The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 4 Issue 41

Monday, 22 January 1987


o Audi 5000 recall
Dave Platt
o UK EFT Risks
Brian Randell
o Another Bank Card Horror Story
Dave Wortman
o Stock Market behavior
Rob Horn
o Info on RISKS (comp.risks)

Audi 5000 recall

Dave Platt <dplatt@teknowledge-vaxc.ARPA>
Fri, 16 Jan 87 10:09:47 PST
Audi has announced a total recall of all pre-'87 Audi 5000s equipped with
automatic transmissions.  The recall is an extension of the earlier,
voluntary callback of these cars to equip them with the shift-lock device,
and to inspect and if necessary correct the idle valve.  Audi is not, at
this time, replacing any microprocessor components, nor have they admitted
or agreed that any such replacement is necessary.  

    [The National Highway Traffic Safety Administration has been informed
     of "5 deaths and 271 injuries related to the problem."  PGN]

Air Traffic Control Safety — 1986

Peter G. Neumann <Neumann@CSL.SRI.COM>
Mon 19 Jan 87 20:06:26-PST
SF Chron 15 Jan 87 via Cox News Service:

Reports of near collisions involving commercial aircraft jumped 37.6%
nationwide in 1986...  329 near collisions involving at least one commercial
aircraft...  (239 in 1985) 49 of the 1986 accidents were clasified
"critical", meaning that chance rather than pilot action prevented a
collision...  FAA officials dismiss the notion that the air traffic control
system is not back up to speed.  Agency officials attribute the increase in
part to an improved reporting system, heightened public awareness about air
safety, and increased air traffic.

SF Chron 16 Jan 87, p 25 (UPI):

Air traffic controllers at Southern California's primary radar center
destroyed evidence, falsified reports and lied to investigators to conceal
errors that placed airplanes on collision courses...  [quoting article
from th Orange County Register]  

"On February 16, an 18-passenger Skywest Airlines commuter jet and a six-
passenger private plane were within 3.8 miles of each other and on a
collision course when an air traffic controller reportedly turned off the
computer that was tracking them." ...

"On February 13, a conflict alert signal went off three times, warning a
controller that a 105-passenger DC-9 and a 12-passenger private jet were
within 2.5 miles of each other and on a collision course.   ... the 
controller turned off the alert each time to try to conceal his error."

UK EFT Risks

Brian Randell <>
Mon, 19 Jan 87 13:00:21 gmt
                          EXTENT OF UK EFT RISKS

The Jan 15 issue of Computer News carried an account of a talk by Detective
Inspector John Austen of the Computer Crime Unit at New Scotland Yard which
contained statistics and comments about the use of EFT in the UK, and of the
possible risks due to criminal action. It is contained in a lengthy article
describing a BCS Security Committee Seminar for the National Computer Users'
Forum, held recently in London. I found the following comments, especially
the statistics quoted, particularly interesting/alarming, so thought them
worth reporting to RISKS:

  "EFT now represents 83% of the value of all things paid for - money
  transferred - in Britain. Money, as an invisible export is a major and
  vital part of our GNP. Foreign exchange markets in London transfer $200bn
  daily using EFT via satellite. The transactions take a very short time,
  and once complete there is no calling them back. A lot of people are aware
  of this. And many, both here and abroad, are prepared to steal from EFT
  systems. The rewards are tremendous."

  "Companies, and even the economies of smaller countries, could be crippled
  by a sustained hit on EFT systems. Terrorists, such as the Middle East
  factions, the IRA and the Red Army Faction are particularly aware of this
  - and they need money. The Red aRmy Faction has already, unsuccessfully,
  made moves to intercept EFT in Germany. They and others will try again."

Brian Randell - Computing Laboratory, University of Newcastle upon Tyne

  ARPA  :
  UUCP  : <UK>!ukc!cheviot!brian

Another Bank Card Horror Story

Dave Wortman <>
Mon, 19 Jan 87 10:51:12 est
The automatic teller machines (ATMs) supported by our local bank are fairly
typical. Each customer has a magic card that references a checking account,
a savings account, a credit card and perhaps some other accounts.  These are
called "checking", "savings", "other#1", etc.  The ATM system never
discloses the real account number.  I recently had a very disconcerting run
in with this system.  My bank card and accounts have been in existence for
several years.  Recently I went to my local bank and opened a new account.

Unbeknownst to me, the act of opening a new account changed the designation
of accounts on my bank card.  What had been my primary checking account was
bumped to other#3 and my new account became my primary checking account.
Apparently the bank card uses indirect references since these changes
happened some night without the bank getting their hands on my card.  I do
not know if the problem was a human error in the setting up of my new
account or a programming error in the ATM system software.

I was lucky, the new account I opened happened to be in a foreign 
currency and so the ATMs started rejecting all transactions against
my "checking" account.  I discovered the explanation given above only
after a couple of frustrating weeks and a couple visits to my bank.

Things could have been a lot worse!  If the new account had not
been rejected immediately by the ATM then I might not have discovered 
the problem until the next round of bank statements a month or so hence.
In the meantime my accounts could have become hopelessly fouled up.

Independent of whether my problem was caused by a processing error or
by a software error, I think my experience demonstrates several inadequacies
in the design of the ATM "system".

1. the carefully negotiated interface between the user and the bank should
   NEVER change without the knowledge of both parties.  Normal procedure
   is for it to change only upon written request by the user.

2. There should be a better mechanism for the user to verify that the
   interface defined by the bank card corresponds exactly to the 
   user's expectations.

3. There should be more immediate feedback in the system in the case of
   errors or changes.  Because of the foreign currency problem described
   above, I happened to get a  fairly immediate indication that something was 
   wrong.  In the worst case, I might have not received any indication
   that something was wrong until the first bank statements for the new
   account arrived (typically 1.5 MONTHS).

Stock Market behavior

Rob Horn <wanginst!infinet!rhorn@harvard.HARVARD.EDU>
Thu, 15 Jan 87 22:13:57 est
The impact of computer trading on the stock market, and in particular the
``triple witching hour,'' has not gone unattended by the stock market
directors and regulators.  Their response has shown considerably more
insight into market behavior than might be expected.  They have not
considered computers to be the problem.

The problem of the ``triple witching hour'' is that during a few hours on
the third friday of each third month (typically from 3-4PM) there is an
immense burst of market activity as major participants rearrange their
computer selected portfolios.  (This particular time is triggered by the
expiration time of a key financial component in these ``computer based''
trades.)  Before these trading programs, hearing that someone needs to sell
100,000 shares of IBM quick, like in the next 5 minutes, meant that there
was a major problem at IBM.  Many people still react in panic when they hear
such news.  These habits and expectations where being greatly shocked by
massive shifts like this which merely reflected trivial adjustments between
stock prices and interest rates.

For the previous two witching hours, and for the forseeable future, market
makers are now required to publish their required major stock trades several
hours in advance on these Fridays.  This gives all the other participants
time to evaluate the trades and determine what they mean.  It also seems to
be working.  Both Friday's had trading volumes just as huge as other such
Fridays, but did not suffer from the sudden pricing shocks.  Prices were
quite well behaved with no unusual changes.

Based on prior behavior the odds that two in a row would be this orderly is
between 10-20%.  March really tell whether this added information flow is
really all that is necessary for the stock market participants to properly
interpret the meanings of these massive stock trades.  It does look promising.

                Rob  Horn
    UUCP:   ...{decvax, seismo!harvard}!wanginst!infinet!rhorn
    Snail:  Infinet,  40 High St., North Andover, MA

Please report problems with the web pages to the maintainer