Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
From the Los Angeles Times, August 15 1986, page 2: A computer error caused California's check-writing system to issue $4 million in interest-payment checks to bondholders who hold a type of bond on which no such payments were due. Deputy state Treasurer Liz Whitney explained that those bonds are of the "zero coupon" type, which are held for a period of years and redeemed with accumulated interest at maturity rather than bearing interest on a monthly or yearly basis. The treasurer's office learned of the error last Friday, she said, when a recipient inquired about the check's validity, and stop-payment orders were issued. By Wednesday, all but a few checks totaling $33,000 had been recovered. No further details are given about the nature of the computer error. — Rodney Hoffman
From the San Francisco Chronicle, Friday 15 August 1986: POLICE SAY ARRESTS IN MARIN SMASHED HIGH-TECH SEX RING by Torri Minton and Katy Butler A sophisticated prostitution ring that kept computerized records on more than 12,000 patrons has been broken after a three-month investigation, authorities in San Jose said yesterday. The ring, known as EE&L Enterprises, collected $3.5 million a year dispatching at least 117 prostitutes by electronic beeper to cities all over Northern California from a computerized command center in San Rafael, according to San Jose vice Lieutenant Joe Brockman. ``It's a top-class operation — the largest prostitution ring, to our knowledge, in Northern California," Brockman said. He said that the business took in more than $25 million during the eight years it was in business... Records seized by police ... included customers' names, telephone numbers, credit card numbers, sexual preferences and comments by the prostitutes... The office was equipped with four desks, several IBM computers, a photocopier, a paper shredder and a wall poster announcing that ``Reality is nothing but a collective hunch.'' On-line SuperCalifornication?
[This is included because so many of you do not seem to know the Cohen reference. PGN Robert Stroud references a paper by Fred Cohen on "Computer Viruses." The full text of the paper can be found in several public souces. The most available for US readers is the minutes of the 7th DoD/NBS Computer Security Conference, Sept 24-26, 1984, pages 240-263. The paper is not exclusively concerned with any one particular operating system. It defines a "virus" as "a program that can infect other programs by modifying them to include a possibly evolved copy of itself." The paper references Ken Thompson's acceptance speech on the Turing Award, "Reflections on Trusting Trust," which was published in the August 1984 "Communications of the ACM." The reference, however, is only for purposes of illustrating what Fred proposes is a "limited" virus. [That paper includes the wonderful C compiler Trojan horse lurking in wait for the next recompilation of the UNIX LOGIN procedure. PGN] A close reading of the paper would reveal that very specific factors have to exist for a "virus" to become "virulent." The most interesting facet of the paper is really the question it raises as to whether the Bell-LaPadula and the Biba models on mathematically defining "secure systems" even addresses the potential of a "virus" attack.
Another paper by Fred Cohen is "Recent Results in Computer Viruses", written while at Lehigh University. The copy I have does not have a date on it, but I believe it was written sometime around the spring of 1985. Anybody else know of any good, technical papers on the subject? Paul
If anyone wants to read an interesting science fiction book about computer viruses (and things of that ilk) try reading John Brunner's "Shockwave Rider." Briefly, it's about a man who puts computer viruses into the worldwide data banks, enabling him to do all sorts of illegal things such as change identities. Quite interesting, at least from the viewpoint of computer security! Matt Bishop [I think we included mention of "Shockwave Rider" in RISK long ago. However, with the interest in viruses and our large number of new readers, I am not trying to avoid all duplication — especially with the distant past. PGN]
Those who fly regularly will be somewhat relieved to note that all terminals of the ARTS and NAS systems, except master consoles (and a few others hardwired straight into the machine and on site) are limited in what they can input, nor can they escape the ATC program. Furthermore, I am not aware of any means whereby employees can access any of the FAA's computers from other than known sites. This also explains why there are so few ATC's on any net, despite the large amount of computer work associated with the job today. DM [Beware of Trojan horses bearing gifts that look like sound programs, officially installed through proper channels. There is also the problem of accidental viruses such as the ARPANET collapse of 27 October 1980. (See Eric Rosen's fine article in the ACM Software Engineering Notes 6 1 Jan 81, for those of you who have not seen it before.) PGN]
[From: Davidsen <davidsen%kbsvax@kbsvax.tcp-ip>] I would call a 2% clean failure rate a success. If the two intersections had failed in an unsafe mode, such as green in both directions, it would not have been acceptable. If the lights had "stuck" showing green one way and red the other, it could have caused severe delays. For the light to cleanly go out is probably acceptable. Most drivers seeing a light with no signal showing will use adequate caution to prevent accidents. -bill davidsen ihnp4!seismo!rochester!steinmetz!--\ \ unirot ------------->---> crdos1!davidsen chinet ------/ sixhub ---------------------/ (davidsen@ge-crd.ARPA) "Stupidity, like virtue, is its own reward"
Please report problems with the web pages to the maintainer