The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 8 Issue 70

Friday 12 May 1989


o Computers in mathematical proofs
Henry Spencer
o Re: An Atlantis spacecraft computer problem resolved nicely
Yves Deswarte
o Company sued for "computerized" firing scheme
Emily H. Lonsford
o Logged on and Unattended
NOT FROM Jon Orseck
o Dot Matrix == valid and LaserReceipts
Mike Albaugh
o Computer generated checks
John McLachlan
Darin McGrew
o Auto electronics and Radio Transmitters don't mix!
Peter Morgan Lucas
o Mitnick update
Rodney Hoffman
Michael J. Tighe
o Centralized Railroad Dispatching
Chuck Weinstock
o Info on RISKS (comp.risks)

Computers in mathematical proofs

Thu, 11 May 89 03:18:49 EDT
The March 1989 Scientific American has a very interesting little piece in
its "Science and the Citizen" column, talking about the growing acceptance
of computerized proofs in mathematics.  It cites the 1976 Haken/Appel
proof of the four-color theorem, and the controversy that followed, but
observes that at least in principle, that result could be checked by hand.
Now we have a significant proof for which hand checking is out of the
question:  Clement W.H. Lam of Concordia University has used 3000 hours
on a Cray-1, spread over two years, proving an instance of one of Gauss's
conjectures ("there are no finite projective planes of order 10", to be
precise).  This proof, unlike the Haken/Appel one, is meeting little
opposition, despite its complexity (100 trillion cases) and the fact that
it was done with a collection of small programs rather than a single
systematic large one.

Lam himself says he was hoping for a positive result, which would be easy
to check, rather than a negative one.  But he is fairly confident in his
result, citing two reasons:  (a) the programs did do some internal
consistency checks; (b) the result agrees with "mathematical intuition"
(for example, an order-10 projective plane is known to be forbidden to
have any symmetry, which apparently is almost unheard-of for such an

Mathematicians are coming to accept computers, it seems.  Ronald L.
Graham of Bell Labs observes that nobody has flatly refused to accept
Lam's result, as some did for the Haken/Appel result.  Haken himself
observes that there is a more mundane explanation for that:  many of
the objectors were older mathematicians who have since retired.

Haken and Graham both observe that "simple theorems should have simple
proofs" is a religious belief rather than a law of nature, and is
verifiably false in some simple artificial mathematical systems.

                                     Henry Spencer at U of Toronto Zoology

Re: An Atlantis spacecraft computer problem resolved nicely

Yves Deswarte <>
Thu, 11 May 89 12:20:05 -0200
Except if recent major changes have been applied to the space shuttle
avionics system, the 5 General Purpose Computers (GPC) are not organized
in 2xpairs + 1 back-up, but in a redundant set of 4 computers + 1
back-up. A 2x2 configuration (Stratus-like) would not fulfill the
requirement of remaining operational after two non-simultaneous or
non-identical faults. With the 4-set configuration, "the first two [GPCs]
to fail ... must be identified to the crew as failed; the third should
also be identified as failed, but only by achieving as much coverage as is
possible within limited processing and storage overhead." (*)
That means that the 4 GPCs tolerate 2 independant faults and have a high
probability to tolerate the 3rd fault (the coverage of the built-in test
equipment -BITE- is 96.8 %).

This is achieved by voting mechanisms, automatic diagnostics and (manual
or automatic) reconfiguration.

The back-up GPC takes control (after manual reconfiguration) only
- if the voting mechanisms are defeated by two simultaneous identical
  faults (2 faulty GPCs have identical outputs), or by the 3rd fault
  if not covered by the BITE : 3.2% probability,
- or if a software error disbles the 4 main GPCs.

(*) "Redundancy Management Technique for Space Shuttle Computers"
    J.R. Sklaroff, IBM J.Res.Develop., January 1976, pp.20-28

    -- Yves Deswarte, LAAS-CNRS & INRIA, Toulouse, France --

   [Yves, Many thanks.  I apparently did a mental switch and crossed the A320
   with the Shuttle.  But in any event, it is my understanding that the
   shuttles have never had to depend on the backup software.  I hope someone
   will correct me if that is wrong.  PGN]

Company sued for "computerized" firing scheme

Emily H. Lonsford <>
Thursday, 11 May 1989 09:21:43 EST
This morning on National Public Radio there was a report on a trial in
St. Louis, MO.  The juryless trial is a class action suit against the
Continental Can Company, which has more than one plant in St. Louis.  The
company is being sued by a group of more than 200 former employees who allege
that a computer program was used to target them for termination before they
could reach retirement age, thus denying them their pensions (and presumably
saving money for the company.)

The report went on to say that Continental Can was the leading beer-can maker
in the sixties, but fell on hard times in the seventies and has had layoffs.

Although the report did not specifically state it, I assume that the laws that
pertain here would be those protecting older workers against age discrimination
-- not against computerized screening (whether for age or anything else.)
*        Emily H. Lonsford
*        MITRE - Houston W123  (713) 333-0922

Logged on and Unattended

Jon Orseck <>
Thu, 11 May 89 12:41:14 EDT
I am NOT orseck@eniac.  I don't know him.

He was working two shells deep and only logged out the first, leaving the
% prompt visible on the screen and a shell exposed.

Just imagine what would have happened had I sent letters apparently from him or
posted embarrassing or inflammatory articles to newsgroups such as

Never leave your terminal logged on and unattended!

Dot Matrix == valid and LaserChecks

Mike Albaugh <albaugh@dms.UUCP>
Fri May 12 13:51:34 1989
    This attitude goes back a ways. Around 1980 I almost had to swallow
a dinner tab for 20+ people because accounting had a strict rule of no
re-imbursement of restaurant tabs without "a cash-register receipt". The fact
that the restaurant in question liked to consider itself "high class" and thus
only issued hand-written receipts did not impress them. Five minutes work with
a dot-matrix printer and a pair of scissors saved me $300. Had I not been
so ethical it could have saved me more...
                            Mike Albaugh

computer generated checks

Thu, 11 May 89 09:43:43 EDT
Was the signature also printed by the computer?  I would hope not, since 
anyone who can get at your mother's computer would clear your mother's account.

As for the bank holding a computer generated check, their policy seems 
strange. Most companies pay employees with computer generated checks. Do the 
banks treat these checks any different?   I'm very curious.
                                                                John Mc

    [Payroll checks used to be  printed on CHECK PRE-SIGNED Stock.  
    It is even "easier" to laser the whole thing, including the signature. 
    But then the computer system and the staff had better be trustworthy.  PGN]

Re: Computer-generated checks (RISKS-8.69)

Darin McGrew <mcgrew@ichthous.Sun.COM>
11 May 89 23:27:58 GMT
Stores that cash payroll and similar checks (very common in many farming
communities) are vulnerable to this assumption as well.  People who would never
take a fake $500 bill think nothing of taking a fake payroll check.

I read of a ring of payroll check counterfeiters that was caught recently.  The
(new) assistant manager who was called to approve the check had worked for the
company the check was allegedly drawn against, and noticed that it didn't look
like the paychecks he'd received.  Then he looked more closely and noticed
misspellings, incorrect addresses, etc., and called the police.

It manifests itself in a variety of ways, but the basic issue is that computers
are making it easier and cheaper to generate documents that look official and

Darin McGrew        mcgrew@Sun.COM

Auto electronics and Radio Transmitters don't mix!

"Peter Morgan Lucas, Network Support, Swindon" <PJML@IBMA.NERC-WALLINGFORD.AC.UK>
Tue, 09 May 89 16:18:08 BST
Just a note to let you know of a possible risk to all of those of you who
drive cars with electronic fuel injection systems.

My father's newly acquired Volvo 480i has an interesting characteristic.  When
i operate my VHF ham radio gear (100 watts output at 144MHz), the car gives a
cough (!) if accelerating hard when i press the transmit switch.  The radio
signal is clearly getting into the ignition/injection microprocessor and
causing some sort of false triggering.  The problem is only of very brief
duration ( approximately a quarter of a second) after which it clears itself.
This is only noticeable when accelerating hard in low gears (45MPH in second,
65-70MPH in third).  The local Volvo dealer was somewhat perplexed (hes only a
salesman, not a RF engineer, after all!) and said he would contact the
importers to see if there's any modification (suppressor kit) to get round the

Point is, if 100 watts can cause the effect, is there any risk in driving
past other VHF transmitters (TV, FM radio, police, military installations)
where the transmitted power may well be 250 kilowatts????

                   Pete Lucas   G6WBJ

Mitnick update

Rodney Hoffman <>
12 May 89 14:58:47 PDT (Friday)
When last we heard about Kevin Mitnick, the hacker once called "as
dangerous with a keyboard as a bank robber with a gun,"  the judge had
rejected a plea bargain as too lenient, saying Mitnick deserved more than
the agreed one year of jail time.  (See RISKS 8.65)

According to a wire service story in the 10 May 89 'Los Angeles Times,'
Mitnick has now reached a new agreement, with no agreed-upon prison
sentence.  He pleaded guilty to stealing a DEC security program and illegal
possession of 16 long-distance telephone codes belonging to MCI
Telecommunications Corp.  The two charges carry a maximum of 15 years and a
$500,000 fine.  The government agreed to lift telephone restrictions placed
on Mitnick since he was jailed in December.

At DEC's request, Mitnick will help the firm identify and fix holes in its
security software to protect itself from other hackers.  He will also
cooperate in the government's probe of Leonard DiCicco, a fellow hacker.
(DiCicco is the 'friend' referred to in RISKS 8.13 who turned Mitnick in.)

      [As the old saying goes, with friends like that, who needs enemies.  PGN]


Michael J. Tighe <>
Fri, 12 May 89 19:02:56 EDT
The credit bureau of TRW has been working with the Social Security
Administration to verify its database of 140 million names and Social Security
numbers. In order to cover the cost, TRW is paying the Social Security
Administration $1 million, while Social Security Administration will provide a
matching $1 million.

Since the Social Security Administration is asking for a budget increase for
their computer and telecommunications systems, several legislators are outraged
by the fact they they are spending $1 million for this non-government project.
Claiming that the project is "as far away from the mission of the Social
Security Administration as anything I have ever come across", Senator David
Pryor (D-Ark) questioned the competence and credibility of Social Security
Administration Commissioner Dorcas R. Hardy and asked for an investigation by
the HHS inspector general.

In addition, several lawmakers such as Dale Bumpers (D-Ark) believe the project
to be a violation of civil liberties. Said Bumpers, "I don't like any public
institution releasing an individual's private information." The American Law
Division of the Congressional Research Service has already concluded that the
project is a violation of the Privacy Act of 1974.
                                                            Mike Tighe

Centralized Railroad Dispatching

Chuck Weinstock <weinstoc@SEI.CMU.EDU>
Tue, 09 May 89 15:51:20 EDT
Railroad Brings Far-Flung Dispatchers Together in Huge Computerized Bunker
by Daniel Machalba, Wall Street Journal, May 9, 1989

Starting next month, Union Pacific Railroad train dispatchers will begin
working at computers in a windowless bunker built inside an old freight house
in Omaha, Neb.  The railroad designed the structure's 18-inch-thick,
reinforced-concrete walls to withstand, if need be, a telphone pole hurled by a
180-mile-an-hour tornado.  The precautions show the importance and risks of
railroads' move into centralized, computer-aided train dispatching.  By
consolidating dispatchers now located at 10 far-flung field offices from Oregon
to Omaha, Union Pacific expects to reap savings of more than $20 million a
year.  But it must also safeguard its new center from disruptions that could
cripple railroad operations on a wide scale.  "The bunker will survive anything
short of a nuclear attack," says Michael Walsh, chairman of the rail unit of
Union Pacific Corp., Bethlehem, PA.

Last March, CSX Corp. opened a similar computerized dispatching center in
Jacksonville, FL.  The company says the new center will reduce the number of
dispatchers needed to run its 20,000 miles of railroad to 350 from 550, while
consolidating 34 dispatch offices into one.  At the heart of the new center is
computer software that can track the progress of trains and automatically
switch tracks and signals, so that a fast freight train can pass a slower one.
Freed of such routine tasks, dispatchers will be able to concentrate on special
situations.  Railroad officials say such efficiencies will make it possible for
each dispatcher to control double or triple the amount of track.  They also
hope that bringing the dispatchers into one big room, with panoramic views of
trackage projected onto wall screens, will reduce communications problems and
resultant train delays.

CSX dispatcher Jan Cato gives one example of how the centers are more
efficient.  In order for Amtrak's southbound Silver Star to overtake and safely
pass two freight trains on its way from Savannah, GA to Jacksonville, she
merely types in the locomotive numbers, speeds and other vital data about the
trains and the computer does the rest of the work.  Previously she had to throw
no less than 50 levers manually to line up switches and signals.

"The computer does the thinking when it comes to things such as tonnage, speed,
and priority," said Union Pacific dispatcher Bob McKenzie last month in the
company's employee magazine.  "But it can't determine when you have problems
like a train with an engine down, broken air hose or a train down during
inspection of a hot-box [overheated axle].  That's when a dispatcher needs to
step in."

Some dispatchers worry about information overload.  "I have my doubts I could
physically handle the expanded territory that would come with the new system,"
says Richard Pennisi, a Union Pacific dispatcher in Cheyenne, WY., who is
taking a cash settlement rather than moving to take a job at the Omaha dispatch

Other railroads say they are reluctant to move their dispatchers to a single
location, fearing a widening gap between dispatchers and the territories they
cover.  "We just don't think we can operate the railroad as well without the
day-to-day, eye-to-eye contact," says Jack Martin, a senior assistant vice
president of Norfolk Southern Corp.  However, officials of Burlington Northern
Inc.'s rail unit are closely watching the new central facilities.  Burlington
Northern, which has already cut the number of its dispatch offices in half from
14 a decade ago, is considering further consolidation to one or two locations.

CSX's dispatch center, which is housed in a circular buildiing 150 feet in
diameter is permitting the railroad to retire antiquated dispatching facilities
such as a 50 year old one in Deshler, Ohio.  Dick Fliess, a CSX Transport vice
president, says the company has solved software problems that slowed some train
operations when the new center opened.

At Union Pacific's dispatch center, which will cost about $47 million, the
railroad is also consolidating its crew-calling staff, previously scattered in
four regional centers, into second story offices above the dispatching bunker
on the ground floor.

  [Someone in the rec.railroad newsgroup pointed out that there is a real risk
  of centralizing dispatching beyond the obvious one of a system failure.  The
  UP is likely to be one of the railroads that moves around the MX trains.  
  With centralized dispatching it becomes easier to determine that a particular
  block of cars always move around together (and thus possibly contain MX's).
  Furthermore, knocking out the center not only shuts down the railroad, but
  also disables (or at least impedes) the mobility of the MX.  Chuck]

Please report problems with the web pages to the maintainer