10-May-87 19:19:01-PDT,12433;000000000000 Mail-From: NEUMANN created at 10-May-87 19:17:43 Date: Sun 10 May 87 19:17:42-PDT From: Peter G. (coordinator) Neumann Subject: RISKS DIGEST 4.82 Sender: NEUMANN@CSL.SRI.COM To: risks-list@CSL.SRI.COM RISKS-LIST: RISKS-FORUM Digest Sunday, 10 May 1987 Volume 4 : Issue 82 FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Information Age Commission (PGN) Another computer taken hostage (Joe Morris) Larceny OF Computers, not BY Computers (Pete Kaiser) Risks of superconductivity (Eugene Miya) UK Liability Law (follow-up) (Brian Randell) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, nonrepetitious. Diversity is welcome. (Contributions to RISKS@CSL.SRI.COM, Requests to RISKS-Request@CSL.SRI.COM) (Back issues Vol i Issue j available in CSL.SRI.COM:RISKS-i.j. MAXj: Summary Contents Vol 1: RISKS-1.46; Vol 2: RISKS-2.57; Vol 3: RISKS-3.92.) ---------------------------------------------------------------------- Date: Sun 10 May 87 18:41:52-PDT From: Peter G. Neumann Subject: Information Age Commission legislation in the works? To: RISKS@CSL.SRI.COM The Information Age Commission Act is intended to ``create a forum for discussions and targeted research on the present and future impact of computer and communication systems on our nation and its citizens.'' This year's bill, S.786, is causing a lively controversy. Sponsors are Senators Sam Nunn (D-GA) and Frank R. Lautenberg (D-NJ). (Last year's bill passed the Senate, but did not make it through the House.) Apparently most industry trade associations (except ADAPSO) are lining up against it. Some think that if such a commission must exist, then it should represent industry views only. The view of your RISKS moderator (unofficially, of course, especially since RISKS does not pretend to speak offically for the ACM) is that such a commission COULD be wonderful -- if it is not a case of the fox watching the chicken coops, and if it does not become a bureaucratic tarpit. Otherwise it could be a disaster. There is much background on the issues in an article by Willie Schatz in Datamation, 1 May 87, pp. 32,37,38,40, which quotes a CBEMA issue paper saying ``there is no specific or even identifiable need, purpose, or focus for this commission, that it would be a government commission in search of a mission. The paper also contends that the commission could become a forum for "promoting sensational but unfounded allegations about the societal effects of modern information technology. The commission would needlessly provide a highly visible forum for those who retard the information age." '' [Side note to Herb Lin: Herb, have you ever shown Senators Nunn and Lautenberg copies of OUR RISKS Forum??? Are we retarding (or retarded?) PGN] ------------------------------ To: risks@csl.sri.com Subject: Another computer taken hostage Date: Sun, 10 May 87 13:38:30 EDT From: Joe Morris (jcmorris@mitre.arpa) From the Washington Post, Sunday 10 May 87: > FIRM, EX-OFFICIAL AT LEGAL LOGGERHEADS > Lakeland, Fla. -- The former chief financial officer at an insurance company > is holding the firm's computer files hostage with a coded password known only > to himself, a lawsuit charges. > Golden Eagle Group Ltd. wants a judge to order George C. Coker, Jr. to reveal > the password he programmed a week ago into the company's computer, which > Golden Eagle says contains current accounting in excess of $400,000 and > extensive background data. > Coker contends that certain computer files are his property and says he will > reveal the password only if allowed to keep an IBM personal computer, which > he said was given to him in exchange for working overtime, plus his last > paycheck, a letter of reference and a $100 fee. That's the entire article, verbatim unless I've missed a typo. It doesn't say anything about the size of the company, whether there had been any warning about disputes between Coker and the company, or any other data we could use to figure out what measures should have been taken to answer the risk which is now visible. I suspect, however, that the RISK question is in the same class as one I have never been able to answer for myself: at what point is it appropriate to trust a single individual in a process, as opposed to the cost of never letting one person do anything without another qualified person present? Should graveyard shifts with a single operator be prohibited? Should I double the number of system programmers in my shop so that no programmer ever does anything alone? There's no question about the risk such situations cause; the question involves the economic penalties of reducing the risk. For that matter, the article doesn't say if the data is from a mainframe or a micro. How do you handle a no-solo policy on a personal computer? And note that audit trails wouldn't help here; there's no question about who did what to the system. Offsite backups might help, but (a) Coker might have been in a position to sabotage them, and (b) if the data is more current than the backups, they're worthless. Let's see a show of hands of RISK-readers who can swear that all data in their systems (mainframe AND micro, please) is currently backed up off-site...on second thought, forget it. ------------------------------ Date: 08-May-1987 0837 From: kaiser%renko.DEC@decwrl.DEC.COM (Systems Consultant; DTN 297-4445) To: risks@csl.sri.com, kaiser%renko.DEC@decwrl.DEC.COM Subject: Larceny OF Computers, not BY Computers A few days ago a computer seems to have been stolen from a laboratory I know of. It can't have been difficult to steal; it was a MicroVAX 2000, and if you haven't seen one, they're 5.5" x 11.25" x 12.75", small enough to fit in an athletic bag or a sample case. I know; I've done it. It's not known yet, of course, who took the machine, but it is known precisely when it happened, because the machine was a member of a local area VAXcluster whose boot member (home base, with the system disk, etc.) was elsewhere on the Ethernet in another, better-secured laboratory; and when the MicroVAX 2000 was turned off, its absence from the cluster was immediately registered by the boot member. Hmm. Does RISKS cover risks TO computers? Pete Kaiser%renko.dec@decwrl.dec.com decwrl!renko.dec.com!kaiser DEC, 2 Iron Way (MRO3-3/G20), Marlboro MA 01752 617-467-4445 [Sure, why not? If a computer is stolen while involved in a critical application, that is part of the system risk... PGN] ------------------------------ To: risks@csl.sri.com Subject: Risks of superconductivity Date: 08 May 87 10:47:54 PDT (Fri) From: eugene@ames-nas.arpa The current issue of TIME has two articles of interest: the smaller is the battle of the "hard" versus "soft" scientists with Serge Lang in one corner and Herbert Simon {indirectly} in another. I tend to side with Lang in this case. The cover story is about recent advances in superconductivity. I am surprised that RISKS has not jumped on this topical band-wagon. I note some interesting things in the omission (since we have had the argument that the omission of computers we have regarded is a RISK). 1) computers were probably not used. 1a) If computers had been used could we not have had superconductivity sooner? Could not people have been "saved" sooner if higher-temp superconductivity was around sooner? {I doubt it and so does PGN.} 1b) Is this a sin of omission of computers? {Probably not since there is more to understanding this universe than what is simulated on computers.} 2) The use of the word "tinkering" was prominent. I know Peter Denning does not regard tinkering as experimentation. The theory around superconductivity is poorly understood. Perhaps, physics should do less tinkering. 8-) 3) What are the risks to superconductivity? Don't higher speed trains means higher speed train crashes? (Ah yes, but the benefits outweigh the risks...) The computer science people worry, but this does not stop the physicists. What about all that LN2 out there? Will there be increased cases of frostbite? 8-) (Assuming we don't make room-temperature.) 4) A social commentary about the rate of technological change was made regarding the Super Collider (the SSC). Should that project wait or should it proceed? Similarly, should computing people jump on the superconductor bandwagon? Only ETA systems has LN2 cooled computer systems on the market. I think the reality is that we won't see this material in the computing arena for about 20 years because a) a lot of effort will have to be made to determine whether room temperature materials exists and b) that waiting will delay use of the current material (whether a) works or not): just like waiting for a better computer. Oh, on the 20 year time frame, the question is could existing computers shorten that time frame? One more thought: I'm surprised there was no RISKy commentary on Fred Brooks "Silver Bullet" article. --eugene miya, NASA Ames ------------------------------ From: Brian Randell Date: Fri, 8 May 87 17:39:38 bst To: RISKS@csl.sri.com Subject: UK Liability Law (follow-up) The item I sent in recently from Datalink (of March 23) about proposed new Product Liability legislation in the UK contained a brief quote fromn Martyn Thomas (Chairman of Praxis, a UK software house) which gave an over-simplified view of his, and his company's, attitude to the use of formal methods. I therefore thought it only fair to pass on a slightly fuller quote from a letter by Thomas which appeared in the May 4 issue: "There are many mistaken views of formal methods, born from fear and ignorance. Formal methods are no panacea. Their use does not guarantee error-free systems. They are intended to make reviewing and testing easier, not to make such activities unnecessary ... if a software developer chooses to write down an important requirement or design decision using an imprecise language, when a precise one is readily available, then he has acted unprofessionally. If someone suffers damage as a result of that unprofessional act, it is right that they should be compensated. Customers whose life or business depends on their computer systems working correctly will increasingly want the assurance that their software developers are applying the best available methods. In many cases, this will include the rigorous use of formal methods." I can readily accept such comments - what concerns me is whether it will ever be possible to make reasoned judgements about the risks attendant on using a given complex program, and about how best to apportion resources amongst the various different techniques, such as verification, testing and the use of design redundancy, which might assist in achieving some given required level of reliability from the program. Brian Randell - Computing Laboratory, University of Newcastle upon Tyne UUCP : !ukc!cheviot!brian JANET : brian@uk.ac.newcastle.cheviot ------------------------------ From: jon@june.cs.washington.edu (Jon Jacky) To: neumann@csl.sri.com, brian%kelpie.newcastle.ac.uk@Cs.Ucl.AC.UK Subject: Re: the Marconi deaths - an interesting fictional treatment Date: Fri, 08 May 87 09:13:25 PDT ReSent-To: RISKS@CSL.SRI.COM I recommend the novel, THE WHISTLE BLOWER, by John Hale. The plot concerns a British computer specialist who dies in an unlikely accident. Much better written than the usual thriller - really transcends the genre, as the critics like to say. Sorry, I don't have the publisher, I returned the book to the public library a few weeks ago, but it seems it was a U.S. reprint of a novel originally published in the U.K. - Jon Jacky, University of Washington ------------------------------ End of RISKS-FORUM Digest ************************ -------