8-Jul-86 18:06:28-PDT,11756;000000000000 Mail-From: NEUMANN created at 8-Jul-86 18:02:58 Date: Tue 8 Jul 86 18:02:57-PDT From: RISKS FORUM (Peter G. Neumann, Coordinator) Subject: RISKS-3.18 Sender: NEUMANN@CSL.SRI.COM To: RISKS-LIST@CSL.SRI.COM RISKS-LIST: RISKS-FORUM Digest, Tuesday, 8 July 1986 Volume 3 : Issue 18 FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Computer Crime in Scandinavia (Martin Minow) Re: Risks from inappropriate scale of energy technologies (Henry Spencer) Sensor technology and disinformation (Eugene Miya) Educating to prevent RISKS (Steven Gutfreund) Rash of 'Undeliverable mail' (Chuck Price) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, nonrepetitious. Diversity is welcome. (Contributions to RISKS@SRI-CSL.ARPA, Requests to RISKS-Request@SRI-CSL.ARPA.) (Back issues Vol i Issue j available in SRI-CSL:RISKS-i.j. Summary Contents in MAXj for each i; Vol 1: RISKS-1.46; Vol 2: RISKS-2.57.) ---------------------------------------------------------------------- Date: 04-Jul-1986 0922 From: minow%pauper.DEC@decwrl.DEC.COM (Martin Minow, DECtalk Engineering ML3-1/U47 223-9922) To: risks@csl.sri.com Subject: Computer Crime in Scandinavia From the Danish newspaper, Information, (I think on 31-May-1986): Datatapping -- The Oslo [Norway] firm, Finn Solvang A/S, has reported a Danish engineer to the police in Denmark for an attempt to get a woman employed by the firm to tap the company's computer system for valuable information on customer lists and design. The woman was offered money and instruction on how she could do the work during a weekend. The engineer is employed by a Danish firm which had collaborated with the Norwegian, but which became a competitor at the beginning of the year. Martin Minow (In my note on Chernobyl, I accidentally translated the Danish word "chokerade" as "choked" when it should be "shocked" -- that's what comes from writing with my fingers and not my mind. Funny that my spelling checker didn't catch it... A few native speakers of Danish confirmed that the sentence I wasn't too certain of was reasonably translated. One said that a better translation might have been "the mathematical models used were completely wrong," making it more of a design failure than a programming bug. Martin.) ------------------------------ From: decwrl!decvax!utzoo!henry@ucbvax.Berkeley.EDU Date: Fri, 4 Jul 86 21:18:30 edt To: decvax!CSL.SRI.COM!RISKS Subject: Re: Risks from inappropriate scale of energy technologies > I think that we should be pursuing a policy course which develops > technology that can be put safely in the hands of non-technical people. > This might take the form of small burners which use the methanol from > organic wastes, windmills, or non-electrical solar collectors, to name a few > possibilities. Localized, distributed technologies have many advantages, > including ease of repair, localization of risk from outage, and major > reductions in distribution losses and cost of distribution equipment and > labor... Let us not forget that distributed technologies create their own new categories of risks. The advantage of centralized resources is that much more attention can be given to keeping them safe, and they do not have to be designed to be utterly idiot-proof. (Although it helps...) Automatic collision avoidance for airliners is imminent, while for cars it is far away. Why? Because such a system for cars would have to be cheap, easy to install and maintain, and 99.999999% reliable in a wide range of conditions despite being maintained at long, irregular intervals by largely unskilled people. Although all these characteristics certainly would be desirable for airliner systems, they are not *necessary*. Airlines can afford relatively expensive systems needing frequent attention, and can ensure that they are given regular checkouts by skilled personnel. An airliner system can also assume that a qualified pilot, prepared for the possibility of mechanical failure, is minding the store at all times. (Such assumptions are not invariably true even for airliners; the point is that they are seldom or never true for cars.) Even disregarding this specific example, a quick look at accident rates for car travel and air travel yields interesting results for the "distributed is better" theory. Does anyone seriously believe that the level of safety attention routinely given to aircraft could possibly be given to cars? Don't forget to compute the accident potential of distributed technologies. Methane is an explosion hazard, as witness the safety considerations for virtually any appliance using natural gas (natural gas is essentially straight methane). Windmills and solar-heat collectors don't have that problem, at least, but they do require maintenance and they are generally far enough off the ground to present a risk of accidental falls. (Last I heard, falls were the #2 [after auto accidents] cause of accidental death.) One can argue about whether lots of little accidents are preferable to a few big ones, but dead is dead either way if you're one of the victims. And it's not clear that the overall death rates are lower for distributed systems. There is also the question of voluntarily-assumed risks versus ones one cannot avoid, but it seems to me that this case doesn't really present much of a dichotomy. If nobody builds central power plants, I really have little choice about whether I assume the risks of generating my own power. Yes, I can avoid them at the cost of major inconvenience (doing without), but I could also avoid most of the risks of centralized power at the cost of major inconvenience (move to Fiji). Henry Spencer @ U of Toronto Zoology {allegra,ihnp4,decvax,pyramid}!utzoo!henry ------------------------------ From: Eugene miya Date: 7 Jul 1986 1519-PDT (Monday) To: arms-d@mit-xx Cc: risks@sri-csl Subject: Sensor technology and disinformation As the person who started the SDI sensor technology question which has had a couple of follow ons to Arms-d, permit me to make one comment and raise one question which Charlie Crummer@aerospace only alludes. First, IR technology despite advances in sensor technology cannot get around the "3-body, hidden object" problem. Given a sensor and a target, if an intervening "warmer object" passes in between, the target disappears. This is an azimuth ambiguity. It sound trivial, but it is not, especially when the intervening object might be air (which does have temperature), or a mist, or other non-massive-solid. My intent is only to point this out, not some IR remote sensing. Second, the Administration has stated a policy of disinformation with regard to SDI and letters denouncing such have appeared in Aviation Week. My question is: if we as scientists announce something as "disinformation" as one of Charlie's comments, what are all of the consequences? I can think of several including counter-announcements, the usual financial thumbscrews to funding agencies, Ellsberg type operations, and so forth. Problem is this is not a leak of information, and it's not clear to me that the SDIO can persecute this like espionage cases. Is Charlie irresponsible for revealing disinformation? Are we as scientists expected to maintain disinformation? Also, disinformation in the past has been known to backfire (another risk?). Again the usual disclaimer that these are the opinions of the individual and not my employer, and STAR WARS is a trademark of Lucasfilm, Ltd. despite what courts say. --eugene miya NASA Ames Research Center eugene@ames-aurora.ARPA ------------------------------ Date: Mon, 7 Jul 86 12:32 EST From: "Steven H. Gutfreund" To: risks@SRI-CSL.ARPA Subject: Educating to prevent RISKS RE: Jan Lee (RISKS V3 N17) on the risks of not educating casual programmers. Your problem (in a nutshell) seem to be with the administration which needs to be made aware (educated) about the risks of under-educated programmers, than with the students themselves. To phrase this question in full generality: How do I make a person aware that his course of action contains risks which he is underplaying or not cognizant of? Classic examples of this are: a) Try teaching a child not to touch the hot stove. b) Teach your young and eager disciple that you have learned (via years of painful pratical experience) that he needs to take a more cautious approach (e.g. to design of large programming problems) c) Teach your manager (who lacks modern engineering skills) that the project plan is too risky. Approaches to attack this include: 1) Let the kid touch the stove (or the project go down the tubes) 2) Turn the issue into a confrontation (boycott the project meetings, threaten the child with loss of priviledges, etc.) 3) Try and instill the Fear of G-D in the person (long careful explanations, dissertations, memos, etc.) There seems to be a fundamental problem in any form of directly trying to educate the unaware individual. Since what you are basically trying to do is increase the persons level of anxiety, fear, or distrust of his own thought processes. Since these emotions are not normally identified with more "rational" attitudes, there is bound to be distrust of your motives. As long as you proceed with any of the above mentioned "direct" approaches, he is bound to be AWARE of your efforts, and draw the negative conclusions. It seems to me then that only indirect and subtle approaches will succeed. This conclusion should be seen as especially relevent to RISKS contributors since most of them seem to be involved in publicizing fears and anxieties. - Steven Gutfreund ------------------------------ Date: Tue, 8 Jul 86 11:20:05 pdt From: price@src.DEC.COM (Chuck Price) Message-Id: <8607081820.AA04763@barnum.DEC.COM> To: neumann@sri-csl.ARPA Subject: Rash of 'Undeliverable mail' Subtitle: Risks of undigestification Help! Ever since you published "License Plate Risks" in the Risks Forum, I have been receiving a number of 'undeliverable mail' messages. A sample is attached. Is there any way we can stop this? I'm starting to feel like Robert Barbour. -chuck ------- Forwarded Message [...] Date: 8 Jul 1986 12:30:26-EDT From: netmailer%MIT-CCC@mit-mc Subject: Undeliverable mail Apparently-To: -- Your letter to `ghuber@MIT-MARIE' is being returned because: -- Mail undeliverable for too long -- Returned letter follows: -- Date: 30 Jun 1986 12:32:31-EDT From: price@SRC.DEC.COM@MIT-CCC Date: Monday, 23 June 1986 12:56-EDT To: RISKS-LIST:@XX.LCS.MIT.EDU, RISKS@SRI-CSL.ARPA Subject: License Plate Risks ReSent-From: LENOIL@XX.LCS.MIT.EDU ReSent-To: info-cobol@ccc ReSent-Date: Mon 30 Jun 1986 01:50-EDT [Chuck's original message followed. This could be another risk of undigestification. If I simply remailed individually all of the messages in each issue of RISKS, then EACH contributor would have to put up with the enormous number of BARF message that your moderator otherwise puts up with! PGN] ------------------------------ End of RISKS-FORUM Digest ************************ -------