3-Mar-86 22:09:52-PST,8033;000000000000 Mail-From: NEUMANN created at 3-Mar-86 22:06:41 Date: Mon 3 Mar 86 22:06:41-PST From: RISKS FORUM (Peter G. Neumann, Coordinator) Subject: RISKS-2.21 Sender: NEUMANN@SRI-CSL.ARPA To: RISKS-LIST@SRI-CSL.ARPA RISKS-LIST: RISKS-FORUM Digest, Monday, 3 Mar 1986 Volume 2 : Issue 21 FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: The risks of (not) using Robots (Hal Murray) Computerized Voting Booths (Larry Polnicky) No-carrier detection by misdirected modems (Dave Platt) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, nonrepetitious. Diversity is welcome. (Contributions to RISKS@SRI-CSL.ARPA, Requests to RISKS-Request@SRI-CSL.ARPA.) (Back issues Vol i Issue j stored in SRI-CSL:RISKS-i.j. Vol 1: MAXj=45) ---------------------------------------------------------------------- Date: Mon, 3 Mar 86 18:56:03 PST From: Murray.pa@Xerox.COM Subject: The risks of (not) using Robots To: RISKS FORUM (Peter G. Neumann, Coordinator) Workers are very good at bypassing systems designed to protect them. Ducking under the fence to jump in front of the robot is just the tip of the iceberg. Ask anyone who has worked around big machinery. The standard interlock for a hand fed press is a pair of big buttons, located at waist level, one on each side. You have to press both to start the cycle. The operator is expected to use one hand on each button, and hence can't have any fingers in the danger zone. Tape, feet, hips, boards, ... The list is endless. (That description may be out of date. OHSA has issued reams of rules over the past 10 years.) If you have never seen the sort of press I'm thinking of, imagine a machine that's 8-10 feet square at the base, 15 ft tall, and very sturdy. It's got a lot of steel. There isn't any plastic in sight. There is a motor that pumps up a big flywheel. Push the button(s), and a clutch engages and the a crankshaft to turn the rotary motion of the flywheel into an up-down motion driving a set of dies. Each ker-whump, it spits out a piece of bent metal with holes in the right places. Small ones make beer can openers and that size parts. Bigger ones make fenders and washing machines from flat sheets of steel. This sort of machine is the bread and butter of factorys. A row of them is a very impressive sight and sound. They don't slow down at all if you leave your fingers in the way. The more robots we use, the more people will get injured or killed by robots. The critical thing to notice is that most robots are being used in places that were very dangerous for humans, and hence are probably saving lives. (I think painting cars is the prime example.) Anybody know where to get good numbers? We need to consider the RISKS of not using robots/computers/you-name-it as well as the RISKS of using them. Sure, we need to look for ways to make things safer, but we shouldn't dismiss an idea because it isn't 100% safe. In fact, if we don't use robots enough, we are costing lives. (Wait 'till that one hits the courts.) To complicate things, people (and courts) get very irrational when considering emotional issues like robots taking over jobs. [OK. Remember, someone loses either way. The question is this: which loss is socially least reprehensible? Optimization depends strongly on your viewpoint. A mining company has a view very different from that of the miner, which in turn differs from that of the ecologist. (Don't get caught in a robot of mine without an ore, or you'll have to pretend you are Ingot Berg-man. Sorry. That one smelt bad, but I have been trying for too long to remain unemotional about the risks of a robot taking over the RISKS Forum.) PGN] ------------------------------ Sender: Larry Polnicky Date: Mon, 3 Mar 86 07:30 MST From: Polnicky%PCO@CISL-SERVICE-MULTICS.ARPA Subject: Computerized Voting Booths To: RISKS@SRI-CSL.ARPA [This is Larry's response to Dave Platt's response in RISKS-2.18 to Larry Polnicky's statement in RISKS-2.17.. > Date: Friday, 28 February 1986 15:10 est > From: Dave Platt > Subject: Computer voting booths [FULL TEXT IN RISKS-2.18] > To: Larry Polnicky > > GAAK! Maybe I'm misunderstanding you, or the systems actually used in > the computerized voting booths... but I had always believed that the > voting systems in this country [paper, computer-based, or whatever] were > designed to GUARANTEE A SECRET BALLOT! I've NEVER heard of a > public-voting system that was designed to permit anyone to identify a > particular vote, or set of votes, with a particular voter. ... I understand the concerns for privacy. Perhaps the sample that is checked-back could give prior permission. I'm sure there would be some who would give up that right to privacy for the sake of helping to ensure a more reliable election. I would. Indeed, many of us do when we discuss politics around the office and reveal for whom we voted. Last election, I voted by absentee ballot, which associates my name with my vote, though granted not on the ballot itself, but on the envelope in which it is mailed. Computerization has its costs; computer risk reduction will also cost something. Larry Polnicky, Honeywell Information Systems, McLean, Virginia. [Once again, we tend to make naive assumptions that ignore the presence of back-pointers, audit trails, system programmers, maintenance folks, etc. But then, we love to oversimplify. The name of the game is to anticipate all reasonable risks, and then to make sure your design covers many of the unreasonable ones as well -- just in case. Audit trails (for example) can be of great help (albeit after the fact), but they too can be bypassed, spoofed, or misused. PGN] ------------------------------ Date: Mon, 03 Mar 86 11:01 PST From: Dave Platt To: Risks Subject: No-carrier detection by misdirected modems Some modems (such as the Racal-Vadic VS212P, of which I own one) do have a voice-detection feature. The VS212P can be optioned to determine that there is something on the line which is neither (a) a carrier, (b) a busy signal, or (c) a ringing signal; it submits the string "Voice!" through the RS232 port, waits ten seconds, and hangs up. There are two slight problems with this, though... the modem is NOT Hayes-compatible (although I understand that later models are), and the voice-detection feature is not 100% reliable... it's possible for the modem to fail to detect voice, or to report voice detection when it should be reporting busy. For that reason, the modem's standard option setting disables voice detection. I wonder what the results would be if all autodialing modems (& their software) did consider voice-detection [or anything other than carrier or busy] to be a "trouble" condition that requires human intervention before calling that number again. My experience has been that a substantial number of calls that "should" go through normally don't, for one reason or another... congestion in a private phone network (the network switch recording says "All circuits are busy, please stand by"), failed long-distance trunk, destination system is down and is not answering the phone for the moment, noise on the line that prevents carrier detection / scrambler latch (not uncommon on long-distance calls using the 212 protocol), and so forth. ------------------------------ End of RISKS-FORUM Digest ************************ -------