The RISKS Digest
Volume 1 Issue 40

Friday, 17th January 1986

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…

Contents

Big Brother
Jim Ziobro
Keith Lynch
Multiple redundancy
Henry Spencer
COMPASS 86: System Integrity: Process Security and Safety
Al Friend

Big Brother (Chaum's articel, CACM vol 28, #10, 1030-1044)

Jim Ziobro <rocksvax!z@rochester.arpa >
Fri, 17 Jan 86 13:39:48 est
I believe the point of Chaum's article was to show how computer technology
might prevent invasions of privacy by unauthorized parties.  He did not give
specific algorithms.  The challenge is now to develop secure algorithms and
to get public acceptance.  All in all I thought it was a very good article.

As PGN points out, a completely secure algorithm is impossible.  But
all we really need do is get one that is better than our current coupon
system.  How secure is our coupon system (Dollars and coins)?  Well at least
one person in Xerox can make money (given the proper paper) that will fool
most of the population.  A friend in printing says that passable money is
quite easy to do but this particular individual had better things to do with
his time.

The privacy of currency is hard to beat.  But already many people prefer
credit cards to the vulnerability of cash.  In that case they trade off
security for allowing nearly anyone at their bank to see where they shop
and how much they spend.  People are also willing to spend the $20/year
for the credentials/security that credit cards offer.

I think public acceptance increases by one everytime someone receives a
false transaction on their credit card or even when their Social Security
check is stolen in the mail.  At that rate Chaum's vision of the future
may be with us before 2000.

//Z\\
James M. Ziobro
Ziobro.Henr@Xerox.ARPA
{rochester,amd,sunybcs,ihnp4}!rocksvax!z


Big Brother

"Keith F. Lynch" <KFL@MC.LCS.MIT.EDU>
Mon, 13 Jan 86 21:33:27 EST
To: mcgrath@OZ.AI.MIT.EDU
cc: KFL@MC.LCS.MIT.EDU, <RISKS@SRI-CSL.ARPA

    Date: Wed 8 Jan 86 19:53:41-PST
    From: Jim McGrath <J.JPM@Epic>

    ... David Chaum ... asserts that it
    would be in the interests of both individuals and organizations to adopt a
    system whereby transactions would be essentially unforgeable and
    untraceable.

  I agree that this would be great.  I doubt that it will happen.  The
character of people in government today is very different from 200
years ago.  It is obvious that the signers of the constitution would
have extended their protections of papers and places to computer files
and disks, had they heard of such things.  Confiscation of CBBS
computers is just as wrong as confiscation of printing presses.
'Fairness' rules concerning radio and TV are just as unreasonable as
similar rules concerning newspapers and magazines would be.  The only
reason why the printed media get preferred treatment is that they were
explicitly mentioned in the constitution.  Had radio, TV, electronic
funds transfer systems, and telephones been around in the days of
Jefferson and Washington, I am sure that they would enjoy similar
constitutional protection.
  There are many good reasons why it is in the government's interest
to be able to track each individual's finances, phone usage,
electronic mail usage, etc.  Mainly to fight crime, especially the new
bugaboo of terrorism.  But this same reasoning could have been used by
the writers of the constitution, but it wasn't.  It was believed that
the benefits of having a free society outweighed the problems of some
people abusing these freedoms.  Two hundred years later, comparing our
country with countries that made the opposite decision, I think we did
the right thing.
  I believe that this is probably the greatest risk of computers.
That by phasing out the media that are mentioned in the constitution,
that we are also phasing out the protections long enjoyed by their
users.
                                ...Keith


Re: Multiple redundancy

<ihnp4!utzoo!henry@ucbvax.berkeley.edu>
Mon, 13 Jan 86 19:49:18 PST
A correction and an addendum to my earlier contribution about multiple
redundancy...

Correction:  It was not the "De Havilland Victor" but the "Handley Page
Victor".  Blush.  That's like calling Boeing "McDonnell Douglas".

Addendum:  The full reference is  Bill Gunston, "Bombers of the West",
Ian Allan, London 1973, page 92.

                Henry Spencer @ U of Toronto Zoology
                {allegra,ihnp4,linus,decvax}!utzoo!henry


COMPASS 86 Call for Papers

Al Friend <friend@nrl-csr >
Tue, 14 Jan 86 10:19:26 est
                             COMPUTER ASSURANCE
                System Integrity: Process Security and Safety

                             *******************
                             * CALL FOR PAPERS *
                             *******************

  Important Dates                              Date & Location
  ---------------                              ---------------
  March 31, 1986                               July 7 - 11, 1986
    3 Copies of Abstract Submitted             The George Washington University

  April 30, 1986                               Washington, D.C.
    Authors Notified of Acceptance             Accomodations available in Dorms

  May 30, 1986
    Camera Ready Manuscripts Due

                 Keynote Address by:  David Lorge Parnas

                 Sponsored by:        WASHINGTON SECTION IEEE
                 Conference Name:     COMPASS 86 (COMPuter ASSurance)


Our safety, health and welfare as individuals and as a nation are increasingly
dependent on the correct use of computers.  However it is usual to find major
"bugs" and untrustworthy operation in critical computer controlled systems,
despite advances in software engineering and computer system design.  New
approaches are needed.  The purpose of this conference is to discuss these
needs, and to encourage the presentation of possible new approaches.  Abstracts
presenting innovative new ideas are encouraged, even if the ideas have not been
fully developed.  Our goal is not to sell old ideas but to encourage new ones.
Abstracts of 5 to 10 pages are encouraged.

<=============================================================================>

                                                 XXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Subject Areas Include (but are not limited to): X For information contact:    X
----------------------------------------------- X Albert W. Friend, Prog. ChmnX
                                                X COMPASS, P.O. Box 3815      X
* Specifications                                X   Gaithersburg, MD 20878    X
* Processes                                     X    friend@nrl-csr           X
* Assessment and Measurement                    X                             X
* Formal methods and tests                      X   NAME_____________________ X
* Human limitations                             X   Affiliation______________ X
* Implementations                               X   Address__________________ X
* Kernels                                       X   City, State, Zip_________ X
                                                X     _______________________ X
All submissions reviewed by program committee    XXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Please report problems with the web pages to the maintainer

x
Top