RISKS-LIST: RISKS-FORUM Digest Monday 15 August 1988 Volume 7 : Issue 35 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Re: Privacy (difficulty of witholding "private" information) (Jon Jacky) Re: Keeping Autos and Drivers in Suspense (Win Treese) Re: Cascaded inference (G.L.Sicherman) Re: "Eye focusing found to be VDT hazard." (Brint Cooper, Anthony G. Atkielski, Jeremy Grodberg) Can current CAD/simulation methods handle long-term fatigue analysis? (John R. Galloway) ATMs and PIN protection: twice silly victims in Boulder (Gary McClelland) Re: Orbit 100,000 self-guided "brilliant" weapons ... (Amos Shapir) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line (otherwise they may be ignored). REQUESTS to RISKS-Request@CSL.SRI.COM. FOR VOL i ISSUE j / ftp kl.sri.com / login anonymous (ANY NONNULL PASSWORD) / get stripe:risks-i.j ... (OR TRY cd stripe: / get risks-i.j ... Volume summaries in (i, max j) = (1,46),(2,57),(3,92),(4,97),(5,85),(6,95). ---------------------------------------------------------------------- Date: Mon, 15 Aug 88 09:15:05 PDT From: jon@june.cs.washington.edu (Jon Jacky) Subject: Re: Privacy (difficulty of witholding "private" information) > (In RISKS 7(34) Willis H. Ware recommends (in response to a posting > about nosy questions on warranty cards): (people are) under no obligation > to answer all manner of questions in such a situation - (try) saying NO > when asked for personal information... This is good advice. However, the implication of this posting, that individuals can significantly control information about their activities that is collected by firms they do business with, is not true in general. Information about you that firms learn in the course of doing business with you is their property, not yours. It has significant commercial value which some firms exploit aggressively. Much of the commercial value derives from the ability to process this information by computer. Some of the firms that do this are utilities, so you do not have the choice of "saying NO." For example, the local telephone operating company in the Seattle area has offered a service in which it makes its directory listing information available to other marketing firms in machine readable form. Salespeople have always been able to work through the telephone book of course, but the value that the computer adds is that the listings can be processed in various ways. Most obviously, the marketer can ask for just the phone numbers in a given set of zip codes to focus on particular neighborhoods. Having the data in machine readable form makes it easy to match against other databases the marketer may have. Note that this is a product that the phone company sells, just like it sells local telephone service. There was a bill introduced into the Washington State legislature that would have prohibited utilities from reselling information about any customer without that customer's written permission. It was killed in committee due to lobbying efforts by utilities. > (Willis Ware says) Information intrusion and its consequences is just > another one of those risks of living in this world. I believe this takes a much too passive view of the situation. Information about individuals (the real stuff of which privacy is an abstraction), like many other commodities of value, is being struggled over by different parties that have competing and somewhat incompatible interests. Who eventually ends up with what will result from a combination of laws, regulations, legal proceedings, and market activity. The exact contents of these remain to be seen, but participants who take a passive view of this struggle are likely to wind up with very little. - Jon Jacky, University of Washington [By the way, the Sunday New York Times of 31 July had a nice article by John Markoff on this general subject, including mention of the American Express practice of selling off selective mailing lists (e.g., rich tennis players who frequent resort hotels). PGN] ------------------------------ Date: Sat, 13 Aug 88 18:56:28 EDT From: treese@ATHENA.MIT.EDU Subject: Re: Keeping Autos and Drivers in Suspense In RISKS 7.33, Joseph Beckman describes Sam Peltzman's studies on seatbelt usage leading to no net decrease in auto accident fatalities. It is worth noting that Peltzman's studies were highly controversial and the methodology was somewhat questionable. Later studies did not show the same results. Unfortunately, I do not have any references available now, but there was a time when I researched the literature on this quite extensively. The bottom line is still that wearing seatbelts is a good idea. Win Treese, Digital Equipment Corporation/MIT Project Athena Affiliation given for identification purposes only. [Aggressive drivers who feel safer because they are belted up are more likely to be hazardous. The computer analog relates to overly endowing your system -- the results are more likely to be hazardous. PGN] ------------------------------ Date: 13 Aug 88 22:18:31 GMT From: ihnp4!whuts!shqer@att.att.com From: ihnp4!odyssey!gls (g.l.sicherman) Subject: Re: Cascaded inference (in RISKS-7.33) In Risks Digest 7.33, cfeehrer@BBN writes: > > ... What may have gone wrong in the Vincennes case is that not all of the > information that was available came to be used. Most notably, perhaps, > the diagnostic value associated with target aspect ratio, which the > press tells us was more-or-less head-on and at short range relative to > the design envelope of Aegis, did not enter into the decision in a > formal way. ... Cfeehrer goes on to discuss the use of a-priori probabilities and Bayes's rule, and describes how "cascaded inference" can go badly wrong. I agree completely, and would like to extend the discussion. For many years the A.I. research community has been divided over which is more important in an intelligent system: a big knowledge base or clever inference methods. In the field, a majority of researchers seem to prefer clever inference methods, mainly because knowledge is hard to come by and harder to encode. Meanwhile, the probability and statistics research community is divided into Bayesians and non-Bayesians. (There are other important philosophical controversies in probability and statistics, but I won't go into them here.) In brief, the Bayesians hold that to get useful probabilities by calcu- lation, you must calculate them from known a-priori probabilities. The non-Bayesians hold that you can get useful probabilites even without knowing enough a-priori probabilities to let you apply Bayes's rule. The non-Bayesians accept Bayes's rule--and seek to augment it. A non-Bayesian theory prominent in A.I. research is that of A. P. Dempster, as formalized by his student G. Shafer. This theory seems to be popular because (1) its formulas can be computed routinely, and (2) being non-Bayesian, it can dispense with some a-priori probabilities that Bayesians would regard as necessary. Whether the Dempster-Shafer theory is a valuable contribution to probability theory or a worthless and misleading exercise is yet to be established. It falls in roughly the same grey area as Fuzzy Set Theory. I'm a Bayesian myself; I have little to add to Boole's remarks on this subject in his _Laws of Thought._ I'm not too worried about "certainty factors" and similar oddities in the world of probabilistic computation. But I shudder at the risks of using military systems that ignore some of the fundamental a-priori probabilities in the field! When such systems take appropriate action, it can only be considered a fortunate accident. Col. G. L. Sicherman ------------------------------ Date: Fri, 12 Aug 88 19:53:07 EDT From: Brint Cooper Subject: Re: "Eye focusing found to be VDT hazard." Denis Haskin quotes the Boston Globe, "A deterioration in eye focusing among people in their 20s and 30s was the No. 1 problem found in 153 patients treated at the university's Video Display Terminal Eye Clinic..." Then, he reports his own experience, "I've been working with display screens for about the last five years,...on my last exam the doctor recommended (glasses and) I have noticed a difference." I suggest that this sort of thing proves nothing. All my life, I have known people who read a great deal in their childhood and wound up with extreme nearsightedness. I knew a chap who repaired small timepieces most of his life and, in his 60's was nearly blind. No one suggested that books and precision repair are risky to one's vision. Perhaps any intensive visual activity, unbroken over long periods of time, can lead to vision problems. I suggest that multiply blind, retrospective and comparitive studies of all these risk phenomena are long overdue. "Risks of using computers must be assessed against the risks of not using computers." _Brint ------------------------------ Date: Fri, 12 Aug 88 19:46 MST From: "Anthony G. Atkielski, Honeywell Bull Inc." Subject: Eye Focusing and VDTs I've been working with VDTs since 1980, and I'm now 27 years old. Long ago I noticed that my right eye didn't focus very well on distant objects. The way that eye behaved (trying to focus, overcorrecting, etc.) made me suspect that the constant close-up work with the VDT was reducing the ability of my eye to accommodate for distant vision. The problem goes away after a couple days away from the CRT, and no similar problem has manifested in the left eye. My ophthalmologist tested my eyes and found nothing wrong (!); he said there was no evidence to indicate that using VDTs over long periods permanently affects vision. It's interesting to see a news item that mentions exactly the problem I've noticed, among people in my age group. If there really is a link between VDTs and some focusing problems, what can I do about it? I still have to use a VDT every business day (I'm using one to compose this message). I'm not going to get glasses because I have the distinct feeling that the problem would eventually disappear if I could just stay away from a VDT long enough. What are my options? Didn't anyone notice problems like this in the days before VDTs? After all, VDT users aren't the first people to engage themselves in close-up work for long periods. Anthony Atkielski, Honeywell Bull Inc. ------------------------------ Date: 13 Aug 88 22:30:28 GMT From: jgro@pnet06.cts.com (Jeremy Grodberg) Subject: Myopia (near-sightedness) and VDT use Sender: hodge!rusty@uunet.UU.NET Are there any studies about extensive VDT use leading to Myopia? I had 20/20 vision when I started working as a programmer, and it has steadily gotten worse since. Further more, when I take a long absence from working (several weeks), my eysight seems not to change, but when I return to work, it seems to get worse rapidly. Maybe its my imagination, but I have no evidence that wht I thinks is happening isn't. Jeremy Grodberg ------------------------------ Date: Wed, 10 Aug 88 17:24:48 PDT From: John R. Galloway Subject: Can current CAD/simulation methods handle long-term fatigue analysis? As more and more of the design of (an aircraft say) is done on a computer, less and less of the design will be handled by "rule of thumb" type decisions. While this seems a good thing, I wonder if there is a down side concerning aspects of the design that were implicitly included in the old rule of thumb or handbook days (from years of experience) and are not necessarily included in the computer model. The case I am thinking of is the airliner a few months ago where the top of the fuselage riped off (en route from one of the Hawaiian Islands to another). Are current supercomputer simulation methods capable of handling the complexity of long-term stess, fatigue, corrosive environments, etc., all of which were (apparently) factors in the Aloha incident? Also I am not at all sure that such things were handled any better before wide-spread use of CAD -- I am just asking the question. Any aeronautical engineers out there? ------------------------------ Date: Fri, 12 Aug 88 15:45 MDT From: "Gary McClelland" Subject: ATMs and PIN protection: twice silly victims in Boulder The latest ATM scam from Boulder: The campus newspaper reports that a thief has been lifting bank cards from unattended backpacks in libraries on campus. A day or two later, the victim receives a call from a "bank security officer" saying that a suspect has been caught trying to use victim's stolen bank card to extract cash from an ATM. As part of collecting "police report" information, the "bank security officer" asks victim for the PIN so that he can complete the investigation. Victim gives the PIN over the phone and then "bank security officer" uses the stolen card and the PIN to extract maximum allowable cash limit. Is this why it is good to have a human link in computer security systems? Gary McClelland, U. of Colorado [For those of you whose response is, "What, another silly story like this one?", the point is that scams like this succeed with amazing frequency. We've had quite a few. PGN] ------------------------------ Date: 11 Aug 88 11:06:07 GMT From: nsc!taux01!taux02.UUCP!amos@Sun.COM (Amos Shapir) Subject: Re: Orbit 100,000 self-guided "brilliant" weapons, Reagan advised [in RISKS-7.33, contributed by Jon Jacky] >"It's effectively a shield over the planet, consisting of these things, and >if anything pierces the shield that doesn't come from an allowed launch >point... it gets knocked off," said Bruce McWilliams, who headed a lab team >that developed the optical sensors for "brilliant pebbles." How on earth are they going to reprogram these things when new launch points are used, which did not exist when the `pebbles' were launched?! Even if they can be made to be reprogrammable, how can anyone be sure that all 100,000 receive the message? And that's even before considering problems like hostile reprogram messages... Amos Shapir, National Semiconductor (Israel), 6 Maskit st. P.O.B. 3007, Herzlia 46104, Israel Tel. +972 52 522261 ------------------------------ End of RISKS-FORUM Digest 7.35 ************************