The RISKS Digest
Volume 13 Issue 67

Wednesday, 22nd July 1992

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…


More identical name confusion (plus Scientific American item)
Mark Bergman
A computer as a criminal tool
Peter D. Junger
American Airlines software development woes
Randall Neff
RISKS of Antilock Braking Systems
David Palmer
RISKS of BBS ownership
David R. Cohen via Scott Bailey
The role of expertise in technological advances
Bertrand Meyer
Telephone wiretapping
E. Kristiansen
Bellcore threatens 2600 with lawsuit over BLV article
Emmanuel Goldstein
Re: Export of 40-Digit RSA
Dorothy Denning
Re: Qantas airliner challenged by US Pacific fleet
Leonard Erickson
Re: Nuclear reactor control
Rusty Teasdale
Re: Airbus — Countering Urban Myths
Bjorn Freeman-Benson
AVIATION restructuring in progress
Robert Dorsett
Info on RISKS (comp.risks)

More identical name confusion (plus Scientific American article)

Mark Bergman <>
Wed, 22 Jul 92 1:03:51 EDT
Here is another story from the AP wires about health service computers and name
collisions.  (There is also an article in this month's Scientific American,
"Achieving Electronic Privacy," by David Chaum, about encryption and smart card
transactions to ensure privacy _and_ verify each side to the transaction.)  I
don't feel qualified to comment, but I'd like to hear other people's thoughts.
Mark Bergman 718-855-9148         {cmcl2,psi,uunet,apple}!panix!bergman

      Computer Confuses Babies With Same Name, Denies Benefits to One

PENSACOLA, Fla. (AP) - A Pensacola woman says her 5-month-old daughter cannot
get state social service benefits because a computer has her child confused
with a St. Petersburg baby with the same name.  The children, both named
Samantha Marie Morris, were born only eight days apart but are linked by a maze
of computer glitches haunting the Florida Department of Health and
Rehabilitative Services.  The Pensacola baby isn't getting food stamps or
Medicaid benefits, her mother, Tina Morris, said Monday.  "If my daughter had
an emergency, got sick or something, some places might take it, but they
wouldn't pay for it," she said.  "I've been real lucky. She hasn't been sick."
    The HRS' balky new $104.2 million computer thinks she is the St.
Petersburg Samantha, eligible for the same benefits and listed with the same
Social Security number, the Pensacola mother said.  HRS District Administrator
Chelly Schembera said she was unfamiliar with the case. She said the computer
problems that have been affecting the agency across the state exceeded normal
start-up glitches for a new system.
        Ms. Morris said she spent two days at the local HRS office trying to
clear up her daughter's problem without success and that her case worker has
been trying since April.  The computer problems have caused Ms. Morris and
other HRS clients to wait in long lines.  She said she waited 20 minutes
outside under a hot sun to get food stamps last week for the rest of her family
and once in the building was told it would take another hour.
    Schembera said the agency is considering lemonade stands, extra chairs,
awnings, baby changing tables and play rooms to help clients bear the long
    One man already has capitalized by setting up a snack stand outside an
HRS building in Pensacola, accepting food stamps as payment.  "This guy could
be fairly wealthy by the time the crisis is over," Schembera said.

A computer as a criminal tool

Peter D. Junger <>
Tue, 21 Jul 1992 22:19:05 GMT
In the Cleveland Plain Dealer for July 21, 1992 a story appears with a
headline nearly worthy of the National Enquirer.

The venue is:  MUNROE FALLS

    [I've lived in Cleveland for over twenty years and have never heard of
    Munroe Falls--that's how small it is.  It turns out that it is in Summit
    County, Ohio, near Akron.]

    The story suggests that there is an especial risk to having
computers in a very small, Midwestern town.
        According to the story, the Munroe Falls police received a
complaint that a local electronic bulletin board "containing sexually
explicit material might be accessible to children."
        So the police set up a sting operation, using a local 15
year-old boy as their agent.  The story goes on to say:  "After the
youth was able to hook into the bulletin board, police arrested Mark
Lehrer, 22, owner and operator of Akron Anomaly, a 1,000 member bulletin
board."  And the police also seized all of Lehrer's computer--apparently
on the ground that it was "criminal tools."
        [From talking to the reporter and Lehrer's lawyer, I found out
that Lehrer was indicted today "of disseminating matter harmful to juveniles
and possession of criminal tools,"  with the criminal tools being the
        It seems that Lehrer's bulletin board included some gif files
containing pictures of James Bond and Captain Kirk and subjects like that,
which could be downloaded by subscribers.  There were also some gif files that
were supposed to be accessible only by adults over the age of 18.  The article
reports, however, that: "when police seized Lehrer's records they found that
even the `clean' files contained images that were not entirely wholesome."
[Lehrer's attorney told me that these were files that had been uploaded to the
bulletin board and had not yet been seen by Lehrer.]
        The article then quotes the Munroe Falls Police Chief as saying
of these "not entirely wholesome files":  "One was Bugs Bunny eating a
carrot, one was Bart Simpson riding a skateboard and one was called (a
slang term for oral sex), and that was in the clean file."  There were
apparently also some pictures of naked women and of "naked women engaging
in sexual acts" that were not in the adult category.
        According to the article, the Police Chief also said that "it's
possible that some of the games and movies are being accessed in
violation of copy right laws."
        And then there is a final direct quote from the Police Chief: "I'm not
saying it's obscene because I'm not getting into that battle, but it's
certainly not appropriate for kids, especially without parental permission."

Peter D. Junger, Case Western Reserve University Law School, Cleveland, OH

American Airlines software development woes

Randall Neff <neff@mandor.Metaphor.COM>
Wed, 22 Jul 92 09:22:19 PDT
[San Jose Mercury News, Monday, July 20, 1992  Business Monday section  p. 9F]

                   Software nightmare comes alive for airline
     American finds the pieces of new reservation system do not fit together

[Dallas Morning News]
DALLAS — AMR Corp. for decades sliced up competition with its Sabre computer
system for making airline reservations.  Last week, the parent of American
Airlines, Inc. said it fell on its sword trying to develop a state-of-the-art,
industry-wide system that could also handle car and hotel reservations.

AMR cut off development of its new Confirm reservation system only weeks after
it was supposed to start taking care of transactions for partners Budget
Rent-A-Car, Hilton Hotels Corp. and Marriott Corp.  Suspension of the $125
million, 4-year-old project translated into a $165 million pre-tax charge
against AMR's earnings in the second quarter and fractured the company's
reputation as a pacesetter in travel technology.

"In an area where we arguably are one of the world's leading companies, it's
particularly disappointing to us when we have to recognize a loss of that
magnitude on that kind of activity," said ARM senior vice president and
treasurer Michael J. Durham.  The disappointment comes after a series of
technical and management missteps that surprised not only AMR, but the entire
industry.  As far back as January, the leaders of Confirm discovered that the
labors of more than 200 programmers, systems analysts and engineers had
apparently been for naught.  The main pieces of the massive project --
requiring 47,000 pages to describe — had been developed separately, by
different methods.  When put together, they did not work with each other.

The system was based on twin IBM mainframes that stored the two main pieces of
the reservation system, according to project leaders.  One IBM 3090 computer
stored customer records, pricing information, and other "decision support"
data.  The other IBM 3090 kept track of available rooms and cars, managing the
actual transaction.  But the two pieces were developed on different operating
systems.  When the developers attempted to plug the parts together, they could
not.  Different "modules" could not pull the information needed from the other
side of the bridge.  Response times were slow on other requests.

Not until April did officials begin to "recognize the magnitude of the
situation" and begin to realize that the problems might not be under control.
Warnings of lengthy delays — as much as two years — began to surface.
"Somewhere in there, you've got a management problem," said Donald Tatzin,
director of Arthur D. Little's travel consulting practice.

AMR Information Services fired eight senior project members, including team
leader John Mott, saying it had "determined that information about the true
status of the project appears to have been suppressed by certain management
personnel."  In late June, Budget and Hilton said they were dropping out.

For the record, AMR said it was not giving up hope of salvaging Confirm,
although a Coopers & Lybrand market study for AMR is believed to cast doubt
on its viability.

RISKS of Antilock Braking Systems

David Palmer <>
Thu, 16 Jul 1992 15:56:53 GMT
The 15 July 1992 Washington Post has an article about one side effect of
Antilock Braking Systems (ABS).

Accident investigators typically estimate how fast the various vehicles
involved in a collision were going by looking at the skid marks left behind.
However, with ABS systems, the skid marks are faint, intermittent, and not as
durable as conventional skidmarks.  (ABS works by releasing the brakes whenever
the tires start skidding.  Therefore, the tires never get a chance to cook a
strip of rubber into the asphalt.)

The skid marks are visible, if you look carefully and get to the
accident site before they've been worn away by rain and other traffic.

Thus, the new technology makes it harder to reconstruct accidents.

The article did, however, quote one investigator as saying (paraphrased
from memory) that he'd rather see faint skid marks for 45 feet than dark
skid marks for 55 feet ending at a wall.

David Palmer, Goddard Space Flight Center/NASA

RISKS of BBS ownership (From David R. Cohen, forwarded)

Scott Bailey <>
Wed, 22 Jul 1992 06:28:00 PDT
I found this posted in one of the Star Trek newsgroups (!).  Looks like
interesting RISKS material to me.

  Scott Bailey              Xerox Computer Center      Webster, NY

X-NEWS: oasis rec.arts.startrek.misc: 1583
Relay-Version: VMS News - V6.0-1 14/11/90 VAX/VMS V5.5; site
Newsgroups: rec.arts.startrek.misc
Subject: Help, please forward this message
From: bx953@cleveland.Freenet.Edu (David R. Cohen)
Date: 21 Jul 92 14:09:03 GMT

I have no idea where this message should be posted, I only know that it
**should** be posted.  I'm posting here only because I know this board is
widely read and someone should be able to get this message to the right place.

In [the 21 July 1992] Cleveland Plain Dealer, it was reported that a 22-year
old male got arrested for distributing pornography, and possibly for
contributing to the delinquency of a minor.  His "crime" was running a bulletin
board out of his home ... the cops found out that minors were able to get ahold
of pornographic gif files.  The arrestee had apparently set things up so that
"adult" files were supposed to be restricted, but either the files weren't
restricted after all, or someone else had "unrestricted" them.  The paper
reports that this type of arrest is one of the first of its kind in the state.
The cops used a "cooperative" 15 year old — after the kid accessed the adult
files, the cops grabbed the alleged criminal.

If any Ohio law enforcement types are reading this, I am an Ohio attorney,
and I think this sucks.

David   David R. Cohen or Tracey L. Ridgeway

The role of expertise in technological advances

Bertrand Meyer, Interactive Software Engineering <>
Sun, 19 Jul 92 18:30:08 PDT
This note is a call for argued opinions about the effect of technological
advances on the value of people's expertise and qualifications.  In particular
it would be interesting to hear views about the relative merits of the
following two opposite conjectures:

  A. The introduction of a new technology gives the highest advantage to people
  who are already the most advanced experts, as they are in the best position
  to understand the new developments, and thus will benefit the most from them.
  The advances will in face increase the lead that the best people already had
  over the others.

  B. Introducing a new technology makes it possible for many people to do what
  was previously the exclusive specialty of a few experts.  So it levels off
  the field, putting everyone at the same position.

I can see serious arguments and examples supporting both conjectures.  To keep
this note short, I have selected just two widely different examples, one for
each. Only the second is computer-related. (My personal interest in this
discussion is with respect to advances in software engineering, but the problem
is more general.)

A. In his book ``Tristes Tropiques'', the ethnologist Claude Levi-Strauss
recounts how he visited a South American tribe that didn't know writing. He
introduced it to them; writing was immediately put to good use by the tribe's
chief, who could see how the ability to record and retrieve his decisions would
increase his power.

B. It used to be quite hard to get a taxi in Paris. The situation has
considerably improved thanks to the installation by the biggest taxi company of
a computer-based system. This might at first seem to be an argument for A since
this system has (at least temporarily) given the company a big lead over its
competitors, but here is the other side. In a recent stay in Paris in which I
frequently needed taxis to pick me up, I was able almost every time to obtain
one in about five minutes.  I once complimented a driver on this efficiency. He
responded by heaping tons of abuse on the system. After a period of
astonishment, I understood the reason for his anger. He has been in the
business for twenty years or so, and knows every street and lane in the city;
he also knows the best itineraries, and where he should and should not be at
each time of day and year to get good business (go to the Gare d'Austerlitz at
certain times, to the airports at certain others and so on).  But now the new
system puts every upstart driver, who has just passed his exam and paid for his
license, at the same level as him! You just key in a certain code to indicate
where you are, and get queued for customers' requests in that area. Then when
your turn comes you get the next customer. The computer system apparently also
indicates where the hottest areas are at any time of day. Very little advantage
remains for an experienced professional driver. He was looking with even more
horror to a future (apparently promised) extension of the system, whereby ``the
computer'' would show recommended itineraries!

Please note that the discussion is not about people whose job is simply made
obsolete by the new advances (as craftsmen at the time of the industrial
revolution, or draughtsmen at the time of the introduction of computer-aided
design). Assuming people are experts in a field, and remain in that field, is
new technology a way to increase their lead or should they fear losing their

  [Please respond directly to Bertrand, who will share the results with us. PGN]

Date:         Wed, 22 Jul 92 09:16:03 CET
From: "E. Kristiansen - WMS" <>
Subject:      Telephone wiretapping [Cross-posted to]

NRC Handelsblad, a Dutch newspaper, of 20 July has two articles concerning
telephone wiretapping.

The first article describes several cases of alleged unauthorized wiretaps
performed by PTT Telecon, the Dutch telephone company.  The PTT is accused of
establishing wiretaps on telephone lines without the required court order, on
request of the police and legal authorities (district attorney).  In one case,
a PTT employee has allegedly passed on information obtained from illegally
bugging a phone line, to a criminal (drug dealer). The employee has been fired.
A PTT spokesperson says that "according to current procedure", the police
cannot request a wiretap directly. The request is to be submitted through the
proper legal channels.  From a technical point of view, the article suggests,
without giving much detail, that it is very easy to establish a wiretap, and
that the only control is through procedures, relying on "highly trusted
personnel".  Further, it is said that the PTT never performs wiretapping
itself, it only establishes the tap to a line going to the police office. It is
not said that the PTT CANNOT do wiretapping, and I would assume that they can,
e.g.  for technical monitoring of line quality.

The other article describes how an on-hook telephone set can be used for
bugging the room in which it is installed. The trick can be performed by
anybody who can gain access, legally or illegally, to any point of the wire
pair connecting the telephone set to the exchange.  A high frequency signal is
injected into the line. This signal bypasses the hook switch of the set
(capacitive coupling, I suppose). The microphone modulates the signal
(technical details not given), and the intruder can demodulate, and listen to
the conversation in the room.  When this trick was published in the press, PTT
says it will shortly be offering a telephone plug with a built-in capacitor to
short the HF signal.  The plug will sell for about Dfl.5 (USD 3). Consumer
organizations urge that the plug should be available free of charge to anybody
asking for it.  It is not said whether the trick will work on all current types
of phones, or only on particular brands.
                                                  Erling Kristiansen

Bellcore threatens 2600 with lawsuit over Busy Line Verification item

Emmanuel Goldstein <>
Wed, 22 Jul 92 09:07:20 -0700

 Leonard Charles Suchyta
 General Attorney
 Intellectual Property Matters

 Emanuel [sic] Golstein [sic], Editor
 2600 Magazine
 P.O. Box 752
 Middle Island, New York 11953-0752

 Dear Mr. Golstein:

 It has come to our attention that you have somehow obtained and published
 in the 1991-1992 Winter edition of 2600 Magazine portions of certain
 Bellcore proprietary internal documents.

 This letter is to formally advise you that, if at any time in the future
 you (or your magazine) come into possession of, publish, or otherwise
 disclose any Bellcore information or documentation which either (i) you
 have any reason to believe is proprietary to Bellcore or has not been
 made publicly available by Bellcore or (ii) is marked "proprietary,"
 "confidential," "restricted," or with any other legend denoting
 Bellcore's proprietary interest therein, Bellcore will vigorously
 pursue all legal remedies available to it including, but not limited
 to, injunctive relief and monetary damages, against you, your magazine,
 and its sources.

 We trust that you fully understand Bellcore's position on this matter.


                             [The 2600 article in question will not appear
                             in RISKS, for the obvious reasons.  PGN]

Export of 40-Digit RSA

Dorothy Denning <>
Wed, 22 Jul 92 14:45:34 EDT
I talked with Dennis Branstad at NIST and found out that the 40-digit system
approved for export is not the RSA public-key system (PKS) but rather the
systems RC-2 and RC-4 which are single-key systems marketed by RSA Data
Security.  These systems can be "married to" a 512-bit RSA PKS used for key
management and the whole package can be exported.
                                                       Dorothy Denning

   [Dorothy and I had an earlier off-line dialogue on the fact that 40-digit
   RSA was child's-play to break.  This clarification is very helpful.  PGN]

Re: Qantas airliner challenged by US Pacific fleet (RISKS-13.66)

Leonard Erickson <>
Mon, 20 Jul 1992 04:28:42 GMT
>The Qantas pilot radioed the Federal Aviation Authority in Los Angeles which
>put him on a frequency to the warship.  [Why was this necessary?]  The FAA
>resolved the crisis by putting the Qantas flight on a path bypassing the
>Cowpens which was taking part in a military exercise.

It was probably necessary to use such a roundabout means of communication
because the airliner had no idea what frequencies the ship was using, and
likely *couldn't* respond on many of them if it wanted to!

>Elly Brekke, a spokeswoman for the FAA in Los Angeles, confirmed that the
>airliner, following its predetermined flight path, was told it risked risked
>facing hostile action.  Ms Brekke said the Qantas flight was "where it should
>have been", and the FAA had not been told that the US Navy was conducting
>manoeuvres that would require any restriction of airspace.

Somebody goofed. My guess is the military *should* have warned the ATC center!

>The Pacific Fleet spokesman said the Cowpens had inadvertently [!]  used "an
>international distress frequency" in trying to contact planes taking part in
>the exercise.

The inadvertently part is all too simple. And it has bearing on my comment
above about why the airliner may not have been able to directly contact the

All those nice agreements about which frequencies are used for what have
a *large* loophole. All governments are allowed to ignore the international
frequency allocations when it comes to *military* use.

Most military gear can tune all sort of civilian (and other) frequencies.  And
for peacetime operations, they do have the civilian frequncies set up. Somebody
may have done something as simple as punch the wrong "general frequency"

There are two risks here. First, from the pictures that I've seen of military
radio gear, the "user interface" is lacking in a few areas.  Mainly in that the
user has no idea that some of the "channels" are not strictly military.

The second risk is the usual one of what happens when folks that are allowed to
"ignore the standards" get to share the operating environment with folks that
*do* have to follow them...

Leonard Erickson
CIS: [70465,203]  FIDO: 1:105/56

Re: Nuclear reactor control (Park, Re: RISKS-13.66)

Rusty <>
Mon, 20 Jul 92 18:08:28 GMT
    I suspect that, given the context in which they were mentioned, that
Bill is correct.  However, what I first think of when the phrase "magnetic core
systems" comes up in discussions of reactor safety is something rather
different.  It is the practice in many PWR reactors to have the cadmium control
rods, which must be withdrawn partly from the reactor core for substantial
fission to take place, lifted vertically up and out of the core by
electromagnets, which are themselves powered by the output of the generators
driven by the reactor.  If there is a sudden drop in reactor output for some
reason, the magnets cut out, and the rods drop back into the core.  Gravitic
passive safety! However, this does not help at all in cases where the reactor
is running out of control but still producing steam and power, nor will it do
any good if something has happened to prevent the reinsertion of the damper
rods themselves...
                     Russ Teasdale — rteasdal@polyslo.CalPoly.EDU — (Rusty)

Countering Urban Myths re: Airbus

Bjorn Freeman-Benson <bnfb@ursamajor.UVic.CA>
Thu, 16 Jul 92 11:00:44 PDT
In RISKS 13.64, I read these two stories about the A320:
<> #1  A Pan Am Airbus A300 or A310 (I don't remember which) was on final ...
<> #2  Apparently as a safety feature derived from the crash of the ...

And I immediately recalled that the same article was posted to sci.aeronautics
and then immediately countered as a collection of Urban Myths.  I'm sorry that
I cannot quote the sci.aeronautics article, but the local news system has
already erased it.

Not a fan of the A320, yet also a crusader against misinformation,
Bjorn N. Freeman-Benson

AVIATION restructuring in progress

Robert Dorsett <>
Tue, 21 Jul 92 18:13:35 CDT
Rec.aviation is currently in the request-for-discussion period of a
comprehensive re-organization proposal.  A number of proposed sub-groups may
be of interest to RISKS users, including two airliners proposals (in the sci
and rec hierarchies), a safety-group, a generic airplane-group, and others.

The RFD was posted last week; a "survey" of user preferences (which will be
used to shape the final CFV) was posted about the same time.  The survey was
re-posted this afternoon.

Copies of both documents are available on rec.aviation, sci.aeronautics, and, depending on your news spool.  Copies may also be obtained
from me, directly, at

Robert Dorsett, Internet:

Please report problems with the web pages to the maintainer