8-Mar-86 08:39:34-PST,7937;000000000000 Mail-From: NEUMANN created at 8-Mar-86 08:37:57 Date: Sat 8 Mar 86 08:37:57-PST From: RISKS FORUM (Peter G. Neumann, Coordinator) Subject: RISKS-2.24 Sender: NEUMANN@SRI-CSL.ARPA To: RISKS-LIST@SRI-CSL.ARPA RISKS-LIST: RISKS-FORUM Digest, Saturday, 8 Mar 1986 Volume 2 : Issue 24 FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Computerized ballot stuffing (Andy Kegel) Progress report on computerized voting (Kurt Hyde) Wild Modems (Bjorn Benson) Misdirected modems (Phil Ngai) Power outages (Phil Ngai) Earthquake problems with Nuclear Reactors (Lindsay F. Marshall) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, nonrepetitious. Diversity is welcome. (Contributions to RISKS@SRI-CSL.ARPA, Requests to RISKS-Request@SRI-CSL.ARPA.) (Back issues Vol i Issue j stored in SRI-CSL:RISKS-i.j. Vol 1: MAXj=45) ---------------------------------------------------------------------- Date: Fri, 7 Mar 86 08:23:30 PST From: ihnp4!ihuxn!agk@ucbvax.berkeley.edu To: ucbvax!risks Subject: Computerized ballot stuffing In our area (extreme suburban Chicago, aka "the boonies"), we use a computer-counted paper-ballot voting mechanism. I am fairly sure I recall serial numbers on the ballots. However, I recognize that human memory is weak and subject to interpretation and assumptions. There is an election coming up this month, and I will be particularly careful to observe and understand the relevant facets of the process. Remember, in Chicago, the rule is "Vote Early, Vote Often." This message does not represent the position of my employer, or any individuals or organizations other than myself. -andy kegel ------------------------------ Date: Friday, 7 Mar 1986 05:57:00-PST From: hyde%topcat.DEC@decwrl.DEC.COM (Kurt Hyde DTN 264-7759 MKO1-2/E02) To: risks@sri-csl.ARPA, self%topcat.DEC@decwrl.DEC.COM Subject: Progress report on computerized voting A sincere thank you to all the people who have responded to my request for assistance in computerized voting standards. I called New Hampshire's Secretary of State and he will be meeting with me and some other people regarding security standards. I will be proposing something like the following: Computerized voting booths should print a paper ballot for each voter to view and check for accuracy. The hardcopy ballot must be visible to the voter by appearing under a covered (transparent) window. The dimensions of the window must allow for at least 10 votes to be viewed at one time. The printer must then feed each ballot into a ballot box which is guarded from access outside access while the voting machine is in use. The audible signal which confirms that the voter is completed may occur after the hardcopy of the ballot is no longer in view. In order to protect the anonymity of the voter casting each ballot, each ballot must be on a separate piece of paper when deposited in the ballot box. It may be be cut after printing or be sheet-fed into the printer. This additional functionality allows for a recount. The current machines do not have the capability of recounting the ballots. They only have the capability to recalculate from subtotals. Because of recount capability, it will be possible to resolve election disputes at the place of the voting. This means it will not be necessary to contact the FEC and National Bureau of Standards in order to perform an audit on the machine's computer programs. The procedure for the FEC and NBS to audit the machine's computer programs has not been established and is likely to be extremely complex as certainly procedures must be established to be certain that the computer programs haven't been tampered with in order to return them back to their proper state. My students at Rivier College will still be investigating further into the proper security controls. One of them is considering a way to let the voter see his/her ballot and abort that ballot. The printer would then print an appropriate message such as "CANCELLED" on the bottom. Once again, let me thank all those who are participating. Your assistance is very valuable and appreciated. Let us not let the United States suffer from a similar disaster as the Phillipines. Kurt ------------------------------ Date: Wed, 5 Mar 86 16:50:59 pst From: sun!fluke!uw-beaver!entropy!dataio!bjorn@ucbvax.berkeley.edu (Bjorn Benson) To: entropy!risks Subject: Wild Modems Newsgroups: mod.risks Organization: Data I/O Corp., Redmond WA All this talk in RISKS about modems calling humans rather than computers reminded me of an article I read about telecomputing in Europe: it seems that laws in Europe require modems to have equipment attached to explain what is going on in four languages, should the computer happen to dial a wrong number. Bjorn N Benson ------------------------------ Date: Sat, 8 Mar 86 00:34:30 pst From: amdcad!phil@decwrl.DEC.COM (Phil Ngai) Message-Id: <8603080834.AA12515@amdcad.UUCP> To: risks@sri-csl.ARPA Subject: Re: Misdirected modems This is an often repeated wives tale by people who ought to know better. With ordinary dialup modems of the 103/212 class, it is the *answering* modem which initiates a tone. The originating modem (the one that dialed) remains silent until it hears the carrier of the answering modem. Thus, if a computer dialed a wrong number, the person receiving the call would hear nothing, not a "funny whistle". ------------------------------ Date: Sat, 8 Mar 86 00:46:23 pst From: amdcad!phil@decwrl.DEC.COM (Phil Ngai) To: risks@sri-csl.ARPA Subject: power outages I am familiar with AMD's data center. It is relatively small by comparison to some sites, having only four IBM 3081s and one 3090, but it does have battery backup and a huge dual turbo charged diesel generator. The diesel has a thousand gallon fuel tank, which will last it 24 hours. We have arrangements to get refills within that 24 hour period, so our data center could presumably survive an indefinite outage and you could continue to order chips from us even during a blackout! ------------------------------ From: "Lindsay F. Marshall" Date: Fri, 7 Mar 86 10:20:51 gmt To: risks@sri-csl.arpa Subject: Earthquake problems with Nuclear Reactors. This is not really computer related, but seems interesting all the same.... A recent article in The Guardian highlighted some investigations into the safety of British nuclear reactors in the face of the kind of mild earthquakes that we have here. In particular it mentioned the Calder Hall reactor which is nearly 25 years old and is built quite near to the area of Britain that has the most earth tremors. This installation has a reactor vessel weighing 2000 tons suspended 18ft above the ground which is now so radioactive that it would be impossible to examine or modify. The investigation showed that the original safety calculations "had been done on the back of an envelope" and that the reactor bolts might shear with an earthquake of 0.5 (units?). There was an earthquake of that intensity last year, but it is impossible to find out if anything was damaged because of the intensity of the radiation not forgetting the 5ft of concrete and steel surrounding the chamber....... So if you hear that Newcastle vanished, you'll know why! [and we'll be back to carrying coals ... PGN] ------------------------------ End of RISKS-FORUM Digest ************************ -------