12-Feb-86 10:57:54-PST,9192;000000000000 Mail-From: NEUMANN created at 12-Feb-86 10:56:16 Date: Wed 12 Feb 86 10:56:16-PST From: RISKS FORUM (Peter G. Neumann, Coordinator) Subject: RISKS-2.10 Sender: NEUMANN@SRI-CSL.ARPA To: RISKS-LIST@SRI-CSL.ARPA RISKS-LIST: RISKS-FORUM Digest, Wednesday, 12 Feb 1986 Volume 2 : Issue 10 FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Computerized aircraft collision avoidance (Peter G. Neumann) Computerized Feedback and the Stock Market (Eric Nickell) Analyst Changes City Treasurer's Computer Code (Mike McLaughlin) Plutonium on the Space Shuttle (Tom Slone) Request to RISKS Readers from COMPASS 86 (COMPuter ASSurance) (Al Friend) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, nonrepetitious. Diversity is welcome. (Contributions to RISKS@SRI-CSL.ARPA, Requests to RISKS-Request@SRI-CSL.ARPA.) (Back issues Vol i Issue j stored in SRI-CSL:RISKS-i.j. Vol 1: MAXj=45) ---------------------------------------------------------------------- Date: Wed 12 Feb 86 10:46:35-PST From: Peter G. Neumann Subject: Computerized aircraft collision avoidance To: RISKS@SRI-CSL.ARPA As noted on various previous occasions, it is always nice to report computer-related successes in avoiding risks, but they seem to get scant notice. Perhaps some of you can keep your eyes open. I had a phone report last night of a TV news item in Washington DC, relating to a computerized aircraft collision-avoidance system that succeeded in preventing what otherwise would have been a midair collision yesterday. Can anyone provide details? Peter ------------------------------ Date: Mon, 10 Feb 86 08:31:17 PST From: Nickell.pasa@Xerox.COM Subject: Computerized Feedback and the Stock Market To: RISKS FORUM (Peter G. Neumann, Coordinator) Martin Minow's note about the effect that computerized stock traders can have on the market brings up an interesting general situation. Any self-correcting system which has a delay in the feedback loop (as opposed to something like a spring, where the feedback is instantaneous) can fail to correct itself if it is pushed too hard during a single feedback period. Further, if the forces acting on the system are themselves made a function of the system, there is the possibility of increasingly amplified oscillation until the system breaks down at some point. The stock market is a case in point. Stock prices drift according to the buying and selling of the stock. But in the case Martin Minow cites, I am guessing that the computers were able to deluge the system with sell orders before the price could adjust itself. The delay in price adjustment was not a problem until we had computers capable of swamping it with orders. Thus we may be introducing computers into environments where slowness provides some degree of stability to a process. Speed itself has its dangers. Eric Nickell Nickell.pasa@Xerox.xcom ------------------------------ Date: Mon, 10 Feb 86 10:14:01 est From: mikemcl@nrl-csr (Mike McLaughlin) To: risks@sri-csl.ARPA Subject: Analyst Changes City Treasurer's Computer Code Cc: mikemcl@nrl-csr D.C. FINANCE ANALYST LOCKED OUT OF OFFICE, GIVEN NEW DUTIES Deputy Mayor's Employe Changed Computer by Peter Perl, Washington Post Staff Writer , (indicates a bridge or clarification) A controversial D.C. government financial analyst who publicly accused his bosses of wrongdoing and recently changed a city treasurer's secret com- puter code to deny them access to files has been locked out of his office and assigned other duties... ... was removed from his job (7 Feb) because he changed the password to the treasurer's office computer and refused to tell his superiors the code. Frost confirmed yesterday that he had altered the computer code, saying he did so to prevent documents from being destroyed or altered, which he said has happened before. He charged that his transfer was a retaliation... for criticisms of District financial managers. ... (Deputy Mayor) Hill, who is under investigation by a federal grand jury ... called Frost "a nerd and an imbecile."... "He was insubordinate and he had no right to change the master code," Hill said... Frost... manages a $300 million cash investment portfolio, drew the ire of his superiors last year with his charges of incompetence and possible fraud in the cash management system." ... Frost's testimony put his superiors in hot water after disclosure that they had used the computer system to backdate a key memorandum. ... Frost said he decided to change the secret manager's computer code because he believed that another employe used to code to obtain a copy of (Frost's letter accusing superiors of incompetence or corruption) written in the treasurer's computer system - and leak it to the Washington Times. Williams realized (6 Mar) he could not get access to the manager's computer account and asked Frost ... Frost acknowledged that he had, but refused to restore the original code or tell Williams the new one... "(Frost) will be given a key to his new office," Hill said. "... He has a phone, a desk. He can continue to work. But he is not in there where the computer is." ------------------------------ Date: Tue, 11 Feb 86 09:49:49 pst From: michael%ucbiris@BERKELEY.EDU (Tom Slone [(415)486-5954]) To: risks@sri-csl.arpa Subject: Plutonium on the Space Shuttle Recent Freedom Of Information Act (FOIA) information has revealed that NASA officials considered the possibility of a Space Shuttle exploding to be so remote that the dangers of carrying tens of pounds of Plutonium aboard was not given much thought. Plans are apparently still in the works to launch these Plutonium driven space probes starting in May of this year. The manufacturer of these probes has claimed that the Plutonium element would have survived the Challenger explosion as material of similar strength was recovered from the debris. ------------------------------ Date: Tue, 11 Feb 86 10:41:50 est From: friend@nrl-csr (Al Friend) To: risks@sri-csl Subject: Request to RISKS Readers from COMPASS 86 (COMPuter ASSurance) WE NEED YOUR HELP ----------------- TO: The readers of the RISKS FORUM FROM: Program Committee COMPASS 86 1. We need an estimate of attendees and authors at a conference we are planning. Also, we need input in terms of ideas and events for it. 2. The conference is COMPASS 86, which stands for COMPuter ASSurance. This conference is all about the things we are discussing in this forum. The security and safety of processes rather than data banks, or communication links. We have in mind not only weapons and defense type systems, but medical systems, tranportation systems, and the multitude of computer controlled systems that touch our everyday lives. Dave Parnas will be the keynote speaker. There will be a series of panel discussions, which will address everything from SDI to the application of AI. Papers will be reviewed by computer and software scientists working in the areas of safety and security from the University of California, SRI, and the Naval Research Laboratory. The idea is to encourage new ideas, new applications of neglected ideas and promote useful interactions. 3. The conference specifics are: DATE: 7-11 July 1986 PLACE: The George Washington University, Wash., DC HONORARY CHAIRMAN (prospective): Ruth Davis, former Assistant to Deputy Undersecretary of Defense for Research and Advanced Technology GENERAL CHAIRMAN (prospective): H.O. LUBBES, Space and Naval Warfare Systems Command (lubbes@nrl-csr) SPONSOR: IEEE Washington Section 4. It would help us if the readers of this forum could give us some feedback on the number of people likely to attend and the number of people likely to submit papers. Also, we would like to incorporate any special events that people would like to see into it. The important dates are: March 31 --- Abstracts Due April 30 --- Authors Notified May 30 --- Camera Ready Manuscripts Due The call for papers is in the February issue of IEEE Computer. Also, a version of it ran a little while back in this forum. [I won't comment on the risks of running the first conference of its kind! Good luck. PGN] ------------------------------ End of RISKS-FORUM Digest ************************ -------