Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
The complete text of an article in the Boston Globe, 6/23/89. pp. 13,83 (reproduced without permission) Student plan marred by computer mistake by Diego Ribadeneira, Globe Staff In a major glitch in the new Boston school student assignment plan, a computer tape containing the names of nearly 900 students entering kindergarten this fall was lost, leaving parents unsure if their children will be able to attend their preferred schools. The snafu, discovered earlier this week, also hurts the credibility of the plan, which some critics had said was being implemented too rapidly. Some students who have already received their assignments for next year may not have gotten their top choices had the tape with the 900 applicants been properly processed, school officials said. Superintendent Laval S. Wilson said the department has not yet determined how it will remedy the problem. He said it may conduct the assignment process for kindergarten students all over again. The error occurred, according to school officials, because the lost tape had been used to test the accuracy of a program developed to assign schools to students under the new plan. The tape was not returned to be used in the computer run to assign students to schools. ``Inadvertently this tape was not merged with the other tapes...,'' said Catherine Ellison, senior officer for implementation for the Boston School Department. The lost tape contained the names of 887 children, the majority of whom will be entering kindergarten. Since the mistake was discovered, school officials have manually been able to match 344 of the children on the misplaced tape with one of their school choices. Under the plan, called controlled choice, the city is divided into three geographic zones. Parents were asked to list five choices for schools within their zone. The plan will being this fall for students entering kindergarten, first grade and sixth grade. All remaining grades would fall under the new plan in the fall of 1990. School officials had advised parents affected by the new plan to submit their applications by May 18, the first deadline for choosing a school, to have a better chance of getting their top choices. The officials acknowledged yesterday that the remaining 543 students on the misplaced tape may not get one of their preferred schools, partly as a result of the mistake. ``We will be looking at the remaining applicants to determine how well we can honor the requests,'' Ellison said. ``We will do as much as we can with the best interests of the parents in mind. I won't sit here and promise something I cannot deliver. We hope to attempt to honor one of the parents choices.'' Kathy Satut listed the New Agassiz School in Jamaica Plain as her first choice. ``I called up Wednesday and that's when they told me they had lost the tape.'' Satut said. ``I couldn't believe they had done that. Now I don't know what's going to happen. Am I going to be penalized for their mistake? What was the point of trying to get the application in on time. I think they should all be fired. I'm very, very upset.'' School officials said they are trying to insure that the percentage of students from the misplaced tape who get their first choice will be about the same as that for the students assigned schools from the first computer run. They said they hope to complete assignments for kindergarten students by the weekend. News of the error angered some school observers who said it comes at a time when various reforms are being undertaken in an effort to lure new students to the system. ``It's pretty outrageous,'' said Paula Georges, executive director of the Citywide Education Coalition. ``It undermines the credibility of the plan.'' [End of Text] [The most obvious implication of this incident is the importance of having a backup. And why oh why weren't they using a *copy* of the data to do their testing?!? The article merely hints at some intriguing characteristics of the Boston Schools' DP department. What disturbs me about this is that the plan is an important step in the troubled recent history of the Boston schools towards equitable access to various resources within the schools, by allowing parents to make an informed choice for their child as to which school to attend. This ``snafu'' has created the perception of arbitrary school assignments. Further, I suspect the complicated nature of giving the maximum number of students one of five top choices involves so many permutations that computer processing is essential to proceeding with the plan; as the article reveals, the ``credibility'' of both the plan, and most likely the role of computer processing, has now been called into serious doubt.]
Friday June 23 N Y Times, p. A10:
By Roberto Suro, special to the NYT
LA JOLLA, CA, June 22 — The Commissioner of Immigration and Naturalization,
Alan C. Nelson, today proposed a nationwide computer system to verify the
identities of all job applicants in order to halt the widspread use of
fraudulent documents by illegal aliens seeking jobs.
Mr Nelson also suggested standardized identity cards for immigrants
so as to get fuller compliance with a 1986 law prohibiting employment of
illegal aliens.
Creating a national identity card and other ways of checking legal
status or identity have been repeatedly suggested in Congress as tools in
fighting unlawful immigration, but have also been consistently rejected
as potential infringements on civil liberties.
[15 column-inches deleted]
The national computerized database on everybody is one bad idea that
simply refuses to stay dead, no matter how many times we drive a stake
through its heart---if the INS ("Search warrants? We don't need no
stinking search warrants!") didn't resurrect it, the drug czar or the
FBI would. "Eternal vigilance ...". On the other hand, it appears to
me that most informed citizens by now understand the risks involved:
computer professionals no longer have to fight this battle alone.
The identity-card stuff I suppose belongs in talk.politics.misc: I won't
go into it here.
Chris chrisj@cup.portal.com sun!cup.portal.com!chrisj
(Christopher T. Jewell) chrisj@netcom.uucp apple!netcom!chrisj
I've seen a fair number of articles in the press lately warning people about
how sophisticated advertisers are getting in keeping databases and targetting
particular groups. I wonder if any of their authors has been getting the
targetted junk mail I have.
Oh sure, I get junk mail targetted towards Mazda owners, because I bought one
recently - but I get equally large amounts of junk mail for Camry owners, that
being the car I sold when I bought the Mazda. Some of my junk mail is targetted
to childless single mid-twenties women; then again, the same week brought me
mail that confidently announced that the coupons inside were specifically
targetted towards "growing families like mine, with young children" and mail
that confidently announced that I had now reached "an interesting age" (from
context, they meant I was over 40) and my children were all grown! Not to
mention the advertisements that begin "Men like you..."
I understand why they think I own a Toyota; I have a vague concept that my
growing family was a guess based on the date of my marriage certificate, which
definitely made its way into databases. I am at a loss to explain how anybody
became certain that I was over 40, or that I was male. I also wonder why (and
how) people manage to keep such careful track of car purchases but not sales,
marriage but not divorce... My mother, who has been dead nearly 5 years, has
reached retirement age in the databases that are preserving her memory for the
advertisers of America.
All in all, I don't think I'll worry about Big Brother watching me in order to
sell things to me.
Elizabeth Zwicky
Here are excerpts from IEEE INSTITUTE, July 1989, p. 8: ``Study finds `pedal misapplication' to blame for Audi surges'' by Karen Fitzgerald The Audi 5000 has largely been vindicated in claims over the last four years of sudden, out-of-control acceleration, but a U.S. National Highway Traffic Safety Administration (NHTSA) study released in March also cautioned that pedal design and minor engine acceleration may have caused drivers to apply their foot to the accelerator instead of the brake. ... The study, ``An Examination of Sudden Acceleration,'' explored ... electromagnetic and radio frequency interference and malfunctions in cruise control, electronic idle-speed control systems, computer-controlled fuel injection systems, transmissions, and brakes. The investigators could find no mechanism --- besides actuation of the gas pedal --- that would open the throttle sufficiently to accelerate any of the cars studied at full power. However, there was evidence of minor surges of about three-tenths of the Earth's gravity for 2 seconds caused by electronic faults in the idle stabilizer systems of the Audi 5000 ... the surge could startle a driver enough to accidentally push the accelerator instead of the brake, the study found ... Moreover, the travel of the pedals and their height off the floor make it possible for engine torque to overtake brake torque when the pedals are applied simultaneously ... [ more about this, including a graph indicating unusually problematic placement of pedals in the Audi ]. The NHTSA took pains to call the problem ``pedal misapplication'' rather than ``driver error,'' as Audi first characterized the problem. ... ``Driver error may imply carelessness or wilfulness in failing to operate a car properly,'' said an NHTSA press release announcing the study. ``...(sudden acceleration) could happen to even the most attentive driver who inadvertantly selects the wrong pedal and continues to do so unwittingly.'' - Jon Jacky, University of Washington
Social Comment: Are computer criminals, and is computer crime, treated differently than other crimes? RISKS DIGEST 8.85 (28 June) carried two separate stories on hackers, their motives, and the results of their "activities". In one case, a teenager managed to crack the code of an Air Force satellite and was able to read confidential information of at least 200 companies: "He hoped to use his know-how to persuade the companies to hire him as a computer security consultant, police said." The second article reported that "Firms in the City of London are buying the silence of hackers who break into their computers and steal millions of pounds." I have personal knowledge of similar incidents of both types: o One hacker, very notorious to telecommunications security people, was finally apprehended, and some of the on-line evidence in his personal accounts showed that he had planned to use his cracking expertise to get a job in the computer industry. o I have never heard of any payoffs, such as are reported in the second article--but it is well known among security and legal consultants that companies will often drop a hacker case because of fear of publicity. In fact, some of the security experts have been "turned to the dark side of hacking": frustrated by their own company's refusal to crack down on lawbreaking, they have become phone phreaks and crackers themselves. There is a persistent piece of folklore that criminals in nonviolent crimes are often hired as consultants by the industries or governments they victimized. I can't remember the source exactly--but I remember a report a few years back from some U.S. Government enforcement agency that such things are very rare; in fact, the incidents of such hiring are all well documented as special cases. But in computer crime it appears to be a norm that criminal activity will go unpunished, and might even be rewarded. If the social controls aren't in step with legal controls, then the best laws and enforcement systems are worthless. Companies and governments publicly decry cracking of all types: they often state that the public should be educated that breaking into telecommunications circuits (computers or otherwise) is a crime. Yet these same companies/agencies refuse to enforce existing laws--and some crackers have been hired as consultants or paid off. I don't pretend to have a good answer to this problem. Perhaps the "social" definition of computer crime needs to be changed; maybe we're dealing with a new and different kind of social behavior and the rules must be examined. Personally I favor more enforcement of existing laws, perhaps backed up with a new law that would not allow companies/agencies to drop charges once an arrest was made (a frequent occurrence). However, something needs to be done: as long as this social/legal dichotomy exists, no progress (or protection) exists for the socially responsible hacker and computer user.
<PJML%ibma.nerc-wallingford.ac.uk@NSFnet-Relay.AC.UK>
Subject: Reducing risks of cost overruns/project failures
Much of recent discussions have been relating to products which have no
guarantee of working (missile systems). From a purely technical point of view
this reflects badly on the procurement process. Would you buy a
dishwasher/TV/microwave/automobile/aircraft if you couldn't see a working model
(and what's more, try it for yourself) first? Wouldn't you expect it to come
with a warranty against faulty design or workmanship? Surely when DoD pays
billions of dollars for a weapons system, the taxpayer is entitled to expect
that the supplier will provide a meaningful warranty, and that any failures
will be pursued in a rigorous and thorough manner (i.e. through the courts)..
There appear, to my way of thinking, two areas of conflict::
1) In a large project, involving many thousands of man-years effort, it
is (almost) impossible to, at some point, admit that there's been a
mistake made previously - this leads to embarassment and red faces all
round. Hence, previous mistakes, misunderstandings etc. get fossilised
into the system at an early stage and are never undone. There is no
easy way of avoiding these sorts of problems when the coverup may only
come to light when the article/project is completed (by which time it's
too late to do anything about it as the money has all been spent.....)
2) It is difficult to test all the way through the development cycle - with
many projects you don't know if it's all going to work together until
someone turns both keys at the same time........
If nothing happens at that point, it's too late to consult your lawyer.
Modularisation, structured methods etc. can go some way towards making
sure that the obvious incompatibilities are avoided, but there's no
substitute for live testing in a real-world situation.
Solutions - well i am a confirmed minimalist when it comes to these areas,
'Keep-it-simple-Stupid' (KISS) technology can avoid a number of possible
failure modes (and save money too - why buy one very sophisticated system
when you can have more less complex (and hence probably more reliable!)
ones? The `if it isn't there it won't go wrong' argument against complexity
is a powerful one - minimising component count by eliminating unnecessarily
complex functionality means that the thing will be more likely to work when
you need it to. It also keeps the human-count down (and as we all know,
people are the most error-prone and irrational parts of any system!).
Remember that the number of failure modes increases dramatically with the
number of points of failure.
If a large company intended to sell me some device, i would insist on a
test-drive, on MY chosen patch (so the supplier couldn't present his device
under the most satisfactory conditions) and if the supplier couldn't
deliver, then he sure wouldn't get the cash! It's amazing how withholding
payment will concentrate the minds of people. `Cost-plus' contracts are a
mistake too, as you don't know what the final cost will be. The classic
example here is the British 'Nimrod' project - a plan to produce a
radar-plane functionally equivalent to AWACS - after ten years and nearly a
billion pounds of funding, it was scrapped (and AWACS bought...).
If I had been the UK government, someone somewhere wouldn't be in business any
more.... After all, we all pay TAXES (don't we?) and so it's OUR money and i
think we should EXPECT things to WORK when the time comes..!!!
Pete Lucas
[This contribution covers ground that will be familiar to many RISKS readers,
and is somewhat OVERsimplified, but nevertheless makes some good points. PGN]
The third part in the series is on radiation and alleged health problems
associated with VDTs. It is worth reading — it was sufficiently detailed to
give a former "they should have accounted for job stress" skeptic (me) reason
to wonder.
Several points taken from the series (as recalled and interpreted by me):
1) consider *magnetic* fields, not just *electrical* fields
(easier to shield against electrical fields)
2) The strength and range of magnetic
fields depends on geometry and current — the low-voltage
distribution lines in your back yard may emit just as
strong a magnetic field as the high voltage lines through
some farmer's fields. Though magnetic fields fall off
rapidly with distance, fields from large "coils" extend
farther than fields from small "coils" (that is, house-
hold appliances are much smaller than power distribution
systems, and thus their magnetic fields are of different
shape and size).
3) consider not just VDT operators, but also people sitting
around the VDT operators (there's the horizontal deflection
coil which emits a 10s of KHz sawtooth, and the vertical
deflection which emits a 50-100 Hz sawtooth. The strong
portions of those fields may not extend directly to the front
of the VDT).
4) be careful, in general, when people quote "average" figures
at you; the repetitive peak power is also an important figure.
The frequency spectrum is also interesting — harmonic effects
have been observed.
5) There have been studies (on magnetic fields in general).
Effects have been observed, both statistically (leukemia stats)
and experimentally (abnormal development of fetal chickens and
mice). The mechanism, if any, is unknown.
*Interactions with the ambient (i.e., earth's) magnetic field
have been observed* — this affects repeatability of experiments
if not controlled for.
David
Thanks to Bhota San for the posting on the Canadian computer-translation item. This reminded me of something I had just seen in a recent paper, and which struck me as odd at the time. However, since I didn't know what the curent state-of-the-art was in computerized translation, I didn't realize at the time that this precis of a US Army Request for Proposal represented some really pie-in-the-sky hopes for a fantastic level of AI in automated translation! Here is the item, from the "CBD Watch" column [CBD = Commerce Business Daily] on page 24 in the June 5, 1989 issue of Federal Computer Week: Army. Software for language translation. Software must be capable of translating from English to German, Spanish, French, Italian, Japanese, Korean, Chinese and Portugese. It must provide idiomatic, verbatim translation of such documents as military specs, international legal agreements, correspondence, reports, studies and military briefings on doctrine, combat developments, training and materials. It must be MS-DOS compatible and capable of translating military terms and syntax. Contact Barbara Smith, TRADOC Contracting Activity, Building 1748, Fort Eustis, VA 23604-5538, (804) 878-4053. ***End of item*** Hmmm... So these people expect this to run on a PC, too... (note the "MS-DOS" reference...) "TRADOC" is the Training and Doctrine Command, by the way. I can see why they would want to be able to translate stuff for the training of allied personnel. However, based on the info in the previous posting, it sure seems unlikely they are going to get what they want! Also, the RISKS implications of this are rather stupendous. To expect software to translate both military jargon, circumlocution, and tortured governmentese prose, and at the same time handle the diplomatic nuances of "international legal agreements" is a bit much, I think... Most multi-lingual humans would have difficulty doing that. Will Martin
Please report problems with the web pages to the maintainer