11-May-86 19:26:18-PDT,11248;000000000000 Mail-From: NEUMANN created at 11-May-86 19:24:22 Date: Sun 11 May 86 19:24:22-PDT From: RISKS FORUM (Peter G. Neumann, Coordinator) Subject: RISKS-2.51 Sender: NEUMANN@SRI-CSL.ARPA To: RISKS-LIST@SRI-CSL.ARPA RISKS-LIST: RISKS-FORUM Digest, Sunday, 11 May 1986 Volume 2 : Issue 51 FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Reliability limits (Brian Randell) NSA assigning encryption keys (Jay Elinsky) HBO pirate (Lauren Weinstein) Failure to Backup Data, by James H. Coombs (Roy Smith) Admissibility of legal evidence from computers (Mike McLaughlin) Electronic document media (Mike McLaughlin) Word processing and bad writing (many messages received, none included) [rejected as not really relevant to RISKS. PGN] The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, nonrepetitious. Diversity is welcome. (Contributions to RISKS@SRI-CSL.ARPA, Requests to RISKS-Request@SRI-CSL.ARPA.) (Back issues Vol i Issue j stored in SRI-CSL:RISKS-i.j. Vol 1: MAXj=45) ---------------------------------------------------------------------- From: Brian Randell Date: Fri, 9 May 86 10:28:52 gmt To: RISKS@sri-csl.arpa Subject: Reliability limits I have for a number of years held, and expounded, the opinion that: "If one automates a complex manual system, which is being carried out reasonably competently, then the very best that one can hope to achieve is fewer but BIGGER errors". To give a couple of low-key illustrations: an automated payroll system can normally be expected to get virtually all of its calculations exactly correct - but have you ever heard of a manual payroll system producing a paycheck for $999,999.99 or for $0.00? When a newspaper goes over to computerized type-setting one normally sees a considerable drop in the number of typos, but the sudden appearance of occasional major errors - e.g. instructions to the formatter in capitals in the middle of a paragraph, whole sections in completely the wrong font, etc. The thinking behind my statement is that, compared to computer-based systems, humans usually have a great ability to recognise an unusual situation, and to use their general knowledge of the world in assessing its correctness, and its possible consequences. I now no longer have any idea whether the statement is one that I have plagiarized from someone else, and often find that people find it illuminating as well as believable, and that it is a good way of injecting a note of caution into the more naive and over-optimistic discussions that often take place concerning possible new computer-based systems. I would be most interested to see how the RISKS forum reacts to it - always assuming that something along this lines has not already been the subject of a debate which took place before I became a subscriber. Brian Randell - Computing Laboratory, University of Newcastle upon Tyne ARPA : brian%cheviot.newcastle@ucl-cs.arpa UUCP : !ukc!cheviot!brian ------------------------------ Date: 9 May 86 10:55:02 EDT From: ELINSKY@IBM.COM To: risks@sri-csl Subject: NSA assigning encryption keys In light of all the recent spy cases, if the NSA keeps records of the keys it has assigned to users, there's the risk that someone with access to them might sell them "for the right price". The keys would be worth so much that a would-be intruder could offer an irresistibly high price to the right individual, and still come out ahead. Jay Elinsky, IBM T.J. Watson Research ------------------------------ Date: Thu, 8-May-86 11:00:05 PDT From: vortex!lauren@rand-unix.ARPA (Lauren Weinstein) Subject: HBO pirate To: RISKS@SRI-CSL.ARPA Let me preface this by mentioning that my consulting includes work with the company that uplinks WTBS to the bird, and that I have some experience in the details of satellite uplink technology. Just briefly: The odds are very high that the HBO pirate was at a commercial uplink facility. A variety of technical considerations (which I won't go into here) make it very unlikely that a terrestrial microwave path was involved. The signal quality put out by the pirate was actually quite good. He had to run 10db more power than the HBO uplink to capture, which is a fair amount of juice. This was probably made possible by the fact that most uplink operators have tended to run much less power than they have at hand on site since new transponders are very sensitive. I think you can bet HBO is running full power on their uplinks now! The character gen used by the pirate was clearly of a standard commercial type that would be located at virtually any site with uplink facilities. Also, it should be noted that when the pirate's "in the clear" signal captured the scrambled HBO uplink signal, the far-end decoders noted the loss of scrambling and switched back into "normal" video passthru mode with scrambling off. It would be trivial for the pirate to disable any ID on the colorbars by throwing one switch. In fact, many uplinks never use such IDs at all. Actions being taken to catch the pirate have supposedly included checking the logs of many licensed uplink facilities to find out who was on duty at the suspect time. In fact, there are already rumors that the pirate has been caught and fired by his company, but this has not been confirmed. If he (or she) is still unknown, however, the most likely way they'll be caught is if someone starts bragging. --Lauren-- ------------------------------ Date: Thu, 8 May 86 17:26:01 edt From: allegra!phri!roy@seismo.CSS.GOV (Roy Smith) Organization: Public Health Research Inst. (NY, NY) Subject: Re: Failure to Backup Data, by James H. Coombs One thing not mentioned in James's article is what happens when you get a new system which has different backup media than the last one? In our case, that meant switching from 800 to 1600 bpi tape a couple of years ago. We no longer have a drive that can read our old 800 bpi tapes, so we've got all these wonderful archive tapes that we can't do much with. Of course, there are media-copy services. They may not be cheap, but for the occasional needed file from antiquity, just about anybody can do a raw tape to tape copy for you. But what do you do when your backup media is a 5-1/4" floppy in wombat-DOS verson 6.4 format? Where are you going to get that transfered onto something you can read? ------------------------------ Date: Sat, 10 May 86 13:24:17 edt From: mikemcl@nrl-csr (Mike McLaughlin) To: risks@sri-csl.ARPA Subject: Admissibility of legal evidence from computers In one of my previous incarnations the taxpayers paid me to think small. Specifically, to implement microform (microfilm, microfiche, COM) where- ever it was cost effective. Among other things, we converted about two million personnel records from paper to microfiche. Did lots of good things besides saving money. But, there were certain practical problems... Personnel records are frequently placed into evidence at court proceedings. With 2,000,000 or so records, each representing a real live (or formerly live) person, several dozen records were in court at any given time. Not to speak of class action suits. We had researched laws, federal regs, etc.; gotten legal opinions, whatever. There was no question in *anyone's* mind that the records were legal, that the microfiche WAS the record, and that it WAS admissable in any federal court, and in most other courts. Trouble was, it wasn't readable. Plaintiffs and lawyers do not come equipped with 24X eyesight. Judges and jurors don't either. Ever try to annotate a microfiche? Underline a telling phrase - highlight a key date? We had to set up a fairly expensive system JUST TO HANDLE COURT CASES. We had to go back to paper (copies for all concerned) in every court case. Worse yet, we had to prove the heredity, ancestry, and legitimacy of the paper copies. Now, a word to those keeping records on magnetic media, or optical disk, or holographic crystals... Better have a printer handy! --------------------------------------------------------------------------- Date: Sat, 10 May 86 14:09:56 edt From: mikemcl@nrl-csr (Mike McLaughlin) To: risks@sri-csl.ARPA Subject: Electronic document media Risks 2.48 contains several items related to electronic document creation and transmission. James Coombs worries about loss of data and loss of tenure due to authors being unaware of some of the discipline necessary for preserving electronic drafts. Bruce Sesnovich and "PGN" are concerned with the poor quality of submissions to Risks, while I mutter about distinctions between mistakes and lies. I agree entirely with Coombs, but take some exception to Sesnovich and PGN. 1. Editors and proofreaders are not the same - or should not be. The editor reads an author's draft, and assists the author to clarify it, or to achieve some desired end (i.e., making it fit the available space). The proofreader checks the edited draft, ensures that it matches some appropriate style guide, and ensures that the "galley" faithfully reflects whatever the author and the editor have agreed upon. Actually, the old cycle used to be Author -> Editor -> Printer/Typist -> Proofreader -> Pressman/Copier. There were a lot of checks, and a lot of delays. The end product was quality work... as long as timeliness did not matter. 2. Micros, word-processors, e-mail, bulletin boards and electronic forums have abridged the process. Unless PGN or Captain Midnight interpose themselves in the process, the readers of Risks will see exactly what I say, regardless of what I mean. Right out of my head and into the keyboard. The reader gets my half of an extemporaneous conversation. That is both the charm and the risk of e-mail and e-forums. 3. I still have the choice of composing off-line, getting peer review, cor- recting my work, up-loading it, then proofing the up-load (best done by some- one else), and finally transmitting it to PGN. I choose not to do so (but might choose _to_ do so on some other topic or some other day). In short, I assess the competing demands of spontaneity and perfection, and then act accordingly. My desktop micro, e-mail, and PGN have given me that option. When I started writing, there was no choice. Bruce, if the computer has done anything harmful to communication, that harm lies in the penchant for excessive iteration of repetitious revisions that squeeze all the juice out of some *person's* thought or opinion until it has no more intellectual appeal than a spare-parts listing. - Mike McLaughlin ------------------------------ End of RISKS-FORUM Digest ************************ -------