Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
During the first session of the women's ice skating competition, the UKs number
1 skater, Joanne Conway, complained of biased scoring after the Canadian judge
gave her only 4.2 marks while all the other judges gave around 5.0 to 5.5.
Subsequently the Canadian judge has revealed that she intended to give 5.2
marks. Each possible score has a separate button to press to signal the score
to the computerized scoring system. By mistake the judge pressed 4.2 instead
of 5.2 and, even though she realized her mistake, there was no provision to
correct the mark. The only way of correcting it would have been for the UK
team to lodge an official appeal - which wasn't considered worthwhile as it was
only the difference between 17th and 15th place.
In another incident the UK 2 man bob team, in the lead at that stage, went out
of contention after being kept at the start of 7 minutes while one of the
intermediate timing controls was fixed - note that this timer was not needed
for the actual result, just to give an intermediate split time. Perhaps another
indication of where technology becomes the master rather than the servant of
sport. (Some people have tried to read a more sinister implication of a Swiss
engineer holding the leading team up for 7 minutes which help the Swiss No 1
bob go into the lead!)
david shepherd: des@inmos.co.uk or des@inmos.com tel: 0454-616616 x 625
inmos ltd, 1000 aztec west, almondsbury, bristol, bs12 4sq
[The old Swisseroo? Bobbing for Apples (if they were using a Mac)?
The "Unified" team now has to settle for good marks and Lennon music.
Next time someone will figure out how to hack into the scoring computers.
I wondered on several very obviously partisan judge's scorings, with
outrageous (+/- outlier/outliar) scores, whether the judge was overtly
trying to cheat ... I thought they used to discount the highest and
the lowest scores on judged events, but apparently not. PGN]
AIRBUS CRASH PROBE CITES HUMAN, TECHNICAL ERROR PARIS, Feb 20, Reuters - French television said on Thursday a preliminary report to be published next week on the causes of last month's Airbus A320 crash which killed 87 people did not blame the disaster on any single factor or person. The TF-1 channel said the independent commission's report concluded that a mixture of human and technical error had caused the Air Inter flight from Strasbourg to Lyon to plough into a snow-covered mountainside on January 20, just five minutes before it was scheduled to land. Nine people survived. TF-1 said the commission's findings showed the Strasbourg airport was not equipped with landing approach systems matched to the sophistication of the Airbus, and that there were serious failings in the crash plane's altimeter system. The commission concluded the pilot either did not know how or was unable to stop the plane's abnormally rapid descent, according to TF-1. The station did not reveal how it gained access to the report. Publication of the report was delayed because Transport Minister Paul Quiles is visiting Portugal on Friday and wants to study the findings before commenting. The French civil aviation authority has already taken some preliminary measures, urging all airlines flying the A320 to review their procedures for using the VOR-DME beacon system for landing. But the authorities decided against grounding the planes, saying there was no initial evidence that mechanical problems caused the disaster. National carriers Air France and Air Inter earlier this month banned their pilots from using the automatic landing procedure until further notice. A spokeswoman for Toulouse-based Airbus Industrie said earlier the aircraft maker did not yet have a copy of the report and would have no comment until it did. Meanwhile a judge investigating legal responsibility for the crash staged a reconstruction flight on Thursday, circling the accident site three times.
[RISKS-13.14 included "Australian Government Bungles Private Data". Bruce submitted the article "DSS blames printer restart for bungle", by John Hilvert, in Computerworld Australia, 14 Feb 1992, omitted here. That article supports the printer-restart synchronization glitch theory. PGN] By one of *those* coincidences, it was reported on TV the same week that a branch of the Australian Taxation Office (ATO) sent similarly misprinted forms to some (as I recall, 80) taxpayers. Two of the taxpayers had contacted each other, then presumably the media, to share their disgust at the release of income and savings data. An ATO employee on the TV claimed that the misprints had been caused by a folded page in a box of paper. Bruce Howarth, Uni of Technology Sydney
[Translated by DWW from the Berlin daily Newspaper "Tagespiegel", 22 Feb 1992] lui, Rome, 21. February 1992. [...] Half a million Italians are the proud owners of portable telephones. The cordless appliance has become the favorite toy of the Southerners, but the game may soon be over: the "telefonini" are not protected. Under the motto "Buy one, pay for two", crooks sell manipulated phones that are used so that the buyer has to pay for the toll calls of the seller. The trick works like this: the crooks take a computer with a computing program [whatever that is ;-) dww] like the ones uses to crack automatic teller machines, and fuss with it until they find the secret code for the telephone. The code is a combination of the telephone number and the serial number that is supposed to only be available to the telephone company SIP. When the code has been cracked, it is no problem to transfer it to a second telephone, so that both telephones have the same license number. One phone is sold "under the hand" by the crooks. As an added deal, the buyer not only gets to pay his own phone bill, but the fees run up on the second phone as well. The Italian underworld is especially keen on using this method.[...] The mafia uses the "portabili" for conducting their unclean business. [... The police] have not been able to find the instigators, but they suspect that employees of the telephone manufacturing company are involved, as they have the knowledge of how the phones are constructed. [...] The portable telephone is well-known for the ease of tapping the telephone conversations [which cannot, however, be traced to the place of origin. A book calle "Italy, I hear you calling" with some of the more interesting tapped conversations has just been published.] [Why is such a telephone easy to crack and easy to reprogram? dww] Debora Weber-Wulff, Institut fuer Informatik, Nestorstr. 8-9, D-W-1000 Berlin 31 +49 30 89691 124 dww@inf.fu-berlin.de
[I sent this as a reply to Telecom. It's probably not a serious enough
risk to go into Risks, but I thought I'd let you decide. --Randy]
In TELECOM Digest Volume 12 : Issue 108, the moderator (Patrick A.
Townson) discusses Ameritech Voice Mail Commands and Security Flaws:
> After the message has played out, 5 to delete it; 7 to save it.
Considering that the Aspen voice mail product (from Octel,I think) uses 7 to
delete a message, and that Aspen is widely used by businesses, this seems an
unfortunate choice, as people with Aspen at work and IBT RVMS at home will be
likely to confuse 7 and end up deleting messages by accident. Of course, this
is not as serious a risk of nonstandardization as airline flight controls which
differ from model to model :-).
--Randy
An Associated Press article on new processor chips announced at the
International Solid State Circuits Conference appeared in the (Minneapolis)
Star Tribune last Thursday. It says, in the middle:
Most of the chips use a technology called reduced instruction
set computing (RISC), which speeds the processing of data
by limiting the number of instructions the processor must execute.
The microprocessors that power personal computers, by contrast,
use a different technology.
Of course, limiting the number of instructions a processor knows how to execute
typically increases the number of instructions it must execute.
The Op-Ed page of The New York Times yesterday (Feb 23) has an essay by David
Gelernter from Yale's CS dept complaining that when newspapers (even The Times)
use the term "operating system", they feel obliged to define it. But someone
who doesn't know what one is is "not going to learn on the basis of a single
phrase, no matter how artfully crafted".
He doesn't mention how misleading a single phrase can be, if crafted by
a reporter who doesn't know technology.
-John Sullivan, Sullivan@Geom.UMN.Edu
[This is an article which I recently posted to comp.sys.handhelds and
comp.sys.hp48. It is in response to a discussion regarding the use of
calculators on university exams. I am posting it to comp.risks because it
demonstrates the risk of introducing computing power into the classroom
where it may be misused. TMB]
I have reviewed the responses concerning calculator policies at universities
from all over the world. Thank you to everyone for sending them. The
following is my proposed policy. This policy is intended to eliminate problems
associated with using note-style information, without eliminating the use of
the calculating power of these devices. If you have any comments, please post
them after thinking them through fully.
Proposed Policy Regarding the Use of Portable Calculating
Devices during Closed-Note Examinations
If a student uses a portable calculating device during a closed-note
examination for the purpose of storing notes, that student shall be considered
guilty of an infraction equivalent to using said notes as they would appear on
paper.
In the case that a proctor believes beyond a reasonable doubt that a
student is violating the above policy, that proctor shall immediately remove
the calculating device from the student's possession. The proctor may then
choose whether or not the student should be allowed to complete the
examination. The calculating device shall remain in the possession of the
proctor until the contents of its memory--both vendor supplied and user
programmed--can be examined.
The decision of whether or not the above policy has been violated
should be based upon the judgement of a faculty member who shall examine the
memory of the calculating device before it is returned to the student. In the
case that the memory is found to contain information which, when transferred to
paper, would be considered an unallowable aid, the student shall be considered
guilty of the infraction described above.
In the case that the student is found to not be in violation of the
above infraction, the student should be allowed to rewrite the examination if
the student so chooses. Alternately, if the student is found to be in
violation, the student is subject to the same university policies that govern
the use of unallowed notes equivalent to that which would result from
transferring the memory of the calculating device to paper.
In no case will the student forfeit possession of the calculating device
indefinitely.
Respectfully submitted, Todd M. Bezenek
Todd Michael Bezenek, KO0N Internet: bezenek@plains.nodak.edu
UUCP: uunet!plains!bezenek Bitnet: bezenek@plains
>From @yonge.csri.toronto.edu:msb@sq.sq.com Mon Feb 24 14:50:45 1992
You write in can.general:
> Yesterday, thieves broke into a VanCity Savings branch and stole
> two bags from a night deposit box. But not to worry - unless
> you're in the computing game and proud of it - " ... all they
> got were worthless computer printouts and administration documents."
Mark Brader, Toronto, utzoo!sq!msb, msb@sq.com
>From the Columbus, Ohio, _Dispatch_. Any typos are mine. Computer Hackers Get Into Private Credit Records DAYTON - Computer hackers obtained confidential credit reports of Midwest consumers from a credit reporting firm in Atlanta. Atlanta-based Equifax said a ring of 30 hackers in Dayton [Ohio] stole credit card numbers and bill-paying histories of the consumers by using an Equifax customer's password. Ronald J. Horst, security consultant for the company said the break-in apparently began in January. Police don't know if the password was stolen or if an employee of the client company cooperated with the hackers. Horst said the hackers were apparently doing it just for fun. No charges have been filed. Equifax will notify customers whose credit reports were taken. [End of quotation] The usual caveats about media reporting of computer-related topics apply here. One thing I don't like about this article is the implication that since the hackers were doing this for "fun", they won't be prosecuted. Of course, the article doesn't say that exactly, but I'll be watching to see if this case goes any farther. I'll also be waiting to see of I'm one of those people whose credit reports were stolen, and, if so, what Equifax intends to do about it other than to notify me. Joe Brownlee, Analysts International Corp. @ AT&T Network Systems, 471 E Broad St, Suite 2001, Columbus, Ohio 43215 (614) 860-7461 joe@cbquest.att.com
VT Caller ID Decision The Vermont Public Service Board has just released its Caller ID decision. It's good result with an interesting new wrinkle. Vermont will require that New England Telephone (NET) make free, per-call blocking available to all subscribers. NET will also be required to provide free, per-line blocking to all subscribers with non-published telephone numbers. And NET will be required to provide free, per-line blocking to all subscribers who have "a legitimate concern that it would be unsafe to transmit" their telephone numbers, including clients, volunteers and staff associated with domestic violence and sexual assault agencies. The Hearing Officer initially recommended that such requests should be subject to review by NET, but the Public Service Board rejected this approach. The Board ruled that all customers should be entitled to receive free per-line blocking through a "simple declaration." The Vermont Public Service Board thus found a clever solution to a difficult problem that was first identified in the Pennsylvania Caller ID case. In that case, as in Vermont, concern was expressed that certain individuals may require blocking to maintain personal safety. But the Bell company's proposed "certification procedure" left it unclear as to who would qualify for privacy protection or how adverse decisions could be appealed. For these reasons, the Pennsylvania court held that the certification procedure violated basic due process rights. (The Pennsylvania court also found that Caller ID violated the state wiretap statute and the state constitutional right of privacy and ruled that the service could not be offered in the state). The due process problem — deciding who is entitled to greater privacy protection and who gets to makes the decision — remains one of the most interesting and difficult issues in the Caller ID debate. In ruling that phone subscribers should be entitled to decide for themselves whether per-line blocking is appropriate, Vermont has avoided the due process problem that arose in Pennsylvania. In the Vermont proceeding, CPSR was asked to serve as the Board's expert witness after the Board determined that "there existed a serious imbalance in the respective parties' ability to present evidence on all relevant issues." New England Telephone then retained Harvard Law School Professor and Legal Affairs TV Commentator Arthur Miller as their expert. Professor Miller had earlier stated that Caller ID should be offered without blocking, but in this case acknowledged that per-call blocking might be an appropriate solution. CPSR provided extensive testimony for the Vermont Public Service Board on the privacy implications of Caller ID after carefully reviewing concerns expressed by those affiliated with domestic violence shelters in the state. Marc Rotenberg, CPSR Washington Office
Jeff Helgesen relates a Chicago Tribune article on the sharp increase in Carpal
Tunnel Syndrome (repetitive-motion disorder) and the discussion about high-risk
workplace environments. The article said, in part,
|When someone applies force over and over to the same group of muscles,
|the same joint or the tendon, the result may be tissue tears and trauma.
|Other factors causing damage are awkward joint posture and prolonged
|constrained posture.
I have no doubt that this is true as stated. However, anecdotal
evidence causes me to wonder if we're missing something. (I emphasize
that this is anecdotal.) Every sufferer of carpal tunnel of whom I am
personally aware is a cashier at a supermarket. Yet, I work in a
laboratory where some very intensive computing activity takes place. We
have people who frequently spend more than 10 hours out of 24 at
keyboards. I am unaware of any carpal tunnel cases here (although I
admit the possibility). This causes me to wonder:
What part does psychological or emotional stress play in the
development of repetitive-motion disorders?
Supermarket cashiers do the work largely for the money. Folks at this lab work
here for the same reason, but there is great job satisfaction, (dare I call it
"fun?") here that doesn't exist at the grocery store. Does it matter?
(It's no less a risk either way, but it's better to understand the risk as much
as possible.)
Brint
[By the way, apologies for losing Elizabeth Willey's contribution in
RISKS-13.15. She pointed out that there are lots of parts of the body
that can suffer from repetitive motion syndromes, not just the carpal
tunnel areas. Somehow her message got lost. Sorry. PGN
Marc Horowitz was correct and Perry E. Metzger and Rich Kulawiec, with the
support of Peter Neumann, proved him correct.
Dave
(This is being posted on behalf of M. Stuart Lynn)
As I am sure you are aware, a new Macintosh virus, MBDF-A, has been detected in
the Info-Mac archives at SUMEX-AIM that has also been mirrored to other
archives. Furthermore, it appears that the virus may have originated from or
have been vectored through a machine at Cornell.
Other folks are addressing issues of detection, elimination, and prevention. I
just want you to know that we at Cornell take this situation most seriously,
and are doing everything we can to track down the origin and the originator of
this virus. The university absolutely deplores this kind of behavior, and
should it indeed prove that the originator was a member of this community we
will pursue all appropriate remedies under our computer abuse policy.
If anyone out there has any relevant technical information that would help us
track down the originator, I would appreciate it if you would send it to Tom
Young (XMU@cornellc.cit.cornell.edu).
M. Stuart Lynn, Vice President for Information Technologies, Cornell University
607-255-7445
[Also posted to RISKS by
laurie@piccolo.cit.cornell.edu (Laurie Collinsworth)]
FBI Eavesdropping Challenged
WASHINGTON (AP, 17 Feb 1992)
Cellular telephones and other state-of-the art telecommunications technology
are seriously challenging the FBI's ability to listen to the telephone
conversations of criminal suspects, law enforcement officials say. The FBI is
seeking $26.6 million next year to update its eavesdropping techniques.
Normally tight-lipped FBI officials become even more closed-mouthed when the
subject of investigative "sources and methods" comes up. But a review of the
bureau's 1993 budget request provides an unusual glimpse into the FBI's
research on electronic surveillance and its concerns about new technologies.
"Law enforcement is playing catchup with the telecommunications industry's
migration to this technology," said the FBI's budget proposal to Congress. "If
electronic surveillance is to remain available as a law enforcement tool,
hardware and software supporting it must be developed."
The new technologies include digital signals and cellular telephones. At
the same time, there has been an increase in over-the-phone transmission of
computer data, which can be encrypted through readily available software
programs, say industry experts and government officials.
The FBI's five-year research effort to develop equipment compatible with
digital phone systems is expected to cost $82 million, according to
administration figures.
The FBI effort is just a part of a wider research program also financed by
the Pentagon's secret intelligence budget, said officials who spoke on
condition of anonymity.
Electronic surveillance, which includes both telephone wiretaps and
microphones hidden in places frequented by criminal suspects, is a key tool for
investigating drug traffickers as well as white-collar and organized crime.
Conversations recorded by microphones the FBI placed in the New York City
hangouts of the Gambino crime family are the centerpiece of the government's
case against reputed mob boss John Gotti, now on trial for ordering the murder
of his predecessor, Paul Castellano.
Taps on the phones of defense consultants provided key evidence in the
Justice Department's long running investigation of Pentagon procurement fraud,
dubbed "Operation Ill Wind." But with the advent of digital phone signals, it
is difficult to unscramble a single conversation from the thousands that are
transmitted simultaneously with computer generated data and images, industry
officials said.
"In the old days all you had to do was take a pair of clip leads and a head
set, put it on the right terminal and you could listen to the conversation,"
said James Sylvester, an official of Bell Atlantic Network Services Inc. But
digital signal transmission makes this task much more difficult. Conversations
are broken into an incoherent stream of digits and put back together again at
the other end of the line.
John D. Podesta, a former counsel to the Senate Judiciary's law and
technology subcommittee, said the FBI and other law enforcement agencies are
simply victims of a technological revolution. For more than 50 years the basic
telephone technology remained the same.
Please report problems with the web pages to the maintainer