Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
TOKYO (Reuter) - The test pilot of a trainer jet built for the Japanese air force was accidentally ejected when the emergency bailout system mysteriously functioned, the plane's makers said Tuesday. Pilot Masahiko Kameishi was later plucked from the sea by a military helicopter. He was reported to have suffered minor injuries to his arms and knees. Kameishi was flying the T-4 two-seater over the Pacific Ocean southwest of Tokyo on Monday when he was suddenly ejected into the sea with a parachute, a spokesman for manufacturers Kawasaki Heavy Industries Ltd said. His co-pilot, seated in the rear, landed the plane safely at a nearby military base. The Kawasaki spokesman said the company was looking into whether the ejection was activated by mechanical malfunction or by something the pilot may have touched. More than 100 T-4s are already in service with the Air Self-Defense Force, Japan's air force. Kameishi's plane was to have been handed over to the air force June 1. Frank Carey at Bell Labs f.e.carey@att.com
1. The following item is apparently from COOVER@MITRE.ORG . It was sent by SnailMail to Will Tracz, the new editor of Software Engineering Notes, presumably for the RISKS section. Will faxed it to me. From Law Practice Management, April 1994, p. 16: Well, it's April again and time for the annual buying frenzy for All The Latest tax-return software. Just so you're on notice — last year at this time *PC Magazine* did a comparison of twenty different tax- return packages. When they ran a test scenario through the packages (see — I don't actually have to say it out loud anymore — you people know what's coming), that's right, *every single package* computed a different total tax due. Sort of like calling the IRS Help Line. 2. Colin Smiley sent me a note observing that his social security number was visible through the window of the envelope that contained his refund check, and pointing out the evident risks. 3. The IRS is now beginning the integrated computerization of its entire tax process. This presents many interesting risks relevant to our newsgroup, such as those relating to security, integrity, authenticity, insider abuse, fraud, violations of privacy, bogus returns, and so on. 4. Your RISKS Moderator is now a member of the IRS's Commissioner's Advisory Group (CAG), and cochairman of its Subgroup on Technology, Security, and Privacy. If you have problems that you believe need to be addressed, please send them to me (neumann@csl.sri.com) if you do not want them to appear in RISKS. The next meeting is coming up in midJune. PGN
The following article is quoted in its entirety from the (UK) Computer
Weekly, issue dated 12 May 1994.
[Brian Randell, Dept. of Computing Science, University of Newcastle,
Newcastle upon Tyne, NE1 7RU, UK +44 91 222 7923 ]FAX = +44 91 222 8232]
Why bulletin boards are a libel minefield
Nick Braithwaite warns of the dangers of digital defamation
and how network and bulletin board operators must guard against
being unwitting participants in user's libellous missive
Libel doesn't figure prominently in most network operators' list of
priorities. Many assume that transient screen messages are private and
unlikely to damage anyone's reputation. Electronic mail and bulletin boards
foster informal communication, so users may be resistant to the idea that
defamation risks are attached to electronic "conversations" .
But beware if you run network or database. You could be in the firing line
for a libel claim.
In the first case of its kind in the UK, Canadian academic Dr Laurence Godfrey
issued a libel writ in London against another academic based in Geneva
claiming he was defamed by a bulletin board message posted on the Usenet
system. If the claim succeeds, hosts and users could soon be contemplating
sizeble pay-outs.
In fact, there's nothing novel about the Godfrey case. Libel suits have
been an occupational hazard for information providers and electronic
database operators for many years, but now network hosts too have begun to
experience defamation problems. Only recently, Compuserve was sued for
libel in the US, while individuals in both the US and Australia have faced
claims over uncomplimentary bulletin board messages.
Are electronic messages "published" for libel purposes? The first requirement
is a degree of permanence in the communication. Most experts now agree that,
if defamatory, even transitory computer messages flashed on screen are
sufficiently permanent, once stored in memory, to be libellous. Slurs posted
on bulletin boards are even more likely to be held libellous.
The "publication" requirement is minimal, satisfied if just one person
other than the plaintiff sees the material.
Despite the international aspects of the Godfrey case, one solitary viewing of
a bulletin board in England allows a case to be litigated in London, where
libel actions are hard to defend.
The author of a defamatory statement is an obvious libel target, but
corporations with deep pockets usually make more enticing defendants. Happily
for US-based computer networks, the court in the Compuserve case ruled
Compuserve could not, without editorial control, be liable for defamatory
statements by users.
In England, it is likely that operators will have to prove they were not
negligent or reckless in allowing the statement onto the system. So if you
follow the US standard, you should not exercise any editorial control at all.
If you follow the English standard you should exercise maximum control.
In fact there ought to be no real conflict, because it is difficult to imagine
a court insisting that an operator should vet all messages on the system.
Whichever standard of care prevails, database and public access network
operators will have every incentive to minimise editorial control over what
they carry.
Plainly, for some databases and networks that will not be practical. But for
libel purposes, the ideal is probably to emulate a telecoms carrier,
disclaiming all responsibility for the content of messages. Some practical
steps to keep the lawyers at bay are:
Check you have a warranty from the subscriber that they will not input
defamatory material. Or, if you are worried about staff messages, put a
warning in their contract of employment. Consider a statement in your user
contract that the operator has no editorial control over traffic on the
system. Display a warning on-screen that the host does not endorse any
defamatory statements. These may not solve every problem, but will help reduce
risk.
[Nick Braithwaite is a lawyer in the London-based media group of solicitors
Clifford Chance]
>From the Reuter newswire via Executive News Service (GO ENS) on CompuServe: "FORT LAUDERDALE, Fla, May 9 (Reuter) - Three former owners of Value Rent A Car Inc pleaded guilty Monday to racketeering charges and face prison sentences of two to five years and fines totalling $2 million." They are also accused of having wiretapped the offices of Mitsubishi Motors executives. Mitsubishi Motors owned 80% of the firm at that time. [MK: This is known as taking an interest in management.]
United Press newswire (94.05.11 @ 09:59 EDST) via Executive News Service on
CompuServe:
CAMBRIDGE, Mass., May 11 (UPI) — A Massachusetts judge continued a hearing
on a suit by eight convicted murderers who seek to end the state's new
practice of monitoring inmate phone calls to the outside.
The eight lifers, saying they are representing all 10,000 state prisoners,
filed suit against Nynex and Massachusetts corrections officials for tapping
their phone calls."
The article continues with the following key points:
o William "Lefty" Gilday, convicted of murdering a policeman, claims that
the phone monitoring system is unconstitutional.
o Corrections officials argue that "the taps are necessary to curb fraud,
harassment and drug dealing by inmates."
o Gilday was convicted in 1984 of running a credit-card fraud operation
from prison and defrauding American Express of $4,000.
[MK:
set flame = on
Interesting perspective on rights and responsibilities, eh? These folks
remind me of the self-righteous anger of some criminal hackers when legal
processes interfere with their self-proclaimed rights to attack other people's
computer systems. "Rights for me, not for you; duties for you, not for me."
Could we maybe apply the Key-Escrow Proposal to criminals? How about "Lock
'em Up and _Throw Away_ the Keys"?
set flame = off
Why is my neck turning red?]
Mich Kabay / not representing anyone else this time.
>From the Reuter newswire via CompuServe's Executive News Service (GO ENS):
"FRANKFURT, May 10 (Reuter) - A journalist from a well-known German satirical
magazine has cut off fugitive real-estate tycoon Juergen Schneider from one
source of cash — by ringing up Schneider's credit card company and cancelling
his account.
The magazine Titanic said journalist Bernd Fritz had telephoned the
Eurocard company and blocked the account by giving Schneider's name and date
of birth."
The article explains that Schneider has been on the run for over a month and
has filed for bankruptcy. He is under investigation for credit fraud.
Asked for identifying information, including Schneider's bank, the journalist
picked a bank at random--and was right.
The magazine writers now claim that they will try to block credit cards for
other fugitives.
[Comment by MK: I have been saying for a long time we need PINs for credit
cards! I hold no brief for the accused man, but it does seem odd that someone
else be able to cancel a person's account. How would you like it if some
prankster cancelled _your_ credit/bank/phone/... account with a simple phone
call?]
Michel E. Kabay, Ph.D. / Dir Education / Natl Computer Security Assn
The Washington Post newswire (94.05.11) includes an interesting essay by Michael McKeon entitled, "Fragmenting of the News." The author discusses the declining importance of the mass media for distributing news and the rising importance of electronic communities where opinions are more uniform. <
Software piracy vexes industry
"Mich Kabay [NCSA]" <75300.3232@CompuServe.COM> 12 May 94 12:25:02 EDTUnited Press International newswire (94.05.11 @ 01:46 EDST) reports on an interview with Business Software Alliance President Robert Holleyman during his visit to Microsoft offices in Redmond, WA. <
Ultra-high dependability and the Channel Tunnel
Robert Stroud <R.J.Stroud@newcastle.ac.uk> Thu, 12 May 1994 11:49:04 +0000[Sent to RISKS courtesy of John Rushby <RUSHBY@csl.sri.com>. PGN] From an article by William Hartston, *Independent on Sunday*, 8th May 1994, p.21 (numbers column) A major accident in the Channel Tunnel resulting in 70 or more deaths will happen once in 100,000 years, according to a report by Eurotunnel. Impressive, but how was it calculated? Give or take a few millenia, 100,000 years is the time homo sapiens has been around; 10,000 years ago, you could walk from England to France without getting your feet wet. So how did Eurotunnel look 100,000 years into the future? It began with statistics from 1984-90, which showed a total of 313 people killed in railway accidents in Britain, including 99 at stations. With 268 billion passenger kilometres traveled, simple arithmetic yields figures of 0.08 fatalities per 100 million passenger kilometres plus 0.95 fatalities per 100 million passenger journeys (for those killed at stations). These figures, and their French equivalents, were then combined and applied to the tunnel, as though it were a randomly selected 50km stretch of track, with a station at each end. The figure may then be modified by the decreased likelihood of anyone throwing himself in front of a moving train under the Channel. Fires and derailments, however, (estimated at 4.4 per cent and 18.5 per cent respectively of the "total system risk") are likely to have more serious consequences, which are, in turn, balanced by more stringent safety procedures. Eurotunnel concludes: 'The Channel Tunnel represents a significant advance in railway safety' which may be true. But for all the precision, it is little more than informed guesswork: 100,000 years is a long time on a train line. The Titanic was unsinkable. Has Eurotunnel overlooked an iceberg too?" [I believe Eurotunnel is planning for 10 trains/hour. I think that makes one accident every 100,000 years a 10 ^ -10 claim.. I also heard something about an independent report that had been suppressed that argued that the 10 trains/hour figure was unsustainable taking into account factors such as gradients, length and weight of trains, time to accelerate from stations, etc. Robert Stroud]
Re: Future of US health care?
<Amy_McNulty@vos.stratus.com> Wed, 11 May 94 14:18 EDTIn RISKS-16.04, Mark Stalzer (stalzer@macaw.hrl.hac.com) wrote about his HMO doctor's deliberate "misdiagnosis" of his baby daughter's rash as lupus, in order to get past the HMO restrictions for referring her to a specialist. He was understandably quite upset at having received notification of this diagnosis in the mail, without any previous phone call or explanation from the doctor or other HMO personnel. In addition to the ridiculousness of the HMO doctor having to play games like this just to refer a patient to a specialist that the doctor feels the patient needs to see, there's another big risk in this story. In this age of nation-wide computer databases like the Medical Information Bureau, this little girl (and other people like her who were similarly "misdiagnosed" by the HMO doctors) may now be listed somewhere in some database as having a serious, pre-existing disease — which could cause her to be unjustly rejected sometime next century when she applies for life insurance, medical insurance, a physically demanding job, college, or who knows what else. I won't try to address whether this kind of database is fair or just even when the information it contains is *accurate*, but it should be obvious to RISKS readers that in this case (and many others) it could also contain inaccurate, very damaging information. — Amy McNulty (amy_mcnulty@vos.stratus.com)
Re: China Air A300 Crash
David Wittenberg <dkw@cs.brandeis.edu> Wed, 11 May 1994 16:46:53 -0500 (EDT)> The root cause of this crash seems to be a confused co-pilot. I think you're being much too harsh on the copilot. He was trying to fly the plane in a standard way, and the plane's auto-pilot did something inexplicable. While perhaps the copilot could have responded better (but note several other odd auto-pilot actions later), I would have to say the root cause was the "go-around mode for unknown reasons". Since people don't always diagnose unexpected behaviour correctly, it is important to decrease the chances of their being confronted with some unexpected behaviour in a time or place with little margin for error. The question one has to ask about the rather sophisticated auto-pilots now in use is not "are they perfect?" We know that they aren't. But, "How often do they fail, and can pilots reasonably be expected to recover from the failures?" By comparing the dangers of the new technology with the dangers of the old technology, we can make an intelligent choice. Unfortunately, the vendors try to convince us that their technology is perfect, which is clearly false. --David Wittenberg dkw@cs.brandeis.edu
Re: Copyright/patent owners: quick correction
Mark Seecof PSD x77605 <marks@latimes.com> Wed, 11 May 1994 13:37:23 -0700I won't name names, but another RISKS contributor suggested that copyright owners or patent holders "MUST" license to all on reasonable terms. That is not true. In general patents or copyrights may be licensed on any terms the owner can get and the owner may pick and choose licensees at will. The exceptions are few, and are related to antitrust issues that do not apply to 99.99% of situations. Some (other than the U.S.) countries have mandatory licensing of various kinds of patents and copyrights (e.g., mandatory licensing of educational textbook copyrights in India), but again, with a few exceptions, the U.S. doesn't work that way. And for other pedants like me: I'm not gonna launch into a discussion of "fair use," music-performance situations, copyright collectives, weapon patents, and other stuff which would explain some of the "exceptions" to the general rule I've alluded to. Think about it. What competitive advantage would a patent confer if you had to license it to anyone? Ditto copyrights. The whole point of such rights is to limit the people who can exploit a certain work. Mark Seecof <marks@latimes.com> Publishing Systems Dept. Los Angeles Times
Amusing computer-related anecdote about local cable service
Ry Jones <rjones@poseidon.usin.com> Wed, 11 May 94 14:22:21 PDTTCI Cablevison of Washington often has a similar display with a Guru Error (Amiga) for days on end on the Public Info channels. Also, Cablevision of Terre Haute, IN used to have a Apple ][+ that would bomb out and draw random lines on the PI channel. Terre Haute First National Bank built a new building complete with 6 huge automated computer displays (light-bulb type) and they often got out of sync, triggering an alarm that would display a very distinct Commodore Basic prompt on all six signs all night.
Amusing anecdote about local cable svc. (Long, RISKS-16.05)
PAUL N HRISKO <WJCS75A@prodigy.com> Thu, 12 May 1994 16:54:23 EDTlong-morrow@cs.yale.edu (H Morrow Long) writes about the error he noticed on his local cable channel recently. Our local cable system and a couple of the surrounding ones use Commodore Amigas for such things as the on-line cable guide (The Preview Guide), local programming information screens, etc... My guess is that there is specialized software available to the cable operator from whatever company broadcasts The Preview Guide which is customizable by region, content or whatever (ad packages come to mind). A few years ago you could usually look forward to seeing the dreaded Amiga 'Guru Meditation Error' plastered on your cable guide screen whenever there was a big storm or over a long holiday weekend. It was amusing at first, but it soon became tiresome. Since it hasn't happened in the past couple of years I'm assuming they've invested in a battery backup or better equipment. One risk for them: Since Commodore has gone belly-up, what's going to happen to their equipment when it dies. Will they be relegated to searching the orphaned-computer parts bin at their local used computer store? Paul
Re: 11-digit ZIP code
Ed Ravin <elr@wp.prodigy.com> Wed, 11 May 1994 12:14:25 +22321159 (EDT)The existing 9 digit ZIP code already provides a path to your door — in most cases, it maps out to either an individual house, four or five houses, apartment building, or cluster of floors in an apartment building. So there's no new RISK with the 11 digit code — as a matter of fact, it's already in use on some barcoded mail (but the 11 digit ZIP is only used in the barcode, so you haven't noticed it yet). The RISK is that zipcode bloat makes addressing mail more and more complicated and error-prone for humans, or that adding extra digits to the ZIP code is being touted instead of making better use of the existing digits to make things easier for the bureaucrats in the Post Office. Ed Ravin, Prodigy Services Company, 445 Hamilton Avenue White Plains, NY 10601 +1 914 448 4737 elr@wp.prodigy.com [Similar comments were received from PMDebenham@email.meto.govt.uk, who noted Britain's system is often unique to 10 or 20 households, grayjw <grayjw@helios.aston.ac.uk>, who noted the use of the first few digits to determine insurance rates, Chuck Weinstock <weinstoc@SEI.CMU.EDU>, Frederick Wheeler <wheeler@ipl.rpi.edu>, marty@beta.lanl.gov (Martin G. Halvorson), msb@sq.sq.com (Mark Brader), who wondered about the (non)difference between giving out a unique address and a unique ZIP, and brown@wi.extrel.com (Vidiot), who noted that the U.S. Postal Service is already using the 11 digits. PGN]Please report problems with the web pages to the maintainer
xTop