The RISKS Digest
Volume 4 Issue 46

Monday, 9th February 1987

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…


o TV-program on PBS: NOVA - Why Planes Crash
Werner Uhrig
Michael Harris
o Electronic steering
Steve McLafferty
o Senior to Repay Bank 25,000 Dollars
Steve Thompson
o Recursive risks in computer design
o Library Failure
Chuck Weinstock
o CP-6 time warp update (the true story)
John Joseph via Paul Higgins
o Glitch in the Computers and Society Digest mailing list...
Dave Taylor
o More on British Phone fraud
Will Martin
o Wall Street Journal article on Risks
Jerome H. Saltzer
o Info on RISKS (comp.risks)

TV-program on PBS: NOVA - Why Planes Crash

Tue 3 Feb 87 23:18:43-CST
I just saw this program tonight on the local PBS-station here in Austin, TX
and would like to call your attention to it, as it may air later in your
area (or as a daytime repeat later this week, as here in Austin).

It contained the most up-to-date and reasonable analysis and report of
airline crashes in recent years I am aware of.  It points out that human
errors (mostly by the pilots) are the leading factors of these accidents
and it reports on the programs major carriers have currently in operation
that try to reduce this (mainly having to do with Flight Deck Management
and Human Factors in the cockpit).

One item that I found particularly interesting was a statement to the effect
that the Automatic Pilot may well have been a contributing factor in several
incidents, as the crew tended to trust the "computers" to the point to where
they neglected to monitor the flight situation sufficiently and avoidable
fatal accidents were the consequence.  Examples included the case of a Chinese
airliner crossing the Pacific on Auto-Pilot were one engine went out and the
crew seemed not to notice in time to avoid entering a 6-mile, near-fatal
dive,  the crash of a liner near Miami, where the crew was occupied trying
to analyze a burnt-out light-bulb of the "gear-down indicator", flying the
plane on auto-pilot, unaware that, for reasons unknown, it did not hold the
2,000 feet altitude, even ignoring the warning buzzers until a few seconds
before the end in the Everglade swamps.  The shooting-down of the Korean
airliner was also cited as an event were an incorrect data-entry and sloppy
supervision procedures may have been the beginning of the end.

Re: TV-program on PBS: NOVA - Why Planes Crash

6 Feb 1987 14:21-EST
Some comments on "Why Planes Crash":

The program is not without virtues.  But it suffers from the same sort
of inaccuracies, omissions and misrepresentations seen frequently in
such unthinkable contexts as recent New York Times articles, and will
probably do further damage to the image of aviation.

Example:  "Most accidents are caused by Pilot Error."  Pilot Error is
often a NTSB euphemism for "we don't know what happened."  In fact,
the last episode of the program, concerning the Delta L-1011 accident
in Dallas, makes the points that NTSB decisions are often driven by
politics, not safety per se, and that in this case "Pilot Error" was
added to the causality findings of weather and controller/radar operator
negligence so as to allow a "unanimous" decision to be announced --
leaving even my elderly parents wondering:  if the microburst was
so severe as to be unflyable (according to NCAR's McCarthy), and if
its potential presence was not reported by the only people who could
have known about it, how could it be the pilots' fault?  "Too bad about
the pilots' reputations, but we gotta look good on camera..."

The program did little to assure me that anyone out there understands
the real problems and their possible solutions:  too few competent
controllers, failure to adapt useful technology (like Geostar-based
position monitoring for collision avoidance), and FAA policies clearly
dictated by political motives (e.g., the desire to control ALL airspace
from the ground, thereby maximizing the FAA employee count & budget).

It would have been nice to see the point made that 1986 was one of the
safest years EVER for U. S. aviation.  'Nuff said.

-- Michael Harris   CFI

Electronic steering

Steve McLafferty <ssm%munsell.UUCP@talcott.HARVARD.EDU>
Wed, 4 Feb 87 12:02:50 EST
I, like many other readers of this forum, have become concerned about the
increasing use of computers in our automobiles.  I wonder about the
increasing number of cars whose idle speed can go crazy due to a software
bug.  I have my doubts at times as to whether anti-lock brake systems are
really failsafe, as their makers allege.

However, this week my concerns have turned into outright fear.  Featured in
the cover story of the February 2, 1987 issue of _AutoWeek_ magazine is a
show car made by Pontiac, called the Pursuit.  Unlike most cars made for
auto shows, which are mostly exercises in styling, the Pursuit is a fully
functional concept car.  It features such goodies as full-time all wheel
drive, active suspension with adjustable ride height, CRT instrumentation, etc.

The killer (pun intended) is the electronic four-wheel steering.  There is
no mechanical connection whatsoever between the steering wheel and the
steering gearboxes! Two 24 volt battery-powered electric motors are
responsible for turning the front and rear wheels.  The article only
mentions "electronics" for control, but presumably a microprocessor is
involved.  It is Pontiac's intent that many or all of the features of the
Pursuit be incorporated in production vehicles by sometime in the 1990's,
including the "steer-by-wire" system.

Steven McLafferty  Eikonix Corp  Bedford, Mass  (617) 663-2115 x468

Article: Senior to Repay Bank 25,000 Dollars

Wed, 4 Feb 1987 13:10:31 EST
An article in the Feb.  2, 1987 Brown (University) Daily Herald (Providence,
RI) describes an incident in which a Brown senior's account was "accidentally
credited" 25,000 dollars last September by Citizens Bank located in Providence.

The article continues with information credited to the Providence (RI)
Journal:  (I have deleted the student's name.)

  According to the *Journal*, bank officials gave police the following account
  of the events:  Approximately $4,000 was wired to [the student's] account on
  September 3.  At about the same time, the bank said, $25,000 came into
  another customer's account.  Due to an accounting mistake, the $25,000 was
  accidentally credited to [the student's] account.

The student claimed he thought his parents had wired the large amount of
money to him.  If he returns the amount, police will 'probably' drop all
criminal charges.  The student has spent a large portion of the money, but
he said that he still planned to repay the bank.

I wondered what the phrase "accounting mistake" might mean, so I called
Citizens Bank to see what I might learn.  (I also wanted to give them a
chance to give their side of things for this posting.)

As might be expected, a bank official was not excited about going into any
detail about their mistake.  I spoke with someone in (computer?)  Security,
who was very hesitant about speaking with me.  All he would say was that if
I thought the problem was computer-related, I was "heading in the wrong

There is, as yet, no evidence that the error *was* computer-related, but
"account mistake" is so vague that I can't help worrying...

And then there is the question of whether using money that you have been
mistakenly given is illegal or not, and why.  But best not to discuss that
here, I guess...


Recursive risks in computer design

4 Feb 87 13:48 PST
Date: Tue,  3 Feb 87 16:27:34 PST
Subject: Praise or attack?
To: Whimsy^.x

Open-Apple, Feb '87 mentions a Wall Street Journal article...

Recently, Apple Computer Inc. purchased a $14.5 Cray Research supercomputer
to aid in the design of their next-generation Apple computers.

John Rollwagen, Cray Research Inc. chief executive, told Seymour Cray about
how Apple was using their newly purchased Cray supercomputer.  "There was a
pause on the other end of the line, and Seymour said `That's interesting,
because I'm designing the next Cray with an Apple.'"

Library Failure

3 Feb 1987 10:05-EST
On Sunday CMU's computer center was shutdown due to an electrical
failure.  The failure was bad enough that power was not restored to the
building until sometime on Monday.  Workers in that building were sent
home until Tuesday.

The CMU library has totally computerized its catalog.  This is really
neat because it lets me search for books and other goodies from my
office instead of trekking over to campus for nothing.

On Monday, of course, the library catalog was not operational.  A talk
with the reference librarian confirmed my fears: the card catalog has
not been kept up to date and, in fact, will eventually be discarded.

I wonder if the power failure will convince them not to put all their
eggs in the computer basket?

CP-6 time warp update (the true story)

Tue, 3-FEB-1987 10:27 PST
I received a phone call from John Joseph at Honeywell's Los Angeles
Development Center (the home of CP-6) yesterday.  He clarified some points
about my recent posting about the problem with the Front End Processor (FEP)
Universal Time Stamp (UTS).  I asked him to send me a written explanation
to ensure that I got the facts straight.

I apologize if it appeared that I was criticizing Honeywell or its employees.
During my time at Honeywell LADC, I found the staff there to be very competent
and concerned with customer satisfaction.

Paul Higgins, Computing Facility, University of California, Irvine

Here's John Joseph's message, in its entirety:

  Not to slight your mention of, and interest in, the "signed UTS" problem, I
  do have a minor correction to make to your analysis of the underlying
  problem.  Your RISKs BB entry states something akin to:  "the UTS word
  appears to have been declared as a signed number rather than an unsigned
  one".  While that may be an obvious conclusion, based on the symptoms, it is
  not necessarily true, and casts doubt on the competence of the responsible
  programmer.  The programmer did indeed declare the UTS as an unsigned value.
  The CP-6 host-based cross compiler that generated the code for the FEP
  generated what it could for the CP-6 FEP, namely, signed instructions, since
  the extended arithmetic mode of the CP-6 FEP can only do signed
  instructions.  It generated these instructions without actually generating a
  diagnostic (warning) message for the programmer.  E.g.  the programmer
  probably thought he was doing it "right".  In fact, all the criticism at the
  development center focused on the apparent oversight of the compiler
  programmer (which had its defendants, too).  As a side note, the FEP could
  probably have executed some instructions to handle this situation properly,
  had Honeywell required its users to purchase a "Scientific Instruction
  Processor" (functionally equivalent to an 8087 upgrade for a PC), at $3000.
  At that price, it's generally less than 5% of a total FEP purchase.  Rather
  than force that upgrade, a decision was made to use the existing "Commercial
  Instructions Processor" (CIP) for extended airthmetic.  With the
  unfortunate, but obvious results.

  So, just to correct the record, I know the UTS problem was NOT a problem
  of a programmer declaring a datum incorrectly.  There are a myriad of other,
  insidious, underlying problems that contributed to that appearance.

Dave Taylor <taylor%hpldat@hplabs.HP.COM>, risks-request@sri-csl, jlarson@xerox
Date: Wed, 4 Feb 87 17:49:07 PST
Subject: Glitch in the Computers and Society Digest mailing list...

Last week while I was in Washington D.C. for a conference my "/usr"
disk crashed and destroyed all the data on the disk.  This unfortunately
included the entire mailing list for the Computers and Society Digest,
so I now have stuff to mail, and no-one to mail it to!  

If you were on the list, or if you're interested in joining, please 
send me mail so I can rebuild it.  Furthermore, if you know of any
friends or others that were receiving the list...

(I remember having company burst points for BBN, SRI, Xerox, CMU, and
 some others, but not the actual addresses.)

This is all very frustrating, as you might suspect, so a slight sense of
humour during this rebuilding process would be greatly appreciated too!

                    — Dave Taylor

    reputed moderator of The Computers and Society Digest

More on British Phone fraud

Will Martin — AMXAL-RI <wmartin@ALMSA-1.ARPA>
Tue, 3 Feb 87 15:22:16 CST
Just as a brief followup to the recent discussions of British PhoneCard 
toll fraud, I heard a news item on a BBC World Service "News about Britain"
program a couple days ago that a number of the staff at British Telecom
have been charged with complicity in a toll-fraud scheme. This was only
a sentence or two, giving no detail, but the fraud seemed to be plain human
criminality, with no computerized aspects. Included amongst those charged
were some operators; it appeared that the fraud was simple actions like
not reporting for billing calls the operators handled. Perhaps someone
on the list(s) with access to British media can post more details.

Regards, Will Martin

Wall Street Journal article on Risks

Jerome H. Saltzer <Saltzer@ATHENA.MIT.EDU>
Tue, 3 Feb 87 10:20:32 EST
The East Coast edition of the Wall Street Journal, on Wednesday January 28,
1987, contains a front page leader article headlined "As Complexity Rises,
Tiny Flaws in Software Pose a Growing Threat."  ...  Most of the examples
reported in the article have already appeared in Risks, but as a summary
report to a wider audience, it is quite readable.

If you look for the article any place but the East Coast edition, be warned
that different editions of the WSJ often run leader articles on different days.


Please report problems with the web pages to the maintainer