The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 12 Issue 69

Monday 16 December 1991

Contents

o 800 telephone outage due to software upgrade
PGN
o Stock-listings typo: The possibilities are scary.
James Parry
o More on Lauda crash and computers
Nancy Leveson
o "Questioning Technology" in WHOLE EARTH REVIEW
Rodney Hoffman
o Privacy of Email
James Ting Lui
o More on E911 and representation
Bob Frankston
o Re: Computer records track killer
Brinton Cooper
o Re: The description is right, only the language is wrong
Scott E. Preece
o The EFF Pioneer Awards
Gerard Van der Leun
o Info on RISKS (comp.risks)

800 telephone outage due to software upgrade

"Peter G. Neumann" <neumann@csl.sri.com>
Sat, 14 Dec 91 12:24:37 PST
     AT&T Restores `800' Service
   BASKING RIDGE, N.J. (AP, Friday the 13th, December 1991)
   Thousands of toll-free "800-number" calls were blocked throughout the East
on Friday night, American Telephone & Telegraph said.  The outage struck at
7:20 p.m. as technicians loaded new software into computers in Alabama, Georgia
and New York, said Andrew Myers, an AT&T spokesman. The software identifies and
transfers 800 calls, he said.  Several thousand calls from New England to the
South were affected.
   The company restored service around 9 p.m., when it switched back to old
software. AT&T plans to use the old software until it can find and fix problems
with the new.  "Obviously we don't like it when a single call doesn't get
through, but I wouldn't consider this a serious problem," Myers said.


Stock-listings typo: The possibilities are scary.

James 'Kibo' Parry <kibo@world.std.com>
Sat, 14 Dec 91 18:27:17 -0500
This is a quote from a message I just received (sent Sat, 14 Dec 91)

> investor's daily has what i hope is a typo in it today
> ibm is listed at 0-1/16, down 88-1/2

Now, the question is, what happens if a typo gets into the electronic
stock quotations that are monitored by trading programs?  Someone's
computer sees IBM losing most of its value, dumps it all ASAP...

kibo@world.std.com     James Parry, 271 Dartmouth St. #3D, Boston MA 02116
  (617) 262-3922       Independent graphic designer and typeface designer.


More on Lauda crash and computers

<leveson@cs.washington.edu>
Sun, 15 Dec 91 07:03:26 -0800
>From the Seattle Post-Intelligences, Saturday December 14:

             "Boeing Hush-up Charged" by Bill Richards

   A former Boeing computer expert said yesterday that the company ordered him
to play down his discovery of a software flaw in a critical control unit that
could have triggered last May's fatal crash of a Lauda Air Boeing 767.  Darrell
Smith, a computer software engineer employed as a troubleshooter by Boeing in
1989 and 1990, said in an interview with the P-I that he warned the company
last year of problems with software that runs the "proximity switch electronics
unit" (PSEU) on Boeing's 747 and 767 jetliners.
   The device allows the plane's computerized parts to electronically
converse.  Smith said he told Boeing officials the software could trigger a
rogue signal that would cause the plane's computer-driven systems to
malfunction.  But Smith said Boeing officials in charge of the troubleshooting
program told him they "didn't want to get anybody excited" and ordered him to
omit any mention of potential system-wide problems resulting from the flawed
software from his formal report.  Instead, he was told to report just on the
PSEU's internal problems, he said.  "They said this is a non-critical system
and I couldn't use terms like `crash' or `catastrophic' in the report because
they didn't want people to get excited," he said.
   Boeing spokesman Chris Villiers said yesterday the company hasn't had time
to study all of Smith's allegations.  Villiers said Boeing doesn't believe
the PSEU was responsible for the Lauda Air crash.  Smith's concerns about the
unit's software on the 747 has been "addressed and resolved," Villiers said.
   Smith, who has 13 years experience as a computer engineer, resigned in
June 1990 after turning in what he called a "diluted" report with no mention
of the potential ramifications from the software flaws.  Boeing awarded him
its Certificate of Outstanding Performance just before he quit.  Smith, ...,
said he told Boeing officials the software contained an "architectural flaw"
that could lead the unit to send a random signal to other electronic systems
within a jetliner, providing them with false information.  So poorly designed
was the PSEU software, he said, that he recommended that it be completely
redesigned.
   One of the electronic subsystems linked to the PSEU is the auto-restow,
which is supposed to automatically retract a jet's backup ground braking
system, the thrust reverser, if it accidentally starts to deploy in flight.
[old news about the cause of the accident omitted].
   While Villiers said that the PSEU can electronically converse with the
auto-restow system on the 767, he said it could only order the system to
retract the thrust reversers, not deploy them.  Villiers said Boeing tested the
software system in the 767 and found no evidence that the PSEU unit was putting
out false messages to other systems.  [Wishy washy statement by FAA omitted]
   But Smith said that because the software's false messages are random, it is
almost impossible to determine in a laboratory setting if the PSEU software
isn't working.  "It all depends on what is going on with the airplane at the
time," Smith said. "There's no way to repeat the exact conditions that would
cause the messages to be sent.  It can cause the system to crash, or get false
information, or just go crazy."  For example, Smith said, the control unit
could notify the rest of the electronic subsystems that the plane's landing
gear was down while the plane was still in flight.  That would cause the
auto-restow to switch to a ground-speed mode check, Smith said.  The system
would then "see that the aircraft was going too fast, and kick in the reverse
thrusters -- while the aircraft was really in flight."
   [more old news about cause of crash and repetition of above deleted]
   Smith said that Boeing passed on the report to Eldec Corp. of Lynnwood,
which wrote the software for the company, and the findings were independently
verified by other Boeing computer experts.  The report says Eldec's software
violated seven of Boeing's own software specification..  "This problem ... is a
very real and serious impediment to the correct operation of the PSEU," it
concludes.  Thomas Brown, Eldec's president and COO, said yesterday that the
company was not aware of Smith's report.  Brown said that while Eldec produced
the software for PSEU units on both the 747-400 and 767, he does not know
whether software could trigger the auto-restow or activate the thrust reverser
system on either jet.  "We are not in a position to answer that question,"
Brown said.  "We don't know all the uses of our signals.  Only Boeing can
answer that."

[P.S.  This story was followed by a story that Lauda had just ordered four
Boeing 777 jetliners and was the seventh airline to do so.  It now has
86 firm orders for the 777.]


"Questioning Technology" in WHOLE EARTH REVIEW

Rodney Hoffman <Hoffman.El_Segundo@Xerox.com>
Sat, 14 Dec 1991 16:06:44 PST
The Winter 1991 issue of WHOLE EARTH REVIEW is a special focus issue on
"Questioning Technology".  I haven't yet read it, but it certainly contains
some provocative feature articles (summaries are from the magazine):

Excerpt from the 1991 book "In the Absence of the Sacred: The Failure of
Technology and the Survival of the Indian Nations" by Jerry Mander.  Our
unquestioning faith in technology's ability to solve problems has led us to the
"greatest environmental crisis since the dawn of human life."

"Artifact/Ideas and Political Culture" by political theorist and author Langdon
Winner.  Political ideas embedded in our technological tools often conflict
with our stated ideals.  "No innovation without representation" is the first of
three steps toward technological democracy.

"Assessing the Impacts of Technology" by Linda Garcia, a project director and
senior analyst at the Office of Technology Assessment.  Describes the approach
and political pressures of OTA's work.

"Renegotiating Science's Contract" by Howard Levine, philosopher and former
director of the National Science Foundation's Public Understanding of Science
Program.  We need greater public participation in the formation of scientific
and technical decisions.

"Reclaiming Our Technological Future" by Patricia Glass Schuman, president of
the American Library Association and of Neal-Schuman Publishers.  Debunks
current myths of a paperless future.

"Privacy and Technology" by MIT sociologist Gary T. Marx.  Examines
data-gathering techniques and offers tips on protecting your privacy.

Additional pieces:

"NASA Goes to Ground" by Wendy Alter and James Logan
"Designer As Savior, Designer As Slave" by J. Baldwin
"Beauty and the Junkyard" by Ivan Illich
"Technology's Backside" by Marshall P. Smith
"Figure and Ground: Information Technology and the Economic
   Marginalization of Women" by Elin Whitney-Smith
"Why Multi-Media Publishing is a Crock" by Tim Oren
"The Vision Vine" by Earl Vickers
"Genes, Genius, and Genocide" by Jason Clay


Privacy of Email

James Ting Lui <jl3p+@andrew.cmu.edu>
Thu, 12 Dec 1991 16:19:54 -0500 (EST)
The following is an article that appeared in one of this week's Pittsburgh
Post-Gazettes.  I was originally going to paraphrase the article, but I think
that the entire article is relevant.  So here it is:

Is `E mail' private on firm's computer? (by Glenn Rifkin, New York Times)

When Alana Shoars arrived for work at Epson America Inc. one morning in January
1990, she discovered her supervisor reading and printing out electronic mail
messages between other employees.  As electronic mail administrator, Shoars was
appalled.  When she had trained employees to use the computerized system,
Shoars told them their mail was private.  Now a company manager was violating
that trust.  When she questioned the practice, Shoars said, she was told to
mind her own business.  A day later, she was fired for insubordination.  She
has since filed a $1 million wrongful termination suit.

A spokesman for Epson America, which is based in Torrance, CA, refused to
discuss Shoars's account of the monitoring episode and insisted that her
dismissal had nothing to do with her questioning of the electronic mail
practice.  He denied that Epson America, the United States marketing arm of a
Japanese company, had a policy of monitoring electronic mail.

The Shoars case has brought attention not only to issues of technology and
employee privacy, but also to broader questions of ethics among computer
professionals.  By taking a public stand, Shoars has become a visible exception
in a profession that tends to ignore or avoid ethical issues, according to
academician and consultants who monitor the field.  Although Shoars has found a
new job as electronic mail administrator at Warner Brothers in Burbank, CA, she
still bristles about Epson: "You don't read other people's mail just as you
don't listen to their phone conversations.  Right is right and wrong is wrong."

Michael Simmons, chief information officer at the Bank of Boston, disagrees
totally.  "If the corporation owns the equipment and pays for the network, that
asset belongs to the company, and it has a right to look and see if people are
using it for purposes other than running the business," he said.  At a previous
job, for example, Simmons discovered that one employee was using the computer
system to handicap horse races and another was running his Amway business on
his computer.  Both were fired immediately.  "The guy handicapping horses was
using 600 megabytes of memory," Simmons said.

Federal Express, American Airlines, Pacific Bell and United Parcel Service all
have electronic-mail systems that automatically inform employees that the
company reserves the right to monitor messages.  But many companies have yet to
formulate clear policies.  "It's highly irresponsible for an employer not to
have a policy," said Mitchell Kapor, former chairman of Lotus Development
Corp., who left the company five years ago.

Some believe, however, that even if there is advance notice, the monitoring of
electronic mail or searching through personal files is flat out wrong.  One who
takes that position is Eugene Spafford, a computer science professor at Purdue
University.  He said: "Even if a company does post notice, is that something it
should do?  The legal question may be answered, but is it ethical?  The company
may say it is, employees say it isn't, and there's a conflict."

Though they oversee the electronic mail networks, computer professionals have
generally removed themselves from such debates.  Simmons said that if ethics
were the topic of a meeting of information systems experts, "it would be a very
short meeting."

Technologists approach the information resource in a distinctive way, said
Detmar Straub, assistant professor of management information services at the
University of Minnesota.  "They say `If the system can do it, let's do it,'
rather than `should the system do it?'" Straub said.  "I've talked to systems
managers who say the wouldn't hire a programmer who couldn't break into any
system."  But as computers and networks extend their reach into global
business, such attitudes may no longer suffice.

"Information systems people should be held to a higher level of ethics than the
general population, just as doctors and lawyers are," said Donn B. Parker, a
senior management consultant at SRI International in Menlo Park, CA.


More on E911 and representation

<frankston!Bob_Frankston@world.std.com>
12 Dec 1991 13:44 -0400
My cousin, who lives in Wurstboro NY told me that her address was changed
from a more rural form to one that is suitable for the 911 database.  Just a
reminder that the representation problem works both ways, we can change the
representation to conform to the data or we can change the data to conform to
the representation.  The latter, in fact, is what happens when the a medical
diagnosis must conform to the data coding.

Another comment on telecom and 911 is that 911 doesn't work universally for
the same reason that I cannot simply tell my son to always dial my 800 number
or my pager number to reach me.  The problem is the design flaw in the phone
system that requires I not only know my destination phone number, but also
the particular rules of the phone (and PBX or hotel) I happen to be using.
Maybe some of this will get fixed in ISDN, but for now, I'd like to start a
campaign to get a standard for dialing that is location-independent.

Ideally, we'd replace "9" on a PBX with "**" to mean a local call.
Alternatively, we'd establish a new access code such as "**" that would
always place one into universal dialing mode that would allow dialing of
1-xxx.  And since "1" is the North American access code, it would allow
uniform dialing of any international number.  (Yes, it would be very easy to
accidently dial the codes for other countries -- a solvable problem).

The key here is that if we want to take advantage of telecommunications
technology we mustn't accept historic accidents like "9" to exit a PBX and
the inability to use area codes on many local calls, but must tame the
technology.  More to the point, if we can renumber our houses in the interest
of safety then we should be willing to complete the process and make the
phone simple to use -- especially for those who are panicked or simply not
ready to deal with arcania.  (I also want check digits on phone numbers but
that is a separate issue).

Maybe we can use the laws protecting the handicapped to argue that the phone
system is not sufficiently accessible in its present form.

         [In Wurstboro, The Wurst is Yet to Come.
         Neither a wurstboroer nor a wurstlender be.
         Unless you are an Auslaender.  'Aus bayou?
         You never sausage nonsense before?  At SIGSOFT '91
         in New Orleans, there were lots of sausages.  And maybe
         even the wurst computer-related pun you ever heard?  PGN]


Re: Computer records track killer (Jenkins, RISKS-12.68)

Brinton Cooper <abc@BRL.MIL>
Sun, 15 Dec 91 20:41:14 EST
Robert Jenkins reports on one John Tanner who
  "murdered his student girlfriend and hid her body underneath the
  floorboards of her house..." and how "...his story began to fall apart"
  when, "He told the police that he and the girl had taken a bus ride
  together to the train station at a time when she was already dead."  A
  computer check of the company's records showed, "Only one person got on
  the bus and bought a ticket to the station at the time Mr Tanner claimed."

Mr Jenkins calls this "... another example of low-level, invisible,
surveillance that computers introduce into our lives..." as though it were
something objectionable, generally to be avoided.

Mr Jenkins missed the point. The computerized records were used in a way that
would pass strict Constitutional test in the USA, yet contributed (I assume) to
the arrest and conviction of a murderer.  In fact, the *identity* of the
passengers was not recorded.  You might way that Mr Tanner was convicted as
much by mathematics as by computerization.  Then, perhaps this would be
"...another example of low-level, invisible, surveillance that mathematics
introduces into our lives."
                                             _Brint


Re: ... only the language is wrong (Franklin, RISKS-12.58)

Scott E. Preece <preece@urbana.mcd.mot.com>
Sat, 14 Dec 91 23:00:08 -0600
| It is hard to believe that this error would have occurred, and not been
| caught, before the age of computers.  The RISK here is that as the chain
| of events handled purely by computers lengthens, it becomes possible for
| relatively major errors to occur unnoticed, because no one is looking
| closely at the output at any stage.

The observation is clearly correct, but the claim in the first sentence is
simply incorrect.  Such errors can and do happen all the time at every
newspaper in the world.  Proofreaders are, as they say, human and to err is, as
we used to admit before we took to blaming computers for everything, human.  I
haven't seen any French in my local paper's classified, but I have seen blocks
of Latin (a classical layout mockup tool), ads set in totally pied type, ads
run upside down and, occasionally, backwards, ads run in the wrong section,
etc., etc.

scott preece, motorola/mcg urbana design center 1101 e. university, urbana, il
61801              uucp: uunet!uiucuxc!udc!preece   217-384-8589


The EFF Pioneer Awards

Gerard Van der Leun <van@eff.org>
Fri, 13 Dec 1991 17:02:52 -0500
    THE ELECTRONIC FRONTIER FOUNDATION'S FIRST ANNUAL PIONEER AWARDS
                        CALL FOR NOMINATIONS
      (Attention: Please feel free to repost to all systems worldwide.)

In every field of human endeavor, there are those dedicated to expanding
knowledge, freedom, efficiency and utility.  Along the electronic frontier,
this is especially true.  To recognize this, the Electronic Frontier
Foundation has established the Pioneer Awards.  The first annual Pioneer
Awards will be given at the Second Annual Computers, Freedom, and Privacy
Conference in Washington, D.C. in March of 1992.

All valid nominations will be reviewed by a panel of outside judges chosen
for their knowledge of computer-based communications and the technical,
legal, and social issues involved in networking.

There are no specific categories for the Pioneer Awards, but the following
guidelines apply:
   1) The nominees must have made a substantial contribution to the
health,growth, accessibility, or freedom of computer-based communications.
   2) The contribution may be technical, social, economic or cultural.
   3) Nominations may be of individuals, systems, or organizations in the
private or public sectors.
   4) Nominations are open to all, and you may nominate more than one
recipient. You may nominate yourself or your organization.
   5) All nominations, to be valid, must contain your reasons, however
brief, on why you are nominating the individual or organization, along
with a means of contacting the nominee, and your own contact number. No
anonymous nominations will be allowed.
   5) Every person or organization, with the single exception of EFF
staff members, are eligible for Pioneer Awards.

You may nominate as many as you wish, but please use one form per
nomination. You may return the forms to us via email at:
             pioneer@eff.org.
You may mail them to us at:
             Pioneer Awards, EFF,
             155 Second Street
             Cambridge MA 02141.
You may FAX them to us at:
             (617) 864-0866.

Just tell us the name of the nominee, the phone number or email address
at which the nominee can be reached, and, most important, why you feel
the nominee deserves the award.  You can attach supporting documentation.
Please include your own name, address, and phone number.

We're looking for the Pioneers of the Electronic Frontier that have made
and are making a difference. Thanks for helping us find them,

The Electronic Frontier Foundation

              -------EFF Pioneer Awards Nomination Form------

Please return to the Electronic Frontier Foundation via email to:
          pioneer@eff.org
or via surface mail to EFF 155 Second Street, Cambridge,MA 02141 USA;
or via FAX to USA (617)864-0866.

Nominee:
Title:
Company/Organization:
Contact number or email address:
Reason for nomination:
Your name and contact number:
Extra documentation attached:

              -------EFF Pioneer Awards Nomination Form------

      [USE WHATEVER SPACE YOU NEED; BLANKS AND UNDERSCORES DELETED BY PGN...]

Please report problems with the web pages to the maintainer

Top