# Forum on Risks to the Public in Computers and Related Systems

## Contents

Red clocks run faster than green ones!
Paul Leyland
Re: Faxing a horse
Ed Wright
Call for papers -- ACM SIGSOFT '91, REMINDER
Nancy Leveson
Risks of naming a node
Rao V. Akella
Plugging in in Singapore
WWeaver
Re: Singacard anyone?
JueyChong Ong
Bill J Biesty
Deskilling/dumbing-down
Peter Brantley
Phil Agre
Bob Rahe
Edward Kittlitz
Info on RISKS (comp.risks)

### Red clocks run faster than green ones!

Paul Leyland <pcl@robots.oxford.ac.uk>
Fri, 1 Mar 91 13:53:46 GMT
Copied from _The Times_, London, March 1 1991.

Speeding clocks cause for alarm

New street lighting systems in an East Midlands village have been playing
curious games with alarm clocks, causing them to race up to four hours ahead
while their owners slept.

Residents of Castle Donnington, Leicestershire, who own clocks with the
familiar red display [presumably LEDs -- pcl] had to call on the detective
skills of East Midlands Electricity Board staff to solve the problem.  Owners
of more sophisticated clocks with a green display [plasma discharge? -- pcl]
found they were sticking to Greenwich rather than Omani time.

An inspection of the local airport and voltage checks in houses and at
substations failed to disclose the cause.  Interference from cellular telephones
was also ruled out.

The culprits were finally tracked to signals being transmitted by electric
timers controlling local street lights that had recently been fitted by
Leicestershire county council.  Julian Evans, an electricity board spokesman,
said the timers had been replaced and things appeared to be "ticking along
nicely".

[ Can anyone explain why "red" clocks should be more susceptible to this form
of interference than "green" clocks?  ]



### Re: Faxing a horse (RISKS-11.19)

Ed Wright <edw@sequent.com>
Fri, 1 Mar 91 12:31:21 PDT
I keep waiting for the day when someone releases a (postscript) laser printer,
that incorporates a scanner so that I can use it as a printer, a scanner, a
copier. Add fax to that concept and I think we would have a winner.  Ed Wright



### call for papers -- ACM SIGSOFT '91 [REMINDER. ORIGINAL IN RISKS-10.57]

Nancy Leveson <nancy@murphy.ICS.UCI.EDU>
Mon, 29 Oct 90 17:45:06 -0800
                            CALL FOR PAPERS

ACM SIGSOFT '91
Software for Critical Systems

New Orleans, Louisiana
December 4-6, 1991

Computer systems are beginning to affect nearly every aspect of our lives.
Examples include programs that control aircraft, shut down nuclear power
reactors in emergencies, monitor hospital patients, and execute banking
transactions.  Although such programs offer considerable benefits, they also
pose serious risks in that we are increasingly vulnerable to errors and
deficiencies in the software.                     [NO NEWS TO RISKS READERS!]

The SIGSOFT '91 conference seeks papers on all aspects of quality in critical
systems.  A critical system is a system that must exhibit, with very high
assurance, some specific qualities such as safety, reliability,
confidentiality, integrity, availability, trustworthiness, and correctness.
The conference will focus on such topics as architectures, design
methodologies, languages, analysis techniques, and processes that can increase
the likelihood that a system exhibits its required qualities.

Papers will be judged on relevance, significance, originality, correctness, and
clarity.  Papers will be read and evaluated by the program committee and must
not be under consideration (or published) elsewhere in the same or similar
form.  Papers are limited to 6,000 words, with full-page figures counting as
300 words.  A paper that significantly exceeds this limit is likely to be
rejected.

Authors should submit 6 copies of the full paper to:

Peter G. Neumann, Computer Science Laboratory, SRI International,
Room EL-243, 333 Ravenswood Ave., Menlo Park, CA 94025

Persons submitting papers from countries in which access to copying machines is
difficult or impossible may submit a single copy.  Submissions should be
received by May 3, 1991 and should include a return mailing address.  Authors
will be notified of acceptance or rejection by July 12, 1991.  Full versions of
accepted papers must be received in camera-ready form by August 30, 1991.
Authors of accepted papers will be expected to sign a copyright release form.
Proceedings will be distributed at the conference and will subsequently be
available from ACM.

CONFERENCE CHAIR          PROGRAM Co-CHAIRS
Mark Moriconi             Nancy Leveson                 Peter Neumann
SRI International         Univ. of California, Irvine   SRI International
moriconi@csl.sri.com      leveson@ics.uci.edu           neumann@csl.sri.com

PROGRAM COMMITTEE
David Barstow          Schlumberger
Dines Bjorner          Technical University of Denmark
Marie-Claude Gaudel    Universite de Paris - Sud
Jim Horning            DEC Systems Research Center
Bill Howden            University of California, San Diego
Hermann Kopetz         Technical University of Vienna
Carl Landwehr          Naval Research Laboratory
Bev Littlewood         City University, London
Leon Osterweil         University of California, Irvine
David Parnas           Queen's University
Fred Schneider         Cornell University
Vicky Stavridou        University of London
Martyn Thomas          Praxis, Inc.
Walter Tichy           University of Karlsruhe
Elaine Weyuker         NYU Courant Institute



### Risks of naming a node

"Rao V. Akella" <RAO@moose.cccs.umn.edu>
Tue, 26 Feb 91 15:50 CST
In addition to all the other problems associated with computers, have you ever
wondered about the risks of _naming_ one?  The study I work for has a
workstation called SUCKER (ugh! my system manager -- who is a fishing maniac --
named it after a lake in the Boundary Waters Canoe Area in northern Minnesota).

Ever since we brought this machine up on the net, we haven't had a moment's
peace.  All the teenage wanna-be freshmen hackers from all the neighbouring
state colleges who have just got their first computer account and have read
"The Cuckoo's Egg" are drawn to it like a magnet.  There's rarely a Monday when
I come in and don't find breakin attempts on all the usual accounts: SYSTEM,
FIELD, DECNET, INGRES, GUEST, ANONYMOUS...you name it.  Fortunately, DECnet
provides a pretty good traceback to the originating point of the attempt, and
most system managers take such reports very seriously, so we've had about
half-a-dozen amateurs kicked off their systems (I say amateurs, because nobody
has gone beyond trying to guess passwords).

But then, we probably only have audit and intrusion trails for the ones that
failed...

Rao Akella, Research Assistant, Colon Cancer Control Study
University of Minnesota, Minneapolis



### Plugging in, in Singapore

<WWEAVER@cmsa.Berkeley.EDU>
Sun, 24 Feb 91 20:23 PST
In light of RISKS recent series on the Americard, I found the following
interesting.  Reprinted from the 24 Feb 91 Chronicle (Punch Section, page 5).
All typographical errors mine.

THE PUSH-BUTTON SOCIETY
In Singapore, 2.6 million people are coming on-line.
By Reginal Chua (Reuters)

Singapore is striving to become a push-button city.  From cashless shopping to
electronic paperwork and even a computerized pig auction, Singapore is plugging
its 2.6 million people into electronic grids linking the entire island nation.
In less than a decade, it plans to build computerized electronic pathways to
enable people to shop, book theater tickets, check information, and to allow
companies to send documents.

Singapore's small size and highly centralized bureaucracy has made it
relatively simple to establish the groundwork for the electronic society.  All
citizens carry a numbered identification card, allowing information about them
to be cross-indexed between ministries and government bodies.  Not all
Singaporeans are thrilled ath the prospect of life in this version of a brave
new world with an electronic Big Brother'' keeping tabs on them.

Some were unhappy to find that census takers calling at their homes already had
detailed information about them printed on the census forms.  It seems like
they know more about me than I do,'' one housewife said.

The advantages of being plugged in, however, have become obvious to many.
The purpose... is to turn Singapore into an intelligent island in which IT
(information technology) will be fully exploited to improve business
competitiveness and, more importantly, to enhance the quality of life,'' said
Tay Eng Soon, minister of state for education.  A new master plan, IT 2000,
will be unveiled at the end of the year, Tay said.  Parts are already in place.

TradeNet -- which allows companies to submit documents electronically to the
state Trade Development Board -- now accounts for 90 percent of all trade
documentation, a board official said.  We're going to phase out the remaining
10 percent by the end of the year,'' she said.  Some freight forwarders have
reported productivity gains of up to 30 percent with the new system, she added.

Introduced only two years ago, the system handles 10,000 forms a day.  Each
takes 15 minutes to process, compared with as long as two days by the old
method.  Even payment for the service is electronic.  Shippers used to have to
paste revenue stamps on each form.  Now the board deducts the fee
electronically from their bank accounts.  Up-to-date knowledge and
information become of utmost importance when a country or company seeks to be
competitive in the international arena,'' Minister of Communications Yeo Ning
Hong said at the launch of a teletext system, Teleview.

The Network for Electronic Transfers, a cashless shopping system, has been in
operation for five years and is now used by more than a third of the population
and 1,500 stores.  Consumers have the cost of their purchases automatically
deducted from their bank accounts.  Certainly there was resistance at first.
There was a lot of resistance, primarily from the retailers,'' said the
network's general manager, Patrick Yi.  We now have a critical mass of
consumers and retailers.''

In the next five years, the network plans to expand to 6,000 outlets and boost
transactions from about $300 million last year to$1 billion in 1995.  Plans
also include an electronic purse,'' which could replace several electronic
cards being used at the moment.  The concept is that from a national
perspective, wouldn't it be nice if we could just have one card,'' Yi said.
[!! --ww]

There are also other electronic networks -- for air cargo (Star Net), medical
claims (MediNet) and company registry (LawNet).

The next futuristic concept is Smart Town,'' which envisions a national
electronic grid to which households would be linked.  The idea here is to
build into the town a whole range of IT services,'' Tay said.  People who
live and work in such a town will have maximum and convenient access to many
services.''

Even the local pig market has entered the microchip age.  Wholesalers at the
Hog Auction Market, or HAM, bid silently for swine on an electronic system
which deducts winning bids from traders' deposits.

Only the odor remains.



### Re: Singacard anyone?

JueyChong Ong <75216.726@compuserve.com>
25 Feb 91 00:09:00 EST
Having lived in Singapore for most of my life, I think I can comment on parts
of Bill J Biesty's article in RISKS 11.09.

NETS was set up by a number of banks in Singapore primarily as an ATM network
much like Cirrus or Plus System in the US. With one notable exception, if you
bank with a NETS member, you can use any ATM machine belonging to a bank that
is a NETS member (the notable exception being the Post Office Savings Bank,
which claims to have the most ATMs nationwide, and therefore does not need to
participate in the ATM network; but they do participate in the cashless
shopping service mentioned next).

The other thing you can do with NETS is that merchants can subscribe to the
service, and that allows NETS ATM card holders to use their ATM card as a debit
card at stores. Shoppers use the same PIN they use at the ATM, and they can
choose to have the purchase amount deducted from their checking or savings
account.

On a recent visit to Washington, DC, I noticed a similar service being
provided at a Safeway supermarket.

>I think it was mentioned in Risks, but was mentioned in WSJ that Singapore
>plans to install sensors in cars and roads and start taxing vehicle owners
>based on usage rather than an average fee to cover maintenance costs of roads.

Depending on how much the government decides to charge for road usage after
implementing the sensors, it may turn out to be a welcome measure. Currently,
cars prices in Singapore are more than double the prices in the US because of
import taxes. Road taxes go for about US$600 a year now for a car with a 2-liter engine (more for bigger cars, less for smaller ones). The idea is to prevent traffic congestion by making it difficult for people to afford even one car. I don't think that's fair. To reduce road usage during rush hours, there is a surcharge to enter the downtown area/city center/business district. Implementing Electronic Road Pricing (ERP) gives the government an alternative to rapidly increasing vehicle import taxes, increasing rush-hour entry fees and, recently, annual car sales quotas. The hope is that it will result in fairer charging, and that they do not abuse the flexibility of ERP. Incidentally, Singapore got interested in ERP because of its apparent success in Hong Kong. Also, you may also like to know that some people do not believe in being charged "an average fee to cover maintenance costs of roads." The Feb. 1991 issue of New York Motorist (AAA Automobile Club of New York's newsletter) ran two articles: one was about the Club urging lawmakers to reject legislation that would put a flat-rate auto-use tax on vehicles in Westchester County. The Club vice-president said the tax was "regressive - levied on the owner of a Rolls Royce at the same rate as on the owner of an old jalopy." While the main reason for opposing the fee was that it was "essentially a second registration fee" (and also a way for the county to raise more tax money in a bad year), I also took it to mean that charging everyone an "average" fee isn't very popular either. The second articles was more interesting: the Port Authority of NY and the Triborough Bridge and Tunnel Authority are trying out Automatic Vehicle Identification (AVI) equipment to see if it could replace toll booths. A transponder is mounted on the vehicle windshield. A transmitter at the toll area generates a radio signal that is modified by the transponder when it is within range, at speeds of up to 35mph, to "the tag's individual identification code. The reflected signal with the new information is then transmitted to a central computer" which would then deduct the proper amount of toll from the vehicle owners account. I see a very blur distinction between this and Singapore's ERP efforts. In fact, from the photograph accompanying the article and the description, it seems uncannily similar to the system (or one of the systems) that the Singapore government plans to try out. The article also addresses several implications, among them: "A first step towards congestion pricing (charging a higher rate for driving during peak periods and encouraging off-peak use by lowering fees)", "Facilitating an expanded toll road system" and a "Big Brother" potential for "governmental agencies to keep tabs on citizens via their recorded passage through toll facilities". Sounds like Singapore? --jc  ### Re: Singacard anyone? Bill J Biesty <wjb@edsr.UUCP> Mon, 25 Feb 91 08:30:46 CST [Pravin Kumar <ppk@Sun.COM> responds to my submission of a Wall Street Journal article about the computerization of commerce in Singapore by pointing out that the U.S. is close behind in implementing the same technologies.] Dallas, Texas, USA has similar technologies in use. The Dallas North Tollway, the only toll road in Dallas, put the AVI system into effect last year. I also have seen the use of ATM cards to pay for groceries and gasoline (whose risks were discussed recently). One difference that does exist is that the Cirrus, Plus, and other ATM networks are not run by the government but by independent businesses that manage the networks. I submitted the article not only as a follow up to the Americard idea but also the discussion of Margaret Atwood's "The Handmaid's Tale" where womens rights were removed by removing their economic freedom. This is risk that still exists (but not just for women I'm sure) in Singapore. Access fees for driving in certain areas can be handled by selling permits to drive in congested areas. Other drivers can take the risk of driving into the area without the permit and getting a ticket. This method avoids the loss of freedom in letting some accounting system keep track of where you are. The Tollway incidentally provides a quicker access to downtown as many drivers don't want to pay the tolls ($1.00 each way), in essence making
it an access fee or a service fee depending on how you want to look at it.

(similar to the dubious information security at credit reporting agencies)
than there would be if it were under government control.  Or are they the same?
Is it better to have such "democratically" restricted access?  I think so.
It's pretty difficult to get the CIA to release uncensored information that
the (may) have collected about you.  With a commercial network you can (attempt
to) hire a cracker and at least be forewarned.

Bill Biesty, Electronic Data Systems Corp., Research and Advanced Development,
7223 Forest Lane, Dallas, TX 75230    (214) 661 - 6058    edsr.eds.com!wjb



### Deskilling

Peter Brantley <BRANTLEP@ARIZVM1.BITNET>
Fri, 01 Mar 91 09:13:16 MST
Alan Wexelblat notes that many instances of automation are involved in a
deskilling of the workforce.  There are many popular images of this effect, and
Alan notes a few.  The worry is that this process, extending through society,
will result in a "dumbing" of workers.

This thesis was most forcefully argued, not in Garson's _Electronic Sweatshop_,
which has more to do with surveillance, but in Harry Braverman's _Labor and
Monopoly Capital_.  Braverman advanced the deskilling hypothesis as an attempt
to understand what he perceived to be fundamental aspects of workplace
transformation in a particular stage of western capitalism.  The facts,
however, do not really support Alan or Braverman.

Braverman described deskilling as a historical process, particularly alive
today within the service sectors.  But it is questionable whether the service
sectors have been the targets of a "dumbing."  There have been many instances
where computerization has forced the lay off of newly redundant personnel, but
for those who receive or gain control of workplace automation, the story is
different.  They often experience a reskilling, or more explicitly, a
redefinition of their job tasks, with even greater required skills.  The
operation of machinery does not, and should not, require knowledge of
appropriate intervention, as Alan suggests.  Indeed, the very *point* of
automation is to remove these tasks from the province of the worker.  But this
is not necessarily a bad thing.  Automated workers may or may not be more
happy, but they are not likely to be more oppressed.  And as Braverman
accurately noted, the age of craft work -- where you could send Joe to "bang on
it a few times" to fix it are long gone.  Braverman did not note that the craft
work population of the U.S. was always *very* small.

of alarm about the lowering of available skills in the population as a whole.
The requisite skill level for many positions has risen to the point where many
large U.S. corporations are unable to find suitably educated workers in the
labor force.  Massive job training programs have been initiated to give workers
a minimum level of technological sophistication necessary to perform their

The inclination of many writers, Braverman included, to posit a golden happy
age where workers knew their work and could fix/own their own machinery is a
dangerous misunderstanding of the nature of capitalism.  The economic system
has extensively organized work for centuries, and automation has only enlarged
to scope of this organization.  Workers were, are, and will be oppressed.

The danger is in failing to note the increasing skill stratification of the
workforce.  Those of us who understand technology are a very privileged lot.
The workplace demands more extensive skills with each passing year as more
information processing becomes required for culturally accepted business
practices.  If we fail to notice that the U.S. educational and social system
does not support the acquisition of these skills, then we have done a grave
disservice.  This is not something particular to automation, but to our social
system.  Automation is a neutral force.  Society is not.

Peter Brantley, Department of Sociology, University of Arizona, Tucson,
AZ  85721  (602) 621-3804 Brantlep@Arizvm1.BITNET, Brantlep at Arizvm1.Ccit.Arizona.Edu



### Re: deskilling

Phil Agre <phila@cogs.sussex.ac.uk>
Fri, 1 Mar 91 17:24:33 GMT
In an article in Risks 11.18, Alan Wexelblat (wex@pws.bull.com) mentions the
notion of deskilling in relation to computer-based automation.  He says:

Where people have not been outright replaced by machines, they've been
replaced by people with lower skill levels and often less experience and
less education.

Though I am highly sympathetic to the idea that automation is not frequently
motivated by concern about the quality of workers' lives, the matter is fairly
complicated.  In particular, it would be a mistake to identify automation with
deskilling in terms of its effects on the total workforce.  (This may simply
be a clarification of AW's note.)  Rather than go on about it, here are some
references which lay out the issues in detail:

William O.~Lichtner, {\em Planned Control in Manufacturing}, New York: Ronald
Press, 1924.  A fascinating early manual of management rationalization.

Harry Braverman, {\em Labor and Monopoly Capital: The Degradation of Work in
the Twentieth Century}, New York: Monthly Review Press, 1974.  Origin of the
thesis of "deskilling".

Richard Edwards, {\em Contested Terrain: The Transformation of the Workplace
in the Twentieth Century}, New York: Basic Books, 1979.  A more complex view,
based on the evolving relationship between issues of efficiency and control
over the work process.

Barry Wilkinson, {\em The Shopfloor Politics of New Technology}, London:
Heinemann, 1983.  An ethnographic account of the organizational dynamics of
factory automation.

Ann Majchrzak, {\em The Human Side of Factory Automation: Managerial and
Human Resource Strategies for Making Automation Succeed}, San Francisco:
Jossey-Bass, 1988.  A practical guide for managers planning to automate.

Paul Thompson, {\em The Nature of Work: An Introduction to Debates on the
Labour Process}, second edition, London: Macmillan, 1989.  Good survey of
the development of sociological theories of automation since Braverman.

Phil Agre, University of Sussex



### Re: Dumbing-down?

Bob Rahe <CES00661@UDELVM.bitnet>
Thu, 28 Feb 91 22:10:00 EST
  Alan Wexelbat in Risks 11.18 makes the point of automation of some jobs
causing the level of intelligence of the operators hired to do them to be
lowered.  How can this be ascertained as opposed to the scenario where the
quality of the applicants for the job has required a high-tech solution in
order to get it done.  Have you talked (English!) to a high school student
lately?  Tried to get into a discussion with one?  Definitely on a downward
spiral.
Bob



### dumbing-down and dumbing-up

Edward N Kittlitz <kittlitz@world.std.com>
Sat, 2 Mar 91 07:22:13 -0500
Alan Wexelblat discussed "dumbing down", whereby technology allow less trained
people to perform tasks which previously required skilled practitioners. We
must also remember that computer-aided processes can inspire contempt in those
who are familiar. An example is the oft-discussed failure of skilled persons to
follow automated checklist procedures because they know the system "well
enough".  The best (apocryphal?) example is the Soviet fighter pilot yelling
"don't tell me how to fly this plane" to a recorded voice intoning "pull up...
pull up". This must be "dumbing up".

PS to Steve Bellovin's note about 25 and 50 feet of wire going for the same
price: an inspired bargainer would purchase the 50-foot length, Solomon-style
cleave it in twain, and return one piece at the 25-foot price.
E. N. Kittlitz



Please report problems with the web pages to the maintainer

Top