Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
With the frequent (and valid) complaints about how the computer is fostering an impersonal society, it was with some interest that I read an article in the Washington Post last week in which the Post reported that Jesse Jackson's campaign headquarters had sent him a telex message which suggested some approaches which he could use in the upcoming primary campaigns. The telex didn't go to Jackson; instead, it was delivered to the Washington Post's telex machine. The Post, of course, printed excerpts from it in the article. (There weren't any smoking pistols in the material.) Jackson's campaign manager told the Post that it wasn't a staff error and must have been the machine, since he (the manager) was the person who operated the machine when the text was sent. The article didn't say just how the machine could have been at fault. Even if this turns out to be a case in which the operator dialed the wrong number, it does illustrate the problem of systems in which the routing system uses non-obvious addressing. An envelope addressed to "The Washington Post" would have been easily seen as not appropriate for an internal political memo, but an E-mail address of (202)-334-6100 isn't obviously an inappropriate one unless you notice that 202 is not equal to 319 (D.C. vs. Iowa)... and that assumes that you aren't using a computer-driven telex system in which you might not see the conversion from a nickname to a phone number. What feedback mechanisms are (should) there be to prevent this kind of misdelivery for electronic mail? We've all seen the occasional red-faced apologies on the net from sites which let test messages escape. (I don't have the article in front of me, and may have some minor details wrong, so no flames, please...) Joe Morris
[Excerpted from the AP wire]
DETROIT - Michigan Bell Telephone Company took about 3 1/2 days to make up
one second. The company's computer-operated telephone time service wasn't
adjusted at [...] midnight New Year's Eve, Greenwich Mean Time to account
for the "leap second" between 1987 and 1988. The adjustment is needed to
synchronize the world's steadily running atomic clocks with the ever-slowing
rotation of the Earth. But people who set watches or synchronized
activities by Michigan Bell's time signal were one second off during the
weekend. We thought the change was automatically in the (computer's)
program. We manually added the second" Monday morning, said a Michigan Bell
spokeswoman.
--Alan Wexelblat UUCP: {harvard, gatech, pyramid, &c.}!sally!im4u!milano!wex
Information deteriorates upward through bureaucracies.
I found this in the CPA Client Bulletin, July 1987, copyright 1987 by the
American Institute of Certified Public Accountants, reproduced without
perdition.
Deposit Taxes by Phone: How Easy Can It Get?
Tax practitioners are warily watching the development of a government plan to
automate the federal tax deposit system. They're mostly in favor of getting
rid of glitches in the present system but worry that a new, computerized
method could cause added work and expense for very small businesses, some of
which would be unable to participate at all because of lack of sophistication
or even lack of such basic resources as a computer or touch telephone.
Under the present system, taxpayers remit payroll taxes, corporate taxes,
excise taxes and the like into Treasury accounts at authorized financial
depositories. Nearly 70 percent of all government revenues are received in
this manner.
Under the new system, a taxpayer might feed the information directly into one
of Uncle Sam's computers, which would debit the taxpayer's bank account
directly. This is another source of uneasiness among some tax practitioners
queried about preliminary plans for the new system — IRS access to bank
accounts.
From O'Malley & Gratteau INC. column, Chicago Tribune, Jan. 11, 1988:
Just in case you were gaining confidence in the U.S. Military: A barely
noticed July 31, 1987, report by the U.S. House Armed Services Committee on
the sale of military equipment to the Islamic Republic of Iran included this
passage: "As a result of other errors within the Army, the entire last
shipment of 500 missiles had a faulty battery that has caused a dangerous
fly-back problem." What's a fly-back? It means the rockets had a tendency
to dribble out of the tube, fall on the ground and then ignite. We presume
there was a no-return policy.
Dave Curry, Purdue University
[They returned all by themselves! PGN]
In RISKS 6.4, mar@ATHENA.MIT.EDU writes: >Yesterday I tried an experiment, and discovered that my AT&T calling >card, and even a rapid transit pass would open the door... Even worse, many of these locks will open if you simply stick something thick into them. One of those handy wallet-sized plastic calendars does the trick on many doors. It seems like the locks are there to inspire confidence instead of actually protecting; perhaps the banks feel that decent locks are too expensive? Eric Skinner, University of Ottawa
I found more details about my previous report. At least some Stearns brand PC compatibles fail at boot up in 1988. A message "bad or missing command interpreter" is issued, perhaps due to something in the config.sys file. A problem on Sun machines was mentioned here, and there are reports on USENET of another PC compatible with problems due to 1988. Three unrelated sensitivities to 1988 may seem like a lot, except there are now hundreds of computer manufacturers able to cause errors. With specialty chips in wide use, a date-sensitive error in millions of appliances is only a matter of time. Scot E. Wilcoxon sewilco@DataPg.MN.ORG ihnp4!meccts!datapg!sewilco Data Progress C and UNIX consulting +1 612-825-2607
From the 1-6-88 Wall Street Journal, ad on page 8: "Employee Pension fund. A guy wants to check his pension. What he's got. What he can borrow against. How his fund's performing. Calls the State office A Wang VS computer answers. Speaks. Asks for social security number. Dials it in. It leads him through a menu...status, equity, performance or human interface...you know...a real person. They handle a thousand calls a day." — one hopes the machine can do voice recognition ....
Just when you thought its was safe to play with computers...
With all of the traffic in Risks digest dealing with Computer Viruses,
letter bombs et al, I though I'd pass this one on. A programmer in West
Germany has posted to Compu$erve the _source_ to a simple virus that will
run on a Macintosh computer.
I normally wouldn't even dare to mention that such a thing exists in a
"public" forum, but it's on Compuserve, so it might as well be painted on
walls coast to coast.
The author insists that it's is a very simple virus, easily defeated,
(which it is, having looked at and understood the sources), and is posted for
educational uses with the intent of making people aware that such things exist
and to inspire them to write defenses against them.
In terms of a program, it's very small, a few pages of Pascal, and maybe
50 lines of assembly code. The installation code has a bunch of flags to
control whether or not the virus replicates, whether it gets installed into
the current running application, or just the system software, etc, etc.
The actual virus is a small piece of code disguised as a resource that
inserts itself in a system trap handler...it's alarmingly straight forward.
The author goes on to mention, in the documentation, that this virus was
inspired by a number of viruses he has encountered that did damage to his
systems, so he wrote a virus that won't let "unknown" programs run on any of
his company's machines. (i.e., if the program(s) to be run aren't already
infected with HIS virus, they won't be allowed to run at all.)
This is the first time I have ever seen sources to something like this, and it
scares me a lot. If this code is any indication, viruses in general are a snap
to write — an could be placed _anywhere_; even in innocent looking HyperCard
Stacks (Apple's HyperText software...) that thousands of people and User's
Groups download and give out all over the place (and most Mac users aren't
computer professionals — they'll never know what hit'em).
[Come to think of it, this is right out of the story _True Names_ by
Vernor Vinge...]
Now, let's see, first thing is to unplug my MacintoshII's modem, then...
David HM Spector New York University
Senior Systems Programmer Graduate School of Business
Arpa: SPECTOR@GBA.NYU.EDU Academic Computing Center
UUCP:...!{allegra,rocky,harvard}!cmcl2!spector 90 Trinity Place, Rm C-4
MCIMail: DSpector/Compu$erve: 71260,1410 New York, New York 10006
[There are 10 more messages on viruses pending, but with
considerable overlap. I'll get to them soon! PGN]
[Repeated without permission from the business section of
_The_Washington_Post_ of Saturday, Jan 9, 1988]
[headlined] Reagan Signs Bill Governing Computer Data
President Reagan yesterday signed a bill intended to tighten security of
computer systems that store nonclassified data such as census, tax and
business records. The National Bureau of Standards is to develop programs to
protect the machines from being illegally tapped by outsiders.
The law overrides a national security directive that Reagan issued in 1984
giving the Pentagon's National Security Agency responsibility for safe-
guarding the data. Later, the White House created a new classification of
data for protection — "sensitive but unclassified."
The measures led to criticism in Congress that the government was tightening
the flow of information and expanding military authority. The new law places
responsibility for civilian computer security in civilian hands, but provides
for the NSA to give technical advice to the bureau. The law also specifies
that nothing in it will be used to restrict disclosures under the Freedom of
Information Act.
[end of article]
/Hugh Pritchard, Systems Programming PRITCHARD@CUA.BITNET
The Catholic University of America Computer Center (202) 635-5373
Washington, DC 20064 USA
Disclaimer: My views aren't necessarily those of the Pope.
[Sounds like HR 145, but none of the articles said so! PGN]
From The Lafayette (Indiana) Journal & Courier, Jan. 9th, 1988. INDIANAPOLIS - A failed gearbox was blamed Friday for causing the engine to fail in the Air Force fighter jet that crashed Oct. 29 into a hotel, killing 10 people, a published report said. The military jet, piloted by Maj. Bruce L. Teagarden, lost its ignition and air-fuel mixture systems when a gearbox part failed, _The Indianapolis Star_ reported in today's editions, quoting an unreleased Air Force report due to be released next week. --Dave Curry, Purdue University
Please report problems with the web pages to the maintainer