The RISKS Digest
Volume 11 Issue 57

Tuesday, 30th April 1991

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…


Reverse engineering and testing of students
Andrew Koenig
Re: Another commuter train wreck in London
Dave Roberts
Re: Cable TV "bullet"
David A Ladd
Re: Free Speech & Govt. Control of Information
Peter Marshall
Re: Freedom of Information vs Computers
Daniel C. Swinehart
Email, Privacy, and `small print'
Herman J. Woltring
Prodigy commentary
Jeremy Epstein
Tom Neff
Robert Hartman
Re: Four-digit address causes NYC death
Brinton Cooper
Steve Strassmann
Martin Minow
D.C. Seminar, "Social Importance of Privacy," May 3, 1991
Robert Jacobson
Info on RISKS (comp.risks)

Reverse engineering and testing of students

Tue, 30 Apr 91 09:45:12 EDT
I was talking recently to someone who told me about his experience taking a
multiple-choice test. There were a lot of questions, most of which he knew, but
some of which were so poorly designed that he could not tell which of several
alternatives was the right answer.  Of course, he left those blank on his first

After he had answered the ones he knew for sure, he noticed a pattern beginning
to emerge on the answer sheet.  The spaces for answers were arranged in two
columns, and he saw that the left column had exactly the same pattern of
answers as the right column, not counting the gaps, except that it was inverted
and reversed.  The pattern was too consistent to be a coincidence, so he used
that information to fill in the rest of the answers.  Sure enough, each answer
indicated by the pattern matched one of the answers he had considered possible
for that question.

When it came time to grade the test, the grading procedure explained
everything.  The grader took a sheet of opaque plastic with a bunch of holes in
it, placed it over the answer sheet, and marked as wrong all the questions
where an answer didn't show through a hole.  He then flipped the template over,
turned it upside down, and repeated the process for the second column.

                --Andrew Koenig,

Re: Another commuter train wreck in London

Dave Roberts <>
Tue, 30 Apr 91 16:44:05 GMT
Following the report in RISKS-11.52 from ClariNet I thought that the Forum
readers might like to know that the trains were not both under computer control
at the time.  The train which was on the receiving end of the bang was under
manual control at the time because of "previous failures" according to the UK
Daily Telegraph.

The question which occurs to us is "Why did the computer driving the second
train not know where the first one was?"  No answers available in the UK at
the moment because the inquiry is still in progress.  The speed of impact was
about 5mph and no one was hurt but the whole line was down for 7 hours.

Re: Cable TV "bullet"

David A Ladd <>
Tue, 30 Apr 91 12:28:41 EDT
>But most of these folks in question are otherwise legitimate cable subscribers
>who have been "sold" a modification to their cable boxes, MOST OFTEN BY A

Note that the installer need not be crooked, but may be merely incompetent or
generous.  When I was in high school, before everyone had cable-ready
equipment, it was common to have a cable box fail, call for service, and end up
with unaccounted-for and unrequested cable services. In fact, of the three
households I was aware of with cable, all three eventually had the full set of
movie channels without paying for them or in some cases even wanting them. To
have this sort of case turn into a ``theft of cable services'' prosecution
seems ridiculous.

Re: Free Speech & Govt. Control of Information

Peter Marshall <peterm@halcyon.UUCP>
Tue, 30 Apr 91 08:42:15 PDT
Larry's response to Jerry Leichter's earlier post on this topic is
well-reasoned and compelling. Yet, while it may generally be the case, as Larry
states, that "commercial entities do not have the same free speech rights that
individuals do," this observation must, perhaps unfortunately, be qualified in
part by the little matter of "corporate First Amendment rights." Amazing what
you can do after defining "corporation" as "person" in legal terms. See, for
                                                  Peter Marshall
The 23:00 News and Mail Service - +1 206 292 9048 - Seattle, WA USA

Re: Another article: Freedom of Information vs Computers (RISKS-11.55)

Tue, 30 Apr 1991 08:40:11 PDT
Bob Frankston commented on the relative utility of data when provided in "the
original machine readable tape format or on 'more than 1 million sheets of
paper.'"  Paper is becoming ever more machine-readable these days.  It won't be
long before these decisions can again be made solely on the basis of the
message, not the medium.

Email, Privacy, and `small print'

Herman J. Woltring <UGDIST@HNYKUN53>
Tue, 30 Apr 91 10:24:00 N
Considering yesterday's issue of the RISKS-Forum Digest (volume 11, No. 56)
on breach of privacy, email censoring, and improper `small print' in contract
clauses, I am reposting part of my note of last February on public access to
email facilities.  [...]

> Date:      Sat, 23 Feb 91 11:10:00 N
> Sender:    Biomechanics and Movement Science listserver <BIOMCH-L@HEARN>
> From:      Herman J. Woltring" <ELERCAMA@HEITUE5.BITNET>
> Subject:   Public access to Internet etc.
> Dear Biomch-L readers,
> While email communication is usually available for free to account holders
> on EARN/BITNET, Internet, etc., (log-on time, disk usage, paper output
> typically being charged), it may be useful to mention that email access is
> also becoming increasingly available through PC and modem facilities by
> telephone [...; typically, number of transmitted bytes and/or logon time
> being charged — HJW].
> Interestingly, one such service (PRODIGY) has been accused of censoring
> email to and from its subscribers.  Whether this allegation is true or
> not, such issues do raise concern about freedom of opinion, free access
> to information, and similar fundamental rights in a networking context,
> especially if (with some justification, perhaps) `network harrassment' is
> used as an argument to counter network `flaming'.  As said at a previous
> occasion: "verba volent, scripta manent" ...

The allegations in RISKS-11.56 against Prodigy and GEnie, two commercial
email service providers in North America, warrant considering the question
whether it is about time that Postal legislation (i.e., postal services are
not entitled to refuse, (unnecessarily) delay, read, or censor your mail,
or to divert it from its destination without a proper court order) shall
also apply to electronic mail, whether through private or public channels.

I do not propose to have this topic as a debate on this list; however, I think
that a pointer to the relevant debate is not out of place even on a discussion
list like ours, and I shall be happy to consider any comments sent to me
privately.  I might mention in this respect that the Dutch legislative is
currently considering a Computer Crime Bill in which unauthorized access to
computers, e.g., by networking, is considered a felony, and that some of the
proposals remind more of the U.K.'s Official Secrets Act than of the U.S.A.'s
Freedom of Information Act.  One heavily debated topic is to what extent
computer trespassing will be declared a criminal offence if no appropriate
security is provided by system management.  If not, private (and public)
interests can afford to neglect system security and yet call upon public
authorities for free to protect their interests once they observe that their
sloppyness has been `used'.  This is unusual in Civil Law as any insurance
company will be happy to point out, and not very compatible with the classical
view that Criminal Law is the Ultimate Resort, `when all else fails'.

Herman J. Woltring, Biomch-L co-moderator & (former) member, Study-committees
on s/w & chips protection / Computer crime, Neth. Society for Computers and Law

Prodigy commentary

Jeremy Epstein <epstein%trwacs@uunet.UU.NET>
Tue, 30 Apr 91 09:43:47 EDT
I found the comments on Prodigy very enlightening.  I'm glad I'm
not a subscriber.  However, I was very concerned by one comment:

>     I invited you to look at your own STAGE.DAT file, if you're a Prodigy
>user, and see if you found anything suspect. Since then I have had numerous
>calls with reports of similar finds, everything from private patient medical
>information to classified government information.

If you have classified government information on your PC, you should
not be using it to call *anywhere* using *any* comm package.  That's
just good sense (and it may even be the law, I'm not sure).

I'm certainly not defending Prodigy...if what was described is accurate,
it certainly sounds like a mass invasion of privacy, theft, and some
nice big lawsuits.  Has any of this made it into the non-technical press
(e.g., Wall Street Journal, NY Times, LA Times).

Jeremy Epstein, Trusted X Research Group, TRW Systems Division, Fairfax
VA   +1 703/876-8776

Prodigy and STAGE.DAT strangeness

Tom Neff <>
30 Apr 91 15:18:47 EDT (Tue)
The simplest explanation for private customer data appearing quasirandomly in
the Prodigy STAGE.DAT file is that the access program may allocate buffers
without clearing them, then write a comparatively little bit of binary data
into them and flush to disk.  The unused buffer areas still contain whatever
was lying around in memory before Prodigy was started, and this "garbage" will
end up on disk.

This neither proves malfeasance or innocence on Prodigy's part; but, at worst,
carelessness.  Clearly their program *could*, if it wished, transmit your
computer's entire memory and/or disk contents back home to the Prodigy host.
And it could do so *without* storing anything in a file like STAGE.DAT!  That's
simply a RISK of accepting some black box piece of software in the mail and
running it.  "Run me," Alice?

Re: Prodigy, etc. (RISKS-11.56)

Robert Hartman <>
Tue, 30 Apr 91 11:32:55 PDT
WRT the controversies over censoring e-mail and selectively denying service to
customers who complain, there already are some laws that should be applicable.
It seems to me that there's nothing all that different between an e-mail
service and a phone company--except the format of the data being carried. The
various phone and long-distance companies are common carriers, and governed by
FCC rules.  Am I wrong in thinking that a common carrier is not allowed to
interfere with the communications they carry, and that they cannot easedrop
without a court order?  Now, broadcast mail may be open for public scrutiny and
rebuttal, but if a carrier offers a "conference call" service, I don't believe
that they can restrict anyone from using it, or from saying what they like in
the course of such a call.  Bulletin board postings seem to me to be analogous
to conference calls in the same way that private e-mail messages are akin to
private calls.

A sharp lawyer ought to be able to convince a judge or jury in a civil suit
(where a preponderance of evidence is all that is necessary to win) that
Prodigy and the others, in offering their e-mail and BBS services, are
operating as de-facto carriers for electronic communications.  As such, they
should be held accountable under the same rules as any other carrier, and
liable for any breaches.  Esp.  when they are run by large corporations with
legal staffs.  They can't plead ignorance.  I can't understand why they'd risk
legal exposure in this way, not to mention the negative publicity of a trial!

A risk in obtaining such a ruling would be that all BBS operators--at least
those using the phone lines, might have to be licensed.  But then, if there are
enough of them who write enough letters to legislators, a new class of licenses
for "amateur e-mail and BBS carriers" could be mandated.  We could even make it
an automatically-granted license, so long as there is no charge for the

As far as the issue of Prodigy uploading private data goes, this sounds like a
clear case of wire fraud to me.  Wish I were the lawyer to get that case!  Can
you spell "class action?"  I knew you could.  Mr. and Mrs. Middle Class America
will be mightily annoyed if this is true.

Four-digit address causes NYC death (Nilges, RISKS-11.55)

W.A.Simon <alain@elevia.UUCP>
Tue, 30 Apr 91 14:56:06 EDT
I have a hard time accepting this.  I have designed and programmed applications
for the military, for banks, for large corporations, for government
administrations, and even for a hospital.  I have never encountered a situation
where this limitation could have been a problem.  If a 9 position field was
required, it showed on the screen as a 9 position field, or the analyst (and
later the users) would catch it.  Testing would also take care of internal
field truncations (due to programming errors rather than design weaknesses).
Blaming the language for poor discipline is like blaming Henry Ford for road

From a different perspective, there is no way to garantee that a program will
be error free (in respect to field truncation) simply by mandating dynamic
field length.  There can be other sources for this kind of error.  And we
should remember that it is not possible to outlaw human failures or plain

>           How about legislation concerning responsible display and capture of
> COMPLETE information?

And legislation concerning the proper use of toilet seats...

>                        Or, at the level of civil lawsuits, the fact that a
> defendant's system truncates data should always weigh against the defendant.

It is very probable that, should such error be documented, a civil
court judge would find sufficient ground against the defendant.

Alain                                                UUCP: alain@elevia.UUCP

Re: Four-digit address causes NYC death

Brinton Cooper <abc@BRL.MIL>
Mon, 29 Apr 91 23:22:58 EDT
Ed Nilges reports on the death of a man in NYC because the computer system
which dispatches emergency personnel was not programmed to handle 5 digit
addresses.  Ed goes on to make a well-reasoned argument on what might and might
not be done about this.

I have another suggestion: I believe that cases such as this argue my theses
that there should be less "programming," in the traditional sense of the word.
It seems to me that spreadsheet and database tools which permit a limited
number of "well-defined" and "obvious" operations by the user may well inhibit
many of the errors permitted, even encouraged, by so-called "powerful"

This is just a hunch; I wonder if Risks folks know of data to refute or
support this bias?

static memory allocation causes NYC death

Steve Strassmann <>
Mon, 29 Apr 91 22:52:12 EDT
One RISK of using C and unix extensively, so it would seem, is that it
makes it hard for some people to distinguish between "C does this
incredibly stupid thing" and "most languages do this incredibly stupid thing."

For example, since C is a de-facto standard, these people make so-called
"general-purpose" CPU's, saying "of course it's general-purpose, it's optimized
to run C, isn't it?"

re: truncation of fields (Risks 11.55)

Martin Minow 29-Apr-1991 2226 <>
Mon, 29 Apr 91 19:32:22 PDT
In Risks 11.55, Ed Nilges comments that only a few programming languages
allow completely variable-length strings.

The problem isn't quite as bad as Ed suggests.  In addition to "REXX and
certain Basic interpreters," one might add Ansi Mumps (which is quite
suitable for database applications), Pascal (which supports variable
length strings up to 255 bytes), PL/I, the VMS command language,
and many, if not all, personal computer database packages.

In many cases, however, the problem is not due to the programming language,
but to the original database design.  Many of these systems grew, one
small step at a time, from punch-card based address lists, without the
benefit of — or opportunity for — a redesign.
                                                  Martin Minow

CPSR Washington Seminar, "Social Importance of Privacy," May 3, 1991

Robert Jacobson <>
Tue, 30 Apr 1991 05:38:07 GMT
       * CPSR Seminar Series *
  "The Social Importance of Privacy"

  Priscella M. Regan, Department of Public Affairs, George Mason University

CPSR Washington Office, Friday, May 3, 1991, noon - 2 pm

Most legal and philosophical writing views privacy as important to the
individual, as a safeguard that allows for personal self-development, and a
political freedom that protects private or intimate relationships.  But this
emphasis on the importance of the individual has concealed another aspect of
privacy P its social importance.  Professor Regan will explore the
philosophical and legal basis for the social or public importance of privacy,
and will examine the policy implications of viewing privacy from a social

CPSR Washington Office, 666 Pennsylvania Ave., SE, Suite 303, Washington, DC,
202/544-9240 (one block from the Eastern Market metro)

In cooperation with The United States Privacy Council

[if you would like to be notified of future CPSR Seminars, please send a note
with e-mail address to]

Please report problems with the web pages to the maintainer