The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 4 Issue 87

Wednesday, 20 May 1987

Contents

o Computer Libel: A New Legal Battlefield
PGN from Digital Review
o Electric chair tested by car insurer
Bill Fisher from Machine Design
o Computers and Open Meetings laws
Barbara Zanzig
o Re: Phalanx
Chuck Weinstock
o Choosing a password
Jonathan Bowen
o Re: Passwords, thefts
Michael Wagner
o Nuclear Plant Emergency Plan: In Event of Quake, Smash Toilets
UPI via Don Hopkins
Michael Grant
and Geoff Goodfellow
o Info on RISKS (comp.risks)

Computer Libel: A New Legal Battlefield

Peter G. Neumann <Neumann@CSL.SRI.COM>
Tue 19 May 87 17:32:02-PDT
DIGITAL REVIEW, 18 May 1987, p. 72 [although the page is unnumbered]

  ... databases inherently carry a high risk of error.  Information can
  be altered or partially deleted through inadvertent mistakes or deliberate
  manipulation.  Abstracts of data can be misinterpreted, especially when
  taken out of context.  Failuer to update a database periodicaly can result
  in the dissemination of incorrect information about a company or an
  individual.  And hardware and software malfunctions can compound all these
  problems.

  Here are a few examples of the havoc an erroneous computer search can cause:

  * A computer analysis of several thousand New York welfare recipients found
  that more than 20 percent were working.  On the surface, this seemed like a
  violation of state law.  But a second check disclosed that more than half of
  those individuals had been authorized to work while receiving welfare
  benefits.  Apparently their files had not been updated.

  * A Dallas executive traveling on business in New Orleans was stopped by
  police for a minor traffic infraction.  When the computer wrongly flagged him
  as an escaped convict, he was arrested and jailed.  It took a week to
  correct the error.

  * A New York electronics manufacturer, ready to close on a $2 million  
  contract, was taken aback when the banks refused to give him the needed
  loans.  It turned out that a financial check had mistakenly shown his
  company to be bankrupt.

The article discusses the Supreme Court ruling on Dun & Bradstreet vs. 
Greenmoss Builders, in which D&B had falsely reported that GB was broke.
The Supreme Court upheld the Vermont decision against D&B.  The article
goes on to consider some other legal issues.

  This means that information vendors can no longer use the following 
  rationales to wriggle out of paying for their errors:

    Free speech umbrella.  Although data vendors have a First Amendment right
  to free speech, they also have an obligation to ensure that the information
  they research and disseminate is accurate.

    Public interest argument.  The courts have long acknowledged that everyone
  has a right to comment on matters of public concern.  But they also have 
  noted that information on the private finances of companies and
  individuals, unless they seek the limelight, is not of public interest.

    "Chilling effect" standard.  The need for a free exchange of ideas demands
  that we occasionally tolerate the foibles of the press, as long as there
  is no malice.  The media have argued that to do otherwise would have a 
  "chilling effect" on reporting.  The courts, however, have not extended
  this argument to data vendors.

    Public domain argument.  It is quite well known that government agencies
  engage in periodic fishing expeditions, matching data and peeking through
  giant data banks to ferret out criminal activity.  But private data
  vendors don't have the government's license to snoop.  In fact, they must
  comply with state and federal privacy laws when conducting such searches,
  and if they err, they are accountable.


Electric chair tested by car insurer

<bfisher.ES@Xerox.COM>
20 May 87 15:17:18 PDT (Wednesday)
This is from the Design International column of MACHINE DESIGN of 3/26.

An electric chair designed to help prevent car theft has been teamed with an
electronic alarm and tested by a leading Swedish insurance company, Skandia of
Stockholm. Built-in electric cables are activated after the alarm has sounded 
four times. The shock transmitted to the person in the driver's seat is about
9kV at an inductive current of 65uA. Although unpleasant, the shock is not
harmful even to people suffering from heart ailments, according to the company.

(Clockwork Orange is alive and well??!!)
                                                  Bill Fisher


Computers and Open Meetings laws

Barbara Zanzig <barbaraz%hawkeye.gwd.tek.com@RELAY.CS.NET>
Wed, 20 May 87 11:03:39 PDT
I've never seen anything like this appear in either Risks or comp.society,
so I'm sending this along to both.

An editorial in The (Portland) Oregonian:

OPENNESS RESISTS CHIPPING

Oregon is inching toward truly interactive local government.  The Gresham
City Council has voted to supply its members with computer terminals in
their homes, to enable them to do research in the city's system at any
time.

Providing unpaid elected officials with the tools to do their job better
is easily worth the $6,000 appropriated for this purpose.  But in a state
with a strong Open Meetings Law and Open Records Law, does technology now
require an Open Electronic Impulses Law?

The Gresham computer system, like many others, permits users to send
messages to other users.  Anyone with a modicum of conspiracy theory can
easily imagine a quorum of the City Council logged on to their computers
together, busily conducting city business beyond the prying eyes of those
without user codes.

Gresham officials realize the risks involved.  Even if city residents
cannot gain access to the system, the information in it still belongs to
them.  And since a private conference call among a council quorum is
illegal, a computer caucus would equally constitute an access violation.

"What goes in is something we're concerned about, and I will probably
advise them to be conservative," says City Attorney Tom Sponsler.  "For
council members to communicate, with a quorum, on how they feel about
policy is not appropriate, and I will so advise them."

Sponsler thinks there is a greater potential for violations of the Open
Records Law than the Open Meetings Law.  "Anything of any substance," he
advises, "should not exist only online."  Members should also remember, as
Lt. Col. Oliver North could remind them, that anything put into a system
can later be pulled out of the system.

City Manager Wally Douthwaite expects that before the system goes on line,
Gresham will need a written policy on its use.  The need for clarification
may not stop there.

"There may be a time when computer use will be so universal that we will
need to take another look at the law," says Oregon Attorney General Dave
Frohnmayer.  "The Open Meetings Law was not designed for this technology."

The rules, Frohnmayer and Sponsler agree, should be clear.  Providing
information by computer is fine; debating and negotiating electronically
slips into silicon secrecy.

If the legal principle is clear, the technology should be able to follow.
All that is needed by Gresham - and the cities that will doubtless follow
its example - is a package of Open Meeting Software.

And people who understand its importance.

***[end of editorial]

I spoke to the reporter who covered the story, and he said it was an
email system, not an interactive conferencing system.  He thought they'd
be using a VAX 220 (?), and didn't know which operating system.

Barbara Zanzig
{major backbone sites}!tektronix!tekecs!barbaraz
barbaraz@tekecs.tek.com


Re: Phalanx

<Chuck.Weinstock@sei.cmu.edu>
19 May 1987 09:18-EDT
If the defense weapons were not reliable enough to keep on all of the time,
that should tell us all a lot about the chances for Star Wars to succeed (as
if we didn't know already!)

      [There is a serious lesson about perpetual readiness when nothing ever 
      seems to be happening.  Too often there appears to be no urgent need to 
      worry  about some particular event, because it has never happened 
      before.  Someone on board was quoted as saying exactly that -- no one 
      had ever fired anything directly at them before, and therefore it seemed 
      quite reasonable to expect that this time was no different.  Crying
      "wolf" is bad, but not recognizing the wolf (in sheik's clothing?) is 
      even worse.)  Sorry if I repeat myself on this subject, but this is a 
      really important issue.  PGN]


Choosing a password

<bowen%sevax.prg.oxford.ac.uk@Cs.Ucl.AC.UK>
Tue, 19 May 87 11:20:08 BST
Following the recent discussion on password (in)security, here is a simple
way of choosing a fairly safe password which I believe is attributable to
Steve Bourne (ex Bell Labs). Find any handy document (there's usually
something near most VDUs) and point your finger randomly at the text. Select
the nearest word (or words if they are short) and substitute one or two of
the letters for some other character. E.g. a `0' for an `o'. This should
reduce the risk of your password being decrypted. You also have the benefit
that you can easily select a new password as often as you like.

Jonathan Bowen, Oxford University Computing Laboratory, England.

    [Because this is not a deterministic algorithm, it has some merit.  
    However, you must remember that passwords are still vulnerable to various
    attacks.  In some operating systems and in most local networks, it is 
    easy to capture a password in transit.  In that case, it does not much 
    matter how cute you are in generating passwords.  A second point is 
    that as soon as you let people generate their own passwords, someone 
    will want a nice simple easily guessable one, ignoring the problem that 
    his/her operating system does not do a very good job of preventing 
    someone masquerading as that user from climbing through other people's
    files, implanting Trojan horses, deleting files, etc.  It is very
    antisocial of anyone to have such a weak password, or to rely on
    passwords that can be easily captured.  Simplistic thinking is the real
    source of trouble.  Even the policy that everything should be wide
    open (no secrets) does not protect you against getting clobbered by
    file deletions and Trojan horses.

    So, let's avoid fine-tuning essentially weak approaches and remember 
    the big picture.  Then I will stop reiterating...  PGN]


<Michael Wagner +49 228 303 245>
Wed, 20 May 87 14:03 CET
         <WAGNER%DBNGMD21.BITNET@wiscvm.wisc.edu>
Subject: Re: Passwords, thefts  (Andrew Burt) (RISKS DIGEST 4.86)
CC:      isis!aburt@seismo.css.gov

  > Here at DU we have the terminals bolted to ...  tables ... .
  > Far better, though, is that each unit is engraved and painted
  > with large "DU"s on each component in highly visible locations.
  > Makes them very hard to fence.

Interesting ... we seem to be concerned with different risks.  I always
assumed that terminals were stolen from public terminal areas in
universities by individuals who wanted a home terminal.  It never occured to
me that someone would seriously consider 'fencing' such a thing.  PCs,
perhaps.  I guess the general population might know what to do with such
things.  But terminals?

Under my set of assumptions, a large logo would merely enhance the value of
the treasure.  In fact, at UofT, we lost a few terminals to start-of-year
initiation rights.  One terminal made it's way to another university in the
area as part of a scavenger hunt (I expect they got extra points for distance).

Does anyone have any statistics on where the real risks are here?
                                                                    Michael


Nuclear Plant Emergency Plan: In Event of Quake, Smash Toilets

<Don Hopkins <don@brillig.umd.edu<>
Sat, 16 May 87 18:36:46 EDT
Nuclear Plant Emergency Plan: In Event of Quake, Smash Toilets
United Press International

CHATTANOOGA, Tenn., May 14 -- Among the earthquake emergency plans at the
TVA's Sequoyah Nuclear Plant is one to break all the toilets with a
sledgehammer and cover the plumbing holes with duct tape to seal off nuclear
leaks.  According to The Chattanooga Times, TVA nuclear engineers decided in
1984 that an earthquake could cause water in toilets to spill or drain out,
destroying the "water seal" in the pipes.

At the Watts Bar Nuclear Plant, being built near Spring City, Tenn.,
plumbing that would not rely on a water seal was installed. But at the
Sequoyah Nuclear Plant, where nuclear reactors were operating at the time,
the hammer-and-duct-tape plan was adopted.  Both reactors at Sequoyah have
been shut down for 21 months because of safety and other regulatory
violations at the Soddy-Daisy plant.  The hammer and tape are stored in a
locked wooden box outside the Sequoyah control room.

"Personally, I don't think the big hammer is a big issue," Sequoyah shift
engineer Jeffrey Lewis said. "That cabinet has been there for years and we
haven't used an inch of duct tape."  Clerk Sue Hartman works near the box
where the hammer is stored.  She said the key to the box is "kept under
surveillance at all times."  In fact, the key to the key to the cabinet
where the hammer box key is stored is "kept on my body," Hartman said.

Please report problems with the web pages to the maintainer

Top