Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
Madison, Nebraska is reportedly in the midst of automating is mail system, but the automation has reportedly force people to change their addresses repeatedly. The conversion will reportedly be finished by 1995! Meanwhile residents are not usre if they're getting all their mail. Residents of the town of Madison are forced to have their mail delivered to boxes rather than their homes, but some rural routes have street addresses. One resident, Mary Duby, has three addresses listed in the phone book due to the apparently due to the postal automation: two boxes and a street address. Duby said, "What a mess. Originally I had a street address. Then I had a mailbox put up and I was put on the rural route." [Source: an AP story reported in the San Jose Mercury News 2Sep91]
Many of us have become dependent on electronic mail as vehicle for serious discussions. Our addresses become widely distributed and stored in many colleague's mail files. This is a serious exposure to risk. If one moves one may find that one's former employer feels insulted by the announcement that one has moved on to other pastures and refuses to forward electronic mail. The incorrect mail address may persist in electronic files for many years and those who write to you may find that you are an "unknown user". What is needed is a personal communication system, one where the individual's address is independent of his (or her) location on the computer network. David Lorge Parnas (no longer at qucis.queensu.ca)
There have been various proposals for life-time unique IDs — for EMail, for telephone numbers, and even for Postal Delivery, that would transcend geographical locations and relocations, etc. All sorts of interesting problems are raised regarding decentralized implementations and whom you have to trust with what, what happens if one of the decentralized sites is down and whether the implementations are suffiently fault tolerant to survive multiple outages, what to do about authorizations and junk mail, revocation, etc. But it certainly would be nice. This reminds me of some of the problems experienced long ago in designing capability based systems where capabilities have identifiers that are unique for the lifetime of the system. So, there is actually significant experience in dealing with David's suggestion, in a broader context — but not yet in the Internet, that wonderful sandbox of the past that is still the sandbox of the future.
In RISKS-FORUM Digest (Saturday 31 August 1991 Volume 12 : Issue 21), you asked about "+&*#$" as a possible New Hampshire license plate. While it's true that "+" (plus) and "&" (ampersand) are valid characters on a New Hampshire license plate, as is "-" (dash or minus), I'm pretty sure that the other characters you surmise (*, #, and $) are NOT permitted. I'd have to ask the DMV to be sure, however, which I can do if it's important. I'm amused by your reference to "other nonASCII graphics" — while it's true that some other states use bizarre characters on license plates (such as the Lone Star on the Texas plates, or the lobster on Maine plates), usually this is not "user selectable". New York State allows an embedded space character in license plates. This is as big a problem, I'm sure, for some other states as New Hampshire's use of the printing but unusual characters that are accepted here. [Live Free Or Die!] Dr. Thomas P. Blinn, Digital Equipment Corporation, Digital Drive — MKO2-2/F10 Merrimack, New Hampshire 03054 ...!decwrl!dr.enet.dec.com!blinn (603) 884-4865
``More seriously, this poses all sorts of interesting RISKs issues.''
In a previous life I had occasion to work with someone who had worked on such a
project in California. The system apparently went quite far through the
development life-cycle, but then, at the very end was dumped without being
deployed.
Such a system could be used to lower fire risks by shutting
down natural gas and power distribution networks, to protect
computer systems by retracting disk heads, to start a
controlled shut down of factory processes, to divert aircraft,etc.
What happened instead was that many of those people responsible for performing
these vital functions took advantage of the early warning to leave work to be
with and protect their families. Thus, the system ended at "proof of concept",
due to the significant risks associated with loss of key personnel at exactly
the worst possible time.
Incidentally, the system apparently did use a network of sensors, but took
advantage of the fact that the shock wave moves relatively slowly (45 - 60 mph
comes to mind, but it has been a few years).
Floyd Ferguson floydf@iphase.com
Phil Agre (pagre@weber.ucsd.edu) provides some welcome warnings about misinterpretations of risk perception research. I share his concern that findings that lay people evaluate risks differently than experts are often viewed as evidence that ``ordinary people are irrational.'' There are usually several explanations for the discrepancy between lay and expert judgments and the data are rarely conclusive as to which explanation is best. Premature attributions of irrationality are a significant risk in risk perception research because, as Agre suggests, attributing irrational judgment to ordinary people can make them seem responsible for the morbidity and mortality they suffer. This said, Agre's diagnosis of a ``hidden agenda inside the notion of `risk''' was inaccurate. Agre says that ``The whole rhetoric of `risk' started out as corporate PR'' specifically the well-known advertisements by Mobil Oil. The concept of risk in the sense used in risk perception studies dates (at least) from the beginnings of epidemiology and from the integration of probability into the theory of insurance in the 18th century. Psychological research on risk perception and probability judgments was well established when Mobil ran its ads. Agre believes that it is a conclusion of risk perception research that ``ordinary people are unwilling to accept any risk at all.'' I have never seen a statement like this in the risk perception literature and I wonder if Agre can find one. Agre says that ``talk about `levels of risk' and the like erases the distinction between the experts' assessments of risk and the assessments that ordinary people are in a position to make.'' The point of this field is to understand how one aspect of our positions in the world — our cognitive limitations and our limited access to information — force us to construct simplified models of the world. All of us need to make decisions without the benefit of professional knowledge: how do we cope? Risk assessment research _begins_ with a distinction between the cognitive position of the expert and lay person, it doesn't erase it. By the way, it isn't just ordinary people who construct simplified models: there are many studies showing that experts also have great difficulty in judging probabilities and coping with uncertainty. Agre describes risk perception research as ``ideology, made into a profession.'' I hope he sees that there are also significant empirical phenomena that need explanations, and quickly if possible. For example, it appears that adolescent gay males have not adopted the safe sex norms accepted by older gay male cohorts. If so, why not? Health psychologists working with these young men think that these kids believe (inaccurately!) that HIV infection risks apply only to older gay men. This is readily understandable: the long incubation period of HIV infection means that an adolescent will rarely encounter a peer with AIDS, and therefore does not perceive himself to be at risk. This explanation is an example of the availability heuristic, the idea that probability judgments are affected by our ability to recall vivid exemplars of the risk in question. Is this really why these kids engage in risk taking? I don't know: it is hard to design a study that can powerfully discriminate among many competing plausible explanations. Agre says that the findings of discrepancies between expert and lay judgments are ``easily explained''. But if he wants us to believe his explanations, as opposed to the others on offer, he will need some data that show why they are better. Agre oversimplifies when he reduces the political implication of risk perception research to ``corporate PR''. Many risk perception researchers share his desire for a ``socially responsible'' technology in which people are ``told the truth, ...able to find the world intelligible and sane, [are] consulted about things that change their lives, [are not] subjected to hazards without their consent, and generally [are] able to participate in collective decisions about issues of technology and social change''. All of these goals will require that technical information be communicated to people who are not specialists in the relevant technologies. If risk perception research can clarify how non-specialists understand risk information, we may get an idea about how to communicate the information more clearly. William Gardner, Law & Psychiatry Research, Department of Psychiatry, University of Pittsburgh School of Medicine (wpg1@unix.cis.pitt.edu)
Phil Agre's posting reminded me of a table in "The Mission Profile," in _IEEE
Spectrum_, October, 1981. It describes "consumer" expectations for various
systems. I summarize (the original table had more words and a column for
availability):
System Representative Useful Life
Failure Rates of System
-------------------------------------------------------------
Automatic Teller 1 per 18mo. >15 years
Teller
Telephone 3 min/yr >15 years
Chemical Plant Less than 3% >15 years
Electric 12 min/mo. during >15 years
Power sys. excessive demand or storms
Television Set 3-10% during warranty 7-10 years
period. May continue (based on use)
with degraded perf.
Auto: engine 1% during warranty life of car
control
Air Traffic 2.9 unsched. interrupts >15 years
Control per month lasting >1 min.
Minuteman III 1 per 1.9 billion part up to time missle is
missile hours in system with capable of striking a
8000 critical parts prescribed target
Pacemaker 1 per month among 8-15 years depending
170,000 devices on type of pacemaker
[I'm tempted to say "lifetime" but
that would probably be crude--CHS]
Operating System 1/hr to 1/mo runtime of program
I think these figures, although subjective and somewhat dated, illustrate the
range of acceptance of failure for various systems. They are not necessarily
rational or related to any more objective ratings, such as the number of deaths
caused per year by each system (a figure hard to interpret for a Minuteman
III). But, isn't *acceptance* of risk by *definition* a social phenomenon
rather than a scientific one? Death is not the only metric.
The corporate PR firms that started advertising based on risk reduction
believed that safety was marketable. Wouldn't our jobs be much easier if more
people believed that risk reduction was worth paying for?
Craig Seidel, SRI International
I am forwarding this from the Symposium chair, Luca Simoncini. [Suggestion: use
E-mail or fax for correspondence, regular mail to/from Italy may be very slow.
Lorenzo]
THE FOLLOWING IS THE ADVANCE PROGRAM OF SRDS10 COMPLETE WITH REGISTRATION FORM
AND HOTEL RESERVATION FORM. THESE FORMS CAN BE USED FOR REGISTRATION AND
RESERVATIONS IF YOU NEED WE WILL MAIL REGULAR PAPER ADVANCE PROGRAMS, WHICH ARE
GOING TO BE DISTRIBUTED BY REGULAR MAIL IN A FEW DAYS TO ALL COUNTRIES.
INFORMATION AND ENQUIRIES TO: ETTORE RICCIARDI, IEI-CNR, Via S. Maria 46, 56126
Pisa, Italy. tel.: +39 50 553 454, +39 50 553 443 fax: +39 50 554 342
E-mail: simon@icnucevm.cnuce.cnr.it
ADVANCE PROGRAM
Tenth Symposium on Reliable Distributed Systems - SRDS10, September 30, October
1-2, 1991, Palazzo dei Congressi, Pisa, Italy
sponsored by: IEEE Computer Society, TC on Distributed Processing, AICA
in cooperation with: TC on Fault-Tolerant Computing, IFIP W.G. 10.4, IEI-CNR,
Universita' di Bologna, Universita' di Pisa, with the support of: Olivetti
S.p.A, Italy, TANDEM Computers S.p.A., Italy, ANSALDO TRASPORTI, Italy
SUNDAY, September 29, 1991
16.00 - 20.00 Registration
MONDAY, September 30, 1991
08.00 - 09.00 Registration
09.00 - 09.30 Opening Remarks: Luca Simoncini, University of Pisa
Ozalp Babaoglu, University of Bologna
Richard D. Schlichting, Univ. of Arizona
09.30 - 10.30 Keynote Speaker:Brian Randell,
University of Newcastle upon Tyne, UK
10.30 - 11.00 Coffee Break
11.00 - 12.30 Session 1: Checkpointing & Logging Algorithms
Chair: Shaula Yemini, IBM, Yorktown Heights, USA
"Checkpointing Multicomputer Applications"
Kai Li, Jeffrey F. Naughton, James S. Plank, Princeton
University, USA
"A Timestamp-Based Checkpointing Protocol for
Long-Lived Distributed Computations"
Farnam Jahanian, Flaviu Cristian, IBM, San Jose', USA
"File System Measurements and their Applications
to the Design of Efficient Operation Logging
Algorithms"
David F. Bacon, University of California Berkeley,USA
12.30 - 14.00 Lunch
14.00 - 15.30 Session 2: Real-Time
Chair: Hermann Kopetz, Technical University of Vienna
Austria
"Masking Failures of Multidimensional Sensors"
Keith Marzullo, Paul Chew, Cornell University, USA
"A Statistical Clock Synchronization Algorithm for
Anisotropic Networks"
G. Florin, D. Couvet, S. Natkin, Centre D'Etude et
De Recherche En Informatique, France
"On the Testability of Distributed Real-Time Systems"
Werner Schuetz, Technical University of Vienna
Austria
15.30 - 16.00 Coffee Break
16.00 - 17.30 Panel Session: "Fault-Tolerance in Distributed Systems: how
transparent can you get ?"
Coordinator: Shaula Yemini, IBM, Yorktown Heights
USA
19.00 Concert
20.30 Welcome Party
TUESDAY, October 1
08.00 - 09.00 Registration
09.00 - 10.30 Session 3: Backward Recovery Schemes
Chair: Edgar Nett, GMD, Germany
"Optimistic Failure Recovery for Very Large Networks"
Andy Lowry, James R. Russell, Arthur P. Goldberg,
IBM, Yorktown Heights, USA
"Efficient Communication of Commitment-Dependency
Information in the PTC Scheme for Cooperative
Recovery"
Kane Kim, J. H. You, University of California Irvine
USA
"Flexible Schemes for Application-level Fault
Tolerance"
Lorenzo Strigini, Felicita Di Giandomenico, IEI-CNR
Italy
10.30 - 11.00 Coffee Break
11.00 - 12.30 Session 4: Replication & Parallelism
Chair: Fabio Panzieri, University of Bologna, Italy
"A Model for Interface Groups"
Ed Oskiewicz, Michael H. Olsen, John Warne, ANSA, UK
"Formalising Replicated Distributed Processing"
Maciej Koutny, Luigi V. Mancini, Giuseppe Pappalardo,
University of Newcastle upon Tyne, UK
"On Tolerating Faults in Naturally Redundant
Algorithms"
Luiz A. Laranjeira, Miroslaw Malek, Roy Jenevain,
University of Texas Austin, USA
12.30 - 14.00 Lunch
14.00 - 15.30 Session 5: Dependability Modelling
Chair: Jean-Claude Laprie, LAAS-CNRS, France
"Evaluation of Bus and Ring Communication Topologies
for the Delta-4 Distributed Fault Tolerant
Architecture"
David Powell, Karama Kanoun, LAAS-CNRS, France
"Flexible Handling of Diverse Dependability
Requirements in MARS"
Heinz Kantz, Technical University of Vienna, Austria
"Efficient Transient Simulation of Failure/Repair
Markovian Models"
Juan A. Carrasco, Universitat Politecnica de Catalunya
Spain
15.30 - 16.00 Coffee Break
16.00 - 18.00 Session 6: Work in Progress
Chair: Miroslaw Malek, University of Texas Austin,USA
(Submissions will be solicited on the spot,
for short presentations;
there will be a selection)
20.30 Banquet
WEDNESDAY, October 2
09.00 - 10.00 Session 7: Dependability Assessment
Chair: David Powell, LAAS-CNRS, France
"Performability Evaluation of CSMA/CD and CSMA/DCR
Protocols under Transient Fault Conditions"
William Sanders, K. H. Prodromides, University of
Arizona, USA
"A study of the Reliability of Internet Sites"
Darrell Long, J. L. Carroll, C. J. Park, University
of California Santa Cruz, USA
10.00 - 10.30 Coffee Break
10.30 - 11.30 Session 8: Agreement
Chair: Paulo Verissimo, INESC, Portugal
"Ordered Broadcasts for Large Applications"
Tony P. Ng, University of Illinois Urbana-Champaign
USA
"Keeping Processes under Surveillance"
Thomas Becker, University of Kaiserslautern
Germany
11.30 - 12.30 Session 9: Garbage Collection
Chair: Paolo Ancilotti, University of Pisa, Italy
"A Fault-Tolerant, Scalable, Low-Overhead Garbage
Detection Protocol"
Marc Shapiro, INRIA, France
"Copying Garbage Collection for Distributed Object
Stores"
Luigi Mancini, Vittoria Rotella, Simonetta Venosa,
Universita' di Pisa, Italy
12.30 - 14.00 Lunch
14.00 Symposium end.
=============================================================================
SRDS10 will be held at the Palazzo dei Congressi di Pisa.
SRDS10 is in connection with the 5th International Conference on
Fault-Tolerant Computing Systems (the German FTCS), Nurnberg, 25-27 Sept. 1991
(contact Mario Dal Cin E-mail: DALCIN@INFORMATIK.UNI-ERLANGEN.DE), and with
the International Workshop on Responsive Computer Systems, Nice, France,
3-4 October 1991 (contact either Gerard Le Lann E-mail: GLL@SCORE.INRIA.FR or
Miroslaw Malek E-mail: MALEK@EMX.UTEXAS.EDU)
INFORMATION and ADVANCE PROGRAM complete with registration form and hotel
reservation form for SRDS10: contact: Luca Simoncini, IEI-CNR, Via S.Maria 46,
56126 Pisa Italy
fax: +39 50 554342
E-mail:SIMON@ICNUCEVM.CNUCE.CNR.IT
===============================================================================
ELECTRONIC REGISTRATION FORM SRDS-10
SURNAME:
NAME:
AFFILIATION:
ADDRESS:
CITY:
STATE: ZIP:
TEL.: FAX:
E-MAIL:
REGISTRATION FEES:
Before September 10,1991:
Members: Lit. 430.000
Non Members: Lit. 550.000
FullTime Students: Lit. 260.000
After September 10, 1991:
Members: Lit. 520.000
Non Members: Lit. 650.000
FullTime Students: Lit. 400.000
IEEE/CS Membership number:__________________
AICA Membership Number:_____________________
Registration fee includes: the Proceedings, three working lunches, coffee
breaks, participation to the Concert and Welcome Party on Monday night and Gala
Dinner on Tuesday night. Students do not participate to the Social Program.
PAYMENT
AMOUNT OF LIT.______________________________
__ I ENCLOSE AN INTERNATIONAL BANK CHEQUE FOR THE TOTAL AMOUNT
__ I ENCLOSE PHOTOCOPY OF A BANK TRANSFER ORDER
PAYABLE TO : SRDS-10 ETTORE RICCIARDI
BANK ACCOUNT N. 13676
BANCA POPOLARE DI NOVARA AG.1 - VIA S.FRANCESCO, 54 - PISA
SEND IN AN ENVELOPE TO: ETTORE RICCIARDI
IEI-CNR
VIA S.MARIA 46
56126 PISA, ITALY
===================================================================
SRDS-10 HOTEL RESERVATION FORM
SURNAME ________________________________
NAME ___________________________________
AFFILIATION ____________________________
________________________________________
ADDRESS ________________________________
________________________________________
CITY ___________________________________
STATE __________________ ZIP ___________
TEL _______________ FAX ________________
ACCOMPANIED BY (SURNAME AND NAME) ______
________________________________________
I WISH TO SHARE A DOUBLE ROOM WITH _____
________________________________________
DATE OF ARRIVAL ________________________
DATE OF DEPARTURE ______________________
TOTAL NIGHTS ___________________________
I AM ENCLOSING INTERNATIONAL CHECQUE N.
________________________________________
MADE PAYABLE TO: TRE EMME CONGRESSI
PLEASE RETURN THIS FORM WITH DEPOSIT (P.T.O)
BEFORE SEPTEMBER 2, 1991 TO:
TRE EMME CONGRESSI
VIA RISORGIMENTO 4
56126 PISA, ITALY
===========================================
COST OF ACCOMODATIONS
HOTEL CAT SINGLE DOUBLE DOUBLE AS SINGLE
**** LIT.163.500 LIT. 228900 LIT. 190750
*** LIT. 74500 LIT. 105000 LIT. 95000
** LIT. 51000 LIT. 80000 LIT. 65000
PRICES INDICATED ARE PER ROOM AND INCLUDE BREAKFAST, SERVICE CHARGES, TAXES AND
VAT. WHEN SINGLE ROOMS ARE NO MORE AVAILABLE DOUBLE ROOMS FOR SINGLE USE WILL
BE RESERVED. THE DEPOSIT WILL BE DEDUCTED FROM THE HOTEL BILL UPON DISPLAY OF
THE VOUCHER SENT BY TRE EMME CONGRESSI. MAJOR CREDIT CARDS ARE ACCEPTED AT ALL
HOTEL IN PISA.
NOTIFY TRE EMME CONGRESSI OF LATE ARRIVAL TO HAVE GUARANTEED RESERVATION.
Lorenzo Strigini, IEI del CNR
Via Santa Maria 46 I-56126 Pisa ITALY
Tel: +39-50-553159 ; Fax: +39-50-554342 ; Telex: 590305 IEICNR I
strigini@icnucevm.cnuce.cnr.it , strigini@icnucevm.bitnet
Call for Papers and Proposals
DIRECTIONS AND IMPLICATIONS OF ADVANCED COMPUTING
DIAC-92 Berkeley, California May 2 - 3, 1992
Computer technology significantly affects most activities in society, including
schooling, health care, military practice, work, communication, and laws and
law enforcement. The DIAC conference considers the implications of technical
advancements on society in a broad social context that encompasses ethics,
economics, and politics. The conference seeks to address the the relationship
between technology and society. Papers that address directly the relationship
between technology and policy, and papers on the ethics and values of computing
are especially desired. Papers and workshop proposals that build on previous
DIAC presentations are encouraged. Reports on work in progress or suggestions
for future work as well as appropriate surveys and applications will also be
considered. The following topics should be regarded as general guidelines for
paper or workshop topics:
RESEARCH DIRECTIONS DEFENSE APPLICATIONS
+ Research Funding + AI & Neural Net Applications
+ Software Development + Autonomous Weapons Systems
Methodologies + Virtual Reality
+ Professional responsibility + Uses of Models & Simulations
COMPUTING IN A DEMOCRATIC SOCIETY COMPUTERS IN THE PUBLIC INTEREST
+ Community Access + Computing for the Disabled
+ Computerized Voting + Computers and the Environment
+ Civil Liberties + Arbitration & Conflict Resolution
+ Computing & the Law + Computing in Education
+ Computing & Workplace + Software Safety
Submissions will be read by members of the program committee, with the
assistance of outside referees. The program committee includes David Bellin
(consultant), Eric Gutstein (U. WI), Batya Friedman (Mills College), Jonathan
Jacky (U. WA), Deborah Johnson (Rensselaer Polytechnic Inst.), Richard Ladner
(U. WA), Dianne Martin (George Washington U.), Judith Perrolle (Northeastern
U.) Marc Rotenberg (CPSR), Douglas Schuler (Boeing Computer Services), Barbara
Simons (IBM), Lucy Suchman (Xerox), Karen Wieckert (U. CA. Irvine), and Terry
Winograd (Stanford).
Accepted papers will be presented on May 2. Accepted workshops will be
conducted on May 3. Complete papers should include an abstract and should not
exceed 6000 words. Proposals for workshops should include title, purpose,
intended agenda, and references. Workshops will be two hours in length.
Submissions will be judged on significance, clarity, insight, and originality.
Papers and/or proposals (4 copies) are due by November 1, 1991. Notices of
acceptance or rejection will be mailed by January 15, 1992. Camera ready copy
is due by March 1, 1992. Send papers to Douglas Schuler, Boeing Computer
Services, MS 7L-64, P.O. 24346, Seattle, WA 98124-0346. For more information
contact Doug Schuler (206-632-1659 (H), 206-865-3832 (W)
dschuler@june.cs.washington.edu).
Proceedings will be distributed at the symposium, and will be available by
mail. The DIAC-87, DIAC-88, and DIAC-90 proceedings are published by Ablex
Publishing Company. Publishing the DIAC-92 proceedings is also planned.
Sponsored by Computer Professionals for Social Responsibility
P.O. Box 717, Palo Alto, CA 94301
DIAC-92 is co-sponsored by the American Association for Artificial
Intelligence, and the Boston Computer Society Social Impact Group, in
cooperation with ACM SIGCHI and ACM SIGCAS.
Please report problems with the web pages to the maintainer