Subject: RISKS DIGEST 9.87 REPLY-TO: risks@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Tuesday 1 May 1990 Volume 9 : Issue 87 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: [Mostly telephone problems] Phones & techologically illiterate operators (David A. Honig) More telephone problems -- union pressures (Peter Jones) Forwarding: Weird phone bills - an unexplored possibility (Chaz Heritage via Richard Busch) Re: Call Forwarding (Peter Jones) Kissimmee Kate (Geoffrey H. Cooper) Re: You think YOU have problems with your telephone company? (Gary Cattarin, Jozsef A Toth, Warren Levy) Blaming it on the computer? (Brad Templeton) Re: Risky McDonald's comrade... (Charles Youman) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line (otherwise they may be ignored). REQUESTS to RISKS-Request@CSL.SRI.COM. TO FTP VOL i ISSUE j: ftp CRVAX.sri.comlogin anonymousAnyNonNullPW cd sys$user2:[risks]get risks-i.j . Vol summaries now in risks-i.00 (j=0) ---------------------------------------------------------------------- Date: Thu, 26 Apr 90 12:40:20 -0700 From: "David A. Honig" Subject: Phones & techologically illiterate operators This is unrelated to the recent discussion of central office problems, but definitely a computer-related phone RISK. I tried to get an operator to make an emergency break-in to a friend's line which was busy. She reported that the line was out of order, and could not break in. I found out that he had been using a modem. The hapless operator must have listened in (prior to interrupting and asking if the emergency break-in should be obeyed) and heard 1200 bd screeching. To her, any non-voice signal must have meant "out of order". Of course, it wouldn't have helped to try to break in to the "conversation", unless she could whistle real fast. :-) If she had told me that she heard "telecommunications" or something, I would have logged in myself and located my friend on the computers... ------------------------------ Date: Thu, 26 Apr 90 16:57:13 EDT From: Peter Jones Subject: More telephone problems -- union pressures (Re: RISKS-9.84) In the Universite du Quebec a Montreal, where I work, the employees' union used the call forwarding feature in a pressure tactic several years ago. Employees participating employees forwarded calls at random. Callers got busy signals and of course many wrong numbers. At that time, calls could be forwarded to outside numbers; people calling the university ended up at radio stations, at newspapers or elsewhere. Since that incident, call forwarding to the outside is only allowed by special permission of the telecommunications department. This is not so much an example of technology gone wrong, but rather of people using it for political purposes. Another political example I remember is the spiffy direct-dial international service that was in operation in Moscow during the Olympics (can't remember which ones). The system was dismantled afterward because the KGB couldn't keep up with the volume of calls (I wonder if this is an authentic story, or just a joke.) Peter Jones (514)-987-3542 ------------------------------ Date: 26 Apr 90 18:52:30 PDT (Thursday) From: "Richard_Busch.SD"@Xerox.COM Subject: Forwarding: Weird phone bills - an unexplored possibility Date: 26-April-90 (Thursday) 4:20:38 PDT From: chaz heritage:wgc1:RX Subject: Weird phone bills - an unexplored possibility To: Richard Busch >These troubles with the phone company have resulted in huge bills for calls that apparently were never made...It's only a software problem?< While I don't doubt that a software fault could have caused the complainant's problems, and wouldn't read RISKS if I didn't think that such faults should be investigated by folks like PGN, there is a possibility that no technical fault is involved. [I should have had quotes around "It's only a software problem?". This was intended to be reminiscent of the old SMOP yarns, "It's a Small Matter of Programming". PGN] Over the last ten years a number of public monopolies in Britain have been 'privatised' - sold to the private sector by the Government. One of them was British Telecom. A 'competing' company, Mercury, was also set up, but for technical reasons domestic and small business subscribers are now dealing for their phone services with a single private monopoly. A catalogue of the new British Telecom's crimes would exceed reasonable bandwidth, but one noticeable trend seems to be the issuing of phone bills for slightly unreasonable amounts, in the hope that people might simply pay the bill without checking it (not all subscribers are willing to pay extra for an itemised bill). Business subscribers seem particularly prone to this. At home we have had to query every bill sent to us since privatisation; the last one was for #44,000! Others involve fairly small additions, however; three international calls here, a number of unusual operator services there, and so forth. Could it be that the phone company involved in PGN's case are simply trying it on in the same way? Since everyone is so concerned over 'computer errors', it is easy to blame the unfortunate silicon idiot for everything. The unscrupulous might see an opportunity here. Perhaps the willingness of people to accept 'computer error' as an excuse for what might well be deliberate is a RISK in itself. Chaz ------------------------------ Date: Thu, 26 Apr 90 16:24:24 EDT From: Peter Jones Subject: Re: Call Forwarding (Novick, RISKS-9.84) In Montreal, and possibly in all of Bell Canada's territory (Quebec and Ontario), the phone rings briefly to notify the subscriber that a call has been forwarded. Thus, the subscriber is reminded to cancel Call Forwarding when he's home and a call comes in. Note: If a subscriber has Call Waiting, and forwards to himself, the caller gets a busy signal instead of a ringback, and the call in progress is not disturbed at all. Very useful when a data call is in progress, for our system doesn't allow the subscriber to temporarily disable Call Waiting, except in certain areas. When the phone is back on hook, the brief ring mentioned above is heard, the caller gets a busy signal and incoming calls cannot be answered until Call Forwarding is cancelled. (I've been told this, but have never tried it myself.) Some systems automatically make a call to the forwarding number when forwarding is requested. This makes it possible to check the number is working, and is the right one. The disadvantage is the incurring of a possible toll charge. Peter Jones UUCP: ...psuvax1!uqam.bitnet!maint (514)-987-3542 ------------------------------ Date: Fri, 27 Apr 90 11:18:33 PDT From: geof@aurora.com (Geoffrey H. Cooper) Subject: Kissimmee Kate I have two inputs, one is pretty related and one is a bit further away. I remember Jerry Saltzer talking about a problem in his home with an amazing number of wrong number calls received. These were ultimately traced down to a bad connection in a crossbar switch. One entry on the crossbar was connected to a busy signal or message. Calls from other central offices were routed to that connection if the destination was busy. It happened that Jerry's home number was connected adjacent to this "busy-signal" entry, which ultimately turned out to have a bad contact or relay. The result was that all busy calls from outside the local office were converted into misrouted calls to the Saltzer residence. Jerry can probably give you a better description of what it was (my memory is somewhat hazy). The other bug is not a phone bug, but it fell into consciousness because it had the same kind of random delaying action you mentioned. I hope it is more of a help than a distraction. > ... not understanding how he reached the Yellow Cab company when [about > three minutes later] the telephone rang and [the officer] answered the phone > only to be connected to a Howie, a dispatcher at the police department, About 1981 or 1982 at MIT, Dave P. Reed (now at lotus) and I were perusing the code that was then used for TCP-IP under Twenex (all that code was subsequently replaced). I had seen astonishing packet delays when Twenex was used as a gateway. In one case, a packet was delayed for about 5 minutes. I only detected it because I had forgotten to turn off "etherwatch" while I got ready to leave the office. As I walked over to logout of the Alto, the final packet of 10 arrived magically. My recollection is that the software had a kernel task with an input queue that processed each packet by doing some simple processing and enqueing it to the next task. The assembly code was in the form of: more_packets: process first packet *goto more_packets deschedule task The assembly line with the * was inadvertantly omitted, so only one input packet was being processed for every time the task was scheduled. Thus in the rare case that two packets were both in the queue, the second would be delayed until the next packet that arrived at the interface, which could be arbitrarily later. I don't recall why the software didn't eventually end up with all the packets in that queue -- but it was pretty buggy software, so maybe something like that did happen eventually. Relationship to phone hacking... What if the "call parking" feature is just a special case of the way calls are always made, such that a queue exists that causes a call to be placed when the line is free. All calls are put into the queue, and a flag on the subscriber line or queue entry indicates whether to flush the attempt if the user doesn't wish to park the call. In this case, a subtle modification of the system code or even a hand-patched queue entry could sit in the queue for an arbitrary amount of time. Similarly, a daemon could queue calls randomly. Just speculation. - geof ------------------------------ Date: Fri, 27 Apr 90 07:50:48 edt From: Gary_Cattarin@DG_SUPPORT.MCEO.DG.COM Subject: Re: You think YOU have problems with your telephone company? CEO summary: Owing to the vaguaries of the mail system, I never saw the Tale of Kissimmee, though I bet I'll get it in a month or two... The reactionary tales of 9.84 certainly rang a few bells, to coin a pun. Back in my undergrad days, my university (RPI) also decided to go winto the phone business. They bought an Intecom switch (I think) and were promptly christened "Tute Bell" after the school's nickname. This switch had a unique feature. You couldn't forward your phone to your own phone DIRECTLY, such as "forward to 5555", but you could do so via an outside line, such as "forward to 9-266-5555. You could then call yourself via an outside line, and the system would promptly forward your call back out from the switch to the phone company who'd send it back, where, guess what...it would happen again. Each out-and-back loop used two trunk lines, and this would go on indefinitely. Each time the call came back through your phone, the phone would emit a short ring, telling you that two more lines were tied up. Although we never did it (honest!) we figured it would be quite easy to cripple the institute by tying up all the lines, or at least crash the switch. All this from one phone! ------------------------------ Date: Fri, 27 Apr 90 15:42:36 -0400 From: Jozsef A Toth Subject: RE: You think YOU have problems with your telephone company? I had a similar problem a couple of years ago. My long distance carrier was (and still is) US Sprint (lowest prices around!) At any rate, I was in the midst of moving, but still wanted a US Sprint calling card. US Sprint would not grant me a card without a home telephone number, so I used my sister's phone number/address until I settled into a new place (which would have a phone), the delta time between old place and new place was 45 days. Once I settled into the new place, I was set up with US Sprint "Dial 1" service and an accompanying Calling Card. Therefore, I stopped using the card assoc- iated with my sister's address/phone and commenced using the new one. Six months later, I moved a second time to a new address, and you guessed it, a new phone. I signed up for US Sprint "Dial 1" service and an accompanying Calling Card. Again, I stopped using the card associated with the previous number. At this point, I had three US Sprint calling card accounts but I was only using the most recent one. US Sprint customer service assured me that my "accounts had been consolidated" and that all my calls would appear on one bill, associated with my current address/phone number. Just for grins, I think (I'm not sure if this was exhaustive) I tried the two old calling card access codes, and I was rejected. This was late '86, early '87 and all took place in the 412 area code, the greater Pittsburgh area. Please be patient, I'm setting the stage as ac- curately as I can. In june/july of '87, my sister moved to San Fran w/ her husband. Their long distance carrier was AT&T or MCI (can't remember.) Remember when I originally signed up with her phone for a US Sprint Card? I only used her address/phone as a security blanket for the US Sprint billing people, she still had another Long Distance carrier and I specified the billing address, which can be different from the reference phone/address. After my sister moved, I started to receive calls to Fort Lauderdale FL on my monthly US Sprint bill. To boot, some of them were person-to-person collect to my Sister's old number. SO I called the number that used to be my sister's and spoke with the new owner of that number. They were making/ receiving collect calls from Fort Lauderdale, FL. and they were being billed for them, and at the same time, SO WAS I! Next came the endless calls with Customer Service, Xerox copies of my phone bills mailed to account managers, their boss and their boss' boss, etc. Around this time, I had read that US Sprint was in a lot of red ink because of their antiquated billing software (US SPrint was purchased from someone else, can't remember the name). All the people I talked to at US Sprint insisted that there was nothing wrong, even after I described in detail what was happening! The same call appearing on two separate bills. I simply refused to pay the bills. Now here comes the best part. After they finally straightened out the problem, I had held back on $114 and some change for those calls and it was appearing as $114 Credit on my bill! After I was assured that everything was OK, the next bill came around and I was still being billed for calls from my sister's old number. By now it was Aug-Sep '87. Finally, as a software engineer, I realized how this problem could be fixed. I cancelled any affiliation I had with US Sprint (by now, several accounts, three calling cards etc. (also, the older calling cards were still active, I think)) and waited until I received that final check for $114 and some change. At this point, I felt comfortable enough that all the software including, rates, billing, accounts payable and accounts receivable was reset. And I started a new account. By then it was Nov-Dec '87. Haven't had any problems since! I think since then US Sprint punted the old accounting system and has been through two revs of a new one. joe.toth ------------------------------ Date: Fri, 27 Apr 90 16:25:17 -0400 From: warrenl@uunet.uu.net (Warren Levy) Subject: You think YOU have problems with your telephone company? In the fall/winter of 1983-84 my wife, Roma, and I were living in Family Student Housing on the campus of the University of California, Santa Cruz. On 3 separate occassions in a period of approx. 3 months, the telephone in our apartment (serviced by what was then known as "Pacific Telephone", now "Pacific Bell") was dead. Each time the Pac Tel serviceman came out, he checked the wires and eventually got the phone working again. A few weeks after the third event, a new person moved into our apartment complex a few apartments away. One Sunday, my father-in-law called and at almost the same time I answered and this new neighbor answered (the phone in her apartment rang). I asked her name (Marcy) and found out she lived in the same complex. I then called Pac Tel and another serviceman came out to fix the problem; he checked and changed the wiring. When the bill came, I found several calls listed that we had not made. I contacted Pac Tel Billing who backtraced the phone numbers to the actual locations. I was then asked if I knew these people or businesses called (one was a "Lyon's Restaurant" which I had never heard of at the time). Since the billing rep believed me (I related the whole story), she removed the calls from my bill (I believe it was less than 5). I may still have that bill buried deep in my files. I had no problems after that. I hope this helps. Warren Levy, The Santa Cruz Operation, Inc., 425 Encinal Street, Santa Cruz, CA 95061 +1 (408) 425-7222 ------------------------------ Date: Fri, 27 Apr 90 4:09:32 EDT From: brad@looking.on.ca (Brad Templeton) Subject: Blaming it on the computer? The stories of crossed lines remind me of the oldest RISK of all -- blaming things on the computer that humans do. Almost 20 years ago, when I was younger and less responsible, a "friend" had two phone lines. He hooked up a circuit to conference them and play the whole thing through a loudspeaker with no mic on the line -- not hard to do. Then he would go and call two parties and connect them, to listen to the fun. Much more creative than plain prank calling. When random parties got boring, he tried connecting the only two people in the book with an unusual name, hoping they would be related. Sometimes they were, but the most amusing exchange went on for several minutes between two unrelated Mr. Vandenbroeks. Several times, they would say: "Who is calling?" "Mr. Vandenbroek." "Yes?" Unaware that they had the same name. On to the RISK... In all these cases, the parties connected attributed the double call to crossed wires -- as though it happened all the time. Prior to this digest I had not heard of actual switch defects ringing two people and connecting them for no reason. And not two relatives, or employee and boss. Nobody thought to attribute it to malicious youngsters. Today, every yuppie kid has a house with a two line phone with a conference button. No knowledge of circuits required. If my immature "friend" did it then, it must be a regular event today. Yet we jump to blaming the equipment. Brad Templeton, ClariNet Communications Corp. -- Waterloo, Ontario 519/884-7473 ------------------------------ Date: Thu, 26 Apr 90 15:19:20 EDT From: Charles Youman (youman@mdf.mitre.org) Subject: Re: Risky McDonald's comrade...[RISKS 9:83] David Gursky may understand queues, but I think he misunderstands their application in the USSR. To make a typical purchase you have to wait in three queues: the first to select your merchandise, the second to pay for it, and the third to pick up your purchase. By no stretch of the imagination should it be considered efficient. The only shortage of Qs in the USSR is in the Cryllic alphabet. ------------------------------ End of RISKS-FORUM Digest 9.87 ************************