Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
>From Channel 4 news last night (Tue. 28th Aug.):
It is reported that Iraq may be deploying some of the Royal Navy's latest
high-tech weaponry. Apparently this is causing US commanders to be reluctant
to send aircraft carriers into the northern area of the Gulf.
The villain of the piece is the smart mine 'Stonefish', developed by Marconi
Underwater Systems under contract to the Royal Navy. This little charmer is
so cute it listens to the engine noise of ships passing overhead, and can tell
what type of vessel is within range. It 'hides' from minesweepers, and
blows the backside off anything else.
At the heart of the system is (you've guessed it!) 'highly sophisticated and
classified' *software*.
The Channel 4 investigators have in their possession the 'Technical Description
and Specification' of Stonefish. The cover sheet and first few pages of this
document were actually shown on screen, and looked pretty authentic, with the
Marconi logo and classification 'UK restricted: commercial in confidence'
clearly visible.
C4's copy, however, comes not from Marconi's Watford HQ, but from a source not
a million miles removed from Cardoen International, a Chilean firm (no boring
restrictions on arms sales there!) described by an expert from Jane's as being
specialists in the 'laundering' of military technology for the benefit of third
world countries (at least, those with adequate oil revenues to pay for it).
Cardoen has well-established links with Iraq.
The implication is not that Stonefish has been sold bundled to Iraq, but enough
technical information is in dubious hands for the Iraqis to have a good go at
building a look-alike.
Carlos Cardoen, filmed at a news conference, said that he had a very close
relationship with Marconi, and some of their guys had visited him.
Marconi said 'We have no relationship with Cardoen.' and refused to be
interviewed.
An expert from an outfit called something like 'Naval Weapons Review' gave it
as his opinion that Iraq probably has 'a limited number of quite sophisticated
mines', but implied that we shouldn't worry too much, since 'the Navy would
not let a UK contractor simply hand over the software for a weapons system'.
So there you have it. Saddam Hussein is in the Stonefish plug-compatible
market, but our Navies are safe provided he can't get his hands on the
operating system.
All of which prompts me to wonder:-
1. If the Iraqis have the software for a 'limited number' of mines, why
haven't they got enough for an unlimited number?
(Perhaps the blockade is working, and they haven't got enough floppy disks
to make the copies. :-)
2. How does Stonefish 'hide' from a minesweeper? The cylindrical object shown
in the newsreel shots doesn't look as though it is capable of crawling
under a rock. Perhaps it just switches off its disk drive to stop the noise
and pretends to be an oil-drum. :-)
3. How reliably can Stonefish identify ships by their engine noise signature?
What happens if your cruiser's big ends are rattling?
4. Does Stonefish rely on some sort of sonar transponder
to distinguish friend from foe? (Remember the Falklands helicopter!)
5. What are the chances that Iraq already has the software? (After all, we all
know Arabs can't write programs, and software is rather difficult to
smuggle through customs. :-)
6. The sophistication of Stonefish's recognition system argues for some kind
of artificial intelligence. If it's that smart, would it know who was
winning and change sides accordingly? :-)
7. Isn't it time that Jane's produced 'All the World's Software'?
Peter Mellor, Centre for Software Reliability, City University, Northampton Sq.
London EC1V 0HB +44(0)71-253-4399 Ext. 4162/3/1 p.mellor@uk.ac.city (JANET)
RISKS readers will recognize this as an old risk but it made this academic chuckle as we begin another semester. The computer at the campus bookstore prints out a tag for each required textbook indicating the course number, instructor, number of copies ordered, etc. Given that textbooks are often used by more than one course, the computer kindly prints out a cross-list of other courses using the same text. One card caught my eye with its unusually long list of cross-listings. Curious as to what textbook was so popular this term, I looked closer to see the title. Being an author I had hopes that maybe it was mine :-) Alas, the title of this very popular text was NO TEXT REQUIRED. I wonder who gets the royalties on that textbook? :-) --Gary McClelland, U. of Colorado
There have been several RISKS submissions recently discussing the legal
status of reverse-engineering of copyrighted material. Reading them, however,
one could easily conclude that copyright law is the only governing issue
involved. It isn't: in fact, most of the products I've seen (both mainframe
and personal computer) assert not only copyright but also contract rights.
For example, IBM's FY90 GSA schedule in Special Item 132-30, section 4(a)6
(page 44) includes the item:
(6) The Government shall not reverse assemble or reverse compile the
licensed programs in whole or in part.
Almost all vendors have a corresponding clause in their software license
agreements, so the question of copyright law permitting reverse engineering
is usually moot. Of course, we now have the issue of deciding which
parts of the contract are legally enforcable. (Cf. Vault v. Quaid, in
which my memory says the court held that the shrink-wrap "license contract"
in PC software was unenforcable.)
Shakespeare was right: shoot all the lawyers.
It was somewhat disturbing to discover that all of the people who took time
to comment on the "electronic house arrest" units focussed on the technology,
and none apparently noticed that this is a safety-critical application.
I.e., failure of the system may lead to the re-incarcenation of a parolee.
I would feel more comfortable if our court/prison/parole system were funded in
such a way as to permit personal contact between the parolee and parole
officer.
Martin Minow
#On page 63 of the August 1990 _World_Press_Review_: #"Unreliable Computers", by Nick Nuttall, "The Times," London #Two Australian scientists are calling for a world-wide ban on the use of #computers in sensitive areas, such as hospital intensive-care wards, the #nuclear-power industry, air-traffic control stations, and early-warning defense #systems. The reference is- Forester, T., & Morrison, P. Computer Unreliability and Social Vulnerability, Futures, June 1990, pages 462-474. # 22 fatal crashes of the Black Hawk helicopter -- #which flies by computer — used by the U. S. Air Force We refer to the death of 22 *servicemen* in *5* blackhawk crashes since 1982. Our reference is B. Cooper and D. Newkirk, Risks, November 1987. We didn't have a vol or issue no. If this is incorrect, please let us know. Perry Morrison [The item was from RISKS-5.58 (15 November 1987). It reappeared in in Software Engineering Notes, vol 13, no 1 (January 1988), page 7. The original source was a wire service report from 12 November 1987. The RISKS issues on the Black Hawk also included RISKS-5.56 (9 Nov 87), 5.59 (16 Nov 87), and 5.60 (18 Nov 87). I hope that helps. PGN]
Date: Tue, 21 Aug 90 9:31:25 EDT
From: Telecom Privacy List Moderator <telecom-priv-request@PICA.ARMY.MIL>
To: telecom-priv@PICA.ARMY.MIL
Subject: Telecom Privacy List
Hello, Everyone. The caller id list is now up and running. I have
anout 35 names on it currently. The address is
telecom-priv@pica.army.mil Currently, the list will not be moderated or
digestified. This might change due to volume.
On Caller-Id ....
I believe it should be available, however the following should apply:
1) It should be blockable at no charge for any number.
2) Name or address (or the fact it is a pay phone) should be made available.
3) Actual calling number should be used not billing number.
4) Under no circumstances should a third number be used shown as the
actual calling number (i.e. Law Enforcement Officer dailing from one
number having the id number showing up as a different number).
Optional - Show if number is listed as residental or business.
Dennis
--
Bruce C. Klopfenstein | klopfens@barney.bgsu.edu
Radio-TV-Film Department | klopfenstein@bgsuopie.bitnet
318 West Hall | klopfens@bgsuvax.UUCP
Bowling Green State University | (419) 372-2138; 372-8690
Bowling Green, OH 43403 | fax (419) 372-2300
[We've probably had enough on this issue in RISKS, so here is a new
outlet. I've also been rejecting ATM and Electronic house arrest items
unless they are particularly cogent. PGN]
Please report problems with the web pages to the maintainer