Forum on Risks to the Public in Computers and Related Systems
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
Volume 4: Issue 54
Monday, 2 March 1987
Contents
Rockford Illinois Destroyed by Computer!- Chuck Weinstock
- Ma Bell's Daughter Does Dallas
- PGN
- FAA Does Houston
- PGN
- Tempest Puget, or The Sound and the Ferries
- PGN
- Re: proper use of suid
- Jef Poskanzer
- Process Control
- Chuck Weinstock
- Risks in switching to computerized `people meters'
- Bill Janssen
- A lovely algorithm
- Don Lindsay
- Info on RISKS (comp.risks)
Rockford Illinois Destroyed by Computer!
<Chuck.Weinstock@sei.cmu.edu>
2 Mar 1987 19:27-EST
According to the CBS Evening News, the National Weather Service issued a report that Rockford Illinois was destroyed by a killer tornado this morning. The report was picked up by the media and reported as fact. Rockford is still there, the NWS was just testing a new reporting mechanism. The report should not have been issued. The NWS blames faulty computer software.
Ma Bell's Daughter Does Dallas
Peter G. Neumann <Neumann@CSL.SRI.COM>
Mon 2 Mar 87 14:32:52-PST
The Number 4 ESS system in Dallas went down for much of the day on
Wednesday, 25 February 1987, blocking most long-distance calls in and out of
area code 214. Both the main system and the backup system failed. One
smart company was Fidelity Investor Information, which was able to reroute
incoming calls (presumably through an 800 number?) to phone centers in
Boston and Salt Lake City. Multilevel layers of redundancy seem like a
good practice. [Source: Austin American Statesman, 26 Feb 87, p. D11,
courtesy of Steve Smaha, by SnailMail.]
[Although presumably not computer related, a highly toxic fire broke
out at 3 a.m. on 18 Feb 87 in a Brooklyn NY Tel central office, downing
5 exchanges and 41,000 customers. Because of the toxicity levels,
repair personnel were not allowed in the building until after 5 p.m.
During the same week, a Chesapeake & Potomac switching center also
experienced a toxic fire, forcing evacuation on two consecutive days. See
Management Information Systems Week, 23 Feb 87, p. 31 and 54 for details.]
FAA Does Houston
Peter G. Neumann <Neumann@CSL.SRI.COM>
Mon 2 Mar 87 14:39:18-PST
The computer complex at the FAA's en-route traffic control center in Houston went down at 7:13 a.m. on Tuesday, 24 February 1987. Primary radar was restored at 7:45; the manual backup system was in effect throughout the outage. The computer system came back up at 10:40 a.m. Delays of 90 minutes for commercial flights were reported, affecting airports in the surrounding multistate area. [Source: UPI, from SF Chron, 25 Feb 87, p. 3.]
Tempest Puget, or The Sound and the Ferries
Peter G. Neumann <Neumann@CSL.SRI.COM>
Mon 2 Mar 87 15:08:44-PST
In this decade there have been at least a dozen dock crashes in the Puget
Sound ferry system (the largest such system in the USA) that were
attributable to onboard computer failures. The damages for one crash alone
(12 September 1986) cost an estimated $750,000 in repairs to the Whidbey
Island dock. The $17 million mid-sized Issaquah ferries [100 cars, 1200
passengers] came on board in 1980 with the slogan, "Computerized propeller
systems make the ferries more fuel efficient." The state sued the ferry
builder (the now bankrupt Marine Power & Equipment of Seattle), which agreed
to pay $7 million over 10 years. The state's recommendation now is to spend
an extra $3 million cutting 6 ferries over to MANUAL CONTROLS.
[Source: An article by Deeann Glamser in USA Today, 25 Feb 87.]
[It is disappointing that the fix is to bypass the computer systems,
rather than to make them work. Nevertheless, accepting reality is
clearly a good idea. Although they did not have a gift horse in whose
mouth to look, perhaps Seattle still believes in the truth ferry.]
Re: proper use of suid
Jef Poskanzer <unisoft!charming!jef@ucbvax.Berkeley.EDU>
Mon, 2 Mar 87 09:45:06 PST
Proper use of suid is easy to characterize: don't use it, use sgid instead! If you need complete security, set up a separate group for each separate application, make the files it needs access to writable by that group, and you're set. [with sgid] Jef Poskanzer unisoft!jef@ucbvax.Berkeley.Edu ...ucbvax!unisoft!jef
Process Control
<Chuck.Weinstock@sei.cmu.edu>
2 Mar 1987 19:30-EST
I had the good fortune to tour General Electric's Grove City, PA diesel engine manufacturing plant on Friday. The plant manager, who was conducting the tour, was especially proud of the highly automated machine tools and the computerized engine testing cells. They are so confident of the process- control computers' ability to detect problems that the employees in charge of watching the process are allowed to take a break while things keep running. I found this appalling. The fact that the test cells were made of reinforced concrete to shield the rest of the facility from an engine explosion did not make me feel any better. The plant is currently running at less than one third of capacity. I wonder what surprises they are in for if and when it starts running at or near capacity?
Risks in switching to computerized `people meters'
Bill Janssen <janssen@MCC.COM>
Mon, 2 Mar 87 15:50:10 CST
The March 2, 1987, issue of the `New Yorker', has a discussion of `people
meters' in its editorial column. The two major television audience-rating
companies, Nielsen and AGB, are each going to switch from a paper-and-pencil
diary system of recording viewing samples, to an automatic electronic system
that is connected to the viewing family's television sets and VCRs.
There will be some measurement effects: ` ``Here's something that
causes us concern, '' Mr. Dominus (a vice-president of CBS) stated. ``To
install this system, a man has to wire your house. Let's say you've got
two sets and a VCR. He has to literally solder stuff to your equipment.
When you walk into the room and turn on the set, you have to punch in, and
when you go out of the room you punch out. I would say there's a personality
bias toward people with a high-tech style. Now, some people are technology-
adverse -- I'm one of them, so I ought to know. They say, `I don't want to
do this.' How do you adjust for that mind-set?'' '
Apparently the advertising agencies will want `a money-back guarantee that
a given commercial would reach a givena number -- and type -- of viewer.'
The networks, because of the unknown nature of the measurement effects,
want to avoid giving such guarantees, particularly on $3.7G worth of business,
the amount of up-front advertising that was sold last year. They would
like to forego guarantees this next year to `save the networks a fortune
in unfairly assumed risk.'
Toward the end of the article it is revealed that the actual system under
discussion is a `real-time electronic diary', instead of a true `people
meter', which would function in a totally passive way, leaving no room for
human error (such as forgetting to punch in). `Computerized voice
identification' and `miniature radio transmitters built into the family
jewelry' are mentioned as research directions...
Bill
A lovely algorithm
<LINDSAY@TL-20B.ARPA>
Sun 1 Mar 87 22:19:25-EST
Occasionally, one encounters a truly lovely algorithm. Often they can be recognized by their simplicity. A friend of mine discovered such an algorithm on the Burroughs 6700, lo these many years ago. It all came about because he was debugging a database manager. One day, it attempted to use a somewhat random number as in index into a data file. Now, my friend had a budget, and received bills monthly from the computer centre. The next bill was shocking, and in fact, wasn't even believable. He had been charged for more disk space than the centre owned. It was obvious that the billing software didn't really know how large the files were. Instead, the biller trusted each user program to end at the end of its file. In the true spirit of experimental science, my friend changed his program so that it would always finish by accessing at index zero. And indeed, on the next bill, he was charged precisely zero for disk space.
Report problems with the web pages to the maintainer