RISKS-LIST: RISKS-FORUM Digest Wednesday 21 September 1988 Volume 7 : Issue 56 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Runaway mouse problem in popular commercial WP program (Jon Jacky) Wrapping Britain round the Greenwich meridian (Jack Campin) Crime and (indifferent) Punishment (Glen Matthews) Software Mixup on Soyuz Spacecraft (Karl Lehenbauer) RISKS of (Suspected) Crooks Running Dinosaur-DOS (Fred Baube) Multiple reservations and single bills (Jacob Hugart via Markus Stumptner) Complete info on the Phobos 1 (Kaj Wiik via Ritchey Ruff) `Computer programmer convicted of creating "virus"' (Mike Linnig) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line (otherwise they may be ignored). REQUESTS to RISKS-Request@CSL.SRI.COM. FOR VOL i ISSUE j / ftp kl.sri.com / login anonymous (ANY NONNULL PASSWORD) / get stripe:risks-i.j ... (OR TRY cd stripe: / get risks-i.j ... Volume summaries in (i, max j) = (1,46),(2,57),(3,92),(4,97),(5,85),(6,95). ---------------------------------------------------------------------- Date: Mon, 19 Sep 88 09:17:04 PDT From: jon@june.cs.washington.edu (Jon Jacky) Subject: Runaway mouse problem in popular commercial WP program From COMPUTERWORLD, Sept. 5, 1988, p. 39: MICROSOFT SCRAMBLES TO HEAD OFF RUNAWAY MOUSE WITH WORD REWRITE -Steven Jones Users running Microsoft's Mouse and Word 4.0 software program on IBM Personal System/2 computers have inadvertantly sent Mouse on a wild spree by hitting an uncommon combination of keystrokes and clicks. The results include a variety of unwanted windows being opened and system freezes wherer the user cannot get into the command line. "It goes a little nutty," said Jeffrey Sanderson, Microsoft's group product manager for word processing. Microsoft said that, with the help of IBM, it determined the problem to be with the PS/2's mouse port when the mouse was used to point and click with Word. Sanderson said the problem was spotted last February when users started to complain about the wild mouse. In all, Microsoft received about 200 calls from users that had an encounter with the rowdy device. Microsoft made a slight modification to Word to quiet Mouse and began shipping the new version, called Word 4.00A, in May. While Microsoft said that Word was the only part of its application software line that experienced the problem, one user said he had similar difficulties when running Xerox Corp.'s Ventura Publisher. ... - Jonathan Jacky, University of Washington ------------------------------ Date: 19 Sep 88 15:20:36 GMT From: Jack Campin Subject: Wrapping Britain round the Greenwich meridian A point related to the discussion about averaging angles is made by John Lamb in the article "The everyday risks of playing safe" in New Scientist (8 Sept 1988). Describing the software used for air traffic control in the London area by the Civil Aviation Authority on its IBM 9020 machine he writes: "One of the more startling problems concerned the program's handling of the Greenwich meridian. The National Airspace Package, designed by IBM's Federal Systems division, contains a model of the airspace it controls, that is, a map of the airlanes and beacons in the area. But, because the program was designed for air traffic control centres in the US, the designers had taken no account of a zero longitude; the deficiency caused the computer to fold its map of Britain in two at the Greenwich meridian, plonking Norwich on top of Birmingham." Jack Campin, Computing Science Dept., Glasgow Univ., 17 Lilybank Gardens, Glasgow G12 8QQ, SCOTLAND work 041 339 8855 x 6045; home 041 556 1878 ------------------------------ Date: WED 21 SEP 1988 08:15:00 EDT From: Glen Matthews Subject: Crime and (indifferent) Punishment In the Montreal Gazette (Tuesday Sept. 20 1988) a report appeared that rounded out the story some months back re a Quebec firm selling welfare information illicitly obtained as a result of co-operation of government employees. Criminal charges against those involved were not laid due to a decision by Crown prosecutors in May. However, the two civil servants (by their actions I'd say most "uncivil" servants!) involved pleaded guilty to a violation of Quebec's welfare act when they gave out confidential information on welfare recipients. According to the report, they were traced by using "security devices built in to the computer system". It goes on to say that "each government employee has a computer code, which automatically is logged on all files he calls up". The two were fined $100. Government officials have refused to say what punishment the provincial government, their employer, has meted out. Possible measures range from an oral reprimand, a note in the employee's suspension, or firing. Had they been fired, I'd assume that this would have been stated. So, computer crime in Quebec, while perhaps not rewarded, is treated with little urgency. With such a lenient approach to malefactors, I wonder what other things are going on; certainly, this case provides no deterrent to future "hi-jinks". Glen Matthews, McGill University ------------------------------ Date: Wed, 21 Sep 88 8:00:04 CDT From: karl@sugar.uu.net (Karl Lehenbauer) Subject: Software Mixup on Soyuz Spacecraft According to Aviation Week (September 12, 1988, page 27), the second failed reentry of the Soviet Soyuz-TM spacecraft on September 7, the engines were shut down within seconds due to a computer problem: "Instead of using the descent program worked out for the Soviet-Afghan crew, the computer switched to a reentry program that had been stored in the Soyuz TM-5 computers in June for a Soviet-Bulgarian crew. Soviet officials said last week that they did not understand why this computer mixup occured." The article notes that the crew was committed to a reentry because they had jettisoned the orbital module that contained equipment that would be needed to redock with the Mir space station. The article also noted that Geoffrey Perry, an analyst of Soviet space activities with the Kettering Group, "said the crew was not flying in the same Soyuz that they were launched in, but instead were in a spacecraft that had been docked with the Mir for about 90 days. He said that is about one-half the designed orbital life of the Soyuz." -karl ------------------------------ Date: Wed, 21 Sep 88 10:43:07 -0400 From: "F.Baube" Subject: RISKS of (Suspected) Crooks Running Dinosaur-DOS The WashPost (Mon Sep 19) had a story on the procurement investigation. "Sometimes, however, investigators hit unexpected roadblocks. In a search of consultant James Neal last June, for example, FBI agents seized computer disks only to find they couldn't run them on the agency's computers. So they subpoenaed Neal's vintage machine, gently suggesting in the subpoena that he might be kind enough to help the FBI agents by demonstrating how it works. When Neal sought to have the subpoena quashed, [the judge] ruled that the government could have the computer for five working days. But, he added, "I don't understand a subpoena asking for assistance. The government will have to learn to work the machine itself." #include ------------------------------ Date: Mon, 19 Sep 88 20:06:54 -0100 From: mcvax!tuhold!markus@uunet.UU.NET (Markus Stumptner) Subject: Multiple reservations and single bills This is an article which appeared a few weeks ago in recs.arts.sf-lovers. It shows a case where, even after the error had become known, the hotel staff were unable to correct it. I have not attempted to verify the story. Only the hotel name was changed to protect the incompetent. (P.S. No mention is made in the article of a computerized reservation system. After reading it, however, I rule out the possibility of unsupported humans botching it this bad.) Markus Stumptner, Technical University of Vienna, Paniglgasse 16, A-1040 Vienna, Austria UUCP: tuvie!tuhold!markus = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = From: GWCHUGPG@uiamvs.BITNET (Jacob Hugart) Newsgroups: rec.arts.sf-lovers Subject: Conventions and Hotels Message-ID: <8808261600.AA12810@rutgers.edu> Date: 26 Aug 88 16:00:22 GMT Hotels, Conventions, and People don't mix. Here's a horror story for you. A good friend of mine, Jordan Orzoff, is a gamer. Not a geek, but a devoted role-player. Anyway, he was going to GM a game at GenCon/Origins, based upon a scenario he used on some of his friends. Because he was going to judge a game, he got his judge's pre-registration packet early. This came with a hotel reservation form which he filled out and listed me as a roommate. We received our confirmation from the Hotel (our first choice) and from GenCon. Great, no problem. When we arrived in Milwaukee, Wisconsin, we went to the and asked about our room. The desk person said that no rooms were available now, but a reservation for Nathan Orzoff and Jacob Hugart was listed. Here's where the fun begins. Jordan has a well-know cousin named Nathan Orzoff, who is well-known in some gaming areas, and whom Jordan had never met. We asked the desk person if there was another Orzoff listed, and he said no. He also said he'd change the first name. Jordan said he probably shouldn't, Nathan might show up. In any case, we couldn't check-in until 3pm. We arrive at 3pm. Jordan gets in line. After a bit, he calls me up and introduces me to his cousin, Nathan. Nathan and a friend had also reserved a room at the for GenCon. Unfortunately, I had a reservation with Nathan and Jordan had a reservation with Nathan's friend. All four of us were placed in the same room, with one double-bed. Since Jordan and I had our confirmations, we got the room right away, and Nathan and friend got one too, after a bit. Jordan payed his downpayment with Visa, I with American Express. After four days, when GenCon was over, Jordan and I had to check out. He had received two bills, one for him, one for me. When we looked closely at the bills, both of them had Nathan Orzoff's address on them, and mine had my name as "Jordan, Hugart" whereas Jordan's was "Orzoff, Jordan." So now we have five people in this room, according to the reservations: Jordan Orzoff, Nathan Orzoff, Nathan's friend, me (Jacob Hugart), and Hugart Jordan. All reserved and billed in the same room with one double-bed. Since the bills had a "Balance Due" line, we went to the desk and said we'd like to check out and pay our bills. The person at the desk looked up our account on the computer, and said we were already checked out. News to us. Also, our bills had been paid in full. More news. The desk person showed us the receipts we had signed. Fine. Jordan has a theory. He believes Nathan got stuck with our bills, and paid them. That would explain how we checked out before we checked out. But it doesn't explain why one bill would be paid on AmEx, the other on Visa. I liked the . But I wouldn't trust their reservation system as far as I can spit it. ------------------------------ Date: Wed, 21 Sep 88 14:07:33 PDT From: ruffwork@edison.cs.orst.edu Subject: This is via Kaj Wiik in Finland (he is an associate of Gilbert Leppelmeir). It is reprinted with permission (I suggest people try to get permission, it's not only the "correct" way to do it, but it can also be fun! Right, Eugene?). It was such a twisted set of "coincidences" it could only happen in real life. From this note the following questions come to mind: - the probes are programmed "real time" ? - they are programmed in a very low level language ? - the code isn't verified before transmission ? - there is no continous telemetry from the probe ? - there is no "sanity check" in the probe, and no "panic" mode (as several have told me NASA uses) to keep the probe from doing really dumb things ? At least the "hopper" is on Phobos 2 instead of Phobos 1... --Ritchey Ruff ruffwork@cs.orst.edu -or- ...!tektronix!orstcs!ruffwork ------- Forwarded Message Return-Path: @cunyvm.cuny.edu:kwi%kolvi.hut.fi@santra.hut.fi To: ruffwork@mist.cs.orst.edu (Ritchey Ruff) Date: Wed, 21 Sep 88 17:06:21 EET DST From: Kaj Wiik Subject: Re: Soviet Mars probe PHOBOS 1 communications lost enroute No problems, you can publish the notes. There were some inaccuracies in the original posting concerning the author, so could you please publish the following, corrected version. Kaj Wiik kwi@kolvi.HUT.FI kwi@finhutee.bitnet = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = Phobos I news Gilbert W. Leppelmeier 12.9.88 VTT (Finnish Technical Research Centre), Instrument laboratory At the last session of the meeting of the International Science Committee of the Spectrum-X-Gamma project, Friday, 9.9.88, Prof. R. Sagdeev gave a presentation of "all we know at present about what has happened to Phobos I". These are my notes from that presentation. (Not an official IKI announcement) A few weeks ago it was decided to move the control of Phobos I from the Crimean Space Center to a Center near Moscow. Among other things, this involved using a new computer with a different keyboard. Traps were installed in the new operating system to catch characteristic operator errors, including one wherein an operator now had to insert a particular character at the end of a command. If he failed to do so, a reminder would come on the screen asking him if he had forgotten to do so, and the computer would not continue unless the character were included, OR the operator specifically overode the computer. On 29.8.88 a very long message was being prepared for transmission to Phobos I. At one point, near the end of the message, the operator failed to add the character, the computer stopped, but failed to display the question on the screen. The operator thought it was a computer error and overode the stop. The absence of the particular character changed the bit pattern of the following instruction, into a bit pattern, not on the list of accepted commands, but which did call an area of the onboard ROM which had a list of possible commands, used in development and left there for possible future use. Unfortunately, the particular pattern created in this error translated into turning off the attitude control thrusters. Two days later the Control Center sent a message to Phobos I and received no answer. It is now believed that as the spacecraft slowly changed orientation it lost power, because the solar panels no longer faced the sun, and everything turned off. The serious concern is that many items [from private conversations I gather both in spacecraft support and instruments] need electrical power to avoid becoming too cold, and will be permanently damaged if they get too cold. Sagdeev listed the following points as links in the chain: - error on operator's part - computer failure - operator decision to circumvent computer - absence of cross checks - actual command sent able to enter ROM - The OB computer must be programmed to prevent suicide. [I believe RS said the OBCPU was 8-bit. You can't do much checking with such a small cpu on such a large spacecraft.] This is the first failure of a Soviet deep space spacecraft since 1972. Added 14.9: This is what I wrote when I returned from Moscow. Looking at my notes, I realise that the move of control center may have taken place on 29.8 and the transmission error later. ------- End of Forwarded Message ------------------------------ Date: Tue, 20 Sep 88 20:56:26 CDT From: linnig@skacsl.csc.ti.com Subject: `Computer programmer convicted of creating "virus"' From 9/19/88 Ft. Worth Star-Telegram A 40-year-old computer programmer was convicted last night of deliberately creating a computer "virus" -- a series of destructive programs, one of which was used to delete records from his company's computer within days after he was fired. A Tarrant County jury deliberated about six hours before convicting Donald Gene Burleson of harmful access to a computer with valued loss and damage of more than $2,500. Burleson's trial was considered a landmark case because he was the first person tried under a 1985 Texas law prohibiting computer sabotage. It also may have been one of the first such trials in the nation, trial Judge John Bradshaw told jurors after the verdict. Prosecutor Davis McCown said the verdict proves that computer crime is not impossible to prosecute. "The jury heard the evidence and did what they felt was best," McCown said. "This proves it is not an unprosecutable offense. It may be hard to put a case together, but it's not impossible." Burleson, of Irving, is scheduled to be sentenced this morning by Bradshaw, a retired state district judge who presided over the nine-day trial in Impact Court II in Fort Worth. The third-degree felony of which Burleson was convicted carries a possible punishment of two to 10 years in prison and a fine up to $5,000. As a first-time offender, Burleson is eligible for probation. Burleson already has lost a $12,000 civil lawsuit to USPA & IRA, the Fort Worth security brokerage and insurance company for which he worked until he was fired for unrelated reasons Sept. 18, 1985, just days before company officials discovered that 168,000 records of sales commissions had been deleted from their computer system. The computer virus was discovered by USPA & IRA employees as they worked feverishly to restore the records, which were deleted sometime after 3 a.m. Sept. 21, 1985, witnesses testified. Although hundreds of computer records and other documents were introduced during the trial, the main issue became the credibility of key witnesses, including Burleson and Duane Benson, a USPA & IRA senior programmer analyst who unraveled the destructive scheme he said was traced to Burleson. Benson, who spent four days testifying about how he uncovered the scheme, said the destructive programs were created Sept. 2 and Sept. 3, 1985, on Burleson's computer terminal by someone using Burleson's computer password. The automated virus series, which was designed to repeat itself periodically until it destroyed all the records in the computer system, never was automatically activated, Benson said. Instead, someone manually set one of the programs in motion Sept. 21, deleting the records, then covering his tracks by deleting the program, he said. But Burleson and a computer expert he hired contended that the virus and the related delete program could have been created by someone else using Burleson's terminal and password. Burleson contended that he and Benson did not get along and that Benson created the destructive programs to make Burleson look bad and Benson look good when he restored the damaged system. Prosecutors contended that Burleson, who had been fired, had more motive to destroy the records than did Benson, to whom Burleson confessed the sabotage a week after it was discovered, according to Benson's testimony. But Burleson's alibi was his undoing, one juror said. Burleson testified that he was more than 300 miles from Fort Worth on Sept. 2 and Sept. 3, and he produced a Texaco credit card receipt he said proved he had a tire repaired in Rusk on Sept. 3, on his trip home from Jasper. His son, father and former wife supported his alibi. But Burleson school attendance records show that Burleson's son was in school Sept. 3, not traveling with his father. A Texaco official said the receipt Burleson produced was printed October 1987, two years after the alleged transaction. And USPA & IRA records showed Burleson attended a staff meeting Sept. 3. "Three or four days ago, I was absolutely convinced he was innocent," juror Randal Scott Owen of Fort Worth said last night after the verdict. "But I feel he fabricated stories about his alibi. That just destroyed his credibility with us. "He didn't have the burden of proof, but he should have shrugged his shoulders and said, "I'm innocent and I have no proof,' " instead of fabricating evidence, Owen said. Eleven other jurors declined to comment before leaving the courtroom. And Owen acknowledged that the trial was hard on everyone. "I have a real problem sending someone to jail for a white-collar crime," he said. Burleson also declined to comment after the verdict, sitting slumped at the defense table as his attorney, Jack Beech, gave media interviews. "I was sort of surprised," Beech said. "I had expected a better verdict. We'll have to wait until after the sentence to decide whether we want to appeal." [Of course, it was a time-bomb, not a virus. But then so were many of the other so-called viruses. By now the popular press have completely perverted both "virus" and "hacker", but in any subsequent RISKS discussions, let's try to rise above that. BTW, I received shorter versions from Steve Smaha and Henry Cox, but in this case decided to go with the long one, for the possible interest of those of you whose local papers truncated. PGN] ------------------------------ End of RISKS-FORUM Digest 7.56 ************************