The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 16 Issue 57

Tuesday 22 November 1994

Contents

o Cell-phone ergonomics side-effect
Robert Stanley
o Pentium FDIV bug
Bill Broadley
o All's Well that Orwells?
Peter Wayner
o Spell Checker Goes Beserk; Editorial Maimed
Robert Bane
o Security is not privacy
Phil Agre
o Authorities Still Investigating Software Theft
Edupage 15 Nov 1994
o Beware the Calendars
Pertti Malo
o Re: Parental Responsibility
Daniel P. Johnson
o Clarifying answers to TEN QUESTIONS PARENTS SHOULD ASK THEIR CHILDREN
o Info on RISKS (comp.risks)

Cell-phone ergonomics side-effect

Robert Stanley <rstanley@sybase.com>
Wed, 16 Nov 94 16:52:30 EST
Yesterday evening I returned home from work and, as usual, checked the
answering machine on my normal voice telephone.  Much to my surprise,
I heard a somewhat muffled background conversation that I soon identified
as that afternoon's conference in the office.  This filled the tape to
the end, and had caused several later calls to be rejected.

  [aside #1: I hate these damn micro-cassette systems that only allow
             ten or fifteen minutes of message time, but they have become
         ubiquitous!]

Two aspects of this message puzzled me: how had it found its way to my
answering machine, and why was it so muffled?  The office has just completed
installing a high-tech AT&T digital phone system with all sorts of fancy
features, but I know that the trunk-to-trunk transfer features have all been
disabled for security reasons.  It is therefore not possible for our
conference call link to another office to have been forwarded to my home
phone.  The only possible way for my phone to have been included in the
conference would have been for it to have initiated the call (and then
worked its way through a set of control codes.)

  [aside #2: my former answering machine, which used real C-90 cassettes,
             did have the unfortunate habit of occasionally calling back
         the last number to have dialed it!  Another story, and one
         which can wait for a rainier day to tell.]

  [aside #3: the idea of disabling trunk-to-trunk switching to prevent
             improper (read: malicious cracker) usage really demonstrates
         the lack of thought that goes into much of what today passes
         for the design process.  Hey, just compile it and debug it,
         that way you'll be *doing* something...]

Investigation at the office yielded disbelief followed by stunned surprise.
No one had forwarded the phone, and my home phone number was not programmed
onto any button in the system.  However, we all rush to the documentation
to check into just how the remote monitor feature works, and try to recall
whether any visible telltales had been lit to indicate monitoring.

Finally, light dawns.  A colleague's tiny Nokia cell-phone in his shirt
breast pocket.  He had called me at home earlier, and the phone has a last
number redial button.  The phone, non-folding, slipped into his shirt pocket
with the controls outermost, had somehow had that button tripped, and had
happily held the line open to my answering machine.  The muffled broadcast
was entirely attributable to the small microphone and the cotton pocket
between it and our conference table.

However, it is an extraordinarily sobering experience to hear a sensitive
work discussion issuing hours later from the speaker of your home voice
messaging system.

A number of risks here, but the predominant one seems to be the conflict
between added function and reduced footprint of portable cell-phones leading
to the creation of unergonomic control systems.  This is exacerbated by the
novel situations to which the diminished footprint can give rise.  This is
surely the first generation of cell-phones that are sufficiently small (a)
to be droppable into a toilet, and (b) actually flushed out of reach...

Robert Stanley - robert.stanley@sybase.com


Pentium FDIV bug

Bill Broadley <broadley@turing.ucdavis.edu>
Mon, 21 Nov 1994 15:20:58 -0800 (PST)
As this below tiny program from Thomas Koenig demonstrates the pentium
sometimes only returns single precision when dividing floating point doubles.

#include <stdio.h>
int main()
{ double x,y,z;
    x = 4195835.0; y = 3145727.0;
    z = x - (x / y) * y;
    printf("%f\n",z);
    return 0;
}

It will return 256 if you have the fdiv bug, and zero if you don't.

I've written 3 similar programs:
    1 like the above, but more resistent to compiler optimization
    1 that searches randomly for the bug (no special seeds)
    1 that searches linearly for the bug.

I'll leave it to the reader to interpret the risks of a cpu that
silently returns 1/2 the precision that you expect.

BTW in my test it happens about about 1 in 10^9 divisions or about
once every 21 minutes with a sequential search.  I.e. if your running
flat out divisions and multiplies (to check the divs).

It can be MUCH higher, up to once a second, with biased random numbers.

I'll make havebug.c rndsearchbug.c and linsearchbug.c available
for anonymous ftp at math.ucdavis.edu

For further references read comp.sys.intel under the fdiv bug thread.

Bill Broadley, UCD Math Sys-Admin Broadley@math.ucdavis.edu
http://ucdmath.ucdavis.edu/~broadley


All's Well that Orwells?

Peter Wayner <pcw@access.digex.net>
Tue, 15 Nov 1994 09:12:21 -0500
I got a recent net leaflet that proclaimed that the US Geological Survey
would cease printing their National Water Conditions Report in January 1995
to save money. The information would only be available on-line. This will
supposedly save them plenty of liquid capital.

Normally, I would be happy when they go with the flow of technology. But the
lack of a printed record seems like an invitation for adding Orwellian
changes to the report in the future. What if you want to go into the past
and use the report as a basis for some legal procedure? For instance, you
might want to sue someone about cyanide levels in the water down stream from
the gold mine. Suddenly two different versions of the report end up before
the judge. One gives the stream a clear bill of health while the other cites
the danger. Which one will the judge and jury believe? How do we know that
the archive in Washington is secure? No need to shred documents or stuff
them in your underwear when a strong magnet will do the job.

Anyone who wants to jump into the deep end of paperless publishing should
use both digital signatures and digital time stamps to ensure accountability.


Spell Checker Goes Beserk; Editorial Maimed

Robert Bane <bane@gst.gsfc.nasa.gov>
Wed, 16 Nov 1994 14:32:07 -0500
The following sentence was taken from Richard Cohen's column on page A19 of
the November 15, 1994 Washington Post:

"GOP national chairman Haley Barbour instantly announced that New York City
was no longer in the running for the Republican National Convention, and,
more ominous, Sen. Alfonse D'Amato, the state's leading Republican and
Pataki's Disk Operating System (DOS), said he would not seek revenge on
Giuliani."

The only explanation I can come up with (other than Sen. D'Amato really
being a copy of DOS) is that Cohen typed 'doss' instead of 'boss', and the
spelling checker not only corrected it to DOS, but spelled the acronym out
since it's the first appearance of it in a non-computer-related news story.

Bob Bane, Global Science & Technology, Inc.,  6411 Ivy Lane, Suite 610,
Greenbelt MD 20770   bane@gst.gsfc.nasa.gov, 301-474-9696

   [I think David Letterman's phonetic spellchecker came up with
   Pootaki Sauce ... on Ghouliani.  PGN]


security is not privacy

Phil Agre <pagre@weber.ucsd.edu>
Tue, 15 Nov 1994 12:04:08 -0800
*The New York Times* has an article about an attempt by tobacco company
lawyers to subpoena reporters' travel and telephone records in an indirect
attempt to identify their sources for stories asserting that the companies
deliberately added nicotine to their cigarettes.

  William Glaberson, A libel suit raises questions about the ability of
  journalists to protect sources in the electronic age, *The New York Times*,
  14 November 1994, page C10.

Many readers of RISKS probably remember other attempted strategic uses of
the discovery process by tobacco companies, including at least one attempt
to subpoena raw survey data from smoking researchers and an attempt to
obtain an electronic mailing list of anti-smoking activists.  (Actually, the
article doesn't explicitly say that the companies want the subpoenas issued
as part of the discovery phase of the trial, just that they want them and
the major press organizations are trying to stop them.)

In any event, this case is an excellent example of why data security, while
obviously important, does not guarantee privacy.  I am sure that those
travel and telephone records are as secure as they need to be, but that may
not provide enough protection against the legal strategies of tobacco
companies.  Maybe this point is obvious to Risks readers, but it is
certainly not obvious to many others, including many of the politicians who
make laws about such things.  So remember to let these folks know:

  Security is not privacy.

The only guarantee of privacy is anonymity.  Fortunately, technologies such
as digital cash to implement anonymity are on their way.  Insist that they
be used in any new system that gets developed near you.  And spread the
word, because once privacy-invasive systems get standardized and installed
they're hard to regulate and even harder to change.

Phil Agre, UCSD


AUTHORITIES STILL INVESTIGATING SOFTWARE THEFT (Edupage 15 Nov 1994)

Edupage <info@ivory.educom.edu>
Tue, 15 Nov 1994 19:46:58 -0500
A surge of outside computers connecting to the National High Magnetic Field
Laboratory's public information computer was the first sign something was
amiss, with many of the suspect connections coming from a computer in the
Center for Educational Technology, two miles away at Florida State
University. "Hackers were using it so much it wasn't responsive to
legitimate users," says the director of the magnet lab's computer center.
The computers have now been cleaned of pirated software and electronic
burglary tools, but even as the crackers were scurrying to cover their
tracks, all related data was copied onto a back-up tape and turned over to
the Computer Emergency Response Team for further investigation. "I think
it's time to slap these little buggers upside the head," says the CEO of
DeScribe, one of the companies whose software was posted. (Miami Herald
11/14/94 1A)

  Edupage, a summary of news items on information technology, is provided
  three times each week as a service by Educom -- a Washington, D.C.-based
  consortium of leading colleges and universities seeking to transform
  education through the use of information technology.  To subscribe to
  Edupage: send a message to: listproc@educom.edu and in the BODY of the
  message type: subscribe edupage Mick Jagger (assuming that your name is
  Mick Jagger; if it isn't, substitute your own name) ... To cancel
  subscription to Edupage: send a message to: listproc@educom.edu and in the
  BODY of the message type: unsubscribe edupage.  [Edupage is also available
  in Portuguese and Spanish; to subscribe, send mail to edunews@nc-rj.rnp.br.]


Beware the Calendars (Ravin, RISKS-16.53)

Pertti Malo <pertti@tmxbris.mhs.oz.au>
Sun, 13 Nov 94 00:51:29 AES
In Australia, my wife brought home a calendar from the uni.  There was an
error in it.  Magnetic calendars you get from schools, politicians, plumbers
and others sometimes have errors as well.

In Finland, as a way to reduce RISKS caused by incorrect calendars the
publishing of Finnish-language calendars has long been a monopoly that the
government gives to one printer for a number of years. As a result some
other printers, institutions, shops, and tradespeople now publish their
unofficial calendars in other languages, mostly in English.

Pertti Malo <pertti@tmxbris.mhs.oz.au>


Re: Parental Responsibility

Dr. Daniel P. Johnson <drdan@src.honeywell.com>
Thu, 10 Nov 94 09:34:44 CST
"Mich Kabay [NCSA Sys_Op]" <75300.3232@compuserve.com> wrote:
>What about
>        "That parents should spend time with their children discussing
>        their (both parents'; and children's) interests and activities
>        and exchanging views in a mutually respectful atmosphere?"

It is important to include the children's age in these discussions. For
teenagers the view above is indeed a proper statement of parental
responsibility. But that is not true for younger children, nor is it even
true for many younger teenagers who are not maturing at the same schedule
as some of their peers. They may know the values but not be able to judge
the situation. I shudder to think of my third-grader son trying to deal
with the e-mail response he would get if he posted to
alt.barney.dinosaur.die.die.die for example. It's hard enough for him to
cope with the taunts of a smug middle-schooler.

When a parent takes a child to see 'Jurassic Park' because the child wants
to and the child has nightmares for the next several weeks, that was the
parent's mistake, not the child's. The parental responsibility to say 'no'
for the child does not go away after a discussion about scary movies. The
child cannot yet judge what 'too scary' means. My most shameful moments as
a parent have come when I have made the wrong choice. My most wonderful
moments have come when I have made the right choice.

My son could thrive in a 'safe' on-line environment, asking children of
France what their weather is, or looking up the Space Shuttle schedule, or
monitoring the bombardment of Jupiter. But he can't act as his own censor
or ignore ill-judged email responses, he doesn't have the judgment and the
on-line services are not a controlled situation.

The proper analogy is the shopping mall versus the school. My son isn't old
enough to go to the mall without a parent. He can go to an elementary
school without a parent. He's not even close to being able to cope with the
environment of life in a high-school.

Similarly, he isn't old enough to go on the infobahn by himself. Perhaps
someone will develop a 'schoolnet' that he can navigate by himself. Until
then, I will have to be at his shoulder.

Daniel P. Johnson, Honeywell Technology Center, 3660 Technology Drive,
Minneapolis, MN  55418 drdan@src.honeywell.com  612-951-7427


Clarifying answers to TEN QUESTIONS PARENTS SHOULD ASK THEIR CHILDREN

<[A well-known but suitably anonymized contributor]>
Tue, 15 Nov 1994 12:12:15 (xST)
Where are the manuals, boxes, license agreements for the programs
you have or use?
    They don't have manuals or boxes.  Should I not use them?

Where did you get that game? (program?, floppy?, software?)
    Usually over the net - how do I tell if it's legitimate?

When programs first start running on your computer, whose name
comes on the screen as the "owner" or "licensed-to."
    Very few have this feature.

Did you write/create/author what you're passing off as your own work?
    I resent the use of 'passing off'.  Almost all modern works are
    collaborative in nature - the selection of citations is not a
    trivial issue.  Where did you get these questions?  Are you
    passing off some of it as your work when in fact others first
    came up with some of these ideas?  Where are your citations?

Where did you get the text and images you're using?
    Many of them come from on-line sources.  Does that make them
    legitimate or illegitimate?

If you copied text and images from another source, did you have permission?
    Rarely - in most cases, fair use allows you to use them without
    getting formal permission.  Kind of like these questions of yours.

If you didn't need permission from the "owners" of the information
you're using, did you credit them for the material?
    Only if I republish it. I have lots of on-line information
    without citations attached to it.  But I see the author of this
    questionnaire thinks it's legitimate to do this without citation.
    I guess I should stop giving as much credit where due as I do.

3.  Do you ever use other people's computer, disk-space or processing
capability, or look at or copy their files or information, without their
knowledge or permission?
    I almost never get permission to look at each file I view.
    I go under the assumption that I may view anything that
    allows read access by me without going outside of the
    normal methods in use to read files.  If it is interesting,
    I copy it for future reference.  I hope they do not know any
    details about my use.  After all, I want to retain my privacy
    and they should not be watching what I do.

4. Do you have any prank programs, computer viruses, worms, trojan
horse programs, bombs, or other malicious software?
    Several thousand of them.  What's wrong with that?  Don't you
    have some too?

Do you use bulletin boards or systems that contain these things, or have
friends or acquaintances who do?
    Certainly.  The Internet has lots of these things, and I use it.
    The telephone system is used for abusive phone calls and I use
    it too.  I don't really know what my friends do when they use
    computers.  They have privacy rights too, and we rarely talk about
    what information service we use.

Do you write or create any software like this or deal with people who do?
    All the time.  I deal with Microsoft, Lotus, and many other
    companies that have widely distributed this sort of thing.
    I also know and deal with individuals who have done this, and
    I do it all the time.  Is there something wrong with that?

Are they things you would be comfortable showing me? Showing your
grandmother?
    I would not show either you or my grandmother my files, but it
    has nothing to do with embarrassment.  It is called privacy.

Do you have any pictures, video clips, sound clips, articles, text, or
other software or files which contain pornography, violence, dangerous
instructions other distasteful material?
    Lots of them.  It this wrong for some reason?

Do you access or view any of these kinds of things when using the net?
    All the time.  In fact, if you know of any, I would be happy
    if you would forward information on them to me.

6.  Do you have any newsletters, plans, guidelines, or "how-to"
documents or files that you would not be comfortable showing to your
mother?
    Same answer as above.  I value my privacy.

Making Bombs, breaking into systems, stealing telephone access, stealing
computer access, stealing passwords, pornographic or violent text,
guides, descriptions, ......  Do you create, contribute to or receive
anything like this?
    All the time.  In fact, the Risks Forum is one of my best
    sources for this information.  Should you stop making it
    available to me?

7.  Do you ever connect your computer to a telephone, use a modem, or
otherwise use a network?
    All the time.

8. Who do you associate with when you use the Net?
    Lots of different people.  How do I know who they really are
    anyway?  If you claimed to be John Smith at the West Hannover
    Institute, how could I tell this was true, and why would I
    bother?

... so should you attempt to discern the character of their cyber-friends
    How?  We have congress-people that seem to lie all the time,
    and yet the majority of voters vote for them and they have a lot of
    power, are on TV all the time, and are supposed to be highly
    respected.  Does this mean that lying is good or bad?  Judge
    not - lest you shall be judged!  Who shall cast the first stone?
    Do you attempt to discern the character of everyone on the net
    you communicate with?  How about the thousands who read your
    postings to Risks?  The nature of the net is that it provides
    anonymity and open forums for discussion.  Why would I want to
    stifle free speech by asking character questions.  The
    statements people make should stand on their own regardless of
    who states them. That is the best feature of the nets.  A high
    school kid can shine and a Ph.D. can look like an idiot - based
    on what they say, not who they are.

9. Do you ever use an assumed name, a handle, or an alias  instead
of your real name?
    Sure.  I have asked this posting to be made anonymously in
    order to allow it to be judged based on its content rather
    than it's source.  It's kind of like the referee process is
    supposed to be on professional papers.  Maybe we would all be
    better off if all postings were anonymous (with a return
    address that permits response without identity).

Do supply a false information about yourself when using a bulletin
board, a news group, a message group, or forum, any part of the net, or
when using e-mail or when otherwise communicating?
    At times.  Especially when bbs systems ask extensive questions
    about who I am, my SSN, credit information, or other information
    that I don't think they have a right to have.  I have also lied
    when connecting to hacker BBS systems because I don't think they
    have a right to know who I am when they all use handles instead
    of names anyway.  I have also used telnet (25) into SMTP sites
    to forge e-mail as if I were Captain Kirk from the enterprise in
    order to have fun when communicating with friends.  Is there
    something wrong with having fun in this way, or is the Internet
    only for serious work and not for having fun or playing around.
    If so, why are there thousands of fun and games forums in the
    Internet?

Do you use your real age & sex when communicating with your computer?
    I rarely use either.  Nobody has ever asked my sex (my name
    is probably a giveaway on that one) or my age.  Besides, I
    think that discrimination based on age and sex are wrong, are
    against the law, and that forging a sex or age in order to
    have equal access is fair, reasonable, and appropriate in the
    network environment.

Do you use any false information like addresses, or phone numbers or use
someone else's credit card number when using your computer?
    Yes, yes, and no respectively.  Theft (by deception) is very
    different than not telling someone where you live or what
    your phone number is.  These are privacy issues, and privacy
    is a very important thing to have.  Privacy through deception
    is not wrong.  Even becoming someone's friend by lying to them
    about having something in common is not particularly wrong.
    Certainly giving a salesperson a polite wrong number and address
    is a reasonable privacy precaution against getting on mailing
    lists.  It is probably even good to lie if you think someone
    is stalking you over the net.  I think we have a right to lie,
    perhaps even a social responsibility to do so under certain
    circumstances.

Do you ever send messages or e-mail in such a way that the recipient
cannot tell that you sent it?
    In what sense?  I have certainly sent e-mail that never got
    through - the intended recipient didn't know I sent it.
    I have sent e-mail from group accounts where the individual
    was not identified, but the group was.  This is quite common
    in customer support.  I have also forged e-mail addresses so
    that I could remain anonymous.  Is that supposed to be wrong?
    Why?  If I sent you a seasons greeting card from a false identity
    would you be upset and try to find me and have me arrested?
    There is a difference between malice and fun.

Have you ever modified data, text, messages, or other computer
information so that it looks like someone other than you created it or
made the changes?
    Certainly.  I had to make a change to the TeX sources once
    to get them to compile right, and I used the TeX user ID to
    do so in order to allow the compilation to work right.  This
    is often called for in systems administration.

What are you trying to hide by not using your real name?
    My identity. It's called privacy and anonymity.  It's one of
    the basic principles of a free society - that's why we have
    anonymous voting - to protect anonymity and be certain that
    I can think and do what I feel are right without someone like
    you being able to seek retribution.  I believe that a free
    society requires privacy and anonymity.  Otherwise, someone like
    you who perhaps thinks that these ideas are too radical might
    try to black ball me.  Anonymity in pre-war Germany could have
    saved millions of lives.  Many in the US are trying to eliminate
    anonymity by such practices as federal ID cards, and I think that
    is very dangerous.

Are you trying to pretend you are something or someone you are not?
    I have a right to be whatever I want to be.  If I claim to
    be an expert in business consulting, you use my services, and
    I do a good job, what does it matter that I don't even have
    a high school diploma.  If you hire an MBA and they do a bad
    job, does that make it OK?  There is nothing wrong with
    pretending, as long as you don't lie in order to take advantage
    of someone else.  Theft by deception requires theft.  If I knock
    on your door and claim to be a Jehova's witness when I am not,
    why should that offend you more than if I were a real one?

10.  Do use telephone, video, cable-TV, computer network, bulletin
board, or other network services without paying for them?
    All the time.  When I am at a friend's house and I make a phone
    call, I don't pay for it.  I don't pay for Internet access, it is
    given to me.  I use Freenets and other bulletin boards without
    paying for them too.  I have even used friend's accounts to
    access the network on occasions when I didn't have any local
    access.  I also used free compu-serv, America-Online, and Delphi
    services when they had free offers.  The vast majority of people
    using the Internet until only a few years ago did not pay for
    their usage either.  Their company, the federal government, or
    someone else paid for their usage.

The bottom line: Are these things also true for my children? Yes, I think
they are.  I hope that they learn how to do the same things I have learned
how to do in order to protect themselves from the tyranny of the majority -
or is it the vocal minority? I hope they keep things private from me when
appropriate, and if they look at some dirty pictures once in a while, it
won't greatly offend me.

Please consider that most issues of right and wrong are matters of degree
and circumstance.  Given more choice and less control, I think more people
will make better decisions.  Illegalize dirty pictures, and you will have a
much larger audience.  That's why so many motion pictures add nudity or
violence if they don't get an R rating with the first cut.  After all, an R
picture on average sells a lot more tickets than a PG picture.

Please report problems with the web pages to the maintainer

Top