The RISKS Digest
Volume 17 Issue 82

Friday, 1st March 1996

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…


Dominican Republic 757 crash
Software backdoor on the news
John Liptak
Re: Happy Leap-Birthday!
A major OS leap year glitch
Warren R Carithers
Arizona lottery blottery on 29 Jan 1996
Jot Powers
Leap-day not insurable
Alan Hamilton
Time Bomb Still Ticking For Year 2000
Edupage via Monty Solomon
Japanese credit cards and the year 2000
Chiaki Ishikawa
Re: Year 2000 banking disasters
Steve Elliott
Re: Risks of year-2000 precautions
Barry Mulligan
Positive feedback and the law of averages
John Light
Re: Risks of year-2000 precautions
L. P. Levine
Year-2000 question on defensive software tools
Gretchen Herbkersman
Incorrect ATM menus
Jimmy Aitken
Online Cyberlaw Workshop
Dick Moores
Info on RISKS (comp.risks)

Dominican Republic 757 crash

"Peter G. Neumann" <>
Fri, 1 Mar 96 7:51:09 PST

Investigators have concluded their analysis of the 6 Feb 1996 Boeing 757 flight that ended in the ocean, killing all 189 people aboard. The disaster was apparently due to a faulty velocity indicator that misled pilots, leading them to believe that their speed was adequate when they were flying at 7000 feet.

Software backdoor on the news

John Liptak <>
Thu, 29 Feb 1996 11:34:30 -0700

The Denver area's new car-emission testing program was spotlighted on the local TV news.

It seems that given the two passcodes 00010 and E35E, the computerized system will pass any car regardless of the emissions results.

Disciplinary action has been taken against the people involved, including the two people who reported the abuse.

John Liptak, U S WEST Communications, 931 14TH Street, Denver, Colorado 80202 WK (303) 624-0140 PG (303) 820-9284
[Is this a case of shooting the emissionger? PGN]

Re: Happy Leap-Birthday! (PGN, RISKS-17.81)

"Peter G. Neumann" <>
Fri, 1 Mar 96 7:59:18 PST

Some of you Robert.Herndon@Central.Sun.COM (Robert Herndon)
"George C. Kaplan" <gckaplan@cea.Berkeley.EDU>
Rich Wales <>
"Clive D.W. Feather" <>
noted the flaky calculations of Pirate Frederick, because of the leap year in 1900.

What we know for sure is that Frederick, when confronted by the Pirate King with the news that he had not actually reached his 21st birthday and therefore could not be freed from his indentures, calculated that he would have his 21st birthday in 1940. I cited the libretto in RISKS-17.81.

The first performances of *Pirates* were at the end of 1879. The official opening was in New York at the Fifth Avenue Theatre on 31 Dec 1879, with a sneak preview at the Royal Bijou in Paignton, Devonshire, the night before — which had been postponed by one day; perhaps W.S. Gilbert had desired to have the sneak preview on *29* December!).

I presume that Gilbert did the calculation on Frederick's behalf, and did *not* know about the 1900 anomaly. I also presume that Frederick did not know about the 1900 anomaly, because he had been brought up by his nursemaid Ruth and the pirates mostly at sea. On the other hand, the pirates were not really pirates, but rather noblemen who had gone wrong (as we discover in Act Two), in which case they probably wouldn't have known anyway.

If we assume that Gilbert and Frederick both did not know about the 1900 anomaly, then Frederick must have been born in 1856. If, on the other hand, Gilbert endowed Frederick with modern algorithmic powers, then perhaps Frederick was indeed born in 1952. I doubt it very much.

However, I have spent so much time lately correcting folks who think 2000 is NOT a leap year (including one would-be contribution that warned about all the folks who seem to think 2000 *is* a leap year) that I neglected to remark on the 1900 glitch.

Incidentally, Clive also noted Isaac Asimov's *Black Widowers* story, which raises the 1956/1900/1940 question and the fact that *Pirates* might not actually be set in 1877, the year that *H.M.S.Pinafore* was written. Asimov seems to have thought of *everything* long before everyone else, but I still suspect Gilbert did not know about, or simply ignored, the 1900 glitch.

A major OS leap year glitch

Warren R Carithers <>
Fri, 1 Mar 1996 13:06:07 -0500 (EST)

We received the following announcement from our Institute computer center (ISC) regarding the operating system on many of their computers (names of individuals and systems, and phone numbers, elided):

> Date: Thu, 29 Feb 1996 13:26:19 -0400 (EDT)
> From: xxxxxx<br /> > Subject: FYI... an oops on the part of DEC and OSF
> 29-Feb-1996 - Digital UNIX/DCE leap year bug
> ISC's UNIX computing systems have encountered a severe bug in the
> operating system. The bug prevents DCE from functioning at all between
> February 29th and March 31st during a leap year. To allow our DCE
> systems to continue functioning, the date on all of ISC's system has
> been set to April 1st.
> This affects the following systems:
> ...
> and the following services:
> Web Server, Listserver, Dial-IP, News Server
> Digital is working very hard to correct this problem as it affects all
> of their DCE customers. As soon as Digital has a solution it will be
> installed and the date will be returned to normal on these systems.
> Please contact the ISC HelpDesk at nnn-nnnn voice or nnn-nnnn v/tty,
> stop by our office in Ross room A291, or use ASK Information Systems and
> Computing for questions or concerns.

True to the message, the system date on the affected systems continues to be one month ahead (today, for instance, is April 2, 1996 according to these systems).

One wonders exactly how an extra day in February causes the loss of an entire month in this particular OS.... In any event, there will be many unexpected side-effects of this glitch; at a minimum, once the bug is corrected and the date can be restored, software which examines timestamps such as modification dates on files may be in for an interesting few weeks.

Warren R. Carithers, RIT Dept. of Computer Science, Rochester NY 14623-5608, (716) 475-2288

Arizona lottery blottery on 29 Jan 1996

Jot Powers <>
Fri, 1 Mar 1996 12:37:50 -0700 (MST)

[A little bit of background: Here in Arizona, about 6 months ago they changed vendors for the machines for the state lottery. Evidently this company bid lower, and would require 1 fewer keypress per ticket sale. The initial install was a debacle, with roughly 40% of the machines not being brought on-line in time because of communications problems and weather problems at the time. And so the saga continues...]

Machines refuse to recognize 29 Feb 1997 (*Arizona Republic*, 1 Mar 1996)

Chuck Brooke, executive vice president of AWI's [the lottery machine vendor] Phoenix office, said the glitch was the result of an error made by the corporation's software designers in Hackensack, N.J. The leap-year glitch did not affect AWI's other state lottery clients in Delaware, Florida, Michigan, Minnesota, Pennsylvania, South Dakota and Washington state, he said.

It is estimated that roughly 60,000 people were unable to purchase tickets. This only affected the Fantasy 5, and not Powerball, Lotto and the Scratchers tickets.

I never buy lottery tickets anyway, but I wouldn't plan on buying any at the end of 1999. ;)

[Why not? It might be the best gamble of all! PGN]
Jot Powers Unix System Administrator, Medtronic Micro-Rel (602) 929-5418

Leap-day not insurable

Alan Hamilton <>
Thu, 29 Feb 1996 21:30:19 -0700

Another leap-day bug....
I was shopping for a new auto insurance policy today, and found one I liked. When I went to the agent's office, though, he told me that he couldn't write a one year policy. The computer that sets up the policies adds one to the year to get the expiration date. A policy written on Feb. 29, 1996 would expire at 12:01am Feb. 29, 1997. Uh oh. He my the policy up to start March 1, and I'll keep my old policy for one more day.

Alan Hamilton

Time Bomb Still Ticking For Year 2000 (Edupage, 15 Feb 1996)

Monty Solomon <monty@roscom.COM>
Fri, 1 Mar 1996 08:24:37 -0500

The Gartner Group predicts that half of all companies affected by the year 2000 date field problem will still be unprepared when the fateful day arrives. "A lot of companies are like deer frozen in the headlights of a big truck coming right at them," says a Gartner analyst. Some industry experts estimate the cost of fixing the problem at $40 million per large corporation, with the global price tag pegged at $400 billion to $600 billion. Many corporations are wondering if their old systems are worth all the trouble: "Do we just fix the millennium bug, or should we take this as an opportunity to put in some new systems?" asks one CIO. (Information Week 5 Feb 1996, p30)

Japanese credit cards and the year 2000

Chiaki Ishikawa <>
Fri, 1 Mar 1996 19:37:12 +0900 (JST)

Japanese newspaper Asahi-shimbun had a large news article concerning the year 2000 and computer programs. From the article, I learned that many Japanese offices of credit card companies are now refusing to issue credit cards of which expiration date is later than December 1999. (I didn't know this. A clever interim solution, I have to agree.) They are trying to upgrade all the verification devices(?) at cooperating stores before issuing such cards.

I also got the impression that the biggest problem is who is going to pay for the upgrade of such machines.

Chiaki Ishikawa, Personal Media Corp. Shinagawa, Tokyo, Japan 142

Re: Year 2000 banking disasters

Steve Elliott <>
Fri, 1 Mar 1996 15:32:28 +-1100

At 1500 31Dec99 I plan to send all of my money from my Sydney bank to my London bank where it will arrive at 0400 31Dec99.

At 1500 31Dec99 I will instruct my London bank to send all of my money to my New York bank where it will arrive at 1000 31Dec99.

At 1500 31Dec99 I will instruct my New York bank to send all of my money to my Sydney bank where it will arrive at 0700 1Jan00.

My money will therefore be out of Sydney from 1500 31Dec99 .. 0700 01Jan00, in London from 0400 .. 1500 31Dec99, in New York from 1000 .. 1500 31Dec99 and NOWHERE from 2359 31Dec99 .. 0001 01Jan00.

The risks? I may get so drunk celebrating the new year that I am incapable of signalling my London and New York banks to make the transfers!

Steve Elliott, NORESE Pty. Ltd. 4, Glassop St. Balmain NSW 2041 Australia +61 (41) 12 608 12 Home:

Re: Risks of year-2000 precautions (Mills, RISKS-17.81)

Fri, 01 Mar 1996 01:09:17 -0600 (CDT)

> Is it a flaw in our risk perception where we incorrectly equate
> infrequent==unlikely or infrequent==insignificant?

Perhaps the options should include: c) infrequent==I'll take care of that later; and d) infrequent==It will be someone else's problem.

Having been through the turn of the century problem once already (the 19th century), I've watched the discussions with a certain bemusement. In the early 70's I inherited a system with several accounts that were in arrears since 1895. The key program subtracted the original date from the current one and tried to calculate interest for -24 years.

As might be imagined, it was a government system. A legal fight had been abandoned by both sides, but no one was prepared to write off the charges without a final court decision. The clerks had been dutifully copying the items from ledger to ledger for 75 years.

I applied option (d) and patched around the affected accounts, leaving the proper resolution to _my_ successor. Since then I've applied option (c) more often I'd like to admit. Even though I knew better, human nature is perhaps the biggest risk of all.


Positive feedback and the law of averages (Re: Brader, RISKS-17.80)

John Light <>
Thu, 29 Feb 96 13:08:00 PST

Mark Brader's article "Risks of year-2000 precautions" (RISKS-17.80) is a specific case of a risk that is growing every day.

During a typical day we count on the law of averages treating us reasonably well. For example, not everybody will choose to eat at the restaurant you go to for lunch today. Not everyone will take a sidetrip on the freeway you commute on today. Not everyone will access your favorite web site when you want to use it.

Only recently has news about local events been so readily and quickly available that the law of averages may fail to be a friend. A review of a luncheon special at your restaurant on the net at 10 a.m. could mean that half your town decides to go there for lunch. A mention at 4 p.m. of a store giveaway off your freeway may send half the city on the freeway you need. And a positive review in a magazine of your favorite website may send millions of people to it over a weeks time, making it useless to you.

As our access to timely news about specific future events grows, along with our improving mobility in real and cyber space to take advantage of them, we may be overcome with instant, temporary fads that sweep across the landscape like tsunamis. People who are listened to (e.g., Dyson) will have to be very careful what they say for fear of the effect. In the worst case of the frenzy chasing ephemeral fads, people may die (in collisions and crushes), so self-censorship will become the norm.

The engineering principle of positive feedback can be applied to the time constants involved to predict this risk. And the more tied into cyberspace we all are, the worse it can get. (Of course, this has been covered in the Science Fiction literature, but I can't remember which ones.)

John Light

Re: Risks of year-2000 precautions (Madison, RISKS-17.81)

"Prof. L. P. Levine" <>
Fri, 1 Mar 1996 14:11:43 -0600 (CST)

Some time ago we had a scare about the an oil crisis. People changed their gas buying habits, filling the tank up more often than normal. This alone caused a shortage. Let me illustrate:

Consider a population of 100 million vehicles each with a ten gallon gas tank. Assume that each driver fills the tank when it is empty. This results in 100 million tanks with 5 gallons each or 500 million gallons of gas in a "rolling reserve" of fuel.

Now assume that a shortage is announced and that people fill their tanks when they are half empty rather than when they are empty, after all with a shortage you don't want to run out of gas.

This will result in cars running around with 7.5 gallons of gas in their tanks. The "rolling reserve" now is raised to 750 million gallons. Whatever the situation was when the shortage was proclaimed it is now 250 million gallons worse.

Conclusion, shortages and the hoarding that results will make situations worse or will make bad situations appear where there was nothing to drive them in the first place other than a rumor.

Leonard P. Levine, Professor, Computer Science, Univ. of Wisconsin-Milwaukee Box 784, Milwaukee, WI 53201 1-414-229-5170

Year-2000 question on defensive software tools

Gretchen Herbkersman Dept 5428 <odinba!odin!>
Fri, 1 Mar 96 13:13:30 PST

One of my colleagues is looking for software which will scan code and identify any that might not work, come the year 2000. Having seen discussion in comp.risks about this topic, I wonder if perhaps you might know where we could direct such a question in hopes of an answer--assuming your forum is NOT the place to do it. My colleague has no Internet access at all, and mine is somewhat limited. Any suggestions you might have would be received with gratitude. Please reply by email to [and we hope Gretchen will share her results with RISKS. PGN]


Incorrect ATM menus

Jimmy Aitken <>
29 Feb 1996 15:51:58 -0800

I've just managed to sort out a problem with my Visa credit card here which all stems back to a poorly worded (if not downright wron) menu on an ATM screen.

At work our local credit union have installed an ATM for our convenience. When you go up to it and swipe your card, it brings up menu items, including one that says it can transfer money between accounts. I got my Visa card from the credit union, so this seemed a good way of paying my bill fast and not have to worry about mail delays etc.

I selected "transfer money", "from checking", "to credit card", keyed in the amount and got a receipt for it. All good and well. 2 weeks later I got a letter from Visa saying that I had exceeded my credit limit and they had not received my payment for the last statement. I phoned up the local branch and was informed that the ATM at work, is only for dispensing cash and not other transaction.

My account history doesn't show me trying to take money from my checking account, so if I didn't have the receipt I would have been out in the cold.

If anyone out there works for banks/etc., it would perhaps be a good idea to put code in to say "you can't do that from here..." and *not* issue a receipt that says the amount has been paid.

Jimmy [work] [home]

Online Cyberlaw Workshop

Dick Moores <>
Thursday, February 29, 1996 7:26 AM

[via blanc <> and (Martin Minow)]


Three highly respected law school professors (Professor Larry Lessig, University of Chicago Law School; Professor David Post, Georgetown University Law Center; and Professor Eugene Volokh, UCLA School of Law) have written a *FREE*, online cyberlaw workshop called, appropriately, "CYBERSPACE LAW FOR NONLAWYERS." CYBERSPACE LAW is specifically written
for lay people like you and me, and the workshop's lessons use easy-to-understand English — NOT legalese and Latin!


Actually, yes. The workshop's authors really are writing CYBERSPACE LAW's lessons for educated lay people, *NOT* lawyers.

I took a look at an earlier article written by one of the workshop's professors (Eugene Volokh, "Cheap Speech and What It Will Do", 104 Yale L.J.1805 (1995)), and I have to say that I am quite impressed ... although I have to say that I am quite disappointed that Volokh did not have a single Southern word *anywhere* in his article :)


CYBERSPACE LAW is going to help you learn the basic principles of — and unlearn some common myths about copyright law, free speech law, libel law, privacy law, contract law, and trademark law, as they apply on the Net. Each CYBERSPACE LAW "lesson" should be about the size of an average TOURBUS post (about a page or two), and will e-mailed to you through an e-mail distribution list. The CYBERSPACE LAW workshop will last a couple of weeks, and you'll get two or three letters a week from the authors ... and, best of all, the entire workshop is FREE!


Professor Larry Lessig clerked for U.S. Supreme Court Justice Antonin Scalia, and now teaches constitutional law and the law of cyberspace at the University of Chicago Law School. He's written about law and cyberspace for the Yale Law Journal and the University of Chicago Legal Forum (forthcoming).

Professor David Post practiced computer law for six years, then clerked for U.S. Supreme Court Justice Ruth Bader Ginsburg. He now teaches constitutional law, copyright law, and the law of cyberspace at the Georgetown University Law Center. He's written about law and cyberspace for the University of Chicago Legal Forum (forthcoming) and the Journal of Online Law, and writes a monthly column on law and technology issues for the American Lawyer.

Professor Eugene Volokh worked as a computer programmer for 12 years, and is still partner in a software company that sells the software he wrote for the Hewlett-Packard Series 3000. He clerked for U.S. Supreme Court Justice Sandra Day O'Connor, and now teaches constitutional law and copyright law at the UCLA School of Law. He's written about law and cyberspace for the Yale Law Journal, Stanford Law Review, Michigan Law Review (forthcoming), and the University of Chicago Legal Forum (forthcoming).


The CYBERSPACE LAW workshop probably won't start for a month or so, but you should sign up as soon as you can. To subscribe to the workshop (for FREE!) send an e-mail letter to


with the command

SUBSCRIBE CYBERSPACE-LAW yourfirstname yourlastname

in the body of your e-mail letter, replacing "yourfirstname" and "yourlastname" with your first and last names.

Please report problems with the web pages to the maintainer