Subject: RISKS DIGEST 18.22 RISKS-LIST: Risks-Forum Digest Tuesday 18 June 1996 Volume 18 : Issue 22 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator ***** See last item for further information, disclaimers, caveats, etc. ***** Contents: Minor real-world spelling-checker story (Mark Seecof) About the American Hyphen Society (Bob Masson via others) Mike's TV is kind of funny... (Michael F. O'Connor via Richard Cook) Click *here* to lower the fuel rods (Chris Rebholz via others) More AOL censorship ["And it reaches new lows..."] (Barry Shein via K.Bostic) Software products certification (Stephane Geyres) Warning!!! Cellular Cloning (Veronica) Re: Magellan 2000/3000 GPS nightmare (Boyd Roberts) "Piece of Plastic" Used to Detect Drugs (Jerry Marco) Re: "Child Molester Database" on the Web (Bear Giles, Thomas Insel) Re: Physical barriers in the cockpit (Chiaki Ishikawa) Some Info on Space Flight (Derek Lyons) Re: Ariane 5 (Erling Kristiansen) Re: The European Space Agency's little problem (Prevelakis Vassilis) ABRIDGED info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Thu, 13 Jun 1996 13:07:14 -0700 From: Mark Seecof Subject: Minor real-world spelling-checker story The *Los Angeles Times* recently completed a project to improve automatic spelling-checking and hyphenation for news copy (work made necessary when the paper dispensed, several years ago, with proofreaders). The automatic spelling checker previously used a both a dictionary and an algorithm that tested words against a root and a (fairly) arbitrary arrangement of common prefix and suffix strings. The algorithmic check passed many invalid words. Now it has been eliminated and only the dictionary--much expanded--is used. It took more than a month of concentrated effort to expand the dictionary to include common words previously covered by the algorithmic check. To improve dictionary-based hyphenation (the algorithmic hyphenator has also been disabled) two people spent much time over months re-hyphenating 135,000 dictionary entries. The system still makes no effort to detect words that are in the dictionary but that do not belong in context. Mark Seecof ------------------------------ Date: Mon, 17 Jun 96 11:58:59 PDT From: "Peter G. Neumann" Subject: About the American Hyphen Society Date: Mon, 2 Oct 1995 08:35:04 -0400 >From: bostic@bsdi.com (Keith Bostic) To: /dev/null@python.bostic.com [>FROM: Yucks Digest Wed, 12 Jun 96 Volume 6 : Issue 6] spaf@cs.purdue.edu (Gene "Chief Yuckster" Spafford), to whom it was Forwarded-by: kole@hydra.convex.com (John P. Kole) >From: masson@convex.com (Bob Masson) About the American Hyphen Society The American Hyphen Society is a community-based, not-for-profit, grass-roots consciousness-raising/education-research alliance that seeks to help effectuate the across-the-board self-empowerment of wide-ranging culture-, nationality-, ethnicity-, creed-, gender-, and sexual-orientation defined identity groups by excising all multiculturally-less-than-sensitive terminology from the English language, and replacing it with counter-hegemonic, cruelty-, gender-, bias-, and, if necessary, content-free speech. The society's motto is "It became necessary to destroy the language in order to save it". Its headquarters are in Wilkes-Barre, Pennsylvania. [Walla-Walla would do nicely for a west-coast mail-drop. Readers who recall my 1 April 1996 excerpt from my Hyphenater's Handbook (RISKS-17.95) may find this old item interesting. PGN] ------------------------------ Date: Mon, 17 Jun 1996 15:28:39 -0600 From: ri-cook@uchicago.edu (Richard Cook) Subject: Mike's TV is kind of funny.... >From: mfoconno@midway.uchicago.edu >Mime-Version: 1.0 >Date: Mon, 17 Jun 1996 06:13:33 -0600 >To: ri-cook@uchicago.edu >Subject: Mike's TV is kind of funny.... > >Richard, > > Appreciating as I do, your preaching about the perils of automation >- I thought I'd forward this piece to you. Please understand that this is >a more understandable portrayal of your concerns than any of your current >examples. It would also engender substantially more political support.... > >>.c The Associated Press >> >>CHICAGO - I'll take "embarrassing mix-ups" for $1,000, Alex. >> >>Jeopardy viewers in 22 Chicago suburbs recently found themselves suddenly >>watching cavorting, naked women rather than the usual three contestants >>phrasing answers in the form of a question. >> >>About 10 minutes of the Playboy Channel was inadvertently broadcast during >>the time slot normally reserved for Alex Trebek's show. >> >>"Some equipment we use to cablecast was having some problems," Continental >>Cablevision spokeswoman Susan Bisno said. >> >>She gave no details. "There's no defense," she said. "It was awful." >> >>The mix-up affected scattered suburbs from Evanston just north of Chicago to >>Burbank, to the southwest. Continental said it will apologize in writing to >>customers who complain. >> >Michael F. O'Connor, M.D. ph: (312) 702 - 6700 DACC Univ of Chicago ------------------------------ Date: Mon, 17 Jun 1996 19:15:36 -0400 (EDT) From: tale@UU.NET (David C Lawrence) Subject: Click *here* to lower the fuel rods. Forwarded-by: Keith Bostic Forwarded-by: harry@sj.unisys.com From: "Rebholz, Chris" A true war story: I used to work for the dearly departed Ingres, a relational database company. One day, the folks in Tech Support wandered up the stairs to the floor I worked on. They looked particularly ashen-faced. Someone finally asked them what the problem was. Apparently, Edison Power and Light (the New Jersey equivalent of PG&E) had called our East Coast support office in Saddlebrook, NJ, a half-hour earlier. They used Ingres to keep track of the rods moving around in the nuclear cores on a DEC VAX. Somehow, the database had become corrupted. If it didn't get fixed in four hours, when the next core rotation began, a meltdown was likely. Fortunately, (1) our Saddlebrook office was a half-hour from their site, and (2) all VAXes had the ability to have remote hardware diagnosis performed by their world-wide support center in Colorado Springs, CO, through a piece of firmware built into every VAX. Not surprisingly, the folks at DEC gave this problem a rather high priority. After about an hour and a half, it was determined that a disk sector was corrupted. It was repaired, and life as we continue to know it went on. Welcome to Product Land, folks! It's got a different set of problems than Academia taught us all. Remind me to tell you about answering questions about how we at Ingres said we would provide support during nuclear wars at a sales call to the Strategic Air Command some time... ------------------------------ Date: Fri, 13 Oct 1995 16:05:02 -0400 From: bostic@bsdi.com (Keith Bostic) Subject: More AOL censorship ["And it reaches new lows..."] [Appeared in Yucks Digest V6 #7, from spaf@cs.purdue.edu (Gene "Chief Yuckster" Spafford)] From: bzs@world.std.com (Barry Shein) So I just get a "spam" complaint from an AOL postmaster threatening: >From: Postmaster@aol.com >To: netadmin@world.std.com, postmaster@world.std.com >Subject: Fwd: cc:Mail UUCPLINK 2.0 Undeliverable Message >Date: Thu, 12 Oct 1995 16:49:01 -0400 > Repeated offenses of this nature will result in AOL taking action to > prevent further problems. etc. I look down at the message in question (they enclosed it) and it's just a few mail bounces through a mailing list out of World to some customer (look at the subject line above, some kind of cc:Mail lossage and unfortunately cc:Mail bounces back to the From: address and ignores stuff like Errors-To: and Replies-To:, constant nuisance), a list to which their customer is explicitly subscribed and apparently has been for a while. I guess the customer didn't like the bounce message, and I guess the AOL postmaster has decided that bounce messages are "unsolicited mail". The message from the postmaster also made the point that their customers have to pay for all their e-mail so this is a problem (well, THEN *YOU* EDIT THEIR MAIL -- YOU'RE GETTING THE @$%#^ MONEY, NOT ME!) This is why we also have to be careful with this anti-spam crap, there are people out there, some of whom work as postmasters for the largest online services on the planet, who, are, well...you get my point, can't quite fog a mirror, I guess is the expression. I took the guy off the list and told the postmaster to tell him and tell him that it's ok if he re-subscribes as far as I'm concerned but perhaps that will remind him that HE SUBSCRIBED. Morons. I may just mass unsub all AOL addresses from all lists here. I mean, this is their postmaster threatening, not some random. [I have a friend who went to work for AOL and she was wondering why people picked on AOL all the time. Sigh. --spaf] [Hugh Davies shared with me a marvelous list of innocent place names that would cause AOL great grief, along the lines discussed in RISKS-18.07 and 18.08. But including the list here would probably cause all our AOL subscribers -- and RISKS -- to be blacklisted. PGN] ------------------------------ Date: Tue, 18 Jun 1996 11:07:26 +0100 (WET DST) From: Stephane Geyres Subject: Software products certification >> A new marking for all software products << Software quality is a fundamental challenge in our ever changing society, in particular in the perspective of the use of computers and networks by all of us and within all sectors of social and professional life. Fully aware of what is at stake, the AFNOR (Association Francaise de NORmalisation) General Executive Officer has just approved - in early May - the publication of the rules of a new marking called "NF Logiciel". ("Logiciel" is French for "software".) NF Logiciel is designed to be applicable to any software, whatever its application domain, its functionalities or its origin. This adaptation of the general - and well known - NF marking is meant to be an official statement of the actual quality of those software products being marked. This marking is both an alternative and a complement to more usual quality system certification approaches: - an alternative because it is not necessary to be certified to get the NF Logiciel marking for one's products, - a complement because the marking requirements are based on those of quality system certification, which allows certified companies to get rather easily the NF logo for their products. Based on sound and recognized international standards (NF ISO/CEI 12119 & ISO 9001), the NF Logiciel is an unprecedented opportunity for software providers to turn their investments in software quality into visible evidence to the end user. Several softwares are already undergoing an evaluation and first formal markings are expected during next fall. For more information, please contact stephane.geyres@psti.mipnet.fr Another simple way to know much more is to send an e-mail message to our server as follows: (Sorry, the documents are only in french so far...) To: info@psti.mipnet.fr Subject: cd nf-logiciel send referentiel-nf-logiciel-1.0.ps quit ------------------------------ Date: Mon, 17 Jun 1996 15:47:17 -0400 From: Bartle X-terminals Subject: Warning!!! Cellular Cloning A year ago, I brought a cellular phone in my name for a friend, due to his lack of proper documents. A month later, my first bill reflected an amount of $1300, as a result of a fraud. I panicked and cancelled my service right away. I had to pay $250 for early termination fee (under the contract) and an additional $400 for my cellular phone (to keep.) AT&T Wireless told me that they had put the case under investigation. To make the story short, I received a letter from them (six months later,) saying that the case was not a fraud. In the statement, more than 950 calls were made to many areas in NYC, Long Island and New Jersey. There were calls billed twice within the same time and date, made to the same number as well. Calls were made up to 14 hours in a row (, which was IMPOSSIBLE to achieve without a car) because we have a 2 hour battery. Furthermore, on the night that I had cancelled the service a year ago, my whole family, the co-user, family friends all sat by me as I cancelled the service. I was told to document everything. Well, according to the bill, my unused cellular phone, that sat by my side, beeped a person 3 minutes before I got off the phone with the cellular representative...3 MINUTES BEFORE MY SERVICE WAS OFFICIALLY TERMINATED!!! I know for a fact that NO ONE used the phone. So who did? This is the result of what is called cloning. AT&T refused to take my word for what happened. At this point, my case is transferred to a collective agency and it is terminated. They sent me a letter saying that there was no fraud. No signature was on the letter and the only reason given for their decision was that I had a co-user. The moral of the story is: 1. DO NOT buy anything for anyone else, for no matter what becomes of this, I AM RESPONSIBLE for the "debt". 2. DO NOT trust cellular companies. I was told many times that this happens everyday. I was unfortunate to get such a dramatic bill. INVESTIGATION DOES NOT BRING JUSTICE. I am now left with the option to pay the money in full(with 20% off for God knows what reason,) or go to court. They warn me against it because it may cost me more... If you have any suggestions, comments, questions or advice, please e-mail me, Veronica, at vera@gnn.com. I would appreciate it greatly. ------------------------------ Date: Tue, 18 Jun 1996 15:46:40 GMT From: Boyd Roberts Subject: Re: Magellan 2000/3000 GPS nightmare (RISKS-18.21) After my _brand new_ Magellan 3000 spent about 20 seconds submerged under water, causing it to fail, I bought a Magellan 2000, because I felt the need to navigate for the Housbot Escapade at the weekend. However, the 2000 has an intermittent in it. It's some sort of mechanical problem with the receiver which causes it not to boot, switch off, reset and generally annoy you -- you have to nurse it like a baby. Faced with this, the level of confidence you place in it drops to zero -- a bad thing for a navigation instrument. Just how easy is it to trigger this intermittent? Well, any mild shock will do; placing it on a hard surface, putting in the pocket of my CWU-36P [Jacket, Flyer's, 100% Polyamide], handing it to someone. All sorts of high-G manoeuvers like that. Fixing it requires another mild shock :-) and some persistence with the on/off button. You could say I'm less than happy. Where is their Quality Control? Boyd Roberts boyd@france3.fr ------------------------------ Date: Mon Jun 17 11:13:27 1996 From: jlm@utxvms.cc.utexas.edu Subject: "Piece of Plastic" Used to Detect Drugs >From "News of the Weird," a syndicated column, published in the Austin Chronicle on 14 June 1996: In May, a federal judge in Beaumont, Texas, issued a permanent injunction against the Quadro Corp. of Harleyville, S.C., which had been selling a plastic box with an antenna on it to government agencies and schools for up to $8,000 each as an illegal-drug finder. FBI tests had found the device merely a piece of plastic, utterly incapable of detecting drugs or anything else. However, several law enforcement officers and school principals swore to the judge that the Quadro Tracker worked for them. RISKS? Where to begin? Use of a device without any knowledge of its workings. Believing anything the sales guy tells you. Failure to run controlled tests on a device before placing it into service. Believing that a box with an antenna on it could possibly detect drugs in the first place. Hiring credulous individuals as "police officers and school principals." Placing near-dictatorial power in the hands of school principals. Perhaps someone else has more detail. I'm particularly interested in the assertion that the Quadro Tracker "worked for them," and in the fate of those whose supposed possession of illegal drugs was detected by the device. Were the individuals searched? Are those searches now deemed to have been illegal? Was action taken against anyone on the grounds of the Quadro Tracker's results alone? On what basis do the officials believe that the Quadro Tracker worked? [PGN, I'll preemptively note that the judge made the "illegal-drug finder" an "illegal drug-finder."] Jerry Marco University of Texas General Libraries jlm@utxvms.cc.utexas.edu ------------------------------ Date: Mon, 17 Jun 1996 22:05:48 -0600 (MDT) From: Bear Giles Subject: Re: "Child Molester Database" on the Web (Brown, RISKS-18.21) The official registries maintained by states (which can hurt you in much more serious ways than a web site) use information sources which are just as questionable. As I recall, in Colorado therapists are required to report the name of any patient reporting being a _victim_ of sexual child abuse, if the individual is 27 or younger. This stellar example of legislative reasoning was based on the observation that many (most?) abusers were themselves abused. Therefore "anyone who was a victim is likely to be an abuser and should be tracked." The cutoff age was apparently based on another statistic with equally dubious pedigree. This might not be so bad if the registry was well run, but it appears (from the discussions in the local media) that once you're on the list there's no distinction between people actually convicted of crimes and people who were listed due to nasty divorce battles or therapy sessions. Furthermore, it's virtually impossible to remove your name from the list once it has been added. Cries of innocence are viewed with the same skepticism as we hear in the cryptology debate -- if you have nothing to hide, why are you so bothered? ------------------------------ Date: Tue, 18 Jun 1996 05:47:42 -0500 From: Thomas Insel Subject: Re: "Child Molester Database" on the Web (Brown, RISKS-18.21) > ... In other words, they come right out and > say that their information cannot be trusted. Worse still, the author realizes the possibility that listed people may be upset and reports recent experience with false listings. Nevertheless, according to the dispute resolution procedures at http://www.greatworld.com/public/mdispute.htm the only authentication required from an accuser is a valid e-mail address, and if the poster claims to be a victim, relative of a victim, or friend of a victim, a disputed listing will stand, even without a conviction. He claims that a posted rebuttal will provide "more than equal opportunity" for defense. I'm not a lawyer, but surely these policies leave the listings' proprietor open to an incredible (and probably justified) libel suit, during which it may be impossible to identify the original accuser. Tom ------------------------------ Date: Tue, 18 Jun 1996 21:30:29 +0900 (JST) From: Chiaki Ishikawa Subject: Re: Physical barriers in the cockpit (Re: Reinsch, RISKS-18.21) I admit that placing plastic cap, or even a paper coffee cup(?) is a great way to remind pilots not to touch certain levers and/or buttons. I often do something similar if I want nobody to touch certain computer keyboard while some important tests are under way on the machine. What bothered me in the shooting down of F-15 and its subsequent investigation is that the investigation team didn't go down to the bottom of the real cause of why the main firing system became active despite the main switch being turned off. Static electricity was rumored to be the cause initially, but in the final report, as far as I read in newspaper articles, no clear culprit was mentioned. This means that there might be, albeit with very small possibility given that F-15s have been flying in the sky all over the world for so many years, a rare bug such that the firing system may spontaneously fire missiles no matter what the main switch position is and whether trigger button is pressed or not. (Am I getting paranoia these days?) Placing a plastic cap may be useless if such rare (still possible) bug lurks in the system, and I felt disappointed that the investigation team let the bug go unnailed. It would indeed be comical if a poor pilot finds one day a missile is launched while the plastic cap is firmly in place... Well, not so comical, come to think of it. BTW, I am eagerly waiting for the initial words regarding the cause of shooting down of American plane by a Japanese navy boat. Chiaki Ishikawa Personal Media Corp. Shinagawa, Tokyo, Japan 142 ishikawa@personal-media.co.jp ------------------------------ Date: Mon, 17 Jun 1996 12:59:27 -0700 From: Derek Lyons Subject: Some Info on Space Flight Some serious misconceptions here, pardon me while I clear them up. >From: frank@artcom.de (Frank Rieger, RISKS-18.19) >Subject: Matra made software for Ariane5 AND Taipei subway system (R 18.17) >On the base of the information available now, I ask myself, why was there no >mechanism to avoid the control computers' attempt to go into this extreme >flight position? Why would you want to? The Control Computers *job* is to control the position of the engines. Redundant hard/software to correct for possible errors in the primary computers costs horribly in terms of weight and reliability, as well as being difficult to engineer and test. In addition is is extremely unlikely that a redundant system would detect a software glitch in time to prevent such a failure. Study the STS/Orbiter flight control systems for an object lesson in this. >Date: 10 Jun 1996 11:17:05 -0400 >From: "James Brady" (RISKS-18.19) >Subject: Re: The European Space Agency's little problem (Wood, RISKS-18.18) > >(The Space Shuttle can actually abort during launch under ...) No, the SRB's cannot be separated while burning. The stresses would tear the whole stack apart. (Uncontrolled separation (the only kind available at that point in flight) is what caused the Challenger to break up.) All STS abort modes require that the SRB's be ridden to burnout, and the that ET be nearly empty prior jettisoning it. >Date: Sat, 08 Jun 1996 21:31:59 EDT >From: Marc Horowitz (RISKS-18.19) >Subject: Re: The European Space Agency's little problem (Wood, RISKS-18.18) > >Apollo carried more valuable cargo than any commercial rocket. Remember, it >was the apollo astronauts who forced NASA to design a window into the >capsule, at a very high cost. This objection could only possibly be applied to the Mercury program, as a window was required for the objectives of both the Gemini and Apollo programs. In addition, the window proved its worth again and again during the Mercury program as any cursory study of the flights will show. ------------------------------ Date: Tue, 18 Jun 1996 09:37:21 +0200 (MET DST) From: Erling Kristiansen Subject: Re: Ariane 5 Excerpt from ESA press release 22-96: > FLIGHT 501 FAILURE - VEHICLE EQUIPMENT BAY RECOVERED > Investigation of the flight 501 failure has been under way > since 4 June. In particular, a large part of the equipment > contained in the vehicle equipment bay has been recovered > and inspected. This has revealed the existence of a malfunction > relating to the inertial platforms in Ariane-5 operating mode. Erling Kristiansen (erling@wm.estec.esa.nl) European Space Research and Technology Centre (ESTEC) ------------------------------ Date: Tue, 11 Jun 1996 12:59:41 +0200 From: Prevelakis Vassilis Subject: Re: The European Space Agency's little problem (Brady, RISKS-18.19) > [...] (The Space Shuttle can actually abort during launch under > specific conditions and return to the landing strip at Kennedy, or go on to > a down-range site, or ditch in the ocean. Had sensors been available to > tell the crew or ground controllers of the burn-through problem, one of > these abort modes might have been employed with the chance of saving the > crew if not the vehicle.) There are two errors in the above paragraph. The first concerns the ditching into the Atlantic. It has been said again and again that the Shuttle does NOT have the ability to ditch into the ocean. The airframe is not sturdy enough to withstand the impact and the external surface (mostly made of fragile tiles) will disintegrate. It is true that in the pre-Challenger era if the astronauts found themselves in a position where ditching was the only alternative they were doomed. Nowadays they will be able to bail out using the extensible pole and parachutes while the Shuttle is kept on a level flight. The second error concerns the survivability of the Challenger failure. There was and there is no way to detach the Shuttle from the external tank while the SRBs are firing. So abandoning the failing external tank was not an option. What can be argued is that since the astronauts were not rendered unconscious from the violent separation, if they were wearing pressure suits instead of air packs they might be able to find their way out of the cabin and bail out. While this cannot be ruled out it is unlikely because the inside of the shuttle cabin is not exactly spacious and it must have been tumbling. Next, at this stage we are not talking about the shuttle, but about a part of the shuttle with bits hangling from it, no power and no way to keep it stable. If the pilots had ejector seats (like they had for the first test flights back in the early eighties) they could try ejecting, but I just can imagine the Challenger crew finding their way out in time to avoid the crash. ============ Now about the Ariane discussion. If the payload is irreplaceable, you don't send it aboard the first test flight of a new rocket. You pay for a normal flight which is also insurable (assuming the test flights are successful). Insurance in the satellite business is a hedging of the risk. If an operational launcher blows up then the premiums paid for all subsequent launches go up so that insurers can recoup their costs. So the launch clients collectively pay for the failure anyway. Insuring is thus a way to evenly spread the cost of failure. Remember that the Ariane failure mode is not that common. In most cases it is upper stages that fail, the satellites get placed in the wrong orbit or simply disappear. Parachutes will not save them in these cases. Also a launch vehicle will either evolve to be unlikely to blow up during launch or it will not be used. So putting parachutes will guard against an event that will have a steadily decreasing probability of occurrence. So we have to argue that we should put the ejection mechanism only on the first few flights (the Shuttle approach). In this case we have to balance the cost of developing the escape system against the cost of the cargo that will be saved IF the launcher fails. To this we have to add the cost of the replacement launcher and the cost of refurbishing the cargo after its recovery and preparing it for the next launch. You don't just pick it up and stick it back into the next Ariane. Now the developers of the first Ariane 5 payload didn't have enough money for buying space on a commercial launcher, so they wouldn't have money for the escape system anyway. Maybe the falacy of the whole situation is that they were allowed to spend $500 million without budgeting the $65 million launch costs. Vassilis Prevelakis CUI University of Geneva ------------------------------- Date: 18 March 1996 (LAST-MODIFIED) From: RISKS-request@csl.sri.com Subject: ABRIDGED info on RISKS (comp.risks) The RISKS Forum is a moderated digest. Its USENET equivalent is comp.risks. SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) on your system, if possible and convenient for you. BITNET folks may use a LISTSERV (e.g., LISTSERV@UGA): SUBSCRIBE RISKS or UNSUBSCRIBE RISKS. [...] DIRECT REQUESTS to (majordomo) with one-line, SUBSCRIBE (or UNSUBSCRIBE) [with net address if different from FROM:] INFO [for unabridged version of RISKS information] CONTRIBUTIONS: to risks@csl.sri.com, with appropriate, substantive Subject: line, otherwise they may be ignored. Must be relevant, sound, in good taste, objective, cogent, coherent, concise, nonrepetitious, and without caveats on distribution. Diversity is welcome, but not personal attacks. [...] ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. Particularly relevant contributions may be adapted for the RISKS sections of issues of ACM SIGSOFT Software Engineering Notes or SIGSAC Review. * Submissions: By submitting an item that is accepted for publication in RISKS, the author grants permission for unlimited public distribution and redistribution in electronic or other form. * Reuse: Blanket permission is hereby granted for reuse of all materials in RISKS, under the following conditions. All redistributed items must include the Risks-Forum masthead line. All reuse must be accompanied by the following statement: Reused without explicit authorization under blanket permission granted for all Risks-Forum Digest materials. The author(s), the RISKS moderator, and the ACM have no connection with this reuse. As a courtesy, reusers of individual items (as opposed to forwardings of entire issues) should notify the authors, and should pay particular attention to any subsequent corrections. RISKS ARCHIVES: "ftp ftp.sri.comlogin anonymous[YourNetAddress] cd risks or cwd risks, depending on your particular FTP. [...] [Back issues are in the subdirectory corresponding to the volume number.] Individual issues can be accessed using a URL of the form http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue] ftp://ftp.sri.com/risks The ftp.sri.com site risks directory also contains the most recent PostScript copy of PGN's comprehensive historical summary of one liners: get illustrative.PS PRIVACY: For info on the PRIVACY Forum Digest and Computer PRIVACY Digest, see the unabridged INFO file at RISKS-Request (send one-line message INFO to risks-request@CSL.sri.com as noted above). ------------------------------ End of RISKS-FORUM Digest 18.22 ************************