The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 13 Issue 45

Tuesday 28 April 1992


o Software observing daylight savings time when it *shouldn't*
Mike Morton
o Is it getting too easy? (Spreadsheetology)
Robert Slade
o IEEE/CS Workshop on Ethical Standards for the Profession
Jim Horning
o FBI and Mailing Lists
Mary Culnan
o Re: Voice mail security
Dan Wing
o Re: Tracking by cellular phone
John Karabaic
Phillip. D. Brown
o COMPASS '92: Conference on Computer Assurance
Laura Ippolito
o Info on RISKS (comp.risks)

Software observing daylight savings time when it *shouldn't*

Mike Morton <>
Tue, 28 Apr 92 10:45:47 HST
From the Honolulu Star-Bulletin's "Streetwise" column, 27 April 1992:

Time change leaves stoplights out of sync (By David Oshiro)

Here's a story on how the clever machines that run our lives are sometimes too

Three weeks ago, most of the mainland switched to daylight savings time.
Unbeknown to city transportation officials here, a microchip controlling
traffic signals on Kalanianaole Highway contained a program written on the
mainland that contained an automatic conversion to daylight-saving [sic] time.

So, *voila*!  On Monday, April 6, the timing for peak traffic hours kicked in
an hour earlier, throwing signals off.  Signals that were changing in
200-second cycles began to change in 185-second cycles.

It was only a 15-second difference, and it only lasted an hour, but that was
enough to mess up morning rush-hour traffic [which is pretty bad on this

City workers, however, were able to figure out the problem and fix it that day.

A city transportation official said that there was no easy way to test that
chip in advance, to see it [sic] would have worked properly when the switch to
daylight-saving time occurred.
                                   Mike Morton  <>

Is it getting too easy? (Spreadsheetology)

Robert Slade <>
Mon, 27 Apr 1992 20:52:50 GMT
This past week I was at a Microsoft Technical Seminar (read "boasting session")
and saw an interesting promotional piece.  Although longer than a normal ad, I
suspect it is planned to use the "playlet" for some kind of media presentation.
The "plot" is that Microsoft's Excel spreadsheet is so easy to use, and has so
many "labour saving" features that two dolts who have forgotten to put together
their presentation are able to do so in a one minute elevator ride to
"executive territory".

Other than stylistic aids, the primary function promoted is an "extension"
function which will "forecast trends".  With so much spreadsheet use being
devoted to business plans and cash flow projections, the attraction of such a
function is obvious.

However, the ad immediately triggered an alarm.  The feature is introduced, in
the ad, by the fact that the executive "wants to see ten percent growth".  The
original figure is $1000, so the user fills in the next column as $1100.  No
problem.  Then the extension feature is brought into play, and I mentally
follow along with the arithmetic.  The next column should say $1210.  But the
spreadsheet fills in $1200.  The fourth column should be $1331, but instead is
filled in as $1300.  Ah, to the numerate person, the reason is obvious: the
function is not a geometric "ten percent growth" but an arithmetic adding of an
additional hundred dollars each time.

To the numerate person, obvious.  To the general public?  How many of the
"average" business computer users would even notice?

The RISK of this particular choice of "extension" algorithm might not be all
that important.  However, it points out the increasing addition of "aids" in
computerized systems, and the need to note carefully the use that the using
audience is likely to put those aids to.  Business computer users, in my
experience, tend to want to think in "percentage" figures (eg. annual growth).
A simple "adding" function for forecasting will not give them the "correct"
answer appropriate to their mental model.

Small though this RISK might be in this instance, we have seen this same
principal at work in situations with much higher stakes.

IEEE/CS Workshop on Ethical Standards for the Profession

Mon, 27 Apr 92 17:47:20 -0700
This workshop is discussed at length in the April issue of COMPUTER, pp. 76-78.
I don't recall seeing it on RISKS, although the general topic has certainly had
its share of discussion and flame in the past.
                                                         Jim H.

FBI and Mailing Lists

Mon, 27 Apr 1992 19:42 EDT
The 20 April 1992 issue of DM News, a direct marketing trade publication,
reports that within the past two weeks, Metromail and Donnelly Marketing (two
of the very largest mailing list companies) were approached by the FBI which is
seeking mailing lists for use in investigations.  Other mailing list firms also
received feelers according to the story. "Neither of the identified firms would
discuss details, but one source familiar with the effort said the FBI
apparently is seeking access to a compiled consumer database for investigatory

"The FBI agents showed 'detailed awareness' of the products they were seeking,
and claimed to have already worked with several mailing list companies,
according to the source."

Metromail, according to the article, has been supplying the FBI with its
MetroNet address lookup service for two years.  The FBI said that the database
is used to confirm addresses of people the FBI needs to locate for an

This marks the first time since the IRS tried to buy mailing lists in 1984 that
a government agency has attempted to use mailing lists for enforcement

In a separate but related story in the April 24 issue of the Friday Report, a
direct marketing newsletter, the RBOC's are teaming up with other firms to
develop white page directories on CD-ROM.  For example, US West has a joint
venture with PhoneDisc USA of Marblehead, Ma.  The article states that the
company offers lists failing mailing list enhancements to law enforcement
agencies.  [NOTE: an enhanced list means the names and addresses were matched
with a marketing database and additional demographic information was added to
the list from the marketing database].

Mary Culnan, School of Business Administration, Georgetown University

Re: Voice mail security (Dickson, RISKS-13.44)

Dan Wing <>
27 Apr 1992 21:25:31 -0600 (MDT)
>Are call loggers a problem when you give your password to a mail retreival
>system form a hotel or an office.  Is there a hacker market for this info?
>Finally how prevelant is this problem in various parts of the world?

Many hotels detail your phone bill and include the phone numbers you called
during your stay.  How often does the hotel phone system capture your
MCI/Sprint/AT&T calling-card number (which you touch-toned into the MCI,
Sprint, or AT&T computer), too?

I can easily change the PIN on my voice-mail system; changing the PIN on my
calling card requires a call to the long-distance carrier, and possibly a new
card - something the long-distance carrier isn't going to want to do too often.

 Systems Programmer, University Hospital, Denver

Re: Tracking by cellular phone (Kush, RISKS-13.44)

Tue, 28 Apr 92 16:10:47 EDT
I had the same experience myself recently.  But, in addition to instructions,
it was also a telemarketing call by the local carrier!  Since I use my cellular
phone as a contact line for technical support and am always expecting calls (I
subscribe to a nationwide switching service), I was rather angry that they used
my time on the line like that.  Especially since it was during a driving
rainstorm while I was on the Interstate in the hills of northern Kentucky!  I
called *611 and told the person on the line to get me off whatever list I was
on to get this unnecessary greeting and unwanted telemarketing.  I haven't been
bothered since, but I don't know if my call got me off any "list".

John S. Karabaic, Systems Engineer,, 513 792 5904
NeXT Computer, Inc.; 4434 Carver Woods Dr.;  Cincinnati, OH 45242

Re: Tracking by Cellular Phone (Kush, RISKS-13.44)

28 Apr 92 15:29:00 UT
Not only *could* the cellular phone company track one's movement "all over the
country" (although with great difficulty and expense using today's switches),
it is an active industry goal for the next generation of technology.  "Call
Delivery" — making your phone ring when someone dials your number, regardless
of your geographic location and serving carrier of the moment — is an integral
part of the standard being developed for interswitch communication (EIA/TIA
IS-41).  It is also seen as a key to making Personal Communication Networks
(PCN) work.

What happened to you in Georgia is the result of a feature known as "autonomous
registration", by which the serving switch instructs a mobile unit to register
(i.e. transmit its identity information including mobile phone number and
serial number) as soon as radio contact is established (as indicated on the
mobile's handset display by the "service light" or "service bars").  When the
system detected you were a roamer, it placed a call to your phone and played
the recorded greeting for your edification (although I don't know BellSouth's
policy, it is quite unlikely you were charged for this call).

Furthermore, Automatic Vehicle Location (AVL) services are also seen as highly
desirable by a significant subgroup of wireless communication users (truckers
and victims of car thieves come immediately to mind).  There are companies that
claim to be able to determine the position of a mobile unit in a cell site to
within 100 feet using only the received 800 MHz radio signal, but the
technology is unreliable and expensive.  The more popular solution is to marry
a Global Positioning System (GPS) receiver to a cellular phone or other
wireless terminal, but this is both proprietary and also expensive.

As long as the user retains the ability to "disappear" by turning the phone
off, I see the benefit as outweighing the risk in this form of network
tracking.  I squirm a lot more when I read about "beacons" placed in every car
for automatic toll collection and vehicle monitoring, because these specialized
systems exist solely for the purpose of tracking and accounting (NOTE: does
anyone really expect there to be an "off" switch on such a device?).  It's one
thing to choose to be tracked, and quite another to have an "Eye in the Sky"
checking up on you...

Phil Brown, Project Engineer, GTE Mobile Communications
Internet address:

COMPASS '92: Conference on Computer Assurance

Laura Ippolito <>
Fri, 24 Apr 92 09:20:30 EDT
                       First Announcement
    Systems Integrity, Software Safety, and Process Security

                        June 15-18, 1992
                        Gaithersburg, Md.

         National Institute of Standards and Technology
                   Technology Administration
                   U.S. Department of Commerce

Department of Defense Approval: "In reviewing the Institute for Electrical and
Electronics Engineer's Plans for COMPASS '92, the Assistant Secretary of
Defense (Public Affairs) finds this event meets the standards for participation
by DoD personnel under instruction 5410.20 and DoD Standards of Conduct
Directive 5500.7.  This finding does not constitute endorsement of attendance
which must be determined by each DoD component."

Compass             IEEE Aerospace and Electronic Systems Society
Sponsors            IEEE National Capital Area Council

In cooperation with The British Computer Society

Conference Sponsors: ARINC Research Corporation, Computer Sciences Corporation
  Control Systems Analysis, Department of Defense, George Mason University
  Logicon, Inc., National Institute of Standards and Technology,
  Naval Research Laboratory, Naval Surface Warfare Center
  Research Triangle Institute, Systems Safety Society, TRW Systems Division

Program Committee:
  Paul Ammann, George Mason University
  Greg Chisholm, Argonne National Laboratory
  John Dobson, University of Newcastle Upon Tyne
  Frank Houston, Food and Drug Administration
  William S. Junk, University of Idaho
  John Knight, University of Virginia
  D. Richard Kuhn, NIST
  John McDermid, University of York
  John McHugh, University of North Carolina
  Gerry Masson, Johns Hopkins University
  Reginald Meeson, Institute for Defense Analyses
  Andrew Moore, Naval Research Laboratory
  Matthew Morgenstern, Xerox Advanced Information Technology
  Jim Purtilo, University of Maryland
  Edgar H. Sibley, George Mason University
  Tony Zawilski, The Mitre Corporation


A principal agency of the Department of Commerce's Technology Administration,
NIST has as its mission to strengthen U.S.  industry's competitiveness, advance
science, and improve public health, safety, and the environment.

NIST conducts basic and applied research in the physical sciences and
engineering, developing measurement techniques, test methods, standards, and
related services. The Institute does generic and precompetitive research and
development work on new advanced technologies.

NIST researchers work at the frontiers of science and technology in such areas
as chemical science and technology, physics, materials science and engineering,
electronics and electrical engineering, manufacturing engineering, computer
systems, building technology and fire safety, and computing and applied


The Institute of Electrical and Electronics Engineers is the world's largest
technical professional society. Founded in 1884 by a handful of practitioners
of the new electrical engineering discipline, today's Institute is comprised of
more than 320,000 members who conduct and participate in its activities in 147
countries. The men and women of the IEEE are the technical and scientific
professionals making the revolutionary engineering advances which are reshaping
our world today.

The technical objectives of the IEEE focus on advancing the theory and practice
of electrical, electronics and computer engineering and computer science. To
realize these objectives, the IEEE sponsors technical conferences, symposia and
local meetings worldwide; publishes nearly 25% of the world's technical papers
in electrical, electronics and computer engineering; and provides educational
programs to keep its members' knowledge and expertise state-of-the-art. The
purpose of all these activities is two fold: To enhance the quality of life for
all peoples through improved public awareness of the influences and
applications of its technologies; and, to advance the standing of the
engineering profession and its members.

The IEEE, through its members, provides leadership in areas ranging from
aerospace, computers and communications to biomedical technology, electric
power and consumer electronics. For the latest research and innovations in the
many diverse fields of electrical and electronics engineering, industry and
individuals look to the IEEE.

                  COMPASS '92  June 15-18, 1992
                      About the Conference

COMPASS is an acronym formed from COMPuter ASSurance, the subject of this
conference, the seventh of a series that began with COMPASS '86. According to
its charter, "The purpose of COMPASS is to advance the theory and practice of
critical systems through the medium of scientific and engineering meetings and
publications. The organization, under the IEEE, is dedicated to the study of
critical systems, especially those using digital computers or other new

Critical systems are defined as systems whose failure could cause injury, loss
of life, or significant property loss or damage. Such failures may be failures
of commission, doing what should not be done, or of omission, not doing what
should be done. Critical systems have failed in the past. Radiation therapy
machines have killed cancer patients; industrial robots have killed workers;
spacecraft have been destroyed; and, hackers have vandalized and/or stolen from
information systems. The goal of COMPASS is to find and publicize ways to
prevent unacceptable failures of critical systems.

COMPASS expresses the idea of "Pointing the Way" and of "encompassing" many
technologies and technical disciplines. The logo, a variation of yin-yang
overlaying a compass rose, symbolizes both of these ideas.

COMPASS '92 has adopted the slogan "Building The Right System, Right." This
expresses the need for the developers of critical systems to rigorously define
the right requirements and ensure that they are satisfied, resulting in systems
that function as intended.

The sponsors and organizers of COMPASS encourage you to participate in future
COMPASS activities. Contact any member of the conference committee or the
conference board for more information.

Conference Committee
  Board of Directors Chair: Dolores R. Wallace, NIST
  General Chair: Robert Ayers, ARINC Research Corporation
  Program Chair: Edgar H. Sibley, George Mason University
  Local Arrangements: Laura M. Ippolito, NIST
  Publications: Julie Langston, Computer Sciences Corporation
  Publicity: Paul Anderson, Space & Naval Warfare Systems Command Division
  Registration: Judy Bramlage, General Accounting Office
  Treasurer: Bonnie Danner, TRW Systems Division
  Tutorials: Michael Brown, Naval Surface Warfare Center

COMPASS '92, Monday, 15 June 1992

9:00 a.m.  Tutorial 1: "Approaches to Developing Safety-Critical Software"

  Stephen S. Cha, Charles H. Lavine, and Jeffery C. Thomas, Aerospace
  Corporation, El Segundo, Ca.

  This tutorial surveys various software safety techniques proposed in
  literature or currently in practice. Following an introduction to software
  safety concepts, several industrial software development examples will be
  examined. The tutorial concludes with a discussion on formal methods and
  future research directions.

12:45 p.m.     Lunch

2:00 p.m.      Tutorial 2: "Interlocks-A Safety Engineering Tool"

  Phil Sedgwick, Control Systems Analysis, Newport, RI

  This tutorial introduces INTERLOCKS, a methodology and PC-based tool, that
  graphically describes and simulates the operation of computer system
  controls.  INTERLOCKS, in use by the DoD, employs a graphic language familiar
  to hardware and software engineers-simple AND and OR logic. The result for
  safety engineers is an INTERLOCKS network that models and simulates the
  hardware, software, and operator events that are prerequisite to critical
  function initiation.

COMPASS '92, Tuesday, 16 June 1992

9:00 a.m.  Opening Remarks, Conference General Chair: Robert Ayers, ARINC
           Research Corporation, Annapolis, MD.

9:15 a.m.  The Technical Program, Program Committee Chair: Edgar H. Sibley,
           GMU, Fairfax, VA.

9:30 a.m.  Keynote Speaker, John Rushby, SRI International, Menlo Park, CA.
           "What Really Goes Wrong, And What Might Fix It?"

11:00 a.m. Session 1 Verification
           Chair: Andrew Moore, Naval Research Laboratory, Washington, D.C.

  "Using Z Specifications in Category Partition Testing", Nina Amla and Paul
  Ammann, George Mason University, Fairfax, VA.

  "Verification of Numerical Programs Using Penelope/Ariel", Sanjiva Prasad,
  ORA Corporation, Ithaca, N.Y.

  "Modular Verification of Ada Library Units", Carla Marceau and Wolfgang
  Polak, ORA Corporation, Ithaca, N.Y.

12:45 p.m.     Lunch

2:00 p.m.  Session 2 Security, Chair: Paul Ammann, George Mason University

  "A Probabilistic Approach to Assurance of Database Design", Lucian Russell,
  Argonne National Laboratory, Argonne, Ill.

  "Formal Security Specifications for Open Distributed Systems", Sead Muftik,
  DSV Dept., Stockholm University, Sweden and Univ. of Sarajevo, Yugoslavia

  "A Formal Approach for Security Evaluation", John A. McDermid and Qi Shi,
  University of York, UK

4:00 p.m.  Debate: Resolved: "Certain Safety-Critical Systems Should Not Be
           Computerized".  Moderated by John Knight, University of VA

5:30 p.m.  Close of Daytime Activities

7:00 p.m.  Birds of a Feather Session, Marriott

COMPASS '92, Wednesday, 17 June 1992

9:00 a.m.  Keynote Speaker, Ted Ralston, Ralston Research Associates, Tacoma,
           WA, "Preliminary Report on the International Study on Industrial
           Experience with Formal Methods"

10:30 a.m.     Panel 1 Formal Methods in Industry

  .., Naval Research Laboratory, Washington, D.C.
  Leo Beltracchi, United States Regulatory Commission, Washington, D.C.

12:45 p.m.     Lunch

2:00 p.m.  Session 3 Safety, Chair: M. Frank Houston, Food and Drug Admin.,
           Rockville, Md.

  "Efficient Response Time Bound Analysis of Real-Time Rule-Based Systems",
   Albert Mo Kim Cheng and Chia-Hung Chen, University of Houston, Houston, TX

  "The Use of Ada PDL as the Basis for Validating a System Specified by Control
  Flow Logic", Richard B. Mead, ARINC Research Corporation, Annapolis, MD.

  One further paper to be selected

4:00 p.m.  Panel 2 Software Safety and Economics, Chair: J. Bret Michael,
           George Mason University, Fairfax, VA.

  Stephen Fortier, Intermetrics, McLean, VA.
  William S. Junk, University of Idaho
  Edward A. Addy, Logicon, Inc., Dahlgren, VA.
  John McHugh, University of North Carolina, Chapel Hill, N.C.

5:30 p.m.      Close of Daytime Activities

6:30 p.m.      Banquet with Dinner Speaker, Marriott

COMPASS '92, Thursday, 18 June 1992

9:00 a.m.  Session 4 Processes, Chair: Reginald Meeson, IDA

  "A Review of Computer Controlled Systems Safety and Quality Assurance
  Concerns for Acquisition Managers", John R. Friend, U.S. Navy, Polaris
  Missile Facility, Charleston, S.C.

  "An Analysis of Selected Software Safety Standards", Dolores Wallace, D.
  Richard Kuhn, and Laura Ippolito, NIST, Gaithersburg, Md.

  "A Process Representation Experiment Using MVP-L", Carol Diane Klinger,
  Melissa Neviaser, and Ann Marmor-Squires, TRW, Fairfax, Va.; Christopher M.
  Lott and H. Dieter Rombach, University of Maryland, College Park, Md.

11:00 a.m.  Panel 3 Software in Trial - Liability and Other
            Legal Issues (A Dramatization)

  Moderator: Michael S. Nash, Esq., IDA, Alexandria, VA

  Jay T. Westermeier, Fenwick and West, Washington, D.C., For the Plaintiff
  To be selected, For the Defendant
  Richard L. Wexelblat, IDA, Alexandria, Va., As Expert Witness
  To be selected, Insurer
  To be selected, Harried Software Developer/Programmer

12:45 p.m.     Lunch

2:00 p.m.      Session 5 Software Safety Standards

  "IEEE P-1228: Latest Status", Cindy Wright, DISA, Tysons Corner, Va.

  "IEC65A, WG9 and WG10 — System and Software Safety Standards for
  Programmable Electronic Systems", Victor Maggioli, DuPont, Newark, Del.

3:30 p.m.      Awards and Closing Ceremony

4:00 p.m.      Conference Closing

NIST is located in Gaithersburg, Md., approximately 25 miles northwest of
Washington, D.C. The meeting will be held in the Green Auditorium of the
Administration Building.

Social Functions: A banquet with a cash bar and banquet speaker will
  be held at the Gaithersburg Marriott on Wednesday, June 17.

Transportation: BWI Limo, 301/441-2345, offers commercial van service from
Baltimore-Washington Airport to the Gaithersburg area. Call for reservations.

  Airport Transfer Van Service, 301/948-4515, is available from Dulles
  International and Washington National Airports to Gaithersburg.

  The Washington Metro has subway service to Gaithersburg. Metro can be boarded
  at Washington National Airport. Take a Yellow Line train marked "Mount Vernon
  Square" to Gallery Place and transfer to a Red Line train marked "Shady Grove"
  to Shady Grove. Service is every 6 to 15 minutes depending on the time of day.
  The time from National to Shady Grove is about 50 minutes. The Shady Grove
  station is approximately four miles from the Marriott Hotel.

Driving Instructions: From northbound I-270 take Exit 10, Rt. 117 West, Clopper
  Road. At the first light on Clopper Road, turn left on to the NIST grounds.
  From Southbound I-270 take Exit 11B, Route 124 West, Quince Orchard Road. At
  the second light turn left on to Clopper Road. At the first light on Clopper
  Road, turn right on to the NIST grounds. To reach the Administration
  Building, turn left after passing the guard office. Signs will direct you to
  visitor parking.  Transportation will be provided to and from the
  Gaithersburg Marriott and NIST on Monday through Thursday.

Accommodations: Conference registration does not include your hotel
  reservation. A block of rooms has been reserved at the Gaithersburg Marriott
  Hotel, 620 Perry Parkway, Gaithersburg, Md. 20877. The hotel phone number is
  301/977-8900. The special room rate is $65 single or double. To register for
  a room, please use the enclosed hotel reservation form and send it directly
  to the hotel no later than June 1, 1992.  After that date the rooms will be
  released for general sale at the prevailing rates of the hotel.

Registration Information Contact: Judy Bramlage, COMPASS '92 Registration
  609 Orrin St., SE, Vienna, Va. 22180-4837, 202/512-6210, Fax: 202/512-6451

Technical Information Contact: Robert Ayers, ARINC Research Corporation,
  2551 Riva Rd., Annapolis, Md. 21401, Phone: 410/266-4741 Fax: 410/266-4040

                  COMPASS '92  June 15-18, 1992
                  Conference Registration Card

Advance Registration (before June 1, 1992)
     ___  Conference Registration (includes 1 copy of proceedings)
     ___  Proceedings Only
     ___  Extra Proceedings _____ copies
     ___  Tutorial #1
     ___  Tutorial #2
      Street Address
   Rm. No./Mail Code
    City, State, Zip
  Business Telephone
 IEEE Membership No.
     Co-Sponsor Name
   Total Amount US $

Form of        ___  Check enclosed made payable to COMPASS '92.
Payment             (Checks from outside USA should be written on a USA bank.)
               ___  MasterCard No.________________________Exp.____
               ___  Visa No.______________________________Exp.____
               ___  Diners Club No._______________________Exp.____
               ___  American Express No.__________________Exp.____
Authorized Signature

Request for refunds after 1 Jun 1992 will be subject to a $15 admin fee.

  Advance Registration (before June 1, 1992)
                 Members    Non-Members   Students
                 -------    -----------   --------
  Conference         250          315       100
  Tutorial            50           70        50
  Proceedings Only    20           30        20
  On-Site        Members    Non-Members   Students
                 -------    -----------   --------
  Conference         300          375       100
  Tutorial            70           90        50
  Proceedings Only    20           30        20

  Conference fee includes coffee breaks, lunches and social functions.

Please place in an envelope and mail to: Judy Bramlage, COMPASS '92
  Registration, 609 Orrin Street, SE, Vienna, Va. 22180-4837

                  COMPASS '92  June 15-18, 1992
                     Hotel Registration Card
                  Marriott Hotel, 301/977-8900

      Street Address
   Rm. No./Mail Code
    City, State, Zip
  Business Telephone
        Arrival Date
      Departure Date
   Number of Persons

Rate: $65 single or double (apply 12% tax to rate). All reservations must be
  received by June 1, 1992. All room reservations must be guaranteed by a
  one-night deposit. Deposit will guarantee first night availability, and will
  be credited to last night of reservation. Deposit refunded if request
  received 48 hours prior to arrival.

Form of        ___  Check enclosed made payable to The
Payment             Gaithersburg Marriott
               ___  One night deposit enclosed $__________________
               Guaranteed by______________________________Exp.____
               Card #_____________________________________________
               Authorized Signature_______________________________

Please place in an envelope and mail to: The Gaithersburg Marriott,
  620 Perry Parkway, Gaithersburg, Md. 20877

Please report problems with the web pages to the maintainer