The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 5 Issue 46

Wednesday, 21 October 1987


o Portfolio Insurance and Wall Street's meltdown
Rodney Hoffman
o Software firms put on guard by Act
Jonathan Bowen
o World Series Phone Snafu
Ted Lee
o Re: Civil Disobedience
Jim Jenal
o Destruction of confiscated computers
Lindsay F. Marshall
o Weather Forecasts
Lindsay F. Marshall
o Anonymity and high-tech: indirection
Robert Stanley
o Berkeley's computer security
Al Stangenberger
David Redell
o Computer Services as Property
Rick Busdiecker
o Information as property
Hugh Pritchard
o Info on RISKS (comp.risks)

Portfolio Insurance and Wall Street's meltdown

Rodney Hoffman <>
21 Oct 87 15:53:15 PDT (Wednesday)
Excerpted from the 'Los Angeles Times', Tuesday, Oct. 20, 1987:

                 By Michael A. Hiltzik

In December, 1986, New York Stock Exchange Chairman John J. Phelan warned a
Washington audience that a new form of computerized stock and futures trading 
known as portfolio insurance could someday lead to "financial meltdown."

The markets laughed him off.... [T]here are strong indications that
computerized portfolio insurance programs inspired the snowballing waves
of selling during the market's catastrophic collapse.  The impact of
portfolio insurance programs on the market's epic fall Monday and last
week cannot be precisely gauged.  But estimates place the amount of
assets "protected" by the programs ... at as much as $61 billion.

Because of the mechanics of portfolio insurance, a significant portion
of that pool of cash was poised before last week to begin marching, all
at once, in a single direction: down....  [T]he leading insurance
technique involves selling not stocks, but related stock-index futures,
and using the porceeds to offset stock losses.  As the selling waves hit
the futures markets, they drive futures prices down, which in turn drag
stock prices down....

Even people who sell portfolio insurance acknowledged that the technique
is probably a leading villain of the market collapse -- and what's more,
failed to protect clients from the lossses they thought they would
avoid.  Portfolio insurance firms all use somewhat different computer
models to dictate trading for clients; some were apparently more
successful than others in protecting clients from losses this week and
last week.  But all showed they had devastating shortcomings, [Preston
W. Estep, head of a leading portfolio insurance firm] said....

[discussion of the past warnings and fears about the growing
interrelationship between future and stock markets]

Program traders... have often been blamed for exacerbating the sharp
stock price moves of the last few years because their computer programs
are designed to order the sale or purchase of millions of dollars of
stocks in the blink of an eye.  Portfolio insurers add another bias to
that system: one that encourages sharp downturns.

[detailed discussion of one scheme:  "dynamic hedging" developed by
University of California, Berkeley business professors Hayne Leland and
Mark Rubenstein]

More important than clients' individual losses, however, is the way
portfolio insurance tends to magnify market slumps.  Because the
clients' concerted selling forces futures prices down, that attracts
investors who strive to make money from the difference in price between
the futures and their related stocks.  In roughly simultaneous
transactions, they buy the futures and sell the corresponding stocks.
In turn, that forces stock prices further down, which kicks in more
insurance-related sales in the futures markets, and so on.

Software firms put on guard by Act

Wed, 21 Oct 87 15:55:02 BST
From the Times, London, 20th October 1987:

Computer Horizons, Jobscene, by Darrell Ince,
Prof of Computer Science, Open University, UK.

`The new Consumer Protection Act, which comes into force next year, could
provide a number of headaches for British software developers. At the same
time, it is also likely to result in an increase in both job opportunities and
salaries for one neglected area of software engineering -- quality assurance.

 Until the new law takes effect anybody who is injured because of an
error in a software product has to carry out the difficult process of
establishing fault on the part of the company which supplied the product.

 Once it comes into force all that will be required is to establish a
casual link between the injury suffered and a defect in the software product.

 This puts immense pressure on software companies to make sure that
their software is correct.  ...

[The article goes on to mention the techniques which quality assurance
specialists can use including...] one American concept...the Black
Team. This is a collection of hackers whose function is to try and make
a completed software system crash. 

[Prof Ince suggests that...] ...the bulk of companies...still take a
relatively relaxed view of software quality.

 The new law will change this, and, if as expected, companies start
becoming directly liable for software products, then there should be a
massive expansion which, initially, may not be meet be current levels
of staffing. ...

[The article concludes] ...I think we can all excuse current software
quality practitioners their broad grin as they read the newspaper
accounts of the problems that British software houses will face over
the next three years.'

Any comments?                    [Had any jobscene phone calls lately?  PGN]

World Series Phone Snafu [Telephones Whirled Serious in Fall Classic]

Mon, 19 Oct 87 02:26 EDT
I don't know how it played in the national media, if at all, but the
telephone systems in the five midwestern states surrounding Minneapolis/St.
Paul were essentially thrown continuous strikes for three hours yesterday
(Saturday) morning.

After some minor skirmishes in the lines where the local tickets (i.e.,
non series ticket holders, non-bigwigs, etc.) for the first two games
of the World Series had been sold earlier in the week, the sole ticket
franchisee (one of the local major department store chains) decided to
make things more pleasant by selling the 10,000 local tickets for games
six and seven by taking orders over the phone.  The number to call,
which was staffed by 35 operators, was announced at 0755AM Saturday on
the local television and radio stations, some of which cover a good part
of five states (North and South Dakota, Wisconsin, Iowa, and Minnesota.)
200,000 calls an hour were attempted to that number until the last
ticket was sold at about 11:00 AM.  Most phone exchanges in the area
were for all practical purposes shut down by the overload.

The news reports weren't very specific about how bad the delays were
where, but did mention that the effects were spread over the five-state
area.  I was unable to get a dial tone during the entire period.  911
service was useless -- the 911 equipment of course was all right -- if
one could have gotten a dial tone in any reasonable time.  It was
reported that one suburb realized the danger quickly and stationed its
fire trucks at strategic intersections just in case and police
departments broadcast a note requesting people with problems to drive to
the nearest precinct rather than try to call.  It was very fortunate
that apparently there were no emergencies -- the only incident reported
was that someone had discovered that a relative had died and tried to
call for help on 911; in that case a rapid response would not have
mattered.  And there was also the poor fellow in Rochester, Mn., (area
code 507) who happened to have the same number as the ticket line (area
612) -- and was waiting for calls in response to a newspaper ad to sell
some of his belongings before he left for college that afternoon.  He
was not amused.

The ticket people said they'll have to come up with a third game plan
next year.  (Of course they'll need it!)

Re: Civil Disobedience (RISKS-5.45)

Wed, 21 Oct 87 10:00:08 PDT
A computer system being used to flood a BBS with calls is *NOT* civil
disobedience - it is an act of terrorism.  Civil disobedience is an effort
to *increase* dialog - to make people aware of a specific concern.  It is
typically undertaken at some risk to the participants (either physical,
legal or both), as recent events have dramatically demonstrated.  It is in
the highest traditions of democracy and this nation's history.

Flooding a BBS, on the other hand, is an act designed to inhibit dialog.
It is meant to intimidate and debilitate other participants in the debate
of public policy.  Ultimately this is an act of cowardice and not worthy of
being justified as "civil disobedience."

    Jim Jenal       (aka ...!scgvaxd!mss!jpj)
    Mayfield Senior School  ( "  ...!ihnp4!mss!jpj)

Destruction of confiscated computers

"Lindsay F. Marshall" <>
Wed, 21 Oct 87 15:14:20 BST
Mike McLaughlin (RISKS 5.45) suggests that destruction of confiscated
computers should have a significant deterrent effect and cites poachers in
Virginia.  He perhaps should look at the history of Moonshining in that area
(or in any other area/country that you care to name).  The destruction of
the "tools of the trade" has NEVER deterred them - moonshiners are famous
for coming out of court, straight into the hardware shop and buying the
materials for new stills.  I dont see why poachers should be any different
nor hackers - let's face it probably doesnt cost that much to replace the
sort of computers they are using (at least in the US anyway).  I accept that
SOME people MAY have strong emotional ties to particular pieces of
equipment, but its destruction is more likely to make these people think of
revenge than anything else.  Let's face it Judges aren't famous for their
knowledge of human psychology (OK neither are computer scientists....).
What was it Reagan said about Social Science degrees and the jurisdiction??


Weather Forecasts

"Lindsay F. Marshall" <>
Wed, 21 Oct 87 14:52:22 BST
There have been a variety of stories about weather forecasting and the recent
bad weather. The gist of these seems to be (sorry about hazy details...) :-

1) The system based on a Cyber (the Met office?) failed to predict the storm.

2) A system based on a Cray DID predict the storm.

3) Le Monde carried a correct forecast on WEDNESDAY!

4) The bad predictions have been attributed to a lack of upper air
   measurements, satellite data not being particularly useful in this case.

5) Old Moore's Almanac said that there would be storms in October.

6) It's God's revenge on the Thatcherite Yuppies........


Anonymity and high-tech: indirection (Re: RISKS DIGEST 5.43)

Robert Stanley <>
19 Oct 87 17:25:53 GMT
In risks 5.43 Nic McPhee introduced anonymity as the best protection:
>From: (Nic McPhee)
> One of the greatest guarantees of privacy is anonymity.

This hits right to the heart of the matter, and the question remains one of how
to preserve anonymity in an age of increasingly sophisticated, tireless, and
undistractable records searchers.  The common property of all answers to this
question is that it requires effort: anonymity is no longer available by
default, but that does not mean that it is unavailable.

There are three strong (high probability of success) approaches to achieving
electronic anonymity:

    1. Thoroughly understand the legal position and fight for your rights;

    2. Use cut-offs that break the search chain; and,

    3. Generate the crowd in which to hide.

This forum has discussed legality quite extensively.  There are plenty of
mechanisms available for finding out and getting changed or deleted information
that is held on file about you.  You can also do a lot to ensure that there are
as few direct pointers (common ID's like social security number) as possible.
The drawback of this approach is that it attracts the attention of the
beureaucracy, which may lead to more trouble than the protection is worth, and
further lays you open to trojan horse attacks by people who obtain access
(legal or otherwise) to government files which contain information on you.

However, as an example, I was once extremely paranoid about having my private
life analysed when automated mailing lists started to appear.  I therefore kept
a precise record of EVERY occasion when I released certain information in
writing (I always refused to give details over the phone) and carefully
inserted one variant as a key in each case.  If a particular variant started
appearing from another source it was 100% certain that the information had been
propagated, and I would go directly (and angrily) back to the original
recipient of the information and demand an explanation.  This achieved the
desired effect until proliferation led to corruption, and the trace keys became
hard to devise with sufficient robustness to guarantee their survival across
compressed address lines and so on.  Of course, I may have become an entrant on
a blacklist of some kind, but I don't think THEY were sufficiently organized.
What I did find was that a letter to the wife of the president at home (amazing
how easy that sort of info was to discover :-) ) with copies to the president
plus the relevant department at work guaranteed attention.  Firm contention
that one understood how computer systems work, and discussion of operator
liability usually resulted in speedy remedial action.  But this takes hard

At the other end of the scale, simple cut-offs to break chains work wonders.
There is very definitely no direct link between roberts@cognos.uucp and, for
instance, the residential address of Robert Stanley, private citizen.  All my
junk mail, including credit cards, subscriptions, and so on, goes via an
address of convenience.  (by the way, should you crack Cognos' personnel
database, you will find a correspondence rather than a residential address, but
a telephone number for a telephone that does ring at my home).  A PO box is the
simplest, and Canada Post at least limits the connection between a PO Box and
an actual person to a single local post office ledger entry.  The only positive
link they require is a telephone number, which could be at work.  Next best is
to use a service agency, and you'd be surprised at how cheap and convenient
they can be.  In fact, your worst danger is from your real friends, who may
have your personal information thoughtfully recorded among their own records.
Most of us don't tend to keep these encrypted.  Yes, the memory telephone is a
lethal instrument, as is the last number redial facility.

Finally, it is possible to create your own haystack, by making the information
explosion work to your advantage.  Get on every kind of list you can, at every
opportunity.  When faced with too much information, particularly contradictory
information, systems and people alike usually decide to ignore the case in
favour of an easier one.  You can just see the evidence for the prosecution
against a TV license non-payer including letters of application for game-show
appearance, when in fact you are one of the 1% TV non-owners!  Innocent until
proven guilty does still apply.

Robert Stanley, Cognos Incorporated, P.O. Box 9707, 3755 Riverside Drive,
Ottawa, Ontario CANADA  K1G 3Z4                       Phone: (613) 738-1440
 uucp: decvax!utzoo!dciem!nrcaer!cognos!roberts          

Berkeley's computer security

Tue, 20 Oct 87 09:01:05 PDT
When Berkeley's computer center was occupied in the early 1970's, the only
thing which saved us from major damage was ignorance.  Damage (which was
not severe as I recall) was concentrated on tape drives and other things
with moving parts.  One of the operators told me that if he had been
sympathetic to the demonstrators, he would have directed them to the
innocuous box which held the CDC 6400's mainframe.

Al Stangenberger, Forestry, U.C. Berkeley

Berkeley's computer security

David Redell <>
Tue, 20 Oct 87 11:57:03 PDT
A little more history of machine room physical security at Berkeley,
as raised by Dorsey (RISKS-5.44) and Chapman (RISKS-5.45):

 "I don't know if that's a reaction to [the sit-in that] Scott
  mentioned, or not"

At the time of the anti-war sit-ins, the computer center machine room
was in the basement of the old math building, and had no physical
security to speak of. Users would submit jobs by walking into the
machine room and placing their card decks on a counter that was about
six feet from the twin CDC 6400 mainframes. When the demonstrators tried
to get in, physical security consisted of a burly operator trying to hold
the door closed!

Independent of any actual damage done during the demonstrations (very slight,
as I recall), the computer center management virtually freaked out about their 
vulnerability. The machine room in the new math building was already more
secure -- for example, card decks were submitted in a separate room and handed 
via a small pass-through into the machine room -- but they looked very
hard for other risks. One wall of the new room had large observation windows
of thick reinforced glass; they decided even that was too risky, so the hallway
outside the windows was closed to the public. Access by computer center staff
became much more controlled, and machine room tours were curtailed. Of course, 
by the time these and other measures were in place, the demonstrations were
pretty much a thing of the past, but it's an interesting example of how a
tough security policy often results from an earlier flimsy one plus a bit
of scary experience.

Dave Redell

Computer Services as Property

20 Oct 1987 08:10-EDT
    Date: Tue, 6 Oct 87 13:07:18 PDT
    From: landauer@Sun.COM (Doug Landauer)

    What *I* think many of us agree on (except R.M.Stallman, of course) is
    that information is a form of property and is entitled to *some*

I think that this is a somewhat inaccurate characterization for a
couple of reasons.  Firstly, RMS appears to be quite concerned that the
informational property rights of others are not violated, although it
could certainly be argued that hir motives are of the CYA variety.
Secondly, e goes to great lengths to explicitly spell out the
protection of GNU project software.  If e didn't feel a need for any
protection, the software could simply be placed in the public domain.


Tue, 20 Oct 87 16:28 EDT
          (Hugh Pritchard -- CUA Systems Programming)
Subject:  Information as property

  > From: landauer@Sun.COM (Doug Landauer)
  > > From: "Arthur_Axelrod.WBST128"@Xerox.COM
  > > I think we all agree with the fundamental premise, i.e. that information
  > > is a form of property...
  > Absolutely *NOT*!!!  I know of no one who thinks (e.g.) that their
  > house, their car, their wallet and their Unix files (or their IBM-PC
  > software) are entitled to *the same* protection.

Information purveyors do.

  > The significant difference between information and "real" property is
  > that if you steal real property, your victim is denied access to that
  > property; whereas if you "steal" information, your victim still has hir
  > copy of it, and may not even notice the "theft".

Information certainly does have value.  And that value is altered when the
information is spread around, whether the originator retains a copy or not.
Ask any spy.  And what makes 'sharing' information more defensible than
stealing it?  Want to share your lover/spouse with me?

BTW, I think the legal term 'real property' refers specifically to land and
improvements thereto, like houses.  All other forms of property are personal

  > What our linguistic, ethical and legal systems have not yet come to 
  > cope with is just what sort of protection information is entitled to, 
  > and what sort is feasible.

How long have copyright, trademark, and patent laws been in existance?
I'm not claiming that these laws remain the most appropriate means of
redress, but only that the concept of protecting information and other
'copyable' property is hardly new.

Hugh Pritchard, Systems Programming, The Catholic University of America,
Computer Center, Washington, DC 20064 USA, (202) 635-5373
Disclaimer:  My views aren't necessarily those of the Pope.

Please report problems with the web pages to the maintainer