26-Mar-87 17:29:51-PST,18443;000000000000 Mail-From: NEUMANN created at 26-Mar-87 17:28:01 Date: Thu 26 Mar 87 17:28:01-PST From: RISKS FORUM (Peter G. Neumann -- Coordinator) Subject: RISKS DIGEST 4.68 Sender: NEUMANN@CSL.SRI.COM To: RISKS-LIST@CSL.SRI.COM RISKS-LIST: RISKS-FORUM Digest Thursday, 26 March 1987 Volume 4 : Issue 68 FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Re: Health hazards associated with VDU use: eyestrain (Barry Gold) ... and fluorescents (Re: RISKS-4.67) (Brad Davis) ... and related injuries (Jeremy Grodberg) Conference on Computers and Law (David G. Cantor) Re: runaway motors (Don Lindsay) The social implications of inadvertent broadcasts (Donn Seeley) Re: Increased Telephone Switching Capabilities (Andrew Klossner) Re: phone number of caller (Don Lindsay, Jeremy Grodberg) Hang-ups (Paul Wilcox-Baker) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, nonrepetitious. Diversity is welcome. (Contributions to RISKS@CSL.SRI.COM, Requests to RISKS-Request@CSL.SRI.COM) (Back issues Vol i Issue j available in CSL.SRI.COM:RISKS-i.j. MAXj: Summary Contents Vol 1: RISKS-1.46; Vol 2: RISKS-2.57; Vol 3: RISKS-3.92.) REMINDER: NET TABLES ARE CHANGING TO FULLY QUALIFIED ADDRESSES ON 1 APRIL 87. ---------------------------------------------------------------------- Date: Wed, 25 Mar 87 17:13:43 PST From: Barry Gold To: risks@csl.sri.com Subject: Re: Health hazards associated with VDU use: eyestrain PGN's comment on the light spectrum from fluorescents ignored another "feature" of fluorescents: stroboscopic distortion. Take a small, bright object (like a pencil) and wave it back and forth under sunlight or incandescent light; you'll see a blur. Do that under flourescents and you'll see several copies of the object. Get the frequency right and you can even read the lettering on the pencil. This means that movements (including the ones caused by your constant eye motion) that would normally be smooth blurs (no feature to attract your auto-focus mechanism) work in jumps that can cause your eye muscles to try to track them. An earlier posting on VDUs suggested keeping them at or above eye level. There is another good reason (besides neck strain) to do this. Our eyes were evolved for light coming from above. You'll notice your upper eyelashes are longer and thicker than the lower. And if you shave off your eyebrows and spend much time outdoors, you'll suffer eye damage (bet you thought eyebrows didn't have any function). I keep my crt on an empty IBM PC box. This puts the bottom of the screen about level with my eyes. And most of the light--both from the screen phosphors and room light reflected off the screen--comes from above, as it should. I seem to be able to work more comfortably this way. [Me too. Excellent advice. Thanks. PGN] ------------------------------ Date: Wed, 25 Mar 87 14:15:40 mst From: b-davis@utah-cai (Brad Davis) To: RISKS@csl.sri.com Subject: Risks of Displays and Fluorescents (Re: RISKS-4.67) [...] Or the 60 hz beat. I personally keep the window blinds open as long as possible since sunlight is better for stress and depression than most (read 'our') artificial lights. Brad Davis {ihnp4, decvax, seismo}!cs.utah.edu!cai.utah.edu!b-davis ------------------------------ From: rochester!kodak!grodberg@seismo.CSS.GOV (jeremy grodberg) Date: 26 Mar 87 22:23:45 GMT To: mod-risks@seismo.CSS.GOV Subject: About CRT related injuries: Date: 26 Mar 87 22:23:44 GMT Since I started working as a professional computer programmer, my eyesight has deteriorated from better than 20/20 to 20/60, with the bulk of that change (20/20 to 20/40 coming in the first 4 months). I have seen 3 different opthomologists who all agree my eysight degradation is due to excessive reading, but have been unable to stop the decay with glasses, excercise or drugs. I have now been at it 2 summers + 1 year since the first problems, and have little hope of reversing the damage even if I give up reading all together. While this injury is not necessarily related to CRT's, it is indicative of injuries that are occupational hazards with little hope of avoidance. My choice was to either lose (to some extent) my eyesight or switch to another profession. Until I am able to support myself some other way, I pretty much have to sacrifice my eyesight. Jeremy Grodberg Usenet: ...rochester!kodak!grodberg ------------------------------ Date: Wed, 25 Mar 87 20:55:59 PST From: dgc@CS.UCLA.EDU (David G. Cantor) Subject: Conference on Computers and Law Apparently-To: risks@sri-csl.arpa IFIP CONFERENCE ON COMPUTERS AND LAW A Technologist's Guide Through Legal Pitfalls and Pathways October 21-23, 1987 at Santa Monica, California Sponsors: IFIP Technical Committee On Computers and Society and Los Angeles County Bar Association Law and Technology Section WHO'S IN CHARGE: Technology, law or the professional? Technical and policy professionals are being forced to confront a maze of nascent legal realities and threats. These span private contracts, tort liability, the public interest, iminal prosecution, and myriad other issues and relationships, and encompass the regulation and protection of technology and data as derived from economic and political rights. Yet many problems are ill-defined and solutions are not widely recognized. CONFERENCE AIMS: To bring together computer and information professionals who must make technology-based decisions and lawyers who are faced with representing their interests in order to identify common problems, to explore the dimensions of their alternatives, and to understand the consequences of their responses. SUGGESTED TOPICS: Taxation and computing Protection of intellectual property rights Information-system imes and defenses Legislative policy and technical issues Telecommuting and independent contracting Export-Import controls Computer security---fact and fiction Civil vs. criminal remedies: Victim options Computer policy in developing nations Government information policies Database abuse: Public responsibility and private gain Recognizing and minimizing exposure for product and service liability International contracting for hardware, software, and computer services Malpractice potential: Computer delivery of professional services Resolving computer-contract disputes: Techniques and standards Emerging technologies: Enyption, artificial intelligence, networks, and other problem areas Public (dis-)service: Automating the criminal justice system Independent verification and validation of computer generated information Papers should strive to report important experiences and to identify key, open areas. We encourage tutorials for non-specialists, and presentations supported by check-lists and procedural guides. We also solicit panel-discussion proposals. Provocative comment is welcome. HOW TO SUBMIT: Original papers of up to 5000 words (20 double-spaced pages) are invited on the above and related topics. Papers which highlight actual user experiences, with specific legal entanglements or solutions, are preferred over abstract explorations. Papers will be refereed and accepted papers will be published in the Conference Proceedings. Format instructions for camera-ready copy will be provided when the paper is accepted. Please send FOUR copies of the paper, including a 300-500 word abstract, to the CONFERENCE CHAIR, Michael M. Krieger, P.O. Box 24619, Los Angeles, CA 90024, 213-394-4356, Internet: complaw@math.ucla.edu IMPORTANT DATES: Papers due: May 6, 1987 Acceptance: June 5, 1987 Final copy due: July 15, 1987 ORGANIZING COMMITTEE: Jay BloomBecker, Los Angeles (program chair), Richard Bernacchi, Los Angeles David G. Cantor, Malibu Steve ocker, Los Angeles Eric Delissy, Geneva Charles Firestone, Los Angeles Jochen Haber, Los Angeles John Helly, Los Angeles Richard Horning, San Franscisco Leonard Kleinrock, Los Angeles Dr. Wolfgang Kilian, Hanover John Lautsch, Anaheim Ira D. Moskatel, Beverly Hills T. R. H. Sizer, Farborough Dr. Artur Solarz, Stockholm Wilhelm Steinmuller, Bremen Alan S. Wernick, Columbus David C. Tunick, Los Angeles (proceedings editor) ------------------------------ Date: Wed 25 Mar 87 10:58:44-EST From: LINDSAY@TL-20B.ARPA Subject: Re: runaway motors [and a fish tale?] To: risks@CSL.SRI.COM Theatrical riggers are not the only people in the world with computer- controlled motors. Some friends of mine set a good example when they retrofitted computer controls onto a mechanical stereo-interpreter. This machine is used to make topographical maps from aerial photographs ("stereo pairs", hence, "stereo-interpreter"). The machine had a mechanical stage, with arms driven by ultra-precise worm gears. The stage had mechanical stops - that is, solid objects which the arms would have to run into before leaping onto the floor. My friends changed the drive, of course, and the resulting machine was quite fast. I recall seeing the arms travel six feet in under a second. (This includes decelerating to a stop.) The machine acquired several layers of computer equipment. At the low level, there was a microprocessor per motor, and detection hardware so that precision could be obtained by feedback. At the higher level, of course, one made maps. The design incorporated simple limit switches. These switches tripped when the arms got out of bounds, and shut off the power to the motors. The basic idea was to keep the arms from hitting the mechanical stops at high speed. This would prevent damage to the arms, and also, would prevent then from bouncing over the stops and onto the floor. The wise thing that my friends did, was to install the limit switches FIRST. The computer interface to the limit switches was added LAST. In the course of the project, it was noticed that there was a single major failure mode. The arms would go past the limit switches at maximum acceleration. This was the result of practically anything - timing glitches, byte-ordering bugs between machines, reading a device register while it was rippling, you name it. I heard a related story from a friend working on irradiation therapy machines. He reported that an older machine of theirs was once involved in an tragedy. Reportedly, a patient had been killed because the hydraulics ran away, and crushed the patient against the radiation shielding. The operator had hit the emergency-off switch, AND IT DIDN'T WORK. The switch removed power from most of the machine - but not from the hydraulics. And then, there is the story that I heard about a real-time programmer who was computerizing a fish-filleting factory. As I heard it, a side effect of debugging was that he got to feed every stray cat in Stockholm ... Don Lindsay [This is known as REEL-TIME Programming. Must have been "Salmon-Chanted Evening" for the cats. PGN] ------------------------------ Date: Thu, 26 Mar 87 02:31:36 MST From: donn@utah-cs.arpa (Donn Seeley) Subject: the social implications of inadvertent broadcasts To: risks@csl.sri.com [This is somewhat marginally relevant, but it seemed worth including anyway. PGN] I happened upon this in the New York Times (3/21/87, p. 12). '... [I]n February, The China Daily reported this week, ... a woman trying to copy an obscene film called "Massage Girl" at a television station inadvertently broadcast 20 minutes of the movie to homes throughout Guangdong Province. The woman was arrested.' I live in a state where the attorney general's office has spent $600,000 in public funds to appeal a ruling that the legislature's cable TV censorship law is unconstitutional, and where a local newspaper that has recently stopped printing the controversial comic strip Doonesbury is now debating whether to continue to buy the strip and not publish it so that the population at large need not suffer from its presence. An 'inadvertent broadcast' like the one described above could have a serious impact on civil liberties here, especially if it occurred on a cable channel. Donn Seeley University of Utah CS Dept donn@cs.utah.edu ------------------------------ Date: Wed, 25 Mar 87 15:08:58 PST From: Andrew Klossner To: risks@CSL.SRI.COM Subject: Re: Increased Telephone Switching Capabilities This topic was discussed at length in the TELECOM list. Some items ... "I discussed this article with a friend, who [asserted that] the information (calling #) is already available, and is encoded somehow just prior to the ring spike on the receiving line." There is no truth to this statement. Under normal circumstances, when the originating and receiving exchanges (CO's) are different, the receiving exchange has no way of knowing the origination number. "I don't see any obvious risks to the new features." On of my concerns is that, with these features, I can no longer keep my unlisted phone number private. If I call a local department store to get their price on a pair of shoes, I may start getting unsolicited shoe sales calls from all over. Merchants would be motivated to collect and sell lists of phone numbers of consumers with particular interests, just as they now collect and sell mailing addresses. (And I can't make use of that "call screening" feature; what if my daughter is in trouble and tries to call home from a phone booth?) MORE: Re: Michael Wagner (RISKS-4.67) "1) the 911 emergency number in Toronto displays the number from which a call was made... An originating exchange sends the information only when it's using the special 911 subsystem. (At my exchange this goes out on a special trunk directly to the 911 center, it doesn't travel between exchanges.) The implications don't follow. "2) The University of Toronto recently switched over to a Centrex III system. Certain (secretarial) phones can now display the number called and the number calling. The number calling works only if the call originated within the centrex exchange. It is not clear whether the restriction is technical or legal... It's technical, that's the Centrex system talking to itself. -=- Andrew Klossner (decvax!tektronix!tekecs!andrew) [UUCP] (tekecs!andrew.tektronix@csnet-relay) [ARPA] ------------------------------ Date: Wed 25 Mar 87 11:19:30-EST From: LINDSAY@TL-20B.ARPA Subject: Re: phone number of caller To: risks@CSL.SRI.COM At first glance, it seems simple to be told where your caller is calling from. All that one needs is a small display: after all, exchanges are computerized now, aren't they ? Well, yes, new ones are. Also, new exchanges tend to be bigger: several exchange numbers are implemented by a single office, rather than being one-for-one. And, of course, if all the action occurs within a single exchange, then the features that are offered are just a Small Matter Of Programming. However, old phone exchanges are still with us. Projected reliability used to be stated as outage-time per forty years ! Also, old designs were being built until recently. For example, Bermuda bought a mechanical stepping exchange (from Philips) in the early 1970's. When authorities try to trace phone calls, the major stumbling block is usually that the call has crossed one or more boundaries between exchanges. Tracing then becomes a serial process, and it used to involve a human at each physical location. A person wishing to (say) utter death threats was quite difficult to catch, particularly if rural equipment was in the chain. Of course, we will eventually resolve these problems. Mad bombers will respond by using pay phones, unattended autodialers, and other tactics. Don Lindsay ------------------------------ From: rochester!kodak!grodberg@seismo.CSS.GOV (jeremy grodberg) Date: 26 Mar 87 22:58:38 GMT To: mod-risks@seismo.CSS.GOV Subject: Who called? (Re: RISKS DIGEST 4.66 and 4.67) Date: 26 Mar 87 22:58:37 GMT According to _High Technology_, a caller placing a call from an unlisted phone can prevent the number from being displayed on the destination phone by entering a code. The phone company equipment still gets the number though, so the person being called can call still call the person with the unlisted phone number (using a feature which dials the number of the most recent incoming call), although there is no (legitimate) way to actually determine the unlisted number. Jeremy Grodberg ------------------------------ Date: Wed, 25 Mar 87 09:24:37 pst From: dual!paul@ucbvax.Berkeley.EDU (Paul Wilcox-Baker) To: ucbvax!CSL.SRI.COM!RISKS Subject: Hang-ups [Re: RISKS-4.67] > As far as I know it depends on the "office" (telephone company term for > switching equipment) connected to your phone... An electronic office will > close the connection as soon as either party hangs up. Actually, this is not true. For most electronic exchanges in the U.S., the connection is held until about 20 seconds after the called party hangs up, or whenever the calling party hangs up. This is supposed to let the answering party hang up one phone, move to a different room and continue using another. The timeout is reset every time the phone goes off-hook. This causes the apparent inability to get rid of the incoming call. The best solution to obnoxious electronic calling machines is legal - ban the damn things! Paul Wilcox-Baker. ------------------------------ End of RISKS-FORUM Digest ************************ -------