I browsed some of the recent postings on RISKS regarding what appeared to be voting "anomalies" and had been keeping my typing fingers firmly clenched in my fists for fear of provoking another flame war (now that the Denning one seems to have abated). As I had published recently on the subject of electronic voting (CACM Nov 1992 Inside Risks; Virus & Security Conference, March 1992), have been involved in voting matters for close to a decade as an elected official (committeeperson), and have provided expert witness testimonies, your moderator requested that I comment on this subject. Here then, is my advice: 1. Read the state and local election codes (they may differ). You may find that in your municipality it is perfectly "legal" to have misaligned ballots and other more egregious problems, simply because the law does not specifically preclude such things. Copies of the laws should be available at your county or city courthouse. 2. Raise a LEGITIMATE protest. This might include: a) Lobbying to get the laws changed if you think they are inadequate. b) Petitioning the courts to have elections thrown out, or recounts, if you think that there has been a breach of the law. c) Getting press coverage. 3. Get involved at the grass roots level. Although many municipalities saw a > 80% turnout of _registered_ voters at the polls this November, the Spring primaries will likely see < 20% of those same voters returning. It is typically in the off-year races where people who will be appointing the members of your Boards of Elections (who oversee the process) will be getting elected. Vigilance is a year-round process. Although it is quite eye-opening to work at the polls THROUGHOUT election day (not just at the beginning or end of the day), what occurs during the other 363 days of the year often sets the stage for what happens at the polling places. If you have no idea how to get involved, start by perusing your telephone book for the numbers of local officials, and your newspapers for announcements of political or civic gatherings. And while I am on the soap-box... 4. Spend considerably more time WORKING for the causes you care about than you do reading or writing about them (on bbs or email). The problems of elections and computer risks (as well as poverty, unemployment, hunger, discrimination, violence, ...) are not going to be solved if we sit here at our terminals relaying anecdotes around the world at NSF (and other government-funded) expense. If you are not ACTIVELY contributing to the solution, you are part of the problem. Many of the RISKS postings point to the inadequacy of software engineering methodologies and practices, yet few colleges and universities offer COMPREHENSIVE courses in SW Eng. and far fewer REQUIRE them as part of core curricula for the next generation of EE and CS professionals. Many of the problems with computerized vote- counting are directly related to failures in verification, validation and auditability (all familiar words to Software Engineers). If you are concerned about reducing risks, get out there and make it happen. I regret, in advance, that I will not be able to reply to private emails relating to the above posting, as my bandwidth is severely impacted due to writing a dissertation. If you feel moved to comment, please relay such to RISKS and Neumann will filter them as appropriate. I hope that at least one person will write (in a few months, because that is how long it will take) that they did ALL of points 1, 2, 3, and 4 and report on their results. Rebecca Mercuri. Copyright (c) 1992 by Rebecca Mercuri. All Rights Reserved. Permission granted to RISKS FORUM for posting, and ELECTRONIC reposting is permitted in its ENTIRETY, with this notice intact. Printed (hard-) copy may only be made for personal (non-profit) use. The author retains all rights to the material herein.
Cordless telephone users, whose conversations have been easy prey for electronic eavesdroppers, finally won a degree of privacy in a federal appeals-court ruling. The Fifth U.S. Circuit Court of Appeals, in a criminal case, said that when such phone users reasonably expect their conversations to be private, the government can't listen in. But the court said the Fourth Amendment privacy right must be evaluated case by case, depending on such factors as whether the phone user had sought privacy by purchasing devices intended to foil eavesdroppers or by using phones known to be more difficult to tap. The ruling is apparently the first in which a federal court has allowed cordless-phone users any privacy rights. Previously, other appeals courts have said the phones are so easy to eavesdrop on - with an AM/FM radio or even with another cordless phone - that any expectation of privacy was ridiculous. The Eight U.S. Circuit Court of Appeals ruled in the late 1980s that eavesdropping was allowed, and the U.S. Supreme Court declined to review the decision. The New Orleans court noted that the previous opinions are all several years old, and that the technology has since advanced in the $1.39 billion cordless-phone market. Some phones on store shelves now, for instance, come with scrambling devices made to combat high-tech eavesdroppers. Other phones work within shorter ranges, so their frequencies can't be as easily intercepted as they were in the past. More than 18 million cordless phones are expected to be sold this year.... "The reasonableness of expectations of privacy for a cordless phone conversation will depend, in large part, upon the specific telephone at issue," the court said. It declined to spell out the technological features it considered most relevant. [The actual drug conviction, based on information recorded by a neighbor, was upheld since no evidence about the phone had been introduced.] Privacy-rights lawyers applauded the broader ruling, which they said is a step toward preventing eavesdropping by private citizens as well as police. The lawyers noted that cellular-phone conversations already are protected [though technically they are as easy to intercept.] ... [N]ow that cordless phones are more secure, they should be treated the same as cellular phones, Ms. [Janlori] Goldman [of the ACLU] said. "People who use these different kinds of phones do not make these kinds of distinctions," she said. "One circuit is willing to recognize that this might be an absurd distinction." ... [For those interested, the case citation is U.S. vs. David Lee Smith, Fifth U.S. Circuit Court of Appeals, New Orleans, 91-5077. Can we expect future Willie Horton's who beat the rap to get hired by the maker of their phone to tout it as "private - and a court agreed?"] — Jerry
A problem with risks is that it is difficult to communicate information about risks to people. If, for example, a doctor says to a patient "there is a very small risk that this pill will cause liver problems" then many patients interpret this as if the doctor had said "there is a large risk that this pill will cause liver problems". So doctors usually do not tell the patients such information, because the patients so often misinterpret the information. Any comment on how to communicate risk information so that people get a correct understanding, especially when you are informing people about very small risks?
Recently in Auckland, Aotearoa (New Zealand) the police were involved in an unusual case. It seems that several people burgled a house and among the items taken was a set of videotapes. The tapes contained home-made pornographic movies involving the inhabitants of the burgled house. The burglars then attempted to use their possession of the tapes to blackmail the "actors" into paying for the return of the tapes. Unfortunately when the burglars arrived at the payment drop off point they were met by the NZ Police, who seized them and the tapes. Any sighs of relief that the "actors" might have had were short-lived. The burglars counter-charged that the tapes contained scenes of child pornography and bestiality which made them indecent under NZ Law. The result was that several police "had" to view 40 hours of video recordings to verify whether these claims were or were not correct (it turned out that the recordings did not contain any child pornography or bestiality). The tapes were returned to the, by now, extremely embarrassed "actors". With the increase in home computers capable of using frame grabbing software to create digitised pictures and the almost insatiable desire of the networks to spread any and all such pictures, the "actors" involved in this case were very lucky that their images didn't end up adding to the network traffic statistics for alt.sex.pictures.erotic. Of course, if the original tapes had been encrypted, this embarrassment would never have occurred... or would it? Alex Heatley Computing Services Centre, Victoria University of Wellington, P.O Box 600, New Zealand. Alex.Heatley@vuw.ac.nz [The proof is done. KiWiD. PGN]
---------------------------Le Monde------------------------ Translated from Le Monde, 10-30-92 from the "Faits Divers" column. Translation by John Lupien (firstname.lastname@example.org) Incident during the descent of an Airbus A-320 of Air Inter ----------------------------------------------------------- The crew of an Airbus A320 who were making in September a flight between Clermont-Ferrand and Paris-Orly were surprised to witness an aberration in the vertical speed of descent of the equipment. Having chosen a mode of descent of 550 meters per minute, they noticed that the plane was losing 750 meters per minute, and that when they tried to correct that value to 450 meters per minute, the rate worsened to 850 meters per minute. The pilots at that point changed their procedure and chose an angle (rather than a rate) of descent and everything went back to normal. The cause of the incident can be imputed to defective design in the interface between the flight controller and the auto-pilot, both developed by the French Sextant-Avionique and by the German BGT and with which other types of planes such as the Airbus A-300 and A-310 are equipped with. This kind of fault is not frequent, but it is one of the anomalies that the crew is trained to correct. This incident would have passed unnoticed if certain pilots had not made it public to point out a relationship to the aerial catastrophe of Mount Saint-Odile which happened in January, when 87 persons were killed in the crash of an Airbus A-320 of Air Inter. The first findings of the commission of inquiry had perhaps made it appear that the crew was mistaken in the choice of descent mode towards the airport of Strasbourg and that they had not monitored their trajectory. Translator's comment - The translation is as literal as I could manage... Certain bits such as "esquisser un rapprochement" perhaps translate not so well... ---------------------------End Le Monde------------------------- -----------------------------Figaro----------------------------- Translated from Le Figaro, 10-30-92 from the "En Bref" ("In Brief") column. Translation by John Lupien (email@example.com) AIRBUS Electronics in question ----------------------- Judge Francois Guichard, in charge of the investigation of the accident of Mount Saint-Odile, which killed 87 last January 20, indicated on Thursday evening in Toulouse that the recent incident in the descent mode of an A320 of Air Inter "Could a priori appear to be one of the reasons that caused the accident". The magistrate referred to the failure of the electronic control systems for the mode of descent of an A320 of Air Inter which, in September, took a much steeper descent than that chosen [by the pilots]. ----------------------end Figaro-------------------------- My thanks to John for these two translations. Peter Mellor, Centre for Software Reliability, City University, Northampton Sq., London EC1V 0HB, Tel: +44(0)71-477-8422, JANET: firstname.lastname@example.org
> From: Scott Dorsey <email@example.com> > To: firstname.lastname@example.org > Subject: DC-3 > > In a recent Risks digest, you mention that if more than three production > aircraft are still flying, it's a requirement that avionics become available, > and use the Honeywell equipment for the DC-3 as an example. This is not a > good example at all, since there are almost two thousand DC-3 aircraft flying > in the US alone, as well as many more abroad. The DC-3 remains a reliable > workhorse of an aircraft; easy to fly and inexpensive to maintain. A large > amount of current cargo lines still have DC-3s for use to smaller airports > where larger jets cannot land, and in fact there are still turboprop retrofit > kits available for the DC-3. > > Nonetheless, this is not as much of a problem as you might expect, both > because most avionics are fairly standardized, and because the low production > volume means that most of them are handmade on a one-off basis. > --scott After receiving the message above, I went back to my posting in RISKS-14.06. Those who aren't able to find the article could very well misinterpret the comment about avionics support requirements. My summary improperly tied actual system problems in various applications to a different concern about long-term support for aircraft avionics. The author cited the DC-3 (Dakota to Englishmen) as the example of how long the a company might find itself in harness to produce vintage equipment. Dorsey is, of course, correct about the treasured status of the venerable DC-3, and the profit to be made from the large number of planes left. The article's discussion focused more on the close fit between autopilot and aircraft necessary for certification and the likely difficulties this would pose as the more computer-literate aircraft of the jet age continue to carry us around the world and the avionics firms try to keep the control systems up-to-date. I did a poor job of setting the context.
This will have very important consequences for UK industry. For example, none of the UK motor industry considers computing in cars as safety critical, and hence do not use appropriate techniques for developing software ("a bunch of cowboy hackers" was one description of the software developers in one company). Of course, with this new law (which is EC wide) it won't be up to the industry to deign if something is safety critical or not, it will be up to the law courts. If I were an executive in the car industry I would be quaking in my shoes at the moment.. Ken Tindell Internet : email@example.com Computer Science Dept., York University, YO1 5DD, UK : +44-904-433244 Local FTP site: minster.york.ac.uk
In RISKS-14.04, Robert Gezelter writes: >While I believe that it is true that the use of Cellular phones is >prohibited in aircraft ... I seem to remember that the rationale is >aviation related, not Cellular Phone related. There are, in fact, two separate risks involved here, and two separate regulations to control them. In-flight users can impose an excessive load on a a cellular phone system by accessing many cells at once; therefore the FCC has recently prohibited airborne use of cellular phones (see 57 FR 830). There is also a more general risk of any portable electronic equipment used in aircraft, since it has not been tested for interference with the electronic systems in the aircraft. FAA regulation 91.21 therefore prohibits the use of portable electronic equipment (with minor exceptions) in an airliner unless the airline has determined that it will not cause interference. Many airlines have issued blanket permission for items such as tape players and laptop computers, but I am unaware of any that yet allow the use of cellular phones, even on the ground, where they would otherwise be legal. Jim Olsen firstname.lastname@example.org "Tache d'etre heureux."
> ... To be exact, my recollection is that the frequencies used by >Cellular are fairly close to some of the frequencies used by the avionics. This is my understanding too, but note that this was extended on some airlines to laptop computers and even some hand-held video games. Midwest Express, a rather expensive but high-quality business-oriented airline, has cellular phones in each seat. I suspect it's not the frequency of the cellular phone transmission that worries the airlines, but rather the electro-magnetic or RF interference it might play with the IFR systems or possibly the electronic controls on the aircraft. The risk here would be allowing non-certified phones on board, whereas airline-supplied phones can be easily tested by the airline. Dan Sorenson, DoD #1066 email@example.com firstname.lastname@example.org
In RISKS-14.05, email@example.com (Berry Kercheval) writes: |>The blanket ban *is* due to cell overlap, then, and my guess is the reason |>there is not an altitude restriction is that it's too hard to figure out; the |>number of cells reached is a complex function of altitude, position of the |>aircraft and cells, and the topography of the surrounding landscape. I can |>just picture the FCC bureaucrat saying ``Hell, that's too hard. Let's just ban |>'em all.''. Now I'm all for blasting bureaucrats but this shot seems a bit gratuitous. Just how might a regulation be written that would allow cellular use from aircraft given the complexity of deciding? Would I have to carry my (possibly banned) portable computer with a CD-ROM geographical database of cells in the US (or wherever I was travelling) along in order to calculate whether I could make a call? Actually, it sounds as tho the bureaucrat is correct. It is too hard to be reasonably done. Bob Rahe, Delaware Tech&Comm College Internet: firstname.lastname@example.org CompuServe: 72406,525 Genie:BOB.RAHE
The security services are using a lot of very expensive resources to decrypt intercepted messages (Spycatcher revealed that all telephone traffic and all radio traffic was routinely monitored and recorded in the 1950s to 1970s - so this is probably still true, or close to true). If you don't *need* your messages to be secure from the Government, why not give them a break and agree to a key registration scheme? Arguments that this will always be defeated by the criminals seem to ignore the help that the law-abiding can give by making the unco-operative easier to identify, and thereby freeing decryption effort. Isn't there a balance between distrust of Government,(however justified) and a need to help the law-enforcers to enforce the laws that keep society civilised? We are the experts in this technology. What can we propose that gives a proper balance between privacy and law-enforcement? Martyn Thomas, Praxis plc, 20 Manvers Street, Bath BA1 1PX UK. Tel: +44-225-444700. Email: email@example.com
>Most of us are in professions where logic is of some importance. It hurts >credibility to declare in public, "I *don't* believe" a tautology. in a very aptly-titled Risks submissions, Dan Herrick purports to make a contribution to a serious social discussion (the effectiveness of gun control) with a trivial "logic" analysis. this is the kind of argument that gives technical people a bad name. the statement "When guns are outlawed, only outlaws will have guns" isn't a tautology on anything but the shallowest reading (hint: people usually don't bother to assert tautologies). it's an assertion that dangerous, threatening, bad people will have guns and good, honest citizens won't be able to defend themselves. some people believe it, some don't; only extreme technical blindness would allow someone to think the question could be dismissed with a puff of logic. *that's* what hurts credibility (and that's perhaps the least of its risks). .mike.
On the subject of "RISKS of technical people disengaging brains", I'm afraid Mr. Herrick has fallen victim to over-literalism. I've used this expression more than once, and I'm perfectly aware of the tautology. The point he is missing is that many natural languages contain grammatical constructs which if analyzed grammatically, are either tautologies or self-contradictory. This doesn't automatically make them nonsense or their users fuzzy-thinking fools. I think most native English speakers understand intuitively the implied clause which follows statements of the form "If/when they outlaw X, only outlaws will have X". If he doesn't, I'm sure he can find any number of people (possibly even without advanced degrees) who would be more than happy to explain it to him. Dan S.
It's not a tautology. One reasonable interpretation of the statement is that "if X is outlawed, only people who are already outlaws of other types will use X". I suppose this indicates a RISK of some sort, though I don't really feel like phrasing it fully. Ken Arromdee (UUCP: ....!jhunix!arromdee; BITNET: arromdee@jhuvm; INTERNET: firstname.lastname@example.org)
Dan Herrick, dlh%dlhpfm@NCoast.org, misses the deeper meanings of the statement "if X is outlawed, only outlaws will use X". Of course, there is a tautologous interpretation, explained by Herrick. But when X is refers to guns, this statement has been used to imply many things that are not tautologies. Far-right lobbying groups have used this slogan to imply that any waiting period, or other reasonable restriction on the purchase of deadly weapons, would lead merely to difficulties for "law-abiding citizens" while having no effect on criminals. I'm sure the original author (Phil Karn, email@example.com) was merely trying to disassociate himself from such "fuzzy thinking", by pointing out that what might be true for cryptography might not be true for guns. Statements in a language like English are very rarely tautologies: they always carry around extra baggage. -John Sullivan, firstname.lastname@example.org
Actually, this statement is not, strictly speaking, a tautology. It isn't even, strictly speaking, a statement of logic. Why? Because its truth value depends not on its logical form, but on the meaning of its terms. In particular, the meaning of the term "outlaw" is telling. It is one thing to break the law. It is quite another to "be an outlaw." Ordinary citizens break laws. Some even scoff at certain laws, and other still skirt the letter of the law while seeing its value and holding to its intent. But "being an outlaw" implies a habitual disdain or disregard for the law--which is why the clever originators of that slogan use that word in order to frighten ordinary citizens into opposing restrictions on their ability to purchase guns. It's funny how much less impact the slogan has when you replace "guns" with "encryption." While it's true that if you make codes or guns more difficult to obtain, only those with stronger motivation will obtain them. Nevertheless, one need not be an outlaw to vehemently desire both protection and privacy. -r
Please report problems with the web pages to the maintainer