28-Apr-86 10:50:52-PDT,20299;000000000000 Mail-From: NEUMANN created at 28-Apr-86 10:47:03 Date: Mon 28 Apr 86 10:47:03-PDT From: RISKS FORUM (Peter G. Neumann, Coordinator) Subject: RISKS-2.45 Sender: NEUMANN@SRI-CSL.ARPA To: RISKS-LIST@SRI-CSL.ARPA RISKS-LIST: RISKS-FORUM Digest, Monday, 28 Apr 1986 Volume 2 : Issue 45 FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: HBO gets Hacked:: We Interrupt This Program ... for a Viewer Protest. (Geoff Goodfellow, Frank J. Wancho) Ball's contribution on Polaris and SDI (from Dave Parnas) SDI Reliability Testing - Offensive deterrent vs SDI (Jon Jacky) What are the limits to simulation? (Eugene Miya) Reference on admissibility of computer records (Bill Cox) Phone billing error at Pacific Bell, etc. (John Coughlin) Cracked Libya Defense (Udo Voges) Challenger article (Ron Minnich) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, nonrepetitious. Diversity is welcome. (Contributions to RISKS@SRI-CSL.ARPA, Requests to RISKS-Request@SRI-CSL.ARPA.) (Back issues Vol i Issue j stored in SRI-CSL:RISKS-i.j. Vol 1: MAXj=45) ---------------------------------------------------------------------- Date: 27 Apr 1986 15:51-PDT Subject: HBO gets Hacked:: We Interrupt This Program ... for a Viewer Protest. From: the tty of Geoffrey S. Goodfellow To: videotech@SEISMO.CSS.GOV, telecom@XX.LCS.MIT.EDU Cc: neumann@SRI-CSL.ARPA, shadow@AIM.RUTGERS.EDU NEW YORK (AP) - A video hacker calling himself ''Captain Midnight'' startled cable television viewers from Maine to the Plains early Sunday when he interrupted a movie on Home Box Office with a printed message protesting HBO's scrambling of its satellite-to-earth TV signals. ''It's a criminal, willful interference of a government-licensed satellite broadcast,'' fumed David Pritchard, an HBO vice president, who said the cable system had received sabotage threats in recent months. Pritchard said HBO planned to report the incident to the Federal Communications Commission. ''It's kind of like terrorism of the airwaves,'' said Greg Mahany, who was watching in Middletown, Ohio, when the message interrupted ''The Falcon and The Snowman.'' The message, printed in white letters on a color-bar test pattern background, read: ''Goodevening HBO from Captain Midnight. $12.95 a month? No way! (Showtime-Movie Channel Beware.)'' Mahany said that at first the picture flipped back and forth between the message and the movie, making it seem like ''HBO was trying to get its signal back. ... It looked like a fight for control of the microwave beam.'' The message appeared at 12:30 a.m., Eastern time, and remained on the air about five minutes. It was seen in the eastern two-thirds of the nation, which accounts for more than half of HBO's 14.6 million subscribing households. Pritchard said the hacker, apparently with the use of a satellite dish and a powerful transmitter, effectively replaced HBO's signal with his own. For some reason - possibly because Captain Midnight's signal was better-timed or more powerful - HBO's satellite received the hacker's signal instead of HBO's and beamed it down to HBO's earth relay stations. Sunday's intrusion was immediately noticed at HBO's communications center in Hauppauge, N.Y., but it was not clear whether the hacker ended his own message or was forced off by HBO. Pritchard said HBO would have no comment on that. ''We have implemented some technical remedies, and we're pursuing others,'' he said. ''This represents a clear danger to every satellite user.'' Pritchard said action like Sunday morning's had been threatened in letters to HBO and in magazines read by dish owners. ''We'd been threatened for the last four or five months with something like this if we didn't reconsider our plan to scramble,'' he said. ''They said they'd do something. They didn't say what.'' The HBO cable signal is scrambled to prevent reception in homes wired for cable television but not equipped with an HBO converter. Until earlier this year, satellite dish owners were able to intercept the unscrambled signal HBO bounces off satellites to the earth stations that relay the signal via cable. In January, however, HBO began scrambling all its satellite-to-earth signals. HBO told dish owners who had been watching for free they would have to buy a descrambler for $395 and pay $12.95 a month. Another leading pay cable service, Showtime, announced plans for a similar system. Pritchard said about 6,000 dish owners put down the cash for the decoder and signed up for HBO or its sister service, Cinemax. But the proposal has been unpopular with others. ''They say things like, 'The airwaves are free,' and 'They (HBO) are using government satellites that our taxes pay for,''' Pritchard said. Pritchard said HBO's programs are its property, and it leases space from privately owned satellites. ------------------------------ Date: Sun, 27 Apr 1986 22:39 MDT From: "Frank J. Wancho" To: "the tty of Geoffrey S. Goodfellow" Cc: neumann@SRI-CSL.ARPA, [...] Subject: HBO gets Hacked:: We Interrupt This Program ... for a Viewer Protest. Until earlier this year, satellite dish owners were able to intercept the unscrambled signal HBO bounces off satellites to the earth stations that relay the signal via cable. It is interesting to note that while protective "alledgedly" and similar words are freely sprinkled in newsprint, the writer of the above chose "intercept" over "receive". The word "intercept" implies "theft", a criminal act. That "intercept" was unmodified and not a quote implies the allegation was accepted as fact proven in court. Is this indeed the case, or simply the viewpoint held by the programming services? If the latter, then it was inappropriate and perhaps biased to use "intercept". Just asking... --Frank ------------------------------ Date: Tue, 22 Apr 86 07:37:13 pst From: Neumann@SRI-CSL.ARPA Subject: Ball's contribution on Polaris and SDI (from Dave Parnas) To: RISKS@SRI-CSL.ARPA Dave Parnas is now on his way to Australia for almost two months, so please don't expect him to reply. But on his way out, he sent me this (which I include with his permission): As I read the first part of Ball's contribution, I was sure he was agreeing with me, but no, as I read on I saw that he was on the SDIO side. His arguments are simple and they are the arguments that the other defenders of the program make. (1) The weapon systems that we have now have not been adequately tested and probably won't prove reliable so we can build another one with those properties. It's "business as usual". (2) Its quite alright to allow the President, the Coalition for Star Wars, and High Frontiers to tell the public and congress that they are "making nuclear weapons impotent and obsolete" , "ending the fear of nuclear weapons" and trying to end the "immoral" policy of deterrence, while using those funds to do something quite different. Misrepresentation is "business as usual". His message reconfirms my assertion that there is no doubt about the technical facts. We cannot build a system that does what the president asked us to do and what the supporting public wants. Almost nobody working on it believes we can. Its not a question of perfection. It is a question of effectiveness and reliability. The reliability of such a system will always be in question; its effectiveness will always be unknown. We will always know that there are effective countermeasures. It will not lead to increased security. It will lead to "business as usual". Dave ------------------------------ Date: Mon, 28 Apr 86 00:13:10 PDT From: jon@uw-june.arpa (Jon Jacky) To: risks@sri-csl.arpa Subject: SDI Reliability Testing - Offensive deterrent vs SDI > (Dan Ball writes) > The issues concerning whether SDI can be made to work perfectly or even > well enough the first time since it can't be tested in a realistic > environment and there would be no second chance would appear to apply > equally well to both the US and Soviet offensive systems. > > During my four years with the Polaris Test Program, I know of no test > involving more than a single live missile ... I'm relatively certain that > the numbers of warheads actually reaching the target following the > initiation of an attack would be far less than the numbers in the > inventories. ... In addition ... I would expect that the command and > control problems would be formidable. This point is well taken. Still, I think there are two important differences in degree, if not in principle: 1. To have the desired deterrent effect, at least given today's very large arsenals, it is not necessary that most weapons work especially well. It is only necessary to create the impression that something pretty awful would happen if we attempted to use some of them. 2. The coupling between each weapon and other systems appears to be weak. In particular, it is my understanding that once a missile is fired, it is entirely self-guided, and does not depend on the correct functioning of any other systems. This is in contrast with your typical SDI scheme, which depicts a ground based laser bouncing its beam off two aiming mirrors on opposite sides of the planet, with various observation and battle-management satellites hovering nearby. Without this being an explicit design goal, the present offensive system seems to have achieved the desirable quality of having a "system behavior which can be inferred from its components" in the Eastport panel's words. My point is that testing a missile defense system is a much tougher job than testing the offensive system it is supposed to defeat, if an equivalent level of confidence is desired. Note that this is true only if the offensive missile system is for deterrence. If it is supposed to carry out a first strike, or any other highly-coordinated activity - "counterforce," "countervailing response" or whatever you call it -- the difficulty of obtaining confidence in the offensive system becomes much greater. There is a huge literature of analysis and simulation devoted to highly coordinated offensive attacks. I have no idea whether policy makers regard these at all seriously, but I think it is important for technical people to point out that very little of this has been tested in realistic conditions and it is anybody's guess what would happen if anyone actually tried to carry out such plans. > The briefing from SDI office that I heard didn't promise perfection ... > I think there's far too much uninformed speculation and political opinion > on this subject in risks-forum already ... People hear various things from people associated with SDI. As far as I know, there is still no official statement of what SDI's performance requirements are. Until there is, discussion is necessarily limited to speculation and generalities. What is required, of course, is some quantitative requirement such as, "The defense must stop at least 90% of an attack by 1000 ICBM's," or "The defense must preserve at least 50% of our land-based missile silos." Then, we could discuss what tests, if any, could make us confident that the requirements would be met in a real attack. Discussion of whether the requirements were consistent with earlier promises to render missiles impotent, etc., do include political opinion and could be forbidden by the editor. -Jonathan Jacky University of Washington ------------------------------ From: eugene@AMES-NAS.ARPA (Eugene Miya) Date: 23 Apr 1986 1518-PST (Wednesday) To: RISKS@SRI-CSL.ARPA Subject: What are the limits to simulation? > Subject: Why Simulation Is A Good Thing... > From: Lynne C. Moore > Description of a tracking system. The Subject field described is certainly well intended, but I really wonder what simulation's various limits are. Simulation is really only an extension of human intellect, not the way things behave in Nature. While I do not take issue that some simulation is a good thing, I wonder where this ends? What are limits: first social, next might be performance related. I think there has been an penchant towards things like simulation and non-destructive testing, etc. of late, but we have recently seen with the Challenger incident, that our best laid plans run into problems. I wonder if we have not taken these techniques, too far? Perhaps we have to keep extra margins for error and destructive testing (however expensive) in tact. Consider: Would YOU step into a plane which has only been simulated and never test flown? Consider that chemistry classes uses dangerous chemicals, should we or should we not replace such chemicals with computers and `simulate' reactions? An educational point. Would you trust YOUR life to a system like MYCIN? Suppose I infected you with a disease like Anthrax, and said, identify it. [Note the US Army did and does infect volunteers with various fatal diseases to test vaccines and treatments.] I've had people say, after seeing the first computer graphics planetary flybys: "Hey that's really neat! Why send expensive spacecraft up there when you can generate simulations like this?" Do computer scientists sometimes have difficulty in distinguishing "reality?" While it is true that computers can and will do somethings better than humans, I wonder where and how we will describe that limits. What about dissent? I think the people with the greatest humility (and perspective) in simulation are the physicists who do weather prediction and analysis. [Note early simulations took 27 hours to run a 24 hour forecast.] Nothing like running a weather code, then looking out the window. --eugene miya ------------------------------ Date: Wed, 23 Apr 86 00:50:40 CST From: bill@crys.wisc.edu (Bill Cox) To: RISKS@SRI-CSL.ARPA Subject: Reference on admissibility of computer records This is a copy of an article submitted to mod.legal on usenet. Subject: Re: Admissabilty of computer files as evidence Newsgroups: mod.legal To: info-law@sri-csl.arpa Summary: article in ACM TOOIS on admissibility of computer-generated records References: <8604171858.AA03202@taurus> There is an article in ACM TOCS that has some relevance to the subject. Roger King and Carolyn Stanley, "Ensuring the Court Admissibility of Computer-Generated Records", ACM Transactions on Office Information Systems, Vol 3, Number 4, pp398-412. The focus is on issues related to accounting records, e.g., "What does Smith owe my company", but also discusses issues in conspiracy cases where "computer-generated records to prove essential elements of [the government's] case." There are relevant legal citations, and references to the Federal Rules of Evidence and their current application to computer-generated records. I think this article is in the "must-read" category for anyone interested in both law and computers. I am a novice in the law [I've paid many dollars to attorneys, and a little of the knowledge rubbed off], but I must say that this article seems well-researched and quite thorough. William Cox Computer Sciences Department University of Wisconsin, Madison WI bill@wisc.crys.edu ...{ihnp4,seismo,allegra}!uwvax!bill ------------------------------ Date: 23 Apr 86 00:11:19 EST From: John Coughlin To: Subject: Phone billing error at Pacific Bell, etc. > More than a million California telephone customers will be getting an > unpleasant surprise in their April bills because of an equipment > malfunction...No estimate given of how much revenue was lost.| According to Computer Chronicles on PBS tonight the "reprogramming error" cost Pacific Bell $51 million. In a related story, students in Arkansas obtained a confidential telephone number from Southwestern Bell's computer system which enabled them to place thousands of free long distance calls. Also, a long lineup at a particular pay phone in a Sears store in Hackensack tipped off police to the fact that one could use it to place international calls free of charge. Apparently 400 phones were affected by this software bug. /jc ------------------------------ DATE: Thu, 24 mar 1986 17:00:00 GMT+2 TO: FROM: SUBJECT: Cracked Libya Defense Unconfirmed information tells that the US-attacks on Libya on 24 March and 15 April were possible due to outmaneuver of the libyan air defense system which is russia-provided. USS Caron and Yorktown were illegally crossing the 12-mile line in front of the military harbor Sewastopol in the Black Sea on 13 March 86. They alerted the russian defense system and collected all relevant electronic data. (Some sources say that the Korean Jumbo which was shut down over Sachalin in 1983 also was alerting the defense system, and a satellite recorded the signals.) Knowing the signals the US were able to circumvent the air defense system and get into the country without loss. Now Gaddafi is not willing to pay Russia for the system. And Russia needs to update its system for many millions. What if espionage of the western defense system and circumvention is as simple and possible?? Udo Voges idt766%dkakfk3.bitnet@wiscvm.arpa ------------------------------ Date: Fri, 25 Apr 86 12:03:25 EST From: Rminnich@dewey.udel.EDU To: risks@sri-csl.ARPA Subject: Challenger article The following article appeared in the Phila. Inquirer of 4/24. Since the Challenger was discussed on Risks by people in the know, I wondered if we could hear some more opinions. The writer is William V. Shannon, with the Boston Globe. I am excerpting; it is a long article. "... It is now clear that there was no explosion ..." "... The astronauts ... were probably making frantic efforts to bring their craft under control as it hurtled downward. If the craft had been equipped, as it should have been, with parachutes and seat-ejection fail-safe systems they could have saved themselves. " "They died because of NASA's false economies and incompetence. " "... Dr. William Doering, professor of chemistry at Harvard, pointed out that ... was not an explosion at all. 'It is best described as a fast fire ... If the fuel tank had exploded ... it would be producing something much bigger ... They have stopped showing the space module [sic] but I am confident that it is intact also or was until it hit the water. '" "... Terry J. Armentrout, director of the NTSB investigation, told reporters that '... the shuttle Challenger, including the crew compartment, apparently survived the blast mostly intact'". Continues Shannon, " ... the astronauts died from the force of the impact as the craft hit the water ... There is no reason to believe that the crew died because of sudden decompression ..." He goes on to hint that the down-link was lost as part of a cover-up rather than due to the fast fire. OK. I do not know if the Moderator wants to see replies or comments about this on RISKS; if not, please send me any thoughts you might have. I will send them on to the paper. Maybe this guy is absolutely right, but I have my own thoughts on that. ron minnich ------------------------------ End of RISKS-FORUM Digest ************************ -------