2-Dec-86 21:31:32-PST,17726;000000000000 Mail-From: NEUMANN created at 2-Dec-86 21:28:34 Date: Tue 2 Dec 86 21:28:34-PST From: RISKS FORUM (Peter G. Neumann -- Coordinator) Subject: RISKS DIGEST 4.22 Sender: NEUMANN@CSL.SRI.COM To: RISKS-LIST@CSL.SRI.COM RISKS-LIST: RISKS-FORUM Digest, Tuesday, 2 December 1986 Volume 4 : Issue 22 FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: More Air Traffic Control Near-Collisions (PGN) Re: satellite interference (Jerome H. Saltzer) "Welcome to the .......... system": An invitation? (Bruce N. Baker) Replicability; econometrics (Charles Hedrick) Re: Risks of computer modeling (John Gilmore) Computerized weather models (Amos Shapir) Active control of skyscrapers (Warwick Bolam) Privacy in the office (Paul Czarnecki) Kremlin is purging dimwitted scientists (Matthew P Wiener; also in ARMS-D) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, nonrepetitious. Diversity is welcome. (Contributions to RISKS@CSL.SRI.COM, Requests to RISKS-Request@CSL.SRI.COM) (Back issues Vol i Issue j available in CSL.SRI.COM:RISKS-i.j. MAXj: Summary Contents Vol 1: RISKS-1.46; Vol 2: RISKS-2.57; Vol 3: RISKS-3.92.) ---------------------------------------------------------------------- Date: Tue 2 Dec 86 10:08:05-PST From: Peter G. Neumann Subject: More Air Traffic Control Near-Collisions To: RISKS@CSL.SRI.COM Chicago (UPI) 2 Dec 1986 Two passenger jetliners on their landing approaches nearly collided with small planes in separate incidents here yesterday, the Federal Aviation Administration said. The near-collisions, which occurred within 29 minutes of each other, involved a Midway Airlines DC-9 with 90 people aboard, arriving from Philadelphia, and a United Airlines Boeing 727 with 128 people, en route from Baltimore. FAA spokesman Mort Edelstein said that the United pilot reported passing within 500 feet laterally of a twin-engine Beechcraft 90 about 28 miles southeast of O'Hare International Airport at 7:41 a.m. The pilot made a sharp left turn to avoid the smaller aircraft, he said. According to Edelstein, a preliminary inquiry found that the smaller plane had a defective transponder that was transmitting inaccurate data on the plane's altitude to air traffic controllers in Aurora, west of Chicago. [The second incident was less close, and no explanation was given.] The problem of an accidentally malfunctioning transponder is in many ways equivalent to that of an intentionally malfunctioning transponder -- either one that has been purposely sabotaged in an attempt to jeopardize the plane or one that has been altered "constructively" in an attempt to hide the true altitude of the plane. In all of these cases, the ATC system implicitly trusts the authenticity and accuracy of the transponders with which it communicates -- if such a transponder exists at all in a private plane. ------------------------------ Date: Mon, 1 Dec 86 23:37:50 EST To: RISKS FORUM (Peter G. Neumann -- Coordinator) Subject: Re: satellite interference From: Jerome H. Saltzer About a month ago, Richard Wexelblat reported to RISKS that satellite delivery of the Headline News Network to his location was disrupted for a short time by an interfering signal whose picture wasn't intelligible but whose sound seemed to be advertising satellite decoders. In contrast with the Captain Midnight attack on HBO, no big follow-up story appeared in Newsweek and Time magazines. My contact at the F.C.C. tells me that there are typically a couple of incidents like this every day. The primary problem is not malicious attacks by a Captain Midnight. It is simple screwups by uplink operators who forget to throw switches, who set wrong channel numbers in their transmitters, who aim their dishes at the wrong satellite, or who run automatically programmed switching sequences that were intended for yesterday or tomorrow rather than today. The reported audio content sounds suspicious, but it turns out that a scrambled video service usually has an unscrambled audio channel accompanying it that explains how to obtain a decoder and subscribe to the service. The audio that goes with the picture is buried somewhere else in the channel. F.C.C. technicians have proposed to tackle the operator screwup problem by requiring that uplink transmitters place encoded call letters in the vertical retrace interval of their transmitted waveforms. Then at least someone who is being interfered with can quickly figure out which of the 1200 licensed uplink transmitters is muddled up and get the operator there on the phone quickly. That solution doesn't eliminate intentional attacks by someone who knows how to forge the unique id, but from the F.C.C.'s point of view it will solve 99.9% of the problem they face. As for malicious cases, detective work and $10,000 fines may help keep things under control. Although the technology is different, don't the problem and the proposed solution both sound quite familiar to the regular reader of RISKS? Jerry ------------------------------ Date: Tue 2 Dec 86 10:35:05-PST From: Bruce N. Baker Subject: "Welcome to the .......... system": An invitation? To: RISKS@CSL.SRI.COM At a local chapter meeting of the Information Systems Security Association, a representative of VM Software Inc. told a story about a Massachusetts financial institution that had attempted to prosecute a hacker who had penetrated their system. The defense lawyer argued that the system had a greeting that welcomed people to the system and that was tantamount to welcoming someone into your home (Goodbye, Welcome mats?). The judge threw out the case accepting the arguments of the defense. I have attempted to track down the authenticity of the story through the VM Software rep but he will not divulge the name of the company. Attempts to track it down through the law firm of Gaston Snow & Ely Bartlett in Boston revealed no records of such a case. Obviously, if there was such a case it has implications to the wording of the Welcome banner on any system. Can anyone provide a better lead or lend credence to the story? ------------------------------ Date: Mon, 1 Dec 86 12:13:24 est From: hedrick@topaz.rutgers.edu (Charles Hedrick) Subject: Replicability; econometrics (Re: RISKS-4.21) To: risks@csl.sri.com I have had a long-term concern with replicability of scientific experiments. It does not appear that this concern is shared outside of certain physical sciences. When I was a grad student, I published an article in the American Economic Review (the economic equivalent of CACM). In order to allow replicability, I included the actual data, together with the details on how I had adjusted the raw data series (something which has to be done because the agencies change definitions every few years). The data was small compared to the size of the article. It was cut for space reasons. My article itself was a replication of an empirical study done some years ago. It covered a period when the economy had behaved very differently. It came to the same conclusions. The original study had been very careful about econometric validity. It is possible to do valid work in econometrics. It is also possible to duplicate carefully done work. [I think these comments are important because they show that econometrics is not necessarily voodoo. What we need are professional standards to help us separate the good work from the bad.] Similar problems occur in computer science. Several years ago, one of our grad students attempted to duplicate the results of researchers in one area of AI. He was trying to do research into what actually causes success in rule-based systems. He ran into serious problems with another research group, which went beyond simply refusing to give data. I think our department would prefer for me not to give any more details. But he concluded that such work was impossible in the particular area with which he was involved. In my opinion, anyone who publishes empirical claims in a scientific journal should be required to give people access to the data needed to replicate it or do further analysis of its model. I have been unable figure out what to do to try to make that happen. By the way, I have a related Risk to describe. As I mentioned above, in econometrics one normally has to twiddle with the basic data series in order to get useful numbers. I am now a computing manager. I find that our users expect to have access to various commercially-prepared econometric data series. As far as I can see, all that is there is a bunch of numbers and a one-line description of what it is. When I was doing work in the area, I would have wanted to know a lot more about how the numbers had been prepared. I'm hoping there is some sort of hardcopy document available to users of the databases, but I'd bet even if there is, a lot of our users never see it. ------------------------------ Date: Tue, 2 Dec 86 05:39:29 PST From: hoptoad!gnu@lll-crg.ARPA (John Gilmore) Subject: Re: Risks of computer modeling To: risks@sri-csl.arpa > Is the problem restricted to econometrics, or is the abuse of computer > modeling widespread? It is widespread. One friend of mine has done extensive work in "decision analysis" systems, with clients in the military, Bell System, etc. I did some programming on such a system for him while he was at SRI. When looked at from the inside, it is obvious that such a system will give you back exactly the answers that you fed it as input, since most of the input data is "How important is this? How important is that?". But people will believe it because a computer model said so, while if *you* told them that the widget acceptance ratio was 33% if priced at this level, they would ask you why. They didn't get to ask when you typed it in. Another friend works for the World Bank in Washington, DC. She has done a lot of proposals and evaluations around funding of transportation projects in third world countries. I remember helping her get some of her modeling programs right. Her approach was always to figure out what the data "means", in other words, what result she wanted, and then juggle the numbers and equations until she could "prove" it. I don't think that abuse of modeling is restricted to computer models, or even that it is more prevalent with computer models. In all disciplines, experienced people with a feel for things figure out what is going on and proceed from there. If somebody wants better justification, they have to cook one up, but don't mistake the source of the estimate: the human mind, not the later model. Cf. ``How to Lie with Figures''. Don't have the citation but it's a standard work. Maybe it needs an update to deal with new techniques. ------------------------------ From: Amos Shapir Date: 1 Dec 86 10:02:31 GMT To: mod-risks@decwrl.DEC.COM Subject: Computerized weather models About weather models: they are one of the few accurate forecasting models possible; the only trouble is that the required answers, e.g. 'will it rain on the game tomorrow?' are much more detailed than the base data (typically a 3-6 hourly surface report from stations 50 miles apart). Besides, until Crays came along, it was almost impossible to do it in real time. Amos Shapir, National Semiconductor (Israel) 6 Maskit st. P.O.B. 3007, Herzlia 46104, Israel (011-972) 52-522261 amos%nsta@nsc 34.48'E 32.10'N ------------------------------ Date: Mon, 1 Dec 86 14:05:28 EST From: munnari!goanna.oz!wjb@seismo.CSS.GOV (Warwick Bolam) To: RISKS@csl.sri.com Subject: Active control of skyscrapers > Date: Wed, 26 Nov 86 13:32:05 EST > From: "Kim P. Collins" > To: RISKS@CSL.SRI.COM > Subject: Very Brief Comments on the Current Issues > > New subject > Any comments on active vs. passive control structures? For instance, > having a skyscraper that has flexible material so that in high winds > it bends and does not fail, VS having a skyscraper that has guy wires > connected to winches that are controlled by a computer that tests wind > velocities, etc. There already exist active control systems for skyscrapers that use a huge mass, that is "pushed around" by computer controlled equipment to stabilise the building. I'm afraid I have no reference to this. I saw it on TV. Warwick Bolam UUCP: seismo!munnari!goanna.oz!wjb ARPA: munnari!goanna.oz!wjb@SEISMO.ARPA ------------------------------ From: harvard!munsell!pac@seismo.CSS.GOV (Paul Czarnecki) Date: 2 Dec 86 16:19:49 GMT To: mod-risks@seismo.CSS.GOV Subject: Privacy in the office Organization: Eikonix Corp., Bedford, MA There is an interesting article in the November/December 1986 issue of Technology Review that I though may be of interest to RISKS readers. The title is "Monitoring on the Job: How to Protect Privacy as Well as Property." The authors are Gary T. Marx and Sanford Sherizen. The article discusses how surveillance technology is used in the modern office environment. Everything from video cameras in the parking lot to private data on corporate machines is discussed. Although much of the technology is not computer related, some of it is. I thought the article was interesting overview of some of the issues involved with technology and privacy. It was not as in-depth as I would have liked, but good anyhow. pZ Paul Czarnecki -- Eikonix, Corp. -- Bedford, MA {{harvard,ll-xn}!adelie,{decvax,allegra,talcott}!encore}!munsell!pz ------------------------------ Date: Mon, 1 Dec 86 01:31:38 PST From: weemba@brahms.berkeley.edu (M P Wiener) To: arms-d@xx.lcs.mit.edu Subject: !!! Kremlin is purging dimwitted scientists !!! Cc: risks@csl.sri.com The following is shamelessly stolen from the 2 Dec 1986 edition of the WEEKLY WORLD NEWS. (You couldn't have missed that issue while shopping: it had the banner headlines about the five-week long pregnancy [Bulgarian natch] and a recipe for cooking Thanksgiving turkeys in the dishwasher.) - - - - - - - - - - - - - - - - - - - - - - - - << Lame-brained Russians try to fix computer -- with a hammer >> !!! Kremlin is purging dimwitted scientists !!! Soviet official launched a massive investigation into the training of technical personnel after a repairman tried to fix a sophisticated missile guidance system with a hammer, a screwdriver and an oil can. A recent East German defector, Dr. Hermann Franz, blew the lid off the shameful state of Soviet technical know-how in a scathing letter to top science journals upon his arrival in the West. The computer scientist, who is now living in France, claims there is a very real danger that a poorly-trained Russian technician might accidently start World War 3. ``The repairman with the oil can is a glaring example of their in- eptitude,'' said the expert. ``He was assigned to one of the most sensitive missile bases in the U.S.S.R. ``And yet, when he was called on to repair a circuit problem in a computer console, he showed up with carpenter's tools. ``First he walked over and kicked it. Then he said, `Something is stuck.' I thought he was joking until he started squirting oil and blew every circuit in the control center. ``It took six weeks to repair the damage -- six weeks to do a job that qualified technicians could have done in a matter of days.'' Horrifyingly, the missile base near the foot of Ural Mountains is armed with some of the Soviet Union's most powerful intercontinental missiles and nuclear warheads, Dr. Franz said. A Soviet Air Force spokesman angrily denied the allegations, call- ing Soviet technicians ``the finest in the world.'' One highly-placed military source conceded that Soviet training programs are being investigated. But he insisted that the investi- gation was routine. Meanwhile, Dr. Franz has called on Western politicians and scien- tists to pressure the Soviets into monitoring the work of their tech- nicians more closely. ``The specter of nuclear holocaust is frightening enough,'' he said, ``without having to worry about some dimwit starting the war that would kill us all.'' -- Derek Clontz - - - - - - - - - - - - - - - - - - - - - - - - I don't quite follow the logic of that last quotation. Personally I'm more worried about some of the "dimwits" at the other end of the nuclear chain of command. I have two questions: Q1) Can anyone identify a quote top science journal unquote that is pub- lishing Dr Franz' letter? (Heck, while we're on a roll, can anyone con- firm the "Clark Gable's our god, says lost island tribe" story?) Q2) What is known/believed about Soviet failsafe mechanisms? ucbvax!brahms!weemba Matthew P Wiener/UCB Math Dept/Berkeley CA 94720 ------------------------------ End of RISKS-FORUM Digest ************************ -------