RISKS-LIST: RISKS-FORUM Digest Tuesday 6 December 1988 Volume 7 : Issue 89 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Computer Literacy #4 (Ronni Rosenberg) Privacy versus honesty/equality (Jerry Carlin) Computerized speeding tickets? (Clifford Johnson) Subways that "know" who's on board (Marc J Balcer) Automatic toll systems -- Dallas (Andrew R. MacBride) "Hackers", "crackers", "snackers", and ethics ("Maj. Doug Hardie") `hacker' is already a dictionary entry (Joe Morris, Douglas Jones) Re: /dev/*mem and superuser (Jeff Makey) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line (otherwise they may be ignored). REQUESTS to RISKS-Request@CSL.SRI.COM. FOR VOL i ISSUE j / ftp kl.sri.com / login anonymous (ANY NONNULL PASSWORD) / get stripe:risks-i.j ... (OR TRY cd stripe: / get risks-i.j ... Volume summaries in (i, max j) = (1,46),(2,57),(3,92),(4,97),(5,85),(6,95). ---------------------------------------------------------------------- Date: Tue, 6 Dec 88 15:12:11 EST From: ronni@wheaties.ai.mit.edu (Ronni Rosenberg) Subject: Computer Literacy #4 What are your reactions to a proposal for a different sort of "computer literacy" course, described below? (I am not saying that all schools should teach such a course.) Is it a good or bad idea? Why? Should the description be changed? If so, how? How do you compare this with what you know about existing computer-literacy courses? Who should develop such a curriculum? Who should pay for it? Please respond directly to me. Thanks. * * * * Compared to current computer-literacy classes, the proposed course would spend much less time reviewing the mechanics of operating machines, the syntax of applications software or programming languages, and rote learning of lists, from computer components to uses. It would spend much more time considering the capabilities and limitations of computers, through discussions of the impacts of important computer applications. This might be a standalone course or a series of discussions interwoven into courses in, for instance, social studies or history. One specific example of material that could contribute to meaningful education about computers is a multi-media presentation entitled "Reliability and Risk: Computers and Nuclear War," produced and distributed by CPSR. The presentation explains how current political and military trends decrease the time allowed for people to react to a crisis, thereby shifting critical decision-making responsibilities to computers. It attacks the myth of computer infallibility by describing different types of computer errors, their sources and consequences. It explores the growing reliance on computerized decision-making and how a computer error, especially in times of crisis, could trigger an accidental nuclear war. Lasting a half-hour, the program obviously cannot cover the topic in great depth. But it does present salient points about an important and complex area of computer use, greatly heightens people's awareness of problems that they are unlikely to learn about from magazine articles about computers, and stimulates exciting discussions and further thought. The presentation uses no computers, and the intended audience need no previous computer experience. The proposed course might include discussions of * SDI's computing requirements -- so students could consider the concept of software trusthworthiness and the potential for design errors in complex systems. * The Vincennes episode -- so they could consider the difficulty of using a system outside the boundaries of its intended use. * The FBI's National Crime Information Center (NCIC) -- so they could consider the relationship between civil liberties and computer technology. * The National Test Bed, war games -- so they could consider the limits of computer simulations. * Computerized monitoring techniques -- so they could consider impacts of computers on the workplace. * How computer science is funded -- so they could consider which sorts of problems society views as important. * Some of the myriad of RISKS stories -- so they could consider the risks of depending on computer systems. And so on. Overall, the course would emphasize the importance of the social and political context in which a computer system is developed and used. ------------------------------ Date: 1 Dec 88 20:45:26 GMT From: jmc@ptsfa.PacBell.COM (Jerry Carlin) Subject: Privacy versus honesty/equality Organization: Pacific * Bell, San Ramon, CA The following is from an article: "In Sweden, the public can read prime minister's mail" by Eva Janzon, Associated Press. In Sweden, government records have been open to the public since 1766. This includes the right to read the Prime Minister's mail (except for a few classified items). Not only that, but everyone's records are effectively public: "Knowing your neighbor's date of birth is enough to gain access to files at the National Taxation Board which lists income and tax from the previous year, church membership, marital status and current address. "If you take the number to the county police, you can find out about any unpaid bills. Other registers list education, state of health and membership in associations. "All this has been accepted as a price for keeping people honest in a society that strives for equality." The article did state that some Swedes dislike this invasion of privacy. Is the risk of inequality and dishonesty more important than the risk to privacy? Jerry Carlin (415) 823-2441 {bellcore,sun,ames,pyramid}!pacbell!jmc ------------------------------ Date: Mon, 5 Dec 88 17:54:29 PST From: "Clifford Johnson" Subject: Computerized speeding tickets? > Alas, as a Mass police officer pointed out in an interview, you have to catch > someone *in the act* of speeding to get them for it. Probably something to > do with that annoying bill of rights... Not so in every state, I believe. I recall a news story some 18 years ago in a desert state (Arizona?), in which a cop called a another cop at another town to look out for a certain car. The defense argued that there was no way to know to for sure that the speed limit was exceeded merely because the distance/time in total exceeded the speed limit. A university mathematician (measure theorist) testified as to the meaning of the Mean Value Theorem, and the speeding ticket was upheld by a presumably puzzled judge because no counter-expert could be found to dispute him. Does anyone know whether the Mass. "rule" is simply local? [And then there is the tale of the San Francisco police using computer records interactively to tow up-scale vehicles (on the grounds that their owners are more likely to pay up to get their cars back when towed). Yesterday they towed a car belonging to an undercover agent. Referring to Ronni's item (particularly NCIC) in this issue, suppose that information was in the computer that that car belonged to an undercover agent. Then we have to assume that the agent was NOT ADEQUATELY under cover, especially if any further identification was included. PGN] ------------------------------ Date: Tue, 6 Dec 88 09:38:49 EST From: balcer@gypsy.siemens.com (Marc J Balcer) Subject: Subways that "know" who's on board From the Philadelphia Inquirer, Saturday, December 3: SEPTA TURNSTILES TAKE A HIGH-TECH SPIN by Mark Bowden, Inquirer Staff Writer [...] The new turnstiles still accept tokens, but they are also equipped with magnetic scanners that enable passengers to let themselves into the station just by sliding through their new, magnetically encoded weekly and monthly passes. The old turnstiles only accepted tokens. [...] Because each of the turnstiles is connected to a central computer, and each card is encoded with a serial number, use of the new turnstiles will help SEPTA compile far more detailed records of how people use the transit system. "If someone gets on the Elevated in the Northeast, uses the Broad Street Subway at midday, and then commutes home at night on the Elevated, we will have an exact record of all those trips," said [Robert E.] Wooten, SEPTA assistant general manager for public affairs." It will provide our operations planning department with lots of detailed information about who gets on where, when, and how often. Marc J. Balcer [balcer@gypsy.siemens.com] (609) 734-6531 Siemens Research Center, 755 College Road East, Princeton, NJ 08540 ------------------------------ Date: Tue, 6 Dec 88 00:19:16 PST From: c60a-1bl@WEB.Berkeley.EDU Subject: Automatic toll systems -- Dallas Regarding an earlier discussion of automatic toll systems: This evening (~11:45pm PST) on CNN, I caught the tail end of a report on an automated toll-collection system being tested in Dallas. The device consists of (and I quote) "chips and diodes and capacitors on a board", and is apparently queried at each toll station. During a brief statement, the president(?) of AMTECH, Inc. discussed plans for the use of this system in many cities and in the rail network. Anyone have comments or more information? (I wish I had seen the beginning of the report...) Andrew R. MacBride c60a-1bl@widow.berkeley.edu (128.32.185.4) ------------------------------ Date: Tue, 6 Dec 88 09:42 EST From: "Maj. Doug Hardie" Subject: "Hackers", "crackers", "snackers", and ethics (RISKS-7.86) > Moreover, in more mature scientific fields, such as medicine, it > is not left up to the experimenter to decide for himself what is > ethically acceptable; he or she must convince review boards that > include both peers and (one hopes) members of the affected public. The cost of medical research is significant. It is not within the resources of your average high school student. The cost of hacking "computer research" is very low. I seriously doubt that any kind of review system could be set up that would be able to cope with the volume of this problem. Even if you could set it up, it would be a bureaucracy unto itself. Also, I point out that the term hacker was in common use when I was in college (64-69) to refer to a person who did not have any real understanding of what they were doing, but just banged away with anything in a random pattern hoping that something would work. Calling an engineering student a hacker was the ultimate put down. ------------------------------ Date: Tue, 06 Dec 88 11:38:21 EST From: Joe Morris (jcmorris@mitre.arpa) Subject: `hacker' is already a dictionary entry In RISKS-7.87, Frank Maginnis observes: > "Hacker" and "virus" will undoubtedly >appear very soon in standard English dictionaries with the general public's >understanding of the terms, not the profession's -- "hacker" probably >already has! We'll just have to adapt. I can't speak for 'virus', but 'hacker' is already there. From the 1986 edition of _Webster's_New_World_Dictionary_ (Prentice-Hall) comes the following entry: hack.er n. 1. a person who hacks (see hack(1)) 2. an unskilled golfer, tennis player, etc. 3. a talented amateur user of computers, specif. one who attempts to gain unauthorized access to files in various systems The dictionary doesn't have the verb _hack_ defined in a computer sense, but that may be waiting on the next edition. Can anyone point to the first use of the term? I remember using it in 1962 (and have comments in programs to prove it) but it seemed to be well-used by then. ------------------------------ Date: Tue, 6 Dec 88 13:51:24 CST From: Douglas Jones Subject: Re: "Hackers," "crackers," "snackers," and ethics In P. G. Neumann's note of Mon, 5 Dec 88 10:27:35 PST, he points out that we have to do something about whistle-blowing, and then gets back to questions of hacking being dangerous, especially when we have flawed systems. These two statements bring to mind a sensible buisness practice of the early 1970's that I have not seen used recently. Back in the summer of 1972, I worked for Com-Share Incorporated, one of two firms to commercialize the Berkeley Timesharing System. Back then, I had not yet heard the term "hacker", but we certainly knew that there were such people. Com-Share had two interesting policies with regard to such people: 1) All Com-Share employees were encouraged to use Com-Share facilities for personal use during off-hours, and the majority of personal use was assumed to be of a sort we would now call hacking. 2) Com-Share had a standing reward of $500 for anyone who could expose a flaw in their system security, and while I was there, they raised the reward to $1000. In concert, these policies encouraged hacking, but they made it into a constructive activity. An occasionally cited aspect of the "hacker ethic" is that when hackers find something wrong with a system, they should report the problem. The problem is that reporting a problem might lead to its being fixed, which in turn, might deny future access to the hacker. A reward can overcome this negative aspect of reporting bugs. When I worked on the PLATO system at Illinois in the mid '70s, the system administrators viewed the large community of PLATO hackers (mostly writing and playing games, but with occasional password security attacks of the kmem variety) as useful because they would exercise new system features long before "legitimate" users would find them, and because they provided a heavy system load before there was much of a legitimate user community. As the legitimate community grew and the excess capacity of the system diminished, game playing and other "hacking" activities were severely curtailed, but never eliminated. In recent years, most computer crimes legislation I have seen has made almost anything resembling hacking into a crime, and many system administrators no-longer appear interested in the benefits that a carefully managed hacker community can provide. A hacker who finds a flaw in a system and reports it is viewed as being a criminal with a conscience instead of a benefit to society. In a way, hackers who report flaws that they find in a system are like whistleblowers, and this recent legal and managerial trend is quite analogous to the "shoot-the-messenger" approach that is commonly applied to whistleblowers. ------------------------------ Date: 6 Dec 1988 1258-PST (Tuesday) From: Jeff Makey Subject: Re: /dev/*mem and superuser In RISKS 7.87, Paul E. McKenney described how to protect /dev/*mem on UNIX systems from uncontrolled read access. Unfortunately, he made a small mistake. /bin/ps and other programs that need access to /dev/mem should have their modes set to 2755. Use of mode 4755 (as Paul suggested) sets the setuid bit rather than the setgid bit. Since /dev/mem is owned by root and Paul also suggested changing the owner of /bin/ps to bin, there is probably no security problem in his fix, but ps won't work. I have done this on my 4.2 BSD system with no apparent ill effects. In addition to /bin/ps, /usr/ucb/w needs this treatment. Once again, we encounter a risk in (blindly) applying untested bugfixes. This comment, of course, applies to my own suggestions in the paragraphs above. ------------------------------ End of RISKS-FORUM Digest 7.89 ************************