Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
[Starkly excerpted by PGN from selections from SKlein]
There is much more to the article excerpted below, which appeared in Washington
CityPaper, a weekly muckraking free newspaper distributed in and around the
Washington, DC area. The article was written by Greg Kitsock, August 10th
issue (Volume 10, No 32?). Washington City Paper at 724 9th Street NW, 5th
floor, Washington, DC 20001. Phone (202) 628-6528. They can also be reached
at MCI Mail 384-9327.
Bent Out of Shape:
Four years and millions of dollars after Challenger, NASA thinks it's got the
shuttle's glitches all straightened out. But engineer Ali AbuTaha insists
there are a fatal few that NASA missed.
Ali AbuTaha, an engineer with 20-years of aerospace experience traces the
Challenger disaster--and future disasters if his warnings aren't heeded--to a
radical change in launch procedures that was mandated by NASA officials just
prior to the shuttle's maiden voyage in 1981. That change in launch
procedures, says AbuTaha, has subjected every mission to liftoff forces far
exceeding the hardware's safety margins.
[There is a fascinating bit about the torque while revving to full throttle
before takeoff, because of the asymmetry with respect to the boosters,
producing a motion known as `twang', and AbuTaha's analysis of the
situation.]
"The Rogers Commission was not oblivious to shuttle "twang." But it
rejected the idea that twang had anything to do with the Challenger disaster.
Page 54 of the first volume of the commission's report states, 'The resultant
total bending moment experienced by [the Challenger] was 291 x 10^6
inch-pounds, which is within the design's allowable limit of 347 x 10^6
inch-pounds.' However, on Page 1,351 of Volume 5 of the report, the commission
cites the same figure, written as '291,000,000,' as the bending moment for the
_right_ solid booster only. The effect on the entire assembly, argues AbuTaha,
should be the combined bending moments of both boosters. Multiply by two, and
you arrive at the maximum force that AbuTaha calculated.
"This figure is 70 percent greater than the design's allowable limit,
as cited in the Rogers report. And every shuttle mission up to the
Challenger explosion (and possibly afterward) has experienced this force.
'This is the kind of error that catches up with you,' warns AbuTaha.
"Not only does this miscalculation explain the shuttle disaster that
killed seven astronauts and set our space program back nearly three years, as
AbuTaha suggests, it also reveals the source of the mysterious malfunctions
that have plagued the shuttle program since its first launch in 1981, from
tiles knocked off and booster segments warped to satellites that inexplicably
failed to work."
I was amused by the article about the store which inadvertently virussed
the disks of every computer it sold in "checking" them to make sure they
wold work. I have the following similar story:
At Harvard, there is a large room full of computers (mostly macintosh) in the
basement of the Science Center for students to use to write papers, etc.
Because a lot of software is available "for loan" from a software library in an
adjoining room, this setup is obviously very vulnerable to viruses.
It seems that "those in the know," in order to combat this problem, have set up
one computer running some disinfectant-type program or other constantly; it is
the "disinfecting station" and there are signs posted to tell students and
other users to make sure to disinfect all their disks on a regular basis.
The RISK is clear: although their anti-virus program is very effective, sooner
or later, a virus will be invented which will elude its defenses. And then all
these students will be swapping their disks in and out to make sure they won't
get any viruses ...
== pj karafiol
A couple people here at Sun have gotten phones calls from "MST" in Kansas City, offering free magazines "because of our good subscription records". Mine came to my office phone, while others have gotten them at home. They will give you 4 magazines free, for 60 months at no charge. "No charge? Absolutely free???" says us. "Well, there's a minor processing fee of $2.30 a week." Which comes out to $120.00 per year for 4 magazines. click After hearing from others how the magazines were pretty much tailored to their interests (computers, sports, whatever), it seems that they probably are simply using a computerized mailing list to generate calls to subscribers about other publications in the same category as their hobbies and interests. Nothing special about that - their only hope is that people fall for the $2.30 a week ploy. Well, you could generate a fairly accurate list of interests from Usenet, if you could compile stats of what newsgroups people read regularly. Scanning someone's .newsrc file (or whatever is appropriate for their reader), could be done under program control (sort of a Nielson service), looking for groups in which the user has marked articles to be read or whatever. The news lists "arbitron" program does something like this, but does so anonymously and with no commercial intent. Rumors periodically circulate that someones manager is suspected of snooping by checking out what newsgroups his charges are reading this way. So what kind of magazine offer will I get if I read alt.flame?
Someone recently expressed the opinion that the uncertainty over the validity of the compress patent means there is no reason to be alarmed today. I think this conclusion is inadvisable. The validity of any patent is uncertain until there is a lawsuit. That does not mean it is wise to ignore this problem until a suit is decided. The problem with compress is a little like that of global warming: by the time you can be sure the problem is real, it is too late to solve it easily. The more the use of compress spreads, the harder it will be to stop using it, if and when Unisys threatens to sue you. The prudent thing to do is to stop now when it is easier to do. This patent is important for another reason as well: it shows us the kind of trouble patents are likely to cause. If you are lucky this time, and either Unisys never sues you or they lose a suit, that doesn't mean you will be lucky with the next patent. Thus, the compress patent should serve as a warning about the danger of software patents. If you would like to challenge Unisys in court and try to defeat the patent, by all means do so. But this can solve only a small part of the problem of patents. Fighting one patent at a time is prohibitively expensive and you can't expect to win each time. The only way to solve the whole problem is to make software exempt from patents.
If the algorithm on compress were changed tomorrow, every person who ever
used the old one would be unable to recover the data from the compressed form.
I think that's a far cry from "almost no one would know or care."
More improtant, the performance of compress (bytes/cpu-sec) is very good
compared to the other available programs. I ran a test on this (for other
reasons), and found that compress is a factor of four faster (CPU) than any of
the other compressors. It is not by any stretch the best in terms of
compression, but an increase that large in time to compress news batches would
make news impractical on many machines.
Here's a subset of the test results, for a typical news batch (text).
Times are in sec, measured by the kernel, on a 25MHz 386 running V.3.2.
Note that the size for the archivers includes a directory.
CPU final COMMENTS
Program sec size (original 56718 bytes)
compress 0.78 25486
zoo 1.96 28178 archiver
arc 2.84 29284 archiver (w/ "squash")
zip v1.02 3.76 21031 archiver, run under MSDOS
lharc v2 (beta) 6.93 20602 archiver, run under MSDOS
lharc v1 7.12 22952 archiver
lzhuf 7.64 22918
Hope that sheds some light on the discussion. There does not seem to
be anything as fast currently available (to me).
bill davidsen (davidsen@crdos1.crd.GE.COM -or- uunet!crdgw1!crdos1!davidsen)
In fact, the FSF's raison d'etre is to encourage innovation by making it unnecessary for programmers to write code that's already been written. The GNU project is in a drudgery phase right now since they *are* having to rewrite much existing code. At least these programs are being improved as they're being rewritten. GNU Tar, for example, does incremental backups. Their most successful product, GNU Emacs, was the original idea of the FSF's founder, Richard Stallman. >Few people using >compress have any intellectual or technical investment in it: in fact, few have >any clue what the algorithm even IS: if it were changed to something else >tomorrow almost no one would know or care. Not true. Although the LZW compression algorithm is transparent to users of compress, as it should be, files compressed using it couldn't be uncompressed by a replacement program. The existing base of compressed files in public archives and private systems combined with the nearly ubiquitous presence of compress, uncompress, and zcat on today's UNIX systems would make a switch to an alternative method far from easy, fast, or transparent. Dave Sill (de5@ornl.gov) These are my opinions. Martin Marietta Energy Systems, Workstation Support [Also commented upon Jay Plett <jay@silence.princeton.nj.us>]
>For example, Unisys claims a patent covers compress, which may soon be a
>required part of a national standard (POSIX user portability extensions).
As an aside, it should be noted that inclusion of patented technology in
national standards is nothing new, when it is considered the best approach
and when the patent holder is willing to promise reasonable licensing.
(The inclusion of compress in POSIX is, last I heard, conditional on such
a promise from Unisys.)
A good example of this is Ethernet, overwhelmingly the standard medium-
performance LAN, which is a national standard despite being covered by Xerox
patents. Almost nobody realizes that Ethernet is patented and that your
Ethernet equipment supplier is paying royalties to Xerox. This is a good
example of managing patents properly: the inventors profit and the public
interest is nevertheless well served. Unfortunately, it's not always that way.
Henry Spencer at U of Toronto Zoology utzoo!henry
In the Wall Street Journal of Tuesday, August 14, 1990, on the front page, there is a VERY interesting story about so-called credit doctors. People who will, for a fee, help you fix your credit rating. Some people who provide this function are legitimate. Some are not. There are several methods detailed in the story that are used (illegally) to allow people with bad credit to obtain more credit. One of the more frightening examples was where a customer with bad credit enters such a place and for a fee, is provided with information to be used to apply for credit. Among this new information is a "newly assigned" social security number (the client claimed ignorance of illegal doing, but getting a ssn from anyone OTHER than the Social Security Administration, not to mention getting a NEW one at all, seems like it should be a BIG red flag!). The "credit doctor" has used bought or stolen access codes on credit bureau computers to search (note, this is a READ-ONLY operation) the database for other people with identical or similar names. He then copies down THAT PERSON'S ssn, address, mother's maiden name, whatever is there and provides it to his client with instructions that it be used when making new credit applications. Of course, eventually, when the client (either intentionally or because of continued bad financial habits) defaults on a payment, the credit bureau comes after the poor slob whose information was lifted. One woman is STILL trying to get things sorted out and people won't extend her credit now even though her file lists her as a victim of fraud. People named John Smith should be quaking in their boots. :-( The credit bureaus are claiming this particular hole is plugged now by requiring more information about someone before being able to call up their credit record. Another method was to (legitimately) contest all bad references in a client's file. By law, all contested references cannot be reported for 90 days until things are cleared up. During that 90 days, the client can apply for all kinds of credit and have a favorable credit report. This is clearly an abuse of the system that should be fixed within the system. The victim here is the merchant who unknowingly extends credit to someone who doesn't deserve it, who may or may not receive payments due at some time in the future. All around a pretty scary article. Obviously not enough thought has gone into our system of maintaining credit information. One of the "credit doctors" claimed to be forcing a change to a broken system (and therefore justifying his actions for the common good!). The implication is that the whole credit system may be changing (mutating?) very soon. King Ables Micro Electronics and Computer Technology Corp. ables@mcc.com 3500 W. Balcones Center Drive +1 512 338 3749 Austin, TX 78759 [This came up almost two years ago, in a note by Donn Seeley, RISKS-7.50, 12 September 1988, citing an article "Clean Credit for Sale: A growing illegal racket", by Larry Reibstein with Lisa Drew, Newsweek 9/12/88, p.49. But for our newer readers, this revisit is worth including in RISKS. PGN]
The posting in RISKS-10.20 on gang members subject to computer voice recognition while under detention and avoiding it by forwarding their calls to cell phones reminded me of this: Over the past weekend, here in the St. Louis area, there were a string of gas station robberies. A man who was under one of those "house arrest" restrictions, with an electronic device fastened to his ankle and a sensor in his home, linked to the telephone, was arrested and charged with these crimes. It turned out that, while the computer (a PC) that monitors these detainees works 24 hours a day, 7 days a week, the humans who have the duty of checking the computer's output work a 9-to-5 5-day-week schedule, so nobody was there over the weekend to notice that the computer had been reporting that this guy was not at home. This was in a particular Illinois jurisdiction, I believe. (I don't think they have this program operating in St. Louis City yet.) Of course, the publicity about this now has notified all such detainees that they are 'free' over the weekends. Of course, their 'escape' will be discovered Monday morning, and they then could be jailed (if caught) for breaking the terms of their detention. Anyway, after seeing that RISK item about call-forwarding, I immediately thought of the following: These detainees could all get together for a party and still remain undetected if they conspired together to all meet at the residence of one of the group. Each of the others would set their own phones to call-forward to that site. That call-receiving phone would have the electronic sensor attached, and, thus, when a call was placed to any of the detainees' phones, it would be answered at the meeting site, and the sensor on that phone would properly report that the detainee wearing the device that responds to the code sent was in fact there. [They would be vulnerable only during the travel time it takes to get from their residences to the meeting site, and could probably arrange to travel during the interval between calls.] Would this deception be detectable by the monitor? Are the sensors and ankle-units made as a pair, so the sensor will only interact with its own particular ankle unit? Or are the sensors generic, so they will just detect if the ankle unit asked about is in range? For that matter, are the ankle units coded to the individual detainee, so that the system queries if unit "123Z" is in range, or does the system just check to see if any ankle unit is in range? If the sensors are generic, then the next step after the meeting for the party would be for a confederate of one of the detainees to go to his residence, and remove the sensor unit from the phone. (Remember the detainee is already away at the other site, and being detected by the sensor there. So no one should detect this removal.) Then that sensor is attached to a cellular phone, which is given to the group of detainees. They then set the meetingplace-site phone to call-forward all calls to the cellular phone, and provide power for that sensor unit attached thereto. Thus they can then travel about as a group and engage in a crime spree, with a perfect alibi — the computerized records will still show them all at their respective homes under electronic detention! This won't work if the sensor only detects its matching ankle unit, but I would guess that having the sensor just be a device that would get an ankle-unit code from the computer and query the neighborhood for that code's presence would be cheaper and simpler, avoiding problems like having to reprogram a sensor when an ankle unit is broken, and thus would be more likely for budget-limited municipalities. It also won't work if I have the wrong idea about how these things operate. I'm assuming the monitor site calls the sensor-equipped phones, and they don't do anything like detect when the ankle unit leaves their range and call in and report that fact. I donate this idea to the public domain; if you write a "movie of the week" screenplay based on it and become rich and famous, you can put my name in the credits as "Original idea by ...". :-) Will Martin
I hope the system uses a challenge/response strategy of some kind, because
otherwise it could be defeated by recording a voice and playing it back at the
appropriate points.
Paul Shields
An amusing juxtaposition of topics, since Edison was very fond of a wine drink which contained considerable amounts of cocaine. According to contemporary reports, it consumed it in considerable quantities. Remember back in school when you were indoctrinated with the "Thomas Edison" story - about how he'd work all night and only get a few hours of sleep a day - now you know why.
Please report problems with the web pages to the maintainer