The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 1 Issue 19

Monday, 7 Oct 1985


oEmanations and interference in the civil sector
Peter Neumann
Jerry Saltzer
o Administrivia -- Escaped Mail and Delays
Mark S. Day
o Computer databases
Andy Mondore
o Re: Friendly test teams
John Mashey
o Re: CRTs again, solution to one eye-problem
Brint Cooper

Emanations and interference in the civil sector

Peter G. Neumann <Neumann@SRI-CSLA.ARPA>
Sun 6 Oct 85 15:16:38-PDT

I have had several queries about risks in the civil sector concerning
electronic emanations from and electronic interference upon computer systems
and networks -- and of course also about what can be done to protect oneself
or one's company.  For example, Martin Lee Schoffstall 

Emanations and interference in the civil sector

Saltzer@MIT-MULTICS.ARPA <Jerry Saltzer>
Fri, 4 Oct 85 18:02 EDT
To:  Neumann@SRI-CSL [in response to a query]

Concern for Electromagnetic Compatibility is indeed beginning to become an
important design consideration in consumer products.  These days, TV sets
are beginning to clean up their act, but the average FM tuner just can't
cope with being in a substantial RF field.  As consumers start to collect a
walkman, TV, cable converter, FM tuner, stereo amplifier, VCR, CD player,
cordless phone, remote control light switches, microwave oven, and
garage-door opener under one roof, more and more people are becoming aware
of the problems, and discovering that some manufacturers didn't put the
right effort in.

Administrivia -- Escaped Mail and Delays

Thu 3 Oct 85 20:07:38-EDT
[ Excerpted-From: Soft-Eng Digest    Sat,  5 Nov 85    Volume 1 : Issue  34 ]

XX was a victim of Hurricane Gloria; it had multiple head crashes when it
was restarted after the storm.  The heroic efforts of the staff here brought
the machine back to life after a marathon of restoring files, which
unfortunately left the alias for this list in a strange state.  Instead of
going into my mailbox, everything sent to "Soft-Eng" was immediately
redistributed.  Fortunately, only one message got out between the time XX
came up and the time I noticed the problem.  Anyway, sorry for the
difficulties.  No doubt this will now appear in the RISKS mailing list as an
example of an unreliable computer system...  

   [SURE.  WHY NOT??!! Recovery and reinitialization are a vital part of
    keeping a system running properly.  How many times have you put in a
    patch or fix only to find that it somehow disappeared, e.g., not 
    surviving a crash or not getting propagated back into the source code?  
    But in this case you got left in an unsafe state!  PGN]

Computer databases

Sat, 28 Sep 85 16:20:46 EDT
One topic I have not seen discussed here is that of computer databases.  I
am Systems Coordinator for the Registrar's Office here so I am in charge of
a fairly large database containing (obviously) student grade and course
information as well as addresses, demographic information, etc.  I'd like to
see a discussion of the risks of having incorrect information in a database,
information being seen or accessed by the unauthorized individuals, etc.

    [Ah, yes.  This is a wonderful topic.  The state of the art of database
     management systems that can handle sophisticated privacy/compromise and
     data integrity problems is rather abysmal.  However, the risks of
     people gleaning information by drawing inferences from a database are
     considerable.  For starters, see Dorothy Denning's book, Cryptography
     and Data Security, Addison Wesley, 1982.  As to risks, Software
     Engineering Notes has had a bunch of stories on the effects of misuse
     or mininterpretation of police data.  The Air New Zealand catastrophe
     was an example of what can happen if a change is not propagated
     properly.  As always, contributions are welcome.  PGN]

Re: Friendly test teams

John Mashey <mips!mash@glacier >
Sat, 28 Sep 85 22:31:18 pdt
It might be good to ask for pointers to published data on bug histories,
effort levels, robustness in large hardware/software systems.  I suspect
these may be hard to find for SDI-like systems; I couldn't dig up any old
Safeguard info.  Although not in the same class of difficulty, ATT's new #5
ESS switch is fairly complex (300+ engineers).  A good reference is:  H.A.
Bauer, L.M. Croxall, E.A. Davis, "System Test, First-Office Application, and
Early Field Experience", ATT Technical Journal, vol 64, No 6, Part 2
(Jul-Aug 1985), 1503-1522.

Re: CRTs again, solution to one eye-problem

Brint Cooper <abc@BRL.ARPA>
Sun, 6 Oct 85 12:59:18 EDT
     [We started out keeping one eye on this problem, but it does not
      want to stay out of sight.  Will this be the last message?  PGN]

A cheaper but similar solution was suggested by my opthalmalogist when I
attained that stage of life wherein my arms are too short.

Since I needed a small, positive correction (about +1.0) in each eye, I
purchased, at his suggestion, "reading glasses" from the local pharmacy for
about $12.00.  Since then, my eyes have worsened a little and I need about
+1.25 to +1.5 diopters for reading.  But this is too strong for the terminal
(an AT&T 5620 with rather small font), so I retained the old +1.0 diopter
lenses for the terminal at work.  At $12.00 each, I can afford to have a
pair at the office, a pair at home, and a pair to carry.

Note:  This won't work if one has astigmatism or if one needs widely
different corrections in each eye.  But ask your doc.  You can buy a lot of
OTC glasses for $200.

Oh yes, it is a small nuisance to switch glasses from terminal lenses to
reading lenses, but one learns quickly to minimize the hassle.


Please report problems with the web pages to the maintainer