24-Jul-86 00:33:53-PDT,12303;000000000000 Mail-From: NEUMANN created at 24-Jul-86 00:31:47 Date: Thu 24 Jul 86 00:31:47-PDT From: RISKS FORUM (Peter G. Neumann -- Coordinator) Subject: RISKS-3.24 Sender: NEUMANN@CSL.SRI.COM To: RISKS-LIST@CSL.SRI.COM RISKS-LIST: RISKS-FORUM Digest, Thursday, 24 July 1986 Volume 3 : Issue 24 FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Comet and Electra (Jerry Saltzer, Marv Zelkowitz, Don Chiasson, Bard Bloom) No gasoline because the computer is down? (Jim Barnes) HBO Hacker Captain Midnight Caught (via Geoff Goodfellow) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, nonrepetitious. Diversity is welcome. (Contributions to RISKS@CSL.SRI.COM, Requests to RISKS-Request@CSL.SRI.COM) (Back issues Vol i Issue j available in CSL.SRI.COM:RISKS-i.j. Summary Contents in MAXj for each i; Vol 1: RISKS-1.46; Vol 2: RISKS-2.57.) ---------------------------------------------------------------------- Date: Tue, 22 Jul 86 23:26:59 EDT To: RISKS FORUM (Peter G. Neumann -- Coordinator) Subject: Re: Comet and Electra From: Jerome H. Saltzer > - I also heard that the structural defect in the Electra I wing design had > not been caught by the stress analysis program because of an undetected > overflow on a critical run. Can anyone provide documentation for this? (I > think this story was on the grapevine at the NATO Software Engineering > Conferences in 68-69.) In case it helps anyone recall where that one might be documented: the version of the story that came through here had it that some piece of simulation input data was typed with the wrong minus sign. (The commonly available version of the 026 key punch had a minus sign and a hyphen as distinct characters. And the input format conversion routines in those days were both unforgiving and silent about errors.) Jerry ------------------------------ Date: Wed, 23 Jul 86 09:57:25 edt From: mvz@aaron.cs.umd.edu (Marvin Zelkowitz) To: risks@csl.sri.com Subject: Re: Comet and Electra Horning's recent comment reminds me of two related items: - On the Electra I wing design defect: My version of the story goes that the undetected overflow error was finally detected when these "correct" programs were used as benchmarks for a new computer (a Burroughs I think), which gave radically different answers. I do not have any proof of this, but it might give some additional help in tracking it down. - On overflow detection: In the late 60s, a certain vendor's FORTRAN did not detect overflow. At a users' group meeting, the vendor offered to add overflow detection at an execution penalty of one instruction per arithmetic operation (e.g., branch-on-overflow). This was voted down. The only conclusion is that users would rather be fast than right. The issue for RISKS is "Are these people the ones 'still in control'?" --Marv Zelkowitz ------------------------------ Date: Wed 23 Jul 86 09:17:42-ADT From: Don Chiasson Subject: Re: Comet and Electra To: risks@CSL.SRI.COM > From: horning@src.DEC.COM (Jim Horning) > - A numerical analyst once explained to me why all modern airliner windows > have rounded corners: Anyone concerned with solving partial differential > equations knows that square corners lead to singularities. He said that the > Comet crashes were traced to metal fatigue at the (square) corners of its > windows. (He concluded that airplane designers should study Numerical > Analysis.) Most engineers know that any sharp corner on a stressed member will cause an increase of actual stress over the nominal calculated stress, and the ratio of these is called the stress concentration factor, K. The value of K is sort of inversely proportional to the radius of curvature of the discontinuity. High K is the reason cracks propagate so well. The temporary fix for a crack is to drill a hole at the end of the crack which increases the radius of the "corner" and decreases K. It is standard design practice to avoid sharp corners. Stress concentration is usually discussed in design textbooks without going into the differential equations: there are lots of tables. This brings up a problem encountered in computer applications: the difficulty of a programmer learning the standard practices of a field in which he is working. Engineers know about stress concentration, but programmers and mathematicians may not. > - I also heard that the structural defect in the Electra I wing design had > not been caught [...]. Can anyone provide documentation for this? I can't give a direct answer to this, but I know that a mid 60's computer which was heavily used in scientific and engineering applications had very poor accuracy in its trig package. Is this perhaps the same topic? (Or was the Electra designed in the 50's??) Note: I can identify the manufacturer and machine, but feel that if I did so, I would be potentially libelous. Don Chiasson ------------------------------ Date: Wed 23 Jul 86 11:44:00-EDT From: Bard Bloom Subject: Re: Comet and Electra To: RISKS@CSL.SRI.COM [Structural defect in the Electra I wing design, again. See Jerry, above.] I don't know about this, but I was trying to move some software in Fortran from an IBM to VAX for McDonnell-Douglas one summer. The program on the VAX kept dying, with a message to the effect of "I can't take a sine of a number this large". The program was trying to take sines of large (order of 10^20) numbers in 16-digit arithmetic. The first thing that the sine routine does is reduce its argument modulo pi, which loses *all* of the precision of the 20-digit number. The VAX's software generated an error about this. The IBM did not; and the programmers hadn't realized that it might be a problem (I guess). They had been using that program, gleefully taking sines of random numbers and using them to build planes, for a decade or two. ------------------------------ Date: Wed, 23 Jul 86 13:56:44 edt From: decvax!wanginst!infinet!barnes@seismo.CSS.GOV (Jim Barnes) To: sri-csl.arpa.UUCP!risks@seismo.CSS.GOV Subject: No gasoline because the computer is down? Last Friday, on my way home, I stopped at the local gasoline station to "fill 'er up". However, they could not pump any gas because the "computer was down". It seems that the pumps at the station were the new kind (with the digital displays for price per gallon, total, etc.) and were linked through to some computer somewhere. Who would have thought that a computer failure could prevent us from being able to purchase gasoline? But now that I think of it, all those new point of sale terminals linked to a computer could be in trouble if the computer fails. It used to be that this kind of problem would occur only if there was an electrical power outage, but now just having the computer down can cause the same problem. decvax!wanginst!infinet!barnes Jim Barnes ------------------------------ Date: 23 Jul 1986 17:08-PDT Sender: GEOFF@CSL.SRI.COM Subject: HBO Hacker Captain Midnight Caught Cc: neumann@CSL.SRI.COM ReSent-To: risks@CSL.SRI.COM JACKSONVILLE, Fla. (AP) - Investigators using a complicated process of elimination have unmasked ''Captain Midnight,'' who admitted in court he overrode HBO's satellite delivery system to transmit a message. John R. MacDougall, owner of a home satellite dish business in Ocala that officials said was hurt by cable companies' decisions to scramble their signals, agreed to plead guilty to illegal transmission of a satellite signal in exchange for a $5,000 fine and one year probation. He could have faced a maximum $10,000 fine and a year imprisonment. MacDougall, who was released on a $5,000 bond, and his attorney, John M. Green Jr., refused to comment as they left the federal court building Tuesday after entering the plea before a U.S. magistrate. Sentencing is set for Aug. 26 and MacDougall can retract his plea if the judge will not accept the arrangement. Early on April 27, MacDougall was the only one working at a satellite transmission center called Central Florida Teleport with the kind of equipment needed to disrupt the HBO signal, officials said. Although the video sneak attack was only a minor annoyance to HBO and its viewers, the Federal Communications Commission launched a massive investigation because of the potential problems a less selective video hacker might cause. ''The potential for damage to critical satellite frequencies cannot be underestimated,'' said Richard M. Smith, chief of the FCC's field operations bureau. He noted that critical telephone calls, air traffic control, military data and medical information are sent by satellite and that even an accidental interruption of one of these messages could cause dire consequences. On April 27, HBO viewers saw a message replace the movie ''The Falcon and the Snowman.'' The message said: ''Good Evening HBO ''From Captain Midnight ''$12.95 month ''No way! ''(Showtime Movie Channel beware.)'' The wording was an apparent reference to HBO's decision to scramble its satellite-delivered signal so it could not be watched by those not paying for HBO, officials said. ''His company was sustaining substantial losses because of the scrambing of HBO and threats of other scrambling,'' said Assistant U.S. Attorney Lawrence Gentile III. MacDougall also interrupted HBO video signals on April 20, when he transmitted a color bar pattern, officials said. On Jan. 15, HBO became the first cable TV network to scramble its signal full time. Showtime and The Movie Channel scrambled their programming full time on May 27. The scrambling makes pictures unwatchable without a descrambler and slowed sales of satellite dishes. Of 580 satellite facilities with a transmitting dish large enough to overpower HBO's signal, less than a dozen had sufficient power and the right kind of electronic typewriter to write the protest message Captain Midnight transmitted, investigators said. The investigation focused on Ocala after a tipster vacationing in Florida reported to the FCC an overheard telephone call about Captain Midnight. The tipster provided the caller's description and license plate number. The caller who was overheard was not the suspect, but the FCC said the information provided proved extremely beneficial. [The L.A. Times refined this a little, after noting that there were only 580 appropriate candidate facilities: "By studying tapes of the illegal video signal, the FCC's field staff concluded that the message had been generated using a specific make and model of character-generator device to transmit symbols, such as letters and numbers, onto a television screen. "After visiting those plants, investigators had three prime suspects, including MacDougall. When he was notified he was a suspect, MacDougall turned himself in." This seems like a nice bit of detective work, and certainly presents an interesting risk for would-be perpetrators -- somewhat like radioactive traces in dyes, watermarks in paper, imperfections in certain characters on a typewriter or printer, and voiceprints (all of which have been used successfully to identify or subset culprits). On the other hand, the smart perpetrator, aware of such tell-tale signatures, might figure out a way to spoof someone else's tell-tale, similar to changing the answer-back drum on a teletype or hacking your cellular telephone identifier (as noted in a previous RISKS by Geoff). Will this case escalate the sophistication of satellite attacks? PGN] ------------------------------ End of RISKS-FORUM Digest ************************ -------