Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
>From the Austin American-Statesman, Sun., 11 Sept. without permission:
Computer glitch costs American $50 million in lost ticket sales
by Martin Zimmerman, Dallas Morning News
FORT WORTH- American Airlines, Inc. lost as much as $50 million in potential
revenue this year when its computerized reservations system mistakenly
restricted the sale of discount tickets, driving price-conscious travelers to
American's competitors, the airline's chairman told industry analysts this
week.
According to analysts who attended the metting in New York with Robert
Crandell, American's chairman, president and CEO, the revenue loss was due
to a foul-up in the airline's yield-management system. "(Crandell) said
that early in the second quarter they had implemented a new software program,
which appears to have backfired," said one investment company analyst, who
asked not to be named. "It did not do what it was intended to do."
Yield management involves the use of sophisticated computer programs to
determine how many seats on an airplane should be sold at various prices,
squeezing the greatest possible revenue out of each ticket sold.
On flights where there is heavy demand for seats, for instance, the program
will instruct that fewer tickts should be sold at discount prices. On
less-popular flights, more tickets will be sold at discount fares to fill
what otherwise would be empty seats.
American is considered an industry leader in yield management. But when the
airline modified its system this year, the new program contained a serious
flaw.
According to the analysts, Crandall said the modified program prematurely
stopped the sale of discount tickets for American flights, even though more
seats would normally have been offered at lower fares. Travelers searching
for a cheap fare — told that none were available on American — presumably
then went to another airline to buy a ticket.
Lowell Duncan, American's vice president-corporate communications, said the
problem went on for 30 to 60 days before it was discovered and corrected. It
came to light when wide discrepancies cropped up in the number of discount
tickets sold during the second quarter of 1988 compared to previous
quarters....
News of the foul-up apparently didn't cause much of a stir among the
analysts, who study airlines' financial performance and then make
recommendations on whether investors should buy their stock.... "Had
American had a poor quarter, this glitch might have been more of a problem,"
said Timothy Pettee, an airline analyst... As it was, American's yields --
the amount of money collected per passenger — increased 13 percent in the
second quarter, Pettee said. "They might've been up 15 to 17 percent without
this glitch, which would've been phenomenal," he said.
This seems relevant to the recent discussions on quantitative risk assessment.
The $50 million figure must be regarded with suspicion in the absence of
further information. (Does anybody besides me have a problem with phrases like
"losses" in "potential" revenue?) Such numbers are meaningful only in context,yet it seems to be unavoidable in our society that, once created, they take on
a life of their own and appear in isolation. In my experience the problem is
not limited to the media. (Hence I am generally skeptical about quantitative
methods in system design and certification.)
Ken Calvert
The following illustrates just how ignorant the "general public"
remains of issues that the Risks community almost take for granted.
Last month, with a friend my wife and I were touring Southern Maryland.
We stopped unannounced at a new Holiday Inn and booked two rooms in my name.
With both rooms' keys in hand, we proceeded to our friend's room; I opened the
door to check out her room and found that the room was not vacant. While no
one was actually in the room, briefcases, books, and clothes made it evident
that someone else was already booked therein.
Angrily, I returned to the desk, explaining to the very young night
staff there the real risk of such an error: that the room might be occupied by
a handgun-toting paranoid who would shoot first and ask questions later. The
young woman offered that "the computer must have made a mistake." I slightly
mis-represented myself as a "computer scientist" and told her that this was no
excuse and repeated all the arguments that are more than familiar to readers of
"Risks Digest." We were assigned another room.
At checkout the next morning, I reported the mistake to the morning
staff, so that "management" would become aware. After the expected profuse
apologies, the desk manager said, "The computer shouldn't have allowed that.
The night clerk must have made a mistake."
What could I say?
Brint Cooper
Once upon a time I worked on the IFF software of the Nimrod project.
(Nimrod was a British Airborne Early Warning system which got cancelled
- to be replaced by AWACS). As part of the design process we were given
a few lectures on the purposes and uses of IFF in general. During these
we found out that
a) NO combat fighter plane will ever go into combat with its IFF
system operating - for obvious reasons!
b) If you are in a combat zone and a planes' IFF claims it to be a
civilian assume that it is a counterfeit signal.
These policies were not, to my knowledge built into the software. They
were left for the pilot to act upon. This was about 10 years ago now. I
doubt if the general policy of the UK air defence people has changed.
It would appear that the Captain of the Vincennes worked to a similar
set of assumptions.
BTW, The Nimrod project was done by GEC-Marconi Space and Defence
Systems. This is a part of the same company that is currently being so
unlucky with suicides and strange accidental deaths.
Geoff. Lane., University of Manchester Regional Computer Centre
PGN attaches the following comment onto a message about the Soviet's loss of a Phobos spacecraft. [Several people reported on radio items that attributed the problem to a console operator's single keystroke in error, which it was speculated might have triggered the Mars probe's self-destruct signal. After the command was sent, contact with the probe was lost completely. PGN] I have no reliable information about this particular case, but I am struck by the high proportion of operator mistakes which get reported as `single keystroke' errors. I strongly suspect that single-keystroke errors are largely an urban myth (you know, poodles in microwaves and the like). I'm sure that in this world of crummy user interfaces you can often do plenty of damage with a single keystroke, but the image of a single mistaken keystroke leading to disaster has got to be a very tempting trope for journalists and cartoonists and rumor-passers whether it's accurate or not. Besides, it'll always have a certain tenuous relation to the truth: the single keystroke that does the damage is the final Return you hit after your two hundred keystrokes of wrongheadedness.
Clean Credit for Sale: A growing illegal racket by Larry Reibstein with Lisa Drew, Newsweek 9/12/88 p. 49 Houston schoolteacher Darlene Alexander thought she had a clean credit record. Then in June she applied for a $75,000 mortgage, and the lender told her she had too much debt to qualify. Her records showed accounts for American Express, MasterCard and Visa. The biggest balance was a $22,800 loan for a 1988 Chevrolet Camaro. All this baffled Alexander. None of the accounts were hers; she drives a paid-up 1983 Datsun. Alexander was a victim of 'credit doctors,' people who use computers to steal good credit histories and then sell that information to people with bad credit. Using Darlene Alexander's name and history, an impostor opened charge accounts and got loans with almost no risk. The real Alexander, who was also turned down for a vacation loan, is angry. 'You try for years to get good credit,' she says, 'and then someone else just takes it away from you.' Credit doctors — thieves, really — are starting to surface in a big way. In Houston, where the depressed economy has created plenty of willing customers, about 30 people have been arrested, and 20 convicted, for credit-doctoring schemes in the last year. Among them were 'patients' — consumers — who paid up to $2,000 for stolen or fake credit identities. Houston police have identified $7 million to $10 million in merchandise and homes bought with the help of fraudulent accounts. Similar cases have cropped up in Chicago and Los Angeles. In an era when everyone seems intent on building up their credit one way or another, Secret Service agent Neal Findley says, 'An industry has risen up based on getting into other people's credit files.' The thieves work by tapping credit-bureau computers that contain histories on millions of consumers. It's surprisingly easy. Credit doctors usually buy the computer-access code from a contact who works in a legitimate business, such as a mortgage company. Using a personal computer, the credit doctor searches for someone who has his client's name — and good credit. He then copies that person's credit history — including the all-important social security number [[argh! — Donn]] — and furnishes the information to the client, who uses it when applying for credit. Houston police say some consumers have been offered a choice of credit histories at a range of prices, depending on the 'quality' of the stolen credit. ... Authorities believe many credit-doctoring scams remain undetected. People whose histories have been stolen may never know it — until a lot of debt is entered in their names. Merchants often look the other way as long as the impostor is keeping up with payments, says Houston police lieutenant J. F. Rabago. Many credit bureaus say that no safeguards can completely block unauthorized access to their computers. For now, a consumer can only hope that someone with the same name isn't in the market for a new credit history. [[Are credit bureaus' security measures really this lax? It's not hard to believe, just appalling. — Donn]]
Since I only speak American, I often have a difficult time understanding things originating across the pond. For esmaple, Bev Littlewood writes: >The system is certificated in Europe, the thing is carrying passengers, >yet, I believe, it cannot be asserted in any scientifcally meaningful >way that it has an "acceptable level of safety". It is not clear to me whether "scientifically meaningful" modifies "can be asserted" or "acceptable level of safety." It seems to me that a great part of this discussion has turned on whether "acceptable level of safety" can ever be a scientific term. It sounds to me as though it is being asserted that in the UK it is a scientific and, even legal, term. I would assert that in the US it is neither. It is at best political, and at worst journalistic. The toleration of a risk in the US is inversely proportional to its novelty or its mystery. We do not tolerate the risk of the medicinal use of marijuana or heroin in terminally ill patients. On the other hand we tolerate 300,000 premature, painful and slow deaths a year from the use of tobacco. We tolerate 1500 to 10,000 measureable deaths a year from the burning of fossil fuels. Much lower risks of alternatives cannot be tolerated because of the absence of political courage. We kill 40,000 people a year on our highways, and maim for life another 2-400,000, while programs in other countries suggest to us that least half of those are avoidable. Novel technology, such as fly-by-wire, would not be tolerated here unless it could be "proved" to be safer than the technology in use. (The opposition to the A320 in the US revolves around the fact that it contributes to an unfavorable balance of trade and has a two man cocpit. The opposition has missed a good bet. The risk of new foods and drugs here are measured absolutely, in terms of their risk in small animals; not against the risk of the alternatives. Better the devil we know. One can say little "scientific" about safety and risk in such a society. William Hugh Murray, Fellow, Information System Security, Ernst & Whinney 2000 National City Center Cleveland, Ohio 44114 21 Locust Avenue, Suite 2D, New Canaan, Connecticut 06840
Somewhere between Bev's transmission to Brian Randell and Brian's retransmission to me, Bev's lines longer than 80 characters got truncated. Sorry. [Probably at the border? Customs? Round up the usual characters?] [By the way, I sometimes get messages from within the U.S.A. whose text has NO line breaks — just rampant character strings. The UK/USA 80-character filter would truncate the entire message except for the first 80 characters!]
> > The problem occurs when the previous value is -175 or so and the new > > value is +175. What is the average? > A good way to estimate an average angle, A, from a set of angle measurements > a[i] 0<=i<N, is .... The reason that this problem is a problem is that in modular arithmetic -- which is what we're talking about here — there *is* no such thing as an "average", at least not in the usual sense of "arithmetic mean". It would probably help, then, if people would be careful to define their terminology. The "average" algorithm that the second-cited poster gave arises as follows. Represent the modular arithmetic as a circle (the original physical representation in this case); take each angle value as a vector, all of equal length; sum (or average, doesn't matter) all the vectors; and translate the direction (if any) of the resultant back into a numeric angle value. I guess this is indeed correct for problems where it makes sense to speak of an average angle, but it may be useless for other problems involving "averaged" modular numbers. Mark Brader, SoftQuad Inc., Toronto
karsh@sgi.com suggests using trig
sum_i_from_1_to_N sin(a[i])
a = arctangent ---------------------------
sum_i_from_1_to_N cos(a[i])
to average angles. This forces us to perform consistency checks to figure
out which quadrant the angle is really in. Otherwise, we may get incorrect
results (risk of using posted algorithms?). Perhaps a simpler algorithm
would be to view the angle measurements as [unit] vectors and average the
vectors together. Not only is this conceptually simple, it also allows
incorporation of measurement reliability by scaling the vectors.
[Similar comment from Mark Mandel...]
You take the average of the sines of the angles and the average of the cosines of the angles, divide, and take the arctangent of the result. Jan Wolitzky, AT&T Bell Labs, Murray Hill, NJ; 201 582-2998; mhuxd!wolit
<> Imagine trying to compute the average position of the second hand on a
<> clock. You sample the position once a second for sixty seconds. Ok, now
<> what is the average?
I made a deliberately naive attempt to determine the average position of a
second hand, using the above formula and a spreadsheet program that shall
remain nameless. I assumed N = 60, 0 <= a[i] <= 354. The spreadsheet
dutifully reported that sum_i_from_1_to_N sin(a[i]) = -7.173E-10,
sum_i_from_1_to_N cos(a[i]) = .000000014, and a = -3.0000006.
This example is obviously contrived to "make the computer look bad." But it's
not hard to imagine a scenario in which such a completely bogus answer might
seem plausible to an unsophisticated consumer of information, especially if he
or she was not shown the intermediate results of the calculation.
Roger Goun
Please report problems with the web pages to the maintainer