The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 8 Issue 79

Wednesday 14 June 1989

Contents

o Single point of failure -- Tokyo Stock Exchange
Jerry Carlin
o Costly Horse Race
Rick Zaccone
o Commercial Loans in California at a Standstill
PGN
o Phone Hacking
Brinton Cooper
o Microcomputers in the operating theatre
Martyn Thomas
o Inspiration from the past -- Machines Will Take Over
Curtis Galloway
o "Illuminatus!"
Pete
o Praise and Blame -- Computers and People
Hugh Miller
o NORAD Computers: Years Late, Unusably Slow, $207 Million Over Budget
Karl Lehenbauer
o Info on RISKS (comp.risks)

single point of failure -- Tokyo Stock Exchange

Jerry Carlin <jmc@PacBell.COM>
12 Jun 89 20:59:51 GMT
"How Tokyo Earthquake Could Destroy the World Economy"
SF Chronicle, Monday, June 12, page C7

The reporter quotes a story in "Manhattan, Inc" where it was disclosed
that the main and backup computer for the Tokyo Stock Exchange sit right
next to each other and in an area totally destroyed by the 1923 earthquake.

This computer is the SOLE repository of Japan's offical records of stock
ownership. Therefore if the computer is destroyed, all records of share
ownership could disappear with obvious consequences.

The original article speculated on various afteraffects of the earthquake
including the collapse of the Yen, bankrupcy of Western insurance companies,
and reversal of balance of payments problem.

Jerry Carlin (415) 823-2441 {bellcore,sun,ames,pyramid}!pacbell!jmc


Costly Horse Race

Rick Zaccone <zaccone@sol.bucknell.edu>
Wed, 14 Jun 89 08:55:25 EDT
The following was in the New York Times, June 13, 1989, p. B12:

                      Computer Glitch is Costly

Bettors who had the early daily-double yesterday at Belmont Park were
supposed to get back about $70 for hooking up Dyna Mite Mollie in the first
race with Jazz City in the Second.  But a computer glitch knocked their
payoff down to $3.40 and made winners out of everyone who had picked the
winner of the first race.

A defective computer file knocked out the track's parimutuel system after
the first race, and track stewards ordered the second race to be run a as
non-betting event after first delaying it for 27 minutes.  Under State
Racing and Wagering Board rules, all bets on a non-betting race must be
refunded, and the non-betting race must be removed from multiple-race bets
involving it.

So track officials had no choice but to pay off a consolation daily double
of Dyna Mite Mollie in the first and ``all'' in the second.  Actually, the
$3.40 payout on the ``4-all'' combination turned out to be a bit more
profitable than betting on Dyna Mite Mollie to win.  She paid only $3.20.

The computer problem was resolved after 55 minutes, and the remaining races
were run without any problem.  The cancellation of the other second-race
bets prompted a statewide refund of $439,144.

Rick Zaccone


Commercial Loans in California at a Standstill

Peter G. Neumann <Neumann@KL.SRI.COM>
Wed, 14 Jun 89 14:04:28 PDT
A new $4.1 million computer system designed to enable recording, indexing,
and scanning of 5.5 million pages of Uniform Commercial Code Division data
was suppposed to provide the equivalent of a title search for commercial
borrowers in two days instead of two weeks.  The new system went on-line on
5 April, but worked at only 30% of capacity.  For every day's work, the
staff was falling 2.5 days behind.  On 17 May they resorted to manual
methods.  The current backlog is 50,000 requests, and is not expected to be
eliminated until 1 August.  (The office is borrowing 100 employees.)
Because of the enormous delays now encountered, many lenders have simply
given up making commercial loans.  (The contractor had urged the state to
keep the old semi-manual system running as a backup, but the state
apparently insisted on a cutover without retaining the backup.)  [Source:
abstracted from an article by Kenneth Howe in the San Francisco Chronicle,
14 June 1989, p. 1.]


Phone Hacking

Brinton Cooper <abc@BRL.MIL>
Tue, 13 Jun 89 8:22:44 EDT
From the Baltimore Sun, 13 June 1989, presented w/o permission:

    Callers trying to dial a probation office in Delray Beach, Fla,
  yesterday heard sex talk from a panting woman named Tina instead.
  [...named Tina instead of what?...]

    Southern Bell officials said that a computer hacker reprogrammed
  their equipment over the weekend, routing overflow calls intended for the
  local probation office to a New York-based phone sex line.

    They said it was the first time their switching equipment had ever
  been reprogrammed by an outside computer intruder...

    The implications of a computer breach are staggering for phone
  companies.   Intercepting corporate communications, uncovering unlisted
  telephone numbers and tampering with billing information all are
  plausible consequences of such computer security breaches.

I find it interesting that two of the three "implications" of such activity
are inconvenient for corporations while one deals with personal issues.
Unmentioned are the more insidious implicatios of this specific activity,
rerouting incoming calls.  Calls to 911, for medical care, or to a neighbor
to come for help may be more costly in human terms than "intercepting
corporate communications."
                                                    _Brint


Microcomputers in the operating theatre

Martyn Thomas <mct@praxis.UUCP>
Tue, 13 Jun 89 12:45:23 BST
This article appears in the July 1989 issue of Micro User (a hobby computing
magazine). I have written to the named anaesthetist to persuade him to think
again, and to the magazine to explain the problem.  I must emphasise that I
have no direct knowledge that the report is true, which is why I have
suppressed the name of the anaesthetist. The problem remains, though.  How
can we spread understanding of the problems of using computers in
safety-related applications, and of the minimum set of techniques which
should be employed if such systems are being developed?

{  A BBC Micro in the operating theatre

Anaesthesia is a precise art and at University Hospital, Nottingham [UK]
there are moves to sharpen that precision by taking a BBC micro into the
operating theatre.

... consultant anaesthetist [name given] plans to connect the machine to
syringe drivers and so improve control over drugs given to patients during
operations.  Senior lecturer at the hospital's adjoining medical school, he
hopes to take this even further by using the micro to receive messages from
the patient's body, adjust drug output accordingly and even act as a hazard
warning for theatre staff.

As well as being put into practice during operations, his ideas will be used
for teaching students in the Department of Anaesthesia.

"I am generally interested in looking at micro applications in the operating
theatre", he told Micro User. "The first is to link up a micro to drive
stepper motors and syringe drives which could get over the inertia problems
of the linear motors which are used at present".  }

Martyn Thomas, Praxis plc, 20 Manvers Street, Bath BA1 1PX UK.
Tel:    +44-225-444700.   Email:   ...!uunet!mcvax!ukc!praxis!mct 


Inspiration from the past

Curtis Galloway <curtisg@sco.COM>
Tue, 13 Jun 89 16:41:38 PDT
Whenever my faith in technology flags, I turn to my favorite source of
inspiration: _The Wonderland of Tomorrow_, by Jean Carper.  I thought I
would share some of its prophetic words with RISKS readers.  (I particularly
like this chapter's title; I only wish I could send along the
illustrations.)

Copyright Albert Whitman & Co., 1961.  Reproduced without permission.

  Chapter 3

  Machines Will Take Over

      The electronic computer is the most marvelous machine ever
  invented.  It is often called the electronic "brain" because it does
  work so fast and accurately.  It has been widely used for only about
  ten years, yet it has already changed our lives.

      Some day a computer will run an entire company.  It will make
  about sales, production and personnel that are much more accurate
  than decisions made by businessmen.  Companies already have employed
  computers to determine policies.

      One day doctors may use computers to determine what is wrong
  with their patients.  The doctor will feed a list of symptoms into a
  machine, and it will tell him exactly which disease he should treat.
  In an experiment at Cornell University a computer and a doctor
  diagnosed the ailments of 350 people, and the computer did a better
  job than the doctor.

      Airplanes without human pilots may soon fly passengers and
  freight across the country.  Air traffic will be controlled from the
  ground by computers.  Some airports are now using computers to help
  prevent mid-air collisions.

      Computers already have translated Russian books, speeches, and
  scientific papers into English.  So far, these machine translations
  are crude and imperfect, but improvements are made all the time.
  Soon we may see translations of hundreds of foreign books and
  magazines in any bookstore.  It will be possible because computers
  made the translations many times aster than human language experts
  could.  How rapidly new ideas will travel!

  [...] People who work with computers sometimes call them "idiots." 
  A man, called a programmer, has to tell the machine how to work
  problems step-by-step.  He feeds instructions into the machine, and
  each time the machine works a problem it must consult the
  instructions.  This series of directions is called a program.  A
  program is so somplicated that a man may sped several months
  developing it.

  [...] A prominent scientist has suggested that we eliminate wars by
  having the generals of unfriendly countries play war on the
  computer.  No lives would be lost, and no cities destroyed.  The
  generals of each country would simply feed their battle plans into
  the computer.  The machine would run through the battles and show
  which side won.  The losing country could perhaps pay a fine to the
  winner, and everyone would continue living peacefully.

      We have seen very little of what computers can do, but we can
  expect amazing things of them.  One day the development of the
  computer may be regarded as a greater achievement than smashing the
  atom!

Curtis Galloway -- The Santa Cruz Operation, Inc.


"Illuminatus!" (Brunnstein, Wily hackers, RISKS-8.77)

<pete@basser.cs.su.OZ.AU>
Wed, 14 Jun 89 19:16:16 +1000
I believe that the book in question must be "Illuminatus!" by Harold Shea and
Robert Anton Wilson. The book is a spoof on conspiracy theories, and intimates
that many and probably all human institutions are just fronts for a small
group of 'enlightened ones', who are themselves a front for the Time dwarves of
Reticuli Zeta, or perhaps Atlantean Adepts, remnants of Crowley's Golden Dawn,
or even more likely the Lloigor of H.P. Lovecraft's Cthulhu Mythos. A leading 
character in this book is named Hagbard Celine.

"Illuminatus!" is a fun read if you like psychedelia and paranoia. It also
seems to have influenced a lot of subsequent work, most notably Adams'
"Hitchhiker's Guide to the Universe". It is easy to see how an unbalanced
mind, taking it literally, could be completely absorbed. In fact
"Illuminatus!" purports to intend just this sort of programming, referring
to it as 'Operation Mindf**k'. I don't think this constitutes a real danger
for the vast majority of sane adults, but it may, tragically, have been the
case here.  Or perhaps, no disrepect intended, Koch may in the course of
various hacks really have discovered too much about the Illuminati. After
all, they are supposed to be the secret power behind the KGB ... :-)

(pete%basser.oz.AU@UUNET.UU.NET){uunet,mcvax,ukc,nttlab}!munnari!basser.oz!pete
JANET: (POST) pete%au.oz.basser@EAN-RELAY        (MAIL) EAN%"pete@au.oz.basser"


Praise and Blame -- Computers and People

Hugh Miller <MILLER@vm.epas.utoronto.ca>
Tue, 13 Jun 89 10:29:24 EDT
Michael Doob ("The Computer Didn't Commit the Crime," RISKS 8.78) remarked that
his bank has taken to citing "human error" instead of "computer error" when
apportioning blame for mistakes.  This is, of course, getting to be a familiar
pattern to RISKS users (e.g. the Airbus crash, the Vincennes, etc.).  Two
things are worth mentioning:

    (1) In the case of big systems, the investment grows so great and becomes
        such a milk-cow for so many people and institutions that any scapegoat
        but the system itself will do in the event of a breakdown.  The irony
        in this lies in the fact that the charge of "human error" is correct,
        in a way: we humans erred in constructing a buggy system and regarding
        it as reliable.

    (2) We used to cite "computer error" because it was a convenient way to
        deflect blame away from human persons.  Implicit in this behaviour was
        a view that human persons possessed a moral dignity not proper to the
        machine, and that it was therefore better that the lower entity take
        the rap. Our new pattern of blame suggests that we have set this order
        of values on its head.

Hugh Miller, University of Toronto


NORAD Computers: Years Late, Unusably Slow, $207 Million Over Budget

Karl Lehenbauer <karl@sugar.hackercorp.com>
13 Jun 89 04:59:00 GMT
Two major new North American Aerospace Defense Command computer systems have
encountered software development problems that have increased costs by at least
$207 million dollars and will be at least seven years late when delivered.

According to Aviation Week and Space Technology (May 22, 1989, pp. 24 & 25),
the Space Defense Operations Center (SPADOC) modernization and the
Communications System Segment Replacement (CSSR) programs, both part of the
Cheyenne Mountain upgrade at Colorado Springs, have encountered major delays in
their development, prompting criticism of the management of both programs from
the General Accounting Office (GAO).

The GAO report criticized the project for its unrealistic expectations and the
willingness to start the second phase before the first phase had been
completed.  The commander of the U. S. Space Command, USAF General John
Pitrowski, said that the reports are substantially correct, but he disagreed
with certain of the GAO's recommendations.

SPADOC is the data processing and communications center that supports the North
American Aerospace Defense Command.  The center is supposed to be able to
maintain information on the position of up to 10,000 man-made objects in space.
It is also to provide warning of an attack, and to determine when satellites
need to be maneuvered for their safety.

The SPADOC modernization program was divided into three blocks -- A, B and C.
Full-scale development on Block A started in 1983 and was intended to provide
the hardware and software to automatically monitor and assess foreign
activities that might put U. S. satellites at risk.  Block B is to have the
ability to make predictions of the orbits of about 400 satellites, and to
automate a space object database that catalogs about 10,000 objects.  Finally,
Block C is to add greater automation, and to provide for the growth
requirements of the system through the year 2005.

The prime contractor is Ford Aerospace and Communications Corp.  IBM is the
major hardware supplier.  Logicon, Inc. is providing independent validation and
verification of the software for the Air Force, and the Mitre Corp. is
providing engineering support to the Air Force as well.  According to the GAO
report, both Mitre and Logicon raised concerns about the quality of Ford's
software development and whether Ford would be able to meet the schedule.

The Air Force accepted the Block A system, even though (according to the GAO)
it did not satisfactorily perform 14 of 23 required functions within the
specified time limits.  One example is that notification that a satellite is
under attack takes four times longer than specified.  According to the article,
Mitre reported that in tests conducted in 1988, the system was so slow that at
several points it was almost impossible to interface with it through the
operators' consoles.  The software is unstable as well, and unacceptable times
to restart the system after a problem had occurred (presumably software
exceptions and such) were also cited.

Ford has proposed a new architecture for Block B using IBM 3090 computers.
Ford also says that these computer will be sufficient to handle the Block C
portion as well.

The GAO also noted that, even if the software had worked and been on time, it
could not have been installed in Cheyenne Mountain due to a lack of uniform
wiring standards for computer and telecommunications equipment and congestion
in the cabling area.  Pitrowski agreed that the Air Force should have resolved
the wiring problems sooner, but noted that the Air Force awarded a contract for
facility modifications on April 19th.
                             Karl Lehenbauer

Please report problems with the web pages to the maintainer

Top