Subject: RISKS DIGEST 9.85 REPLY-TO: risks@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Friday 27 April 1990 Volume 9 : Issue 85 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Computer error parks hundreds illegally (Dave Harding) Computers may be fattening? (Gary Tom) Unattended Plane Take-off (Andrew Duane) Aircraft electronics problems: A pilot's report (Peter Ilieve) 1099 forms, risks, and technology (Gregg TeHennepe) Re: "It's a Computer Error" (Pete Mellor) Re: Risks of engine computers and EMP (David Paul Hoyt) Security Breach--cc:Mail Inc. (Chris McDonald) Queues and Servers (Anthony E. Siegman) Computers and names with special characters (Lance Hoffman) Computer Jammming of 911 LInes (Gary McClelland) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line (otherwise they may be ignored). REQUESTS to RISKS-Request@CSL.SRI.COM. TO FTP VOL i ISSUE j: ftp CRVAX.sri.comlogin anonymousAnyNonNullPW cd sys$user2:[risks]get risks-i.j . Vol summaries now in risks-i.00 (j=0) ---------------------------------------------------------------------- Date: Fri, 27 Apr 1990 12:16:24 CDT From: HARDING@MDTF08.FNAL.GOV (Dave Harding) Subject: "Computer error parks hundreds illegally" >From the Chicago Tribune, 25 April 1990 COMPUTER ERROR PARKS HUNDREDS ILLEGALLY At least 1,000 Illinois residents outside the metropolitan Chicago area were flabbergasted Tuesday when they received dunning letters from the City of Chicago for parking violations they didn't commit, according to police in several of the towns. The Chicago Revenue Department mailed about 36,000 overdue parking notices, said John Holden, a Revenue Department spokesman. He said up to 10 percent of them could go to people who did not commit parking violations, most of them in the Quad Cities area. Holden said the problem occurred because workers failed to differentiate the types of license plate numbers that are fed into the city's computerized system. The city contracts with Cumputil Inc, a New Jersey-based company, to feed license-plate numbers of overdue tickets into the computer, which automatically sends out notices to parking violators. ------------------------------ Date: Thu, 26-Apr-90 01:53:45 PDT From: garyt@cup.portal.com Subject: Computers may be fattening? >From the Health column of the April 25th San Jose Mercury News evening edition: "Such modern conveniences as personal computers and extension phones could cause you to gain weight. Psychologist Thomas Wadden of the University of Pennsylvania attributes as much as seven pounds per year to using a computer rather than a typewriter. Keeping files stored in the computer means you don't burn calories getting up to fetch them. Ditto for extension phones, which save about 70 miles of walking a year, thus adding two pounds annually." ------------------------------ Date: Wed, 25 Apr 90 15:27:48 -0400 From: duane@samsung.com (Andrew Duane) Subject: Unattended Plane Take-off (Clive, RISKS.9.83) This happened at a local (Lawrence, MA) municipal airport about 4 years ago. It seems that a pilot was prop-starting a small 4-passenger plane. The propeller spun, and the engine caught. The throttle must have been set, and the plane quickly took off, sans pilot. Luckily, it was also sans passengers. It got about 250 yards, then crashed into a nearby store. On the evening news, the airport manager expressed his surprise, saying "this sort of thing rarely happens here." I know, no computer risks, but it was relevant to the article. Andrew L. Duane (JOT-7), Samsung Software America, 1 Corporate Drive Andover, MA. 01810 (508)-685-7200 X122 ------------------------------ Date: Fri, 27 Apr 90 09:18:30 BST From: Peter Ilieve Subject: Aircraft electronics problems: A pilot's report (from CHIRP in the UK) This was reported in the Independent (a London paper) on 26 April. It is the pilot's account (abridged at one point) of the end of a flight from the Mediterranean to London. It was submitted to CHIRP, which is a reporting system run by the RAF Institute of Aviation Medicine to allow pilots to report anonymously on things that worry them. "As we slowly descended through the stack, winds aloft were 70-80 knots with little or no turbulence. The Met continued to report strong surface winds but gave no warning of any exceptional turbulence. "As we descended into the clouds, the situation deteriorated rapidly. The wind and turbulence quickly increased. At 3,000 feet inbound on the Instrument Landing System localiser we were experiencing westerly winds of 188 knots and we were encountering severe turbulence. "When the first officer reported the wind to Air Traffic Control the reply was, `Roger, understand Westerly 88 knots.' "First officer: `Negative, ONE-eigthy-eight knots.' "ATC: `Good grief.' "At about this time, the aircraft's automatics started running for cover. Both Flight Management Systems were repeatedly failing and recovering and at various times both autopilot and the captain's Flight Director (electronic artificiat horizon) were out of action. The first officer was doing a great job in trying to round up the wayward systems while simultaneously monitoring my approach and handling. "The ride down the Instrument Landing System was very wild with the wind indicating 150-180 knots. At 700 feet, with violent turbulence and an apparent 130 knots negative wind shear between that altitude and the ground we commenced a go-around. "During the go-around virtually all the automatics failed again and the turbulence became extreme. "Levelling at 3,000 feet, flaps and gear up but still in severe turbulence we were now confronted with further problems. Our `bolt-holes' (diversion airports) began to look suspect. We determined only one diversion airfield was still just about okay, but now on the limit of our fuel reserves. We elected to go, and ATC started vectoring us through the traffic, at low level in heavy turbulence. "At last we were cleared up out of the cloud and back into clear and relatively calm air. The automatics now started creeping out of the woodwork but we were still extemely busy, the two-crew operation really stretched to the limit. "En route to the diversion, [we had to cope] with a combination of failed automatics, unfamiliar ATC clearances, monitoring the weather, to say nothing of liaison with the cabin crew, and the very frightened passengers. We had about 30 minutes fuel available and we *had* to make it in, and with the weather deteriorating literally by the minute it had to be the first time." The Independent piece goes on to link this with the completed but as yet unpublished report on the 737 crash at Kegworth, which is believed to be critical of the design of electronic cockpits, and also reports from British Airways of 6 incidents with their new 747-400s. In each of these, the automatic systems closed all 4 throttles while the aircraft were climbing. A previous report in the paper had suggested some sort of sensor problem, I think concerning the flaps, as a cause of this problem Peter Ilieve peter@memex.co.uk ------------------------------ Date: Thu, 19 Apr 90 12:05:49 EDT From: gateh@CONNCOLL.BITNET Subject: 1099 forms, risks, and technology (Karn, RISKS-9.81) Phil R. Karn (karn@thumper.bellcore.com) writes: > One wonders if there may be a fundamental limit on the degree to which > institutions that must be open to many sources of public input can rely > on a high degree of computerization to achieve cost-effectiveness, > especially when the institution or its policies are unpopular. While sociologists/psychologists might argue that, based on certain predictable human traits, there will but such a limit, I am inclined to disagree. It seems to me there are two basic approaches for dealing with risks: - modify/control the surrounding environment via automated systems, etc. in such a way as to reduce the risk posed to humans - modify/improve human skill and intelligence such that the surrounding environment poses as little risk as possible If one takes the first approach and assumes a basic level of human carelessness (both in the sense of error and in the sense of maleficence, as in the case of the 1099 forms), and tries to compensate for or insulate from risk via external controls, there will be such a limit, and it will be governed by the integrity of those controls. If on the other hand one attempts to reduce error and maleficence via internal control (human education/training/self-discipline), the limit will be governed by the human potential. It seems to me that ideally what is needed is a combination of these two approaches. My fear is that presently many if not most systems are designed with the assumption that the human operator is a worst case, and so these systems provide little if any motivation/reinforcement for improving the human. To approach the problem of the limit of the utility of a particular technology by saying, Well, I guess we need to refine, we need bigger, better, faster is IMHO a mistake in that it is in some sense self-destructive. It tends to remove responsibility from the human, and as such allows and possibly encourages the atrophy of human skill and intelligence. For me, this is what I think life is all about: impeccability is the task of living, and should begin with the person. From there it will move to the things created or maintained by the person. Unfortunately I don't think it works in reverse (ie. an impeccable system begets a better user). As a result I am somewhat leery of any system which takes control away from me, especially in light of the fact that I often have no way of knowing the integrity of either the system or its designer, not to mention that it is likely the system was designed with an idiot in mind. Gregg TeHennepe, Minicomputer Specialist, Connecticut College, New London, CT ------------------------------ Date: Wed, 25 Apr 90 22:48:55 PDT From: Pete Mellor Subject: Re: "It's a Computer Error" (RISKS-9.82) > I have noticed a recent upsurge in UK news reports of "Computer Errors". > Not of the major catastrophe kind, but of the "bill for $0.00" sort > This seems to be intimately related to the introduction of the Poll tax. Note for non-UK readers: What is euphemistically described by the government as the "Community Charge", and by everyone else is called the "poll tax" ("poll" as in "head": the idea that paying the tax is connected with the right to vote is a popular misconception) came into force in England and Wales in April this year. (Like many other things, it was tried out in Scotland first.) In a nutshell, the previous system of "rates", an annual charge which was geared to the value of an individual's real estate, and which provided part of the funding for local government services (drains, emptying dustbins {sorry! garbage collection :-}, etc.) has been replaced with an annual per capita charge. Under the previous system, Lord Muck in his castle paid through the nose, while Joe Public in his two-up/two-down paid comparatively little. Under the new scheme, Lord Muck and Joe Public pay the same. Joe Public is not too pleased about it. So unpleased about it, in fact, that on 31st March a demonstration in central London against the poll tax turned into a very ugly riot. > I wonder if any other RISKS subscribers have noticed this phenomenon > (not the poll tax, the computer errors) ? Try this one (Andrew Moncur's Diary column, Guardian, 4th April). I quote: "If any rioting breaks out in Tunbridge Wells you shouldn't be too surprised to see Amy Mercer somewhere in the background, making a great deal of noise. She's just received her poll tax demand (&322-odd to pay). All very well. Except that Amy is eight months old - and, I would guess, fairly militant." It will not surprise RISKS subscribers to learn that the changeover involves a *massive* bureacratic exercise, registering, and sending demands to, every person in the country over a certain age. Hardly surprising that someone thought it might be a good idea to use computers to help with the work. Presumably, these same computers will also be used to record people who do not pay, and trigger the various steps taken to recover payment. (Not *registering* is a criminal offence. Not *paying* is a civil matter between the individual and the local authority, who must take each individual case through a procedure of which the final step is the magistrates' court.) Huge and well-organised campaigns of non-payment are under way. Peter Mellor, Centre for Software Reliability, City University, Northampton Square, London EC1V 0HB Tel.: +44 (0)1-253-4399 Ext. 4162/3/1 ------------------------------ Date: Thu, 26 Apr 90 09:18 CDT From: david paul hoyt Subject: Re: Risks of engine computers and EMP (Grant, RISKS-9.83) > ... it would also kill the engine computers in every late model car. Actually it will stop and probably distroy all old cars too. An EMP will arc the points and fuse the alternator. Everything looks like an antenna to an EMP blast. ------------------------------ Date: Wed, 25 Apr 90 12:20:26 MDT From: Chris McDonald ASQNC-TWS-RA Subject: Security Breach--cc:Mail Inc >From "MacWEEK", 24 April 1990: "In respoonse to a breach of its E-mail system's security, cc:Mail Inc. this month will ship a new version of cc:Mail free to all users. The upgrade offers enhanced security to combat an unauthorized utility that lets users access other users' mail. Posted on a Hayes Microcomputer Products bulletin board by an unknown source, the utility lets a user gain access to all cc:Mail passwords and messages on a LAN. cc:Mail has notified all it customers by phone or e-mail about the security breach and has set up aspecial tool-free hot line at (800)338-9012. Previously unregistered cc:Mail customers are also eligible to receive the free upgrade." ------------------------------ Date: Wed, 25 Apr 90 13:13:24 PDT From: siegman@sierra.Stanford.EDU (Anthony E. Siegman) Subject: Queues and Servers (Re: RISKS DIGEST 9.82) Careful. Didn't Scientific American have a fascinating story on task scheduling a few years ago pointing out that there are nonpathological situations involving a single queue of variable-length tasks and multiple servers, IN WHICH ADDING AN ADDITIONAL SERVER CAN ACTUALLY MAKE IT TAKE LONGER TO FINISH THE QUEUE? [Yes, VERY OLD RESULTS, originally from Ron Graham and Vic Benes (when I was at Bell Labs in the 60s, if I recall correctly), for nonstochastic queues. See Coffmann and Denning, Operating Systems Theory, Prentice-Hall, 1973, in which some of Ron Graham's examples reappear... A wonderful family of cases in multiple dimensions, where apparent simplifications in any one dimension can actually make things worse. PGN] ------------------------------ Date: Wed, 25 Apr 90 14:08:12 EDT From: hoffman@gwusun.gwu.edu (lance hoffman) Subject: Computers and names with special characters Following up on the contribution regarding hyphenated last names at the Social Security Administration, when I did some consulting there years ago, we were told of the incident where one person who was receiving checks insisted on changing his surname to something like "*N" (not his real name). You can imagine the havoc this caused until the agency went and implemented something like 25 patches in 25 different systems, which they did, on the humane grounds that you can call yourself whatever you damn well please. Professor Lance J. Hoffman, Department of Electrical Engineering and Computer Science, The George Washington University Washington, D. C. 20052 (202)994-4955 [It really opens up some possibilities, including VictorBorge-style pronunciations of nonalphabetic characters. PGN] ------------------------------ Date: 26 Apr 90 10:37:00 MDT From: "Gary McClelland" Subject: Computer Jammming of 911 Lines The Boulder [CO] Daily Camera (25 April 1990) reported that local police have arrested a suspect in the jamming of police communications and the 911 system. According to the article, he used radio devices to jam the police radio frequencies and a computer to interfere with the 911 lines. The newspaper article gave no details on how he used the computer to jam 911 system. Since the local 911 system has ANI and it took the police a while to find the guy, he presumably was doing something more sophisticated than just making multiple calls to 911 with his modem. No reports of any emergencies that received delayed attention because of the jamming. The motive: The University of Colorado campus police issued this guy a warning citation (no fine) for failing to leave the physics building during a fire alarm test. He then started messing with the campus police communications and then moved on to harass the city police and jam 911. Makes you worry about what he will do now that they have arrested him and made him really mad! Gary McClelland, Univ of Colorado ------------------------------ End of RISKS-FORUM Digest 9.85 ************************