) What goes around, comes around (Paul Robinson) Electronic rumours (Mich Kabay) Medicare Transaction System & the Electronic Superhighway (Mich Kabay) Re: Risks of cliche collisions on the information superhighway (Mark Jackson) Re: White House documents (Bill Casti via David Crawford) Re: Cantwell and Spoofed Representatives? (Jon Leech) Re: Sounding the Alarm (Robert J Horn) Re: Verify your backups (Timothy Miller, Dan Lanciani, Martin Minow) EMI article in IEEE Spectrum (Robert J Horn) Information on RISKS (comp.risks), contributions, subscriptions, FTP, etc. ---------------------------------------------------------------------- Date: Thu, 10 Feb 1994 10:57:13 PST From: "Peter G. Neumann" Subject: FireFly in the ointment? Don Watts of Tustin CA checked in by SnailMail with a note that the StarWars decoy/laser-radar program (FireFly) worked completely backwards (for example, with respect to incoming maneuvers) because the accelerometer was wired in opposition to the directional assumption in the software. (The shaker tests of the decoy were omitted in an effort to save money.) ------------------------------ Date: Thu, 10 Feb 1994 10:57:13 PST From: "Peter G. Neumann" Subject: Aging software ages suddenly! Don Watts also offered the following memo from Steven Ray of the Ball Efratom Division, dated 20 Jan 1994, and lightly edited by PGN. Aging Analysis Software malfunction On Monday, 17 January 1994, a `bug' developed in the IBM-based ``Ball Aging Analysis'' software program. This bug prevents us from plotting any aging data after 16 Jan 1994 even though the data actually exists in the database. This bug effectively shut down all shipments of units because no graphs could be generated. After some initial investigation, this bug was linked to the modified Julian date of 2148 and that any date before that was OK, but any data after that would not plot. So, as a temporary fix while the software code is being corrected and to continue to be able to ship units, I have set the dates on all of the Aging computers back one year, to 1993, so that the aging data can be plotted on all Aging plots until a permanent fix can be done. ------------------------------ Date: Tue, 08 Feb 1994 14:03:07 -0800 From: David Honig Subject: Clinical diagnosticians and diagnostic clinicians Which of the following is *not* a reason for the clinician to remain an essential part of the diagnostic process? A Computers are unable to collect and evaluate nonverbal data. B Patients have poor acceptance of computer-assisted assessment. C Computers are poor at temporal reasoning. D Computers cannot assess the clinical significance of a behavior. The answer was given as B, though of course AI researchers are working on the others.... Anyway, the _Psychiatric Annals_ Jan 1994 Vol 24, No 1 issue is about "Using Computers in Psychiatry". Shrinks can get continuing education credit for reading this mag and mailing in a quiz included. Titles of articles range from using computers to teach ugrads (including showing video clips of psychopaths from popular hollywood productions..) to expert systems making drug recommendations, to computational models of the mind and Psychiatry. Most articles are written by MDs with a few real doctorates. ------------------------------ Date: Tue, 8 Feb 94 13:42:41 GMT From: John Gray Subject: UK bank preparing for electronic money trial I was hoping that someone else might have seen more about this and posted information here, but it appears not; in that case I'll mention what I know, in the hope that someone will be able to fill in the details. One of the big UK banks is apparently planning to introduce a trial in Swindon, UK of an electronic money system, where money is held on plastic cards (I'm not sure whether magnetic or smart). Money is transferred through the system using either a handheld reader or an EFTPOS system in a shop. The cards are not personal, but can be locked with a 4-digit PIN code. A card that isn't locked can be used by anyone, while a locked card requires the code in order to view the balance or deduct money from the card. The nature of the system allows individuals to transfer money from card to card using the appropriate palmtop-sized system. I assume that the money is "cryptographic", but I've forgotten the details (I read all this in a paper some months agp). Does anyone know any more about this system? It raises a whole host of issues, both social and technical. John Gray ------------------------------ Date: Sun, 6 Feb 1994 01:17:49 -0500 (EST) From: Paul Robinson Subject: What goes around, comes around The following was posted on a local BBS about the recent incident on the network. ANDREWS NEWS Staff member suspended for network abuse, by Wendy Wein Clarence Thomas, systems administrator for "Redwood," the administrative computer, will be temporarily suspended from his job because he sent a 5,500 character religious message to between 1,200 to 1,500 news groups across the world through the Internet. This act violated the system's purpose, giving Andrews University a bad reputation among the Internet users. Over 1,200 complaints came over the Internet to the Andrews computer science department demanding justice. According to Mailen Kootsey, chair of the academic computing committee and dean of the College of Arts and Sciences, Thomas will be suspended from his position for a week. His status will be reviewed at the end of the time period. During this week Thomas will not have available access to the network computers. Sometime between five and eight o'clock Monday evening, January 17, Thomas sent his three-page message titled "Global Alert for All: Jesus is Coming Soon," from the Andrews computing center to the news groups which are accessible through the Internet, a computer system which connects computers throughout the world. These news groups deal with different individual topics. For example, if a news group is about cars, then only information about cars should be sent to that news group. Some people subscribe to more than one group and some universities and organizations are subscribed to almost all of them. Thomas sent his religious message to all of these groups. People who were not interested received this message, some more than once. Some organizations received 1,200 to 1,500 copies. For many of the subscribers religious input was not accepted very well. This message took up their time and money. The message accumulated 5.5 kilobytes of disk space. Within an hour after the message was sent, Daniel Bidwell, administrative contact for the network at Andrews, received Internet messages from the East coast. In two hours they came from the West coast and within four hours, complaint letters came in from other countries. The letters made statements such as "This is not what I am paying for" and "Will this guy be stopped?" In addition to the news groups, Thomas also sent his message through a mailing list, filling others' electronic mail. This could have been changed by sending it to only a few news groups so fewer copies could have been distributed. "If he sent his message through a news group which dealt with religious issues then everything would be fine," said Bidwell, "No one would have known." There are no laws against Thomas' actions, yet he violated and broke some of the unwritten rules of society. That is why many people are unhappy. This act created poor reactions towards the university. Thomas' intent was to spread the good news of Jesus' return to all those he could reach. Thomas was trying to witness to others, yet instead of creating joy in peoples' heart, he only created anger and resentment. "He was doing the right thing in the wrong way," said Bidwell. Some of those who wrote to complain said that they agreed with the message, but that Thomas delivered it wrongly. This message has created bad public relations for the church at another's expense. The letters that were received included threats. They wanted Thomas fired, or else the Internet connections from the Andrews campus could be "taken." People are now writing and finding ways to contact President Lesher. Not only have strangers called, but also a large amount of Adventists claiming that something must be done to save the church's sacred reputation. On Monday morning, January 24, Rob Barnhurst, Thomas's supervisor and director of the computing center, Ed Wines, vice president for finance, and Kootsey, met to discuss the incident. They decided to send out an apology through the Internet, explaining that they did not condone Thomas's act and will try to keep this from happening again. Thomas graduated from Andrews with a computer science degree. Those at the computer science department feel that he knew better then to send out that many copies. "It was clearly, very definitely abuse," said Ray Paden, chair of the computer science department. "He broke the guidelines for the Internet and violated the net etiquette. The trust was violated." ------------------------------ Date: 05 Feb 94 22:30:12 EST From: "Mich Kabay / JINBU Corp." <75300.3232@CompuServe.COM> Subject: Electronic rumours >From the Associated Press newswire via Executive News Service (GO ENS) on CompuServe: Glitch Reveals The Power Of Internet; New Group's Offer Unleashes Users' Tirade By John Burgess and John Schwartz, Washington Post Staff Writers, 31 Jan 1994 A small organization promising free access to a global computer network found itself recently the focus of a deluge of electronic hate mail. To its chagrin, the messages were carried all over the world by the very network the group promotes, the Internet. The authors explain that the International Internet Association (IIA) issued ads last year offering free access to the Internet. However, to get access, eager users had to submit a credit card number. Then, potential customers were told, the free-access ports were generally busy. If they wished, such customers could subscribe to the service at $0.20/minute, charged to the credit card. Scott Ward, an official with CapAccess of Washington, DC, another service providing free Internet access, investigated IIA and couldn't locate any evidence of its computer. He then sent out an electronic warning that was widely circulated. He wrote, "I am not convinced this organization exists and highly discourage any Internet user from sending information until you make certain that the IIA is real." Unfortunately for everyone involved, the IIA was real. The Executive Director of the IIA, Max Robbins, promised to repair the damage to its credibility caused by the incorrect electronic rumour. He announced changes in the organization's financing: all access would be free, but the IIA would solicit corporate donations. This story once again illustrates the need for the same (or greater) level of care in verifying what we post on the Internet. Because information in electronic form doesn't fade, get wrinkled, or impossible to read after multiple use, electronic rumours can circulate forever. RISKS readers will recall the case of Craig Shergold's unstoppable avalanche of post cards. Michel E. Kabay, Ph.D., Director of Education, National Computer Security Assn ------------------------------ Date: 30 Jan 94 14:53:24 EST From: "Mich Kabay / JINBU Corp." <75300.3232@CompuServe.COM> Subject: Medicare Transaction System & the Electronic Superhighway >From the Washington Post newswire via Executive News Service (GO ENS) on CompuServe: Medicare Billing to Join Electronic Superhighway; One National System to Handle All Payments, By Spencer Rich, Washington Post, 20 Jan 1994 By the end of the decade, one giant nationwide computer system will electronically pay nearly all of the 1 billion bills Medicare handles each year. Beneficiaries will only have to hand their Medicare cards to their doctors, hospitals, laboratories or nursing homes to make sure their bills get paid. Once a patient's identification number is punched into a terminal at a hospital or doctor's office, the computer will compute how much Medicare owes, electronically transfer that amount to the doctor's or hospital's bank account, calculate how much an individual's Medigap (supplemental insurance) policy owes and automatically bill for that. If the Medicare beneficiary has no Medigap policy, the government computer will bill the patient for whatever is owed." The article continues with the following key points: o $19 million six-year contract to GTE Government Systems Corp. of Chantilly, Va., for design and implementation; o implementation '96-'98; o Medicare Transaction System (MTS) will eliminate many manual procedures; o may save $200 million a year. Michel E. Kabay, Ph.D., Director of Education, National Computer Security Assn [Maybe it is time for the MediBempsters to write a song about healthcare along the superhighway. PGN] ------------------------------ Date: Mon, 7 Feb 1994 13:09:12 PST From: MJackson.wbst147@xerox.com (Mark Jackson) Subject: Re: Risks of cliche collisions on the information superhighway As an addendum to Phil Agre's note in Risks 15.44, PGN begins: > [We are going to see all sorts of metaphors springing up on the > InfoSuperhighway, such as. . . Perhaps most evocative, from the "Editor's Note" on the state and future of jounalism in the January/February issue of the /Columbia Journalism Review/: Only now, thanks to the new technology, the public doesn't have to take it anymore; with every passing day people have more alternatives to the traditional news media to choose from, a situation that has prompted commentator Jeff Greenfield to warn that journalists may become "roadkill on the information highway." Mark Jackson ------------------------------ Date: Wed, 9 Feb 94 16:15 PST Subject: Re: White House documents (from alt.internet.services) Article 13945 of alt.internet.services: Path: vortex.com!rand.org!usc!howland.reston.ans.net!news.intercon.com!vector.casti.com!quire From: quire@vector.casti.com (Bill Casti) Newsgroups: alt.internet.services Subject: Re: Altered White House documents Date: 9 Feb 1994 21:53:21 GMT Organization: The Gnomes of Zurich (shhh!) Chris Fulmer (chrisf@brtph316.bnr.ca) wrote: : At the risk of extending this to the point that it should go elsewhere... : I believe that the original post said that the on-line version of the : remarks differed from the remarks that were actually stated. While the : President's position may have changed, the remarks that he made certainly : didn't. re: "revised documents on ftp server"..... ---------- Forwarded message ---------- Date: Mon, 07 Feb 1994 16:29:29 -0700 (MST) From: crawford@fido.econlab.arizona.edu (David W. Crawford) Subject: Revised Documents on FTP server without version number >From croberts@crl.com Mon Feb 7 09:47:09 1994 >Newsgroups: alt.internet.services >Subject: Altered White House documents >Date: 5 Feb 1994 09:38:23 -0800 > >I assume everyone knows about the ftp site whitehouse.gov. I just >discovered that the Clinton rebuttal to Elizabeth McCaughey's >critique of his health care plan has been altered on >whitehouse.gov - with no mention in the current version that it >has been changed. I assume that neither of you know the difference between a speech-as-written and a speech-as-delivered. >According to Associated Press writer Tom Raum, the original White >House rebuttal to McCaughey's New Republic magazine article used >the word "lie" four times. The copy of the White House rebuttal I >just downloaded (Feb 5, morning, pacific time) does not contain >the word lie nor does it contain any indication that it is a >"revised" version. Then, it's the speech-as-written and not the speech-as-delivered. >White House spokesman Dee Dee Myers defended the rebuttal on >Thursday although she conceded that "perhaps the language was a >little strong." Clinton, asked by reporters earlier this week >about calling McCaughey's comments lies, responded, "Well, I hate >to use that word, but the New Republic article was way off base >and the New Republic didn't make total disclosure about the source >of the article." So Clinton admitted to the use of "lie" but it >has since been removed from the version available for anonymous >ftp at whitehouse.gov. Makes you wonder just how self- serving and >accurate the rest of the information there might be... That's a knee-jerk reaction and totally inaccurate. The speeches-as-written are usually delivered a few hours in advance of the speech, with an embargo on publication until the speech has been delivered (the same embargo the rest of the news media observes, by the way). If you look in the White House Papers gopher hole (accessible for anonymous ftp by telnetting to vector.casti.com), which mirrors the gopher SUNsite at Syracuse University), there are several examples of speeches-as-written (indicated by "as prepared") being followed by clearly indicated "CORRECTED--as delivered" speeches. >UWSA'ers note: the whitehouse.gov directory /pub/political- >science/speeches/perot contains the text of Perot's book "United >We Stand," and various Perot speeches. But no, I have not double- >checked them for unauthorized "revisions." These are no longer contained in directories which are mirrored by whitehouse.gov, as they are not White House documents. Talk to Mr. Perot and get the address of *his* ftp site (I doubt if he has one). In the future, make sure you get the FACTS before you spout off about stuff you--apparently--know nothing about. I know that doing a bit of investigative research would greatly hobble your arguments, but it would be the courteous thing to do. If you have questions about what is or isn't contained in the documents available through whitehouse.gov, ask first. The address for comments/questions/suggestions about the document site is: publications-comments@whitehouse.gov Bill Casti ------------------------------ Date: 9 Feb 1994 19:23:16 -0500 From: leech@cs.unc.edu (Jon Leech) Subject: Re: Cantwell and Spoofed Representatives? In RISKS-15.47, mech@eff.org (Stanton McCandlish) asks us to "*Please take a moment to send e-mail to U.S. Rep. Maria Cantwell (cantwell@eff.org) to show your support of H.R. 3627, her bill to liberalize export controls on encryption software.*" Later, he writes "EFF will deliver printouts of all letters to Rep. Cantwell." It's unclear if Rep. Cantwell (a) asked for the account to be established, (b) was aware of the account's existence, or (c) had no idea of the existence of the account (though I'm sure she does by now :-) If EFF is acting on its own initiative as a mail to print reflector for Rep. Cantwell, perhaps this should be stated and some other, non-confusing name used for the mail drop? I would think EFF needs to be particularly careful to avoid confusion on details like this... Jon Leech (leech@cs.unc.edu) UNC Pixel-Flow Project ------------------------------ Date: Wed, 9 Feb 1994 20:37:42 -0500 (EST) From: Robert J Horn Subject: Re: Sounding the Alarm > "driving doctors and nurses to distraction" who agree that "alarm noise > pollution is a significant problem that threatens patient health" > presumably because "doctors order that all alarms be disconnected except > those deemed absolutely necessary for patient safety." For more information and detail on one aspect of this see the December 1993 issue of IEEE Engineering in Medicine and Biology. This magazine is probably of interest to many Risks readers, since the subject is an intersection of a significant risk area with a significant computer content. The discussion of ethics in the December issue is probably the most important. It should act as a strong reminder that the risk of computer malfunction is merely one aspect of system ethical analysis. Just as most people now understand that risk analysis must include the whole operational environment, not just the literal instructions, we will eventually learn to consider risks in the larger ethical context. The initial step is to begin to understand the ethical issues. Rob Horn horn@temerity.polaroid.com ------------------------------ Date: Sun, 23 Jan 94 14:56:02 -0500 From: tsm@cs.brown.edu (Timothy Miller) Subject: Re: Verify your backups (Heberlein, RISKS-15.39) Isn't wuarchive one of the more widely mirrored archive sites? Couldn't they get most of their files back by copying from the mirrors? I know this misses the original point about failed backups as far as other sites are concerned, but it seems to me there are benefits of as well as risks from computers and technology here. Tim ------------------------------ Date: Sun, 30 Jan 94 19:17:59 EST From: ddl@das.harvard.edu (Dan Lanciani) Subject: Re: Bad backups (really NEC CD-ROM problem) (Hamlet, RISKS-15.43) > ... the FORTRAN library disk i-o routine did retry for read failure, This reminds me of something I had meant to send in long ago, but which may still be relevant. The NEC CDR-72 CD-ROM seems to have used a similar, highly successful error recovery technique. I don't remember the exact details, but the drive would substitute either the previous or the next block for the one it had meant to retry. There was absolutely no indication of error to the host machine, just _silent_ data corruption. Given what we expect from CD-ROMs, the risks of this kind of failure mode are obvious. (Oh, and note that this problem showed up with the first soft errors after but a few months of dust accumulation.) I think NEC's treatment of the problem shows a worse risk, though. They knew the flaw existed and they took no action to contact registered owners (let alone unregistered ones). Moreover, their first-level technical support was either uninformed or else was instructed to avoid the issue. When I explained the problem to them in great detail, they kept insisting that I send them the specific CD that was showing the problem and/or try a different CD in the drive. They could not (or would not) grasp the concept that an unreported error was unacceptable in this context. And they felt that if any CD could be found to read without corruption at least once then the drive must be fine. I asked that they have somebody with a more technical background get back to me, and indeed somebody did get back to me. The technical person was so technical, of course, that he would not listen to my detailed description of which blocks ended up where. Instead he required me to bring the phone to the computer to perform a ``special test.'' The test turned out to be to copy a file from the CD to the hard disk and then run the ``special'' DOS program COMP on the two copies. I was to report the number of mismatches shown. The number of mismatches was the maximum that COMP will display before giving up, and reciting that number won me a replacement drive for what he admitted was a known problem. I hate to think what would have happened if the drive failed the same way during the COMP as during the copy. Or worse, if I didn't have a DOS machine on which to run the ``special test'' to his satisfaction. I'm no expert on the uses of CD-ROMs, but I'll bet someone can come up with a pretty bad scenario caused by these kinds of errors. Dan Lanciani ddl@harvard.* ------------------------------ Date: Mon, 7 Feb 94 13:45:37 -0800 From: Martin Minow Subject: re: backups (Hamlet, RISKS-15.43) In Risks 15.43, Dick Hamlet wrote: > How many dump systems today read back what has been written for backup > (much less check it or do a file compare!) unless there is a restore request? This is a normal option to Retrospect, a backup package for Macintosh. It seems to work very well. Martin Minow minow@apple.com ------------------------------ Date: 07 Feb 1994 15:23:36 -0500 (EST) From: rob horn Subject: EMI article in IEEE Spectrum There is a good summary article on EMI/EMC in aircraft in the current issue of IEEE Spectrum. Not much new to RISKs readers, but a good overview of the present situation. Rob Horn horn@temerity.polaroid.com ------------------------------ Date: ongoing From: RISKS-request@csl.sri.com Subject: Info on RISKS (comp.risks), contributions, subscriptions, FTP, etc. The RISKS Forum is a moderated digest. Its USENET equivalent is comp.risks. PLEASE read it as a newsgroup if possible and convenient for you. Undigestifiers are available throughout the Internet, but not from RISKS. Contributions should be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. CONTRIBUTIONS to risks@csl.sri.com, with appropriate, substantive "Subject:" line; others may be ignored! Contributions will not be ACKed; the load is too great. **PLEASE** include your name & legitimate Internet FROM: address, especially .UUCP folks. If you cannot read RISKS locally as a newsgroup (e.g., comp.risks), or you need help, send requests to risks-request@csl.sri.com (not automated). BITNET users may subscribe via your favorite LISTSERV: "SUBSCRIBE RISKS". Vol i issue j, type "FTP CRVAX.SRI.COMlogin anonymousYourName CD RISKS:GET RISKS-i.j" (where i=1 to 15, j always TWO digits). Vol i summaries in j=00; "dir risks-*.*" gives directory; "bye" logs out. The COLON in "CD RISKS:" is vital. CRVAX.SRI.COM = [128.18.30.65]; =CarriageReturn; FTPs may differ; UNIX prompts for username, password. WAIS and bitftp@pucc.Princeton.EDU are alternative repositories. IF YOU CANNOT GET RISKS ON-LINE, you may be interested in receiving it via fax; phone +1 (818) 225-2800, or fax +1 (818) 225-7203 for info regarding fax delivery. PLEASE DO NOT USE THOSE NUMBERS FOR GENERAL RISKS COMMUNICATIONS; as a last resort you may try phone PGN at +1 (415) 859-2375 if you cannot E-mail risks-request@CSL.SRI.COM . ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. Relevant contributions may appear in the RISKS section of regular issues of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise. ------------------------------ End of RISKS-FORUM Digest 15.49 ************************