The following may be of interest to Risks readers. The message is from Jane Hesketh of Edinburgh Computing and Social Responsibility. -- Phil Wadler >From jane@aiva Mon Dec 19 10:52:12 1988 Computer Weekly 15.12.88 "Software safety cannot be guaranteed, warns DTI" A draft report for the Government on safety-critical software emphasises the impossibility of guaranteeing error-free programs, despite their widespread use to control aeroplanes and nuclear power plants. Commissioned by the DTI and carried out by the Institution of Electrical Engineers and the BCS, the report has met with mixed reactions from the safety-critical software community. One of the more ominous warnings contained in the report is that an entirely unambiguous specification is not strictly feasible. "The uncertainty in our knowledge of the real world creates the potential for our specifications to be wrong, including being incomplete," the report states. " This is apart from any mistakes we may introduce when we come to describe the requirements in specifications". The report is not describing remote safety-critical applications but ones already in operation. While Sizewell B will be the first UK nuclear power plant whose safety system is computer-controlledd, the safety of a nuclear plant on the NorthWest coast of France is already in the hands of software. One of the criticisms of the draft report is that it is limited too closely to safety-critical software in the UK. The whole thing lacks a European perspective" says Robin Bloomfield, chairman of consultancy delard, which co-wrote the MoD safety-critical software standard 00-55. " For example, it should have included a current West German proposal for a standard to cover all industries". Another criticism is that the report does not go far enough in trying to bring together safety-critial standards, which many in industry now feel to be diffuse and inconsistent. "This document has not covered standards sufficiently," says David Youll, who is software engineering group manager at the Cranfield IT Institute.
With all of this discussion on over-reliance on automation, an anecdote that a friend told me a while back came to mind. I though that it was appropreate to the current discussion. Ed (the guy who told this to me) is a Master Chief Petty Officer (ret.). Part of his responsibilities included checking out new members of his squadron in the flight simulator. One of the pilots that he had to check out in the simulator was acting a bit 'cockey'. While the new guy was not looking, Ed disconnected the Artificial Horizon. (for those of you not familiar with airplane cockpits, this is a control that is used to inform the pilot of the current orientation of the aircraft about the X & Y axes (it doesn't tell direction). there are several other instraments that give the same data, notably the turn and bank indicator) The pilot took of (the simulator) and almost immediatly flipped over and crashed. He did this three times in a row. The reason? Over-reliance on a single channel of data input -- the Artificial Horizon. It showed the plane in a level flight, while the turn and bank indicator showed the correct data. This occured in a simulator. Nobody died as a result. It does illustrate what happens when humans (and computers for that matter) depend on a single source of data, and that source is spewing out bogus data (which can sometimes happen). Other conclusions I will leave to you... this is too long already. Cory Kempf UUCP: encore.com!gloom!cory
The Boston Globe had an article on the near demise of Scandanavian Design -- a 70 store furniture chain that was doing $100M/yr. According to the article what caused things to fall apart was an attempt to convert from an antiquated Honeywell system to a modern ($4.5M) IBM system. The article also mentions a lack of senior management. The observation is that computers are not turnkey systems one just installs but they require an MIS staff with much expertise. The reason is not that computers are complicated but that they are integral to the operation of one's business. While I expect that one will, in the future, buy systems that take care of the business and allow management to concentrate on the interesting aspects (whatever that might be for an individual), we need to make it clear that the current systems are idiot savants. What is missing is a deep computer literacy that allows nonprofessionals (and many professionals in the field) to understand the computer as a component of a system. It is one thing to teach Basic in school, it is another to impart a deeper understanding of computation. A trivial example was an office manager I had. I was implementing a property sticker system and wanted red permanent stickers and black removeable stickers. She did this, but both sets had the same numbers, she had assumed that a red 158 and a black 158 were different. While that may be true visually and could even be stored that way, it wasn't an effective distinction in such a system. What was missing was the concept of a unique ID.
BEYOND THE MIND'S POWERS - SUPERCOMPUTER CRACKS OLD MATH PROBLEM [ From the Montreal Gazette, 21 December 1988 ] A team of Concordia University [ another Montreal area university ] computer scientists using a U.S. Defence Department supercomputer have solved a theoretical mathematics problem so complex that it is beyond the capability of the human mind to comprehend. Clement Lam, who is a member of the matemetical computation division at Concordia's computer science department, said the complexity forces scientists to accept the supercomputer's solution more or less on faith. [ The RISKS connection... ] This raises important questions about the power of computers and whether a proof that mankind cannot fully understand can be accepted. "This is one of the very important philosophical questions," Lam said. [ A practical question as well, I think. How can we be sure the answer is correct if we can't check it? ] He added, however, that he is confident the mathematical problem faced by him and his colleagues "is solved". The problem, first posed in the 18th century by a Swiss mathematician, deals with the question of whether a mathematical entity called a "finite projective plane of order 10" can exist. Lam and three collegues, John McKay, Larry Theil, and Stanley Swiercz, concluded that such an entity cannot exist. The problem deals with whether numbers and groups of numbers can be organized in a particular fashion. To discover the solution, concordial scientists had to search through more than 1,000,000,000,000,000 combinations of possibilities - or about 50,000 for every human being. He said studying just one possibility would be like having the computer examine every combination and outcome of a chess move, but much more complex. The skill was is organizing and programming the computer. [ The RISKS are obvious. The willingness of people to accept a computer's answer on faith (whether at the cash register at the grocery store or in the university environment) remains disturbing. Henry Cox]
F. Baube (commenting on a news article quoted by Rodney Hoffman in RISKS-7.95): > > [..] Federal prosecutors also obtained a court order restricting > > Mitnick's telephone calls from jail, fearing he might gain access > > to a computer over the phone lines.... > .. and presumably he would whistle at 1200 bps. Hardly. All he needs is a touch-tone phone. First, it may well be possible to play games with phone service using only touch-tone phones; I could easily believe that each local phone exchange has a "secret" number that allows their employees to alter the characteristics of phone lines for testing purposes. But more importantly, he could have set up a phone number in advance which would allow him to use a touch-tone pad like a keyboard. (With 12 keys on the pad, two keypresses are sufficient to represent any ASCII character, including control characters.) Add text-to-speech equipment for the other direction, and he's all set. Having been jailed before, he could easily have prepared for being jailed or otherwise kept away from keyboards again. This private line and the equipment need not be in his house or under his name, so there's no way anyone could be sure it wasn't available to him. Dan Franklin [Also noted by Deshler Armstrong <firstname.lastname@example.org> ]
"LOS ANGELES (UPI) - In a rare ruling, a convicted computer hacker was ordered held without bail Thursday on new charges he gained illegal access to secret computer information of Leeds University in England and Digital Equipment Corp. Kevin David Mitnick, 25, of Panorama City, is named in two separate criminal complaints charging him with computer fraud. Assistant U.S. Attorney Leon Weidman said it is unusual to seek detention in such cases, but he considers Mitnick 'very, very dangerous' and someone who 'needs to be kept away from computers.' U.S. Magistrate Venetta Tassopulos granted the no-bail order after Weidman told her that since 1982, Mitnick had also accessed the internal records of the Los Angeles Police Department, TRW Corp. and Pacific Telephone. 'He could call up and get access to the whole world,' Weidman said. Weidman said Mitnick had served six months in juvenile hall for stealing computer manuals from a Pacific Telephone office in the San Fernando Valley and using a pay phone to destroy $200,000 worth of data in the files of a northern California company. Mitnick later penetrated the files of TRW Corp. and altered the credit information of several people, including his probation officer, Weidman said. He said Mitnick also used a ruse to obtain the name of the police detective investigating him for hacking when he was a student at Pierce College. He telephoned the dean at 3 a.m., identified himself as a campus security guard, reported a computer burglary in process and asked for the name of the detective investigating past episodes, Weidman said. The prosecutor said Mitnick also gained access to the Police Department's computer data and has impersonated police officers and judges to gain information. A complaint issued Monday charges Mitnick with using a computer in suburban Calabasas to gain access to Leeds University computer data in England. He also allegedly altered long-distance phone costs incurred by that activity in order to cover his mischief. A second complaint issued Thursday charges Mitnick with stealing proprietary Digital Equipment Corp. software valued at more than $1 million and designed to protect the security of its computer data. Mitnick allegedly stored the stolen data in a University of Southern California computer. An affidavit filed to support the complaints said unauthorized intrusions into the Digital computer have cost the company more than $4 million in computer downtime, file rebuilding and lost employee worktime. A computer operator at Voluntary Plan Assistance in Calabasas, which handles disability claims for private firms, told investigators he allowed his friend unauthorized access to the firm's computer. From that terminal, Mitnick gained access to Digital facilities in the United States and abroad, the affidavit said."
A disappointingly journalistic article entitled "Rewriting the Book on Viruses" appears in the December 1988 edition of Computer Newsletter, a publication of the British Computer Society. It describes a talk from a Dr Alan Solomon, "who runs the only Data Recovery hospital in the world". Here are some extracts: "... Solomon insists that viruses are actually extremely scarce. 'Viruses are very rare indeed. I'm getting about 1 or 2 reports a week which turn out to be genuine viruses. That's in a population of half a million computers,' estimates Solomon..." "The biggest virus problem is misinformation, according to Solomon, who told the audience that 'everything you've read and everything you know about viruses is wrong'. He goes on to state an example, 'People are calling everything a virus. At the height of commotion, a couple of months ago, I had a person call in and say "I've got a problem, I think it's a virus. My printer won't print a pound sign."'" "Viruses do not travel on executable disks, they spread on blank disks. Solomon warns, 'The real threat is data disks ... 99% of the time boot sector viruses are travelling on data disks.'" "Solomon prescribes a few tips on preventative measures: get software from a reputable source, if a boot fails -- switch the computer off, stay informed and make a clean copy of DOS and write protect it." There are two interesting flaws in this article: 1. No where in the article, with the sole exception of the word "DOS" in the extract above, does the author point out that the article defines "computers" to mean "machines of an IBM-PC architecture running the PC/MS-DOS operating system". Thus he dangerously misleads the reader into worrying about blank mainframe disks or, worse, into not worrying about executable disks on other machines. 2. His assertion that viruses are "extremely scarce" is incorrect for some hardware/software architectures, in particular the Macintosh. I would not like to guess at a percentage, but certainly almost every Macintosh user I have met has suffered from an nVir attack! Disinformation is always dangerous. Perhaps RISKS readers need to arm them- selves with a short nontechnical fact sheet for their colleagues who are interested in finding out what is really going on. Has anyone written something simple along these lines, which we could show to people who find all the journalism confusing (or wrong)?
Please report problems with the web pages to the maintainer