Subject: RISKS DIGEST 17.38 RISKS-LIST: Risks-Forum Digest Sunday 8 October 1995 Volume 17 : Issue 38 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator ***** See last item for further information, disclaimers, etc. ***** Contents: Fly NorthWest Airlines to unknown destinations (Peter Ladkin) Text substitution in a fax program (Henry Troup) More 2000 date problems: Court computers in countdown to chaos (Peter Ilieve) Dutch phone books not available (Thomas Tonino) Citizen Intercepts 911 Calls; Helps Police (Steve Bauer) Billing problem and consequences (Hiranmay Ghosh) Polymorphism can apply to email.... (Espen Andersen) Airliner crashes (Charles Smith via Dave Ketchum) Re: STRATUS success story: an old Univac episode (William Johnson) Re: The latest maths bug in a Microsoft product (Jim Coffey) Re: European Encryption control proposal? (David Swarbrick) ABRIDGED info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Sun, 8 Oct 1995 17:14:49 +0100 From: ladkin@techfak.uni-bielefeld.de Subject: Fly NorthWest Airlines to unknown destinations The International Herald Tribune for Monday Oct 2, p1, has a report on a DC10, NorthWest Flight 52, on its way to Frankfurt from Detroit. They landed in Brussels, much to everyone's surprise except for the passengers, cabin crew and air traffic control. A controller in Shannon changed the destination in the en-route computers for some reason no-one has fathomed. So everyone after that sent NW52 merrily on the way to Brussels. The cabin crew and passengers noticed, because the cabin flight-path display was showing them going to Brussels rather than to Frankfurt (the cities are 200miles=325km away from each other). The flight crew first noticed when they broke out under the clouds on approach to Brussels, and noticed that the layout of the airport was not similar to Frankfurt. Sensibly, they decided to continue the landing. And will remain landed until the investigation figures everything out. A spokesman for NorthWest pointed out that the crew *should* have known where they were....... That reminds me of the time I was flying Chicago to SFO and following the ground on my WAC (World Aeronautical Chart). The routing went south of the Colorado/Wyoming boundary, past Aspen, and then over the Green river canyon, which is some 250km past Aspen. Just then, the captain announced "We're just passing Aspen, Colorado, out of the left window." But we got there OK. Even United pilots can recognise the Mina and Coaldale transitions to the Modesto arrival when it hits them ;-) Peter Ladkin. ------------------ Date: Wed, 4 Oct 1995 08:37:00 -0400 From: "henry (h.w.) troup" Subject: Text substitution in a fax program I have a fax that I have received from the Systems Engineering Society. In the footer, it says "Internet: SESociety508-420-0210ol.com" Since I know that the address is @aol.com, it seems that something has substituted the outgoing fax number for the "@a". The root cause appears to be that the formerly rare character "@" has become more frequently used, making it no longer appropriate as an escape sequence. Henry Troup - hwt@bnr.ca (Canada) - BNR is not committed to anything I say ------------------------------ Date: Wed, 4 Oct 1995 12:56:49 +0100 From: peter@aldie.co.uk (Peter Ilieve) Subject: More 2000 date problems: Court computers in countdown to chaos The following is taken from a report in the Independent (a UK quality paper) for Tuesday 3 October 95. The headline is `Court computers in countdown to chaos'. Programming work is underway to prevent thousands of court cases being called for 31 Dec 99. `The Lord Chancellor's department is implementing the scheme to prevent legal chaos caused because aging court computers cannot speak Latin or understand the concept of eternity.' The problem is that many cases are adjourned `sine die' (literally `without date') when they need to be disposed of without reaching any sort of verdict. The intention is that they are never seen again. The computers used for scheduling court hearings can't cope with this so clerks in some courts have been entering the latest date that the machine knows about---31 Dec 1999. This means that on 30 December these systems will print a huge list of all these cases, for hearing the next day. The article suggests that up to 25,000 cases may be involved in some inner city courts. The exact size of the problem is unclear as other clerks in other courts may have used other tricks to get round the problem. A computer `expert' is quoted: `When the first systems were introduced 25 years ago, the last day of 1999 was still a long way off and it did not matter if these cases were adjourned until that date. It is only just over four years away and we have got to do something about it. Fortunately, computer software has advanced and the courts will not have to record false dates under the new system.' My comments: the concept of `sine die' has been around for hundreds of years, it really should have been in the original specification for the system. Also, if 31 Dec 99 is the latest date the system can cope with, it has bigger problems than just dealing with `sine die' cases. It won't be able to adjourn any cases to known, fixed, dates in 2000 and beyond. Peter Ilieve peter@aldie.co.uk [Also noted by Keith Bennett . PGN] ------------------------------ Date: Fri, 6 Oct 95 22:29:26 +0100 From: ttonino@bio.vu.nl (Thomas Tonino) Subject: Dutch phone books not available It seems the phone monopoly, KPN, had some problems restyling the phone directory of Utrecht. The restyling involved adding a 'yellow pages' kind of index to the alphabetical section, and the possibility of advertisements in the alphabetical section of the directory. The Utrecht directory was recalled because of a lot of errors; it seems that about 10% of entries was corrupted one way or the other. Newspapers reported at the time the cause was 'computer error' while merging the list of subscribers with the list of advertisers. Now, nearly a year later, KPN/PTT still does not have its data right. No directories have been published since. For Amsterdam, where I live, this means the directory will be published in January of February 1996 instead of the original may 1995. Other cities will have approximately the same delays. While the subscriber database is correct, the advertisers database is not, it seems. The subsidiary of KPN responsible for the directories, Telemedia, told me this: - They are very busy calling all advertisers to confirm the data. Their databases seem messed up somehow. - The information service doesn't have more detailed business information either. That is supposed to come from Telemedia, who don't have it. The being unavailable of directories causes quite some problems. Phone numbers tend to change quickly here, as it is often not possible to keep your number even when moving to another part of the city. And even government or business numbers are quickly given to private subscribers who will then probably not be happy. The RISK here is having a lot of calls arrive at the wrong destination. Having a monopoly run the phone system is probably the biggest cause here, followed by trusting your (computer) systems and procedures. Thomas Tonino ------------------------------ Date: Tue, 03 Oct 1995 03:37:14 -0500 From: sbauer@tyrell.net (Steve Bauer) Subject: Citizen Intercepts 911 Calls; Helps Police Here is a great report about someone getting involved. 911 phone line crossed RICHMOND, Va. (AP) -- When Rosa H. Dickson answered her telephone, the caller requested an ambulance. It took only a moment to figure out that the caller had dialed 911 and got Dickson instead. "When I realized what happened, I dialed 911 and couldn't get 911," she said Monday. [This lasted for half an hour, beginning at 5 a.m. Dickson then alerted the police of the problem, and kept passing info on to police, two calls for rescue crews and one for police. One caller gave the wrong number, and then called in again later when nothing happened. Bell Atlantic apparently messed up on maintenance following a system upgrade. PGN] ------------------------------ Date: Sat, 30 Sep 95 17:30:51 IST From: Hiranmay Ghosh Subject: Billing problem and consequences For those who are not familiar with this part of the world, Delhi Electric Supply Undertaking (DESU) is the name of a company that supplies electricity to the city of Delhi, the capital of a country called India. The company has been using a computer to make the electric bills of its customers for quite some time now (the trouble starts!). One fine morning about a year back, the computer decided to print wrong customer codes on the monthly bills it produced for some privileged persons like me. Since the code is long (18 alphanumeric characters!), nobody noticed the mistake. With good faith, I paid the bill. As you might expect, next month I saw an arrear amount on my bill. When I took it to DESU's office, they had several theories on how the error might have occurred. They did an ad hoc correction on the bill (hardcopy). The same game continued for an year till, another fine morning, I got a notice for disconnection, the ultimate punitive action from DESU for non-payment of bills! A number of panic-calls to the top-brass of the company later, I came to know the reason. The mystery of the misbehaviour of the computer is still unknown -- it could probably be a software bug! More stunning was the fact that while some of the dealing clerks knew about the problem, they pleaded helplessness and seemed to be at the mercy of the computer. The matter becomes worse as the responsibilities of the preparation of the bills, receipt of payments and the issue of the notices rest with different departments, with the computer gracefully occupying the centre- stage. Though my immediate problem (disconnection threat) has been taken care of, DESU cannot assure me that I shall get a correct bill next month or that I shall not get yet another funny disconnection notice. As this moment, I remain under the threat of the monster computer that is probably churning out yet another wrong bill, either for me or for somebody else. Though this story is a pretty low-tech one than those usually discussed at the RISKS forum, the moral remains the same: Computers (for the matter, technology in any form) should never become the boss! Hiranmay Ghosh, Centre for Development of Telematics, Akbar Bhawan, New Delhi 110021, INDIA +91 11 672533,677525 ghosh@cdotd.ernet.in ------------------------------ Date: Thu, 5 Oct 1995 09:36:02 +0000 From: "self@usa1.com" Subject: Polymorphism can apply to email.... I am currently setting up my own Web site, through MASSInternet (a subsidiary of PSInet). I wanted to call this site espen.com, and to have my email address be self@espen.com, which I thought had a nice OO ring to it. Registering the domain name takes about 6 weeks, so in the meantime PSI gave me the email address self@usa1.com (rather grand, but it works fine). You can probably guess the rest: A number of email systems have a feature called copy_to_self, and apparently some users think the CC: field is where to turn this feature on. A transitory problem, to be sure, and so far the email copies I have received have not been really interesting.... Espen Andersen ------------------------------ From: davek@oho.com (Dave Ketchum) Subject: Risks to the public Date: Wed, 27 Sep 1995 01:07:29 GMT [Via "Will Tracz" , editor, ACM Software Eng. Notes] NOTE::: I believe that professionals involved in hardware components of flight control systems are required to be identifiable and accept responsibility for the quality of the work they sign off on. THE FACT THAT SOME COMPONENTS OF SUCH SYSTEMS NOW CONSIST OF COMPUTER SOFTWARE SHOULD HAVE no EFFECT ON THE ACCOUNTABILITY RULES - but, I do not remember this being enforced adequately! >Numb : 274 of 294 Date : 09/21/95 11:13am >Conf : 1975 - alt.politics.datahighway >From: HDUN11A@prodigy.com (Charles Smith) >Subject: AIRLINER CRASHES [...] Two final notes on the crash of CAL-140: Japan's 23 major insurance companies will pay a total of $78 million to the families of those killed in the crash of CAL-140. In addition, the Japanese National Police are investigating the crash of CAL-140 under the heading of "MURDER". Aviation Week and Space Technology Charles R. Smith hdun11a@prodigy.com Richmond, VA 804/275-7472 web http://www.shore.net/~adfx/2292.html ------------------------------ Date: Thu, 5 Oct 1995 15:17:40 -0700 From: "Johnson.William" Subject: Re: STRATUS success story: an old Univac episode In regards to the `success' story about the STRATUS system, where a room full of computers survived baking in 120oF heat for 3-4 days with only 2 disk drives failing, this story is remarkable in that it completely overlooks the inevitable degradation of the electronic equipment at that site that did NOT fail immediately during the overheating episode. Excessive temperatures degrade electronic components and reduce their life expectancy considerably. For 3-4 days the hardware baked itself in 120oF conditions without notifying anyone of the underlying problem. Over the weeks and months to come after this episode, the owners can expect a higher-than-normal failure rate of the equipment so exposed. Had the STRATUS system included a temperature alarm to a central office, something on the order of, "Hey, guys, my A/C is out and it's over 100 in here - HELP!" STRATUS might have not only saved the drives that immediately failed due to the heat but also the other equipment that will inevitably fail early as well. In a sense, this reveals another RISK of modern computers/electronic equipment; the inability to always diagnose and report to the operators what is REALLY wrong with the system, even if you have designed a sophisticated diagnostic/reporting capability into the system. *** This reminds me of a story told by my faculty advisor back in college. In his graduate school days he worked on one of the original UNIVAC mainframes in the country. That machine comprised dozens of racks of vacuum tube-technology logic boards stacked in banks up to the ceiling in their computer room. Each board controlled a different function in the computer and he said that after a while he could tell from the error returned in a malfunction not only which board had failed but also the most likely vacuum tube that had gone out. Usually the failure was blamed on excessive heat, because even with the room's central A/C going full blast the heat from the tubes kept it nice and toasty in there, especially around the ceiling. His EE department was always complaining about the high tube failure rate due to excessive heat so finally the school ordered a newer, bigger A/C for them. Unfortunately, when they came to install it, the electricians forgot to tell anyone that they were shutting off the A/C power at the breaker box. So the computer kept running... ...the first anyone knew what was happening was when they heard explosions from the computer room, as boards blew up starting from the top racks and then down to the bottom racks, one bank at a time. My advisor said it took them 3 months to rebuild the system and when they finished, they welded the A/C panel box shut. The RISKS of the right hand not knowing what the left had is doing are obvious. ------------------------------ Date: 28 Sep 1995 10:16:10 PDT From: "Coffey, Jim@ARC Mail" Subject: Re: The latest maths bug in a Microsoft product (Palmer, RISKS-17.36) > If you do this on a Macintosh (Excel v5.0a on a PowerMac 8100/110) you get a > result of 1.40737488355328 = 1.28, proving that the Macintosh is 6 times (as > powerful as a PC) ... Interestingly enough., Excel v5.0a on a Mac IIsi also yields .64; however, if you paste the original number as text and then perform a math operation, Excell yields the correct result. What I find interesting (and disturbing) is not that some number that most people will never use behaves oddly, but that the program behaves oddly. I'm working on a project that will use digital controls for power plant applications, and as part of that we need to verify that the system responds as expected during operations and transients. I wonder how we will be able to test for obscure bugs such as this (since if one number does this, what other features haven't we yet encountered). More importantly, we need to design the system to tolerate such undiscovered flaws and not go nuts when it does (a daunting task). Jim [I have heard some reports that this flaw is actually an intentional feature intended to detect copyright ripoffs. Music publishers and dictionary editors have been doing similar things for years. PGN] ------------------------------ Date: Tue, 03 Oct 95 06:51:04 GMT From: david@swarb.demon.co.uk (David Swarbrick) Subject: Re: European Encryption control proposal? (Anderson, RISKS-17.36) In Risks v17 no36 Ross Anderson reported a proposal from the Council of Europe to ban strong encryption within Europe, and to introduce a 'Euro-Clipper'. I have to say that I think the article he reports jumps the gun somewhat. The actual proposal reads (in the relevant section) "V. Use of Encryption --------------------- 14. Measures should be considered to minimise the negative effects of the use of cryptography on the investigation of criminal offenses, without affecting its legitimate use more than is strictly necessary." The UK already allows a Police Constable to obtain a warrant requiring a suspect to produce all information on his computer 'in legible format' ie de-crypted, and I suspect this is all that will be required to meet the proposal. This is not of course to say that there are not people about contemplating doing just what Ross relates. They are usually sat on a fat surveillance budget, and wondering how they will justify it next year. David Swarbrick, Swarbrick & Co, Solicitors, 22 Bradford Road Brighouse HD6 1RW| UK Tel 01484 722531 david@swarb.demon.co.uk ------------------------------ Date: 6 September 1995 (LAST-MODIFIED) From: RISKS-request@csl.sri.com Subject: ABRIDGED info on RISKS (comp.risks) The RISKS Forum is a moderated digest. Its USENET equivalent is comp.risks. SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) on your system, if possible and convenient for you. BITNET folks may use a LISTSERV (e.g., LISTSERV@UGA): SUBSCRIBE RISKS or UNSUBSCRIBE RISKS. [...] DIRECT REQUESTS to (majordomo) with one-line, SUBSCRIBE (or UNSUBSCRIBE) [with net address if different from FROM:] INFO [for further information] CONTRIBUTIONS: to risks@csl.sri.com, with appropriate, substantive Subject: line, otherwise they may be ignored. Must be relevant, sound, in good taste, objective, cogent, coherent, concise, and nonrepetitious. Diversity is welcome, but not personal attacks. [...] ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. Relevant contributions may appear in the RISKS section of regular issues of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise. RISKS can also be read on the web at URL http://catless.ncl.ac.uk/Risks RISKS ARCHIVES: "ftp unix.sri.comlogin anonymous[YourNetAddress] cd risks or cwd risks, depending on your particular FTP. [...] [Back issues are in the subdirectory corresponding to the volume number.] Individual issues can be accessed using a URL of the form http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue] ftp://unix.sri.com/risks [if your browser accepts URLs.] ------------------------------ End of RISKS-FORUM Digest 17.38 ************************