Forum on Risks to the Public in Computers and Related Systems
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
Volume 12: Issue 68
Friday 13 December 1991
Contents
Hubble Trouble: Space Telescope shuts itself down- Henry Cox
- Postal worker leaves automated stamper in test configuration
- Palmer Davis
Joe Brownlee - 2 Safeway preferred customers, to go!
- Bear Giles
- Hospital computer solicits the dead
- Adam Gaffin
- Computer records track killer
- Robert Jenkins
- Train crash in UK - is it human error?
- Olivier M.J. Crepin-Leblond
- TRW lawsuit settled with FTC, 19 states
- Phil R. Karn
- National Fingerprint Database specs
- Clifford Johnson
- Bill on computer usage about to become law in Ireland
- Mark Humphrys
- The description is right, only the language is wrong
- Dan Franklin
- Poll tax incompetence
- Robin Fairbairns
- Truth in Antiviral Advertising
- Russell Aminzade
- Re: Pentagon computers vulnerable
- Steve Bellovin
- Post-structuralism and Technology
- Phil Agre
- Chaos Congress 91 Program
- Klaus Brunnstein
- Info on RISKS (comp.risks)
Hubble Trouble: Space Telescope shuts itself down
Henry Cox <cox@cadence.com>
Wed, 11 Dec 91 08:26:42 EST
[A short blurb from the Boston Globe, 11 Dec. 1991] Washington - The Hubble Space Telescope has shut itself down temporarily because of a computer programming error that rotated its communications antenna into a technical no-parking zone. The Hubble went into a "soft safe mode," shutting down some but not all its systems and halting scientific work on Monday. It is programmed to take this kind of action whenever necessary to protect itself from harm. In this case, it was at the hands of what officials called a "fluke" buried undiscovered in its millions of lines of computer code. [PGN provides the following additional excerpt from an AP item:] The trouble was in the system that swivels to keep the Hubble's antenna pointed to an overhead relay satellite, as the telescope orbits the Earth. On Monday, the onboard computer issued a command that exceeded the software limits on the speed of antenna movement and the system went into an emergency "safe mode" to protect itself from harm. "These things are going to happen over 15 years," Weiler said, calling the incident "a non-problem." The Hubble's planned lifetime is 15 years.
Postal worker leaves automated stamper in test configuration
Palmer Davis <davis@usenet.INS.CWRU.Edu>
Tue, 10 Dec 91 00:33:56 -0500
According to a report by WEWS-TV, a repair technician at a U.S. Postal Service
facility in Columbus, OH, when repairing a machine used to automatically stamp
messages on cancelled letters, reconfigured the machine to display a test
message that he had learned from his instructor during training, but forgot to
reset the machine to print the correct message after he completed his repairs.
So now, instead of "MERRY CHRISTMAS" or "HOLIDAY GREETINGS", thousands of
letters in circulation bear the message "YOU BITCH".
[Also noted by Mowgli Assor <mowgli@cis.ohio-state.edu>:
only envelopes 5 1/4-inches tall or taller were affected, but Johnson
said postal officials estimated that more than 12,000 were printed and only
a handful were caught before they were loaded onto trucks for delivery. The
office handled about 5 million pieces of mail Saturday ...]
Postal worker leaves automated stamper in test configuration
Joe Brownlee <jbr@cblph.att.com>
11 Dec 1991 8:17 EST
This rings a bell with me, because I have seen a few cases where this type of message was used in test versions of software. For example, a young programmer I worked with placed a message in a program instructing the user to press a certain key to "bomb off", which would produce a dump of the program's current state so that he could examine it. The message made it out the door and into a customer's hands. They were less than amused. In another case, an obscene message was displayed when the use entered an illegal value at a prompt. That software was almost sent out the door, but was caught at the last minute and removed. I suppose the moral is don't enter anything in the system you wouldn't want a customer to see.
2 Safeway preferred customers, to go!
Bear Giles <bear@tigger.cs.colorado.edu>
Wed, 4 Dec 1991 20:16:52 -0700
>From _Westword_, an alternative Denver weekly (12/4/91):
Safeway may be turning its "preferred customer" program into a "proffered
customer" deal. According to the _Wall Street Journal_, grocery stores in
Chicago, Dallas, Los Angeles and Denver are part of a Citicorp program that
uses checkout scanners to record shoppers' buying habits. You may have thought
that preferred customer card was just a way to get some free Jimmy Dean sausage
and a friendly monthly letter from Safeway's Bob Green -- but it also links
your name and mailing address to your shopping list. Once you've presented
your card, your personal purchases are no longer so personal.
Citicorp originally planned to sell data on shoppers' purchasing patterns to
grocery marketers. But for the last month, the _Journal_ says, that
information has been for sale to all comers. It's handily divided into eight
categories, including "weight-conscious consumers" (511,227 names of people
caught buying lo-cal treats) and "fancy food buyers" (refrigerated pasta is
enough to brand you fair game for marketers of travel magazines).
And just where does the fried-pork-rind-and-Cheese-Whiz contingent fit in?
[Imagine the fun a health insurance company could have with this
information:
if (subscriber) {
if (high-fat-foods && !fiber) {
colon-cancer++;
rates++; }
if (cigarettes) {
lung-cancer++;
rates++; }
if (condoms) {
sexually-active++;
rates++; }
if (KY-Jelly) {
test-for-aids++;
rates *= large-number }}
(Of course, they would never purchase the records from my health club for
"physically-active++; rates--").
The fact that Citicorp offers this information for Safeway customers certainly
implies the same type of information is available on your Citicorp-issued
credit cards.
Aha! A new, high-interest category: unfaithful spouses! (Check for flowers or
hotel rooms within 50 miles of home charged to credit cards). Sure to be read
by divorce lawyers across America!
Bear Giles bear@fsl.noaa.gov ]
Hospital computer solicits the dead
Adam Gaffin <well!adamg@fernwood.UUCP>
Wed, 11 Dec 91 07:29:13 pst
Middlesex News, Framingham, Mass., 12/11/91, page 1
Framingham Union letter solicits from dead - again
By Adam Gaffin
NEWS STAFF WRITER
FRAMINGHAM - The letter expresses the hope that Matthew Jong's recent stay
in Framingham Union Hospital went well and asks him to consider making as large
a donation as possible. The only problem is that Matthew Jong was pronounced
dead in the hospital emergency room on Oct. 5 after a car accident on Rte. 9 in
Natick.
``This solicitation was the final straw,'' says his mother, Gail, a
Wellesley resident. She has been fighting with the hospital for two months over
the way she was told Matthew was dead - a phone call from the emergency-room
doctor, rather than a visit from a Natick or Wellesley police officer.
At least one other deceased Framingham Union patient has received a
similar letter since September, when the hospital said it had fixed a computer
glitch that resulted in a number of dead people being sent fund- raising
letters. At the time, Ross Mauro, the hospital director of marketing, said he
had been assured this ``will not, cannot happen again,'' by the hospital's data
processing department and the firm hired to send out the letters to former
patients. ``Your gift will be an investment in the future health of your
family and your community,'' the letter, signed by medical-staff President
Joseph Baron concludes. ``It could help save the life of someone you love.''
``This family has suffered enough and we wish they never had gotten the
letter,'' said hospital spokeswoman Ruth Stark. She said the mix-up occurred
partly because of the way the emergency-room physician who attended Jong filled
out a form on his case.
A standardized form is required for every patient who enters the hospital,
and care-givers are supposed to mark a box on the form with a one-letter code
indicating the patient's status.
In Jong's case, the doctor wrote ``deceased - sent to morgue'' in longhand
across the form, rather than putting an ``E'' - for ``expired'' - in this box,
Stark said. The form ultimately wound up in a data-processing office, where
workers type patient information into a hospital computer. A clerk did not
notice the box was empty on Jong's form, and did not read the doctor's
comments, and so entered his data into the computer, she said.
The computer is supposed to delete the records of anybody who is deceased,
a prisoner or a Medicaid patient before the data is shipped to the mailing
company, Stark said. ``It's not a foolproof system,'' despite efforts to
reduce such incidents.''... She said hospital personnel have been reminded to
fill out the box to prevent such mishaps. But she added that the computer
program that does the deleting is currently set up to assume that a blank
disposition box means the patient went home and that officials are looking at
ways to change that. ``We are intending to insure that this doesn't happen in
the future,'' she said. [...]
Computer records track killer
Robert Jenkins <rjenkins@cix.compulink.co.uk>
Sun, 8 Dec 91 20:05 GMT
According to a report in the Guardian newspaper (London), of 6 Dec 91, a recent murder case was solved by police partly through a computer disproving a suspect's alibi. John Tanner murdered his student girlfriend and hid her body underneath the floorboards of her house. Initially, the police treated him as a witness rather than a suspect, but his story began to fall apart. He told the police that he and the girl had taken a bus ride together to the train station at a time when she was already dead. The Guardian reports: "The company that runs the local bus service keeps computerised records of its tickets. Only one person got on the bus and bought a ticket to the station at the time Mr Tanner claimed." A RISK, I suppose, of trying to get away with murder. But also another example of low-level, invisible, surveillance that computers introduce into our lives. Jolyon Jenkins (rjenkins@cix.compulink.co.uk)
Train crash in UK - is it human error?
"Olivier M.J. Crepin-Leblond" <UMEEB37@vaxa.cc.ic.ac.uk>
Sun, 8 Dec 91 19:55 BST
From Oracle Teletext Service (ITV, UK), 8 Dec 1991:
"Urgent checks are going-on following the Severn Tunnel rail crash on backup
equipment installed after earlier technical problems with the signals. Sixteen
people are still in hospital after the crash between an Intercity and a
two-carriage Sprinter on Saturday. BR [British Rail] is looking at whether
there was `further failure of equipment' or whether human error was involved.
The express had slowed to 20mph after a proceed-with-caution signal and was hit
by the Sprinter from behind - so what signal, if any, did the Sprinter get?"
[`Intercity' and `Sprinter' are two types of train. The crash which happened
on Saturday morning injured close to 100 people.]
Olivier M.J. Crepin-Leblond, Imperial College London, UK.
TRW lawsuit settled with FTC, 19 states [see RISKS-12.05]
Phil R. Karn <karn@thumper.bellcore.com>
Tue, 10 Dec 91 14:04:11 EST
Excerpted from an article by EVAN RAMSTAD, AP Business Writer, 10Dec91:
DALLAS (AP) _ TRW Inc. has settled a lawsuit with 19 states and the
Federal Trade Commission, which accused the company's credit reporting unit of
violating consumer privacy and making reporting errors that harmed the credit
ratings of thousands of consumers. The settlement requires Cleveland-based TRW
to make sweeping changes in its credit reporting business, including providing
reports to consumers who ask within four days. [...]
The settlement comes against a background of growing consumer anger over the
enormous power of credit reporting companies, which keep financial dossiers on
tens of millions of Americans. [...]
The lawsuit cited cases where different consumers' reports were mixed
together and said such inaccuracies are hard to correct. The states and FTC
charged old information reappeared in consumers' files and that consumer
disputes were not adequately investigated. [...]
The settlement requires TRW to improve its procedures so that files of
consumers are not mixed up and to prevent old information from reappearing in
consumers' files.
TRW also agreed to establish a toll-free number for consumer inquiries,
investigate information disputed by consumers and check public records if
necessary to verify information.
The company also agreed to notify consumers of their rights to dispute
information and to tell them, upon request, about other companies to whom the
credit reports have been sold.
TRW also agreed to disclose to consumers their individual credit scores,
starting Dec. 31, 1992.
The company will have to keep records of its compliance and pay the states
$300,000 to cover legal costs, according to the settlement.
[PGN saw a Washington Post article on 11Dec91, page F1, by Albert B.
Crenshaw, who noted that as part of the settlement TRW said it would
* Adopt procedures to prevent data mixups
* Review within 30 days any disputed information, and delete any that
cannot be confirmed within 30 days
* Delete any disputed information when the consumer presents relevant
documentation
* Implement procedures to prevent reappareance of seriously derogatory
information that has been deleted following a complaint. ]
National Fingerprint Database specs
"Clifford Johnson" <GA.CJJ@Forsythe.Stanford.EDU>
Thu, 12 Dec 91 11:34:38 PST
>From Gov't Computer News, Dec. 9, 1991: FBI SHOPS FOR A SPEEDY FINGERPRINT SYSTEM ... The FBI wants IAFIS [Integrated Automated Fingerprint Identification System] to complete urgent fingerprint matches in under 15 minutes. It expects a three second response to searches for name and description against its Criminal Master Database. Now the fingerprint and information searches can take two weeks... The system is slated to start running in Clarksburg, W.Va., in late 1994 ... IAFIS will give law enforcement agencies throughout the country a way to check fingerprints electronically, through the FBI's National Crime Information Center (NCIC) network... AFIS will perform a search of the agency's national fingerprint database. The system will provide a list of the most likely candidates, or a message reporting that none were found... The FBI wants a system that has a 95% accuracy rate for 10-print searches. For crime scene prints, "the correct candidate shall be listed in the top-ranked position 50% of the time, and in the top 20 positions 65% of the time"... To keep the system secure, the FBI will not make technical details public.
Bill on computer usage about to become law in Ireland
Mark Humphrys <C133-012@IRLEARN.UCD.IE>
Wed, 11 Dec 91 01:46:11 GMT
The Criminal Damage Bill, 1990, is about to be passed into law in Ireland, containing what appears to be an extremely broad definition of 'unauthorised' use of computers. Section 5 reads as follows: (1) A person who without lawful excuse operates a computer ... within the State with intent to access any data kept either within or outside the State ... shall, whether or not he accesses any data, be guilty of an offence ... (2) Subsection (1) applies whether or not the person intended to access any particular data or any particular category of data or data kept by any particular person. Section 6 states that "lawful excuse" applies: "...if at the time ...he believed that the person... whom he believed to be entitled to consent to or authorise the ... accessing of the [data] in question had consented, or would have consented to or authorised it if he or they had known of .. the accessing and its circumstances, [or] if he is himself the person entitled to consent to or authorise accessing of the data concerned" This Bill has been passed by the Dail (roughly equivalent to the House of Representatives) and is on its 2nd stage in the Senate (roughly equivalent to the US Senate) on Thur 12th Dec. I would appreciate any comments on what this Bill implies, and examples of legislation in other jurisdictions. The wording would appear to me to be extremely dangerous and ill-conceived. This is NOT a hypothetical case. I have contacts in the Labour Party ( the 3rd largest party here ) who want to propose amendments to this Bill, and they have asked me for advice. There is every chance that they will succeed, if they can propose an intelligent alternative. The last chance to amend it will be late Dec / early Jan. Then it will become law. Mark Humphrys, Dublin, Republic of Ireland
The description is right, only the language is wrong
<dan@BBN.COM>
Mon, 09 Dec 91 11:53:18 -0500
The Boston Globe "TV Week" movie listings had an unusual description for
one movie this past week:
_New York, New York_ (1977) Robert De Niro, Liza Minelli.
Apres la deuxieme guerre mondiale, une chanteuse aide un
saxophoniste a joindre un orchestre fameux de jazz. (120m.)
The rest of the listings were in English, as they normally are. The
Globe had this to say (Saturday, December 7, 1991):
A spokeswoman for Tribune Media Services, which supplies the
movie listings to newspapers in the United States, Canada, and
the Caribbean, tells us someone selected the wrong description
of the film from the company's data base and included it in the
listings sent to the Globe. Some television stations carry
English-language films dubbed in French, she notes. The English
description reads: "A singer and a saxophonist team up and break
up in the postwar big-band era. Directed by Martin Scorsese."
It is hard to believe that this error would have occurred, and not been caught,
before the age of computers. The RISK here is that as the chain of events
handled purely by computers lengthens, it becomes possible for relatively major
errors to occur unnoticed, because no one is looking closely at the output at
any stage.
Dan Franklin
P.S. A non-RISK is that those of us who can understand a little French
can be amused at how different the two descriptions are...
Poll tax incompetence
Robin Fairbairns <robin.fairbairns@lsl.co.uk>
Thu, 05 Dec 1991 09:14:47 +0100
I've now simmered down, but I was in a state of seething fury yesterday from the behaviour of our local Poll Tax office. Earlier this year, I split up from my wife, and moved house. Still within the city, but they gave me a new tax account number: I thought it pretty daft then. Three months ago I changed the method of payment; in October, they recognised this and sent me a letter saying that the first payment would be requested from my bank on 26th November. On the 2nd December I received a tax demand; when I finally got through to the payments office, they agreed that it was silly, and should be dealt with by the direct debit. Almost immediately, they rang me back and said there was no direct debit mandate on my account. If I'd really given them one, would I please call my bank and ask them to send a copy of their half of the mandate? Yesterday, I called them again: I had with me a copy of their letter about the mandate. They were adamant; finally we came to the joint realisation that there were _3_ accounts involved - the one at my old address, my present one, and the one that had the mandate. The payment people had no record on any account they could look at of my mandate. Through to the registration people: ah yes, they said, we had a problem with the accounts of the previous occupants of your house, so we deleted all accounts with that address. Sorry, we seem not to have transferred your mandate when we created a new account for you. The risk? Incompetent use of computers causes raised blood pressure! Robin Fairbairns, Senior Consultant, postmaster and general dogsbody Laser-Scan Ltd., Science Park, Milton Rd., Cambridge CB4 4FY, UK
Truth in Antiviral Advertising
"Russell Aminzade: Trinity College of VT" <AMINZADE@uvmvax.bitnet>
Mon, 9 Dec 1991 07:17 EST
An advertisement has been running in major computer professional magazines that I find both obnoxious and dangerous. I've seen it in several places, but I'm looking at the inside back cover of the December 2, 1991 PC WEEK (Vol 8. #48). It's an ad for Central Point Software's "Central Point Anti-Virus." The ad has an illustration of nine computer screens. Eight of them appear to show illustrations of the results of these virii, but to anyone familiar with one or more of them they are obviously "artists interpretations." Though I haven't encountered every virus "shown," it appears that all of these screens embellish the actual results of the virus, not only making the results of infection look scarier, but giving some expensive publicity to the authors of the Stoned Virus, Friday the 13th Virus, Datacrime Virus, Aircop, Ping Pong, and Falling Letters. The RISK here, of course, is that giving free publicity to virus authors will encourage them (and others) to new heights of "creativity". I'm angry in part because I have been victimized by computer virii. I think I've got at least some understanding of the mind of a computer vandal, and the only motivation I could see for releasing a virus would be a desire to see your program widely publicized and your programming "skill" demonstrated. This ad takes it one step further, prominently identifying and enhancing (in garish color) the on-screen look of the virus. I would feel the same way if I was a park system manager, and a company that sold cleaning agents highlighted the work of a graffiti artist who was well-known in my town. If they also hired professional artists to improve the quality of this punk's graffiti, and ran photographs showing statues and benches allegedly painted by him or her, I'd be raging mad. Central Point makes some pretty good software. I've purchased some of it (not this product, though). I angered that they seem willing to stoop this low to sell their product. I also wonder how long it will be before some company is willing to stoop low enough to unleash some nasty code from which their product can protect users.
Re: Pentagon computers vulnerable
<smb@ulysses.att.com>
Mon, 02 Dec 91 19:55:12 EST
I certainly can't speak about all of the break-ins. But I was part of a team
that monitored many such attempts -- and these were very definitely traced back
to the Netherlands. For more details, see Bill Cheswick's paper at the
forthcoming Usenix conference.
As for the notion that it's up to the U.S. military to take precautions --
nonsense! What ever happened to ethics? Is it not sufficient that it's their
computer -- for almost any value of ``their'' -- and they don't want you there?
I note that Herschberg's students have prior permission to conduct their
break-ins. That's fine -- I not only have no problem with that, I conduct such
authorized break-ins myself as part of my job. Again, though, note that I'm
acting with prior permission.
--Steve Bellovin
Post-structuralism and Technology
Phil Agre <pagre@weber.ucsd.edu>
Mon, 2 Dec 91 17:20:07 pst
John Bowers (University of Manchester) and I were talking a couple months ago
about various interesting people who have been studying technological issues
using new-fangled methods from philosophy, literary criticism, and sociology.
One recurring theme is the influence of "post-structuralists" like Derrida,
Foucault, Lacan, and Deleuze [*]. We realized, though, that these folks are
all scattered among disciplines and countries, so that a lot of them don't yet
know each other. So we've started up a network discussion group for such
people and their sympathizers. Its main purpose is to get everyone introduced
and exchanging papers, though perhaps some interesting discussion will start up
as well. Its address is postech@weber.ucsd.edu. Anyone who wants to be
included can send a note to postech-request@weber.ucsd.edu. (Make sure to
include a network address that's accessible from the Internet: me@here.bitnet,
uucpnode!me@gateway.somewhere.edu, me@machine.here.ac.uk, me@ibm.com, or
whatever.) We'll collect addresses for a month or so; then we'll invite
everyone to describe their work and see what happens.
Phil Agre, UCSD
[*] The relevance to Risks is that a number of these people tend to take a dim
view of technology as a system of social practices, and have novel things to
say about why we should care. Foucault in particular has defined an
interesting broad sense of "technology" that includes both the physical
machinery and the kinds of cultivated selves that together, he argues, make up
the deep workings of power. These ideas have led to some challenging new work,
such as Valerie Walkerdine's book "The Mastery of Reason" (Routledge, 1988),
which uses ideas from Foucault and Lacan in a genuinely deep way to explain how
children learn to use mathematical language.
Chaos Congress 91 Program
Klaus Brunnstein <brunnstein@rz.informatik.uni-hamburg.dbp.de>
12 Dec 91 16:08 +0100
I just receiving the program of Chaos Congress 1991 (over 300 lines, in
German), the following is a condensed survey/translation:
8th Chaos Communication Congress:
"Hitchhiking through the Networks - The European Hacker Party"
--------------------------------------------------------------
Friday, Dec.27 (12:00) to Sunday, Dec.29 (16:00), 1991
Eidelstedter Buergerhaus, Hamburg-Eidelstedt (54), Elbgaustr.12
Fee: CCC members 20 DM; non-members: 30 DM; press: 50 DM;
commercial participants: 150 DM.
Program:
Fri 27 11:00 press conference
12:00 Opening session, welcome
12:30 Informatics and Ethics
12:30 Corn Flake Whistles and new methods (workshop)
12:30 Journalists and new media
14:30 Liability in cases of program faults and viruses
(Freiherr von Gravenreuth, lawyer)
16:30 Data protection - theory and practice
16:30 DTP
16:30 Btx DocuSystem (Btx=minitel)
17:30 Feminin computer handling (only female participants!)
19:00 Questions of nomenclature and definitions
Sat 28 10:00 ComLink and APC (regional networks for social
communication and environment protection)
10:00 Waffle (UUCP on MS-DOS)
10:00 Mercury/Hermes (UUCP on Atari ST)
10:00 AmigaUUCP (UUCP on Amiga)
12:00 Individual Network (IN) for private communication)
12:00 Zerberos
12:00 Unix
14:00 Mailboxes and telecommunication as seen from German PTT
Dr. Ruetter, German Telecom
14:00 TeX
14:00 MUD - Cyberspace (Multi User Dungeons)
16:00 Net services (email, news, IRC, FTP, Telnet, remote login,
Talk ...)
16:00 Workshop Mailboxes and legal status
16:00 Voice Mail and PID
18:30 Citizen Networks, example Gay-Net
18:30 Stupidity in Networks (#3)
18:30 Workshop Net services
Sun 29 11:00 Computer Viruses - State of the Art: Morton Swimmer (VTC)
11:00 Citizen Packet Radio
11:00 Hack center: net demonstrations (INTERNET)
13:00 10 years CCC
13:00 Workshop on Viruses - questions and discussion (M.Swimmer)
13:00 RISC - CISC comparison
15:00 Closing session
16:00 Party
If you wish to receive the full German program, including details on location
(telephone/fax number..), how to arrive and get rooms etc, please contact me.
Klaus Brunnstein, University of Hamburg (Dec.12,1991 at 4:00 pm German time)
Report problems with the web pages to the maintainer