Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
A fingerprint found in an unsolved 1984 murder of an 84-year-old woman was kept in the San Francisco police database all these years. Recently the SF print database was linked with the Alameda County database. The old print matched a new one taken in connection with a petty theft case, and so eight years later the police were able to solve the old case (burglary, arson, homicide). The two girls implicated were 12 and 15 at the time. [Source: Article by Stephen Schwartz, Chronicle Staff Writer, San Francisco Chronicle, 22 Feb 1992, p.A16]
From the Feb. 21 Toronto Globe and Mail... "A misplaced computer byte has forced a daily newspaper in Kingston to chew a sizeable hunk out of its budget for 1992. The $300,000 glitch, discovered last month, means the Whig Standard will be hiring only two students to work as reporters or editors this summer instead of five, and also has forced it to reduce its spending for freelance stories, editor Neil Reynolds says. The computer in the newspapers accounting department somehow managed to understate editorial cost by $300,000 when it spewed out editorial budget planning numbers last fall..... The newspaper is thoght to have a total editorial budget of about $3 million a year." What is interesting about this particular error is the size of the error compared to the budget : 10%. Surely some cursory review should have identified an error of this magnitude. Jim Carroll, J.A. Carroll Consulting, Mississauga, Canada jcarroll@jacc.uucp Voice/Fax +1.416.274.5605 MCI, Bix JCarroll
Quotes from an article in the New Scientist 15 Feb 1992: The US Army's Patriot missiles missed many of the Iraqi missiles that the US thought they had shot down during the Gulf War, according to a new analysis. Iraqi's modified Scud missile, called the Al-Husayn, was difficult to hit because it was so unstable that it broke into pieces when it reentered the atmosphere, creating a confusing barrage of debris. Ted Postol, a professor at MIT, re-examined the Patriot's war record at the request of a Congressional committee. He found that deploying Patriot missiles defences did not reduce damage during Iraq's missile attacks on Israel and Saudi Arabia. Postol then examined videotapes recored by TV journalists that seemed to show the Patriot missiles successfully intercepting Al-Husayn missiles. Paytheon, the Patriot's manufacturer, has used this footage to promote its missile. Incoming Iraqi missiles are visible on the videotapes because of their velocity, about two metres per second, {that must be a mistype in the article, I expect it should be two kilometers per second W.} makes them glow incandescently as they re-enter the athmosphere. The videotape also captures the explosions of the Patriot interceptors. Postol played these videotapes in slow motion to an audience of the AAAS. As the Patriot detonations flashed on the screen, Postol stopped the tape to show how far these explosions were from the glowing Al-Husayn warheads. In most cases, the Iraqi Al-Husayn warhead appeared to fly straight on unharmed. In one case, there was a fireball as the Iraqi warhead exploded on impact with the ground. The army claims that the Patriots successfully intercepted 45 of the 47 missiles they tried to shoot down. But Postol says the tapes show that in some of these cases, the Patriots missed their targets by at least a kilometer. Postal measures this distance by comparing the relative motions of the Patriot fireball, which stays in one place, and the Al-Husayn warhead. The Patriot had a particularly hard time hitting the Al-Husayn because of problems with the Iraqi missile. Iraqi engineers had extended the range of the Soviet Scud-B missile by lengthening its fuel tanks and making its warhead much lighter. The changes made the missile unstable, and caused the Al-Husayn to flop belly-first as it re-entered the athmosphere, often breaking up in the process. the Patriot missile had to distinguish between the Al-Husayn's warhead and other debris such as the empty fuel tank and tail fins which rained from from the sky. In effect, the Iraqi missile released unintended but effective "decoys" to distract the Patriot, said Postol. Ther Patriot had its own problems as well. One software bug could have directed the Patriot to attempt to intercept an incoming missile at a point below ground. In one case this bug may have caused a Patriot to turn back and dive into the ground. Postol argues that the effectiveness of the Al-Husayn's unintended decoys shows how extremely simple factors can frustrate attempts to shoot down ballistics missiles. This could teach scepticism when it comes to evaluating the claims made for missile defence technologies, such as plans for the US Star Wars system. Raytheon disputes Postol's conclusions, but has not yet made public a detailed analysis that would rebut his claims. Defenders of the Patriot believe the damage on the ground could have come from falling debris rather than from detonations of the Iraqi missile's warhead. [It is funny how what starts as a great success, turns out less than so, when investigated. It also demonstrates that very simple systems can (and do) prevent the high technology systems working, as well as showing that designers of such systems get a mindset as assumes the opponents have the same mindset. This is not always so... Lord John - The Programming Peer]
On National Public Radio's Morning Edition program this AM, one report concerned the series of crashes that have plagued the Airbus 320. According to this report, MOST 320 aircraft have an alarm that informs the pilot that s/he is flying too low, but France does not require this alarm and so aircraft sold to and/or operated by French companies do not have this alarm installed. I don't even qualify as a dabbler in this area, but if I recall correctly, at least 2 out of 3 crashes, and possibly all 3, involved French aircraft. Since they have also been somewhat similar (an apparently _unnoticed_ loss of altitude), could this help to explain what happened? If so, this points to a particularly interesting human interface problem -- perhaps the A320 tends to drop faster than other aircraft, but, since there is no alarm, [some] pilots do not realize what is happening until they're too low to do anything about it. Any comments from qualified persons? Andrew Marchant-Shapiro, Depts of Sociology and Political Science, Union College, Schenectady NY 12308 518-370-6225 marchana@union.bitnet
There was a big case in the Netherlands over 5 years ago where they did the same. The scheme involved renting a mobile phone from the Dutch PTT, copying the EPROM, transfering the EPROM to a mobile phone which had been stolen, and then returning the rented phone. This way, as the phone gets re-rented again to various persons, the bill gets spread out, and it will be less obvious. BTW, what inferior kind of ATM's do they have in Italy that let you tamper with the EPROMS inside? Maybe we have some over here in Holland too? :-)
2 Cornell Students Arrested for Spreading Computer Virus LEE A. DANIELS, N.Y. Times News Service Two Cornell University undergraduates were arrested Monday night and charged with developing and spreading a computer virus that disrupted computers as far away as California and Japan, Cornell officials said. M. Stewart Lynn, vice president for information technologies at the university in Ithaca, N.Y., identified the students as David Blumenthal and Mark Pilgrim. Lynn said that both Blumenthal, who is in the engineering program, and Pilgrim, in the college of arts and sciences, were 19-year-old sophomores. They were arrested Monday night by Cornell and Ithaca police officers. Lynn said the students were arraigned in Ithaca City Court on charges of second-degree computer tampering, a misdemeanor, and taken to the county jail. Lynn said authorities believed that the two were responsible for a computer virus planted in three Macintosh games on Feb. 14. [...] He identified the games as Obnoxious Tetris, Tetricycle and Ten Tile Puzzle. The virus may have first appeared in a Stanford University public computer archive and spread from there through computer users who loaded the games into their own computers. Lynn said officials at Cornell and elsewhere became aware of the virus last week and quickly developed what he described as ``disinfectant'' software to eradicate it. He said officials traced the virus to Cornell last week, but he would not specify how that was done or what led officials to the two students. Lynn said he did not yet know how much damage the virus had caused. ``At Cornell we absolutely deplore this kind of behavior,'' he said. [reference to RTM deleted.] AP item notes both are being held in the Tompkins County Jail on $10,000 bail.
The long term issues are challenging. In a very few years, the subtablet-size portable computer will have replaced the calculator as the issue for exams. These systems will have a few megabytes (32, 64, 1GB?) of space (between the paging devices and the primary memory) and a full GUI interface. They will be preferable to notepaper (especially the pen or its successors complementing the keyboard). Even more so than the current personal computers, these systems will be an integral part of how people solve problems. Since they are also the reference devices, it is unclear what the distinction will be between and open book exam and a closed book (def: a device for presenting information) exam. Of course, one can ban them from closed book exams, but that would reduce closed book exams to an abstract exercise unrelated to actual practice. The problems become worse when we have the WAN infrastructure so that the systems have builtin packet radio connections that are an integral part of their operation. While we can still have Faraday Cage exams, they too would be useful for testing the ability to survive without intellectual assists, but would not test the more important ability to take full advantage of the technologic infrastructure. While I sometimes go off the technical deepend in predicting what is going to happen, I'm already working with the early forms of these technologies so the issue is one of timing rather than possibility. Considering that computers have still had little impact on the educational system, once these systems drop below crucial price points they will rapidly overwhelm the schools. I'm presuming the appropriate UI's will be available and that the impediments are mainly economic.
Todd M. Bezenek KO0N <plains!bezenek@uunet.uu.net> communicates his proposed policy regarding the use of calculators on closed note university exams. In brief, he would take possession of a device which he (the proctor) believes to have been used to violate the intent of closed-note examinations. He would have a faculty member judge whether the calculating machine and its memory content provided an illegal aid to the test-taking student. I guess he never heard of "due process." If you try that in universities supported by public funds, you run the risk of being sued by the student. His procedure sets up a couple of faculty as a "kangaroo court" (what does that mean, anyhow?) to judge whether a student cheated. High-tech times may call for low-tech solutions. I simply do not permit the use of calculating devices on Computer Science examinations and quizzes. The reasoning is simple: Programmers should be proficient, personally, in computation. a. Having to work out a few numerical examples by hand can help budding programmers hone their ability to see more than one way to do a computation. b. Using this ability can provide "sanity checks" on their software. c. Programmers should be able to get the answer even when their batteries have run down. I fear that at least some of the human-induced software faults discussed so often in this forum can be traced to the lack of computational skill on the part of the programmer involved. _Brinton Cooper abc@brl.mil cooper@udel.edu ab.cooper@compmail.com
In RISKS-13.16 Todd M. Bezenek proposed a policy for dealing with "the use of calculators on university exams." His posting "demonstrates the risk of introducing computing power into the classroom where it may be misused." Unfortunately, such a policy, short of banning a student from using his/her *own* calculator, could not beat technology. For example, it is easy to imagine a calculator that can be activated only by a (say 10 digit) PIN. Today's photocopiers can operate in this fashion. The new trick is to require periodical input (say every 3 minute) of the PIN. If PIN is not typed in in time, the calculator locks itself, and starts scrambling some parts of the memory (using the PIN as key). then erase the key from memory afterwards. To find any evidence of wrong doings, the memory section in question has to be examined within 3 minutes. The basic point is that if a student has his/her own Trusted Computing Base, no one can beat him/her. If this is not true, nobody would work in the field of computer security today. So ban the calculators, or supply "official" ones during exams. Li Gong, ORA Corp, 675 Mass Ave, Cambridge, MA, USA.
You might want to consider portable computing devices with wireless communications capabilities (packet, cellular, etc.)! Jeffrey Siegal
At the risk of starting a lengthy and somewhat off-topic debate, I'd like to remark that I don't think there's actually any technological risk involved here. The "problem" is that calculators with memories enable students to store data and retrieve it during the exam. The only reason this is a "problem" at all is that almost all exams are based around parrot-style repetition of memorized "facts". The solution to the "problem" is to allow all students to take in whatever reference materials they like. Then the examination will necessarily have to be a real test of problem-solving ability rather than a test of the candidate's ability to regurgitate memorized data. Of course, the problem then is that ability in examinations might in some way tally with the candidate's ability to work in real-world situations. > The calculating device shall remain in the possession of the > proctor until the contents of its memory--both vendor supplied and user > programmed--can be examined. What exactly are you going to do about the "vendor-supplied" part of the memory? Many calculators now have common physical constants stored in their ROMs; is that unfair to those who aren't allowed to take in a databook? If so, doesn't that mean that allowing people to take in a calculator which performs logarithms or statistical functions is unfair to those not allowed to take in log tables or statistical analysis reference books? mathew
Brint Cooper states that all sufferers from carpal tunnel syndrome that he knows are cashiers, and that none of the computer folks he knows suffer from it. He goes on to wonder if stress may play a role. I can't answer that question, but I can state, from both first-hand and second-hand knowledge, that computer users do indeed suffer from carpal tunnel syndrome. In my own case, the carpal tunnel syndrome is fairly mild — but I have bad problems with tendonitis. Nor was the orthopedist in any doubt about what caused my symptoms — his first question to me was ``do you use a computer keyboard much?'' He went on to state that most of his patients with tendonitis of the wrist or elbow, or carpal tunnel syndrome, were heavy computer users. That aside, I also know of several others who have suffered from both problems, including at least one who needed surgery. Psychological stress may contribute -- but don't discount the purely-mechanical. --Steve Bellovin
No, I don't discount the physical causes of carpal syndrome, tendonitis, and other occupational risks of keyboards. But I must tell you of my daughter who had such a case of tendonitis at age 14 that her hand literally locked up at the (piano) keyboard during a music lesson. I don't believe I'm violating her privacy to relate that this was a very stressful time for her for many reasons. Today, 15 years later, she's got a handle on the stress. Also, she can and does play piano for 5-6 hours at a time. It's necessary; it's how she makes her living. Physicians and others who are looking for the connection between computer keyboards and orthopaedic disease must consider the stress factors. I'd HATE to spend 8-9 hours per day keyboarding credit card information for VISA, but I've often spent that much time and more at keyboards building software, doing computations, and writing scientific reports. If we're going to build a low-risk workplace, we must address *all* the risks, not merely those that are fashionable. _Brint
I know several sufferers of CTS, and all of them are musicians. My mother was operated on both wrists, and she never had any problems with it any more. Likewise with the other musicians I know. (Most notedly string players) Here at wotk also I know of at least one case, in which the sufferer was a programmer. So also keyboard action can give it you for sure. I am pretty sure that stress and other psychological factors are involved, but bad muscular techniques are the no. 1 cause. --Ralph Moonen
I detect a dangerous elitism in this kind of observation. The author makes a sociological generalization based upon a tiny, non-random observational sample with no controls. We all tend to do this, but let's recognize that it's sloppy thinking. Just two points (the first about the social categories affected, the second about cultural anthropology): 1. The syndrome occurs in all kinds of work environments. In my own personal sphere, which again is non-representative, two of my friends suffer from the syndrome. They're Associated Press reporters in a fancy, white-collar New York office who work on outmoded, non-ergonomic keyboards that are holdovers from AP's early computerization efforts. There's a potentially precedent-setting class action suit wending its way through the courts involving numerous AP reporters who report the syndrome. There are people in their early 30's who can't do simple things without pain, like raising a full cup of coffee to their lips. 2. If you've studied anthropology, you know how hard it is to "see your own kind." All social theorizing has built into it lots of preconceptions we're only minimally aware of. Brinton says he's not aware of reports among his colleagues of CT syndrome; having worked for 2 years in a fast-paced immunology research lab, I would suggest that many hard-driven people choose to ignore substantial pain in pursuit of their goals. (Ever heard about the football player who had his pinkie cut off, rather than submit to a lengthy course of surgery, so he wouldn't have to miss 4 weeks of the season?) Jeremy Barth
Do harp players have low job satisfaction? Are they doing it only for the money? It's probably inaccurate to say that all cashiers/secretaries/etc. are unhappy in their jobs. While these exceptions may not entirely refute your anecdotal evidence, I think a better causal explanation can be found. Even if most people getting CTS are not satisfied with their jobs, you need something that explains why those who are satisfied also develop it. Something involving the type of repetitive movement is probably a more proximate cause of the injury. I wonder if the low incidence of CTS among your computer lab friends is explained by the way they type? Do most programmers touch-type using all ten fingers? Also, how fast do they really type, anyway? I type between 50 and 90, depending on the keyboard. Someone can manage to type fairly quickly (tho' not 90 wpm) using a few fingers, but the TYPE of repetitive movement is different. Also, most computer programmers can't type as quickly when they actually have to compose what they are typing. Some of their time is also spent searching, scanning the text, compiling, munching M&Ms <tm> ... :) -S. — Disclaimer: I am not an attorney, though I do have an opinion on everything. ( simona@panix.com or {apple,cmcl2}!panix!simona )
I didn't expect the reaction that my piece on the relative risks of the physical act of repetitive keyboarding and of the psychological pressure under which many keyboard users must work. Clearly, the risks attributable purely to repetitive keyboarding, improper terminal and chair adjustments, lack of breaks, poor lighting, etc overwhelmingly dominate the issue. While I remain committed to being alert to the effects of stress, I yield to the many thoughtful people who wrote to me and spoke, often sadly, of colleagues and associates who live with chronic pain directly attributable to such work. A few have even been ruled permanently disabled. This is worse than unfortunate, and I fear I misguided myself on the issue. _Brint
Let me then point out another major group of CTS sufferers who are (at least) as highly motivated as any hacker: Cyclists. Especially the ones who also do a lot of keyboard work, but even some who do no keyboard/computer work have been afflicted. [...] Having worked in a similar environment without any ill effects, I was more than dismayed when I started showing the classical symptoms of repetitive motion syndromes after I transferred to computer support. A period of very informal empirical studies (I experimented :-), indicated that the culprit was the type of work, not the system hardware. In essence: Using my SUN workstation as a word processor to enter large amounts of text (on subjects I find interesting and stimulating) is very prone to give me various pains and numbness symptoms in neck, shoulders, arms and hands. Using the same workstation to edit and debug programs is much less fatiguing. I can easily do programming work for a full workday without problems. Just a couple of hours of word processing is enough to give me back all the problems. I started looking at how I work in these two situations and came to the conclusion that the difference is quite large. Entering text I type for long unbroken periods, moving my arms very little. Editing source code (even when entering it the first time), I move about much more. I use the mouse and/or cursor keys to go back and correct an indentation; I copy a chunk of code I'm too lazy to write again; I look at the debugger, resting my chin in my hand while I try to figure what's wrong; I click the "Step" button and stare in disbelief as the program takes the wrong branch in a "switch"; I scratch my head and take a sip of tea. In other words, programming work is much less (physically) monotonous. |> What part does psychological or emotional stress play in the |> development of repetitive-motion disorders? It wouldn't surprise me if the presence of stress hormones in the body aggreviates the problems but my belief is that the nature of the work is much more important. And it is possible that I like programming better than documenting (who doesn't? :-) to the extent where this causes part of the difference for me. But I don't think this accounts for all of it. If it did, why would writing articles for UseNet cause similar pains? Torsten Lif, Ericsson Telecom AB, EO/ETX/TX/ZD, S-126 25 STOCKHOLM, SWEDEN Phone: +46 8 719 4881
I disagree with the theory. I spend a lot of time *sitting* at a keyboard and so do many others here. But we don't spend a lot of time bashing keys with our fingers because we frequently stop to think. I'm sure other computing labs are the same. People like us don't come anywhere near the kind of keystrokes an hour achieved by people doing repetitive keyboarding jobs like copy-typists, data entry clerks etc. If a job requires some tedious keyboarding, we typically have the freedom, knowledge and hardware required to automate it. Mostly people here complain about eyestrain and backache, not carpal tunnel syndrome. I would also caution Mr Cooper that his theory is liable to misinterpretation by those who would like to dismiss such injuries as malingering by people who want to get out of boring jobs. — Claire Jones ccmj@dcs.ed.ac.uk
Please report problems with the web pages to the maintainer