RISKS-LIST: RISKS-FORUM Digest Saturday 1 April 1989 Volume 8 : Issue 47 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Summary of recent news briefs on "hacker" activity (Anonymous) "Free Fall" -- new book on 1983 Air Canada near-disaster (Rich Wales) Farm worker killed by conveyor (Walter Roberson) Hackers dictionary in Japanese? (Les Earnest) Undetected Monitoring Programs and Privacy Rights (Donald B. Wechsler) Re: Ada and Airbus (John Knight via A. Blakemore and Mike Linnig) Galactic Hacker Party (Rop Gonggrijp) Virus in PKARC software (Bob Kozlarek via Robert Casey via A-N-Onymouse) Computer Documentation Course Queries (Stephen W. Thompson) ---------------------------------------------------------------------- Date: Sat, 1 Apr 89 00:00:00 -0000 From: [Anonymous] Subject: Summary of recent news briefs on "hacker" activity March 17, Newsweek: "I Must Set A Proper Example." Interviewed on the MacNeil-Lehrer show yesterday, the president's nominee for head of the Office of the War on Addiction said that if confirmed he will abstain from use of his private Macintosh while he is in office. March 19, Wall Street Journal headline story: "HTH International announces $20M Initial Stock Offering, opening a new chain of hacker treatment homes." March 20, AP, Murray Hill, NJ: At a meeting of Hackers Anonymous last evening, well-known computer scientist C.A.R. Cudder declared, "I am a hackaholic." March 23, San Francisco Chronicle: The head of one of the largest insolvent savings and loan institutions (having lost $6 billion, with evidence of substantial internal fraud) attributed its demise to "malicious hacker activity by holders of student loans". March 24, Raleigh Times: RJ Reynolds Co today withdrew its newest product, the Hackerette. A spokesman explained that it features a program filter that delivers a hacking-equivalent jolt with no provably harmful side-effects. The filter had apparently been infected by a tobacco virus. March 25, Charleston Gazette: In his weekly sermon, a noted TV evangelist sharply condemned Hackers Anonymous for distributing sanitized workstations to confirmed hackers. He declined to comment on the new interactive video game, Satanic Nurses. March 27, Los Angeles Times: Interviewed on a corner at Rodeo Drive yesterday, the former first lady offered her advice to teen-age hackers: "Just say Logoff!" One block away, a street vendor offered the reporter an updated map of the movie stars' homes including modem phone numbers and passwords. March 28, CBS News: A notorious hacker, convicted of fraud earlier in the week, was released with a suspended sentence. He denied that it was he, using his one post-arrest phone call, who had transferred $500,000 from the municipal court's traffic-fine account into the judge's personal checking account. Number 1 on the NY Times best-selling book list for the week ending March 31: The Six-Week Program-All-You-Want Crash Cure for Hacking, published by Hackers Anonymous. April 1: According to advance promos, on `Nightline' tonight a noted TV evangelist will admit to Ted Koppel that he paid a hacker to demonstrate computer intrusion in his motel room. [Several items from the National Enquirer and the Weakly Whirled News were low on credibility, and have been omitted from this compendium. By the way, in general I do not like to accept anonymous messages, unless for some reason it is essential to protect the author or his/her associations; furthermore, anonymous messages should have a higher level of accuracy and precise references than attributed contributions -- although ALL authors should follow the masthead guidelines. PGN] ------------------------------ Date: Fri, 31 Mar 89 16:49:02 PST From: Rich Wales Subject: "Free Fall" -- new book on 1983 Air Canada near-disaster The April 1989 _Reader's Digest_ contains a condensed version of a new book, _Free Fall_. The subject is Air Canada Flight 143 (23 July 1983) from Ottawa to Edmonton, which came extremely close to becoming a major disaster when the airplane (a Boeing 767) ran completely out of fuel while in the air. The problem resulted from a combination of circumstances: (1) Both the electronic sensor designed to measure the fuel supply, and its backup, failed, and the necessary replacement parts were not readily available. This meant that the crew had no direct indica- tion in the cockpit of their fuel status; the fuel gauges were dependent on the plane's computer equipment and were thus blank. (2) A "dipstick" procedure for measuring fuel supply by hand was done incorrectly, leading the mechanics to conclude that the plane had more fuel than was in fact the case (and, thus, that it was safe to fly the plane without working fuel gauges!). The error was later traced to the fact that the airplane was one of the first Canadian 767's built to metric specifications -- and the mechanics had com- mitted a simple math error because they were still used to measuring fuel in pounds instead of kilograms. Further, when the plane finally ran completely out of fuel and both engines failed, the entire instrument panel -- now bereft of electrical power -- went blank. The radar transponder also failed, making it impossible for air traffic controllers to track the plane. Fortunately, an older radar facility in Winnipeg was still operational, enabling some degree of tracking from the ground. Fortunately as well, the pilot of the now powerless and instrumentless 767 had had extensive experience as a gliding instructor. He managed to land the jet -- without engines -- at an abandoned military airstrip about 50 miles north of Winnipeg. Although a small fire broke out in the plane, it was quickly extinguished. No one (either in the plane or on the ground) was killed or seriously injured; the plane, however, nar- rowly missed hitting several people camped on or near the long-abandoned runway. The plane sustained moderate damage, primarily because the nose gear did not extend all the way to its "locked" position and collapsed on landing; but it was eventually repaired and still flies today. Air Canada initially laid the blame on the pilot, co-pilot, and mainten- ance workers (the pilot had at one point tried to help the struggling ground crew with the fuel calculations, but ended up making the same math error). Eventually, though, a board of inquiry commissioned by the Canadian federal government overturned this ruling and cited Air Cana- da's rush to introduce a new aircraft that weighed fuel in kilos (while older planes continued to use pounds), without giving adequate training to the maintenance personnel, as the major cause of the accident. Both pilot and co-pilot received numerous awards for the skills they dis- played in saving Flight 143, and both continue to fly airplanes for Air Canada. My reporting of this story is not intended as a condemnation of the metric system. Indeed, I myself have long been a staunch advocate of metrication. But the RISK of confusion and error attendant with conver- sion to a new and unfamiliar system of measurement -- coupled with the RISK of depending on advanced electronic systems that leave one little or no manual recourse if they should fail -- deserves note. -- Rich Wales // UCLA Computer Science Department // +1 (213) 825-5683 3531 Boelter Hall // Los Angeles, California 90024-1596 // USA wales@CS.UCLA.EDU ...!(uunet,ucbvax,rutgers)!cs.ucla.edu!wales ------------------------------ Date: Thu, 30 Mar 89 22:24:29 EST From: Walter_Roberson@carleton.ca Subject: Farm worker killed by conveyor Tuesday (March 28), a 16 year old farm worker was killed "when he was caught between a conveyor belt and a doorframe." The details aren't clear from the article, but the article does say that an electrical breaker, a plug, a kill switch, and a direction control were all within the worker's reach at the time he was killed. The worker's overalls became snagged on the chain-type conveyor, which was only moving at one foot per minute. The implication from the article seems to be that the youth had never been taught how to turn off the machine! Walter Roberson [There have been several computer/robot-related deaths in the past. This one gets included as a "related system" (see masthead) and the necessity of being trained to copy with exceptional situtations. PGN] ------------------------------ Date: 30 Mar 89 2155 PST From: Les Earnest Subject: Hackers dictionary in Japanese? I received an off-the-wall phone call last night from an editor who is overseeing the translation of the Hackers Dictionary into Japanese. That amusing compilation was put together a decade or so ago by A.I. grad students at Stanford, MIT, and Carnegie-Mellon and recorded the then-current vernacular of their shared cultures. They did it for fun, but it somehow ended up getting published. The Hackers' Dictionary contains more than a few puns, jokes, and other things that are hard to translate such as "moby," as in "moby memory", or "fubar" and its regional variants "foo bar" and "foo baz". While a Japanese version of this dictionary might be of some limited value to a person who comes to the U.S. for an extended visit, there are clearly some risks involved in attempting such a translation. The particular problem that prompted the call was the definition of "logical." Apparently the dictionary gives as an example a statement something like "If Les Earnest left and was replaced by another person, the latter would be known as the logical Les Earnest." This had been written when I was the principal bureaucrat of the Stanford A.I. Lab. and was apparently intended to describe some set of responsibilities that could be transferred from one person to another. The editor reported that the Japanese translator had been hopelessly confused by this example; he found "earnest" in the dictionary but was unable to figure out what a "Les Earnest" was. The editor had tried to explain it to him but was unable to get the idea across. He finally called me to find out what my official job title had been, so that he could describe the example in more generic terms. I hope that they manage to work it out, but I am not willing to bet that the Japanese Hackers Dictionary will be fully comprehensible. Les Earnest [If he were Less Earnest, this would have been Less Interesting. PGN] ------------------------------ Date: Friday, 31 Mar 1989 18:14:17 EST From: m17434@mwvm.mitre.org (Donald B. Wechsler) Subject: Undetected Monitoring Programs and Privacy Rights PC WEEK (March 27, 1989) reports: "The recent rash of remote local area network software packages has thrust the PC industry into a national controversy over electronic monitoring and workers' rights to privacy. At question is whether or not products such as . . . Microcom Inc.'s Carbon Copy, which can be configured to allow undetected monitoring of PCs, violate workers' Fourth Amendment rights 'of people to be secure in their persons, houses, papers and effects, against unreasonable searches and seizures.' In answer to complaints from Massachusetts unions that workers' rights are being violated, the Massachusetts Coalition of New Office Technology (CNOT) plans to set up some guidelines to regulate employers who opt for electronic monitoring. The group's first step is to file a bill with the Massachusetts Dept. of Labor that would force employers to notify job applicants of any electronic monitoring . . . and to inform workers when they are being monitored." Carbon Copy is usually perceived as software which allows one PC to be controlled from another remotely located one. But programs like Carbon Copy can be configured to observe network activity without a user's permission, detection, or override. Lisa Morel of Microcom reports that: "the ones who are asking about it [undetected monitoring] are the system managers." While monitoring software can provide important network trouble- shooting and tuning help, users may view its secret operation as "condoned tapping." Monitoring differs from event logging. More than recording what the user does, monitoring software clones the user's activity on the observer's terminal. Interest in using undetected monitoring programs may increase with growing concern about network security and management. These programs are not limited to PC platforms. Moreover, serious reservations reach beyond the nasty business of how managers gather employee performance data. o The observer may monitor user access to organizationally sensitive information. o Secret monitoring conflicts with the Information Resource Management (IRM) principle of user data ownership. o From a lay legal view: - In a Federal government environment (including contractors), secret monitoring of user access to personnel information could lead to violation of the Privacy Act of 1974 (Public Law 93-579). - Undetected monitoring of a third-party's remote session could violate the Electronic Communications Privacy Act of 1986 (Public Law 99-508). In efforts to preserve security and integrity, are system managers and their parent organizations prepared to handle the ramifications of secret monitoring? ------------------------------ Date: Thu, 30 Mar 89 12:10:58 CST From: linnig@skvax1.csc.ti.com Subject: Re: Ada and Airbus (Let's not start any stupid rumors) [RISKS-8.46] From: blakemor@software.ORG Newsgroups: comp.lang.ada Subject: Re: Ada and the airbus disaster I am forwarding this reply from John Knight at SPC -- AB Ada has not been used in any AIRBUS system that I know of that is in production. It has been used to develop a shadow AIRBUS flight control system to evaluate Ada. The system turned out very slow so they used a faster CPU to ensure meeting deadlines (actually, 4 times faster). [However, stay tuned for an update on the Air France Airbus A-320 story, expected to be published in this country on 2 April. PGN] ------------------------------ Date: Thu Mar 30 02:00:20 1989 Path: telmail!neabbs!rop From: rop@neabbs.UUCP (ROP GONGGRIJP) Subject: Galactic Hacker Party Organization: NEABBS multi-line BBS +31-20-717666 (13x), Amsterdam, Holland GALACTIC HACKER PARTY 2nd, 3rd, 4th of August 1989 PARADISO, AMSTERDAM, HOLLAND During the summer of 1989 the world as we know it will go into overload. An interstellar particle stream of hackers, phone phreaks, radioactivists and assorted technological subversives will be fusing their energies into a media melt-down as the global village plugs into Amsterdam for three electrifying days of information interchange and electronic capers. Aided by the advanced communications technology to which they are accustomed, the hacker forces will discuss strategies, play games, and generally have a good time. Free access to permanently open on-line facilities will enable them to keep in touch with home base -- wherever that is. Those who rightly fear the threat of information tyranny and want to learn what they can do about it are urgently invited to interface in Amsterdam in August. There will be much to learn from people who know. Celebrity guests with something to say will be present in body or electronic spirit. The Force must be nurtured. If you are refused transport because your laptop looks like a bomb, cut off behind enemy lines, or unable to attend for any other reason, then join us on the networks. Other hacker groups are requested to organize similar gatherings to coincide with ours. We can provide low-cost international communications links during the conference. For further information, take up contact as soon as possible with: HACK-TIC PARADISO P.O. box 22953 Weteringschans 6-8 1100 DL Amsterdam 1017 SG Amsterdam The Netherlands The Netherlands tel: +31 20 6001480 tel: +31 20 264521 / +31 20 237348 fax: +31 20 763706 fax: +31 20 222721 uucp : ..!mcvax!neabbs!rop fido : 2:280/1 Hack Tic telex: 12969 neabs nl ------------------------------ Date: Fri, 31-Mar-89 03:44:01 PST Return-Path: From: portal!cup.portal.com!A-N-Onymouse@unix.SRI.COM Subject: Virus in PKARC software The following was posted on USENET: From: rfc@briar.philips.com (Robert Casey;6282;3.57;$0201) Newsgroups: rec.ham-radio,rec.ham-radio.packet Subject: virus in PKARC software Message-ID: <47960@philabs.Philips.Com> Date: 27 Mar 89 14:34:24 GMT Date-Received: 28 Mar 89 14:49:14 GMT Sender: news@philabs.Philips.Com Organization: Philips Laboratories, Briarcliff Manor, NY copied from packet: Date: 25 Mar 89 03:56:53 UTC (Sat) From: wa2sqq@kd6th.nj.usa.hamradio (BOB ) WARNING ! WARNING ! WARNING ! From: WA2SQQ Bob Kozlarek Subject: Software Virus PKZIP/PKUNZIP .92 AM40/AM41 Recent developments in the software world have required the famous PKARC software to be replaced by a new version called PKZIP/PKUNZIP. While several versions have been seen, the latest appears to be version .92 . Usually listed on landline BBS's is a program which will provide a menu driven screen for PKZIP, usually listed as AM-40 or AM-41. After running these one time, the embedded virus allocated 13 meg of memory to "never never land". It appears that this "strain" looks to see how much memory is occupied on the HD and then proceeds to gobble up an equal amount of unused memory. The results are devastating if you have more than 50% of the drives capacity in use. With the assistance of Gary WA2BAU I was able to retrieve the lost memory by using CHKDSK /f. For those of you who are not familiar with this DOS command, drop me a line @KD6TH and I'll elaborate. My sincere thanks goes out to Gary WA2BAU for saving me lots of disk handling ! Please pass this on to your local BBS and be sure to include the remedy. Best 73 de WA2SQQ, Bob Kozlarek, @KD6TH in Wycoff, NJ ------------------------------ Date: Thu, 09 Mar 89 13:53:13 -0500 From: "Stephen W. Thompson" Subject: Computer Documentation Course Queries Considering the dangers of using software and hardware for which doc is poor, I think that the following, found on a distribution list I receive, is very appropriate for this list. Certainly RISKS readers are likely to have many good suggestions, and a discussion of how we may improve how we create/use/misuse documentation would be, to me, quite useful. Responses to Joel's query go, of course, directly to him, but I'd think that discussion can go to RISKS. (Subject to the usual RISKS guidelines and our moderator's opinion, of course.) >+++++++++++++++++++++++++ SCUP BITNET NEWS +++++++++++++++++++++++++++++ > February 14, 1989 SCUP@TUFTS.BITNET VOLUME 3, NUMBER 5 > A service of the Society for College and University Planning > Edited by John A. Dunn, Jr., Vice-President, SCUP > Institutional Planning Office, Tufts University, Medford, MA 02155 >++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > ... > COMPUTER DOCUMENTATION COURSE QUERIES > Joel Kahn, Southwest Missouri State University (JCD715T@SMSVMA) > >I am working on a proposal to add to the curriculum here a course in >writing computer documentation. The course, as currently envisioned, >would deal with both hardware and software docs, and would focus >primarily on satisfying the needs of the non-technical end-user. The >course would be offered by the English department but might be included >in the degree programs of other departments such as Computer Science, >Communication, etc. > >In order to provide evidence for the need for this course, I'm >gathering information on the attitudes of users toward the state of >computer documentation today. Anyone who would like to assist me can >do so by answering the following questions: > >1) On the usual scale of F to A, what overall grade would you give > to the docs you've used over the past few years? > >2) What is/are the most common, persistent, and/or destructive > problem(s) you've encountered in these docs? > >I would also be grateful if anyone who has had direct experience with this kind >of course -- as teacher, student, whatever -- would give me useful advice. > .... I sent Joel mail asking for permission to submit his query to RISKS. His response is also thought provoking. >Date: 9-Mar-1989 09:13am EST >From: JCD715T@SMSVMA.BITNET >Subject: Documentation Survey > >Dear Steve, > >I would be pleased if you would forward my docs survey to RISKS and to >any other lists that you think might be suitable. In addition, I would >like to start gathering data on this through the SnailNet, for a number >of reasons that I won't go into here. The vital info: > >Joel Kahn >534 E. Grand >Springfield, MO 65807 > >Please circulate this address to any and all interested parties, >especially people connected with magazine and book publishing. >I think I'm onto something big here, something that goes far beyond >one course at one school. I seem to have tapped into a great wellspring >of anger and frustration, and the material I've gathered should be good >for at least an article, if not a whole volume. > >I thought you might be interested in an interim summary of the results, >so here it comes. > >Overall average grade: C-. (Personally, I think they were too lenient.) > >Most common complaints (in no particular order): > > Inability by writers to see non-technical end-user's viewpoint; > Lack of GOOD examples; > Lack of good index or any index at all; > IBM in general. [....] > >Usual disclaimers: SMSU bears no responsibility for anything in this >letter; results are totally unscientific and informal; use only as >directed; your mileage may vary; etc, etc, etc. . . . > > Joel Kahn Stephen W. Thompson, 215-898-4585 Institute for Research on Higher Education University of Pennsylvania, Philadelphia, PA 19104 ------ End of Forwarded Message ------------------------------ End of RISKS-FORUM Digest 8.47 ************************ -------