From "Computing", January 12, 1989. US airline TWA is under investigation by the Data Protection Registrar after a passenger saw abusive information on a computer screen, describing him as "obnoxious". London-based systems engineer David Burns saw the screen when he inquired about some lost luggage on returning to Los Angeles airport from Hawaii in October. He asked for a screen print and found it contained details of all the comments he had made to TWA staff including 'Pax (passenger) said do something constructive', 'Pax hung up phone', 'Pax obnoxious'. He said most of the details were not entirely accurate. Burns wrote to the Data Protection Registrar after being given conflicting information by TWA about whether the records were deleted when the lost baggage was eventually found, or were kept for reference. John Lamidey, the assistant data protection registrar in charge of investigations, said Burns' complaints are 'enough for me to think we should look at it further'. He appointed an investigator to visit TWA and expects to report back this month. Burns said that, after returning from holiday and eventually recovering the lost suitcase from another airline, he rang TWA Baggage Services in London to see if the luggage was still recorded as missing. He was told it was. Three people, including the head of passenger service, told him the report which contained his details could not be given to him as it was not company policy, even though the data was kept on the system for three months. He then requested the information under the Data Protection Act. [[which gives those in the UK the right to see information held on computers about them, with certain exceptions dictated by national security, etc.]] Brian Johnson, manager of personnel and administration for TWA in the UK, wrote back to say 'no material is held by TWA by way of magnetic media which contains your name.' A TWA official said the data had been deleted.
Something I got in the mail today sounded more Orwellian than I liked, I thought I would pass it along. It was part of a subscription recruitment mailing from Intelligent Network News of Alexandria, Va. (Any security- minded Intelligence organizations based in Alexandria you can think of? :?) >"Intelligent networks will dominate our industry's future and force every >company to rethink the way they do business. > >For example: > > Someday the public switched telephone network might track you >down in New York to tell you, "There's a leak in the basement of your >house in Denver. The plumber has already been called. He's reviewed >the service history of yoyur address, and thinks that it's probably >time to replace the blow-out valve on your water heater. Please respond." >The repair could be complete, further damage avoided, and the bill >paid by the time you return home, all thanks to nationwide intelligent >network services. > ..... >Clearly, this evolution will create money-making opportunities for >those with the will and wits to recognize them. Yes, just what I'm afraid of... -- Ralph Shaw Raytheon Co. (SSD) <firstname.lastname@example.org>
The October '88 issue of Cryptologia has an interesting article entitled ``European Needs and Attitudes Towards Information Security''. The author (a founder of a firm that devises cryptographic algorithms, and hence not an unbiased source) claims that the free market is driving banks and other financial institutions towards better protection of their data; he asserts that banks have suffered a loss of business when their inability to keep data confidential has been demonstrated. Of particular interest to this audience is his description of the (perceived) threats in Europe. Europeans do not particularly need protection against ``hackers'' or petty criminals. They need protection against organized crime, major corporations and governments. Such opponents are characterized by the presence of serious motivation (and therefor the willingness to expend significant sums to attack a system), access to substantial resources, and the possession or ability to purchase whatever technological expertise is required. He then goes on to relate three actual attacks. In the first, organized crime invested $5,000,000 up front in technical preparations; the gain (actual or potential isn't clear from the article) is estimated to be 100 times that. The second involves a government spying on bank data in another country; he implies, though does not state, that it was the U.S. government that did the spying. Apparently, the bank suffered serious loss of business when its vulnerability became known. Finally, he describes the plight of ``extractive industries'', whose competitors, both private and state-owned, regularly mount sophisticated electronic spying operations against them. If the claims are accurate, the difference in attitudes is fascinating. --Steve Bellovin
It is worth remembering that the original meaning of "structured programming" followed the English usage in which "structured" means, approximately, "organized", and that the usage or non-usage of certain control constructs was suggested as a means to that end, not an end in itself. One can often get a good laugh by doing a global substitution of "organized" for "structured" in a pronunciamento from either side — it tends to make both sides' arguments sound ridiculous. As it should: it is silly to confuse organization with a list of permitted constructs, and equally silly to criticize the desire for well-organized code on the basis of such confusion. Henry Spencer at U of Toronto Zoology
I have been a proponent of structured programming for many years, and I have found that there is really only one rule: think about the poor guy who is going to have to maintain the program you are writing. All the other rules about indentation and goto-lessness simply follow from that. The guy who ends up maintaining your program may be some rookie, or it may be a busy programmer who doesn't have time to carefully scrutinize your code, or it may be you six months down the road, after you've forgotten what you had in mind when you wrote the program. Whatever you can do to make it easier for this guy to understand your program will cut down the chances for errors (and will keep him from putting you on his bad-guy list after having to fight with your code). Lynn Gran Technical Consultant Computer Associates International, Inc.
In Risks 8.9, David Marks (djm408@tijc02.UUCP) lays much of the blame for "losing systems" on the narrow attitude of management which they derived from the educational system. Briefly, his reasoning goes: 1. Business types don't learn about computers and don't care about them 2. Engineers don't learn about business and don't care about it 3. There is therefore no common ground on which to meet. Premise 2 is nearly completely true - the average software engineer couldn't care less about the realities of business. But I have not found Premise 1 to be true to anything like the same extent. No matter where I've worked, I am constantly running into business folks who are trying to understand computers - out of intellectual interest, "nift" factor, or the obvious fact that there is a shortage of computer-literate business people and thus it is a good way to advance a career (and the free market wins again...). I think that there is an entirely different reason for the failure of the projects cited three or four references ago: Usually a project like this is specified not by the ultimate users of the service the computer will provide, but rather by a supplier in the form of a consultant contracted to buy the hardware and write the software. The consultant has no vested interest in the resulting software working correctly - he only has a vested interest in the project being big and expensive. The consultant wins once the contract is signed - everything after that is less important. If those who have the need have no control, and those who have control have no need, then disaster will always strike. It doesn't even matter if they are talking to each other. Steven C. Den Beste, BBN Communications Corp., Cambridge MA email@example.com(ARPA/CSNET/UUCP) harvard!bbn.com!denbeste(UUCP)
> "Note: the GPWS will not provide a warning if an airplane is flying > directly towards a vertical cliff." It's worth noting that solutions to this have been proposed and rejected. The problem with the standard GPWS is that it basically looks down, not forward, so it fails in the presence of abruptly-changing terrain. (The vertical cliff is only the extreme case; rapidly-rising terrain will give a warning, but often too late for it to be useful.) At least one company has proposed a more sophisticated scheme in which the "warning surface", so to speak, is not a point underneath the aircraft but a sort of ski-shaped surface extending a considerable distance forward. Nobody was interested, so the proposal was shelved. Henry Spencer at U of Toronto Zoology
Steve Phillipson proposes once-writable storage as a means to guarantee that archival records have not been tampered with. The idea is that the information, once recorded, can't be changed. The idea is fundamentally flawed, however, for reasons involving the digital nature of most such media. Typed or handwritten documents, photographs, audio tape recordings, all could be trusted (once) because you could detect alterations in them, AND ALSO because you could determine that the item you had was the original. The letters on a ypewriter have "personalized" defects, for example. More to the point, tape recorders and cameras add their own high-frequency losses or image blurs to the signals they record; and if you make a copy of the original tape or photo, there is unavoidable degradation of the information and addition of machine-related "noise" to brand the copy as such. Analog video tape is another example — broadcast quality tapes are unusable after a few generations of copying. Digital media don't suffer from this degradation, though. I get a new program for my PC at home, put a blank disk of the same brand in the machine, and type "DISKCOPY". Strip the label off, and you can't tell which disk is the original. By the same token, if I have my "archived" Shakespearean sonnets on a WORM disk, I simply read an image of the disk into memory, edit a few lines and write the new image onto a fresh WORM disk. Presto — bogus Shakespeare on a "tamper-proof" disk.
In RISKS 8.9, Jordan Brown says > I don't believe a 727 can fly on one engine. It must have two. > A three-engine airplane has a higher probability of having a failure in > the first place, and when it does have a failure it then has two points > of failure, EITHER of which will cause an accident. I think he's wrong on both counts. I have no specific knowledge in this area, but I'm almost certain that a 727 CAN maintain level flight, at least a some altitudes, on one engine. Also, there was a highly publicized incident a couple of years ago when a Lockheed TriStar flying out of Florida almost crashed into the ocean because a mechanic had left out oil seals after maintenance on all three engines. As I remember it, the pilot got back safely only because he was able to keep one engine going. Even if a 3 engine plane can't stay level on one engine, it will certainly have a much lower rate of decent with one engine going than with none, giving the pilot a lot longer to deal with the problem or find a landing spot. Even assuming that a 3 engined plane needs two engines to fly, the odds of 2 engines failing on a 3 engined plane are much, much, smaller than the odds of 1 engine failing on a 2 engined plane. Steve Jay domain: firstname.lastname@example.org Ultra Network Technologies Internet: email@example.com 101 Daggett Drive uucp: ...ames!ultra!shj San Jose, CA 95134 408-922-0100
Australian authorities are working around the clock ... leaks of supposedly securedial-up numbers for US defence sites, including anti-ballistic missile launch silos, ... The U.S. hasn't had any anti-ballistic missiles for more than a decade. I can only assume that the rest of the article is as accurate, especially since I've seen nothing about the "break-in" in the papers or news wires in this country. Jan Wolitzky, AT&T Bell Labs, Murray Hill, NJ; 201 582-2998; mhuxd!wolit (Affiliation given for identification purposes only)
> In recent issues of RISKS, various people have lamented the loss >of confidence we are experiencing in archival records kept by computer. >The problem seems to me less of a computer problem than a media problem, >specifically, choosing media that is appropriate for archival storage. Would God that it were that simple. If freedom from modification were the only requirement for the medium, then there might be a solution. However, for an increasing number of applications light in glassor electricity in copper are the medium of choice for other reasons. We require controls for the integrity and confidentiality of data that are independent of both media and environment, and which can move with the data. Fortunately for us they are here. Digital signatures and envelopes can be combined to mimic the behavior of the media and environmental controls that we commonly use. All that is required is a little bit of trusted storage in which to store the private keys and a tiny trusted process in which to do the code conversions. Of course, I have just stated the requirement for both media and environmental controls. While they are still necessary, they are no longer sufficient. William Hugh Murray, Ernst & Whinney
Please report problems with the web pages to the maintainer