The General Accounting Office (GAO) has issued a report summarizing the findings from its recent studies of software problems in major weapons. The report is entitled "MISSION CRITICAL SYSTEMS: Defense Attempting to Address Major Software Challenges." Copies may be obtained by calling GAO's distribution center at 301-275-6241 and requesting IMTEC-93-13, dated December 24, 1992 (a nice Christmas present for Congressman Dellums, who is now ascending to chair the Committee on Armed Services of the House of Representatives.) Some may be interested to know that GAO has virtually decided to abolish its Information Management and Technology Division. Future investigations of information system failures will be carried out by the program divisions. I've indicated to our congressional affairs representative at GAO that I don't think much of this, particularly with the Government's well-known difficulties in designing, procuring, managing and maintaining large-scale systems. Sorry to say my views didn't appear to derail the express train.
A snippet in today's Melbourne daily - "The Age" (21 Jan '93): "Television sets were once accused of killing flies and video games are still suspected of prompting epileptic fits. But blowing up a petrol station? That, it seems, is the province of the mobile phone. As a warning Shell has issued in the UK makes clear, mobile phones can do more than propel private conversations on to front pages [sorry Chuck]. According to British Shell, service station customers who use mobile phones while filling their cars could ignite petrol vapo[u]r through sparks emitted by the phones' electromagnetic radiation. And that is not all. A man in Florida is suing a mobile phone maker claiming the antenna on one of its phones caused excessive exposure to the microwave radiation it emits. This, he claims, contributed to a brain cancer that killed his wife. ..." Is it safer to smoke at a petrol station? We've had walkie talkies (ok - two way radios) for years with no perceivable or admitted risk to the health of users. I presume mobile phones have less power output than their predecessors, as area transponders/repeaters/xceivers are likely to be more sensitive than 2-ways, and are located to obviate high output end-user devices. Nevertheless, I was reminded of EMR's existence just recently. I've purchased a Heart Rate Monitor (HRM) to monitor the quality & consistency of my runs. It's a two piece type: one is a band around the chest, which transmits to a digital receiver on the wrist. Now, apart from my curiosity about how this works (ie, what is transmitted & how) not getting me anywhere (this is a consumer device), I was intrigued with its performance in the field. My running route takes me under some high tension lines. Guess what? The HRM goes bonkers! At first I thought it was just the transmitter not fitted properly, but I eliminated this as the result here is totally different. It took a few more runs under these lines to recognise the cause. I don't think I could survive a heart rate of 228-230 beats/minute! On checking the manual, it warns of strange behaviour (the device, not the user) under HT lines. With the plethora of EMR everywhere, I wonder if strange behaviour in _humans_ is the only outlook for the future... Paul Menon, Computer Science, Royal Melbourne Institute of Technology, 124 La Trobe Street, Melbourne, Victoria 3001, Australia +61 3 660 - 3209/2348
A Reuters report found in the NY Times (21 Jan 1993) states that computer disks holding secret information on Brazil's banking reserves have disappeared from the central bank. The federal police are investigating the loss. According to the report, President Itamar Franco "took the unusual step" of releasing information on the reserves to offset any damage or financial speculation from loss of the disks. The disks held information on day-to-day reserve operations and details like where the reserves are invested, what they consisted of and how the reserves were generated. COMMENTS: This disappearance may be related to ex-President Collar's involvement in the looting of Brazil. At a minimum, the data disappearance seems to be another indication of the Post-Hacker Era, where governments and companies have learned that computers can be used as an essential aspect of crime and/or to cover up a crime. The lines between "hacker" activities and "legitimate" activities may become increasingly less clear. In order to commit a white collar or economic crime, individuals or organizations will almost have to use computer techniques. While there continues to be an (often unconscious) image that many have that computer crime is "bad individuals" against "good" organizations, the Organization as Computer Criminal is rapidly becoming a serious problem. One but certainly not the only instance of this is the recent British Airways's penetration of Virgin Air's reservations system.
It is only fitting that this happened on the eve of tomorrow's presidential inauguration: I sent a message today to the Clinton Transition Team and got the following response. Does this mean that they are not keeping up with their e-mail? So much for electronic democracy!!! :-} TO: * David Daniels / MCI ID: 438-1897 Subject: Non-delivery notification Message [...] sent Tue, Jan 19, 1993 07:16 PM EST, could not be delivered to: To: Clinton Transition Team EMS: CompuServe MBX: [75300,3115] for the following reasons: Mail Delivery Failure. No room in mailbox. ----- Returned message ----- [Too many people looking for jobs? PGN]
The Evening Post, Wellington, New Zealand, 27th January, 1993 (Excerpted) ACC Promises Nothing A computer glitch two weeks ago means some accident compensation clients have been sent multiple identical letters promising them cheques for $0.00. Teacher Angela Watt received three envelopes yesterday from the Accident Rehabilitation and Compensation Insurance Corporation relating to her son Andrew, who sprained his ankle while picking apricots. The first letter gave Andrew's medical fee number and requested that he keep it in a safe place. The second did the same thing but added mysteriously that "although you have claimed $0.00, legislative regulations provide maximum limits of payment of $0.00. Payment of this amount will be forwarded." Confused and craving enlightenment, Mrs Watt opened the third letter. She found a cheque for $29 - a refund for Andrew's doctor's fee. Palmerston North branch manager Jo Burney said the corporation reprogrammed its Wellington computer on January 12 to stop it sending out individual letters for every part of a client's claim. "Under the old system, you would get separate letters and cheques for each part of a claim - the doctor's fee, the prescription charge and the physiotherapy," she said. The new computer programme was supposed to save all the claims, add them up and send out one letter and one cheque. "Something happened ... there was one letter all right but it was sent out three times in some cases."
An interesting tidbit came to light while I was attending a demonstration of Lotus' cc:Mail and Notes products at the Boston NetWorld this month. During the Notes portion of the presentation someone asked how secure the information in the various databases was, and how the encryption was done. The presenter said that the data was considered very secure, so much so that the FBI had approached Lotus to ask that a "back door" be left in the software in order to give the Bureau a method for infiltrating suspects' filesystems. She said they were specifically targeting "drug dealers and other bad people." Given this backdoor, what was to stop the Bureau from inspecting confidential materials on any system? The risks seem obvious. Additionally, it makes one wonder how many other vendors of supposedly "secure" software have been similarly approached by various Federal organizations, and how many have agreed to create the back doors as requested. Happily, the presenter said that Lotus refused to honor the FBI's request. Bravo! Dick Joltes, Manager, Networks and Hardware, Harvard University Science Center firstname.lastname@example.org
One way to discourage intruders from using covert channels to foil security is to turn off the system clock, or at least to hide it from users. But this breaks a lot of software, so it's too drastic for all but the most security-conscious sites. So I was surprised to see J.-B. Condat's letter in RISKS 14.28, which began: Date: 31 Dec 69 23:59:59 GMT From: email@example.com Subject: New E-journal on computer security ... Unix cognoscenti will recognize that date: it corresponds to the internal Unix time value of -1, which is returned by system functions when the clock is not available. I guess Condat and the Chaos Computer Club France must really be practicing what they preach!
> > At the tail end of the sports news at the end of NewsHour, the morning BBC > > show heard on WBUR, was the mention of an error in a betting computer at a > > greyhound race track. The computer continued to accept bets well after the > > conclusion of the race. Needless to say, many gleeful track-betters bought > > tickets for the dog that had already won, and claimed their winnings. This happened in New Zealand, with the computer system run by the NZ TAB (Totalisator Agency Board), on the 7th of January, at the Waikato aGreyhound Club meeting. The problem started when the track to computer site communication links proved unreliable - basically a noisy data line, with lots of dropouts. Switching to a backup dialup line did not help. When they switched to a backup modem, it blew a fuse. They then tried to switch to a cellular modem backup, they failed to establish a connection (I am unsure on the engineering details here). (Apparently all these backup services had worked OK on the previous day). The upshot was that operation continued on the noisy line, with reduced throughput. Because of these communication difficulties, after consultation with the Auckland computer site, the track tote manager decided to delay all races by 30 minutes. Unfortunately, the human-human communications link failed here, as both the track operators, and the Auckland site operators delayed the races by the required 30 minutes, thus resulting in the computer believing races had been delayed by 60 minutes. When the race was started, the track operators performed a standard `Race close' function, to shut off betting. (NZ TAB operates `betting to the jump'). However, because in the computers' eyes, the race was being closed 30 minutes early, the control function being used asked for the `Override for Early close' field to be set to `Y'. The operator, apparently used to closing races at approximately the right time, or after the scheduled time, had never seen this diagnostic before, and/or had `sent' the control function, and walked away before seeing the diagnostic. This problem was not noticed/solved for about 3 minutes, and since a greyhound race is over in about 20 seconds, this allowed time for a number of bets to be placed after the result was known. The bets were placed all around the country - not just at the track. [Exactly what happened in this 3 minute period has not been sorted out - there was a flurry of human-human communication between the track, the Auckland computer site, and the master computer site, once it was realised that betting was still being taken. Procedures were not correctly followed. Part of the problem is that this has never happened before in the 12 years of operation this system has had. Too reliable?] Once the `double deferment' problem was noticed, the track tried to move the race start times forward by half an hour. However, the software would not allow them to move subsequent race start times to a time which was prior to the scheduled start time of a race which has already been run. This was not a major problem, since the early race close could be used OK. [Perhaps a case of error-checking being a little too stringent?] I would hesitate to blame the problems on `computer failure'. Perhaps `communications failure' - between the computer and the operators (For having a slightly different interaction in this instance), and human-human (the double deferment, and the site/track communications when the problem was noticed). The only hardware failure was a dodgy comms link. Software failure? Not really. Computer system failure? I guess so, you've got to count the operations side of things. > > The article also mentioned that some people are just born losers. > > After the race had finished, 139 people bet on dogs that had *lost*! This is explained by the popularity of a product called `Easybet'. This is a bet in which the computer selects three runners for a race (runners are selected randomly, weighted by favouritism), and the ticket wins if the three selected runners come in 1st, 2nd and 3rd (a boxed trifecta). The default race for an `Easybet' is the next race to close. Since the race hadn't been `closed', many `Easybets' were sold on the race which had already been run. Many of the losing tickets sold after the race had been run were actually `Easybets' which didn't win. > > The government management reported that they intended to reclaim all of the > > unfairly-won monies. However, they stated that they intend to *keep* the > > money from the losers. The `loss' was approximately NZ$7000, mostly from trifecta bets (selecting 1st, 2nd and 3rd in the right order), with a payout of over $200 per $1 invested. NZ$5000 of this was placed at a single agency. The agent has been arrested and charged, after allegedly encouraging customers to bet after the result was known, and allegedly placing bets him/herself (illegal). Since the TAB in New Zealand operates on a pari-mutuel system, where the prize pool is a percentage of the money placed on a particular bet type for that race, the late bets increased the number of winning units, thus `diluting' the dividend paid on winning bets. The TAB is making up the dividend to the correct amount, for bets placed before the race was run. [Also commented upon by Martin D. Hunt <firstname.lastname@example.org>.]
In May 1992, the US Postal Service testified before the US House of Representatives' Government Operations Subcommittee that National Change of Address (NCOA) information filled out by each postal patron who moves and files that move with the Post Office to have their mail forwarded is sold to direct marketing firms without the person's consent and without informing them of the disclosure. These records are then used to target people who have recently moved and by private detective agencies to trace people, among other uses. There is no way, except by not filling out the NCOA form, to prevent this disclosure. This letter is to request information on why your personal information was disclosed and what uses are being made of it. Patrons who send in this letter are encouraged to also forward it and any replies to their Congressional Representative and Senators. Eligible requestors: Anyone who has filed a change of address notice with the Postal Service within the last five years. Records Officer US Postal Service Washington, DC 20260 PRIVACY ACT REQUEST Dear Sir/Madam: This is a request under the Privacy Act of 1974 (5 USC 552a). The Act requires the Postal Service, as a government agency, to maintain an accounting of the date, nature, and purpose of each disclosure of information about individuals. I request a copy of the accounting of all disclosures made of address change and mail forwarding information that I provided to the Postal Service. This information is maintained in USPS System of Records 010.010. On or about (date), I filed a change of address notice requesting that my mail be forwarded from (old address) to (new address). The name that I used on the change of address form was (name). This request includes the accounting of all disclosures made by the Postal Service, its contractors, and its licensees. I am making this request because I object to the Postal Service's policy of disclosing this information without giving individuals an option to prevent release of this information. I want to learn how my information has been disclosed and what uses have been made of it. Please let the Postmaster General know that postal patrons want to have a choice in how change of address information is used. If there is a fee in excess of $5 for this information, please notify me in advance. Thank you for consideration of this request. Sincerely, CC: Your Congressional Representative US House of Representatives Washington, DC 20510 Your Senators US Senate Washington, DC 20515
PROGRAM [and REGISTRATION FORM info] [NO REGISTRATIONS BY EMAIL. REGISTRATION FORM FROM CLIFF OR FTP FROM RISKS CRVAX.SRI.COM archive directory (CD RISKS:) as "TAPSOFT.93".] TAPSOFT'93 is the fourth International Joint Conference on the Theory and Practice of Software Development. Its predecessors where held in Berlin, Pisa, Barcelona and Brighton. This year TAPSOFT will take place at Orsay, the beautiful campus of the University "Paris-Sud". Continuing with the tradition of high scientific quality of these meetings, TAPSOFT'93 will consist of three parts: I. The COLLOQUIUM ON TREES IN ALGEBRAS AND PROGRAMMING (CAAP) Program Committee: A. Arnold, N. Dershowitz, H. Ganzinger, J. Goguen, J.-P. Jouannaud (Chair), J.-W. Klop, D. Kozen, U. Montanari, M. Nivat, L. Pacholski, B. Rovan, W. Thomas II. The COLLOQUIUM ON FORMAL APPROACHES OF SOFTWARE ENGINEERING (FASE) Program Committee: E. Astesiano, M. Dincbas, H. Erhig, M.-C. Gaudel (General Chair), S. Gerhart, D. Jacobs, C. Jones, T. Maibaum, F. Orejas, J. Sifakis, A. Tarlecki III. The ADVANCED SEMINAR with INVITED SURVEYS by H.-D. Ehrich, J. Guttag, C. Jones, B. Mahr, W. Thomas INVITED CONFERENCES by A. Arnold, P-P. Degano, N. Dershowitz, G. Longo CONFERENCE LOCATION: Building 338 (Batiment des Colloques), Faculte des Sciences, Universite de Paris-Sud, Orsay, France ACCESS: from Paris, 40 min. by RER line B, Orsay-ville station PROGRAMME OF THE CONFERENCE Tuesday 13 9:00 Registration and Coffee *9:45 Opening session *10:00 Invited Survey : "Are Formal Methods Useful "J. V. Guttag, MIT (USA), chaired by M.-C. Gaudel *12:00 Invited Conference: "On the Expressive Power of Models of Concurrency", P.-P. Degano, Univ. di Pisa (I) chaired by A. Arnold ***14:30 CAAP Session 1 : Specifications and Proofs, chair : J. Goguen - 14:30 Compositionality Results for Different Types of Parameterization and Parameter Passing in Specification Languages, H. Ehrig, T. U. Berlin (D), R. M. Jimenez & F. Orejas, Univ. Pol. de Catalunya (S) - 15:00 Proving Ground Confluence and Inductive Validity in Constructor Based Equational Specifications, K. Becker, Univ. Kaiserlautern (D) - 15:30 Associative-Commutative Discrimination Nets, L. Bachmair, T. Chen, I.V. Ramakrishnan, SUNY, Stony Brook (USA) ***14:30 FASE Session 1 : Case Studies in Formal Design and Development, chair : J. V. Guttag - 14:30 Algebraic Specification and Development in Geometric Modeling, Y. Bertrand, J.-F. Dufourd, J. Francon, P. Lienhart, Univ. Louis Pasteur & CNRS, Strasbourg (F) - 15:00 A Case Study in Transformational Design of Concurrent Systems, E. R. Olderog & S. Rssig, Univ. Oldenburg (D) - 15:30 Yeast : a Case Study for a Practical Use of Formal Methods, P. Inverardi, IEI-CNR Pisa (I), B. Krishnamurthy, AT&T Bell Lab, Murray Hill (USA), D. Yankelevich, Univ. Pisa (I) 16:00 Coffee Break *16:30 Invited Conference: "Vertical Verification of Concurrent Systems", A. Arnold, Labri-CNRS, Univ. Bordeaux (F) chaired by C. B. Jones 17:45 University Reception Wednesday 14 *9:30 Invited Survey: "Using Object-based Concepts to Control Concurrency", C. B. Jones, Univ. of Manchester (UK) chaired by H.-D. Ehrich 11:00 Coffee Break ***11:30 CAAP, Session 2: Concurrency, chair : U. Montanari - 11:30 From pi-calculus to higher-order pi-calculus - and back, D. Sangiorgi, Univ. Edinburgh (UK) - 12:00 Hyperedge Replacement with Rendez-vous, G. David, F. Drewes & H.-J. Kreowski, Univ. Bremen (D) - 12:30 True Concurrency Semantics for a Linear Logic Programming Language with Broadcast Communication, J.-M. Andreoli, L. Leth, R. Pareschi & B. Thomsen, ECRC, Munich (D) ***11:30 FASE, Session 2: Compositionality, Modules and Development, chair : A. Tarlecki, - 11:30 A General Framework for Modular Implementations of Modular System Specifications, M. Bidoit, LIENS-CNRS (F), R. Hennicker, Ludwig-Maximilians Univ., Mnchen (D) - 12:00 Reducing the Runtime Costs for Modularity, M.T. Vandevoorde, MIT (USA) - 12:30 Application of the Composition Principle to UNITY-like Specifications, P. Collette, Univ. Catholique de Louvain (B) 13:15 Lunch *14:30 Invited Conference: ""Trees, Ordinals and Termination", N. Dershowitz, Hebrew Univ., Jerusalem (IL), chaired by F. Orejas 15:30 Coffee Break ***16:00 CAAP Session 3: Automata and Counting, chair : B. Rovan - 16:00 When is a Functional Tree Transduction Deterministic, H. Seidl, Univ. des Saarlandes (D) - 16:30 Automata on Infinite Trees with Counting Constraints, D. Beauquier, LITP, Paris (F), D. Niwinski, Univ. Warsaw (POL) - 17:00 Directed Column-Convex Polyominoes by Recurrence Relations, E. Barcucci, R. Pinzani & R. Sprugnoli, Univ. di Firenze (I) ***16:00 FASE Session 3: Formal Development, chair : B. Krieg-Bruckner - 16:00 Object Organisation in Software Environments for Formal Methods, J. Han, Univ. of Queensland (AUS) - 16:30 Monads, Indexes and Transformations, F. Bellegarde, Western Washington Univ. (USA), and J. Hook, Oregon Graduate Institute, Beaverton (USA) - 17:00 A Technique for Specifying and Refining TCSP processes by using Guards and Liveness Conditions, R. Pea, Univ. Computense de Madrid (S), L. M. Alonso, Univ. del Pais Vasco (S) Thursday 15 *9:30 Invited Survey: "Applications of Type Theory", B. Mahr, T. U. Berlin (D) chaired by G. Longo 11:00 Coffee Break ***11:30 CAAP Session 4: Constraints Solving and Enumerations, chair : L. Pacholski -11:30 Feature Automata and Recognizable Sets of Feature Trees, J. Niehren, DFKI, Saarbrcken (D), A. Podelski, DEC-PRL, Rueil-Malmaison (F) -12:00 About the Theory of Tree Embedding, A. Boudet & H. Comon, LRI-CNRS, Univ. Paris-Sud (F) -12:30 Linear Unification of Higher-Order Patterns, Z. Qian, Univ. Bremen (D) ***11:30 FASE Session 4 : Foundations and Analysis of Formal Specifications, chair : E. Astesiano -11:30 Theory Revision for Requirements Capture, W. Li, Beijing Univ. (China) -12:00 Exception Handling and Tern Labelling, G. Bernot, LIVE Evry (F), P. Le Gall, LRI-CNRS Orsay (F) - 12:30 Gate Splitting in LOTOS Specifications using Abstract Interpretation, F. Giannotti & D. Latella, CNR, Pisa (I) 13:15 Lunch *14:30 Invited Survey: "Constructing Systems as Objects Communities", H.-D. Ehrich, T.U. Braunschweig (D), chaired by H. Ganzinger 16:00 Coffee Break ***16:30 CAAP Session 5: Rewriting, chair : J.-W. Klop -16:30 Term Rewriting in CT 7, A. Corradini, Univ. di Pisa (I) -17:00 Optimal Reductions in Interaction Systems, A. Asperti & C. Laneve, INRIA-Rocquencourt (F) -17:30 Optimal Solutions to Pattern Matching Problems, L. Puel, LRI-CNRS, Univ. Paris-Sud (F), A. Suarez, LIENS-CNRS (F) ***16:30 FASE Session 5 : Verification of Concurrent Systems, ch. T. Maibaum -16:30 Testing for a Conformance Relation based on Acceptance, M.Y. Yao, G.V. Bochmann, Univ. of Montreal (CDN) -17:00 Testability of a system though an Environment, K. Drira & P. Azema, LAAS-CNRS, Toulouse (F), B. Soulas & A.-M. Chemali, EDF-DER, Moret sur Loing (F) -17:30 Automating (Specification = Implementation) using Equational Reasoning and LOTOS, C. Kirkwood, Univ. of Glasgow (UK) 20:00 Banquet Friday 16 *9:30 Invited Survey: "The Erhenfeucht Fraisse Game in Theoretical Computer Science", W. Thomas, Univ. Kiel (D), chaired by M. Nivat 11:00 Coffee Break ***11:30 CAAP Session 6: Logic and Trees, chair : W. Thomas -11:30 On Asymptotic Probabilities in Logics that captures DSPACE(log n) in Presence of Ordering, J. Tyszkiewicz, Univ. Warsaw (POL) -12:00 A Propositional Dense Time Logic based on nested sequences, M. Ahmed & G. Venkatesh, Indian Inst. of Tech., Bombay (IND) - 12:30 La vraie Forme d'un Arbre, J. Betrema & A. Zvonkin, Labri-CNRS, Univ. Bordeaux (F) ***11:30 FASE, Session 6 : Model Checking, chair : J. Sifakis -11:30 Model Checking using Net Unfolding, J. Esparza, Univ. Hildesheim (D) -12:00 Reachability Analysis on Distributed Executions, C.Diehl, C. Jard & J.-X. Rampon, IRISA (F) -12:30 Program Verification and Abstraction, S. Graf & C. Loiseaux, IMAG (F) 13:15 Lunch *14:30 Invited Conference: "The Meaning of "parametricity" in Polymorphic Functional Languages", G. Longo, chaired by J.-P. Jouannaud ***15:30 CAAP-FASE Common Session: Type Inference, chair : J.-P. Jouannaud -15:30 Polymorphic Type Inference with Overloading and Subtyping, G.S. Smith, Cornell Univ. (USA) - 16:00 Type Reconstruction with Recursive Types and Atomic Subtyping, J. Tiuryn & M. Wand, Northeastern Univ., Boston (USA) ***17:00 CAAP Session 7: Analysis of Algorithms, chair : M. Soria -17:00 (Un)expected Path Lengths of Asymmetric Binary Search Trees, U. Trier, Goethe Univ., Frankfurt (D) -17:30 Tree Size in a Dynamic List Structure, G. Louchard, Univ. Libre Bruxelles (B) ***17:00 FASE Session 7: Parallel Calculus, chair : H. Erhig -17:00 A Fully Parallel Calculus of Synchronizing Processes, D. Latella & P. Quaglia, CNR, Pisa (I) -17:30 Generic Systolic Arrays : A methodology for Systolic Design, E.P. Gribomont, Univ. de Liege (B), V. Van Dongen, CRI, Montreal (CDN) [And if you attend, please be sure to ask what this has to do with preventing RISKS. Of course, IT SHOULD HAVE GREAT RELEVANCE. PGN]
Please report problems with the web pages to the maintainer