The Risks Digest, Volume 8, Issue60

Peter G. Neumann

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 8: Issue 60

Wednesday 19 April 1989

Hillsborough: Risks of using Computers at Stadium Turnstiles: Brian Tompsett
Risks of plaintext data: Hugh Miller
Computer voting at Stanford: Scott Seligman
Re: Computerized attendance: Sean Fagan
More Auto-Seatbelt Horrors: Thor Simon
Mb = 1024? 1000?: Walter Roberson
Re: Newspaper Cartoons and Computer Infallibility: Will Martin
Info on RISKS (comp.risks)

Hillsborough: Risks of using Computers at Stadium Turnstiles

Brian Tompsett <briant@SPIDER.CO.UK>

Wed, 19 Apr 89 14:03:13 -0100

 Heard on BBC radio Parliamentary report this morning. At question time a
Member of Parliament stated that the Police at Hillsborough based their
decisions to open a gate on the computerized tally from the turnstiles that
indicated the ground had ample space to take more people. The government's
plans to make computerized turnstiles compulsory increases the risk that a
computer failure or error could result in another tragedy in the future.  The
government where asked to reconsider their plans in the light of recent events.

  Brian Tompsett. Spider Systems Ltd, Edinburgh.

Risks of plaintext data

Hugh Miller <MILLER@vm.epas.utoronto.ca>

Wed, 19 Apr 89 16:09:41 EDT

        Excerpted from "MP demands probe into burglaries," by Tim
Harper, _Toronto Star_, We 19 Apr 89, p. A13:

  OTTAWA - A New Democrat MP has asked for an investigation of a series of
  "high quality break-ins" at his office and those of 4 environmental and peace
  groups.  Jim Fulton said yesterday the break-ins preceded the grilling of a
  senior defense department scientist in a probe to flush out the person who
  leaked information about nerve-gas testing in Alberta ...  No one was
  arrested and the RCMP have rejected any link.

  Kirk Roberts, a spokesman for the Ontario Environment Network on Spadina
  Ave., said thieves who ransacked the office Jan. 13 stole equipment but
  ignored a personal computer valued at $3500.  The thieves, Roberts said, were
  interested in stealing data tapes that included correspondence among some 100
  Canadian environmental groups ...

  In a letter to Fulton about the break-ins, RCMP Commissioner Norman Inkster
  wrote, "Our enquiries into this matter have not uncovered any evidence to
  suggest the incidents were linked or conducted by any organized group of
  individuals."

I spoke with Kirk Roberts this afternoon.  "I've got to get hold of this
article," he said.  "I don't know what the thieves were _interested_ in, but
they in fact did steal all of our backup tapes, except for the ones we keep
off-site."
        OEN uses a WEB system, which provides dialup connections to 47
countries and affords full email/messaging functions.  The system utilizes
120MB tape cassette backups.  "The system does afford an encryption option for
users who want to use it," said Roberts.  "But the thing is, none of the stuff
on those tapes was what you would call particularly sensitive.  If any
reasonable request had been made for items on those tapes, we would probably
have supplied them.  As an environmental organization we do things, and _want_
things done, publically.  That these tapes were stolen says more about the
thieves' paranoia than about the tapes' contents."
        OEN has only suffered the one break-in so far, said Roberts.
Jim Fulton's Parliament Hill office has, however, he hears, been
burgled four times.
                                      Hugh Miller, University of Toronto

Computer voting at Stanford

Scott Seligman <seligman@polya.Stanford.EDU>

Wed, 19 Apr 89 00:12:55 -0700

This year, for the first time, students voting in the student elections here at
Stanford University aren't using paper ballets or voting machines.  They're
using Macintosh computers.

People have been making quite a big deal out of this.  The papers report that
state officials are observing the process.  Past student elections have been
plagued with administrative bungles, which the computers are supposed to help
prevent.  The whole thing is quite important to the people who are
administrating it -- one would think that they've been extremely careful....

I went to vote today.  After I had cast all of my votes, a window appeared
asking me if I now wanted to make my selections permanent.  Seemed reasonable
enough.  But there was only one possible response to click on: "No".  As this
wasn't the response I was hoping to make, I hit return and clicked a few times
and the window went away and then it came back again.  This time there were two
possible responses: "Yes" and "No".  I selected "Yes", confident that my votes
were being accurately recorded.

(I'll leave it to others to report on the numerous machines out of service, and
the long queues at the ones in service, and the complete lack of privacy, and
....)

  [While this system is a nice advance in letting the voter review the ballot,
  the problems of system integrity, assurance of nontampering, ballot privacy,
  etc. are largely ignored.  It is certainly a worthwhile experiment, and will
  provide challenges for system penetrators and authorized programmers who want
  to rig elections.  Some of the problems that will need to be overcome have
  been discussed extensively in the reports by Roy Saltman, Lance Hoffman, and
  others mentioned in earlier RISKS.  PGN]

Re: Computerized attendance (RISKS-8.57)

Sean Fagan <seanf@ucscc.UCSC.EDU>

Wed, 19 Apr 89 03:59:23 -0700

We had one in our high school, similar to a combination of the above [described
in RISKS 8.57].  Each student had an 8 digit number (birthday, plus 2 digits
for repeats; never mind the RISKS in that!), and the 2nd period class would
fill out a little bubble sheet, which had `present,' `excused,' `absent,' and
`tardy.'  These would then be scanned, processed, and an absent child would
have his (or her) parents called that evening.  A child who was tardy for more
than 3 days in a row, or for more than 20 days in a semester, would also have
her (or his) parents called.

I should mention that I grew up in a largely hispanic neighborhood, and they
never did figure out how to handle the cases where the parents understood only
English or Spanish (they tried English only, didn't work; tried Spanish only,
my mother threw a fit 8-)).  Nor did they take answering machines into
account...

Oh, of course, an obvious RISK:  the computer originally was called up by a
central computer in LA (Los Angelos) to send various reports.  It took me and
my cohorts 2 weeks to find out the number of the computer, after which we
demonstrated how much we could screw up the system merely by calling repeatedly
(keeping it busy) (yes, we told people what we were doing; they didn't believe
us till we showed them [they were present when we were doing it, ok? 8-)]).
Shortly after that, they changed to having the computer call LA, which was a
number we never did figure out...

Sean Eric Fagan  (408) 458-1422

More Auto-Seatbelt Horrors [RISKS-8.59]

Thor Simon <simon@cheshire.cs.columbia.edu>

19 Apr 89 02:04:17 GMT

  In response to the recent post on the dangers of automatic seatbelts:

One day, while my father and I drove along in a rental car (I believe a Subaru)
with automatic seatbelts, he saw that he'd caught his coat in the car door.  Of
course, being me, I dared him to open it and see if it fell out.  He opened the
door, and much to our surprise, the seatbelt opened, all while happily motoring
along at about 40.  Later that day I looked it over and saw that the
seatbelt-opener used a simple pressure switch that could have been lifted
intact from any refrigerator-light mechanism.  Needless to say, this is VERY
dangerous.  Scenario:

John and his buddies go for a ride.  Being saftey-concious, He owns a car with
auto-seatbelts.  Unfortunately, they need them.  They are sideswiped by a giant
Mack truck.  More unfortunately, the driver's side door _pops open_. This 
triggers the seatbelt-release mechanism, John hits the windshield and...

Not fun, huh?  Well, at least it looks like such seatbelt improvements may be 
obsoleted by the new $30 airbags... I hope.

Thor Simon

Mb = 1024? 1000?

<Walter_Roberson@CARLETON.CA>

Wed, 19 Apr 89 12:57:18 EST

I found this is a SunSpots Digest we received today (v229). [How do you stick
your thumb in to check how full a file system is? :-) ]       Walter Roberson

> Date:    Tue, 28 Mar 89 07:45:08 CST
[...]
> I know that once I was unpleasantly surprised when I planned on a 512 MB
> file systems size and calculated what that should be in terms of sectors
> and cylinders on my disk. I figured that 512 MB = 512 * 1024 * 1024 =
> 536,870,912 bytes. When I made the file system, I found out it was not 512
> Mb (from the output of newfs). Working backwards, I found that Sun used
> 512 Mb = 512 * 1000 * 1000, which makes [sense] to me since I am a
> mechanical engineer, but we all found it confusing.
>
> Dinah Anderson
> Shell Oil Company, Information Center (713) 795-3287
> ....!{sun,psuvax,soma,rice,ut-sally,ihnp4}!shell!dinah

                [An old problem.  But since we haven't had it in RISKS since
                volumes 2 and 3, it might as well resurface once again.  PGN]

Re: Newspaper Cartoons and Computer Infallibility

Will Martin -- AMXAL-RI <wmartin@ST-LOUIS-EMH2.ARMY.MIL>

Wed, 19 Apr 89 14:39:34 CST

>  From today's Hi & Lois newspaper cartoon strip:
>  Clerk [to Hi]:  I'm afraid we're out of stock on that item, sir.
>  Hi:  I found it on the rack.  I just want to buy it.

Too bad they didn't follow that with the obvious:

Hi: Well, since you don't have this, this can't be yours. It must be
    mine. [Walks out of store with item for free...]

                        [But they'd probably be searching Hi and Lois.  PGN]

Report problems with the web pages to the maintainer