Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
Talking of NASTRAN reminds me of something that happened when I worked for a company involved in shipbuilding. The steel ordered for a ship that was almost completed turned out to be too thin so some extra reinforcerment was needed. In order to find the best places for this they ran the whole ship through NASTRAN. This job ran for 17 hours and filled several Gbytes of disc with temporary files. The machine crashed when there was no more available disc space. It turned out that the run involved 32000 degrees of freedom, but nobody had done the back of an envelope calculations to see if it was practical... Lindsay JANET: Lindsay_Marshall@uk.ac.newcastle UUCP: ...!ukc!newcastle.ac.uk!Lindsay_Marshall
> Pilots on France's domestic airline, Air Inter, began a new strike last > night as part of a three-year campaign over Airbus safety. Are there safety concerns other than fly-by-wire involving the Airbus? Or is this "three-year campaign" just about fly-by-wire? The above suggests there may be other safety issues; due to 3 experiences with A300s, I have suspected for several years that there might be some problem with resonance of the body to engine vibrations during takeoff. However, I have no evidence other than firsthand observation as a passenger on A300s to back this up. Eric Roskos (csed-1!roskos)
The August 1, 1988 issue of BusinessWeek contained as cover article, "Is Your Computer Secure? Hackers, Viruses, and Other Threats". The article, pages 64-72, is reasonably well written, without inflammatory text, and has few errors or misleading statements. The article is in essence examining the risk to the public and private sectors of computer usage and loss; and covers employee attacks (Gene Burleson's assault on the Fort Worth security firm USPA & IRA Co., and arrest for "harmful access to a computer"), physical security in light of accident (the Hinsdale disaster), child 'phrackers' and Ma Bell, adult hackers (the Chaos Computer Club and the Deutsche Bundespost) viruses, and the like. It's a glossy article, but is filled with interesting bits of data, such as US expenditures on computer systems over the last four years versus estimated sales of computer protection goods and services. They have photographs of Richard Brandow and the programmer who created the McMag virus, Pierre Zovile' (err — if I ever meet them in a dark alley...) and so on. Its nice to see some responsible journalism coverage in a general purpose magazine. Or perhaps this is just a measure of how important the private sector rates computer security...
I regularly get reports from my congressperson on his activities, and a comment in one of the articles grabbed my attention before I could toss the mailing: "Technology provides the students with privacy ..." A different sentiment than we usually read about in RISKS. This is from an article on a computer-aided adult literacy teaching project in St. Paul. PC's placed in individual booths provide both privacy and flexibility. If I was 30 years old and unable to read at a 4th grade level, the privacy issue would be important to me. This made me realize that while large computers and networks may in general be detrimental to privacy, there _are_ possibilities for computers to increase privacy. Robert Weiss [But probably not if untrustworthy people have authorized access to the system or to the data, or if people without authorized access masquerade. The biggest problem with putting really sensitive data about an individual that might be of interest to someone else (for revenge, blackmail, curiosity, leaking, etc.) may be that the temptation level has escalated. PGN]
Taken without permission from the Independent (which seems to have gotten it from the British Medical Journal): VIRUSES could invade hospitals throught their computer systems, so new software used by doctors is being quarantined before it is allowed contact with patients' data, Oliver Gillie writes. The Royal Infirmary in Glasgow isolated a computer virus in its laboratory among software destined for the cardiac intensive care unit. The virus was found by a technician who destroyed it before it was able to multiply. Dr Gavin Kenny, an anaesthetist at the Royal Infirmary, said the virus was not malignant, but "as soon as it was found, we made a complete sweep to look for others and now we do regular checks". "A virus can wipe out the memory on an entire disk - that would cause a lot of trouble although it would not put patients' lives in danger," he added. "But some viruses are benign. There is one which just comes out on Tuesdays. It says it is Tuesday and then it goes away again." [ stuff about what a virus is and the christmas tree deleted - jpp] Dr John Asbury, another Glasgow anaesthetist, says a virus got into an intensive care unit in the city where it corrupted data and caused files to be lost. Dr Asbury writes about computer virus disease in the latest issue of the British Medical Journal. John Pettitt, Specialix, Giggs Hill Rd, Thames Ditton, Surrey, U.K., KT7 0TR {backbone}!mcvax!ukc!pyrltd!slxsys!jpp jpp@slxsys.specialix.co.uk
From batcomputer!cornell!mailrus!uwmcsd1!ig!agate!ucbvax!pro-carolina.cts.COM!gregp Fri Jul 29 11:52:17 EDT 1988 Article 7320 of comp.sys.apple: Path: batcomputer!cornell!mailrus!uwmcsd1!ig!agate!ucbvax!pro-carolina.cts.COM!gregp >From: gregp@pro-carolina.cts.COM (Greg Prevost) Newsgroups: comp.sys.apple Subject: Virus Information Date: 26 Jul 88 21:54:43 GMT Reply-To: pnet01!pro-simasd!pro-carolina!gregp@nosc.mil Organization: The Internet Ok folks, in the past few days I have seen some major stuff going on. There are at least two different viruses running around. One is called Cyberaids and the other is made by some group called Festering Hate. Here is some of the info I have picked up on it in the last few days. - = - = - = - = - = - = 50/50: Warning Apple users Name: Practor Fime #13 @4 Date: Sat Jul 16 17:16:14 1988 CAUTION: ZLink+, ZLink.PBH, ZLink are all viruses, if you run ZLink then you now are the happy parent to a rodent virus. It seem Zlink has some sort of virus that attaches to files and stuff. My friend has it on his HD and it creates some file entry in the ROOT directory that is hidden from every utility EXCEPT APW or ORCA. Every time you boot the prodos with the virus it will do and ON-LINE vol check (even if you specifiy the exact pathname) and install the virus on systems files such as, Mr Fixit, Basic.system,Copy II+ etc.... - = - = - = - = - = - = (92 of 100) Titled : <*** W A R N I N G ***> Author : Dr. Logic/Bill of [None] Stamped: July 13, 1988 at 12:07 AM There is a file going around (currently on the Hard Drive) called Z.LINK.PLUS. It is supposed to be a terminal program somewhat like ProTERM. It is a decent program but the main reason I posted this is when you boot it up, it GOES TO EVERY ON-LINE DRIVE AND MODIFIES >BASIC.SYSTEM
On IRS direct computer access
<denbeste@OAKLAND.BBN.COM> Fri, 29 Jul 88 09:09:58 -0400I think this is going to fail. High school students all over the state will spend their evenings making up social security numbers and entering phony returns. Perhaps one time in thirty or so they'll hit pay dirt (a real social security number!). The only way to prevent this is to have the machine know the names of the people who own the SSN - and reject any return which isn't right. Only, having done that, what happens if the legitimate owner of the SSN doesn't enter their own name is quite the same way it is held in the database? Perhaps the right answer is for the computer to categorize the returns into one of two groups: "Those where the name was correct" and "those which a human being will check for validity". Steven C. Den Beste, Bolt Beranek & Newman, Cambridge MA denbeste@bbn.com(ARPA/CSNET/UUCP) harvard!bbn.com!denbeste(UUCP)
Re: doing away with privileged users
Alan Silverstein <ajs%hpfcajs@hplabs.HP.COM> Thu, 28 Jul 88 18:31:41 mdtIn 7.29, Allan Pratt said: > If there is NO SUCH THING as privileged access, where can you go wrong? Alas, there is NO SUCH THING as "NO SUCH THING as privileged access". Why? Because computers aren't as smart as people and as trustworthy as their administrators. Situations inevitably arise which require ad hoc human intervention — by privileged users. What if there were no distinction of "privilege"? If any user could handle the interventions? There'd also be precious little protection of users's data from other users. Even cooperating users need protection from each other's mistakes. Alan Silverstein, Hewlett-Packard HP-UX DCE Lab, Fort Collins, ColoradoPlease report problems with the web pages to the maintainer
xTop