The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 8 Issue 65

Thursday 27 April 1989

Contents

o Northwest 255 -- Another Disconnected Alarm story?
Jerry Leichter
o All addressed up with the wrong place to go
Jerry Leichter
o Jukebox foolishness
Robert J. Reschly Jr.
o Electronic Seat-Belts
Marc W. Mengel
o Mitnick plea bargain rejected by judge as too lenient
Rodney Hoffman
o Spider-Man's SSN and computer limitations
Brad Blumenthal
o Info on RISKS (comp.risks)

Northwest 255 -- Another Disconnected Alarm story?

LEICHTER-JERRY@CS.YALE.EDU <"Jerry Leichter>
Wed, 26 Apr 89 20:51 EDT
From the New Haven Register, 24 Apr 89.  (Page 30)

        Pilots in Northwest crash accused of
        disconnecting alarm on another flight

(Associated Press) Detroit:  There is evidence that the pilots involved in a
deadly 1987 airliner crash, blamed in part on a warning system failure,
intentionally disconnected a similar alarm on another jet two days earlier,
the plane's maker says.

In a petition filed with the National Transportation Safety Board, Douglas
Aircraft Co., a division of McDonnell Douglas Corp., said the pilots pulled a
warning system circuit breaker on the first plane, interrupting power to the
system and silencing an unwanted warning, The Detroit News reported Sunday.

The same pilots, John Maus and David Dodds, were in control of Northwest
Flight 255, a McDonnell Douglas MD-80, when it crashed on takeoff at Detroit
Metropolitan Airport on Aug. 16, 1987.

The pilots died, along with 154 other people, including two people on the
ground.  The only survivor from the plane was a 4-year-old girl.  It was the
second worst aircraft accidednt in U.S. history behind the 1979 crash of an
American Airlines jet near Chicago that killed 275 people.

The NTSB concluded last May that the warning system on the MD-80 failed to
alert the pilots that they hadn't set the wing flaps and slats, which provide
added lift for takeoff.

The board faulted the pilots for not setting the flaps and slats and failing
to complete a routine pre-flight checklist.  The board also said power to the
warning system was interrupted, but couldn't determine why.

Douglas' petition, obtained by the newpaper, cited a note written by Northwest
pilot Merrill Hodges in September 1987.  Hodges said he found an alarm system
circuit breaker pulled on another MD-80 jet flown by Maus and Dodds.

Flight records show Maus and Dodds landed that plane in Santa Anna, Calif., on
Aug. 14, 1987, and the plane stayed on the ground until Hodges entered the
cockpit the next day, Douglas' petition said.

"The unavoidable conclusion is that the absence of power to the takeoff
warning system was the flight crew's intentional disablement of the takeoff
warning," the petition said.

Northwest lawyer Carroll Dubuc said Douglas' petition doesn't raise anything
new and promised to file a response that will rebut Douglas' claim.

The newspaper quoted an unidentified official of the Air Line Pilots
Association as saying the claim is false.  The official said the union is also
preparing a response.


All addressed up with the wrong place to go

LEICHTER-JERRY@CS.YALE.EDU <"Jerry Leichter>
Wed, 26 Apr 89 21:14 EDT
[Background:  Martindale and Hubbell is, and has been for many years, the
standard directory of lawyers and law offices.  It runs to many thick volumes,
and is a required part of any law library.]

From "The American Lawyer", April 1989.  (Page 19.)

If you want to serve process on New York's Weil, Gotshal & Manges, you could be
handing papers to a dapper, red-liveried doorman at The Belmont, an exclusive
residential building on Manhattan's East 46th Street.  Mail addressed to
Whitman & Ransom could end up in the hands of one J. Pugh, the tenant in
apartment 5A of The Vancortlandt, a tony upper Park Avenue building.  And
lawyers unfamiliar with Wall Street's Fried, Frank, Harris, Shriver & Jacobson
could be reporting to a luxury apartment building on the Upper East Side.

Although the Belmont's doorman doesn't work for Weil, Gotshal, he says he has
been receiving "all kinds of mail" for the firm.  "Maybe a few lawyers live in
this building," he adds, "but there is no law firm here."

It seems that Martindale-Hubbell, Inc., made a few mistakes in printing its
1989 New York law directory.  Twelve New York firms - including Weil, Gotshal;
Fried, Frank; Whitman & Ransom; Phillips, Nizer, Benjamin, Krim & Ballon; and
Kelley Drye & Warren - are listed with incorrect, and seemingly random,
Manhattan addresses.

"I'm not very happy with [Martindale]," says Weil, Gotshal partner Alan
Weinschel.  "This is the most god-awful negligence.  Suppose somebody serves
papers on us at [East 46th Street] and it takes an extra day to forward it to
our office [at 767 Fifth Avenue]?  What if we miss a deadline because somebody
didn't make a change in the directory?"

Martindale cannot explain the erroneous addresses, except to blame "a computer
glitch," according to Richard Pizzi, vice-president and corporate counsel to
the legal publishing company.  Pizzi says the company's computer was "turned
down, and then back up" after the New York volume was already proofread.
Martindale didn't discover the errors until after the volume was printed and
mailed.

"We tried to address the issue head on," Pizzi says, noting that the company
gave each affected firm a complete refund of the cost of printing attorney's
biographies in the volume.  The publisher also arranged with the post office
for mail to be forwarded to the proper addresses, and sent customers a
two-page announcement of corrections.  Nonetheless one firm is sending a
messenger four times a day to pick up Federal Express mail and other
deliveries that might have found their way to the incorrect address.

Martindale's efforts haven't earned high marks from some lawyers at the
affected firms.  One angry partner says that when he insisted Martindale issue
stick-on labels with the correct addresses, the company didn't respond.
(Prizzi says the company is considering the suggestion.)  Pizzi turned down
requests from firms who wanted the book reprinted.

But other firms involved in the mix-up are not concerned.  The Manhattan branch
of Rochester's Nixon, Hargrave, Devans & Doyle, for example, is listed at two
addresses - 30 Rockefeller Center, its true address, and 101 Park Avenue.  "Our
regular customers know where we are," says Edward Hughes, managing partner of
the New York office.  "We'll rely on everybody's good humor to get by."
---Karen Dillon


Jukebox foolishness

"Robert J. Reschly Jr." <reschly@BRL.MIL>
Thu, 27 Apr 89 4:14:22 EDT
   Here is yet another example of microprocessor programming foolishness: When
several of us went to the local Pizza Slut for supper this evening, we were
seated next to the jukebox.  After noting that it looked pretty new we
proceeded to forget about it until it went into "attract mode".

   If it remains unused, it will eventually play a seemingly randomly chosen
song about once every 15 minutes.  This behavior, a relatively trivial
extension of the attract mode common to video games, did not elicit much
comment.  It did however provoke more intense scrutiny of the jukebox.  There
were several 7-segment displays making up the front panel (the usual "current
selection", "current play", and so forth), and one labeled "most popular
selection".

   Given that the group was composed of techie types, we proceeded to speculate
on the usefulness of that display -- including the idea of feeding the play
history to a clearinghouse ala Arbitron or Nielson.  We also started wondering
if the people who programmed the jukebox remembered to exclude the selections
played during attract mode from the "most popular selection" calculations.
Answer: NO! When the jukebox played "143" in attract mode, the "most popular
selection" display switched from "165" to "143".  *Sigh*
                                                      Bob

     [I'm glad it wasn't a JOKEBOX.  Nothing like hearing the same
     jokes over again, even if you tell 'em by the numbers.  (Old metajoke)
     To go with "You didn't tell it very well." and "We never heard that 
     one before.", how about these:
         "Number 165? That's not funny anymore.  The jokebox keeps playing it."
         "Number 143? I couldn't understand that one.  It was still encrypted."
                        

Electronic Seat-Belts

Marc W. Mengel <mmengel@cuuxb.ATT.COM>
27 Apr 89 16:38:30 GMT
>From Automotive Electronics News, Monday April 24 1989, p31

Makers Ready Smart Seat Belts for Mid-'90s Entry

DETROIT - Seat belts with electronic tension and slack controls should be
commonplace on cars in the 1990s, according to manufacturers.  ...  Research
shows that the more comfortable belts are, the more likely people are to wear
them.  The problem is that belts are more comfortable when they exert less
tension on the body, but they provide the most protection when they are snug.
...  Common mechanical belts in US cars today control slack with ratchets and
pawls similar to window shade mechanisms. ...  Mechanical belts' major drawback
is that sometimes too much slack is left in a belt when a person leans forward
and then sits back in the seat.

    A survey in 1988 by the Insurance Institute for Highway Safety showed that
more than one-third of the belted drivers of American cars have greater than
the safe limit of 1 inch of slack in their restraint.  This phenomenon
contributed to more severe head and facial injuries.  ...  Engineers at Bendix
Safety Restraints Division of Allied Signal Corp. and TRW Vehicle Safety
Systems Inc. -- the two major seat belt suppliers said electronically
controlled belts with electronic slack controls will provide maximum safety and
maximum comfort.

Both companies have developed prototype belts with electronic slack controls
and have presented them to their Big Three customers for evaluation.  ...  Once
electronics are made part of a seat belt system, other features can be added
easily, said Dr. Fleming [staff engineer in R&D at TRW] ...  Sensing brake
pressure is important because a driver whose car is sliding on ice might brake,
and an inertial sensor might not pick it up, said Dr. Fleming.  With
electronics "It doesn't cost you anything to lock those belts ...  and drive
the motor backwards to really tighten down the belt," he said.  This would be
accomplished by having an algorithm that signals the seat belt motor to
temporarily run in reverse at double voltage during an emergency situation, Dr.
Fleming said.  ...  These smart systems might then lead to anticipatory systems
that use radar as the sensor, ... Systems also can be created to adapt
themselves to individual occupants tastes for slack and tension.

                     [What about electrical systems failures leading to loss of
                     control *and* loss of seat belt locking???  Marc Mengel]

                            [How about "brilliant belts" that sense when you 
                            are drunk, strap you in, and call the police?  PGN]


Mitnick plea bargain rejected by judge as too lenient

Rodney Hoffman <Hoffman.ElSegundo@Xerox.com>
26 Apr 89 08:13:46 PDT (Wednesday)
An article by Kim Murphy in the 25 April 1989 'Los Angeles Times' reports that
U.S. District Judge Mariana Pfaelzer unexpectedly rejected the plea bargain of
Kevin Mitnick, the hacker once called "as dangerous with a keyboard as a bank
robber with a gun."  Pfaelzer declared that Mitnick deserves more time behind
bars.

As reported in RISKS 8.43, "Mitnick pleaded guilty to one count of computer
fraud and one count of possessing unauthorized long-distance telephone
codes.... Mitnick faces one year in prison.  Under a plea agreement with the
government, he must also submit to three years' supervision by probation
officers after his release from prison."

Judge Pfaelzer said Monday, "Mr. Mitnick , you have been engaging in this
conduct for too long, and no one has actually punished you.  This is the last
time you are going to do this."  She said a confidential pre-sentence report
recommended that she exceed even the 18-month maximum prison term called for
under mandatory new federal sentencing guidelines.  The judge's action voids
Mitnick's guilty plea.

Both prosecuting and defense attorneys were surprised.  Mitnick's attorney said
he did not know whether his client would agree to a guilty plea carrying a
longer prison term.  This could make it harder to bring charges against
Mitnick's alleged associates.  If Mitnick is brought to trial, testimony from
at least one of his associates would be required to convict him, and they would
not appear as witnesses without receiving immunity from prosecution.


Spider-Man's SSN and computer limitations

<brad@cs.utexas.edu>
Thu, 27 Apr 89 10:03:09 CDT
I guess we've probably beat this topic about to death, but comic strips do give
some picture of popular beliefs about computers.  The current story line in
Spider-Man has Jolly Jonah attempting to discover the web-slinger's True
Identity by hiring a team of psychologists to "feed information into a
computer," which will then figure out the answer.

This is not the only time I've run across this sort of computer naivete.  When
I was just learning to program (in BASIC, lo these many years ago), a friend
called me up with a scheme to win a local radio station contest.  I would take
all the clues that the station had broadcast describing, and "feed" them into
"the computer" (presumably into the BASIC interpreter :-), and he would figure
out some way to get through to the radio station when the computer came up with
the right answer.

The question for RISKS readers is double-edged.  How did this impression of
computers as all-knowing come about, and how should we, as professionals,
describe computers so as to dispel these notions?  The answer to the first part
of the question is fairly obvious.  A friend pointed out to me the multitude of
public sources of misconception -- from popular entertainment (Twilight Zone,
2001, Knight Rider), to sales campaigns and news reports based on press
releases (users will be able to train themselves and solve world problems with
computer X), to sensationalistic claims by well-known and highly visible
computer scientists.

The other side of the question is much harder.  I've often found myself trying
to characterize the limitations of computers as they are applied to these
situations (i.e. discovering an identity from a set of clues).  It's an
interesting juxtaposition to the awesome ability computers have for producing a
set of clues from an identity (e.g. a SSN).  Trying to explain the differences
in cocktail-party English is difficult at best.  As our data bases become
larger the principle of garbage-in-garbage-out seems to be taken less seriously
(ironically), and non-computerniks don't seem to interpret this to include
nothing-in-nothing-out.

To reiterate, how should we present the limitations of computerized information
handling in a clear, non-patronizing way, and how can we effectively counter
those who imply the omniscience of "The Computer?"  Do we need a "truth-in-
advertising" code for computer capabilities; if so, what should it look like?

Brad Blumenthal, Computer Science Department, University of Texas, Austin TX
                                   uucp: {uunet, harvard}!cs.utexas.edu!brad

Please report problems with the web pages to the maintainer

Top