The RISKS Digest
Volume 7 Issue 35

Monday, 15th August 1988

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…


o Re: Privacy (difficulty of witholding "private" information)
Jon Jacky
o Re: Keeping Autos and Drivers in Suspense
Win Treese
o Re: Cascaded inference
o Re: "Eye focusing found to be VDT hazard."
Brint Cooper
Anthony G. Atkielski
Jeremy Grodberg
o Can current CAD/simulation methods handle long-term fatigue analysis?
John R. Galloway
o ATMs and PIN protection: twice silly victims in Boulder
Gary McClelland
o Re: Orbit 100,000 self-guided "brilliant" weapons ...
Amos Shapir
o Info on RISKS (comp.risks)

Re: Privacy (difficulty of witholding "private" information)

Jon Jacky <>
Mon, 15 Aug 88 09:15:05 PDT
> (In RISKS 7(34) Willis H. Ware recommends (in response to a posting
> about nosy questions on warranty cards): (people are) under no obligation
> to answer all manner of questions in such a situation - (try) saying NO
> when asked for personal information...

This is good advice.  However, the implication of this posting, that
individuals can significantly control information about their activities that
is collected by firms they do business with, is not true in general.

Information about you that firms learn in the course of doing business
with you is their property, not yours.  It has significant commercial value
which some firms exploit aggressively.   Much of the commercial value derives
from the ability to process this information by computer.  Some of the firms
that do this are utilities, so you do not have the choice of "saying NO."

For example, the local telephone operating company in the Seattle area
has offered a service in which it makes its directory listing information
available to other marketing firms in machine readable form.  Salespeople have
always been able to work through the telephone book of course, but the
value that the computer adds is that the listings can be processed in 
various ways.  Most obviously, the marketer can ask for just the phone numbers
in a given set of zip codes to focus on particular neighborhoods.  Having
the data in machine readable form makes it easy to match against other 
databases the marketer may have.  Note that this is a product that the
phone company sells, just like it sells local telephone service.  
There was a bill introduced into the Washington State legislature that would
have prohibited utilities from reselling information about any customer
without that customer's written permission.  It was killed in committee
due to lobbying efforts by utilities.

> (Willis Ware says) Information intrusion and its consequences is just
> another one of those risks of living in this world.

I believe this takes a much too passive view of the situation.  Information
about individuals (the real stuff of which privacy is an abstraction), like
many other commodities of value, is being struggled over by different parties
that have competing and somewhat incompatible interests.  Who eventually 
ends up with what will result from a combination of laws, regulations,
legal proceedings, and market activity.  The exact contents of these
remain to be seen, but participants who take a passive view of this 
struggle are likely to wind up with very little.

- Jon Jacky, University of Washington

    [By the way, the Sunday New York Times of 31 July had a nice article by
    John Markoff on this general subject, including mention of the American
    Express practice of selling off selective mailing lists (e.g., rich tennis
    players who frequent resort hotels).  PGN]

Re: Keeping Autos and Drivers in Suspense

Sat, 13 Aug 88 18:56:28 EDT
In RISKS 7.33, Joseph Beckman describes Sam Peltzman's studies on seatbelt
usage leading to no net decrease in auto accident fatalities.  It is worth
noting that Peltzman's studies were highly controversial and the methodology
was somewhat questionable.  Later studies did not show the same results.
Unfortunately, I do not have any references available now, but there was a
time when I researched the literature on this quite extensively.

The bottom line is still that wearing seatbelts is a good idea.

    Win Treese, Digital Equipment Corporation/MIT Project Athena
        Affiliation given for identification purposes only.

   [Aggressive drivers who feel safer because they are belted up are more 
   likely to be hazardous.  The computer analog relates to overly endowing
   your system — the results are more likely to be hazardous.  PGN]

Re: Cascaded inference (in RISKS-7.33)

g.l.sicherman <ihnp4!odyssey!gls>
13 Aug 88 22:18:31 GMT
In Risks Digest 7.33, cfeehrer@BBN writes:
> ... What may have gone wrong in the Vincennes case is that not all of the
> information that was available came to be used.  Most notably, perhaps,
> the diagnostic value associated with target aspect ratio, which the
> press tells us was more-or-less head-on and at short range relative to
> the design envelope of Aegis, did not enter into the decision in a
> formal way. ...

Cfeehrer goes on to discuss the use of a-priori probabilities and
Bayes's rule, and describes how "cascaded inference" can go badly
wrong.  I agree completely, and would like to extend the discussion.

For many years the A.I. research community has been divided over
which is more important in an intelligent system: a big knowledge
base or clever inference methods.  In the field, a majority of
researchers seem to prefer clever inference methods, mainly because
knowledge is hard to come by and harder to encode.

Meanwhile, the probability and statistics research community is
divided into Bayesians and non-Bayesians. (There are other
important philosophical controversies in probability and
statistics, but I won't go into them here.)  In brief, the
Bayesians hold that to get useful probabilities by calcu-
lation, you must calculate them from known a-priori probabilities.
The non-Bayesians hold that you can get useful probabilites even
without knowing enough a-priori probabilities to let you apply
Bayes's rule.  The non-Bayesians accept Bayes's rule--and seek to
augment it.

A non-Bayesian theory prominent in A.I. research is that of A. P.
Dempster, as formalized by his student G. Shafer.  This theory seems
to be popular because (1) its formulas can be computed routinely,
and (2) being non-Bayesian, it can dispense with some a-priori
probabilities that Bayesians would regard as necessary.  Whether
the Dempster-Shafer theory is a valuable contribution to probability
theory or a worthless and misleading exercise is yet to be established.
It falls in roughly the same grey area as Fuzzy Set Theory.

I'm a Bayesian myself; I have little to add to Boole's remarks on
this subject in his _Laws of Thought._  I'm not too worried about
"certainty factors" and similar oddities in the world of probabilistic
computation.  But I shudder at the risks of using military systems
that ignore some of the fundamental a-priori probabilities in the
field!  When such systems take appropriate action, it can only be
considered a fortunate accident.

Col. G. L. Sicherman

Re: "Eye focusing found to be VDT hazard."

Brint Cooper <abc@BRL.MIL>
Fri, 12 Aug 88 19:53:07 EDT
Denis Haskin quotes the Boston Globe, "A deterioration in eye focusing among
  people in their 20s and 30s was the No. 1 problem found in 153 patients
  treated at the university's Video Display Terminal Eye Clinic..."

Then, he reports his own experience, "I've been working with display
screens for about the last five years,...on my last exam the doctor
recommended (glasses and) I have noticed a difference."

    I suggest that this sort of thing proves nothing.  All my life, I have
known people who read a great deal in their childhood and wound up with extreme
nearsightedness.  I knew a chap who repaired small timepieces most of his life
and, in his 60's was nearly blind.  No one suggested that books and precision
repair are risky to one's vision.  Perhaps any intensive visual activity,
unbroken over long periods of time, can lead to vision problems.  I suggest
that multiply blind, retrospective and comparitive studies of all these risk
phenomena are long overdue.

    "Risks of using computers must be assessed against the risks of not
using computers."                                         _Brint

Eye Focusing and VDTs

"Anthony G. Atkielski, Honeywell Bull Inc." <Atkielski@HIS-PHOENIX-MULTICS.ARPA>
Fri, 12 Aug 88 19:46 MST
I've been working with VDTs since 1980, and I'm now 27 years old.  Long ago I
noticed that my right eye didn't focus very well on distant objects.  The way
that eye behaved (trying to focus, overcorrecting, etc.) made me suspect that
the constant close-up work with the VDT was reducing the ability of my eye to
accommodate for distant vision.  The problem goes away after a couple days away
from the CRT, and no similar problem has manifested in the left eye.  My
ophthalmologist tested my eyes and found nothing wrong (!); he said there was
no evidence to indicate that using VDTs over long periods permanently affects

It's interesting to see a news item that mentions exactly the problem I've
noticed, among people in my age group.  If there really is a link between VDTs
and some focusing problems, what can I do about it?  I still have to use a VDT
every business day (I'm using one to compose this message).  I'm not going to
get glasses because I have the distinct feeling that the problem would
eventually disappear if I could just stay away from a VDT long enough.  What
are my options?  Didn't anyone notice problems like this in the days before
VDTs?  After all, VDT users aren't the first people to engage themselves in
close-up work for long periods.

Anthony Atkielski, Honeywell Bull Inc.

Myopia (near-sightedness) and VDT use

Jeremy Grodberg <>
13 Aug 88 22:30:28 GMT
    Are there any studies about extensive VDT use leading to Myopia?  I had
20/20 vision when I started working as a programmer, and it has steadily gotten
worse since.  Further more, when I take a long absence from working (several
weeks), my eysight seems not to change, but when I return to work, it seems to
get worse rapidly.  Maybe its my imagination, but I have no evidence that wht I
thinks is happening isn't.
                                              Jeremy Grodberg

Can current CAD/simulation methods handle long-term fatigue analysis?

John R. Galloway <>
Wed, 10 Aug 88 17:24:48 PDT
As more and more of the design of (an aircraft say) is done on a computer, less
and less of the design will be handled by "rule of thumb" type decisions.
While this seems a good thing, I wonder if there is a down side concerning
aspects of the design that were implicitly included in the old rule of thumb or
handbook days (from years of experience) and are not necessarily included in
the computer model.  The case I am thinking of is the airliner a few months ago
where the top of the fuselage riped off (en route from one of the Hawaiian
Islands to another).  Are current supercomputer simulation methods capable of
handling the complexity of long-term stess, fatigue, corrosive environments,
etc., all of which were (apparently) factors in the Aloha incident?  Also I am
not at all sure that such things were handled any better before wide-spread use
of CAD — I am just asking the question.  Any aeronautical engineers out there?

ATMs and PIN protection: twice silly victims in Boulder

Fri, 12 Aug 88 15:45 MDT
The latest ATM scam from Boulder:  The campus newspaper reports that a thief
has been lifting bank cards from unattended backpacks in libraries on campus.
A day or two later, the victim receives a call from a "bank security officer"
saying that a suspect has been caught trying to use victim's stolen bank card
to extract cash from an ATM.  As part of collecting "police report"
information, the "bank security officer" asks victim for the PIN so that he can
complete the investigation.  Victim gives the PIN over the phone and then "bank
security officer" uses the stolen card and the PIN to extract maximum allowable
cash limit.

Is this why it is good to have a human link in computer security systems?

   Gary McClelland, U. of Colorado

      [For those of you whose response is, "What, another silly story like
      this one?", the point is that scams like this succeed with amazing
      frequency.  We've had quite a few.  PGN]

Re: Orbit 100,000 self-guided "brilliant" weapons, Reagan advised

Amos Shapir <nsc!taux01!taux02.UUCP!amos@Sun.COM>
11 Aug 88 11:06:07 GMT
         [in RISKS-7.33, contributed by Jon Jacky]

  >"It's effectively a shield over the planet, consisting of these things, and 
  >if anything pierces the shield that doesn't come from an allowed launch 
  >point... it gets knocked off," said Bruce McWilliams, who headed a lab team 
  >that developed the optical sensors for "brilliant pebbles."

How on earth are they going to reprogram these things when new launch points
are used, which did not exist when the `pebbles' were launched?!

Even if they can be made to be reprogrammable, how can anyone be sure
that all 100,000 receive the message?  And that's even before considering
problems like hostile reprogram messages...

Amos Shapir, National Semiconductor (Israel), 6 Maskit st. P.O.B. 3007,
             Herzlia 46104, Israel Tel. +972 52 522261

Please report problems with the web pages to the maintainer