The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 10 Issue 73

Friday 21 December 1990


o HERO - Hazard of Electromagnetic Radiation to Ordnance
Rodney Hoffman
o Washington (state) E-mail Privacy Suit
Peter Marshall
o Re: Process control risks discussed in IEEE Software
Nancy Leveson
o Re: "Computer Models Leave U.S. Leaders Sure of Victory" ...
P.G. Capek
Jerry Hollombe
Neil Galarneau
o Risks of Automated Collections and a Happy Ending
L.J. Hoffman
o Re: The topic that wouldn't die: telephone voting
Gregory G. Woodbury
o Info on RISKS (comp.risks)

HERO - Hazard of Electromagnetic Radiation to Ordnance

Rodney Hoffman &>
Fri, 21 Dec 1990 13:47:30 PST
Summary of a 30-column-inch article in the Dec. 21, 1990 'Los Angeles Reader'
(see final paragraphs below):


   The Hazard of Electromagnetic Radiation to Ordnance,
   Or, How an Electronic Accident Could Ignite a Gulf War

   By Patricia Axelrod and Capt. Daniel Curtis (USAF Ret.)

HERO, a feature of the electronic battlefield the Pentagon prefers to keep
secret, can launch a rocket or crash a plane without warning.  During the
Libyan air strike, it caused an American fighter bomber to crash and
accidentally bomb friendly embassies and residences.

USAF Col. Charles Quisenberry says electronic emissions from US weapons "were
interfering with each other" in the Libyan attack, and that "we did it [the
mishaps] to ourselves."  He also blames HERO for a series of UH-60 Black Hawk
Army helicopter crashes.

Quisenberry is conducting a classified 3-year study of HERO called the Joint
Electromagnetic Interference Study — JEMI.  Quisenberry says preliminary JEMI
findings are that combinations of US weapons transmitting radio waves at
certain frequencies can bring down an aircraft by putting it into an
uncommanded turn or dive or by turning off its fuel supply.

The Pentagon classifies the electroexplosive device (EED), as especially
HERO-prone.  The EED is used universally throughout the weapons industry as a
fuse trigger, activating everything from artillery to nuclear missiles.
Charles Cormack, Navy EED specialist, claims that the EED has caused 25 weapons
accidents, but civilian experts believe that there have been many more.
Defective wiring such as "Kapton," which can cause HERO, is reported to be used
on more than 50 types of aerospace vehicles.

Among many possible HERO-caused accidental firings, explosions, bombings,
crashes, etc., a worst case scenario might be the accidental explosion of a
Tomahawk or other nuclear device.  The electromagnetic pulse following such an
explosion could then trigger HERO chain reactions.

   - - - - [end of article summary]

The 'Los Angeles Reader' is a weekly give-away not generally known for its hard
news coverage, nor for any attempt at "balance" in its stories.

At the end of the article I've excerpted, an editorial note says it "is based
on ... findings extracted from personal interviews ... government and military
documents, accident and mishap reports released through the Freedom of
Information Act, and newspaper and journal articles, and expert research
papers.  It was made possible in part by a grant from The John D. and Catherine
T. MacArthur Foundation ... for Research in Peace, Security and International

    [Los Angeles Readers not to be confused with Los Angeles Raiders,
    who have a newly regained electromagnetic pulse each week.  PGN]

WA E-mail Privacy Suit

Peter Marshall <peterm@halcyon.UUCP>
Wed, 19 Dec 90 09:32:40 PST
>From Jim Simon, "Computer Privacy at Issue in Suit," THE SEATTLE TIMES,
9/17/90, D1:

  Like thousands of other state employees, Ron Collins figured the confidential
computer messages he sent...couldn't be read by his bosses or anyone else.
  He figured wrong.
  The agency[Labor & Industries]in what officials say was an unprecedented
monitoring of a state employee's private computer files, secretly retrieved and
copied Collins' "electronic mail" messages as part of an investigation into
whether he was improperly using state computers.  In turn, Collins and the
Washington Federation of State Employees filed suit last week...alleging the
agency violated state privacy statutes, including those preventing wiretapping
or other electronic surveillance without a court order....  the Collins case is
already attracting national attention....
  "We're in an era where every advance in technology means that each case like
this brings us to the next frontier of privacy laws," says Sharon Beckman, an
attorney for the...Electronic Frontier Foundation....  Collins...came under
scrutiny in June after a supervisor noticed a message written by him on an open
computer screen.  Joe Dear, director of labor and industries, said the message
prompted such concern that the agency--after getting approval from the state
attorney general's office--had the Department of Information Services retrieve
all of Collins' messages in early June....
  Union officials said workers were never told the system couldn't be used for
personal messages. They note that the use of electronic mail--a system known as
PROFS and used by 3,000 state employees--requires a password....  "I think this
is going way overboard, way too intrusive," said Gary Moore, head of the state
employees union....
  Collins' suit is one of a handful of of similar cases around the nation....
The problem, many observers say, is that privacy laws designed for telephones
and telegraphs are being made obsolete by telecommunications advances.  Privacy
advocates around the nation have battled against caller-identification
telephone programs, and observers say voice-mail systems could wind up as
susceptible to employer snooping as E-mail....  The American Civil Liberties
Union has sought federal laws preventing employers from monitoring employees'
private computer files. And Dear concedes the Collins case should prompt
agencies to write more explicit rules....

[Update: ...and, indeed, just that appears to be in the works now in Olympia,
the state capital. With the lead taken by the Dept. of Information Services,
who had no relevant rules in place before the Collins case, the Gov.'s Cabinet
is developing rules expected to take final form in an Executive Order. The
Collins case, however, is still in process.]

Process control risks discussed in IEEE Software (Oram, RISKS-10.72)

Nancy Leveson <nancy@murphy.ICS.UCI.EDU>
Wed, 19 Dec 90 15:47:19 -0800
  Compared to some posters on this forum, [Leveson's] premise is an optimistic
  one: she takes for granted that computers should be used to control
  airplanes, factory production, power plants, etc.  But she's very
  open about the difficulties of predicting and handling events.

I guess I wasn't very clear in my Nov 90 IEEE Software article.  Actually, I am
more of a cynic than an optimist — I take for granted that computers will (vs.
should) be used in process-control and try to present some research topics that
need to be addressed (it was an invited paper on challenges for the 90's).

An article that deals more directly with software safety and techniques to try
to reduce risk will appear in the February issue of CACM (it was supposed to
appear side-by-side with and as an alternative viewpoint to Dave Parnas'
article last May but somehow got delayed in press).

nancy leveson

Re: "Computer Models Leave U.S. Leaders Sure of Victory"

Wed, 19 Dec 90 23:07:24 EST
A colleague used to have a sign on his office wall which said roughly:

   "A model is an artifice for helping you convince yourself that you
    understand more about a system than you do."

Enough said.

Peter Capek — IBM Research

"Computer Models Leave U.S. Leaders Sure of Victory" (RISKS-10.69)

The Polymath <>
20 Dec 90 01:57:12 GMT
A friend of mine (name omitted for his protection) is a contract programmer who
worked on one of these models for over 5 years.  It's his opinion that parts of
the model had been deliberately tweaked to "tell the generals what they want to
hear." i.e.: That their equipment works as advertised, so they'll win.  Model
results can then be used to justify purchase of more of the same equipment.

If things continue as they are, we may well find out if it matters in the real

Jerry Hollombe, Citicorp(+)TTI 3100 Ocean Park Blvd.  Santa Monica, CA 90405
(213) 450-9111, x2483 {csun | philabs | psivax}!ttidca!hollombe

Re: "Computer Models Leave U.S. Leaders Sure of Victory"

Neil Galarneau <>
Thu, 20 Dec 90 14:44:30 GMT
An excellent book on the topic that has come out recently is Peter Perla's
            _The Art of Wargaming_

The book deals with both the military and commercial sides of the topic.
He mentions some problems the Japanese had in wargaming the Battle of Midway,
for example.


P.S.  For those who are curious, the referee of the wargame (a Japanese
admiral) pointed out to the Japanese team that although they had won, they had
no plans for dealing with the American fleet if it was north-west(?) of Midway.

Due to cryptanalysis, guess where we were? :-)

Risks of Automated Collections and a Happy Ending

Lance J. Hoffman <>
Thu, 20 Dec 90 13:52:29 EST
     Recently, I had a run-in with my bank which had a happy ending.  The
letters between me and it are self-explanatory, so, without further ado:


Mr. (name deleted)
(bank name and address)

Dear Mr. (name deleted):

     I am a professor of computer science at The George Washington University.
I want to thank you for giving me an example of an insensitive and
counterproductive computer-aided system to discuss with my classes.  Let me

     Yesterday evening, I received a telephone call at approximately 6:50 p.m.
from your credit collection department.  A human operator asked for me and
then, when I identified myself, played a taped message asking me to pay my Visa
bill (account number (deleted), after which the connection was broken.

     The tape stated that my account was overdue, despite the fact that when I
called two days ago, I was told it was current.  I had been away for a month or
so and when I returned last week I immediately mailed in the complete payment
for the old overdue bill and then, a day later, I mailed in a complete payment
for the newly arrived and current bill.  Since I received an overdue notice in
the mail early this week and a(nother) phone call from a human on my recording
machine, I called back.  By that time, you must have received one of my
payments at least, since I was told (three days ago) that my account was

     At about 9:50 a.m. this morning, I talked with Ms. (name deleted) of your
customer service department.  She was pleasant, understanding, volunteered that
I had a valid point, and knew how the system operated.  (That's where I got the
bank president's name — LJH) According to her, if a bill is not paid by me by
the 17th of a month, I will get a recorded call from the Collections system,
even if my payment is received in the intervening time.  (Your bank) obviously
doesn't care enough to fax to the human operator who initiates the call a list
of "late pays, now current", and would rather have people like me tell my
friends horror stories about (your bank).

     I don't enjoy having my dinner interrupted by taped messages, especially
when your right hand apparently doesn't know what your left hand is doing.
Whatever bozo put in this telephoning system should be demoted, after being
called at dinnertime every day for a month.  He or she would have been lucky to
pass with a low D any system design course I taught!

     I have now stopped telling my friends about the 1% rebate (a definite plus
for your Visa card); they can give their business to whatever bank they want,
as far as I am concerned.

     I think your action is especially uncalled for since my record in the past
is exemplary in paying my bills, including yours.  I think you owe me an
apology.  Moreover, I think your recording may violate harassment provisions of
the Fair Credit Reporting Act or some other federal law; by copy of this
letter, I am asking my attorney for a quick opinion.

     To date this year, I have written $(amount deleted) in checks to your bank
in payment of my Visa bills:

(I inserted a transaction log here, generated by Quicken)

     I think such a customer deserves more consideration than your "system"
gives him, and I hope you take steps to change it.


Lance J. Hoffman

c: (name deleted), Manager, Collections
   (name deleted), Supervisor, Customer Service
   (name of a friend who is an attorney), Esq.


Dear Mr. Hoffman:

Your letter to (bank president) has been referred to me as I am directly
responsible for the Collections Department. ...

[The Collection Recording System's] scheduling of the recorded call is
designed to allow sufficient time for our customers to submit a payment
before their account reaches 30 days past due. ...

The taped messages were scheduled to be made on November 19th, 20th, and
21st.  Regrettably, our processor (which type?!-LJH) did not begin calling
until November 27th. ...

Your letter has prompted us to reanalyze the entire program.  As stated
earlier its purpose is to serve as a friendly reminder for payment.  Its
(sic) obvious, however, that any delays that may occur in the future will
only serve to offend our good customers such as yourself.  Therefore, we've
decided to phase out the Collection Recording System within the next three

I sincerely apologize ...

(name deleted)
Group Vice President
(bank) Card Center

It's nice to see that sometimes one well-aimed missive can change things.

Professor Lance J. Hoffman, Department of Electrical Engineering and Computer
Science, The George Washington University, Washington, D. C. 20052 202-994-4955

Re: The topic that wouldn't die: telephone voting

Gregory G. Woodbury <>
Thu, 20 Dec 90 19:28:05 GMT
Brian Rice notes that the Directory of the NC State Board of Elections
forsees a day when big brother will have everyone marked by voiceprint.

Fortunately, not all of the folks here are going to take his comments
seriously.  The NC legislature has to make any changes to the system and
they are NOT inclined to trust technology.

A few years back, the NC House of Representatives installed an
electronic voting system in response to public pressure to provide more
accountability.  It has taken them nearly 10 years to get used to it.

As for the challenging of all votes by a certain candidates workers in
some precincts:  the process of challenging a voter in NC is specific
and costly.  An incorrect challenge costs the challenger cash and
personal court appearances when the challenge is overturned.

Following the severe problems with the machines in Durham and Guilford
counties, there have been all sorts of stories trying to account for why
these two counties had all the problems.  The latest reports that I have
heard from the Durham BoE confirmed my earlier report that these two
counties had some specific changes in the way the voting machines were
to be programmed that were not anticipated as leaving the machines
vulnerable to jamming.

In both counties, there was ONE independent candidate for a partisan
office that had a relatively full slate in each of the two main parties.
In this case it seems that the way the machines are physically linked in
the back had only one long and inadequate lever connecting the third row
to the interlock section.  Voting for a full complement in the main
parties and then also selecting the independent candidate would spring
the interlock section for that race and render the machine unuseable
until the mechanics could get there and unjam the machine.

In my precinct, we spotted the inoperative machines very quickly and
quit using them until they could be fixed.  In other precincts it was
reported that the malfunctions were not noticed until several voters
had used the malfunctioning machines.

There are rumours that this jamming may have been deliberatly caused by
some (unknown) party's instructing voters how to jam the machines, but
there is no confirmation of this that I am aware of.

Gregory G. Woodbury @ The Wolves Den UNIX, Durham NC
UUCP: ...dukcds!wolves!ggw ...mcnc!wolves!ggw

Please report problems with the web pages to the maintainer