The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 10 Issue 20

Tuesday 14 August 1990

Contents

o NYC Parking Violations Computer called "Rogue"
Dave Davis
o Computer noise linked to stress -- computers vs. women
Allan Meers
o Response to Computers as Counterfeiters
Sanford Sherizen
o Re: 90% of research experiments fail, Risks of Statistics
Jeremy Grodberg
o Freedom to write programs
Richard M. Stallman
o Re: Risks of de facto standards
Bernie Cosell
o Risks of inflation
Mark Brader
o Firing (of[f]) the Fire-Control
anonymous
o US Department Of Education --Student Loan Nightmares
Steven Blair
o Error blamed on human (!)
Geoff Kuenning
o Re: Computer voice recognition monitor for gang members
smv
o Virus: cautionary tale
Paul A J
o Info on RISKS (comp.risks)

NYC Parking Violations Computer called "Rogue"

Dave Davis <davis@mwunix.mitre.org>
Tue, 14 Aug 90 10:12:14 EDT
The 14 Aug. New York Times reports that a "Rogue Computer" is billing New
Yorkers $19 million a year for parking violations they have not committed.

City Councilman Andy Stein insists that the city must hire an independent
auditor before a consulting company's contract for $11m is renewed.

A spokesperson for the Bureau call Mr. Stein's statements "hyperbolic", adding
that the bureau only makes $4m in errors, not $19m.

The system processes about 12m summonses a year, resulting in an average of
42,000 complaints against the city.  The bureau officials feel that a resulting
percentage of .003 is quite good.

Previously, the system had been operating at 82,000 errors annually.

Monday, many of those who have been unfairly ticked held a news conference.

A Mr. Hernandez, who began receiving tickets prior to being of legal driving
age, has never held a license and never owened a car, (he also claims not to
know how to drive) received $4,152 in parking tickets and has had is wages
attached.  Another example is a individual who had his license plates stolen,
reported it promptly, and still receives summonses.  The bureau advises him to
track down the car that bears his plates as the only solution.

In summary, we have another example of computerized bureaucracy more than a
little out of control.


Computer noise linked to stress -- computers vs. women

Allan "Just say NO to postcard requests!" Meers <allans@ebay.sun.com>
Mon, 13 Aug 90 21:20:17 PDT
Dr. Caroline Dow and Dr. Douglas Covert, assistant professors of
communication at the University of Evansville Indiana, believe they
have linked noise made by video display terminals with stress symptoms
in women, who hear high-frequency sounds better than men.

The AP article, reported in the Aug 12, 1990 San Jose Mercury News (all the
news we twist to fit*), reports that the couple first became interested when Dow
noticed the subconciously irritating effect that a university computer she was
using had on her.

Tests on 41 students in April 1987 showed that the subjects exhibited the
stress symptoms of speeded up work and a doubling of their error rate when
doing clerical work in a room where the high-pitched sound was created.  Dow
said, "We can all work through that sound, but it is tiring and distracting."
They hope their research will be expanded on by others, possibly linking the
noise with headaches, tension, miscarriages, and other health problems.

Men are rarely bothered by the 16 kilohertz pure-tone sound, as they generally
cannot hear frequencies above 15kHz, while women can hear up to around 18
kilohertz, Dow also said.  Dow and Covert were to present their findings at the
Minneapolis national convention for Education in Journalism and Mass
Communications.

   [Also noted by Andrew E. Birner, Zenith.
   NOTE * I thought it was "All the news that fits we print."  PGN]


Response to Computers as Counterfeiters

Sanford Sherizen <0003965782@mcimail.com>
Sat, 11 Aug 90 11:54 EST
Will Martin asked about the Riegle bill that would make it a crime to possess
any device that the Treasury Department concludes would facilitate
counterfeiting.  I don't know anything specifically about that bill but will
pass on info concerning the larger issue. (Those who want the bill can contact
Sen. Riegle's office or contact the U.S. Capitol switchboard ((202-224-3121))
and ask how to get a copy.)

Several years ago, the Treasury Dept. became aware that color copiers had
reached a level of reproduction clarity that the technology could be used for
counterfeiting.  A study was done by Battelle on the issue and supposedly a
recommendation was made that there be changes in U.S. currency design to prevent
counterfeiting of this sort.  I understand that the change was to include
certain metallic-like threads that would be incorporated into the paper used for
printing currency.  The threads would prevent true copies from being made or,
depending upon how they were used, to make it easier to spot counterfeit money
since they would not look the same as the true currency when eyeballed by a
bank.  So far, I have not heard of the new bills being distributed or whether
old currency will have to be traded in.

My guess is that the Riegle bill is not in response to that issue but more due
to an article that was in Forbes Magazine last year.  The article described how
desktop publishing could easily be used to create false financial documents,
including checks, certificates, and other documents, such as school transcripts,
that could be used for financial gain.  DTP fraud worries bankers, who already
have come across several cases.

My guess is that the bill does not *outlaw* printers, computers, or other
devices but may be an attempt to beef up the counterfeiting laws on the books
and force the Treasury to determine ways to protect easily copied financial
instruments. After all, Riegle is chairman of the Senate Banking Committee,
where they sure know about illegal creation of funds (the Keating Five) and
restricting flows of money (the Savings and Loan crisis).

Hope this stops rumors that the Feds are trying to outlaw computers.

Sandy Sherizen


Re: 90% of research experiments fail, Risks of Statistics

Jeremy Grodberg <jgro@apldbio.com>
12 Aug 90 01:56:12 GMT
Several people have asked for references to the Scientific American article
which I mentioned in RISKS 10.18.  The article is "Test Negative: A look at the
'evidence' justifying illicit-drug tests" by John Horgan in _Scientific
American_ Vol. 262, No 3., pages 18 & 22; March 1990.  The author examines the
broader question of making unjustified conclusions from research findings, in
the context of illicit-drug use, and concludes that on-the-job illicit-drug
testing does not have any scientific justification.

Also, it was pointed out that the legend has it that Edison discovered the
carbon filament, not the tungsten filament.  I apologize for the error.

Jeremy Grodberg


Freedom to write programs

<rms@ai.mit.edu>
Sun, 12 Aug 90 12:45:08 EDT
Programmers are now coming to grips with the fact that they are no longer free
to write and distribute programs in the United States.  Both user interface
copyrights and software patents create monopolies on large classes of computer
programs, thus restricting the programs that most of us are allowed to develop.

For example, Unisys claims a patent covers compress, which may soon be a
required part of a national standard (POSIX user portability extensions).
Companies delivering the supposedly free X Windows server are being threatened
with lawsuits by two different companies.

The League for Programming Freedom is an organization dedicated to bringing
back this freedom.  The members include professors, students, entrepreneurs,
and many programmers.  Prominent members include Marvin Minsky, John McCarthy,
Robert S. Boyer (known for fast string search), and Guy L. Steele, Jr.

The League advocates the abolition of copyright on interfaces and of software
patents.  It does not oppose copyright as it was understood until a few years
ago--copyright on individual programs.

For more information on the patent threats mentioned above, on the League
position, and on the arguments behind it, write to league@prep.ai.mit.edu and
ask for the position papers.


Re: Risks of de facto standards

<cosell@BBN.COM>
Sun, 12 Aug 90 13:21:35 EDT
}Since "compress" is the de facto standard method for moving big files across
}the net cheaply ...
} They will
}either find a new data compression algorithm or send around uncompressed files
}(as soon as they can find the disk space to store the uncompressed tar files!)

Of course, sending around uncompressed files is unbelievably idiotic.  That
WOULD be consistent with the general FSF philosphy, which is to apparently
avoid innovation at all costs and restrict their activities to implementing
other people's ideas.

Plain and simple, there are zillions of compression schemes about.  'compress'
is hardly the best of them, although it is quite good.  Its major advantage and
popularity is more accidental than that it depends on any real technical
necessity [a questionably-public-domain implementation 'made the rounds', and
it *IS* better than the adaptive Huffman coding compression, which is what was
previously being used.  And so it kind of 'snuck in'.  Few people using
compress have any intellectual or technical investment in it: in fact, few have
any clue what the algorithm even IS: if it were changed to something else
tomorrow almost no one would know or care.

  /Bernie\


Risks of inflation

Mark Brader <msb@sq.com>
12 Aug 90 14:56:22 EDT (Sun)
While on a recent visit to Scandinavia, I encountered "Ex, the
magazine for Nordic airport passengers".  Despite my citizenship not
being Nordic :-), I read the July/August issue.

An item titled "Costly Debt" reports the sad case of Bjarne Arnhaug,
of Vestfossen, Norway.  It seems that he bought a lightning rod
which for some reason was priced at 3040.62 kr., say about $500 US.
But Norway has eliminated its smallest coins, so that the closest you
can get to making up that amount in cash is 3040.60.  And when he charged
the purchase, that was the amount the bank's computer billed him for.

Presumably it was the store's computer that, after 6 months, turned over
the remaining debt of 0.02 kr. to a collection agency, which then billed
Arnhaug for that amount plus 45.00 kr. in fees and interest!

Arnhaug's comment: "I find this a curiosity but I wonder if the debt
collector has any control system when such things are allowed to happen.
Computers are normally a good thing, but they must be used with common
sense. ... Maybe I have a [0.02 kr.] coin hidden somewhere to give them
if they are really so poor.  But I am not going to pay the extra bill."

Mark Brader, SoftQuad Inc., Toronto                         utzoo!sq!msb


Firing (of[f]) the Fire-Control

"Peter G. Neumann" <neumann@csl.sri.com>
Mon, 13 Aug 1990 11:41:00 PDT
I received an anonymous letter today describing a bank problem that seems
worthy of mention.  However, since the anonymous contributor did not want
his/her name mentioned, I shall not mention the identity of the bank either.

  "At the beginning of August, 1990, the physical plant/maintenance department
decided to test the fire-control system in the computer room.  The part of the
system that shuts off all computer power was supposed to be disconnected first.
Computer operations supervision was notified first, and approved of the test.
So *at the approved time* (which was *during the day*, and *in the middle of
month-end processing*), the system was tested and all computer power was lost!
  "The computer was down for about a day while the staff worked to restart it.
[The bank] missed the deadline for the Federal Reserve's month-end
requirements.  All teller machines shut down, and all bank branches, too (and
probably had to pay the resulting penalty/fine...).
  "I'll bet they test their automatic fire control/computer shutoff system
differently next time."  [End of anonymous contribution]


US Department Of Education --Student Loan Nightmares !!!

Steven Blair <sblair@synoptics.com>
Mon, 13 Aug 90 13:23:13 -0700
Upon opening our Saturday, August 11th USmail, we were greeted by "one of
those" government looking letters from the US Department Of Education.
Nervously, we dropped all other USmail, and tore it open.

When we opened it, we were greeted with a intimidating letter that we owed
~$700.00 on my wife's Guaranteed Student Loan. I remarked that I'd paid the
loan off-in full in 1989 (May 31st, to be exact), and that I'd call them on
Monday.

Well, I just got off of the phone with them. There's a massive problem caused
by malfunctioning "new computer & new software" said the person on the other
end of the phone. "let me transfer you to another extension".  At that
extension, a very harried man answered, I gave my story, wife's SSN, etc., and
he said "your wife's account is paid in full -- you've got the "Computer
Problem" also. He explained that there was a massive problem. Then, he
explained that I'd be transferred to abother extension, where I could explain
it to a person, who could post "Account Paid".

OK, I've now been forwarded to the next person. This person sounds worn out,
like serious burnout from his job is happening. Once again I explain, give him
my wife's SSN, he checks, and says "Yep, you're wife got it too"!!.  I thought
I'd try to find out more from this person(who had phones ringing in the
background). Iasked him what the problem was, he explained "About 2 weeks ago,
a new system was brought online". "The new system seems to have forgotten about
300,000 ++ paid debts". "So that machine a couple of days ago started sending
out delinquent notices to all these folks". He went on to explain that the new
system had been "disabled", thus rendering it unable to generate any more
inaccurate bills!!!

I've got to wonder how many folks, upon seeing this notice from the govt,
blindly went and paid the bill anyway thinking that they were still not paid
off on their loans.

Thank God, I got through. They're reposting that my wife's account is paid
off ...

Steven C. Blair, Network Operations Center, SynOptics Communications Inc.,
Mountain View, California


Error blamed on human (!)

Geoff Kuenning <geoff@desint.UUCP>
Tue, 14 Aug 90 01:10:36 GMT-0700
I recently received a postcard with the following text:

"Due to a human error at our computer service your renewal to VeloNews was
started with the wrong issue date."

The postcard goes on to apologize and to explain how they will compensate
for their error.  Nice to see someone who doesn't blame the machines!

    Geoff Kuenning  geoff@ITcorp.com    uunet!desint!geoff


Re: Computer voice recognition monitor for gang members

<smv@apollo.com>
Mon, 13 Aug 90 21:40:44 EDT
How long do you suppose it will take these probationers to forward their
calls to cellular phones during "red alerts".

   [Also noted by bae@auspex.UUCP (Brian Ehrmantraut) and
    scott@sage.uchicago.edu (Scott Deerwester)]


Virus: cautionary tale

paj <paj@gec-mrc.co.uk>
14 Aug 1990 09:38:17-BST
The following happened to a relative of mine who obtained a computer
for his kids.  Names have been omitted to protect the guilty:

The new computer worked, but not well: it failed to boot off one of the system
disks.  There followed a trip back to the store.  Other computers in the store
showed the same failure.  The manufacturer was telephoned and abused.  In
desperation a virus check was run.  It revealed an infection.

It transpired that before allowing a computer to leave the store, the salesman
checked that the system worked and that the disks could be read.  What he did
not realise was that a virus had infected the store demonstration computer's
hard disk (from a pirate game played by a staff member probably).  This
(somehow) meant that ALL computers leaving the store carried the virus.

Its a pity, really: having conscientious quality control defeated in such a way.

Paul.

Please report problems with the web pages to the maintainer

Top