22-Mar-87 22:22:21-PST,14334;000000000000 Mail-From: NEUMANN created at 22-Mar-87 22:20:58 Date: Sun 22 Mar 87 22:20:58-PST From: RISKS FORUM (Peter G. Neumann -- Coordinator) Subject: RISKS DIGEST 4.66 Sender: NEUMANN@CSL.SRI.COM To: RISKS-LIST@CSL.SRI.COM RISKS-LIST: RISKS-FORUM Digest Sunday, 22 March 1987 Volume 4 : Issue 66 FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Question for Risks Readers on Overcoming Information Overload with Technology (Dave Taylor) Fumes from PC's (Lauren Weinstein) Re: health hazards of poorly placed CRT screens (Brinton Cooper) How to lose your ATM card (Jan Kok) Re: ATM experience (Bruce McKenney) Re: Increased Telephone Switching Capabilities (Dan Graifer) Releasing the phone line (edg) Automatic dialing devices in Canada (Michael Wagner) Overconfidence in Airplane Computers? (Ted Lee) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, nonrepetitious. Diversity is welcome. (Contributions to RISKS@CSL.SRI.COM, Requests to RISKS-Request@CSL.SRI.COM) (Back issues Vol i Issue j available in CSL.SRI.COM:RISKS-i.j. MAXj: Summary Contents Vol 1: RISKS-1.46; Vol 2: RISKS-2.57; Vol 3: RISKS-3.92.) ---------------------------------------------------------------------- From: Dave Taylor To: NEUMANN@CSL.SRI.COM (RISKS FORUM) Date: Thu, 19 Mar 87 23:50:10 PST Subject: Question for Risks Readers on Information Overload and Technology ReSent-To: RISKS@CSL.SRI.COM I'm working on a paper entitled: Overcoming Information Overload with Technology (Why It Can't Work) , talking about mostly (from the abstract): Most of the solutions that are commonly posed to the problem of information overload are to ``build better mousetraps'', the hope being that the technology will catch up and allow us to sift through enormous amounts of data easily. I believe that not only is this thinking flawed, but dangerous, and discuss the inherent problems from both a technological and cultural perspective. and would be most interested in any thoughts readers of this digest had about this subject matter. (It's for the upcoming Directions and Implications of Advanced Computer Systems conference in Seattle) (not that I've had it accepted yet, or anything...) I'm especially interested in horror stories people could tell me about relying on information filtering systems and finding that they actually weeded out critical information... Thanks! -- Dave Taylor ------------------------------ Date: Fri, 20-Mar-87 08:52:42 PST From: vortex!lauren@rand-unix.ARPA (Lauren Weinstein) Subject: Fumes from PC's To: RISKS@CSL.SRI.COM The most likely cause of a problem is OZONE. Created by "high" voltages, it is commonly associated with sparks and (particularly A.C.) motors. Given that the average PC circuit board or disk doesn't do much sparking (one hopes!) a possible culprit is the fans commonly on power supplies or other equipment in PC's. These are usually driven by A.C. motors. If the fan(s) brushes are sparking internally (this will generally be invisible from outside inspection), considerable ozone can be created--this is very irritating to some people and generally not great for anyone (ozone is one of the commonly measured components of air pollution). --Lauren-- ------------------------------ Date: Fri, 20 Mar 87 13:00:33 EST From: Brinton Cooper To: sandell@tcgould.tn.cornell.edu cc: risks@csl.sri.com Subject: Re: health hazards of poorly placed CRT screens One of the most common causes of neck pain is anxiety (stress). Excessive worrying about daily use of a CRT might bring on or exacerbate neck pain, might it not? _Brint ------------------------------ Date: Fri, 20 Mar 87 11:22 EST From: Jan Kok Subject: How to lose your ATM card To: risks@CSL.sri.com Recently an ATM machine (operated by the CA$H Network) confiscated my card. Here's what happened: I entered my password, but didn't press the keyboard hard enough, thus losing the first digit. Realizing what had happened, I pressed CANCEL, and the machine ejected the card. Since I just wanted to try again, I poked the card part-way back in, rather than taking the card out as the machine instructed. The machine didn't "accept" the card, i.e. the motor which normally pulls in the card didn't operate. At that point I realized the machine wanted me to take out the card, but by then there wasn't enough of the card exposed for me to get a grip on it. After I had fiddled with it for about a minute, a helpful bystander pushed the card all the way in, and the machine promptly informed me that it had taken the card and that I should contact my bank. I guess the machine thought I was tampering. By the way, the person at the bank told me that when an ATM machine seizes a card, it chops it in two, so I have to wait a couple of weeks for a new card. Meanwhile I've opened an account at another bank so I'll have another card for a different ATM network. ------------------------------ Date: Fri, 20 Mar 87 10:56:54 EST From: Bruce_McKenney%itsmts@CSV.RPI.EDU To: risks@csl.sri.com Subject: Re: ATM experience In reference to the person whose ATM deposit went into the account written on the back of the check, rather than that associated with the ATM card: A few months ago, I had precisely the opposite experience: after carefully filling out the deposit envelope, checking the "Checking Deposit" box and writing the account number for the checking account, I inadvertently punched the "savings deposit" button on the machine, and sure enough that's where it went, much to the detriment of checks drawn over the next week. Though I confess I failed to study the deposit receipt closely enough to detect the discrepancy, I was a bit surprised that the conflicting information didn't set off red flags somewhere. A query directed at one of the people who opens those envelopes received the response "Oh, we never look at what's written on the envelope". I never did receive a satisfactory answer as to: 1) why, given a choice, information requiring 10 penstrokes (and presumably a bit more thought) should be ignored in favor of information requiring only a single button-push (presumably much more susceptible to accident) 2) (the larger question) why redundant information which could be useful for cross-checking is requested but ignored. It seems to me that this latter is a classical issue in hardware, software, and humanware systems. ------------------------------ Date: Fri, 20 Mar 87 11:13:37 pst From: sdcsvax!net1.UCSD.EDU!graifer@ucbvax.Berkeley.EDU (Dan Graifer) (tty08) To: ucbvax!CSL.SRI.COM!RISKS Subject: Re: Increased Telephone Switching Capabilities A recent article ("Telephones: Learning Some Manners"; The Economist, March 14, 1987, pg. 82) discusses a pilot project at three exAT&T local operating companies of a system called Local Area Signalling Service (LASS). The new technology is a "line history memory" at the originating line's switch which records the number dialed. This number can be queried by the receiving line's switch. Some of the capabilities require a new instrument with display but most do not. The article quotes $5/month marginal cost. The big gain is in reducing the current invasion of privacy. Most people wouldn't admit physical persons into their home before determining their identity, but we don't know who we are going to talk to until we answer the phone. Other tricks include: Got a busy signal? Punch a code for automatic reconnect. When both caller and called lines are free, the system calls the caller and asks if the call should be completed. Several calls may be pending. Pick up the phone just in time to hear the other end disconnect? Ask your local switch to call him/her back. The incoming identifier phones would be useful to mail order houses etc. to verify the origination of a call, as well as the privacy application. (The article also points out that it will prevent calling your spouse from a bar with a fib about working late.) The local switch could also contain a "screen list" of numbers for special treatment; selective call forwarding, call waiting, or exclusion. (The original system gave a message "At the customers request, your call is not being completed" to excluded callers. This annoyed a lot of people, so it was changed to a "fake" ring-no-answer.) The article also points out that over half of all nuisance calls are placed from home. The new system will discourage that sort of thing. I discussed this article with a friend, who made two interesting assertions: 1) The information (calling #) is already available, and is encoded somehow just prior to the ring spike on the receiving line. 2) He was told by manufacturers of telephone sets that a feature to display this information on the recipient telephone was against current FCC regulation. Such a system opens and closes many abuses of the phone system. The article mentions nuisance calls and mail order verification. I don't see any obvious risks to the new features, but I can imagine weird combinations of screens leading to unintended results. Can anyone comment on my friend's assertions, or know which three operating companies were involved in this project? Dan Graifer ------------------------------ From: lll-crg!micropro!edg@seismo.CSS.GOV To: risks@csl.sri.com Subject: Releasing the phone line Date: 20 Mar 87 11:20:58 PST (Fri) The issue of automatic callers releasing the phone line is actually a people issue rather than a technology issue. Most telephone companies will release an incoming call when the recipient has hung up for about 15 seconds. This does not depend on the caller hanging up. When I was a kid, we knew that we could move from one phone to another as long as we did so in less than 15 seconds (and were the recipients of the call) rather than the callers. The problem comes when the call is unwanted. The recipient generally hangs up for as long as it normally takes to get a dial tone (1-2 seconds) and then goes off-hook, to "check" and make sure that the call was dropped. Naturally, it was not. The recipient goes on hook for another two or three seconds and checks again. Call still connected. Panic sets in and a feedback loop ensues. The recipient is unable to drop the call, not because the line is being held from outside, but because s/he does not know how to do so. When I get an unwanted call, I hang up, and walk away. I admit that the parent trying to call an ambulance does not have this presence of mind, but in truth, it would work. This is not to imply that I approve of automatic telephone solicitors. I consider them to be one of the few things worse than human solicitors. -edg ------------------------------ Date: Sun, 22 Mar 87 12:58:12 EST From: Michael Wagner X-To: risks@sri-csl.arpa Subject: Automatic dialing devices in Canada I was recently cleaning up my files in preparation to moving to Europe for a year, and came across the following insert in a phone bill from some time ago (a year or two, judging by the stratigraphy). I thought it might be of interest to RISKS readers. My phone supplier is Bell Canada (I'm in Ontario). Are you offended by recorded telephone solicitation calls? To help regulate the number of unwanted phone calls coming into your home or business, ground rules have been established by the Canadian Radio-television and Telecommunications Commission (CRTC) governing automatic dialing and announcing devices (ADADS) _when used for telephone solicitation purposes_. [italics in the original..mw] ADADS are ... [explanation of what they are and what they do...mw] Now, before the pre-recorded message starts, you must be informed of the nature of the call, the identity of the caller, and that you may end the call by hanging up. Within 10 seconds of [your] hanging up, the ADAD must disconnect from the line. ADAD calls may be made only between 9:30-20:00 weekdays, 10:30-17:00 Saturday, 12:00-17:00 Sunday. [two more paragraphs explain how and to whom you complain about violations, and the fact that organizations using ADADs have been warned what violations will do to their phone privileges...mw] ------------------------------ Date: Sat, 21 Mar 87 14:29 EST From: TMPLee@DOCKMASTER.ARPA Subject: Overconfidence in Airplane Computers? To: risks@CSL.SRI.COM Somehow, having just had the time to catch up on the last dozen issues or so of Risks, the following seems appropriate. My last flight back from DC Thursday afternoon had one of those chatty pilots, which I'm never sure I appreciate or don't. Anyway, once we were well underway he boasted about all the wonderful features of the 757. (I'm not knocking the plane: as a passenger I like it.) After talking about how the thrust is half the weight (mass, technically) of the loaded plane, the seven-color radar that spots precipitation and turbulence, etc., he then added (paraphrased), "and this plane has over a 100 on-board computers for your comfort and safety; for all you know you may be sitting on one right now." That almost ruined the whole flight! (at least, I pondered over it quite a while.) Ted [Seat-of-the-pants computing? PGN] ------------------------------ End of RISKS-FORUM Digest ************************ -------