The RISKS Digest
Volume 12 Issue 26

Friday, 6th September 1991

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…


The Dead Sea Scrolls and Data Security
Jerry Leichter
Charging batteries
Erling Kristiansen
``Returns for Senders'' (US Postal Service handling of forwardings)
Dinah Wisenberg Brin in Common Cause
via PGN
Re: Portability of E-mail Addresses
Robert Neff
DDN Management Bulletin 84 on NIC transfer
Re: +&*#$
David J. Fiander
Tom Blinn
Re: Story of O
Will Martin
Re: A number is no name
Merlyn LeRoy
Bob Frankston
Re: RISKS of using electronic mail ...
Brinton Cooper
Bob Frankston
Re: National Character variations in ASCII
Bob Frankston
Info on RISKS (comp.risks)

The Dead Sea Scrolls and Data Security

Jerry Leichter <>
Thu, 5 Sep 91 22:04:34 EDT
Today's New York Times contains a front-page article on an event also widely
reported elsewhere: The use of a computer to "re-construct" one of the Dead Sea

As readers may recall, the Scrolls were found in a series of caves in the
desert in Israel over forty years ago.  Some of the Scrolls contain the
earliest known texts of books of the Bible; at least one is apparently a sixth
book of the Old Testament, which along the way was lost.

Control of the Scrolls was given to a small group of scholars, who've been
slowly - very slowly - publishing them.  Their practices have lead to many
protests by other scholars, who have been denied any access to the unpublished
Scrolls - at this point, more than half of them.

While much of the material remains unpublished, the controlling group has
published extensive concordances of most of it.  (A concordance lists each
word that occurs in the text, together with an indication of exactly where
it occurs - i.e., it's a cross-reference map.)

A group at Union Hebrew College in Cincinnati realized that a concordance
contains all the information necessary to reconstruct the text.  They wrote
a program for a Mac to do just that, and have just published their first
reconstructed version of a previously-unpublished Dead Sea Scroll.

A controversy has, of course, been ignited by this action.  The group that
control the Scrolls claim this is plagiarism, for example.

What I find interesting about the whole business is the way it brings to
attention the degree to which the widespread availability of computation make
it very hard to release partial information.  Partial information about some
set of data usually implicitly constrains additional information about the
same set of data, information that the releaser may not have intended to make
release.  Actually determining the implicitly-specified information may
involve a very large amount of work - but computers make it quite practical.

This issue has, of course, come up before.  Much work has been done on the
problem of allowing access to broad statistics from large databases without
allowing information about individual records to be determined.  This work is
too technical for most people to integrate.

The Reagan administration tried to create a new class of "unclassified by
sensitive" information, which would be protected in some way because when
pooled it could reveal valuable, perhaps classified, data.  The broad mistrust
of administration motives in the national security area, coupled with a lack of
convincing examples, kept this from really entering the national consciousness

The Dead Sea Scrolls case is easy for people to understand - they can clearly
see how the approach works.  It will certainly be the example I use in the
future for explaining the difficulty of security problems.  How much of an
impact it will have on people's understanding and views, I don't know - I
suspect little.  But a few more instances of this use of computers - perhaps
in more threatening circumstances, for example a data-matching program that
led to large numbers of IRS actions against "the common man" - and the impact
could become significant.  How people will react when the realization comes
home, and what kind of protections they will want, I have no idea.
                                           — Jerry

Charging batteries

E. Kristiansen - WMS <EKRISTIA@estec.bitnet>
Fri, 06 Sep 91 08:51:51 CET
We use several small, portable computers to control some mobile communication
equipment. These computers are powered by rechargeable batteries.

We have had problems charging the batteries of some units, even some brand new
ones. We consulted the supplier who told that the battery charging is UNDER
SOFTWARE CONTROL, as is the charging indicator LED.

So, if you discharge far enough for the processor to stop operating, you can
sometimes not charge the batteries! There is some bypass circuitry which allows
very slow charging, it takes about 4 days to charge to operating condition.
Since the LED is also non-operational, you do not know whether you are charging
or not.

Erling Kristiansen, ESTEC, Noordwijk, The Netherlands.

``Returns for Senders'' (US Postal Service handling of forwardings)

"Peter G. Neumann" <>
Fri, 6 Sep 91 10:38:39 PDT
[The following article by Dinah Wisenberg Brin appeared in the July/August
issue of the Common Cause Magazine, vol.17, no.4, pp.8-9, and is reprinted with
permission of Deborah Baldwin, Common Cause, 2030 M St. NW, Washington DC
20036, 202-833-1200.  PGN]

The U.S. Postal Service — the butt of so many complaints about inefficient
service — is on its toes in one way the average mail recipient might not
appreciate.  The same system that enables the Postal Service to forward your
mail to a new address also alerts scads of direct marketers — from the folks
at your favorite mail-order company to those pesky tricksters who say they have
a special gift waiting if only you'll call - to your new whereabouts.  The
system seems to work for better and for worse.  For better: You get the mail
you want and the Postal Service saves time and money by not delivering mail to
the wrong address.  For worse: Junk mailers you never wanted to hear from
discover your new address and waste no time making use of it.

Postal officials insist that they share change-of-address information only with
those who already have your old address.  But thanks to the large-scale selling
and renting of customer lists among direct mail marketers, some companies that
never knew you existed will have your particulars.  The Postal Service forwards
about 2.3 billion pieces of mail a year for the 40 million Americans who move
annually, at a cost of some $1 billion, says Bob Krause, director of the Postal
Service's National Change of Address (NCOA) system.

Meanwhile 19 companies, including some of the largest direct-marketing list
management firms, pay the Postal Service an annual fee of roughly $48,000 to
receive computerized NCOA updates every two weeks.  These "licensees" then
provide the updated information to their customers, who pay for address changes
for consumers already on their mailing lists.

The Post Office places great importance on keeping address-correction
information secure, Krause says, and the licensees must follow strict
guidelines on what they can do with it.  They may not use the information to
develop mailing lists.  But direct marketers who properly obtain the
information from the Post Office or its licensees can make it available to
others with impunity.

Ann Zeller, vice president for information and special projects of the Direct
Marketing Association, concedes that firms can buy names from a direct mailer
who has a consumer's new address.

Evan Hendricks, editor of the Washington-based Privacy Times newsletter, is
"very suspicious" of the system.  Without realizing it, individuals who
complete change-of-address cards are ``permanently giving away their addresses
to anyone who asks for them,'' he says, and that should be clearly explained on
the card.

Of course a change-of-address card is only one of many methods direct mailers
have for learning a person's new address.  Those who would sell you their wares
also mine motor vehicle records, voter rolls, magazine subscription bases, home
purchase records and other sources.

There is a way out.  Individuals who want their names removed from various
mailing lists can contact the New York-based Direct Marketing Association,
which runs a name and address "suppression" service.  But, Krause notes, "If
you buy something at your new address from any direct marketer, your name will
be on a number of lists within weeks."

-- Dinah Wisenberg Brin (a freelance writer now living in Hollidaysburg PA)

Re: Portability of E-mail Addresses

Robert Neff <neff@janus.Berkeley.EDU>
Thu, 5 Sep 91 15:17:57 -0700
A previous post on this topic notes that in the snail-mail world we have one
central Post Office, and they perform services for us such as mail forwarding,
and that many companies do not extend such courtesies with E-mail.

In my view, there is no reason why should we expect private firms to provide us
with a full service E-mail address.  It is not their business.  It is the
business of the post office to forward the regular mail.  If you want an E-mail
service which will be a universal address, from one job to the next, then it is
available on public access bulletin boards (or whatever you call them) such as
the Well in San Francisco, or Portal Communications in the South Bay.  Just
have everyone send mail to you at those addresses, and have it forwarded to
your work account automatically.

My point is that free access to the internet is a service we have all come to
expect, even though we don't pay for it (at least not directly).  If you really
want the service, all the time, you'll have to pay for it.
                                                              — Robert

   [Several people noted that NIC.DDN.MIL provides a "whois" service.
   It seems appropriate that everyone should register, although its primary
   charter in the past has been to include all MILNET folks (and earlier, all
   ARPANET folks), and it is not at all clear what would happen if everyone in
   internetland were to register.  I see that David Parnas is NOT listed, but I
   am, for example.  If you wish to be added, send mail to NIC@NIC.DDN.MIL and
   see what happens.  Following is an excerpt from the latest DDN bulletin, put
   out by DISA (formerly DCA), which suggests that the transition on 1 Oct 91
   is supposed to be almost seamless...  PGN]

DDN Management Bulletin 84

Wed, 4 Sep 91 13:28:18 PDT
     DDN MGT Bulletin 84              DCA DDN Defense Communications System
     4 Sept 91                        Published by: DDN Network Info Center
                                      (NIC@NIC.DDN.MIL)  (800) 235-3155

                        DEFENSE  DATA  NETWORK
                         MANAGEMENT  BULLETIN

The DDN MANAGEMENT BULLETIN is distributed online by the DDN Network
Information Center under DCA contract as a means of communicating official
policy, procedures and other information of concern to management personnel at
DDN facilities.  Back issues may be read through the TACNEWS server ("@n"
command at the TAC) or may be obtained by FTP (or Kermit) from the NIC.DDN.MIL
host [] using login="anonymous" and password="guest".  The pathname
for bulletins is DDN-NEWS:DDN-MGT-BULLETIN-nn.TXT (where "nn" is the bulletin

      The transition of the Network Information Center from SRI
      International in Menlo Park, CA, to Government Systems Inc. in
      Chantilly, VA, is officially scheduled for 1 October 1991.  This
      includes the transition of services currently offered to DDN and
      Internet users by SRI, such as network/user registration, on-line
      information services, and Help Desk operations.  SRI will continue to
      provide all NIC services, to include responding to all user calls and
      requests, until 30 September 1991.

      DISA and GSI will make every effort to ensure a smooth and timely
      transition of NIC services from SRI.  Network users should be
      minimally impacted.  With a few minor exceptions, all on-line services
      currently offered by SRI will appear the same to the user when a
      connection is established to the new (GSI) NIC host.  These exceptions
      are due to the change from the TOPS20 operating system to the SunOS
      operating system.  The new NIC host is a Sun 470 SPARCserver running
      SunOS 4.1.  All users on the DDN and the Internet should carefully
      note the following changes:

      Government Systems, Inc., Attn: Network Information Center,
      14200 Park Meadow Drive, Suite 200, Chantilly, VA 22021

Help Desk Telephone Numbers [after 1 Oct 1991]:
                          1-800-365-3642 (1-800-365-DNIC)
Help Desk Hours of Operation: 7:00 am to 7:00 pm Eastern Standard Time
Fax Number:               1-703-802-8376
Network Address: (NIC.DDN.MIL)
Root Domain Server: (NS.NIC.DDN.MIL)

During the period of 26 to 30 September 1991 the ID (WHOIS) database will not
be changed.  All registration actions for this five day period will be
suspended.  This action is necessary in order to transfer the master database
to GSI.  Starting 26 September 1991, all U.S. mail and fax requests should be
addressed to the GSI address and fax number shown above.  All electronic mail
requests should continue to be directed to the "HOSTMASTER" and "REGISTRAR"
mailboxes at NIC.DDN.MIL.  As appropriate, SRI will redirect electronic mail to
GSI.  On 1 October 1991 all registration activities will resume to include the
normal generation of DDN TAC access cards.  Currently-valid TAC access cards
will remain valid until the normal expiration date.

IMPORTANT!  Hosts not using the domain naming system should edit their host
tables prior to 1 October 1991 to reflect the change in GSI's domain name
DIIS.DDN.MIL ( to NIC.DDN.MIL and delete the current NIC.DDN.MIL
( from their tables.  The GSI IP address,, will not
change and may be used in lieu of the domain name.  GSI will re-generate all
informational and network tables (i.e., host tables) no later than 8 October
1991.  All tables will be available using the same access method currently used
to download from the SRI NIC.

We hope that the transition and its accompanying changes will not greatly
inconvenience network users, and we thank you in advance for your patience and
understanding.  For general questions regarding the transition, users may call
the new NIC Help Desk after September 1, 1991 at 1-800-365-3642.  Questions
regarding NIC operations policy should be referred to Mr. Wil Pitre of
DISA/DODS at (703) 692-2771 (DSN) 222-2771.  Questions regarding NIC
contractual matters should be referred to Mr. Tyrone Smallwood of DISA/DISCA.

Re: +&*#$ (RISKS-12.21)

"David J. Fiander" <>
Thu, 05 Sep 91 10:44:44 -0400
In Ontario, the "bizarre character" is a small crown.  Every non-vanity plate
has one, which is used as a separator between the first three-character group
and the second.  However, the crown _is_ user-selectable in vanity plates, so
it is quite possible to have a plate reading "M*A*S*H" (where stars are
substituted for the crowns).  According to some local discussion, however, they
are identical to spaces (but not identical to nothing).  Hence "M*A*S*H" ==
"M A S H" != "MASH".

You can guess how much trouble this causes.

David J. Fiander, SCO Mail Technology Group, SCO Canada, Inc.

More RE: +&*#$ (RISKS DIGEST 12.21 et. seq.)

Tom Blinn <>
Thu, 5 Sep 91 17:30:55 PDT
I was not aware that NH allows spaces in license plates (when I asked for the
plate "DR TOM" I was told I could not have an embedded space, and got the plate
"DR-TOM" instead; my NY plate used to be "DR BLINN", which I've embellished
with a "::" to match my node/user name and have posted on the wall in my
office).     [...]

On the matter of unusual characters (both on and off license plates):

In New Hampshire, "handicapped" plates have a graphic representation of a
wheelchair on them — all the ones I've seen have it at the front, with a
sequence of letters and digits following.  I have no idea how this gets
represented on, say, a parking ticket.

In Massachusetts, some plates have "EX POW" (stacked "EX" over "POW"), and
then a three or four-character plate number.  I somehow doubt the standard
ticket blanks can readily record this, and I also doubt that the automated
systems can easily cope with it — especially outside Massachusetts.

And so on..

There's a rumor that John Sununu's personal NH license plate bears the legend
"Fly Free or Drive", but I can't confirm that one, either..

Dr. Thomas P. Blinn, Digital Equipment Corporation, Digital Drive — MKO2-2/F10
Merrimack, New Hampshire 03054  ...!decwrl!!blinn (603) 884-4865

Re: Story of O

Will Martin <wmartin@STL-06SIMA.ARMY.MIL>
Thu, 5 Sep 91 10:30:03 CDT
While Mr. O's particular problems may have been exacerbated by the referenced
software that looks at "O" as part of "O'<something>" names, I do find it
surprising that single-letter last names would have not been considered and
programmed for in current versions of software. How many years ago was it that
Malcolm X was a national figure? There have been decades since then! Plenty of
time for the accommodation of such "initial-names" to have percolated
throughout the banking/billing/governmental computer systems, one would

Or is it part of the mentioned ethnocentrism to assume that people with
single-letter names would not wish to participate in the established economic
and social systems? Someone who was angry enough to change their name to "X"
wouldn't want a driver's license, or to borrow money, or to be on any
computerized records or database? Seems a rash assumption...

Re: A number is no name

Merlyn LeRoy <>
Fri, 6 Sep 91 14:15:12 CDT
A similar case (somewhat earlier) of a Minnesota man who wanted to change to
1069; his legal name had to be One Zero Six Nine.
                                                       Merlyn LeRoy

Re: A number is no name (RISKS-12.20)[EKRISTIA@estec.bitnet]

5 Sep 1991 09:35 -0400
There is a proposed character set, Unicode, that is intended to encode all
glyphs.  That is a bit ambitious since a lobster picture will still present a
problem, but does go a long way towards dealing with national alphabet

Don't forget that Risks Digest is mired in limited AmericanSCII and thus cannot
provide an effective representation for much that we talk about.  Of course, we
have some workarounds such as saying "Umlaut" (I can't even backspace to use a
" as an umlaut as per ASCII conventions!).

Re: RISKS of using electronic mail, and universal addressing

Brinton Cooper <abc@BRL.MIL>
Wed, 4 Sep 91 13:13:07 EDT
David Parnas writes:

What is needed is a personal communication system, one where the individual's
address is independent of his (or her) location on the computer network...

Peter Neumann adds:

    But it certainly would be nice...

Gee, fellows, it sounds very much like an Internet Social Security Number, and
we've had endless discussions over the years about the computer-oriented (and
other) risks of having and using universal identifiers!

In the context of "privacy," which also commands attention in this and other
forums (fora?), perhaps one need only keep a list of those folks with home
he/she wishes to maintain communication and send them "change of address"

Re: RISKS of using electronic mail

5 Sep 1991 21:55 -0400
There is a simpler way to confuse electronic mail.  Change your last name.
Often happens when people get married.  Trivial to overcome the problem, but
my impression is that corporate mail managers don't think about these things.

A closely related issue is role vs personal addresses.  In paper mail systems
people will guess at whether mail is addressed to the current "Sales Manager"
or the previous one.  Email systems can force one to do it "right" by
mindlessly forwarding based on the exact address given, but the corresponding
social conventions don't exist — people will bind to whichever address works
once and irregardless of the official purpose of the given address (I call this
the "turn left at the cow" syndrome).  The Risk here is that the technology
exists for a more elegant solution that the users are ready to understand.

Re: National Character variations in ASCII (RISKS-12.24)

5 Sep 1991 22:07 -0400
We have a curious mixture of various interpretations of ASCII.  ^C , for
example is ETX (End of Text) and has evolved into an interrupt key on some
systems.    But keys on a PC labelled ESC and Break (for example) have a
obvious semantic meanings.  Since ASCII is utterly meaningless in PC keyboard
(VS TTY Keyboard) decoding, it is better design to feed into user's naive
intepretations than to try to teach them arcane history.  Actually, the
battle between ASCII and UI designers has been going on for a long time.
Back in the 60's the QED editor on the SDS-940 used mnemonic bindings of
control keys (predated Emacs by nearly a decade).  Of course, violating ASCII
has its costs, the use of ^S/XON and ^Q/XOFF be Emacs is rather unfortunate.

Please report problems with the web pages to the maintainer