Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
Herb Caen, the San Francisco Chronicle's chronicler of the chronic and (a)cute, starts off the 25 July 91 column with this ad infin-item: Dennis Perry, an Oakland truck driver, and his good friend, Yvonne Kendrick — both are black --- rented a Hertz car to drive to Maryland to visit his family. They took along his 4-yr old dghtr, Danielle, and all went swimmingly until they were stopped in white-bread Williamsburg, Iowa, for no apparent reason. The police ran a check on the car and found it listed by Hertz as stolen. It wasn't, of course, but during the 24 hours it took Hertz to correct the mistake, Dennis and Yvonne were held in jail and Danielle went to a juvenile home. Atty. Dennis Hecht is handling the inevitable suit." The next item was on Judge Clarence Thomas not being able to get a cab in DC. After that came another item for our series of computer-addressed mail: Jayne Valdez of Antioch forwards a copy of PG&E's closing bill addressed to her late father, "Bob A. Speake, Deceased," with this neatly boxed encomium printed on it: "Bob Speake, deceased for the last 12 months, you had an excellent payment record. If you need to establish credit at another utility, you may use this message as a credit reference."
Moscow — Human error caused 20 of the 59 shutdowns at Soviet nuclear power plants in the first six months of 1991, the Trud newspaper reported yesterday. "It is not the first time that we have to admit the obvious lack of elementary safety culture in running reactors," Anatoly Mazlov, the government's head of nuclear safety, said. Mazlov reported that Soviet nuclear power plants worked at only 67 percent capacity in the first six months of 1991. [San Francisco Chronicle, 24Jul91, p.A8]
The 24Jul91 morning launch was scrubbed. An NPR report indicated a "faulty engine computer". Postscript: The 25Jul91 San Fran Chronicle paper had a picture of Atlantis mission commander John Blaha and mission specialist Shannon Lucid holding their ears while fellow crew members taxied their T-38 trainers. The caption briefly mentioned the computer problem (with no details), but also noted that Blaha and Lucid's T-38 failed to start for a return to Houston! (T-38s require an external jumpstart.) It is perhaps worth contemplating whether computer failures have now become so commonplace that newspaper folks decided there was no need for coverage of the launch scrub itself!
The Sunday, July 21 edition of the Los Angeles Times has a story headlined
"LAPD Begins Crackdown on Computer Messages." The story reports that the new
program is "aimed partly at finding and punishing" officers who sent offensive
personal messages cited in the recent Christopher Commission report (issued in
the wake of the Rodney King beating) as evidence of departmental racism and
sexism. The program "is also aimed at stopping...even innocuous personal
messages."
The story goes on to state that several officers have been assigned to the task
of spot-checking daily printouts of messages. "Efforts [will be] made to find
out who sent" offending messages. It also reports that "snooping by
headquarters has led to a 25% decline in...traffic."
"Creating a context for the messages is...difficult because [of an] inflexible
computer program," according to the article. Only chronological printouts are
available, making it difficult to extract messages relating to a particular
car. Messages from a patrol car are not identified as to which of two officers
sent them, although sergeants, who occupy cars alone, can be uniquely
identified. "The department is trying to get computer experts to write
programs" that will extract messages from one car.
I see two risks here. The first, of course, is to the officers, who became so
comfortable with the computer system that they forgot (or perhaps were never
aware?) that their messages could be monitored. The second is to the
department, which is now unable to extract useful data from their files. (This
makes me wonder. Wouldn't it be useful to them in court cases to be able to
extract the messages from a particular car over a period of an hour or so?)
I also wonder if the Electronic Communications Privacy Act would apply here.
Did the officers have a reasonable expectation of privacy in any of their
messages?
Geoff Kuenning geoff@ITcorp.com uunet!desint!geoff
After weeks of work and excellent assistance of David Chess, Yisrael Radai,
Alan Solomon, Padgett Peterson and some others, I just published the "Index of
Known Malicious Software: MsDos systems". It covers most of the viruses and
trojans reported in this arena (similar indices for Amiga and Macintosh to
follow later this year). When summing up, I was deeply depressed: the index
counts:
120 virus families ("strains)") with 59 more sub-families
with 744 viruses, variants and clones
plus 7 trojans,
and 228 single (non-strain) viruses
plus 19 trojans
*** totalling 998 pieces of malware ***
Though some people (including Alan Solomon) foresaw 1,000 viruses later this
year, the rise in figures has been underestimated. As this development is
likely to continue, antivirus experts should cooperate even more strongly than
contemporarily discussed.
At the same time, the July edition of VTCs Computer Virus Catalog describes
+ 8 AMIGA viruses totalling 54 viruses
+10 Macintosh viruses totalling 20 (out of 28 existing)
+14 PC viruses/trojans totalling 84
The disparity between "virus known" and "viruses classified" (with the aim to
maintain a good quality over quantity of classification) demands other tools
and methods for analysis, classification and production of countermeasures. We
are working harder to a more actual version of Virus Catalog; I am glad that
Mr.Jahn joined VTC (for a doctor workm on secure databanks), and that Vesselin
Bonchev will join us next week for a (not yet specified) dissertation. On the
Moreover, I appreciate any cooperation with serious antivirus experts.
VTC documents (Index of Known Malicious Software: IMSDOS.791; Index of Virus
Catalog: Index.791; all entries classified up to now) are now available from
FTP:
Our FTP server: ftp.rz.informatik.uni-hamburg.de
Login anonymous
ID as you wish (preferably your name)
dir: directory of available information
cd pub/virus: VTCs documents
Hoping that this works, I will be absent (with Auto-Reply on) on a sailing trip
(with my schooner "Arethusa" which is a small replica of BLUENOSE but with
staysails) until August 18. 1991. Klaus Brunnstein, Hamburg
I have a car with a built-in burglar alarm. The alarm is activated if the last door locked is locked from the outside without a key (by locking it on the INSIDE and then holding onto the door handle while closing the door). That means that it doesn't matter who leaves the car first; the alarm will still be armed at a sensible time. Once the alarm is armed, any attempt to open a door from the inside (after breaking a window, for example) or to start the car, without first unlocking one of the doors from the outside with a key, will set off the alarm. Do you see the pitfall? The owner's manual actually warns about it. Suppose you're sitting in the car with a passenger. You have locked the door from the inside. Your passenger gets out, locking the other door from the outside. That has just armed the alarm. It is now impossible for you to get out of the car or start the engine without setting off the alarm. With luck, you noticed this was going to happen when the "alarm" light on the center console started flashing; if you caught it in time you could unlock your door from the inside and stop it from arming. Once it's been armed, though, all you can do is get out of the car, setting off the alarm, and then turn off the alarm from the outside by unlocking the driver's door with the key. I hope your passenger didn't take the key.
The May 20 issue of Aviation Week (I'm catching up on old issues) has a short
piece on the avionics being planned for the USAF's new fighter, the Lockheed
F-22. It's no surprise that flight information will be displayed on
computer-driven digital displays. What is a bit surprising is that the usual
set of small mechanical backup instruments will not be present. Talk about
flight-critical software...
Henry Spencer at U of Toronto Zoology utzoo!henry
Excerpts from an article in the Los Angeles Times June 13, 1991; page E8.
Edited and submitted to RISKS Digest by Mark Seecof <marks@latimes.com> of the
L.A. Times Publishing Systems Department.
[elisions and bracketed comments mine --Mark S.]
``A Black Box Tells Just the Facts'' LEGAL VIEW column by Jeffrey S. Klein
and Louis M. Brown. Klein is an attorney and president of the Times' San
Fernando Valley and Ventura County Editions. Brown is professor of law
emeritus at USC and chairman of the board for the National Center for
Preventive Law.
Most court cases about auto accidents involve disputes about facts, not the
law. That means lawyers argue mostly about how fast a car was going, who
didn't stop at the red light, whether a driver crossed over the double yellow
line, and similar questions. Less time is spent debating legal niceties, such
as jury instructions or rules of evidence.
One innovative idea to reduce the time and expense of re-creating the scene
of an auto accident in the courtroom was recently suggested by Harold Weston,
a Los Angeles lawyer: a ``black box'' for automobiles, just like those in the
cockpits of commercial airplanes. Weston offered his proposal in a legal
publication, the Los Angeles Daily Journal. The black box would include a
running video camera that would record events just the way the driver sees
them.
A black box could also record speed, acceleration, braking, turn signals, and
even whether the seat belt was fastened. Perhaps the device that triggers
the air bag could tell the black box that an accident has occurred, Weston
noted. ``If we are going to have dashboards that look like cockpits,
shifters that look like throttles, and turbos that sound like turbines, we
might as well add the black boxes to complete the whole image,'' he wrote.
In fact, there is such a device, invented by Joseph A. Michetti, who lives in
Ventura. A patent for it was issued in 1989 and it is now being developed
for marketing, including a five-minute video about the device, called a
``vero-vedi.'' It has not only one video camera but two--one directed
forward and one directed rearward.
Of course, a video recording of an accident, even if it captures all the
relevant details, will not reduce the number of accidents, but it could cut
down the work of lawyers and judges--and give juries a much better factual
base upon which to make decisions. It could also settle insurance claims
that might otherwise wind up in court. If an insurance company can see who
was at fault, there is less likely to be a courtroom battle.
Pictures of ``facts'' can be admissible in the courtroom. We are all
accustomed to seeing photographs offered as evidence. And some lawyers now
make video recordings of the signing of a will.
A video camera in every car might sound expensive in the short run, but it is
also preventive. It could save lots of insurance company, lawyer, and court
time.
That's the end of the column. Below are my comments, which of course reflect
only my personal opinions and not those of my employer.
There are many unexplored ramifications of implementing such a system. Off
the top of my head I think of: self-incrimination problems (especially if
police want to review the black boxes from every blue Ford sedan on Oahu after
a hit-and-run accident, or what if a tape shows some OTHER crime?), sabotage
problems (by guilty drivers), and forgery problems (people buy warranty-voiding
replacement PROMS for their car computers to increase performance (with greater
smog output as the chief side-effect), so I think a market for black boxes
which never record excessive speed or always record seatbelt usage would
develop, plus another market for "clean videotapes" to be substituted after an
accident).
I read an article in Smithsonian sometime in the last year or two (I've hunted
for the issue but I must have discarded it)... about very-long haul trucking in
Europe/Asia/Africa. Trucks carry goods from England to the Middle-east across
many European countries. The trucks are required to have chart recorders that
show speed and distance travelled against time. These are called tachymeters
and the charts (recorded in a circular fashion) are called "tacho discs."
Police review the tacho discs to catch drivers who speed or break hours-of-work
rules. The drivers abominate the tacho system and I for one feel some sympathy
for them as the police can use the tacho records as a basis for punishing even
trivial violations, or worse, to "detect" violations which may have happened in
extenuating circumstances not recorded by the device (e.g., exceeding speed
limit to pass a very slow vehicle during a small window of opportunity).
Moreover, I suggest that electronic monitoring devices encourage a unilateral
(by enforcement agencies and people with axes to grind) revision of the social
contract on which traffic laws are ultimately based. You see, electronic
monitoring helps to enforce the strict numerical or other limits in the laws.
But real people tend to expect (a) fuzzy enforcement to match their fuzzy
obedience (driving 57 or 58 is "close enough" to 55 for most people), (b)
lenient enforcement under "otherwise safe" circumstances to match the general
belief that it's not much of a crime to speed a little on a good road in good
light when there aren't too many other cars around, and last but perhaps most
important: fuzzy, lenient enforcement to allow for the fact that the laws are
generally much stricter than the majority of voters really want.
I've read of studies showing that a large majority of drivers think they're
"better" or "much better than average" drivers. Obviously this is impossible.
I suspect that the same drivers (remember, that's most of 'em... including
me!) believe that they're qualified by their skills to exercise more discretion
than other folks about bending traffic rules. This self-confidence, coupled
with the famous inability of legislators to resist voting for harsh laws (so as
to avoid accusations of being "soft on drunk drivers|crime|whatever"), means
that the laws on the books are often more restrictive than the concensus on
what the "practical" law should be. The public relies on soft enforcement
practices to make the system work. Micrometric law enforcement is something
for which our culture, not to say our legal system, really isn't prepared.
Indeed, there's reason to believe that "human nature" wants us to set the
posted speed limit five or ten MPH below what we want the actual top speeds to
remain because that's the amount by which people will routinely exceed the
posted limit. If you figure that the posted limit has been pegged 10 MPH low
for reasons rooted in human psychology, with the concomitant expectation of
fuzzy enforcement, then to introduce strict enforcement would amount to a 10
MPH revision of the "real" speed limit.
I think that police, prosecutors, and insurance adjusters tend to like
technical means of detecting and quantifying violations of laws or standards,
because these means reduce the amount of discretion exercised by the enforcers
of the rules and thus the amount of post-hoc argument over how that discretion
was exercised.
However, the laws on the books assume the exercise of discretion. Changing
the amount of slop in enforcement decisions without changing the standards
seems a dangerous business to me. Because it's easier to add a new method than
to revise an old standard ("What? You want to have more children run over by
speed maniacs?") we might ratchet ourselves into situation that no one really
wants.
The biggest RISK of black-boxes for automobiles is that they'll enable strict
enforcement of the wrong set of standards.
Footnote: California has several special rules intended to fuzz traffic
enforcement in favor of putative violators. The Highway Patrol (state
troopers) mostly don't (can't) use radar. Local cops can use radar only after
special formalities to justify the limits they're enforcing. $22351 CVC allows
a special defense to charges of breaking a posted speed limit < 55 MPH; which
is that the driver's speed was safe even though it was over the limit. Because
the limit is presumed on its face to be the safe limit, this defense must be
proven by the defendant. People actually do this now and then; the law serves
as a check on local jurisdictions which might use unreasonably low speed limits
as fine-generating revenue boosters. Lastly, petty violators (including minor
speeding tickets but not including reckless or drunk driving) can often avoid
trial, conviction, and punishment by going to a court-ordered "traffic school"
which costs about $50 and eight hours of excruciating boredom but saves a fine,
point count, and what amounts to another (huge) fine in the form of giant
insurance premium increase. Drivers can only do the "traffic school" bit once
every 18 months, but the very existence of the dodge (which has been shown to
have no effect on accident rates) is an acknowlegement that the official
punishment for minor traffic offenses is too harsh.
For the edification of the readers of this newsgroup I will repeat what has been said in the press already about the Bill Gates memo: it was not an email message, but a message sent via paper and routed through inter-office mail. Any leaking that occurred would have happened from someone copying the memo and sending it to an external source. There was no forwarding of email involved. It is therefore not an example of comp.risks as much as an example of human-resources.risks! Edward Jung
Please report problems with the web pages to the maintainer