RISKS-LIST: RISKS-FORUM Digest Friday 12 August 1988 Volume 7 : Issue 34 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: "Eye focusing found to be VDT hazard." (Denis Haskin) Privacy (Again) (Willis Ware) "Virus" Bill (Jerome H. Saltzer, Steven C. Den Beste, Steve Kovner) A Visit To the Clinic (Brian Ellis) Aegis beaten by binoculars? (Trusting computers and/or people?) (Andy Coupland via Martyn Thomas) Airbus (George Michaelson) SDI rationalizations (Steve Summit) Re: Misidentification of persons as criminal by computers (Haynes) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line (otherwise they may be ignored). REQUESTS to RISKS-Request@CSL.SRI.COM. FOR VOL i ISSUE j / ftp kl.sri.com / login anonymous (ANY NONNULL PASSWORD) / get stripe:risks-i.j ... (OR TRY cd stripe: / get risks-i.j ... Volume summaries in (i, max j) = (1,46),(2,57),(3,92),(4,97),(5,85),(6,95). ---------------------------------------------------------------------- Date: Wed, 10 Aug 88 18:03:29 edt From: Denis Haskin Subject: "Eye focusing found to be VDT hazard." From the Boston Globe, Wednesday, Aug 10, 1988 BERKELEY, Calif. - Regular work in front of a VDT screen may cause a premature loss in the eye's ability to focus, according to preliminary research by a University of California optometrist. A deterioration in eye focusing among people in their 20s and 30s was the No. 1 problem found in 153 patients treated at the university's Video Display Terminal Eye Clinic, said researcher James Sheedy. The study, prepared for a symposium in Ohio, was the first clinical report of eye-focusing problems in VDT users. They may be right. I've been working with display screens for about the last five years, and lately (last three years) usually most of a working day. Until recently I had no need of glasses but on my last exam the doctor recommended some; they aren't very strong, but I have noticed a difference. My eyes are much less tired after a full day at a terminal now. Denis W. Haskin, Technical Analyst, Digital Review, Boston, MA ------------------------------ Date: Wed, 10 Aug 88 15:23:36 PDT From: willis@rand-unix.ARPA Subject: Privacy (Again) (Re: RISKS-7.32) Denny's article is a rehash of old points and old concerns but updated with a few contemporary examples. He fails to raise and comment on a central point. He asks (to paraphrase the point) what right a manufacturer has to ask all manner of personal questions on the warranty form. He should note (but did not) that he nor anyone else is under no obligation to answer all manner of questions in such a situation. The warranty in no way will be affected if he declines to answer. My best bottom line on personal privacy is this: 1. Information intrusion and its consequences is just another one of those risks of living in this world. 2. Each of us better be well informed of when we are legally obligated to answer questions and give personal information, and when we are not. 3. Each of us will have to understand that like other risks of living in our world, privacy will require us to take care of ourselves, using whatever mechanisms society and/or governments have provided and whatever innovations we can indvidually create. 4. To the extent that people behave like information-sheep and mindlessly answer every question put before them by any inquiring agent, then privacy will be eroded more and more and self-protection will become all the more difficult. Trying saying NO when asked for personal information; you'll be surprised at how often it won't make any difference. Willis H. Ware ------------------------------ Date: Thu, 11 Aug 88 00:27:31 EDT From: Jerome H. Saltzer Subject: "Virus" Bill (RISKS-7.33) > (a) Whoever knowingly -- > (1) inserts into a program for a computer information or commands,... > (2) provides such program to others in circumstances in which ... Wonderfully put. As I read that language, installing Sun NFS 3.0 in your favorite operating system and then running it at your site would be a felony. Perhaps this bill is not such a bad idea as it seems at first. (Not to pick on Sun . . . there are dozens of other good examples. Installing your vendor's newest system release without alerting all your users would probably become a felony, too.) Jerry ------------------------------ Date: Thu, 11 Aug 88 12:06:50 -0400 From: denbeste@OAKLAND.BBN.COM Subject: Re: "Virus" Bill It has been long known among law enforcement experts that severity of punishment is less of a deterrent than certainty of punishment. If a given crime has the death penalty, but only one change in a thousand of being caught, convicted and punished, then there is no deterrence. If the penalty is light but the chance of punishment is high, there is deterrence. (Which is why no-one throws rocks through the windows of the Police station or paints graffitti on its wall.) So it is with this bill. The penalty is as stiff as the constitution allows, but the chance of being caught is vanishingly small. The only virus-authors I have heard have been identified were boasting about it. If they'd kept their mouths shut, they wouldn't have been found. But just finding them, hard as it is, is the easy part. How do you prove that they are the author? JURY-prove, I mean. Even without this bill, there were potential penalties. A large corporation who was hurt by a virus could have sued the virus author, if they knew who it was and could prove it. But the search usually would have cost more than the damages. What this bill DOES do is give the FBI grounds for a serious search for virus authors. But what if the author is overseas? The current most common virus for the Amiga was written in Switzerland. Steven C. Den Beste, Bolt Beranek & Newman, Cambridge MA denbeste@bbn.com(ARPA/CSNET/UUCP) harvard!bbn.com!denbeste(UUCP) ------------------------------ Date: Fri, 12 Aug 88 10:27:52 PDT From: kovner%vsg1.DEC@decwrl.dec.com Subject: RE: "Virus" bill While I doubt the entire anti-virus bill was published in Risks Digest 7.33, the following excerpt seems to have problems: > (a) Whoever knowingly -- > (1) inserts into a program for a computer information or commands, > knowing or having reason to believe that such information or commands will > cause loss to users of a computer on which such program is run or to those who > rely on information processed on such computer; and This sounds like it makes the DELETE ( or rm ) commands illegal! Even more, what would it mean for operations people who have (and supply) command files to clean up disk areas? (e.g. PURGE on VMS or deleting *.tmp) UNIX(r) systems should have NOCLOBBER always set, and remove the >! construct. Gear up disk drive production if this takes effect. I hope there is something in the bill which excludes commands necessary to the normal functioning of the system, and those which allow the user to lose things himself. This should be written to cover only those "information of commands" which are surreptitiously inserted, or exist in programs which are not expected to erase data. Steve Kovner, Digital Equipment Corporation (The opinions expressed above do not necessarily represent the opinions of my employer.) ------------------------------ Date: Wed, 10 Aug 88 09:45:24 pdt From: ssc-vax!ssc-bee!ellisb@beaver.cs.washington.edu Subject: A Visit To the Clinic I went to a local medical clinic yesterday for the first time. After a few minutes I wondered if I had come to the right place. The first clue that something was wrong was the complaint of the couple in front of me in line at the front desk. They had received a bill in the mail for over 1,000 which was surprising to them since they had prepaid provider insurance. (Prepaid provider insurance allows the doctors office to bill the insurance company without the patient having to submit insurance claims). Furthermore their account number for insurance was also scrambled and didn't match the credit card that is usually provided with prepaid insurance. The receptionist explained that the computer had been broken and that they should ignore the bill since they should not have gotten it in the first place. When I went up to the desk upstairs someone was having to pay cash because "the computer is messed up and cannot bill your insurance directly". Of course I was depending on *my* prepaid provider plan to pay and had maybe 5 dollars to my name so I was a little concerned. I had also noticed that there were several assistants stashed in corners hand sorting what appeared to be bills. After the doctor found out I worked with computers he told me what had happened. The clinic had recently replaced their computer system with a new one and disposed of the old one. The new computer took the current balance * number of patients in family and produced bills for all the patients that had been in the clinic including people with prepaid provider type of insurance. A nurse who had worked at the clinic received a bill for over 4,000 dollars. Apparently it had taken her bill of approximately 80 dollars and multiplied it by both her immediate family, and her grandchildren. I hope they keep their medical information on a separate computer! Take 3000 aspirins and call me in the morning :-) It seems to me that using the new system that the clinic or the installer should have performed some kind of check before they converted over to the new system or at least run the two systems in parallel until they verified the operation of the new system. At least I would attempt to verify the new system before I mailed out bills to hundreds of angry customers. I guess I will have to wait till the end of the month and see how my bill comes back but since there is only one of me at least they should be able to calculate it correctly. At least my back is feeling better. It does make me a little angry that "the computer is always to blame" when it appears that the real fault lies with the humans that install, program, and feed the computer. I think I understand now why we test software and look at the results. I have seen more than one instance where the end user of a computer product trusted the computer so much that they stopped checking the results even when the were obviously wrong. Maybe we need to educate end users to not put blind faith in the computer and as software producers to test our software and make it as idiot proof as possible. Even a simple spot check of some of the bills at the clinic could have prevented an expensive and embarrassing mistake. Brian Ellis, Boeing Aerospace,Seattle, WA 98124-2499 (206) 773-2599 My boss has both opinions and humor but the views expressed here are mine. ------------------------------ Date: Thu, 11 Aug 88 10:11:55 BST From: Martyn Thomas Subject: Aegis beaten by binoculars? (Trusting computers and/or people?) The following letter appears in Flight International, 6 August 1988. Copied without consent. "When I was a kid I was intrigued by an advertisement for a pair of binoculars with which I would be able to see 'the craters of the moon' and 'France as if it was only a mile away'. I saved up and bought them, and when they arrived they were, in fact, a rather nice pair of wide-angle 10*50s. I never saw France, but I certainly saw the craters on the moon. The other day, from a vantage point on the South Downs, I thought I'd put the old 10*50s to the test again. Visibility was okay, but there was a lot of wind and fairly low cloud around. I looked in the general direction of Gatwick Airport and after only a minute I saw the unmistakable profile of a One-Eleven climbing out, smoking visibly. Then a slightly larger aircraft - almost certainly a 737, a -200 I'd say, the engines were not big enough to be a -300. These are some binoculars, I thought: even if France doesn't look a mile away, at least Reigate Hill does. Only a few minutes passed before a relatively huge shape climbed into the air - an ex-BCal DC-10, the overall design of the livery clearly to be seen. Not only was this a DC-10, and not a TriStar, but it was an ex-BCal '10. It turned north soon after take-off, and flew away from home a while, and even from this aspect it was definitely a '10. I watched it climb and turn, disappearing into cloud and then reappearing again. Good sport this, I thought, give me a clear day and I could follow a widebody all the way from, er ... well ... Bandar Abbas? Just a moment! What's going on? Am I really distiguishing between near-identical wide-body aircraft from all aspects at almost *three times* the slant range at which the captain of the USS Vincennes launched two Standard missiles and destroyed an A300? In disbelief I double-checked the scale of the map in the AA Book of the Road. No doubt about it, these aircraft are well over 20 miles away, and that '10 must have been 30 miles out when I lost sight of him. The Airbus was only nine miles out, at 7500 feet on a clear day when the missiles were fired. Okay, the A300 was motoring, but tell me which direction he was coming from and with my 10*50s I reckon I'd have narrowed the field to a 757, 767 or an A300 before you could say 'F-14' - and certainly before he got within nine miles. I've never seen an RCA Aegis system advertised in Exchange and Mart but, even if I do, I don't think I'll buy one. [signed] ANDY COUPLAND, 20 Holmcroft, Crawley, Surrey, RH10, 6TW " ------------------------------ Date: Fri, 12 Aug 88 11:25:31 +1000 From: George Michaelson Subject: Airbus Old news is no news but reflective journalism improves with age. The developments in the airbus crash mirror the situation of the late 19th C when warning devices began to be installed in Railway Engine cabs & signal boxes. Getting highly trained "elites" to accept a machine warning is hard. If they can switch it off, many of them will, until they crash themselves into extinction. Does history ALWAYS repeats itself? For me, the key point is NOT to let this stand as a reason to take a human out of the system. The system worked, the pilot failed, but PLEASE leave them in there. Aegis, is almost but not quite an opposite situation. Both the System AND its users failed. Some [me?] would argue aegis 'failed by design' since attempting to 'predict' with <100% accuracy something you cannot really 'see' is not the same thing as 'identifying' with accuracy something you might need to destroy. The failure was inevitable. Congressman Smith seems to show that the process of procurement for the DoD is sufficiently flawed as to make ANY complex system inherently doubtful. George Michaelson, CSIRO Division of Information Technology ACSnet: G.Michaelson@ditmela.oz Phone: +61 3 347 8644 Postal: CSIRO, 55 Barry St, Carlton, Vic 3053 Oz Fax: +61 3 347 8987 ------------------------------ Date: Tue, 2 Aug 88 22:23:47 EDT From: Steve Summit Subject: SDI rationalizations There's an article in the August Issue of Reader's Digest by Tom Clancy (author of The Hunt for Red October), entitled "Common Sense About Strategic Defense." Given RD's editorial stance, I was surprised to see this title until reading the article revealed that "Common Sense" entails that SDI is an appropriate, nay, desirable response to Mutual Assured Destruction (MAD). Most of the article is fairly predictable, relying on things like blind acceptance of the SDI "research" "results" reported so far, but the paragraph on software really made me laugh (or cry): Some opponents have questioned whether we could program computers with the millions of calculations necessary to fight a battle against ICBMs. I don't doubt we can. In the 12 years since supercomputers were introduced, these devices have moved from doing millions of calculations per second to billions, and are now about to exceed ten billion calculations per second. Those who believe our computing capabilities are not up to the challenge ignore the fact that a computer that once filled a building would now fit on their wrists. These people just haven't been paying attention. Steve Summit, scs@adam.pika.mit.edu ------------------------------ Date: Wed, 10 Aug 88 22:03:04 PDT From: haynes@ucscc.UCSC.EDU (99700000) Subject: Re: Misidentification of persons as criminal by computers We have had discussions of cases in which computer data bases wrongly identified innocent people as criminals. I just read an interesting counter- case, in a Bob Greene column in an Esquire magazine from a few months ago. Briefly, a man killed his live-in fiance, disposed of her body, and then reported her as missing and mounted an effort to find her so as to establish an alibi for himself. A police officer on the case suspected the man, for some reason, and tried to look him up in a computer database, presumably NCIC. He got nothing, so he tried variant spellings of the man's name and turned up the identity of a fugitive from justice with almost the same social security number and birth date as his suspect. Confronted with this, the man confessed to being the fugitive and waived extradition to be tried for the earlier crime. With further grilling he confessed to the murder. Greene also noted that while the Chicago police were looking for the missing woman, her unidentifiable body was found in Indiana where the murderer had taken it. But there was no communication between the two police agencies in this matter instance. ------------------------------ End of RISKS-FORUM Digest 7.34 ************************