Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
The new `Daily 3' numbers game slated to begin today in California was postponed at the last moment by state officials concerned that the game might have been unfair. The problem was discovered only on Wednesday (8 Apr 1992), and diagnosed the following day. The final test indicated that the quick-pick pseudorandom number generating algorithm was biased. After a quick-fix programming change, the game is now scheduled to start next Monday. [Source: San Francisco Chronicle, 10 Apr 1992, p.A21] [I suppose this will inspire a new research area — Byzantine Pseudorandom Number Generators, in which 3n+1 PNGs are required to guarantee correct behavior in spite of n malicious or arbitrarily malfunctioning PNGs. I heard on 1 Apr 1992 that Les Lamport has been asked to apply to the State of California for a research grant on this topic. But he was skiing (or Byzantining?) in Nevada. PNG — oops, I mean PGN]
Marks & Spencer is looking for the cause of an embarrassing glitch in systems
at its shop in Paris which led to customers being massively overcharged. The
retailer's Visa credit card transaction system added two zeros to 300 customer's
bills so that a 1 pound pork pie cost 100 pounds. Marks' barcode and receipt
printing systems were not faulty.
[Source: a clipping from Computing, 21 Nov
1991, contributed by Dorothy R. Graham of Grove Consultants, Cheshire, UK.]
London Ambulance Service continues to have software problems with its emergency dispatch system. The new 1.1M-puond system (being developed by Datatrak and Systems Options, with Apricot hardware) crashed on its first training session. Last year, an earlier system failed two major tests, and was scuttled; the Service sued the vendor (BT subsidiary IAL) and subcontractor (CGS). That system had costs escalate from 2.5M pounds to 7.5M pounds, and was supposed to have been ready in the summer of 1990. Another system for south London's nonemergency calls crashed in its first week, in April 1991. [Source: An article by Jason Hobby in the Computer Weekly, 5 Dec 1991] On 7 Feb 1992, an operator inadvertently switched off a screen, losing four emergency calls. On one occasion, the details of a call were lost; the caller called again half an hour later and was told that the details had been lost (by the computer), and an ambulance was dispatched. The patient later died, although ``it is not proven that there was any link between the delay and the death.'' [Source: An article by Jason Hobby in the Computer Weekly, 20 Feb 1992] [Both articles were contributed to RISKS by Dorothy R. Graham, Cheshire, UK]
The National Audit Office has issued a report blaming ``unreliable computer data'' for failing to identify high-risk groups of women being screened for cervical and breast cancer, which reduces the chances of successful scanning, and so contributes to the deaths of 15,000 women in England each year. The software is developed by Family Practitioner Services in Exeter. The report is now up for review by a Parliament select committee. [Source: Article by David Evans, Computer Weekly, 20 Feb 1992, contributed by Dorothy R. Graham, Cheshire, UK]
Drug Offender Faces Murder Rap
PATERSON, N.J. (AP)
A drug offender under house arrest killed another man after a computer error
enabled him to break his electronic anklet and leave the house, authorities
say. Tony Palmer, a 21-year-old who had been serving a three-year sentence,
was charged with fatally shooting Vernon Major, 19, last week.
The electronic surveillance system sets off an alarm if the prisoner moves
more than 150 feet from a transmitter or breaks the bracelet or anklet. The
alarm sounded and a printer in Trenton placed an asterisk by Palmer's name, but
the information was not transmitted to a computer monitored by parole officers,
Corrections Department spokesman Jim Stabile said Wednesday. The printout also
is checked, but 700 names move constantly on that line, Stabile said.
Inaccurate
The Department of Justice's Central Address File, which will be used to record
and preserve the names and addresses of aliens and their representatives in
deportation proceedings, was reviewed by the General Accounting Office. The
File is not yet fully implemented but initial reviews indicate problems. The
General Accounting Office report (Jan. 23), covering a review of only four
field offices, estimates that 22 percent of the records of the names and
address of aliens involved in deportation proceedings were inaccurate. GAO
believes that for ALL offices, some 12 percent of aliens may not be able to be
notified about their deportation hearings due to inaccurate names and addresses
under this system.
The Justice Department indicates plans to revise its current procedures.
However, it isn't clear how they are going to achieve 100 percent accuracy in
notification, which is essential when a deportation matter is at stake. Not
appearing at a hearing can mean that individuals will lose their rights under
the law, since it can and will be assumed that they were notified as required
by law and/or did not let the authorities know when they moved. Recently, the
U.S. has drastically (and often unfairly) restricted appeals and other
protections in many deportation and political asylum cases. The result has
been shameful incidents, including the deportation of Haitians who are now
being threatened upon return to their country of origin. Data entry problems
will simply reinforce those governmental decisions, resulting in automatic
deportation orders when persons do not show up for their hearings. Reliance
upon the computer as an essential part of this critical process *without other
forms of notification and review of agency procedures to ensure appropriate
protection of applicants* will cause great problems.
Sanford Sherizen, Data Security Systems, Inc., Natick, MASS
For once, the New York Times had something intelligent to say on this matter in its lead editorial the other day. If astronomers are really convinced that the Earth-crossing asteroid impact threat is serious, would they be willing to take observing time away from other programs on *existing* instruments and devote it to the search? Oh, well maybe it's not THAT serious! :-) (The NYT stylebook forbids smilies, but if they ever used one, it would have been right there.) If the asteroid search is less important than anything telescopes are being used for now, the taxpayers might be forgiven for suspecting that this proposal has more to do with creating work and facilities for folks who've chosen to build their careers around space based interception issues than it does with a sensible and properly prioritized approach to protecting the planet. The RISK here is our old favorite: institutional and career imperatives are capable of improperly driving public policy unless we keep a watchful eye out. Most people trust "astronomers" and "scientists" to tell us what is really important in that mysterious realm out there. When they trot out diagrams and photos, we naturally tend to accept their conclusions. But it ain't necessarily so. (I am not saying anything is fundamentally wrong with the process, though, since public inquiry like this very discussion tends to weed out errors.)
A minor correction might be in order on the posting about the problems and
risks of "monitoring for astroidal risks".
The (widely believed) event of 65 million years ago was probably the last
"stream clean most of the planet" size event, actual estimates of large
(nuclear explosive level) collisions are for much smaller time scales such as a
few thousand years apart for megaton size to once per million years for objects
capable of devestating medium sized countries. Still hypothetical but with
some evidence is that a medium sized sea strike triggered or contributed to ice
age. There are a couple of examples of visible "smallish hits" in last few
thousand years such as "Arizona's Meteor" crater. Of significance (and I am
sure done a disservic by the media) it that one of the Nasa's proposals is
simply to find and track these smaller but not harmless objects which are also
of a scale that would be currenly feasible to deflect.
I don't recall the exact numbers but the explosive power of a meteorite
(because of velocities range) range through equivalence in mass to power of
high explosives.... as such a small objects of nickle iron are equivalent to
lower nuclear range. A 20 meter chunk could be Hiroshima scale, a 100 meter
chunk, megaton scale!!!!
Les DeGroff (degroff@intellicorp.com)
Like Brian Kantor (yo, dude) I'd be surprised to hear that there are many
phones which can't be tapped at the end office switch. From reading the
Sessions piece and other accounts I think what the FBI really wants is to place
taps from their office in Washington (or perhaps from say, Colorado, to save on
toll charges) so that they won't have to spend the staff effort to actually
visit a CO. Instead, they'll just type a few keys and have the datastreams
associated with calls from or to certain numbers duplicated and copied to their
equipment. This capability will save them money and effort, reduce the chance
that targets will learn about taps by suborning telco personnel, enable them to
place many more taps, and just maybe increase the incidence of unlawful
(warrantless) tapping. Of course, I am surprised that Sessions thinks the
American people will want to pay higher phone bills in order to help the FBI
tap their phones.
Mark Seecof <marks@latimes.com>
Could use of "non-standard" or uncommon compression techniques to facilitate high-speed data transmission also be undesireable for the NSA/FBI? Use of experimental/modified "coding" of data for purposes of compression could make data just as inaccessible as if it were encrypted for purposes of security.. Should we expect laws against use of non-standard data compression to succeed laws against data encryption? On top of the patent problems related to data compression techniques, could this provide a killing blow for non-corporate research into coding/modelling? (I may have used "compression" & "coding" in a slightly more interchangeable way than experts in the field would like - do not hesitate to correct me, but please accept my apologies in advance..) Smail: Conrad Hughes, 42 Temple Road, Dublin 6, Ireland Email: chughes@maths.tcd.ie Voice: +353-1-976143
> the Guardian reported that all the leaders of the Basque separatist > organisation ETA had been captured in a police raid in France. (ETA is a > terrorist organisation in Basque, Spain which want independence from Spain. A correction here. Basque country consists of three Spanish provinces and two French prefectures. The ETA wants to get all five in a independent country, but they are currently only active in Spain, although they take refuge in France. dik t. winter, cwi, kruislaan 413, 1098 sj amsterdam, nederland dik@cwi.nl
Seeing the praises for the TV series in RISKS, I must add that while what was shown was well done, I did notice that the one BIG OMISSION in the "conventional" histories of the business was also omitted from the show. That is the pioneering work in Iowa in the 1930s (about 1937) by Atanasoff, a physicist, who built a working machine that did perform calculations using vacuum tubes. I recall that he actually won a patent suit against Univac, which had been claiming patents on the basic idea of programmable (?) electronic computers. So why doesn't he get the credit that is his due? Perhaps he needed a better public relations department! Dick Kain (kain@ee.umn.edu) - EE Dept., University of Minnesota
Out of respect for John V. Atanasoff's efforts with the ABC Computer, "The Machine That Changed the World" has been very careful to avoid the term "first" in speaking of the ENIAC computer. Generally, we refer to it as the first "working" electronic computer. However, the decision NOT to include Atanasoff's computer in the series was made only after a great deal of consideration. There is much debate about Atanasoff's machine — did it ever really work?; could it be considered a "programmable, digital, computer" as we defined the computer for the purposes of our series?; how does one weigh the pronouncement of a judge against the opinion of the majority of the computer community (including historians) regarding Eckert and Mauchly's place in computer history versus Atanasoff's? Ultimately, we came to the conclusion that the series (with its inevitable time constrictions) can only focus of those machines that influenced further development in the field. With that criteria, we could not justify spending the large amount of time that would have been necessary to tell the Atanasoff story. In addition, some authors claim that Mauchly "stole" the idea from Atanasoff is unproven and without Mauchly to tell his side, we felt that exploration of this part of computer history would only lead to the dead end of inconclusiveness. We understand and appreciate the controversy regarding Atanasoff, but feel that our decision was correct. In the words of Sir Francis Darwin (in 1914): "In science, the credit goes to the man who convinces the world, not to whom the idea first occurs. Producers, "The Machine That Changed the World" [From dave marvit, wgbh@media.mit.edu]
We saw the posting by Brian Tompsett <bct@cs.hull.ac.uk> who asks ... > Are we being manipulated by global telecasting > on an Orwellian scale? Who can tell? Not easy is it. I can assure readers of RISKS that there is nothing Orwellian in the multi-versioning of the series. Jon Palfreman (executive producer) responds: BBC programs are about 7 minutes shorter and that is the main difference. There are small differences of emphasis to reflect the interests and knowledge of the different audiences. For example, where there is a British figure who is well known he is mentioned (i.e. Sir Clive Sinclair
Computer Users Foil Virus [Augments Slade, RISKS-13.27, for archives]
"Peter G. Neumann" <neumann@csl.sri.com> Fri, 10 Apr 92 10:07:37 PDTBy Don Clark, c.1992, San Francisco Chronicle, 7 March 1992 Michelangelo claimed relatively few victims Friday, leaving experts to debate whether news media over-hyped the computer virus or performed a useful service by warning the public to take precautions. The virus apparently destroyed data in a few thousand personal computers around the world, far short of expectations. Researchers had estimated that the destructive software program had spread to anywhere from 100,000 to 5 million computers out of about 80 million IBM-compatible machines worldwide. Most large businesses and institutions heeded the headlines and used special software to inspect and clean their personal computers before Michelangelo's birthday March 6, when the virus was set to go off. But some individuals and small businesses did not and came to regret it. One of them was Bill Permar, a Sausalito accountant who turned on his computer to find that Michelangelo had destroyed the contents of two large disk drives containing his clients' tax data and other records. Although he had backup copies of that data, he was still struggling with his computer late Friday. ``I thought it was a lot of media hype,'' Permar lamented. Michelangelo, written by an unknown prankster last year, caught the public imagination for several reasons. The program is among the most destructive of the more than 1,000 viruses in existence; when activated, the virus writes random characters over data on a personal computer's hard disk, making recovery almost impossible without backup copies of files. The program spreads through the exchange of floppy disks. The widespread publicity over the March 6 deadline led to a drawn-out countdown on television, radio and in newspapers. Some computer professionals think Michelangelo did a good deed by making millions of people aware of the danger of viruses. The state of California, for example, spent most of this week checking its thousands of personal computers for Michelangelo. Only one infection of that virus was found, but the check turned up other viruses on numerous machines. On the other hand, some said the coverage may have unduly caused public hysteria and could inspire other pranksters to develop destructive programs. ``I'm sure there are a dozen kids right now saying, `I bet I can top that,''' said Joseph Pujals, the state's information security manager. Michelangelo's typical victims include New Salem Baptist Church in Kennesaw, Ga.; Vigil Printing, a small firm in Chicago; and Save the Whales, the Venice (Los Angeles County) nonprofit group. Save the Whales lost its membership list, correspondence and a newsletter that was about to be printed. Patricia Hoffman, a Santa Clara virus expert, said she had confirmed reports of 125 small U.S. businesses affected. American Telephone & Telegraph Co. confirmed that Michelangelo hit four of its 250,000 computers nationwide. Other countries were hit harder. Some 750 to 1,130 personal computers in South Africa reportedly were plagued by Michelangelo because of the widespread use of a bootleg version of the operating system used on IBM and compatible machines. Forty-eight companies or institutions were hit in Australia, 25 in Hungary, 10 in China and eight in Japan, Hoffman said. Many victims were loath to admit that they did not take action, a possible factor in the low number of Michelangelo victims reported. ``They were warned,'' said Martin Tibor, a San Rafael data-recovery expert. ``If they got hit, it will be arrogance or stupidity.'' One Bay Area public school with up to 20 stricken computers called Tibor but would not let its name be used, he said. Some experts hope that Michelangelo will hasten the development of modified operating software that make it harder for viruses to be created and transmitted. ``Some folks are working on it,'' said Peter Neumann, principal scientist in the computer-security group at SRI International in Menlo Park. ``We need something on the order of a Chernobyl before people will wake up.'' There is little doubt that the virus hype was great advertising for companies that specialize in selling virus-detection software. Symantec Corp., based in Cupertino, said it gave away 250,000 copies of a free program tailored to get rid of Michelangelo. Friday, Symantec was logging about 33 Michelangelo-related calls per hour, with about 5 percent of those people claiming that their data was destroyed. Another controversial topic is the effectiveness of anti-virus software. Some people claimed such programs did not work. ``There are a lot of really ticked off people,'' said John McAfee, a noted virus expert who runs a Santa Clara firm that sells anti-virus software. ``I think we're going to see some massive fallout in the anti-virus community.'' Manufacturers of anti-virus programs blamed the problem on the fact that customers failed to buy updated versions of the software that included protection against Michelangelo. McAfee was criticized by some observers for suggesting that millions of computers had been infected. Friday, he estimated that 10,000 computers lost data worldwide.Please report problems with the web pages to the maintainer
xTop