Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
WATER SHUT-OFFS NOT INTENTIONAL
(From The Daily Spectrum; St. George, Utah, serving millions of acres
of slickrock and a few thousand people!)
Pleasant Grove, Utah(AP)
Pleasant Grove city officials say they have found and fixed the reason
for several water users being cut off--despite having paid their bills.
An apologetic City Recorder Charmaine Childs explained that in June,
Pleasant Grove switched to a new envelope bill, replacing the postcard
billing it had used for years.
The new bills include an envelope for residents to mail their payments.
What officials didn't realize, however, that the bar code printed on the
^^^^^^^^
envelope was for Orem rather than Pleasant Grove.
As the bar codes are read electronically by automated postal equipment,
^^^^ ^^^^^^^^^^^^^^ ^^ ^^^^^^^^^ ^^^^^^ ^^^^^^^^^
when residents mailed their water payments they went to Orem instead of
Pleasant Grove.
Childs said the Pleasant Grove postmaster noticed the wrong bar code
on some of the envelopes and asked postal employees to watch for the blue
envelopes and route them to Pleasant Grove rather than Orem.
* * * * * * * * * *
(It gets thirsty out there on the desert without water.)
Dave Clayton, Academic Computing, U. of Rhode Island
This story appears in Datalink (UK Trade weekly) August 21st 1989. It contains no dates or references by which it can be checked. "Some cock-ups are bigger than others. Some are little but some come in such gigantic proportions that they stretch credulity. Take, for example, the mishap that afflicted the Australian Commonwealth Bank's computer. One could imagine all sorts of things going wrong with such an installation which keeps the scores on thousands of customers. But it's hard to imagine what went wrong when a malfunction at the bank doubled every deposit that customers made. As DP manager Pete Martin says: ' Of course it's a cock-up, it's a vast bloody cock-up. The hazards of computing are only limited by your imagination.' " Is this the story of mounting a transaction tape twice, previously reported (though I can't remember who the bank was), or is it a new story? Is it true? -- Martyn Thomas, Praxis plc, 20 Manvers Street, Bath BA1 1PX UK. Tel: +44-225-444700. Email: ...!uunet!mcvax!ukc!praxis!mct
I read with some interest the recent proposals for auto-pilot systems for passenger vehicles. I must confess, these fill me with horror. The thought of a systems failure on one or more such vehicles, and the inability of the others to do much about it, is my greatest worry. Call me a technophobe if you like, but *NOBODY* can guarantee 100% reliability. The problems of power failures, parity errors, external magnetic/radio fields, poor maintenance etc. are as yet still serious considerations as to why such systems should not be implemented. Systems based on digitised street maps are never going to work - i can still remember being told by my brother, who was navigating me, `Take a 90 right 50 yards after the farmhouse...' only to discover that the farmhouse had been demolished the week before... This caused great amusement to the wreckers who recovered the resultant wreck from the swamp and towed it back to civilisation. How an auto-navigation system manufacturer would explain this sort of problem when 100 card ended up in the swamp, i cannot imagine. The fewer levels of `indirection' in such systems the safer they become - to place a (semi-)intelligent control system between the driver and the vehicle is by definition reducing driver control (although having driven in the States this may be no bad thing!) and increasing the number of possible failure modes. Two things to remember:: 1) Keep It Simple, Stupid! 2) If you never depended on it, you can carry on without it. Natural Environment Research Council, NERC Computer Services, Holbrook House, Station Road, SWINDON SN1 1DE JANET: PJML@UK.AC.NERC-WALLINGFORD.IBMA PHONE: +44 793 411613
Blind trust in computer systems struck home this week. My daughter brought her
car off-island for the initial 7500-mile dealer checkup that included rotating
and rebalancing the tires and checking the alignment. After the return ferry
trip and drive home, she noticed a terrible shimmy and called the dealer to
complain. The dealer claimed that they then determined that their computer had
been malfunctioning, and apologized profusely. (Perhaps the mechanic was not
sufficiently computer literate?) She immediately took the car to the best tire
man on the island, who said he had NEVER seen anything so badly out of balance.
(The dealer covered the cost.)
Are there no consistency checks or reasonableness checks on the results of such
computerized systems? Are they designed to be mechanic-proof? Are we getting
to the point that almost everyone in society is going to have to be not just
computer literate, but keenly aware of the risks and pitfalls? Probably No,
No, and Yes.
[I contemplated the plight of a land-locked driver having to negotiate such
an ill-adjusted car when heavily laden, and came up with something about
where the lubber meets the load. As I have been far too conservative in my
interstitial insertions of late, I thought you wouldn't mind. PGN]
>From: Jordan Brown <jbrown@herron.UUCP>
>In the interests of equal access to scammery to all, I will divulge ...
It sounds like Jordan is, like me, growing tired of all these stories about
"computer crime". What is computer crime anyway? Crime has existed since the
dawn of civilization, and criminals have always been eager to use the latest
technology for their sinister deeds. Guns, knives, cars, matches, even panty
hose are used by criminals daily, but when is the last time you read a
newspaper article about "panty hose crime?"
Crime is crime. It took a long time before the term "computer error" fell
out of favour with most people; how much longer will it take for "computer
crime" to reach the same fate?
Jules d'Entremont Phone: 454-5631 (Home) 465-5535 (Office)
UUCP: {uunet,utai,watmath}!dalcs!iisat!jules
Bitnet/Uucp: jules@iisat.uucp Arpanet: jules%iisat.uucp@uunet.uu.net
The July 17 issue of Aviation Week has a very interesting letter from P.G.
Boughton, commenting on the British 737 crash in which the pilot shut down
the good engine instead of the bad one:
"I am amazed that Boeing has taken all the blame... I am an
F-14/F-4 backseater with more than 3000 hr. Twice I have had
experienced pilots shut down the incorrect engine. Both times
we had enough airspeed and altitude to get the engine relit.
The hardest obstacle... was getting the pilot to try a restart.
He just could not believe he shut down the incorrect engine...
"In trainers I can get about 10% of experienced aviators to
miss a bright, flashing FIRE light at eye level for up to 5
minutes by introducing multiple emergencies, hurried approaches,
and frequent simulated approach-control radio transmissions...
The British 737 pilots were in just such a multiple emergency."
Henry Spencer at U of Toronto Zoology
uunet!attcan!utzoo!henry henry@zoo.toronto.edu
Last night on National Public Radio's re-broadcast of BBC news, there was an extensive BBC report on the hazards of airliner crew fatigue. Although the bulk of the report was not earth-shattering and contained nothing particularly new to RISKS readers, there were a few points of interest: With the increasing computerization of airliner operation, there is less and less for crews to do. Planes are basically flying themselves, and crews have been reduced to monitors. Human beings are notoriously bad monitors; we have a basic desire to "do" things; that is, to solve problems by moving in a step-by-step process, reaching conclusions and beginning work on a new problem. No one is yet suggesting that airliner computerization has gone too far, but all parties admitted that flight crews now routinely fall asleep in the flight deck. This is no longer unusual; studies indicate that sleeping crews are so common that Boeing and other manufacturers are considering adding loud beepers that go off randomly. [Wouldn't it make more sense to give them something constructive to DO?] Many airlines have already adopted official procedures whereby flight attendants are required to visit the flight deck every 15 or 20 minutes to wake up the crew. A former RAF pilot and current editor of _Flight_International_ discussed how in the "old days," it was necessary to flip switches, study analog dials, and mentally compute problems. This kept crews busy on tasks that they knew were critical. Today, all possible factors are displayed on CRT screens, pre-calculated for easy access, whether the crew has asked for the displays or not. This leads to an attitude of complacency and unimportance. Biological time clocks are not well understood, and may play a major factor in crew fatigue. One pilot mentioned that on overwater night flights in which the sun rises in front of the plane, it was virtually impossible to keep awake, even if you weren't tired. The new 747-400, which is flown by only two crew members, always carries a spare crew, as it is designed for extremely long-range flights. Still, no one wants to return to the days of the trans-oceanic flying boats, when journeys took days and everyone, passengers and crew included, was awake during the day and asleep in hotels at night. We pay a price for our "instantaneous" transportation system. Michael Trout, BRS Information Technologies, 1200 Rt. 7, Latham, N.Y. 12110 (518) 783-1161
In response to Rodney Hoffman <Hoffman.ElSegundo@Xerox.com>'s summary
of an article by William Trombley in the Los Angeles Times on 1989 07 24:
Can anyone hypothesize any sort of fail-safe mechanism for the proposed scheme
to "platoon" vehicles at 70 mph with 50 foot separation? 50 feet at 70 mph is
less than half a second (thank heavens I made it through school before
metrification was complete :-)). When the vehicle ahead of you suffers some
sort of catastrophic failure of the sort about which RISKS readers lie awake at
night contemplating, it seems to me that half a second is insufficient time to
reassert manual control, but that any attempt at automatic collision avoidance
in a crisis is likely to be a worse alternative. Did the article mention how
the system was expected to behave under hazardous circumstances?
john j. chew, iii phone: +1 416 425 3818 AppleLink: CDA0329
trigraph, inc., toronto, canada {uunet!utai!utcsri,utgpu,utzoo}!trigraph!john
dept. of math., u. of toronto poslfit@{utorgpu.bitnet,gpu.utcs.utoronto.ca}
Compiled from various short articles in the British Media:
The first person to be electronically tagged has spent the first
first night (17 August 1989) of his sentence in prison, since British Telecom
has not yet installed a telephone at his house. The man in question is
on burglary charges, and is unemployed, and the line will be paid-for
by the government. British Telecom has assured that they would
complete the installation today, 17 August 89.
This is the first case of electronic tagging, which is on trial here
in UK. It has been presented as an alternative for minor jail sentences,
to reduce over-crowding of UK's prisons.
Apparently, it is already practised in some states in US. The
device is an electronic beeper which is constantly worn by the criminal,
and cannot be removed. A central computer makes random telephone calls
at the house, where the criminal has to apply the beeper to the receiver,
in order to prove that he is present. In this way, the person cannot go
more than about 200ft from his phone, and has to stay in his house. There
has already been some criticism about this new method, both from the
criminal's point of view and the general public. Some say it would be
humiliating to wear the tag, since it shows in public. Some say this is
the start of "1984" by Orwell, where people's whereabouts are controlled
by a computer. Others say that the sentence doesn't have any meaning, since
the criminal can enjoy life at home.
The debate is not over, it's only beginning.
disclaimers: all standard ones... tag free.
Olivier Crepin-Leblond
Electrical & Electronic Eng., Computer Systems & Electronics,
King's College London, England
The original poster suggested using the UNIX utilities "strings", "sum", and "last" to detect a security intrusion. As someone who was once involved from the other side, I would like to suggest that potential victims consider the possibility that these programs have been tampered with. They might be blind to contraband files or other records. You should also consider the possibility that a contraband file system has been created in the unused disk space of your system.
A research and development lab located at Ft. Belvoir Virginia had their PC's
infected with the Jerusalem, Version B, Virus. Further investigation
uncovered the virus entered the lab through a DEMO software disk from ASYST
Software Technologies supplied with a IEEE-488 board from METROBYTE. The
infected program is RTDEMO2.EXE.
In a conversation with Mr. Dave Philipson from ASYST, to the best of his
knowledge, 50 to 100 copies of the infected software were released. The
infection entered their facility through software received from their parent
company in England.
Mr. Brent Davis of METROBYTE informed me that the DEMO disk was supplied with
three (3) of their products; MBC-488, IE-488 and UCMBC-488. METROBYTE is in
the process of contacting all purchasers of these products.
Many thanks to Mr. John McAfee for his assistance, SCAN34 which was used to
identify the type of virus, and M-JRUSLM which was used to eradicate the virus.
Both ASYST and METROBYTE were extremely helpful and responded expeditiously
to the problem. Many thanks to Mr. Brent Davis and Mr. Dave Philipson for
their action and assistance.
Comm 202-355-0010/0011 AV 345-0010-0011 DDN SDSV@MELPAR-EMH1.ARMY.MIL
[This is of course an OLD `virus'. New `viruses' continue to appear. For
example, this morning's issue of the VIRUS-L Digest, V2 #178, contains
a message from Christoph Fischer <RY15%DKAUNI11.BITNET@IBM1.CC.Lehigh.Edu>
(Karlsruhe), entitled NEW VIRUS [`VACSINA'] DICOVERED AND DISASSEMBLED.
For requests to receive VIRUS-L, contact krvw@SEI.CMU.EDU. RISKS long ago
stopped trying to include information on virus attacks. PGN]
Please report problems with the web pages to the maintainer