The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 13 Issue 43

Wednesday 22 April 1992


o Subject: Typos? They've been around for centuries!
Cliff Stoll
o Phantom ATM withdrawals
Lord Wodehouse
o Re: Potentially disastrous bug in MacInTax
John Stanley
o Re: Risks of too-subtle April Fools Jokes
Pete Mellor
o Re: Long call wait for London Ambulances
Lord Wodehouse
o A New Species in the Food Chain
Ruth Bork
o Re: FBI and telephones
James Zuchelli
o Re: Telephone Foibles
James Zuchelli
o More on electronic anklet
Brinton Cooper
o Michelangelo - Avoidance report
Klaus Brunnstein
o Congressional Vote & The Electronics Industry
Philip Greenspun via Carl Baltrunas & Cherie Marinelli
o Industrial Strength Formal Methods — Call for Papers
Cliff B Jones
o Info on RISKS (comp.risks)

Typos? They've been around for centuries! (Re: Ellison, RISKS-13.42)

Cliff Stoll <stoll@ocf.Berkeley.EDU>
Mon, 20 Apr 92 20:46:30 -0700
Well, you sure don't need a computer to make typos.

1562 - Geneva bible Matt. v, 9 reads:
       "Blessed are the placemakers: for they shall be called the children
        of God."        ^^^^^^^^^^^  (oughta be peacemakers)

1653 - Cambridge printer screws up I Cor. vi, 9:
       "know ye not that the unrighteous shall inherit the Kingdom of God?

1691 - Barker & Lewis in London printed a bible with the seventh commandment,
        "Thou shalt commit adultery."
       (they were fined 300 pounds and went out of business)

1702 - London firm prints bible with Psalms cxix, 161:
       "Printers have persecuted me"  (should be "Princes..."

1716 - First bible printed in Ireland has John v, 14 as:
       "sin on more" (instead of sin no more)

Things might have improved since then.  But maybe not...

     [No.  Now it would be "Blessed are the pacemakers."  By the way, Pete
     Mellor <> sent in a further collection, not included here,
     but suggested that this subject be moved to rec.humor.  I agree with him.
     No more typos unless really RISKS relevant, e.g., life critical.  PGN]

Phantom ATM withdrawals

Lord Wodehouse <>
21 Apr 92 14:35:00 BST
The state of affairs in the UK with the banks over "phantom" withdrawals from
ATMs is still unresolved. However recently the Abbey National PLC have suffered
a spate of thieves driving up with a JCB and removing completely the ATM from
the branch office. The last one got away with about 60,000 pounds. They strike
at about 4am and they normally have stolen the JCB as well from a local
building site. (By the way any puns made on the basis that the Abbey National
was once a building society are too "awefull" to mention.)

Lord John - The Programming Peer.

Re: Potentially disastrous bug in MacInTax (Knapp, RISKS-13.42)

John Stanley <stanley@skyking.OCE.ORST.EDU>
Mon, 20 Apr 1992 03:20:03 GMT
As a user of another ChipSoft product, I am not surprised.

_TurboTax_ provides absolutely no way to indicate that a distribution from a
retirement plan that was rolled into an IRA, yet is shown as taxable in the
1099's, should not be taxable income, other than changing the data on the 1099.

This is not the more serious error. Unknown codes on the 1099's cause
_TurboTax_ to lose track of income that really should be taxed. There is a
warning notice (shown without the "*" that marks "serious" problems), but none
of the codes that _TurboTax_ DOES know about cause it to handle this
information properly. The only apparent solution is to delete the offending
1099 and enter the numbers in a fake w-2.

Is this a risk of computers, though, or a risk of the overly complex tax codes,
which cause some less than competent accountants to report sales of stock as
"self-employment" income, which TurboTax quite happily calculates
self-employment tax on? Or is it truly a risk of computers, and software
authors who assume that nobody needs anything but codes 1-7 and A-B defined for

Re: Risks of too-subtle April Fools Jokes (RISKS-13.37)

Pete Mellor <>
Tue, 21 Apr 92 13:45:59 BST
One year when April 1st fell on a Sunday, the UK national Sunday paper The
Observer carried a story about a proposed new method of operating London buses
without drivers. Each vehicle would be fitted with a video camera in the cab,
and the images would be relayed to a control centre where, with the aid of a
computer control system, one controller would "drive" up to seven buses
remotely, sitting in front of a bank of monitor screens on which the view of
the road ahead of each bus would be displayed.

I was a bit cross when I got to the end of the article and realised that I had
been taken in. However, having seen some of the serious proposals for
"drive-by-wire" cars, I think that maybe I was being too hard on myself! :-)

Peter Mellor, Centre for Software Reliability, City University, Northampton
Sq., London EC1V 0HB, Tel: +44(0)71-477-8422, JANET:

Re: Long call wait for London Ambulances (Tompsett, RISKS-13.42)

Lord Wodehouse <>
21 Apr 92 14:50:00 BST
One point not made by Brian Tompsett in his contribution was the problem of a
single event generating multiple calls. The controller stated that often a
single accident in central London could generate 30 calls to the control room.
Each one of these needed to be screened, as until this is done, no one can know
if the call is new or old. With eleven staff on duty, it is no surprise that
the system fails to cope, as the operator must stay connected to the caller
until it is confirmed that an ambulance has been despatched to the scene. With
this sort of system, any problem can quickly overcome the reserves in the
system and thus leave the new callers "trapped" talking to the BT operator, who
is listening to the recorded message.

The computer system should allow for faster despatch, but again the problem is
the number of vehicles available at the time. The solution of many more
operators does not solve the problem when costs are constrained, so what is
needed is a method of clearing through the calls fast to get rid of the
duplicates. I am aware of this myself, having recently called the Fire service,
having seen a car on fire, and not been the first caller. However I needed to
call, because I could not tell if anyone else had reported the problem, and I
did not want to ignore it in case everyone else had ignored it too.

Lord John - The Programming Peer.

A New Species in the Food Chain

Mon, 20 Apr 1992 22:11 EST
Many risks, and in such a short announcement; I quote from our local Johnnie's
Foodmaster grocery-chain store advertisement:

  Charlestown, MA (April 27th, 1992)--Foodmaster Supermarkets is pleased to
  announce a new electronic payment system to be used for making purchases at
  three Foodmaster stores.

  Foodmaster is excited to be the first in the area to offer this new service
  to its customers.  Any customer who has a Yankee 24(R), BayBank or X-Press
  24(R) [ATM] Card can utilize this system.  The customer at the point of
  checkout simply passes their card through the magnetic reader located at the
  checkout and punches in their secret I.D. number and the transaction is
  automatically processed.

  Foodmaster is pleased to be working in conjunction with Yankee 24, BayBank and
  Manta Systems, a division of BUYPASS [a sad play upon words].  This new
  service will be available in...stores in the month of April."

Although the language carefully and slightly hints otherwise, I assume the
service is optional (or perhaps the copy writer is prophetic).  The usual
obvious risks apply, such as PIN protection (both external and internal), sale
to others of both the customers' names and/or their buying-habits and multi-
bank information (remember the Denver supermarket note a few RISKS issues
back?), etc.  However, there is now a new twist: banks, _never_ tiring of
riding herd on their yet-to-succeed debit-card pursuits, are now putting this
pressure on with attractions via one of the consumer's most vulnerable
points, viz., the basic staple of food.  I wonder if supermarket check-cashing
will shortly become more "complicated"....

Ruth Bork                  OHS@NUHUB.ACS.NORTHEASTERN.EDU

Re: FBI and telephones (RISKS-13.41)

Tri-Valley Macintosh Users Group,UG <>
20 Apr 92 08:16 GMT
It seems rather frightening that the FBI needs to be able to monitor the
telephone conversations of any individual in the nation at any time.  In their
zeal to protect us from criminals they seem to be intent on being able to snoop
without warrant or reason.

Further, from my reading of the bill, encrypted messages could be included in
the list of forbidden technology.  Wouldn't this please the NSA?

Has the FBI done any type of study that shows there is a wholesale use of the
telephone system by criminals or is this merely a smoke screen to enable the
federal police to have the ability to monitor any individual or group at any

What happens when non-governmental persons learn of the access techniques.  If
the entire nation's phone system is set up so it can be tapped, then no
conversation can be considered secure.

This proposed law sounds like a terrible abuse of power by the FBI. Until they
can show some valid reason for having the ability to tap every conversation in
the country this bill should be tabled.

Furthermore, from what I have read over the years, the equipment is already
available to enable the government to tap any phone anywhere whenever they want
                                  James Zuchelli

Re: Telephone Foibles

Tri-Valley Macintosh Users Group,UG <>
20 Apr 92 08:04 GMT
The alternate phone company was located in Texas.  They assumed that it was
toll fraud call and credited me for the calls.  Michigan Bell said that my
local phone company (Pacific Bell) would have to investigate if it was a
fraudulent call.  Pacific Bell said they wouldn't do anything about it.

I got the number where the calls were billed from, from the alternate carrier
and tried to call it, but the call would not go through.  A Michigan Bell
operator said the phone booth was set up to only send calls out, no incoming
calls would be accepted.  She said that *** a nationally known company is
located in Ada and one of their employees probably made the call, but offered
no explanation as to why someone who might have stolen my card number would
only make two calls.

When I pointed out that public phones that won't take incoming calls are
usually located in high crime areas, the operator seemed surprised.  I got the
feeling that there are a lot of fraudulent calls made from Ada.

If I ever can find out exactly what happened I will relay the info to Risks
                                  James Zuchelli

More on electronic anklet (Re: RISKS-13.38)

Brinton Cooper <abc@BRL.MIL>
Thu, 16 Apr 92 0:14:54 EDT
Subtitled: Risks of Quote without Comment

RISKS-13.38 quotes AP from Paterson, NJ, that a drug offender under house
arrest killed another man after a computer error enabled him to break his
electronic anklet and leave the house.  The risk in such a posting, without
some sort of qualifying comment is to seem to endorse the notion that society
should not use electronic, computer-controlled house arrest systems because the
"prisoners" can break away and commit murder.

At some point in our evolving history, we need hard information (hard to
come by?) comparing the risks to society of electronic house arrest vs

    1. having to set some prisoners free because the jails are full;

    2. cramming more prisoners into fixed-size jails, thus ensuring their
           everlasting rage and resentment, fixing forever what mental ills
           brought them there in the first place so that, when they finally
           serve their sentences, they'll kill someone with probability one;

    3. taxing law-abiding citizens ever more heavily to build more jails to
           house the criminals, thus increasing everyone's resentment levels,
           pushing more "over the edge," creating yet more criminals.

If our interest in the failure of electronic house arrest monitors is purely
scientific/technical, if such postings are made only so that we can discuss how
to make such systems more robust and less susceptible to overload, then, once
in a while someone should say so.

Well, I may have overreacted, but I think it needed to be said.


Michelangelo - Avoidance report

Klaus Brunnstein <>
8 Mar 92 13:27 +0100
                             [An old item.  I meant to run it sooner, when
                             it was timely, but it is still relevant.  PGN]

In Germany, early warnings and high press activity helped to avoid data loss
on March 6, 1992. From the German CERT's (Computer Emergency Response Teams,
as installed by German Information Security Agency, GISA, similar to US centers
as organised by CMU), including MicroBIT Virus Center, Technical University
of Karlsruhe (Christoph Fischer), Virus Test Center, University of Hamburg
and GISA itself, the following figures have been given:

    - Between Jan.1st and March 5, 1992, about 1,000 cases of Michelangelo
      had been reported to one of the centers. Roughly estimated, about one
      third each came from individuals, small enterprises and medium to larger
      enterprises. As a rough estimate, these 1,000 reports (mostly via
      telephone asking for advice after detection) represent about 5-10,000

    - On March 5, 1992, the first accident was reported to VTC; a local
      enterprise followed some press advice to change the date. In order to
      avoid March 6 the next day, they changed the date to March 6 at afternoon
      of March 5, evidently without checking for Michelangelo. After some reset,
      Michelangelo hit one PC. Moreover, there were rumors that some PCs had
      suffered from Michelangelo as Feb.29 1992 was not available on their PCs.

    - On March 6, 1992, about 50 cases were reported in the 3 centers; apart
      from individuals, small enterprises called but no large ones. This low
      figure may be slightly too low as telephone lines were busy most of the
      time with media asking for recent data; in VTC, we had even a TV team
      waiting for accident reports to come in.

>From the media point ov view, the warning was inadequate as nothing happened.
This view was assisted by some "experts" such as Chaos Computer Club that the
press reports and warnings were essentially advertisements for Hannover fair's
next week beginning CeBit (world's largest exhibition in IT), and to assist
antivirus industry. CCC's representative Mr. Steffen Wernery even argued that
the virus should not been named "Michelangelo" but after one warner (myself),
and that the only 100 viruses (sic; in VTCs database, we presently have 1,200
viruses) are no real danger!

>From the warner's point of view, the warning was successful as it probably
avoided accidents. But as is usual since ancient times, the messenger is
punished for the warnings - I was even asked whether I received more
invitations for lectures etc (I did not).

After we first informed the public (German press agency, DPA, end-of-January),
VTC received more than 6,000 telephone calls (as recorded by university
telephone computer), most of them asking for general antivirus advice.

MicroBIT (Christoph Fischer) and VTC both (Morton Swimmer) produced and
distributed (free-of-charge) special aNTI-MICHelangelo programs easy to use
which also detect and diagnose possible variations of date (not yet detected).
When we informed the public (via DPA etc) about availability of NTIMICH (on
Friday 21, 1992), we received about 18,000 diskettes with prepared envelopes.
My students copied 14,000 diskettes (they even found viruses on some diskette
sent, esp. Stoned, Michelangelo), the rest being copied and distributed by
Siemens-Nixdorf (SNI) which kindly assisted us. All diskettes were sent back
until Wednesday March 4, 1992. Moreover, NTIMICH was available from FTP,
mailboxes, BTX and even from some radio/TV stations. In addition, a German TV
magazine (1st channel: WISO, specialized in economic and social features) dis
tributed 100,000 copies of McAfee's Scan at low price (2 DM) via consumer
organisation's offices.

As a SUMMARY, this was probably the first time that many users and enterprises
had prepared some data backup and practices some antivirus methods.
Consequently, many other virus (Stoned, Cascade/170x, Jerusalem/Isreali/Friday
13) were also detected and eradicated. Moreover, public attention was drawn to
inherent insecurity of PCs.

Some CONSEQUENCES will follow: some users who bought PCs with installed
Michelangelo or on some diskettes (mouse, VGA drivers etc) think of prosecuting
the resp. dealers. Some PC dealers (and hopefully some software houses) have
installed improved methods of quality (e.g. virus testing on golden master).

Many now ask for improved LEGISLATION to prosecute virus authors. This will be
very difficult as those countries with presently most productive virus
factories (Bulgaria, Taiwan, Former Soviet Union) lack any legislation about
copyrights or computer criminal acts. For US and European prosecutors, it will
be impossible to prosecute the (probably Taiwanese) authors of the original
Michelangelo virus (detected in Australia 1990, with a text on Michelangelo's
birthdate replacing the usual Stoned text) or those (probably European) authors
which updated the original version not to contain any detectable text (this
version now found in Europe, USA and Africa was detected in March 1991 in
Sweden and Netherland; both countries have no adequate legislation).

Klaus Brunnstein, University of Hamburg, March 8, 1992 (13:00 pm German time)

Congressional Vote & The Electronics Industry

Carl Baltrunas & Cherie Marinelli 1.5v4 <>
Sat, 18 Apr 92 03:42:26 PDT
I had this article forwarded to me and since I had not seen anything in RISKS
about this particular congressional vote, I thought it might be of interest to
other risks readers.  -Carl

        ------- Forwarded Article from

Date: 17 Apr 92 19:32:31 GMT
From: (Philip Greenspun)
Subject: US Congress votes to subsidize Japanese electronics industry
Message-ID: <>

In the decades to come, every American computer user who purchases floppy disks
will pay a tax.  Most of the money collected will go to record companies owned
by foreigners, notably Sony, Philips and Matsushita.  Congress, after receiving
substantial campaign contributions from the recording industry, has decided
that Americans are criminals who don't want to pay for CDs.  Therefore digital
audio media such as DAT tapes and writable optical disks will be taxed and the
money handed over to record companies and artists.  Just as consumer DAT and
8mm video tape have become the standard high-capacity backup media for
workstations/minis, it is likely that writable optical digital audio disks will
replace today's magnetic floppy disks.  Sony and Matsushita own two of the
largest record companies in the US and would get the most money from this bill.
Two years from now, every time American users of IBM computers make a backup,
they'll be paying a tax to help out IBM's Japanese competitors.

Additional reasons to dislike this bill are varied.  It will be illegal to sell
consumer digital audio recorders in the US that can make digital-to-digital
copies after one generation.  You'll pay a tax on your shiny new Japanese
machine, you'll pay a tax on the tape and when you try to assemble a recording
of your own music, all you'll get is a big flashing "you are a criminal sign."
You'll have to spend $5,000 on a "professional" machine in order to gain any
real benefit from the new products.  Congress is creating a new government
bureaucracy to administer the tax collection from Americans and subsequent
distribution to foreign-owned record companies.  Manufacturing digital audio
equipment will now require hiring a lawyer to wade through over one hundred
pages of legal requirements and technical specifications, thus hindering small
American companies in competing with large foreign ones.  Finally, now one
seems to have considered whether this will "promote the progress of the arts",
which is the constitutional justification for expanding copyright.  Since the
money is distributed linearly according to sales, only the biggest record
companies and most popular stars will get any significant money.

You can stop this bill from passing.  Congress is sticking it to us because the
recording industry paid them and they don't think anyone will notice.  CSPAN
and most newspapers haven't covered this issue at all because the bill has
dozens of co-sponsors and is therefore considered non-controversial.  If a
Congressman gets even a few letters regarding this bill, which he's probably
hardly thought about at all, it might be enough to make him think that
subsidizing Japanese computer vendors isn't such a great idea.  The bill is
going to be voted on in about two weeks.  It is called the "Audio Home
Recording Act of 1991" and is S-1623 in the Senate and HR-3204 in the House.
You can write to your elected representatives this way:

Senator Foo Bar
The Capitol
Washington, DC 20510

Representative Foo Bar
The Capitol
Washington, DC 20515

If you want any more information, please feel free to contact me
(  I testified before the relevant Senate
subcommittee last Fall as the "nerd witness from MIT."

       ------- End of Forwarded Article from

PS: I make NO claim for the accuracy of this article. Please contact the
    author as listed in the mail header for more information.   -Carl

Carl A Baltrunas - Catalyst Art      Cherie Marinelli - Bijoux
Internet:, carl@udwarf.UUCP

UUCP: uunet!oliveb!tymix!udwarf!{carl or cherie}

   [I include this in RISKS with some trepidation.  Recognizing that RISKS is a
   truly international medium and that this message is quite nationalistic, I
   anticipate some other opinions — although I would like to see them primarily
   on the potential impact on computer usage (not on the Japanese competition
   issue or whether to feed the artists, which are well beyond the scope of
   RISKS).  PGN]

Industrial Strength Formal Methods — Call for Papers

Cliff B Jones <>
Mon, 20 Apr 92 13:06:45 BST
                         FME '93 SYMPOSIUM

                 Sponsored by the Commission of the
                     European Communities (CEC)
                 Organised by Formal Methods Europe

The first FME Symposium will be held at Odense Technical College in Denmark,
during the week of 19 to 23 April, 1993. It is being organised by Formal
Methods Europe, as the successor to the last four VDM symposia, to promote the
interests of users, researchers and developers of precise mathematical methods
in program development.

The last few years have borne witness to the remarkable diversity of formal
methods, with applications to sequential and concurrent software, to real-time
and reactive systems, and to hardware design.  In that time, many theoretical
problems have been tackled and solved, and many continue to be worked upon.
Yet it is by the suitability of their industrial application and the extent of
their usage that formal methods will ultimately be judged.  This symposium will
focus on the application of industrial-strength formal methods.  We encourage
all papers to address the difficulties of scaling their techniques up to
industrial-sized problems, and of their suitability in the work-place.  Papers
should discuss techniques that are formal (that is, they have a mathematical
basis), and that are industrially applicable.  Papers tackling theoretical
issues are much encouraged, providing that they contain a justification of the
practical advantages that follow.

Full-length research papers, industrial reports, proposals for tutorials and
tool demonstrations are solicited, particularly in the following areas:

 * Practical use                  * Case studies
 * Tools                          * Linking formal and informal methods
 * Comparisons of formal methods  * Proof
 * Concurrency                    * Real-time and reactive systems
 * Refinement techniques          * Object orientation
 * Secure systems                 * Safety-critical systems
 * The development process        * Education and technology transfer

1 October 1992: Submissions
    - Full, original research papers (6 copies, 12pt, single spaced, max 20pp)
    - Industrial usage reports (6 copies, 12pt, single spaced, maximum 10pp)
    - Proposals for tutorials (half day, maximum 50pp of notes)
    - Proposals for tool demonstrations (with hardware/software requirements)

   Proposals for tools demonstrations should be send to the
   organising chairman, while all other proposals should be send
   to the programme chairman. Industrial usage reports do not
   need to conform to usual standards for academic papers.

1 December 1992: Notification of acceptance

1 February 1993: Camera-ready copy due for publishers

     Programme Chairman                Organising Chairman
     Jim C.P. Woodcock,                Peter Gorm Larsen,
     Oxford University                 The Institute of Applied
     Computing Laboratory,             Computer Science (IFAD),
     Programming Research Group        Forskerparken 10,
     11 Keble Road,                    DK-5230 Odense M
     Oxford  OX1 3QD, UK               Denmark
     tel: +44 865 272576               tel: +45 65 93 23 00
     fax: +44 865 273839               fax: +45 65 93 29 99
     email:          email:

                 Executive Programme Committee

   J.-R. Abrial (F)     Tim Denvir (GB)    Eugene Durr (NL)
   Ian Hayes (AUS)      Steve King (GB)    Hans Langmaack (D)
   Micheal Mac an Airchinnigh (IRL)        Kees Middelburg (NL)
   Soren Prehn (DK)     Hans Toetenel (NL)

Please report problems with the web pages to the maintainer