RISKS-LIST: RISKS-FORUM Digest Tuesday 4 October 1988 Volume 7 : Issue 61 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Program Verification: The very idea (Brian Randell) RISKS of EPROMS (Daniel Klein) Poor user interface -- police system (rpg) Cash registers and tax (J Eric Townsend) Re: Cash registers (PGN) Fly-by-wire, absence thereof [MiG-29] (Henry Spencer) Re: A New Portal For The Offensive -- FAX ATTACKS (Greeny) Re: Is Uncle Sam selling your name to mailing lists? (Matthew Huntbach) More on monitoring Cellular Phones (Mike Linnig) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line (otherwise they may be ignored). REQUESTS to RISKS-Request@CSL.SRI.COM. FOR VOL i ISSUE j / ftp kl.sri.com / login anonymous (ANY NONNULL PASSWORD) / get stripe:risks-i.j ... (OR TRY cd stripe: / get risks-i.j ... Volume summaries in (i, max j) = (1,46),(2,57),(3,92),(4,97),(5,85),(6,95). ---------------------------------------------------------------------- Date: Wed, 5 Oct 88 9:56:39 WET DST From: Brian Randell Subject: Program Verification: The very idea I have just finished reading, with great interest and enjoyment, an article by J.H. Fetzer with the above title, which appeared in Comm ACM 31,9 (Sept. 88) pp. 1048-1063. In my opinion it is a very careful and lucid analysis of the dispute between, e.g., DeMillo, Lipton and Perlis on the one hand, and Hoare on the other, regarding the nature of programming and the significance of program verification. Its abstract is as follows: The notion of program verification appears to trade on an equivocation. Algorithms, as logical structures, are appropriate structures for deductive verification. Programs, as causal models of these structures, are not. The success of program verification as a generally applicable and completely reliable method of guaranteeing program performance is not even a theoretical possibility. The final chapter, entitled "Complexity and Reliability", is the one which most explicitly relates to the interests of the RISKS readership but its understanding requires a careful reading of much of the earlier part of the paper. The final chapter, incidentally ends as follows: In maintaining that program verification cannot succeed as a generally applicable and completely reliable method for guaranteeing the performance of a program, DeMillo, Lipton and Perlis thus arrived at the right general conclusion for the wrong specific reasons. Still, we are indebted to them for their efforts to clarify a conclusion whose potential consequences - not only for the community of computer science, but for the human race - cannot be overstated and had best be understood. Brian Randell ------------------------------ Date: Fri, 30 Sep 88 13:00:55 EDT From: Daniel Klein - 412/268-7791 Subject: RISKS of EPROMS The UV eraseable EPROMS that are found in many smaller computers are also subject to failure when their picture is taken. Yep, you read that correctly. Once when I worked for the Computer Engineering Center, we were taking publicity photos of one of our process control systems. The system was working just fine, but as soon as we took the photo, it crashed. Surprisingly, the system right next to it did not. We rebooted, the processor, took another photo, and "blam", it crashed again. What was happening was as follows: the system that was crashing had the lid off, while the one running had the lid on. When we swapped the lid, the system that crashed changed also. We discovered that it was the flash that was causing the problems, and the either there ws enough UV being emitted from the flash, or simply that the light intensity was high enough to confuse the EPROMS for a few machine cycles, and cause bogus information to reach the CPU, crashing it. ------------------------------ Date: Mon, 3 Oct 88 21:07:09 EDT From: rpg@CS.BROWN.EDU Subject: Poor user interface -- police system Reprinted without permission from the Providence New Paper: Providence Police Chief Walter Clark was grilled on his department's position on police/minority relationships, the effects of drugs on the community, and the speed and attitude of officers responding to calls. Answers and solutions were prompt. Chief Clark explained that all calls to the police department are entered into a computer and prioritized, but only the 20 or so reports visible on the CRT can be acted on. Which is why it can take two hours for the police to respond to a burglary after the fact, as opposed to more immediate response to a burglary in progress. It astounds me that the writers of such a piece of software wouldn't have provided for the display to scroll, especially considering that there are problems of starvation like this. And what happens if there is a disaster, like the New York blackout and widespread crime, such that there are more than 20 urgent calls to be managed? ------------------------------ Date: 26 Sep 88 20:23:26 CDT (Mon) From: erict%flatline@sri-unix.UUCP (j eric townsend) Subject: Cash registers and tax During a break between classes the other day, I decided to restart my tradition of the "perfect student lunch": beer and grease. I got my usual: pizza, $1.50, and a domestic beer, $1.50. (Ouch, time to put the cooler back in the car... :-). I went to the register, and the button-pusher told me I owed $3.18. Normally, tax isn't charged on food at UH. What you see is how much it costs, EOL. I asked the clerk about this, as I'd gotten the same thing the day before, and it had only cost $3. The clerk replied: "Oh, you probably got it at the other register. This is the only register that charges tax." Me: "Well, give me back my $.18, then, since you don't normally charge tax." Clerk: "Sorry, I can't do that, because the cash register says you owe $3.18." There was a manager standing nearby who couldn't tell me if I owed tax or not... Moral: If you eat in the Satellite at UH, don't go to the far left register, it charges 8 percent tax while the other registers don't. (Actually, I think that UH adds the tax into the price of the food just to make it easier to figure out your bill. Then, the spend $$$'s trying to reverse-engineer their retail costs... :-) J. Eric Townsend, 511 Parker #2, Houston, Tx, 77007 Inet: COSC3AF@george.uh.edu UUCP: uunet!nuchat!flatline!erict Bitnet: COSC3AF@UHVAX1.BITNET ..!bellcore!tness1!/ ------------------------------ Date: Thu, 29 Sep 88 14:29:39 PDT From: Peter G. Neumann Subject: Re: Cash registers We have previously had several tales such as the following, prompting someone to note that segmented number generators initially display an "8" in each position so that someone who is paying attention would notice when a segment is burned out. But in this case someone would have to use mirrors. At lunch the scale for salads etc. has digital displays on two sides. I was on one side, the cashier on the other. She told me the amount -- $1.93. I noted that it said $1.83 on my side. She insisted that MY side had been wrong before that day and that they were using HER side. When told that the reason her side said "8" instead of "9" was that one of the segments was burned out, she finally acquiesced. But it occurred to me that a different segment had probably been out on my side, presumably in the units digit, which is what had prompted her to believe that HER SIDE was the right side. Groan. P. ------------------------------ Date: Tue, 4 Oct 88 00:53:56 EDT From: attcan!utzoo!henry@uunet.UU.NET Subject: Fly-by-wire, absence thereof The hit of the Farnborough Air Show this year was definitely the MiG-29. The Soviets sent two of them, basically to show off. They did everything the F-18s and the like did, and a couple of things that nobody in the West had thought of doing with a jet fighter. The interesting thing is, unlike their Western competitors, the MiG-29s do not use fly-by-wire! They have plain old hydraulic controls, no computers involved. Doesn't seem to hurt flight performance, and the pilots claim the same "carefree handling" as the computerized fighters. Henry Spencer at U of Toronto Zoology uunet!attcan!utzoo!henry henry@zoo.toronto.edu ------------------------------ Date: Tue 04 Oct 1988 17:46 CDT From: GREENY Subject: re: A New Portal For The Offensive -- FAX ATTACKS Gee, I always thought that it was illegal to make use of the telephone to harrass, or say obscene things to people who didn't want to hear it (i.e. heavy breather sicko-types) -- or at least it is here in Illinois. And if I remember correctly, doesn't a receiving FAX print out the transmitting PHONE NUMBER somewhere on the transmission? If so, and you keep getting stuff that you don't appreciate -- just call the cops. If that doesn't fix the problem, try sending back what ya got! :-> Greeny ------------------------------ Date: Tue, 4 Oct 88 20:11:31 BST From: Matthew Huntbach Subject: Re: Is Uncle Sam selling your name to mailing lists? In the U.K. the electoral register is obtainable in most places in computer readable form. It is fairly easy to use it to target names in fact mailing companies have produced directories mapping postcodes onto average prosperity. Also the changing fashions for first names can enable a good guess at ages. Clearly the electoral register has to be made available to candidates. As a political activist myself, I know the value of computers in fighting elections. But even if you only gave the register to candidates, what is to stop a mailing list company putting up a candidate simply to get hold of the register? ------------------------------ Date: Tue, 4 Oct 88 18:01:58 CDT From: linnig@skvax1.csc.ti.com Subject: More on monitoring Cellular Phones Alan Kaminsky (ark%hoder@CS.RIT.EDU) writes: > When a phone detects a paging message with > its own address, it broadcasts a page response message. This response is > received by all the cells in the system, and the signal strength is measured. > The cell receiving the strongest response is assumed to be the cell in which > the phone is located, an unused frequency in that cell is assigned, and the > phone call is switched to a transceiver in that cell. Ah, but could the phone company send out a page without a following "ring them" message? If they could, then they could periodically poll your position, and your faithful cellular phone would report it without your knowledge. > As for business competitors monitoring calls you place on your cellular > telephone, to find out your clients' phone numbers: This is perfectly > possible.... One hopes the FCC, police, etc. > would prevent anyone from offering such a product commercially. Well, the communication privacy act recently passed prevents you from intercepting the audio side of the cellular phone conversation, but I doubt if it prevents you from picking up the dialing info. I think such a device might be considered in the same class as a "pen register." Pen registers record the numbers called on a telephone circuit. I believe the Supreme Court doesn't even require a search warrant to place a pen register on a phone. It may be quite legal to record the phone numbers dialed by a cellular phone. Someone with a law background want to comment? Mike Linnig, Texas Instruments ------------------------------ End of RISKS-FORUM Digest 7.61 ************************