Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
The Air Force temporarily grounded its fleet of B-1B bombers yesterday after the wings on one of the planes malfunctioned just before a training flight... The crew could not get the plane's wings to move back and forth in tandem and, at one point, the left wing apparently moved too far forward and punctured a fuel tank inside the fuselage. The wings are normally swept back for high-speed attack runs and forward for takeoffs and landings... The B-1B still has problems with its radar-jamming gear... [San Francisco Chronicle, 29 March 1989, p. A11]
The Soviet Union has lost radio contact with its backup spacecraft to Mars and the Martian moon Phobos... In September 1988 the Soviets lost contact with the first of the twin Martian probes, Phobos I. [See RISKS-7.53 and 56.]
A $140 million Star Wars Satellite [launched on 24 March] failed one of its first tests... The satellite was meant to observe the firing of a nearby rocket in space but was unable to do so because a lens cap blocked its view. The lens cover stayed on a sensor too long, blocking it from tracking the second-stage engine as it drifted away in space. As a result, the satellite was pointed in the wrong direction to view the longer of the second-stage firings. [San Francisco Chronicle, 28 March 1989, p. A10]
I test-drove a Dodge Spirit last week. It had Chrysler's new 4-speed
overdrive automatic transmission, which is controlled electronically.
As we were sitting in the car before beginning the test drive, the salesman
folded down his sun visor, noted the vanity mirror built into it, and said,
"Illuminated mirrors! How nice!" So I folded down _my_ visor, lifted the cover
on the mirror, and noticed that the lights didn't light. "How did you make
yours light?" I asked. "They won't, until we connect a connector under the
hood," said he, "we disconnect things that might drain the battery if left on
inadvertently." I resolved to check the mirror illumination later.
So I drove out from the dealer's lot, accelerated gently to about ten miles
per hour, and notice that the transmission had not yet shifted up. "Shift,
you!" said I. The salesman then started to laugh embarrassedly and remembered
that the transmission controller needed "that connector" reconnected.
This time the Spirit wasn't quite willing.
[And the Flashers were weak... PGN]
Edited excerpts from a feature article by Jeffrey Rothfeder in 'Business
Week' magazine April 3, 1989:
USING THE LAW TO REIN IN COMPUTER RUNAWAYS
MORE UNHAPPY BUYERS ARE TAKING SYSTEMS SUPPLIERS TO COURT
Geophysical Systems Corp. hired a Raytheon Corp. subsidiary, Seismo-
graph Service Corp., to build a $20 million computer system to process
sonar-generated data. The system couldn't do it. Geophysical's clients
canceled their contracts, and Geophysical entered bankruptcy. Last
December, a Los Angeles jury awarded Geophysical Systems Corp. $48.3
million from to cover computer-system costs and lost profits, although
the judge has ordered a new trial to review the size of those damages.
Geophysical had claimed that the Seismograph system couldn't meet its
complex computation requirements — and that Seismograph knew this
before it started building the system. By finding for his client, says
Geophysical's attorney, "the court is saying that if we wanted a computer
unable to handle our data we could have gone to Toys 'R' Us and been
out $20 instead of $20 million."
As computer runaways — systems that are over budget, installed late,
or don't work — become endemic, fed-up customers are fighting back.
And they're using the law to do it. In 1988 the American Arbitration
Assn. took on 190 computer disputes, most of them concerning defective
systems, totaling $198 million in claims. That was up from 123 cases
in 1984, representing claims of $31 million. Dozens of law firms now
specialize in high-tech matters.
[More tales of (smaller) cases.] When a customer sues, it loses its
computer supplier. It may take years to find a replacement and build
a new system — not to mention win the original suit. Because of this,
says one attorney, "when you sign a contract for a computer system,
you're locked in a deadly embrace with the supplier that you not be able
to, or want to, get out of." The boilerplate agreement that suppliers
typically offer includes numerous so-called exclusions of warranty that
limit the supplier's liability for system failures or delays. Also,
the contract usually states that nothing in it is binding unless
specifically spelled out.
A former Price Waterhouse senior consultant recalls telling customers
that it will take "only 72 hours for a crucial software project. But
we wouldn't put this into the contract. Then when it took us two months
to do the job, we simply explained that the project now costs more
because the extra work we did was out of the scope of our agreement."
The State of New Jersey reached a settlement with Price Waterhouse over
a bungled system to handle licensing and traffic violations for the Motor
Vehicles Dept. During nearly two years of negotiations, the accounting
firm fixed the system. New Jersey got the system for $1.2 million less
than the contracted price, and Price Waterhouse swallowed approximately
$2 million in additional project costs.
Many customers are starting to demand contract clauses providing for
binding arbitration of disputes, and for acceptance tests before the
customer pays.
Surprisingly, the new legal aggressiveness of customers isn't particu-
larly troubling to most systems suppliers. Customer activism may even
reduce the number of runaways from an estimated 35% of all current
computer projects. Says a systems designer at one Big Eight accounting
firm: "It could be just the thing we need to make us more honest."
A sidebar lists THINGS TO DEMAND WHEN BUYING A COMPUTER SYSTEM:
* ACCEPTANCE TEST. Requires the supplier to run the customer's
actual data successfully through the system.
* GUARANTEE. The customer pays leasing or purchase charges only
after the new system has been working correctly for two months.
* BINDING ARBITRATION. Stipulates that the customer can elect to
have disputes resolved by an outside arbitrator.
* SOFTWARE OWNERSHIP. Give the customer the rights to the system's
source code and leaves it in the customer's possession.
* SUPPORT. Guarantees that support and servicing for the system will
be available for at least a year — even if the supplier goes out
of business.
A short note in the `Los Angeles Times' 27 March 1989 carried this summary
of information from a letter in the 'New England Journal of Medicine':
VIRUS HITS HOSPITAL COMPUTERS
A "virus" infected computers at three Michigan hospitals last
fall and disrupted patient diagnosis at two of the centers in
what appears to be the first such invasion of a medical computer,
it was reported last week.
The infiltration did not harm any patients but delayed diagnoses
by shutting down domputers, creating files of nonexistent patients
and garbling names on patient records, which could have caused more
serious problems.
"It definitely did affect care in delaying things, and it could have
affected care in terms of losing this information completely," said
Dr. Jack Juni, a staff physician at the William Beaumont Hospitals
in Troy and Royal Oak, Mich., two of the hospitals involved. "It
was pretty disturbing."
If patient information had been lost, the virus could have forced
doctors to repeat tests that involve exposing patients to radiation,
Juni said. The phony and garbled files could have caused a mix-up
in patient diagnosis, he said.
"This was information we were using to base diagnoses on," said Juni,
who reported the case in a letter in the New England Journal of
Medicine. "We were lucky and caught it in time."
An individual placed a time bomb message on a government service system in the San Francisco Bay Area saying, "WARNING! A computer virus has infected the system!" The individual is learning that such a prank is considered almost as funny as saying that you have a bomb in your carry-on luggage as you board a plane. Bruce Baker, Information Security Program, SRI International
This week's (26 March.) Sunday Times (UK) has an article relating to a Bulletin Board being run by a 14-year-old boy in Wilmslow, Cheshire, England, which contains information relating to such things as making plastic explosives. Anti-terrorist detectives are said to be investigating for possible breaches of the Obscene Publications Act. Apparently reporters were able to easily gain access to this bulletin board and peruse articles on such subjects as credit card fraud, making various types of explosive, street fighting techniques and dodging police radar traps. One article was obviously aimed at children and described how to make a bomb suitable for use on "the car of a teacher you do not like at school," which would destroy the tyre of a car when it was started. The boys parents did not seem to think that their son was doing anything wrong, preferring him to be working with his computer rather than roaming the streets. A London computer consultant, Noel Bradford, is quoted as having seen the bulletin board and found messages discussing "how to crack British Telecom, how to get money out of people and how to defraud credit card companies. Credit card numbers are given, along with PIN numbers, names, addresses and other details."
For those of you interested an umbrella organisation has been established
in the UK to co-ordinate information on, and research into all aspects of
computer security. In the first instance one of the organisations primary
concerns will be combatting the threat posed by computer viruses by
acting as a clearing house for virus information and control software.
Below is a copy of an initial letter mailed to prospective members:
The Computer Threat Research Association
The computer threat research association, CoTra is a non-profit making
organisation that exists to research, analyse, publicise and find solutions for
threats to the integrity and reliability of computer systems.
The issue that caused the formation of CoTra was the rise of the computer
virus. This problem has since become surrounded by fear, uncertainty and doubt.
To the average user the computer virus and its implications are a worry of an
unknown scale. To a few unfortunates whose systems have become a critical issue.
The key advantage of CoTra membership will be access to advice and information.
Advice will be provided through publications, an electronic conference (a
closed conference for CoTra's members has been created on the Compulink CIX
system) as well as other channels such as general postings direct to members
when a new virus is discovered.
CoTra membership will be available on a student, full or corporate member
basis. All software that is held by CoTra that enhances system reliability,
such as virus detection and removal software, will be available to all members.
It is intended to establish discounts with suppliers of reliability tools and
services. A library of virus sources and executables and other dangerous
research material will be made available to members who have a demonstrable
need.
A register of consultants who have specific skills in the systems reliability
field will be published by CoTra and reviews of reliability enhancing software
will be produced.
Your support of CoTra will ensure that you have the earliest and most accurate
information about potential threats to your computer systems.
CoTra, The computer threat research association,
c/o 144 Sheerstock, Haddenham, Bucks. HP17 8EX
Part of the organisation's aim is to establish reciprocal links with other
similar organisations worldwide to facilitate the sharing of experience and
rapid flow of information on new threats.
To this end if you are involved in, or have contacts with, a similar
organisation in your country, please write to CoTra (or by email to me, and I
will forward your correspondence) outlining your organisation and its aims.
Yours sincerely,
Dave Ferbrache, Dept of computer science, Heriot-Watt University, 79 Grassmarket
Edinburgh,UK. EH1 2HJ Tel (UK) 031-225-6465 ext 553 UUCP ..!mcvax!hwcs!davidf
M. Mitchell Waldrop's article (_Science_, 17 March 1989, pp 1437-1439) on SOGS
is notable for its coverage accessible to the general scientific public,
and for its claim that the software engineering community has switched to
rapid prototyping. Selected quotes follow.
— Paul Eggert, Twin Sun Inc. <aerospace.aero.com!twinsun!eggert>
Will the Hubble Space Telescope Compute?
Critical operations software is still a mess--the victim of
primitive programming methods and chaotic project management
First the good news: two decades after it first went into development, the
$1.4-billion Hubble Space Telescope is almost ready to fly....
But now the bad news: the Space Telescope Science Institute in Baltimore still
has dozens of programmers struggling to fix one of the most basic pieces of
telescope software, the $70-million Science Operations Ground System (SOGS)....
It was supposedly completed 3 years ago. Yet bugs are still turning up ... and
the system currently runs at only one-third optimum speed.... If Space
Telescope had been launched in October 1986, as planned at the time of the
Challenger accident, it would have been a major embarrassment: a superb
scientific instrument crippled by nearly unworkable software....
[chronology:
1980-1 2"-thick requirements doc. written by NASA-appointed committee
1981 contract awarded to TRW; peak team included 150 people
1983 first software components delivered
later SOGS declared utterly unsuitable.
]
The problem was basically a conceptual one. NASA's specifications for SOGS had
called for a scheduling algorithm that would handle telescope operations on a
minute-by-minute basis.... The tacit assumption was that the system would
schedule astronomers on a monthly and yearly basis by simply adding up
thousands upon thousands of these minute-by-minute schedules.
In fact, that tacit assumption was a recipe for disaster.... The number of
possible combinations to consider rises much faster than exponentially....
In the computer science community, where this phenomenon has been well known
for about 40 years, it is called ``the combinatoric explosion.'' Accepted
techniques for defusing such explosions call for scheduling algorithms that
plan their trips with a road map, so to speak. And SOGS simply did not have it.
In addition to performance issues, however, SOGS was also deficient in basic
design terms. ``SOGS used last-generation programming technology,'' says one
senior programmer.... ``SOGS was designed in such a way that you couldn't
insert new releases without bringing down the entire system! For days!'' says
the science institute's associate director for operations, Ethan Schreier....
Indeed, the fundamental structure of SOGS is so nonmodular that fixing a bug in
one part of the program almost invariably generates new bugs somewhere else....
So, where did SOGS go wrong?...
One of the main villains seems to have been the old-line aerospace industry
approach to software development.... In the wider computer science community
this Give-Me-The-Requirements approach is considered a dismal methodology at
best... Modern programming practice calls for ... a style known as ``rapid
prototyping''...
Even more fundamental ... few people at NASA were even thinking about
telescope operations in the early years.... the Space Telescope project as a
whole was saddled with a management structure that can only be described as
Byzantine.... At the hardware level the chaos at the top was reflected in a
raft of independently developed scientific instruments and onboard computers,
none of which were well coordinated with the others. Indeed, the presumption
was that any such problems would be taken care of later in the software....
So, is SOGS fixed now?
Maybe. With TRW's help, the institute has spent the past several years beating
the system into shape.... On the other hand, such progress has come at a
price. SOGS now consists of about 1 million lines of programming code, roughly
ten time larger than originally estimated. Its overall cost has more than
doubled, from $30 million in the original contract to roughly $70 million....
In both NASA and Pentagon contracting, the cost of the old-line approach is
becoming all too apparent. Indeed, it has become a real sore point in the
computer community.
``It's the methodology that got us to Apollo and Skylab,'' says [James] Weiss
[data systems manager for Space Telescope at NASA headquarters]. ``But it's
not getting us to the 1990s. The needs are more complex and the problems are
more complex.''
``SOGS,'' he says, ``is probably the last example of the old system.''
This is a question for RISKS. I found this on the network. Can any RISKS-readers answer it? From: bob@imspw6.UUCP (Bob Burch) Newsgroups: comp.misc,comp.lang.ada Subject: French Airbus Disaster / Ada? Date: 27 Mar 89 12:37:11 GMT Organization: IMS, Rockville, MD I am hearing a couple of versions of the role which the Ada programming language might or might not have played in the air-bus disaster at the Paris Air Show about a year or so ago. I would appreciate hearing from anyone who actually knows anything about this topic. Ted Holden, HTE
Call for Papers
DIRECTIONS AND IMPLICATIONS OF ADVANCED COMPUTING
DIAC-90 Boston, Massachusetts July 28, 1990
Computer technology significantly affects most segments of society,
including education, business, medicine, and the military. Current
computer technology and technologies that seem likely to emerge soon will
exert strong influences on our lives, in areas ranging from work to civil
liberties. The DIAC symposium considers these influences in a broad social
context - ethical, economic, political - as well as a technical context.
We seek to address directly the relationship between technology and policy.
We solicit papers that address the wide range of questions at the
intersection of technology and society.
Within this broad vision, we request papers that address the following
suggested topics. Other topics may be addressed if they are relevant to
the general focus.
RESEARCH DIRECTIONS DEFENSE APPLICATIONS
+ Research Funding Sources/Effects + AI and the Conduct of War
+ Software Development Methodologies + Autonomous Weapons Systems
COMPUTING IN A DEMOCRATIC SOCIETY COMPUTERS IN THE PUBLIC INTEREST
+ Community Access + Computing for the Disabled
+ Computerized Voting + Uses of Models and Simulations
+ Civil Liberties + Arbitration and Conflict Resolution
+ Computing and the Law + Computing in Education
+ Computing and Workplace + Software Safety
Submissions will be read by members of the program committee, with the
assistance of outside referees. The program committee includes Alan
Borning (U. WA) Christiane Floyd (Technical University of Berlin),
Jonathan Jacky (U. WA), Deborah Johnson (Renssalaer Polytechnic), Eric
Roberts (DEC), Richard Rosenberg (SIGCAS, U of British Columbia), Ronni
Rosenberg (MIT), Marc Rotenberg (CPSR), Douglas Schuler (Boeing Computer
Services), Lucy Suchman (Xerox PARC), and Terry Winograd (Stanford).
Complete papers should include an abstract and should not exceed 6000
words. Papers on ethics and values are especially desirable. Reports on
work in progress or suggested directions for future work as well as
appropriate surveys and applications, will also be considered. Submissions
will be judged on clarity, insight, significance, and originality. Papers
(4 copies) are due by March 1, 1990. Notices of acceptance or rejection
will be mailed by April 15, 1990. Camera ready copy is due by June 1, 1990.
Send papers to Douglas Schuler, Boeing Computer Services, MS 7L-64, P.O.
24346, Seattle, WA 98124-0346. For more information contact Doug Schuler
(206-865-3226).
Proceedings will be distributed at the symposium, and will be available
during the 1990 AAAI conference. The DIAC-87 and DIAC-88 proceedings are
published by Ablex Publishing Company. Publishing the DIAC-90 proceedings
is planned.
Sponsored by Computer Professionals for Social Responsibility
P.O. Box 717, Palo Alto, CA 94301
DIAC-90 is partially supported by the National Science Foundation under
Grant No. 8811437, through the Ethics and Values Studies Office.
Please report problems with the web pages to the maintainer