The RISKS Digest
Volume 2 Issue 07

Thursday, 6th February 1986

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…


o The lesson of Challenger
Barry Shein
o Mistaken Arrest due to computer error
Steve Rabin
o Denial of [Religious] Service
Chris Guthrie
o Earthquake Monitoring Systems
Gary T. Leavens
o Mice & CRT Radiation
Ted Shapin
o SRBs, What the Computers Should Monitor, and Expert Systems?
Jim Giles
o Redundancy in the Shuttle's Computers
K. Richard Magill
o Nuclear Cargo in the Shuttle
Larry Shilkoff
o Software Protection Symposium
Barbara Zayas
o Info on RISKS (comp.risks)

The lesson of Challenger

Barry Shein <bzs%bostonu.csnet@CSNET-RELAY.ARPA>
Tue, 4 Feb 86 22:39:47 EST
Although this is a very sad event, it would be sadder if we would refuse to
learn from it.

Seven people were killed in this disaster, and billions of dollars of
equipment, but the rest of us will survive. The lesson is the limit of faith
we should put into our technology. I believe we should continue, that in
many ways we have been too cautious and should heed the pioneering spirit we
all feel, even if the pioneers put themselves at risk. Individuals should be
allowed to risk something to gain something, they should be encouraged,
applauded and honored for their sacrifices, if need be.

It is quite another thing to think that such systems can be relied upon
to end the current nuclear nightmare, that in these technologies we
will find strengths that we cannot find in ourselves at a bargaining
table. In this case, we risk far too much.

The technology will fail, we should expect that and have the courage
to take chances where there is something to learn. Only a fool or a
madman would risk an entire civilization's fate on a gadget.

Let's continue into space, with all due speed. But let's also stop thinking
that nations (people!) will settle their differences with gadgets.  The
philosopher's stone for human relations just doesn't exist.

    -Barry Shein, Boston University

Mistaken Arrest due to computer error

Steve Rabin <>
Sun, 26 Jan 86 02:25:03 PST
Thursday night I was mistakenly arrested by a Pasadena police patrol due to
a computer error.  I spent two hours in a smelly holding cell while my
friends collected bail.  $130.50 Cash.  Exact change please.

When I appeared in court Friday morning with proof that the ticket had in
fact been paid in February of 1984, the case against me was dismissed.

In conversation with the court clerk and with the police officers who
processed me I learned that mistakes like this are not uncommon, and that
the safest thing for me to due is to keep the 1984 receipt on my person
at all times.  One friendly officer said "In processing these (warrant
dismissals), the paperwork goes through so many hands that if anyone
drops the ball there is no way to tell what happened."

It appears I have a good case against the City & County of LA ("failure to
properly document computer system"), and the City of Pasadena ("improper
stop and use of excessive force by arresting officer").  The excessive force
claim arises because the officer physically prevented my departure after I
had identified myself and before the information about the bogus warrant
came over the radio.  He is not supposed to do this.  There may be an
additional case against Pasadena if in fact the statute on the original
offense (jay walking in 1981) had expired.

Do any of you high powered legal types have any insights on my case?  Do any
of you folks know good, reasonably priced lawyers in the LA area with whom
you have had personal experience?  Have their been any problems with Chas. &
Angelique Johnson, attys?  I am also looking for a good patent lawyer, so if
you know/are one please write me.

My interest in this news group (until now) has been focused on copyright &
software marketing issues.  I am a grad student in Computer Science at
Caltech.  Hobbies include science fiction, the tunes of Garcia/Hunter, and
long distance running.  I would like to do triathalons too but my swimming
is weak.  Pleased to meet you all.

("I won't do it again!  Honest!")
(I thank you for your patience)    stever@{,}

        [For those of you who have not read RISKS back to 4 September 1985,
         RISKS-1.5 contains several related items, another in RISKS-1.20.  PGN]

Denial of [Religious] Service

Chris Guthrie <chris%ic%BERKELEY.EDU@nrl-css>
Tue, 31 Dec 85 20:55:34 PST
    [This is an old item, but had not previously been reported here.
     The denial-of-service problem is very widespread, and presents much
     greater risks than most of us realize.  PGN]

Reprinted from the Sacramento Bee:


    A self-employed computer whiz in Atlanta is under orders from a
telephone company to stop making harassing computerized calls to the
Rev. Jerry Falwell's toll-free tithing line.
    Officials of Southern Bell said they would yank Edward Johnson's
service if he didn't unhook his phone from a computer that automatically
dials Falwell's "Old Time Gospel Hour" every 30 seconds, tying up the
line and annoying the operators.
    Falwell aides said they would take legal action against him.
    Johnson's computer has been making the calls to the Lynchburg, Va.,
line day and night since April.  Officials estimated that the computer
has made 500,000 calls to Falwell's line.
    Johnson, 46, a computer analyst who said he wants to bog down Falwell's
fund-raising operations and hurt the organization's morale, maintained that
he is not impressed by the threats.  He said he is considering moving his
computer to a friend's telephone to continue the campaign.
    Falwell aides said they would take legal action against Johnson, who
started his crusade against Falwell after his mother "almost gave the
family farm away" to the television evangelist.
    Mark DeMoss, a Falwell assistant, said Falwell has lost a dollar for
every call Johnson's computer has made.
    "We do plan legal action," DeMoss said.  "Naturally toll-free calls
in that quantity would constitute a pretty significant expense for us."
    Johnson's crusade stopped Friday at 11 a.m. when a Southern Bell
security agent, acting on a complaint from Falwell's organization, called
Johnson and ordered him to unhook his computer from his phone or lose
his telephone service.

Earthquake Monitoring Systems

Gary T. Leavens <GTL@XX.LCS.MIT.EDU>
Thu 6 Feb 86 12:38:18-EST
    I recently read an article in CACM about two earthquake monitoring
networks in California.  Presumably they are designed to withstand a major
earthquake so they can perform their data collection functions, etc.  Does
anyone know if they really are designed to function during a major earthquake?
If so, what design considerations were used?

Re: Mice & CRT Radiation

Wed 5 Feb 86 12:10:43-PST
John Ott, the pioneer in time lapse photography, published a paperback book
"Health and Light" about 10 years ago.  In it he mentioned his observations
on the negative effects on the health of mice exposed to a color CRT, even
when the screen was covered with black cardboard.
I don't recall any more than that.

        [For those of you who were not reading RISKS back in September,
         RISKS-1.6 had a lengthy piece by Al Friend on the CRT subject,
         plus some other comments in RISKS-1.5.  However, Dan Hoey's
         query in RISKS-2.2 asked about a recent Swedish study.
         Apparently no one had seen it.  PGN]

SRBs, What the Computers Should Monitor, and Expert Systems?

Jim Giles <jlg%a@LANL.ARPA>
Thu, 6 Feb 86 18:20:33 mst
In RISKS-2.5, Sean Malloy writes:
 >One of the points that was brought up during the broadcasts the day of the
 >disaster was that the telemetry tapes were going to have to be analyzed to
 >determine if there was any indication as to what happened.  The temperature
 >data for the external tank was specifically mentioned as one of the
 >telemetry streams that was NOT fed to a display in either the launch control
 >area or Mission Control. The NASA spokesman explained that there was so much
 >information coming in that a decision had to be made to limit what the
 >launch control personnel had to pay attention to.

Has Expert System Technology been thought of as a fix for this
problem?  It would seem that a really fast computer (or several) could
monitor all those inputs which aren't under the direction of human
flight controllers and could be set to pop up warnings for any
conditions that are unacceptably peculiar.  The human flight controllers
would still have the final word on what to do, the computer would just
be there to watch those things that the staff normally can't.  Are
expert systems yet advanced enough to make this worthwhile?  If so,
are any being used?

In the Challenger case, there was a 4% loss of thrust in the SRB about
15 seconds before the explosion.  If this had been correlated with a
temperature rise in the ET or some other anomaly that indicated possible
SRB burnthru, there might possible have been warning of the problem.
An expert system might have been able to correlate several minor
readings that together formed a pattern of SRB failure.  A succinct
display of the information together with the machine's conclusion
could have been given to one of the controllers.

Of course, it is possible that the telemetry tapes contain no information
that would have helped - even if it were monitored.  Abort before the
SRBs stop firing is (I'm told) a risky thing anyway, so advance warning
may not have been of much value.

J. Giles
Los Alamos

Mon, 3 Feb 86 18:39:32 est
      <K. Richard Magill>
To: decvax!risks
Subject: Redundancy in the Shuttle's Computers
Organization: Roadway Express, Akron, OH

>From: Mark S. Day <MDAY@XX.LCS.MIT.EDU>
>Subject: Redundancy in the Shuttle's Computers

>A submission in RISKS-2.2 was concerned about a Stratus-like comparator
>mechanism being a single point of failure in the Space Shuttle's operations.
>However, the space shuttle's redundant set doesn't use a comparator
>mechanism.  Instead, the actuators are controlled by a hydraulic
>"force-fight" mechanism, with each computer sending independent commands on
>independent buses.  If one computer of four fails, the other three can exert
>enough force to overpower its (presumably bad) commands.  If this pressure
>differential persists for long enough, the overpowered one is hydraulically

How is a *single* hydraulic comparator any different than a digital
"force-fight" mechanism?

K. Richard Magill
(don't know my address from arpa, maybe rexago1!rich%Case@csnet-relay
 or rexago1!rich@case.csnet)

Nuclear Cargo in the Shuttle

Thu, 6 Feb 86 14:46 PST
An article in the L.A. Times of Feb. 6, 1986 discusses the dangers of
carrying nuclear cargo in the shuttle. The article states:

The Energy Department contends that the protective shell around the
plutonium would withstand explosive pressures up to 2,200 psi, and that
the shuttle explosion appears to be less than 2,200 psi.  According to a
NASA-produced safety analysis report on the Galileo and Ulysses projects,
... a blast caused by activating the spacecraft's "command
destruct" mechanisms' explosive devices attached to the large external tank
and suspected of being detonated by Challenger's leaking solid rocket
booster would produce a burst of pressure ranging from 740 to 7,800 psi. If
a shuttle fails to get off the pad and topples over, even greater explosive
pressure could be generated...possibly as high as from 2,000 to 19,600 psi.

      [By the way, this morning's SF Chron indicates the destruct charges
       for the external tank were found intact.  PGN]

Software Protection Symposium

Friday, 17 January 1986 13:41:46 EST
Software Protection Symposium
To Be Held in Pittsburgh 4-5 April 1986

PITTSBURGH — "The Future of Software Protection", a two-day symposium
scheduled for 4-5 April 1986, will bring prominent legal scholars and others
together to discuss one of the most crucial and controversial legal issues
of the day.  The symposium is jointly sponsored by the Software Engineering
Institute and the University of Pittsburgh Law Review.  The program will
focus on intellectual property law and whether it can evolve to provide
adequate protection for software.

Topics to be discussed during the one and a half days include patent
protection for algorithms, simultaneous copyright/trade secret protection,
scope of fair use in copyright cases, ownership rights in computer generated
works, and sui generis protection for software without legislation.
Discussion on the second day will center on the Department of Defense's
software procurement policy.

The registration fee of $100 includes the University of Pittsburgh Law
Review issue in which articles by the major speakers will be published.
For further information, please contact Carol Biesecker, [412] 268-7786.

Please report problems with the web pages to the maintainer