RISKS-LIST: RISKS-FORUM Digest Wednesday 19 April 1989 Volume 8 : Issue 60 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Hillsborough: Risks of using Computers at Stadium Turnstiles (Brian Tompsett) Risks of plaintext data (Hugh Miller) Computer voting at Stanford (Scott Seligman) Re: Computerized attendance (Sean Fagan) More Auto-Seatbelt Horrors (Thor Simon) Mb = 1024? 1000? (Walter Roberson) Re: Newspaper Cartoons and Computer Infallibility (Will Martin) ---------------------------------------------------------------------- Date: Wed, 19 Apr 89 14:03:13 -0100 From: briant@SPIDER.CO.UK (Brian Tompsett) Subject: Hillsborough: Risks of using Computers at Stadium Turnstiles Heard on BBC radio Parliamentary report this morning. At question time a Member of Parliament stated that the Police at Hillsborough based their decisions to open a gate on the computerized tally from the turnstiles that indicated the ground had ample space to take more people. The government's plans to make computerized turnstiles compulsory increases the risk that a computer failure or error could result in another tragedy in the future. The government where asked to reconsider their plans in the light of recent events. Brian Tompsett. Spider Systems Ltd, Edinburgh. ------------------------------ Date: Wed, 19 Apr 89 16:09:41 EDT From: Hugh Miller Subject: Risks of plaintext data Excerpted from "MP demands probe into burglaries," by Tim Harper, _Toronto Star_, We 19 Apr 89, p. A13: OTTAWA - A New Democrat MP has asked for an investigation of a series of "high quality break-ins" at his office and those of 4 environmental and peace groups. Jim Fulton said yesterday the break-ins preceded the grilling of a senior defense department scientist in a probe to flush out the person who leaked information about nerve-gas testing in Alberta ... No one was arrested and the RCMP have rejected any link. Kirk Roberts, a spokesman for the Ontario Environment Network on Spadina Ave., said thieves who ransacked the office Jan. 13 stole equipment but ignored a personal computer valued at $3500. The thieves, Roberts said, were interested in stealing data tapes that included correspondence among some 100 Canadian environmental groups ... In a letter to Fulton about the break-ins, RCMP Commissioner Norman Inkster wrote, "Our enquiries into this matter have not uncovered any evidence to suggest the incidents were linked or conducted by any organized group of individuals." I spoke with Kirk Roberts this afternoon. "I've got to get hold of this article," he said. "I don't know what the thieves were _interested_ in, but they in fact did steal all of our backup tapes, except for the ones we keep off-site." OEN uses a WEB system, which provides dialup connections to 47 countries and affords full email/messaging functions. The system utilizes 120MB tape cassette backups. "The system does afford an encryption option for users who want to use it," said Roberts. "But the thing is, none of the stuff on those tapes was what you would call particularly sensitive. If any reasonable request had been made for items on those tapes, we would probably have supplied them. As an environmental organization we do things, and _want_ things done, publically. That these tapes were stolen says more about the thieves' paranoia than about the tapes' contents." OEN has only suffered the one break-in so far, said Roberts. Jim Fulton's Parliament Hill office has, however, he hears, been burgled four times. Hugh Miller, University of Toronto ------------------------------ Date: Wed, 19 Apr 89 00:12:55 -0700 From: Scott Seligman Subject: Computer voting at Stanford This year, for the first time, students voting in the student elections here at Stanford University aren't using paper ballets or voting machines. They're using Macintosh computers. People have been making quite a big deal out of this. The papers report that state officials are observing the process. Past student elections have been plagued with administrative bungles, which the computers are supposed to help prevent. The whole thing is quite important to the people who are administrating it -- one would think that they've been extremely careful.... I went to vote today. After I had cast all of my votes, a window appeared asking me if I now wanted to make my selections permanent. Seemed reasonable enough. But there was only one possible response to click on: "No". As this wasn't the response I was hoping to make, I hit return and clicked a few times and the window went away and then it came back again. This time there were two possible responses: "Yes" and "No". I selected "Yes", confident that my votes were being accurately recorded. (I'll leave it to others to report on the numerous machines out of service, and the long queues at the ones in service, and the complete lack of privacy, and ....) [While this system is a nice advance in letting the voter review the ballot, the problems of system integrity, assurance of nontampering, ballot privacy, etc. are largely ignored. It is certainly a worthwhile experiment, and will provide challenges for system penetrators and authorized programmers who want to rig elections. Some of the problems that will need to be overcome have been discussed extensively in the reports by Roy Saltman, Lance Hoffman, and others mentioned in earlier RISKS. PGN] ------------------------------ Date: Wed, 19 Apr 89 03:59:23 -0700 From: seanf@ucscc.UCSC.EDU (Sean Fagan) Subject: Re: Computerized attendance (RISKS-8.57) We had one in our high school, similar to a combination of the above [described in RISKS 8.57]. Each student had an 8 digit number (birthday, plus 2 digits for repeats; never mind the RISKS in that!), and the 2nd period class would fill out a little bubble sheet, which had `present,' `excused,' `absent,' and `tardy.' These would then be scanned, processed, and an absent child would have his (or her) parents called that evening. A child who was tardy for more than 3 days in a row, or for more than 20 days in a semester, would also have her (or his) parents called. I should mention that I grew up in a largely hispanic neighborhood, and they never did figure out how to handle the cases where the parents understood only English or Spanish (they tried English only, didn't work; tried Spanish only, my mother threw a fit 8-)). Nor did they take answering machines into account... Oh, of course, an obvious RISK: the computer originally was called up by a central computer in LA (Los Angelos) to send various reports. It took me and my cohorts 2 weeks to find out the number of the computer, after which we demonstrated how much we could screw up the system merely by calling repeatedly (keeping it busy) (yes, we told people what we were doing; they didn't believe us till we showed them [they were present when we were doing it, ok? 8-)]). Shortly after that, they changed to having the computer call LA, which was a number we never did figure out... Sean Eric Fagan (408) 458-1422 ------------------------------ Date: 19 Apr 89 02:04:17 GMT From: simon@cheshire.cs.columbia.edu (Thor Simon) Subject: More Auto-Seatbelt Horrors [RISKS-8.59] In response to the recent post on the dangers of automatic seatbelts: One day, while my father and I drove along in a rental car (I believe a Subaru) with automatic seatbelts, he saw that he'd caught his coat in the car door. Of course, being me, I dared him to open it and see if it fell out. He opened the door, and much to our surprise, the seatbelt opened, all while happily motoring along at about 40. Later that day I looked it over and saw that the seatbelt-opener used a simple pressure switch that could have been lifted intact from any refrigerator-light mechanism. Needless to say, this is VERY dangerous. Scenario: John and his buddies go for a ride. Being saftey-concious, He owns a car with auto-seatbelts. Unfortunately, they need them. They are sideswiped by a giant Mack truck. More unfortunately, the driver's side door _pops open_. This triggers the seatbelt-release mechanism, John hits the windshield and... Not fun, huh? Well, at least it looks like such seatbelt improvements may be obsoleted by the new $30 airbags... I hope. Thor Simon ------------------------------ Date: Wed, 19 Apr 89 12:57:18 EST From: Walter_Roberson@CARLETON.CA Subject: Mb = 1024? 1000? I found this is a SunSpots Digest we received today (v229). [How do you stick your thumb in to check how full a file system is? :-) ] Walter Roberson > Date: Tue, 28 Mar 89 07:45:08 CST [...] > I know that once I was unpleasantly surprised when I planned on a 512 MB > file systems size and calculated what that should be in terms of sectors > and cylinders on my disk. I figured that 512 MB = 512 * 1024 * 1024 = > 536,870,912 bytes. When I made the file system, I found out it was not 512 > Mb (from the output of newfs). Working backwards, I found that Sun used > 512 Mb = 512 * 1000 * 1000, which makes [sense] to me since I am a > mechanical engineer, but we all found it confusing. > > Dinah Anderson > Shell Oil Company, Information Center (713) 795-3287 > ....!{sun,psuvax,soma,rice,ut-sally,ihnp4}!shell!dinah [An old problem. But since we haven't had it in RISKS since volumes 2 and 3, it might as well resurface once again. PGN] ------------------------------ Date: Wed, 19 Apr 89 14:39:34 CST From: Will Martin -- AMXAL-RI Subject: Re: Newspaper Cartoons and Computer Infallibility > From today's Hi & Lois newspaper cartoon strip: > Clerk [to Hi]: I'm afraid we're out of stock on that item, sir. > Hi: I found it on the rack. I just want to buy it. Too bad they didn't follow that with the obvious: Hi: Well, since you don't have this, this can't be yours. It must be mine. [Walks out of store with item for free...] [But they'd probably be searching Hi and Lois. PGN] ------------------------------ End of RISKS-FORUM Digest 8.60 ************************ -------