21-Apr-86 20:26:15-PST,11780;000000000000 Mail-From: NEUMANN created at 21-Apr-86 20:24:45 Date: Mon 21 Apr 86 20:24:45-PST From: RISKS FORUM (Peter G. Neumann, Coordinator) Subject: RISKS-2.44 Sender: NEUMANN@SRI-CSL.ARPA To: RISKS-LIST@SRI-CSL.ARPA RISKS-LIST: RISKS-FORUM Digest, Monday, 21 Apr 1986 Volume 2 : Issue 44 FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Why Simulation Is A Good Thing... (Lynne C. Moore) Hacking & forgery laws (Robert Stroud) Strategic Systems Reliability Testing (Dan Ball) SDI (Larry Campbell) Cost of phone billing error (Dave Redell) Normal Accidents and battle software (Dave Benson) Psychological risks, part II (Dave Benson) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, nonrepetitious. Diversity is welcome. (Contributions to RISKS@SRI-CSL.ARPA, Requests to RISKS-Request@SRI-CSL.ARPA.) (Back issues Vol i Issue j stored in SRI-CSL:RISKS-i.j. Vol 1: MAXj=45) ---------------------------------------------------------------------- Received: from eglin-vax.ARPA [...] Sat 19 Apr 86 13:33:54-PST Date: 0 0 00:00:00 CDT From: Lynne C. Moore Subject: Why Simulation Is A Good Thing... To: "risks" We are currently engaged in developing a system of remote video tracker pedestals for tracking missile tests, and have recently chosen to implement an interim hardware solution to allow time for a rational software development cycle (rather than 25K+ lines in less than 6 months with 2 programmers). One of the proposed advantages of the software solution is the ability to run a real-time simulation for operator training, and there have been some questions from our top management about why the software developers insist that this is exceptionally important. Yesterday, an operator attempted to manually track a live missile for the first time. He tracked it for about 1/2 second, and then commented, "Gosh, that thing moves a lot faster than I thought." Too bad none of the managers were there... Lynne C. Moore ------------------------------ From: Robert Stroud Date: Fri, 18 Apr 86 10:18:28 gmt To: risks@sri-csl.arpa Subject: Hacking & forgery laws This was printed in The Times yesterday April 16th. I am particularly intrigued by the prosecution under the forgery laws. I don't see how you can forge something like a telephone number - surely to be protected by a forgery law, an identification should be personal in some sense. Numeric codes are completely impersonal. =========================================================================== Prestel blunder 'helped hacker'. (c) Times Newspapers Limited, 1986 A top-level blunder allowed a computer journalist to penetrate British Telecom's Prestel information system, a court was told yesterday. A secret identification code allowing access to secret files was left unprotected within the computer system it was said. Mr Robert Schifreen, aged 22, used it to get the confidential identity numbers and passwords of every Prestel customer, Southwark Crown Court was told. Mr Schifreen, who subscribed to Prestel under the codename "Bug Hunter", later wrote an article on how easily he had cracked the system. But Mr Schifreen, who works for a computer magazine, denied he did so for personal gain, and accused Prestel of "negligence". Mr Austin Issard-Davies, for the prosecution, said a random experiment first gave him the telephone numbers of Prestel's private computers. The telephone numbers were not published to normal subscribers, and only a few people had access. But Mr Schifreen was said to have broken into the Prestel development test computer. It was alleged that he typed an experimental line of numbers, all twos, when the computer asked for a 10-digit identification. It worked, and the computer then asked for a four-digit password. He typed 1234 which turned out to be a test account and gave him access. But Mr Schifreen's attempts to get information out failed because he did not have the confidential identity code and password of the system manager. Nine months later, he came across the code and password "lying around" in one of the private Prestel computers. When questioned by police, Mr Schifreen allegedly admitted making unauthorised access into the system from his home computer, but claimed he had made Prestel more secure by doing so. Mr Issard-Davies said: "It is a bit like a burglar claiming all the credit for improved house security because the householder has put locks on all the windows." He added it was "twentieth century" forgery because Mr Schifreen allegedly used someone else's computer identification, like signing someone's name without consent. [omitted material] The charges have been brought under section one of the Forgery and Counterfeiting Act, 1981. The test case trial is the first contested case to go to court. The hearing continues today. ============================================================================ Robert Stroud, Computing Laboratory, University of Newcastle upon Tyne. ARPA robert%cheviot@ucl-cs.ARPA UUCP ...!ukc!cheviot!robert [I reported on a breakin to British Telecom's Prestel Information Service in the ACM Software Engineering Notes vol 10 no 1 (January 1985). A 19-yr-old young man had penetrated the unencrypted password file. To demonstrate the vulnerability, he let a London Daily Mail reporter watch (reported in the LDM on 2 Nov 84) while he read Prince Philip's mailbox and then altered a financial market database. Things seem not to have improved much. PGN] ------------------------------ Date: Fri, 18 Apr 86 14:45:03 est From: ball@mitre.ARPA (Dan Ball) Organization: The MITRE Corp., Washington, D.C. To: RISKS@SRI-CSL.ARPA Subject: Strategic Systems Reliability Testing It has been about twenty years since I've worked with strategic systems (Polaris), but I can no longer resist putting in my two cents in the SDI debate. The issues concerning whether SDI can be made to work perfectly or even well enough the first time since it can't be tested in a realistic environment and there will be no second chance would appear to apply equally to both the US and Soviet Offensive Systems. During my four years with the Polaris Test Program, I know of no test involving more than a single live missile. Although these tests were for the most part very successful, there was never an attempt to test the ripple fire capability with real missiles on a single submarine, let alone a coordinated launch involving all submarines as well as all land based ICBMs. In addition to the readiness/reliability considerations of our strategic nuclear forces, I would suspect that the command and control problems would be formidable. We seem to have considerable difficulty sending a single urgent message (e.g. USS Liberty, USS Pueblo, USAF EC-121, etc.) , let alone a coordinated attack involving hundreds or thousands of platforms. I'm relatively certain that the numbers of warheads actually reaching the target following the initiation of an attack would be far less than the numbers in the inventories. Finally, the briefing from SDI office that I heard didn't promise perfection. Unlike some of the political supporters who promise that it will be safe for children to play outside during a nuclear exchange, the SDI technical types were talking about the impact it would have on the numbers and required modifications to the Soviet ICBMs that would be required for them to maintain the same confidence of assured first strike destruction of the US. (I promise that this will be my first and last comment concerning SDI as I think there's far too much uninformed speculation and political opinion on this subject in risk-forum already. I'll even volunteer to be edited out as I would like to see more contributions that could help those of us whose job is trying to assure that computer reliability and safety requirements are met.) Dan Ball [Don't bet on there being no provoking replies. PGN] ------------------------------ From: decvax!bellcore!genrad!panda!talcott!maynard!campbell@ucbvax.berkeley.edu Date: Fri, 18 Apr 86 07:19:30 EST To: wjh12!sri-csl.arpa!RISKS Subject: SDI The discussion in the last few issues of RISKS has demonstrated that Reagan's Strategic Defense Initiative HAS ALREADY SUCCEEDED. It has done exactly what Reagan wanted, which is to convert an essentially political question, in which every American is qualifed and in fact obligated to participate, into a technical debate, in which only the technical clergy are allowed. Larry Campbell The Boston Software Works, Inc. ARPA: maynard.UUCP:campbell@harvard.ARPA 120 Fulton Street UUCP: {harvard,cbosgd}!wjh12!maynard!campbell Boston MA 02109 ------------------------------ Date: Fri, 18 Apr 86 09:50:03 pst From: redell@src.DEC.COM (David Redell) To: RISKS@SRI-CSL.ARPA Subject: Cost of phone billing error More than a million California telephone customers will be getting an unpleasant surprise in their April bills because of an equipment malfunction...[No estimate given of how much revenue was lost.] The estimate I saw was $25-30 million. ------------------------------ Date: Sun, 20 Apr 86 21:51:10 pst From: Dave Benson To: risks%sri-csl.arpa@csnet-relay.arpa Subject: Normal Accidents and battle software According to Charles Perrow Normal Accidents: Living with High-Risk Technologies Basic Books, New York, 1984 we should expect to see large-scale accidents such as the loss of the space shuttle Challenger. Perrow's thesis, I take it, is that the complexity of current technology makes accidents a 'normal' aspect of the products of these technologies. We may view space shuttles launches, nuclear reactors, power grids, transportation systems, and much real-time control software as lacking homeostatis, "give", forgiveness. Perhaps some of these technologies will forever remain "brittle". Questions: Does anybody have a good way to characterize this brittleness? To what extent is existing battle software "brittle"? Thank you for your suggestions/comments dbb ------------------------------ Date: Sun, 20 Apr 86 21:59:17 pst From: Dave Benson To: risks%sri-csl.arpa@csnet-relay.arpa Subject: Psychological risks, part II I have just finished reading Neil Frude The Intimate Machine New American Library, New York, 1983 which comments on animism and anthropomorphism in the past and present, and speculates on the continuence of these tendencies into the future with human-like qualities in computers. I did not find the argument persuasive, but then I bang at this terminal quite a bit, and certainly do not anthropomorphize it in the slightest. Perhaps some of you have stories about people who view computers as having human-like qualities, confusing their perceptions of humans and computers. If so, please send such direct to me unless you think them generally enlightening RISKS. Thanks, dbb ------------------------------ End of RISKS-FORUM Digest ************************ -------