The Phalanx is just a radar controlled machine gun which fires 3000 (20 mm? nearly one inch in diameter) depleted uranium slugs per minute at anything which moves. Would you keep it on all the time? No one (but you) said it wasn't reliable. What does appear to be wrong is that there was only one, to cover the stern of the ship. The bow was not protected by a Phalanx system and that is where the (two?) Exocet missiles hit. Then again, we should realize that frigates such as this one are intended mostly for anti-submarine/mine work; although it did have surface to air missiles which could have been used to take out the aircraft which fired the Exocets, frigates are not really expected to provide their own air defense. And this one was operating under the assumption that Iraq aircraft were friendly, so it did not shoot down the aircraft when it could have. [Perhaps the object was to shoot down the missiles? Was that the Star Wars analogy to which Chuck was referring? Also, there was a report that there might have been TWO planes. (One missile landed undetonated amidship!) PGN]
Do open meeting laws prevent public representatives from conversing in a bar or a park or at a theatre? Do they prevent telephone calls? If not, why should they prevent electronic mail conversations? Dave [Even my home town of Palo Alto is going through the pains of trying to make sense of the legal and common-sense implications... PGN]
I think that most people would agree that UN*X is not a secure system, nor is it intended to be. However, a judicious choice of password can discourage amateur or half-hearted attacks on your account. Several methods have been proposed for choosing hard to break passwords; my favorite is simply to use the first letter of each word of some phrase, e.g., 'The rain in Spain falls mainly in the plain' becomes TriSfmitp. This has the advantages that it is not likely to appear in any dictionary, it is very mnemonic and if the password is long enough and rich enough in case, it will stand up to a sustained exhaustive search. There is another risk that I haven't seen mentioned: the use of .rhosts files (at least it's a risk in the BSD world, I've never been in the System V world). Around here, quite a few people have .rhosts entries for several machines, often including at least one Sun. Couple this with the fact that, given physical access, anyone can become root on a Sun and you've got widespread vulnerability without the need for any password attack. Mike Carlton (carlton@ji.Berkeley.EDU), CS Gradual student
Ed Joyce, Software Bugs: A Matter of Life and Liability, Datamation 33 10, 15 May 1987, pp. 88-92 [Keywords: Malfunction 54, Therac 25, dosimetry, radiation therapy]. --eugene miya
RISKS recently ran an item about the lawsuit that was thrown out because a user had been greeted with "Welcome to the system". The following banner is given by a net-accessible system (which might as well remain nameless), and provides a nice example of the other end of the spectrum. WARNING ** WARNING ** WARNING ** WARNING ** WARNING ** WARNING UNAUTHORIZED ACCESS TO THIS UNITED STATES GOVERNMENT COMPUTER SYSTEM AND OR SOFTWARE IS PROHIBITED BY PUBLIC LAW 98-473. PUNISHMENT FOR OFFENSE CAN BE UP TO $100,000 FINE OR UP TO 20 YEARS IN PRISON OR BOTH. REPORT UNAUTHORIZED USE OR ACCESS TO THE SYSTEM SECURITY OFFICER. WARNING ** WARNING ** WARNING ** WARNING ** WARNING ** WARNING
[As I have noted previously, in a list as large as RISKS there is an awesome volume of mailer barf messages. I do try to be patient, but sometimes it becomes overbearing. The implied threat here — to keep retrying and send me notifications — is horrendous! PGN] | After 14 days (326 hours), your message has not yet been | fully delivered. Attempts to deliver the message will continue | for 178956963 more days. No further action is required by you. V [********* = = = = = = = = = = = = = = = = = = = = = = = = = = = = = !!!!!] Delivery attempts are still pending for the following address(es): wmartin@almsa-2 (host: almsa-2) (queue: almsab) Problems usually are due to service interruptions at the receiving machine. Less often, they are caused by the communication system.
Please report problems with the web pages to the maintainer