Subject: RISKS DIGEST 17.82 RISKS-LIST: Risks-Forum Digest Friday 1 March 1996 Volume 17 : Issue 82 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator ***** See last item for further information, disclaimers, etc. ***** Contents: Dominican Republic 757 crash (PGN) Software backdoor on the news (John Liptak) Re: Happy Leap-Birthday! (PGN) A major OS leap year glitch (Warren R Carithers) Arizona lottery blottery on 29 Jan 1996 (Jot Powers) Leap-day not insurable (Alan Hamilton) Time Bomb Still Ticking For Year 2000 (Edupage via Monty Solomon) Japanese credit cards and the year 2000 (Chiaki Ishikawa) Re: Year 2000 banking disasters (Steve Elliott) Re: Risks of year-2000 precautions (Barry Mulligan) Positive feedback and the law of averages (John Light) Re: Risks of year-2000 precautions (L. P. Levine) Year-2000 question on defensive software tools (Gretchen Herbkersman) Incorrect ATM menus (Jimmy Aitken) Online Cyberlaw Workshop (Dick Moores) ABRIDGED info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Fri, 1 Mar 96 7:51:09 PST From: "Peter G. Neumann" Subject: Dominican Republic 757 crash Investigators have concluded their analysis of the 6 Feb 1996 Boeing 757 flight that ended in the ocean, killing all 189 people aboard. The disaster was apparently due to a faulty velocity indicator that misled pilots, leading them to believe that their speed was adequate when they were flying at 7000 feet. ------------------------------ Date: Thu, 29 Feb 1996 11:34:30 -0700 From: John Liptak Subject: Software backdoor on the news The Denver area's new car-emission testing program was spotlighted on the local TV news. It seems that given the two passcodes 00010 and E35E, the computerized system will pass any car regardless of the emissions results. Disciplinary action has been taken against the people involved, including the two people who reported the abuse. John Liptak, U S WEST Communications, 931 14TH Street, Denver, Colorado 80202 WK (303) 624-0140 PG (303) 820-9284 j.liptak@ieee.org jliptak@uswest.com [Is this a case of shooting the emissionger? PGN] ------------------------------ Date: Fri, 1 Mar 96 7:59:18 PST From: "Peter G. Neumann" Subject: Re: Happy Leap-Birthday! (PGN, RISKS-17.81) Some of you Robert.Herndon@Central.Sun.COM (Robert Herndon) "George C. Kaplan" Rich Wales "Clive D.W. Feather" noted the flaky calculations of Pirate Frederick, because of the leap year in 1900. What we know for sure is that Frederick, when confronted by the Pirate King with the news that he had not actually reached his 21st birthday and therefore could not be freed from his indentures, calculated that he would have his 21st birthday in 1940. I cited the libretto in RISKS-17.81. The first performances of *Pirates* were at the end of 1879. The official opening was in New York at the Fifth Avenue Theatre on 31 Dec 1879, with a sneak preview at the Royal Bijou in Paignton, Devonshire, the night before -- which had been postponed by one day; perhaps W.S. Gilbert had desired to have the sneak preview on *29* December!). I presume that Gilbert did the calculation on Frederick's behalf, and did *not* know about the 1900 anomaly. I also presume that Frederick did not know about the 1900 anomaly, because he had been brought up by his nursemaid Ruth and the pirates mostly at sea. On the other hand, the pirates were not really pirates, but rather noblemen who had gone wrong (as we discover in Act Two), in which case they probably wouldn't have known anyway. If we assume that Gilbert and Frederick both did not know about the 1900 anomaly, then Frederick must have been born in 1856. If, on the other hand, Gilbert endowed Frederick with modern algorithmic powers, then perhaps Frederick was indeed born in 1952. I doubt it very much. However, I have spent so much time lately correcting folks who think 2000 is NOT a leap year (including one would-be contribution that warned about all the folks who seem to think 2000 *is* a leap year) that I neglected to remark on the 1900 glitch. Incidentally, Clive also noted Isaac Asimov's *Black Widowers* story, which raises the 1856/1900/1940 question and the fact that *Pirates* might not actually be set in 1877, the year that *H.M.S.Pinafore* was written. Asimov seems to have thought of *everything* long before everyone else, but I still suspect Gilbert did not know about, or simply ignored, the 1900 glitch. [Typo in 1856 corrected in Archive. PGN] ------------------------------ Date: Fri, 1 Mar 1996 13:06:07 -0500 (EST) From: Warren R Carithers Subject: A major OS leap year glitch We received the following announcement from our Institute computer center (ISC) regarding the operating system on many of their computers (names of individuals and systems, and phone numbers, elided): > Date: Thu, 29 Feb 1996 13:26:19 -0400 (EDT) > From: xxxxxx > Subject: FYI... an oops on the part of DEC and OSF > > 29-Feb-1996 - Digital UNIX/DCE leap year bug > > ISC's UNIX computing systems have encountered a severe bug in the > operating system. The bug prevents DCE from functioning at all between > February 29th and March 31st during a leap year. To allow our DCE > systems to continue functioning, the date on all of ISC's system has > been set to April 1st. > > This affects the following systems: > > ... > > and the following services: > > Web Server, Listserver, Dial-IP, News Server > > Digital is working very hard to correct this problem as it affects all > of their DCE customers. As soon as Digital has a solution it will be > installed and the date will be returned to normal on these systems. > > Please contact the ISC HelpDesk at nnn-nnnn voice or nnn-nnnn v/tty, > stop by our office in Ross room A291, or use ASK Information Systems and > Computing for questions or concerns. True to the message, the system date on the affected systems continues to be one month ahead (today, for instance, is April 2, 1996 according to these systems). One wonders exactly how an extra day in February causes the loss of an entire month in this particular OS.... In any event, there will be many unexpected side-effects of this glitch; at a minimum, once the bug is corrected and the date can be restored, software which examines timestamps such as modification dates on files may be in for an interesting few weeks. Warren R. Carithers, RIT Dept. of Computer Science, Rochester NY 14623-5608 wrc@cs.rit.edu, wrcics@rit.edu (716) 475-2288 http://www.cs.rit.edu/~wrc/ ------------------------------ Date: Fri, 1 Mar 1996 12:37:50 -0700 (MST) From: jot@tmp.medtronic.com (Jot Powers) Subject: Arizona lottery blottery on 29 Jan 1996 [A little bit of background: Here in Arizona, about 6 months ago they changed vendors for the machines for the state lottery. Evidently this company bid lower, and would require 1 fewer keypress per ticket sale. The initial install was a debacle, with roughly 40% of the machines not being brought on-line in time because of communications problems and weather problems at the time. And so the saga continues...] Machines refuse to recognize 29 Feb 1996 (*Arizona Republic*, 1 Mar 1996) [typo on the first 1996 corrected in ARCHIVE COPY. PGN] Chuck Brooke, executive vice president of AWI's [the lottery machine vendor] Phoenix office, said the glitch was the result of an error made by the corporation's software designers in Hackensack, N.J. The leap-year glitch did not affect AWI's other state lottery clients in Delaware, Florida, Michigan, Minnesota, Pennsylvania, South Dakota and Washington state, he said. It is estimated that roughly 60,000 people were unable to purchase tickets. This only affected the Fantasy 5, and not Powerball, Lotto and the Scratchers tickets. I never buy lottery tickets anyway, but I wouldn't plan on buying any at the end of 1999. ;) [Why not? It might be the best gamble of all! PGN] Jot Powers Unix System Administrator, Medtronic Micro-Rel (602) 929-5418 jot@tmp.medtronic.com ------------------------------ Date: Thu, 29 Feb 1996 21:30:19 -0700 From: Alan Hamilton Subject: Leap-day not insurable Another leap-day bug.... I was shopping for a new auto insurance policy today, and found one I liked. When I went to the agent's office, though, he told me that he couldn't write a one year policy. The computer that sets up the policies adds one to the year to get the expiration date. A policy written on Feb. 29, 1996 would expire at 12:01am Feb. 29, 1997. Uh oh. He my the policy up to start March 1, and I'll keep my old policy for one more day. Alan Hamilton alanh@primenet.com ------------------------------ Date: Fri, 1 Mar 1996 08:24:37 -0500 From: Monty Solomon Subject: Time Bomb Still Ticking For Year 2000 (Edupage, 15 Feb 1996) The Gartner Group predicts that half of all companies affected by the year 2000 date field problem will still be unprepared when the fateful day arrives. "A lot of companies are like deer frozen in the headlights of a big truck coming right at them," says a Gartner analyst. Some industry experts estimate the cost of fixing the problem at $40 million per large corporation, with the global price tag pegged at $400 billion to $600 billion. Many corporations are wondering if their old systems are worth all the trouble: "Do we just fix the millennium bug, or should we take this as an opportunity to put in some new systems?" asks one CIO. (Information Week 5 Feb 1996, p30) ------------------------------ Date: Fri, 1 Mar 1996 19:37:12 +0900 (JST) From: Chiaki Ishikawa Subject: Japanese credit cards and the year 2000 Japanese newspaper Asahi-shimbun had a large news article concerning the year 2000 and computer programs. From the article, I learned that many Japanese offices of credit card companies are now refusing to issue credit cards of which expiration date is later than December 1999. (I didn't know this. A clever interim solution, I have to agree.) They are trying to upgrade all the verification devices(?) at cooperating stores before issuing such cards. I also got the impression that the biggest problem is who is going to pay for the upgrade of such machines. Chiaki Ishikawa, Personal Media Corp. Shinagawa, Tokyo, Japan 142 ishikawa@personal-media.co.jp ------------------------------ Date: Fri, 1 Mar 1996 15:32:28 +-1100 From: Steve Elliott Subject: Re: Year 2000 banking disasters At 1500 31Dec99 I plan to send all of my money from my Sydney bank to my London bank where it will arrive at 0400 31Dec99. At 1500 31Dec99 I will instruct my London bank to send all of my money to my New York bank where it will arrive at 1000 31Dec99. At 1500 31Dec99 I will instruct my New York bank to send all of my money to my Sydney bank where it will arrive at 0700 1Jan00. My money will therefore be out of Sydney from 1500 31Dec99 .. 0700 01Jan00, in London from 0400 .. 1500 31Dec99, in New York from 1000 .. 1500 31Dec99 and NOWHERE from 2359 31Dec99 .. 0001 01Jan00. The risks? I may get so drunk celebrating the new year that I am incapable of signalling my London and New York banks to make the transfers! Steve Elliott, NORESE Pty. Ltd. 4, Glassop St. Balmain NSW 2041 Australia +61 (41) 12 608 12 selliott@world.net Home: www.world.net/~selliott ------------------------------ Date: Fri, 01 Mar 1996 01:09:17 -0600 (CDT) From: MULLIGAN@ACM.ORG Subject: Re: Risks of year-2000 precautions (Mills, RISKS-17.81) > Is it a flaw in our risk perception where we incorrectly equate > infrequent==unlikely or infrequent==insignificant? Perhaps the options should include: c) infrequent==I'll take care of that later; and d) infrequent==It will be someone else's problem. Having been through the turn of the century problem once already (the 19th century), I've watched the discussions with a certain bemusement. In the early 70's I inherited a system with several accounts that were in arrears since 1895. The key program subtracted the original date from the current one and tried to calculate interest for -24 years. As might be imagined, it was a government system. A legal fight had been abandoned by both sides, but no one was prepared to write off the charges without a final court decision. The clerks had been dutifully copying the items from ledger to ledger for 75 years. I applied option (d) and patched around the affected accounts, leaving the proper resolution to _my_ successor. Since then I've applied option (c) more often I'd like to admit. Even though I knew better, human nature is perhaps the biggest risk of all. barry ------------------------------ Date: Thu, 29 Feb 96 13:08:00 PST From: John Light Subject: Positive feedback and the law of averages (Re: Brader, RISKS-17.80) Mark Brader's article "Risks of year-2000 precautions" (RISKS-17.80) is a specific case of a risk that is growing every day. During a typical day we count on the law of averages treating us reasonably well. For example, not everybody will choose to eat at the restaurant you go to for lunch today. Not everyone will take a sidetrip on the freeway you commute on today. Not everyone will access your favorite web site when you want to use it. Only recently has news about local events been so readily and quickly available that the law of averages may fail to be a friend. A review of a luncheon special at your restaurant on the net at 10 a.m. could mean that half your town decides to go there for lunch. A mention at 4 p.m. of a store giveaway off your freeway may send half the city on the freeway you need. And a positive review in a magazine of your favorite website may send millions of people to it over a weeks time, making it useless to you. As our access to timely news about specific future events grows, along with our improving mobility in real and cyber space to take advantage of them, we may be overcome with instant, temporary fads that sweep across the landscape like tsunamis. People who are listened to (e.g., Dyson) will have to be very careful what they say for fear of the effect. In the worst case of the frenzy chasing ephemeral fads, people may die (in collisions and crushes), so self-censorship will become the norm. The engineering principle of positive feedback can be applied to the time constants involved to predict this risk. And the more tied into cyberspace we all are, the worse it can get. (Of course, this has been covered in the Science Fiction literature, but I can't remember which ones.) John Light jjlight@ibeam.intel.com ------------------------------ Date: Fri, 1 Mar 1996 14:11:43 -0600 (CST) From: "Prof. L. P. Levine" Subject: Re: Risks of year-2000 precautions (Madison, RISKS-17.81) Some time ago we had a scare about the an oil crisis. People changed their gas buying habits, filling the tank up more often than normal. This alone caused a shortage. Let me illustrate: Consider a population of 100 million vehicles each with a ten gallon gas tank. Assume that each driver fills the tank when it is empty. This results in 100 million tanks with 5 gallons each or 500 million gallons of gas in a "rolling reserve" of fuel. Now assume that a shortage is announced and that people fill their tanks when they are half empty rather than when they are empty, after all with a shortage you don't want to run out of gas. This will result in cars running around with 7.5 gallons of gas in their tanks. The "rolling reserve" now is raised to 750 million gallons. Whatever the situation was when the shortage was proclaimed it is now 250 million gallons worse. Conclusion, shortages and the hoarding that results will make situations worse or will make bad situations appear where there was nothing to drive them in the first place other than a rumor. Leonard P. Levine, Professor, Computer Science, Univ. of Wisconsin-Milwaukee Box 784, Milwaukee, WI 53201 levine@cs.uwm.edu 1-414-229-5170 ------------------------------ Date: Fri, 1 Mar 96 13:13:30 PST From: odinba!odin!gretchen@uunet.uu.net (Gretchen Herbkersman Dept 5428) Subject: Year-2000 question on defensive software tools One of my colleagues is looking for software which will scan code and identify any that might not work, come the year 2000. Having seen discussion in comp.risks about this topic, I wonder if perhaps you might know where we could direct such a question in hopes of an answer--assuming your forum is NOT the place to do it. My colleague has no Internet access at all, and mine is somewhat limited. Any suggestions you might have would be received with gratitude. Please reply by email to gretchen@portsmouth.com. [and we hope Gretchen will share her results with RISKS. PGN] Gretchen ------------------------------ Date: 29 Feb 1996 15:51:58 -0800 From: petejim@best.com (Jimmy Aitken) Subject: Incorrect ATM menus I've just managed to sort out a problem with my Visa credit card here which all stems back to a poorly worded (if not downright wron) menu on an ATM screen. At work our local credit union have installed an ATM for our convenience. When you go up to it and swipe your card, it brings up menu items, including one that says it can transfer money between accounts. I got my Visa card from the credit union, so this seemed a good way of paying my bill fast and not have to worry about mail delays etc. I selected "transfer money", "from checking", "to credit card", keyed in the amount and got a receipt for it. All good and well. 2 weeks later I got a letter from Visa saying that I had exceeded my credit limit and they had not received my payment for the last statement. I phoned up the local branch and was informed that the ATM at work, is only for dispensing cash and not other transaction. My account history doesn't show me trying to take money from my checking account, so if I didn't have the receipt I would have been out in the cold. If anyone out there works for banks/etc., it would perhaps be a good idea to put code in to say "you can't do that from here..." and *not* issue a receipt that says the amount has been paid. Jimmy jimmy@pyramid.com [work] jimmy@peter.com [home] ------------------------------ Date: Thursday, February 29, 1996 7:26 AM From: Dick Moores Subject: Online Cyberlaw Workshop [via blanc and minow@apple.com (Martin Minow)] CYBERSPACE LAW FOR NONLAWYERS Three highly respected law school professors (Professor Larry Lessig, University of Chicago Law School; Professor David Post, Georgetown University Law Center; and Professor Eugene Volokh, UCLA School of Law) have written a *FREE*, online cyberlaw workshop called, appropriately, "CYBERSPACE LAW FOR NONLAWYERS." CYBERSPACE LAW is specifically written for lay people like you and me, and the workshop's lessons use easy-to-understand English -- NOT legalese and Latin! YEAH, BUT WILL I *UNDERSTAND* IT? Actually, yes. The workshop's authors really are writing CYBERSPACE LAW's lessons for educated lay people, *NOT* lawyers. I took a look at an earlier article written by one of the workshop's professors (Eugene Volokh, "Cheap Speech and What It Will Do", 104 Yale L.J.1805 (1995)), and I have to say that I am quite impressed ... although I have to say that I am quite disappointed that Volokh did not have a single Southern word *anywhere* in his article :) WHAT WILL THE WORKSHOP COVER? CYBERSPACE LAW is going to help you learn the basic principles of -- and unlearn some common myths about copyright law, free speech law, libel law, privacy law, contract law, and trademark law, as they apply on the Net. Each CYBERSPACE LAW "lesson" should be about the size of an average TOURBUS post (about a page or two), and will e-mailed to you through an e-mail distribution list. The CYBERSPACE LAW workshop will last a couple of weeks, and you'll get two or three letters a week from the authors ... and, best of all, the entire workshop is FREE! THE INSTRUCTORS Professor Larry Lessig clerked for U.S. Supreme Court Justice Antonin Scalia, and now teaches constitutional law and the law of cyberspace at the University of Chicago Law School. He's written about law and cyberspace for the Yale Law Journal and the University of Chicago Legal Forum (forthcoming). Professor David Post practiced computer law for six years, then clerked for U.S. Supreme Court Justice Ruth Bader Ginsburg. He now teaches constitutional law, copyright law, and the law of cyberspace at the Georgetown University Law Center. He's written about law and cyberspace for the University of Chicago Legal Forum (forthcoming) and the Journal of Online Law, and writes a monthly column on law and technology issues for the American Lawyer. Professor Eugene Volokh worked as a computer programmer for 12 years, and is still partner in a software company that sells the software he wrote for the Hewlett-Packard Series 3000. He clerked for U.S. Supreme Court Justice Sandra Day O'Connor, and now teaches constitutional law and copyright law at the UCLA School of Law. He's written about law and cyberspace for the Yale Law Journal, Stanford Law Review, Michigan Law Review (forthcoming), and the University of Chicago Legal Forum (forthcoming). TO SUBSCRIBE The CYBERSPACE LAW workshop probably won't start for a month or so, but you should sign up as soon as you can. To subscribe to the workshop (for FREE!) send an e-mail letter to LISTPROC-REQUEST@COUNSEL.COM with the command SUBSCRIBE CYBERSPACE-LAW yourfirstname yourlastname in the body of your e-mail letter, replacing "yourfirstname" and "yourlastname" with your first and last names. ------------------------------ Date: 27 February 1996 (LAST-MODIFIED) From: RISKS-request@csl.sri.com Subject: ABRIDGED info on RISKS (comp.risks) The RISKS Forum is a moderated digest. Its USENET equivalent is comp.risks. SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) on your system, if possible and convenient for you. BITNET folks may use a LISTSERV (e.g., LISTSERV@UGA): SUBSCRIBE RISKS or UNSUBSCRIBE RISKS. [...] DIRECT REQUESTS to (majordomo) with one-line, SUBSCRIBE (or UNSUBSCRIBE) [with net address if different from FROM:] INFO [for unabridged version of RISKS information] CONTRIBUTIONS: to risks@csl.sri.com, with appropriate, substantive Subject: line, otherwise they may be ignored. Must be relevant, sound, in good taste, objective, cogent, coherent, concise, nonrepetitious, and without caveats on distribution. Diversity is welcome, but not personal attacks. [...] ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. By submitting an item that is accepted for publication in RISKS, the author grants permission for unlimited noncommercial public distribution and redistribution in electronic and print form. Relevant contributions may appear in the RISKS section of regular issues of ACM SIGSOFT Software Engineering Notes or SIGSAC Review. RISKS can also be read on the web at URL http://catless.ncl.ac.uk/Risks RISKS ARCHIVES: "ftp ftp.sri.comlogin anonymous[YourNetAddress] cd risks or cwd risks, depending on your particular FTP. [...] [Back issues are in the subdirectory corresponding to the volume number.] Individual issues can be accessed using a URL of the form http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue] ftp://ftp.sri.com/risks PRIVACY: For info on the PRIVACY Forum Digest and Computer PRIVACY Digest, see the unabridged INFO file at RISKS-Request (send one-line message INFO to risks-request@CSL.sri.com as noted above). ------------------------------ End of RISKS-FORUM Digest 17.82 ************************