Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
Many readers of this digest will be interested in the article, “Information technology and dataveillance,” Roger A. Clarke, Communications of the ACM, 31(5): 498 - 512, May 1988. This is a long review with 78 references.
The author defines “dataveillance” to mean the systematic use of computing technology in the investigation or monitoring of the actions or communications of one or more persons. He distinguishes betwen “personal surveillance” - surveillance of an identified person, where there is a specific reason for the investigation, and “mass surveillance” - surveillance of large groups of people in order to identify individuals who might be of interest to investigators. The author concludes that computing technology is making it much easier to perform both kinds, a lot of it is going on and more can be expected.
The author says he does not argue that surveillance is intrinsically evil or that it should be ruled out altogether, but argues that much of what is in fact now going on is in general a bad thing, especially the mass surveillance. He concludes that privacy and civil liberties protections in place in most countries are inadequate to protect against these new surveillance techniques. The author says that he feels people working in computing, due to their special knowledge, have some special responsibility to consider privacy implications of their work, evaluate safeguards, and lobby for effective ones.
- Jon Jacky, University of Washington
(Paraphrased from The Houston Post, 29 April)
A local newscast carried a story on a Herpes research project under way at Baylor College of Medicine, and displayed a phone number for volunteers to call — with appropriate assurances of confidentiality.
Not only was it the wrong number, it was the number for the "back door" to the public address system at Baylor (No indication of how large an area was covered — it is a big place.)
The callers, hearing a pick up but no answer “assumed it was an answering machine” and “gave their names, phone numbers, everything.”
I believe this points up an important “human factor.” People are a lot less cautious when they initiate a contact than when they are contacted. This explains the easy success of the typical “service spoof” attacks - password harvesters and “night deposit box out of order” scams. I don't have a magic answer for designers of services — it is very hard to design a service that is at all hard to spoof if the clients aren't at least a little bit cautious.
Second item:
One of the tigers went through a window in a door and killed an employee. It was at night and the public would not have been in immediate danger even in the daytime, but the incident nevertheless caused quite a ruckus.
The firm that designed the enclosure stated that the door design, including the window pane used, was “standard” for that kind of application. The tiger had no trouble going through it, and there was no indication that it was defective, nor that any other tiger would have had any trouble going through any other door of like design.
(Zoo officials have the big cats in holding cages while the window materials used in the (relatively new) cat facility are tested - by swinging miniature wrecking balls into them. The cat facility is a modern close-contact one - you can routinely find one of the lionesses sleeping against a window with the public on the other side - in a tunnel.)
Apparently quite a few nominally professional people in the world think that standards excuse them from thinking. Perhaps that explains the popularity of standards?
Applicability to computers? Gee, there aren't any people clamoring for standards in the computer industry, are there?
Steve Nuchia uunet!nuchat!steve (713) 334 6720
A society that depends upon any mechanism for its own proper functioning, cannot tolerate, much less encourage, any tampering with the intended operation of that mechanism.
Therefore, one is tempted to rise up in indignation at the idea of a qualified academic assigning a virus to his students. The next thing you know, they will be assigning plagiarism. How about the forgery of academic credentials? Perhaps we should offer a course in how to falsify research results. Or, perhaps, on how to trash another's experiments, notes or reports.
Perhaps it is a sign of immaturity that we are unable to recognize the moral equivalency. I will leave open the question of whether the immaturity is in the technology, the society, or academia.
I thought that we put this issue to bed several years ago when we stopped assigning the breaking of security. It seems that we did not.
For an academic to be unable to recognize that assignments, and the recognition that goes with their successful completion, encourages the behavior assigned, demonstrates a lack of understanding of the activity in which he is engaged. If he understands it, and still makes such an assignment, he demonstrates a lack of understanding of where his real interest rests.
Such irresponsible behavior may account, in part, for the anti-academic bias in our society and for the manifest distrust of the scientific establishment. It is of little wonder that the citizens of Cambridge, Massachusetts are reluctant to trust the likes of these with genetic engineering.
If there is any lesson that we should have learned from the computer, it is that understanding the effects of what we intend for it to do is a daunting task. Even getting it to do what we intend is not trivial. It seems to me, that there is plenty of material here for assignments; we need not look to assignments which are at best trivial, and at worst, dangerous.
William Hugh Murray, Fellow, Information System Security, Ernst & Whinney 2000 National City Center Cleveland, Ohio 44114 21 Locust Avenue, Suite 2D, New Canaan, Connecticut 06840
Subscribers to this list may be interested in the recent article““Computer Viruses” by Peter J. Denning in the American Scientist, vol 76page 236. In particular, he discusses terminology. Paraphrasing his definitions:
Denning points out that these types often occur in combination. A Trojan Horse is the most common means of originally introducing a virus into a system. For example, a Trojan Horse compiler can attach a copy of the virus code to its output.
Defence against computer viruses comes out sounding like a message from the Surgeon General. Practice digital hygiene yourself. Don't exchange programs with anyone whose computer habits are not up to your own standards. Refuse to use software if the manufacturer's seal has been broken!
Maybe we need a "Centers for Computer Disease Control".
*****************************************
* COMPASS '88 *
* JUNE 27th - July 1st, 1988 *
NATIONAL BUREAU OF STANDARDS
* Gaithersburg, MD *
ADVANCE PROGRAM
*****************************************
* MONDAY, 27 JUNE 1988 *
Meeting of the Tri-services Software Safety Working Group
* TUESDAY, 28 JUNE 1988 *
0730 REGISTRATION
0900 CALL TO ORDER
General Chair---CDR Mike Gehl, Office of Naval Research
0910 OPENING REMARKS
Honorary Chair---Helen Wood, Deputy Director, Institute for
Computer Sciences and Technology, National Bureau of Standards
0930 PROGRAM OVERVIEW
Program Chair---Janet Dunham, Research Triangle Institute
0940 INTRODUCTION OF KEYNOTE SPEAKER AND PANEL
Chair, COMPASS Board---H.O. Lubbes, Space and Naval Warfare
Systems Command
0950 KEYNOTE ADDRESS
Chair, Keynote Panel---Dr. Roger McCarthy, Failure Analysis, Inc.
"THE PRESENT AND FUTURE SAFETY CHALLENGES OF COMPUTER CONTROL"
1100 COFFEE BREAK
1130 KEYNOTE DISCUSSION
PANEL: Herb Hecht, SoHAR, Inc.
Peter Neumann, SRI International
Jim Treacy, Federal Aviation Administration
Andres Zellweger, Computer Technology Associates
William J. Rodda, DELCO Electronics Corp.
1300 LUNCH BREAK
1430 RISKS AND BENEFITS
Chair---Janet Dunham, Research Triangle Institute
* "The Computer Related Risk of the Year: Computer Abuse"
Peter Neumann, SRI International.
* "Alzheimer's Patient Monitoring System"
Doris Rouse, Research Triangle Institute
* "Advance Computations into the Third Millenium"
James P. Farell
1530 COFFEE BREAK
1600 WHAT IS SOFTWARE SYSTEMS SAFETY?
Chair---Al Friend, Space and Naval Warfare Systems Command
* "Software Systems Safety and Human Error Avoidance"
Mike Brown, Naval Surface Warfare Center
* "A Definition of Process Security"
John McDermott, Naval Research Laboratory
* "Definitions and Requirements for Distributed Real-Time Systems"
Christina Berggren, IBM System Integration Division
* "An Approach to Software Safety Analysis in a Distributed
Real-Time System"
Sang H. Son and Chun-Hyon Chang, University of Virginia
and Paul V. Shebalin, ORI
1730 ADJOURN
1900 BANQUET
* "Stalking the Wily Hacker"
Cliff Stoll, Lawrence Berkeley Laboratories
* WEDNESDAY, 29 JUNE 1988 *
0900 RELIABILITY AND SECURITY OF VOTE COUNTING SYSTEMS:
Chair---Lance Hoffman, George Washington University
Panel: Roy Saltman, National Bureau of Standards
Emmett Fremaux, Jr., District Board of Elections and Ethics
Peter Neumann, SRI International
1000 ENGINEERING ERROR FREE SPECIFICATIONS
Chair---Sam DiNitto, RADC
* "Overview: Complementary Completeness"
Sam DiNitto, RADC
* "Early Detection of Requirements Specification Errors"
Paul C. Jorgensen, Arizona State University
* "Reliable Software Specification"
John McLean, Naval Research Laboratory
* "An Investigation of the Reliability of a Software
Specification"
Janet Dunham, Research Triangle Institute
1100 COFFEE BREAK
1130 DESIGNING SAFETY CRITICAL SYSTEMS
Chair --- Peter Neumann, SRI International
* "Designing Safety Critical Systems: The Viper Microprocessor"
Dr. John Cullyer, Royal Signals and Radar Establishment
* Question and Answer Session
1300 LUNCH BREAK
1430 SOFTWARE PRODUCT ASSURANCE: TECHNIQUES FOR REDUCING SOFTWARE RISK
Chair---Dolores Wallace, National Bureau of Standards
* "Software Product Assurance: Reducing Software Risks in
Critical Systems"
William Bryan and Stanley Siegel, Grumman Corporation
"FIPS 132/IEEE 1012 SVV Plans Standard"
Dolores Wallace, National Bureau of Standards
1600 COFFEE BREAK
1630 VERIFICATION, TESTING, AND ANALYSIS
Chair---Michael Brown, Naval Surface Warfare Center
* "Predicting Computer Behavior"
Don Good, Computational Logic, Inc.
* "On Back to Back Testing"
Mladen Vouk, North Carolina State University
* "A Static Scheduler for the Computer Aided Prototyping System"
Dorothy Janson and Prof. Luqi, Naval Post Graduate School
* "The IBM Software Quality and Productivity Program"
Anne Martt, IBM Houston
1800 ADJOURN
* THURSDAY, 30 JUNE 1988 *
0900 SOFTWARE SAFETY MODELING AND MEASUREMENT
Chair---Herb Hecht, SoHaR
Panel: Jerry Mauck, Nuclear Regulatory Commission
Douglas R. Miller, George Washington University
Dev Raheja, Technology Management, Inc.
1015 USE OF MODELING TOOLS: A VARIED APPROACH
Chair---Don Lee, Aerospace Corporation
Panel: Sal Bavuso, NASA-Langley Research Center
Nancy Leveson, University of California-Irvine
1100 COFFEE BREAK
1130 PANEL DISCUSSION: SAFETY REVIEW PROGRAMS
Chair---George Finelli, NASA-Langley Research Center
Panel: Mike Brown, Naval Surface Warfare Center
Frank Houston, Food and Drug Administration
Mike Dewalt, Federal Aviation Administration
1300 LUNCH BREAK
1430 CASE STUDIES: OPERATIONAL SAFETY AND PROCESS SECURITY CONSIDERATIONS
Chair---Dan Strub, U.S. Air Force
* "On Software Safety Management"
Jim Dobbins, Verilog
* "A Methodology for Analyzing Avionics Software Safety"
Bob De Santo, LOGICON, Inc.
* "A Case Study of System Integrity for Alcohol Taxation"
T. F. Buckley, P.W. Garratt, and T.G. Gough, Leeds Univ., U.K.
* "Update on the Safety Verification of the B1 Bomber"
Joe Cantu, Boeing Military Airplane Company
* "The Centaur Project"
Helen De Mao, Corporation for Studies and Analysis
1600 BREAK
1630 CASE STUDIES: ASSURING MEDICAL SOFTWARE
Chair---Frank Houston, Food and Drug Administration
* "A Methodology for Assuring Medical Software"
Roger Fujii, LOGICON
* "Formal Safety Analysis and the Software Engineering Process in
the Pacemaker Industry"
D. Santel, C. Trautman, and W. Liu, Medtronic, Inc
* Discussion/Question and Answer
1800 ADJOURN
* FRIDAY, 1 JULY 1988 TUTORIALS *
0900 Software Safety and Process Security in the Ada Reusable Software
Environment
E.V. Berard, EVB Software Engineering, Inc.
0900 Verification and Validation
Dolores Wallace, National Bureau of Standards
and Roger Fujii, LOGICON, Inc.
1200 ADJOURN
REGISTRATION—Preregistration closes 17 June 1988. On-Site registration will begin on 28 June 1988 from 0730 to 0900 in the NBS Administration Building. Persons attending the Tri-Service Software Systems Safety Working Group may register there on 27 June 1988 between 1530 and 1730.
PARKING—Parking is available in the NBS Visitors Parking Lot adjacent to the Administration Building.
TRANSPORTATION—For those attendees who will be driving, the National Bureau of Standards is located on Clopper Road near the I-270 interchange approximately 12 miles north of I-495 (marked "National Bureau of Standards/ Clopper Road" for northbound travelers; or "National Bureau of Standards/Route 124 Darnestown" for southbound travelers). For attendees who do not wish to drive, the conference hotels are accessible from Dulles, National and BWI airports by regular limosine service with no reservation required. Also, NBS provides shuttle service to and from the Shady Grove Metrorail Station (on the Red Line) on the quarter and three-quarter hour (0815, 0845, … 1715) from the West side KISS AND RIDE lot. COMPASS will provide a shuttle morning and evening between NBS and the conference hotels.
MEALS—The registration fee includes lunches on Tuesday, Wednesday, and Thursday, and Dinner on Tuesday evening. Refreshments will be available at all breaks.
FOR ON-LINE or hard-copy REGISTRATION FORMS, PLEASE CONTACT FRANK HOUSTON houston@nrl-csr.arpa .
The real risk with the freon-halon-ozone controversy is best understood when you realize that the Third World countries were major opponents to the production freeze. The major uses of freons are:
Freons have been shown to be much cheaper and much safer than the alternative technologies. Only recently have there been indications that equally safe refrigeration technologies can be practical, and these will be many times more expensive.
In the Third World refrigeration means much more than a cool car. It can mean the difference between life and death. In food production, refrigeration allows produce to reach markets, to be stored safely. Without it (and most underdeveloped countries lack adequate refrigeration) food spoils, farm incomes drop dramatically, people go hungry, people starve. In medicine, refrigeration means medicines that don't spoil and blood transfusions. Lack of refrigeration means death. So the Third World countries opposed the removal of freons. Why agree to many thousands of deaths just to keep the Americans happy? The future environmental destruction is a good reason, but with so much at stake the evidence must be persuasive. Even with the new technologies, they must weigh the huge increase in costs against their limited incomes.
The evidence from the computer models is weaker than the press reports indicate. The measurements of world ozone show an increase of about 5% from 1960 to 1975 followed by a much larger and faster decrease of about 15% since then. The computer models do not predict or explain that increase. Their predictions of what altitudes would have how much of a decrease do not match the observed decreases. The models did not predict the Antarctic ‘hole', although this has a tentative explanation.
I believe that the real deciding factor was the intuitive decision by the negotiators that while the models were pretty inaccurate, the measurement data was accurate enough to make the trend very worrisome. The rapid action following confirmation of the satellite data calibration is consistent with this. It also is evidence of a cautious approach towards computer models. The research level was dramatically increased, both into the atmosphere and into freon substitutes, after the initial modeling results were published. Freon uses with easy substitutions (spray propellent) were eliminated in the US. Oddly, the Europeans did not follow suit. The drastic changes were studied, but no action taken until there was much more information.
The Montreal agreement also places real emphasis on more data gathering and analysis following the agreed freeze and reduction in production. The reduction goal can be met with changes in refrigeration and manufacturing without any change in fire protection uses. The United States may move internally for much larger reductions. The large chemical companies may decide to switch production entirely when suitable substitutes are found. Dow has announced its intention to completely phase out freon production. The international agreement is to reduce somewhat, then wait for more evidence from measurements.
Rob Horn
Please report problems with the web pages to the maintainer