The RISKS Digest
Volume 7 Issue 27

Monday, 25th July 1988

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…


o A Fishy Story
John Colville
o Inconsistent Data Taxes Vancouver Woman
Don Chiasson
o Computer Viruses and RETROVIRUSES
Peter J. Denning
o Hacking central office switches - too easy?
John T. Powers Jr.
o "Man in the Loop"
Bill Murray
Herb Lin
o Journal of Computing and Society
Gary Chapman
o Barcodes
Jerome H. Saltzer
o The IRS Illinois Experiment
o "Scratch-and-win"? Try "X-ray-and-win"!
Fred Baube
o PIN on PNB calling card
Mark Mandel
o Info on RISKS (comp.risks)

A Fishy Story

John Colville <munnari!!colville@uunet.UU.NET>
Mon, 25 Jul 88 16:23:31 EST
From "The Sydney Morning Herald", 23 July 1988  (Reprinted without permission)

The new restaurant at the Opera House seems to be having a few technical
troubles. Three people lunching there yesterday ordered river trout.  Some
minutes later, an embarrassed waiter told them: "Sorry, we put the trout
through the cash register, and it came out in the kitchen as octopus."  The
diners settled for octopus anyway.
                                                  John Colville

  [Obviously the wrong "menu" popped up on the screen!  Or were they pulling
   somebody's leg (not the octopus') and using the computer as an excuse?  PGN]

Inconsistent Data Taxes Vancouver Woman

Mon, 25 Jul 88 16:44:30 ADT
     From the Toronto Globe and Mail, page 3, July 25, 1988 (Canadian
Press), as usual without permission:

          BC Woman Alive And Well Despite What Taxman Says

     Judi Sommer insists she is alive and well and living in Vancouver. 
But the 40 year old has trouble convincing the taxman of that. 
     "They say their computer has me down as officially dead but gainfully
employed," she said during the weekend. 
     Ms Sommer said the dilemma is preventing her from collecting the
$1,200 she expects back from Revenue Canada. 
     "What do I have to do to prove I'm alive?" the teacher asked. 
     Her troubles started in 1986 when her mother, Mollie, died.  A mixup in
her lawyer's office led to the placing of Ms Sommer's social insurance number
on her mother's death certificate.
     She said that, when she asked a Revenue Canada official last year if her
tax forms had been received, he told her the social insurance number she gave
belonged to a dead person.
     It took three months for her to sort out the problem and get her 1986 tax
refund ...  But she said she is now facing the same problem with her 1987
     Revenue Canada spokesman Harm Dhillon acknowledged that mistakes are made
occasionally, but added that he has never heard of someone being both dead and
gainfully employed at the same time in his 11 years with the tax office.
     Ottawa has promised to straighten out the mistake and forward Ms
Sommer her refund. 

Computer Viruses and RETROVIRUSES (Re: RISKS-7.23)

Peter J. Denning <>
Sat, 23 Jul 88 14:10:53 pdt
Peter Neumann asked what terminology could be applied to the corrupted data
that propagated through a system or network.  The closest biological analogy
is the retrovirus.  A retrovirus (such as the HIV, or human immunodeficiency
virus, or AIDS) incorporates itself into the genetic material of the cell
that it attacks, causing the cell to alter its function; the reproductive
processes of the cell spawn new copies of the retrovirus.  The retrovirus is
not capable of self-reproduction.  So Neumann's ARPANET node "data virus" is
analogous to a retrovirus.

But let's be careful about the analogies with biology.  They are intriguing
metaphors that give the appearance that our machines have lives of their own,
and absolve us of the responsibilities for their behavior.

Peter Denning

Hacking central office switches - too easy? [See also RISKS-7.26]

"John T. Powers Jr. (Jac" <>
23 Jul 88 00:08:58 PDT
I read a New York Times article in the San Jose Mercury-News for Friday,
7/22/88 which spoiled my day.  The title was fairly routine: "Computer users
break privacy, security of phones".  Being mildly interested in security, I
read it anyway.

If this article is correct, crackers have been playing games with Pacific Bell
central office switches up to no less than a year ago, maybe even now.  It
appears that open modems were left on what I would call "console" ports,
allowing crackers access to operator-class commands after guessing or otherwise
obtaining passwords.  Once logged on, "visitors" could reportedly disconnect a
line, assign it to another account ("steal dial tone"), and who knows what
other mischief.

It would have been easy for them to make this kind of activity much harder than
it evidently was.  A simple callback system (something I introduced at IBM
about 10 years ago, and common now) would, if used correctly, make it *much*
harder to gain unauthorized access to a CO switch.  In addition, it would
probably warn of interest by unauthorized persons.  Today, much more
sophisticated security systems are not only available but cheap.

It amazes me that a phone company, of all possible victims, would omit such a
simple and effective barrier to mischief.  It would have cost them almost
nothing.  I've toured a number of Pacific Bell COs, and their physical security
looks pretty good to me.  It's almost *inconceivable* to me that that they
would leave a back door open via, of all things, the bleeping *telephone*.

Anyone know how accurate this report is, and what PacBell did about it, if

Does this remind you of another recent security horror story?

Disclaimer: These are my views only... and even I might disclaim them later.
Jack Powers    IBM Almaden Research Lab
Flames at 1200bps or less to 408/779-7472. Voice: 408/927-1495. Share water.

"Man in the Loop"

Tue, 19 Jul 88 09:31 EDT
Rodney Hoffman offers:

  >Despite the fact that the Aegis system has been exhaustively tested at the
  >RCA lab in New Jersey and has been at sea for years, it still failed to make
  >the right decision the first time an occasion to fire a live round arose.

It is clear that the first time that it hit a target, it was a friendly
target.  What evidence is that this is the first opportunity, or even
the first round?  [I also question "exhaustively."  One of the problems
of this class of system is that they do not permit of exhaustive testing.]

[As did Will Martin (RISKS-6.26), Bill noted that "People are fallible".  PGN]
Still, they are less fallible in an anticipatory mode than they are in a life
and death crisis situation.
                                            Bill Murray


Sun, 24 Jul 1988 07:26 EDT
For more commentary on AEGIS and SDI, you might find an article in Scientific
American interesting — December 1985, on computer software and SDI.  It
contains a description of the early operational testing of AEGIS (including
defects in the testing), and draws comparisons to SDI.

Journal of Computing and Society

Gary Chapman <>
Sun, 17 Jul 88 10:59:33 PDT

P.O. Box 717, Palo Alto, CA  94301, (415) 322-3778

The Journal of Computing and Society will begin publishing in late 1988.  It
will be a quarterly journal of material on the social implications of computing
technology and computerization.  The journal is soliciting articles on
computers and privacy, computers and war, computers and power relations,
computers and gender, computers and politics, computers and social theory, and
similar subjects.

The deadline for the Spring 1989 issue is September 15, 1988.  

The emphasis in this journal will be on high quality writing and provocative
ideas.  Original research is welcome, but the journal will try to avoid
conventional academic writing in favor of well-crafted essays.  The journal is
intended to appeal to a general audience as well as the profession of computer
science.  Preference in publication will be given to material showing
originality, creativity, relevance to substantive problems in society, and
readability.  There will be no political or philosophical prejudice--all
viewpoints are welcome.

The Journal of Computing and Society is edited by Gary Chapman, executive
director of Computer Professionals for Social Responsibility.  Questions
regarding manuscripts should be directed to him at the address above.  

Manuscripts should be submitted in quadruplicate, typed or laser-printed, on 8
1/2" x 11" paper with one-inch margins all around.  The Journal's style will be
the same as that of The Chicago Manual of Style and The Communications of the

The editorial board of the Journal of Computing and Society consists of the
following people:  Jerry Berman; Margaret Boden; David Burnham; Hubert Dreyfus;
Jean-Louis Gassee; Calvin Gotlieb; Douglas Hofstadter; Deborah Johnson; Rob
Kling; John Ladd; Abbe Mowshowitz; Peter G. Neumann; Susan Nycum; Kristen
Nygaard; Paul Saffo; Mike Sharples; Lenny Siegel; Luca Simoncini; Brian Smith;
Lucy Suchman; Zhisong Tang; Joseph Weizenbaum; Alan F. Westin; Langdon Winner;
and Terry Winograd.

Subscription rates for The Journal of Computing and Society have not yet been
determined, but there will be a personal subscription rate for individuals.

The Journal of Computing and Society will be published by Ablex Publishing
Corporation of Norwood, New Jersey.

Barcodes (re: RISKS-7.13 )

Jerome H. Saltzer <Saltzer@ATHENA.MIT.EDU>
Fri, 22 Jul 88 14:37:04 EDT
> From: dap@cgl.ucsf.EDU (David A. Pearlman)
> Subject: Grocery Store Barcodes: Another game you don't win
> All this talk about how ATM's don't make mistakes in the customer's
> favor reminds me of one of my pet peeves: When the price on the food
> shelf is not the same as the price scanned at the cash register.

This is a case in which a combination of technology and store policy can
make a big difference.  The last Albertson's store in which I shopped had a
voice synthesizer that announced the price of every item scanned, and a big
sign saying that if the price scanned isn't identical to the price on the
shelf you get the item for free.

                    Jerry Saltzer

The IRS Illinois Experiment

Mon, 25 Jul 1988 14:19 EDT
One way to partially automate the filing process without granting online
access to IRS computers to the masses would be to supply a tax filing program
to taxpayers and allow them to file on floppy disk.  The cost would be more
than direct electronic filing, but should be less than a paper return.

"Scratch-and-win"? Try "X-ray-and-win"! [RISKS-7.13]

Fred Baube <>
Fri, 01 Jul 88 14:40:53 -0400
Even if they make instant-win lottery cards immune to non-
destructive testing by X-ray, aren't there small CAT scanners
or NMR imagers out there that can determine the location of ink
molecules, providing the same winner/no-winner information ?

PIN on PNB calling card

Mark Mandel <Mandel@BCO-MULTICS.ARPA>
Thu, 21 Jul 88 16:48 EDT
Agreed, the calling card with magnetically-encoded PIN is similar to a
credit card, though a credit card still provides a security barrier of
sorts in the signature.  But according to the description we were given,
PNB doesn't tell you so.  What started this discussion was someone's
report of PNB's form letter accompanying the mailed card, in which they
  a:  For security, don't write your PIN on your card or keep it
      in the wallet, and
  b:  You don't even need to remember your PIN because the card
      encodes it!

We who read this digest recognize the contradiction here, but we're not
typical consumers.  The PINheads who set up that arrangement and wrote
the letter don't seem to see that (a) is no protection in light of (b).
How can Jane and Joe Average be expected to see it?  Pacific Northwest
Bell's irresponsibity lies not so much in mag-encoding the PIN, per se,
as in failing to inform the card's users of the resulting risk, and in
actually disguising this risk by warning them to keep the PIN separate
from the card.
                                        — Mark Mandel

 * My employer is not responsible for anything I say, think, do, or eat.

Please report problems with the web pages to the maintainer