RISKS-LIST: RISKS-FORUM Digest Wednesday 14 June 1989 Volume 8 : Issue 79 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Single point of failure -- Tokyo Stock Exchange (Jerry Carlin) Costly Horse Race (Rick Zaccone) Commercial Loans in California at a Standstill (PGN) Phone Hacking (Brinton Cooper) Microcomputers in the operating theatre (Martyn Thomas) Inspiration from the past -- Machines Will Take Over (Curtis Galloway) "Illuminatus!" (Pete) Praise and Blame -- Computers and People (Hugh Miller) NORAD Computers: Years Late, Unusably Slow, $207 Million Over Budget (Karl Lehenbauer) ---------------------------------------------------------------------- Date: 12 Jun 89 20:59:51 GMT From: jmc@PacBell.COM (Jerry Carlin) Subject: single point of failure -- Tokyo Stock Exchange "How Tokyo Earthquake Could Destroy the World Economy" SF Chronicle, Monday, June 12, page C7 The reporter quotes a story in "Manhattan, Inc" where it was disclosed that the main and backup computer for the Tokyo Stock Exchange sit right next to each other and in an area totally destroyed by the 1923 earthquake. This computer is the SOLE repository of Japan's offical records of stock ownership. Therefore if the computer is destroyed, all records of share ownership could disappear with obvious consequences. The original article speculated on various afteraffects of the earthquake including the collapse of the Yen, bankrupcy of Western insurance companies, and reversal of balance of payments problem. Jerry Carlin (415) 823-2441 {bellcore,sun,ames,pyramid}!pacbell!jmc ------------------------------ Date: Wed, 14 Jun 89 08:55:25 EDT From: Rick Zaccone Subject: Costly Horse Race The following was in the New York Times, June 13, 1989, p. B12: Computer Glitch is Costly Bettors who had the early daily-double yesterday at Belmont Park were supposed to get back about $70 for hooking up Dyna Mite Mollie in the first race with Jazz City in the Second. But a computer glitch knocked their payoff down to $3.40 and made winners out of everyone who had picked the winner of the first race. A defective computer file knocked out the track's parimutuel system after the first race, and track stewards ordered the second race to be run a as non-betting event after first delaying it for 27 minutes. Under State Racing and Wagering Board rules, all bets on a non-betting race must be refunded, and the non-betting race must be removed from multiple-race bets involving it. So track officials had no choice but to pay off a consolation daily double of Dyna Mite Mollie in the first and ``all'' in the second. Actually, the $3.40 payout on the ``4-all'' combination turned out to be a bit more profitable than betting on Dyna Mite Mollie to win. She paid only $3.20. The computer problem was resolved after 55 minutes, and the remaining races were run without any problem. The cancellation of the other second-race bets prompted a statewide refund of $439,144. Rick Zaccone ------------------------------ Date: Wed, 14 Jun 89 14:04:28 PDT From: Peter G. Neumann Subject: Commercial Loans in California at a Standstill A new $4.1 million computer system designed to enable recording, indexing, and scanning of 5.5 million pages of Uniform Commercial Code Division data was suppposed to provide the equivalent of a title search for commercial borrowers in two days instead of two weeks. The new system went on-line on 5 April, but worked at only 30% of capacity. For every day's work, the staff was falling 2.5 days behind. On 17 May they resorted to manual methods. The current backlog is 50,000 requests, and is not expected to be eliminated until 1 August. (The office is borrowing 100 employees.) Because of the enormous delays now encountered, many lenders have simply given up making commercial loans. (The contractor had urged the state to keep the old semi-manual system running as a backup, but the state apparently insisted on a cutover without retaining the backup.) [Source: abstracted from an article by Kenneth Howe in the San Francisco Chronicle, 14 June 1989, p. 1.] ------------------------------ Date: Tue, 13 Jun 89 8:22:44 EDT From: Brinton Cooper Subject: Phone Hacking From the Baltimore Sun, 13 June 1989, presented w/o permission: Callers trying to dial a probation office in Delray Beach, Fla, yesterday heard sex talk from a panting woman named Tina instead. [...named Tina instead of what?...] Southern Bell officials said that a computer hacker reprogrammed their equipment over the weekend, routing overflow calls intended for the local probation office to a New York-based phone sex line. They said it was the first time their switching equipment had ever been reprogrammed by an outside computer intruder... The implications of a computer breach are staggering for phone companies. Intercepting corporate communications, uncovering unlisted telephone numbers and tampering with billing information all are plausible consequences of such computer security breaches. I find it interesting that two of the three "implications" of such activity are inconvenient for corporations while one deals with personal issues. Unmentioned are the more insidious implicatios of this specific activity, rerouting incoming calls. Calls to 911, for medical care, or to a neighbor to come for help may be more costly in human terms than "intercepting corporate communications." _Brint ------------------------------ Date: Tue, 13 Jun 89 12:45:23 BST From: Martyn Thomas Subject: Microcomputers in the operating theatre This article appears in the July 1989 issue of Micro User (a hobby computing magazine). I have written to the named anaesthetist to persuade him to think again, and to the magazine to explain the problem. I must emphasise that I have no direct knowledge that the report is true, which is why I have suppressed the name of the anaesthetist. The problem remains, though. How can we spread understanding of the problems of using computers in safety-related applications, and of the minimum set of techniques which should be employed if such systems are being developed? { A BBC Micro in the operating theatre Anaesthesia is a precise art and at University Hospital, Nottingham [UK] there are moves to sharpen that precision by taking a BBC micro into the operating theatre. ... consultant anaesthetist [name given] plans to connect the machine to syringe drivers and so improve control over drugs given to patients during operations. Senior lecturer at the hospital's adjoining medical school, he hopes to take this even further by using the micro to receive messages from the patient's body, adjust drug output accordingly and even act as a hazard warning for theatre staff. As well as being put into practice during operations, his ideas will be used for teaching students in the Department of Anaesthesia. "I am generally interested in looking at micro applications in the operating theatre", he told Micro User. "The first is to link up a micro to drive stepper motors and syringe drives which could get over the inertia problems of the linear motors which are used at present". } Martyn Thomas, Praxis plc, 20 Manvers Street, Bath BA1 1PX UK. Tel: +44-225-444700. Email: ...!uunet!mcvax!ukc!praxis!mct ------------------------------ Date: Tue, 13 Jun 89 16:41:38 PDT From: curtisg@sco.COM (Curtis Galloway) Subject: Inspiration from the past Whenever my faith in technology flags, I turn to my favorite source of inspiration: _The Wonderland of Tomorrow_, by Jean Carper. I thought I would share some of its prophetic words with RISKS readers. (I particularly like this chapter's title; I only wish I could send along the illustrations.) Copyright Albert Whitman & Co., 1961. Reproduced without permission. Chapter 3 Machines Will Take Over The electronic computer is the most marvelous machine ever invented. It is often called the electronic "brain" because it does work so fast and accurately. It has been widely used for only about ten years, yet it has already changed our lives. Some day a computer will run an entire company. It will make about sales, production and personnel that are much more accurate than decisions made by businessmen. Companies already have employed computers to determine policies. One day doctors may use computers to determine what is wrong with their patients. The doctor will feed a list of symptoms into a machine, and it will tell him exactly which disease he should treat. In an experiment at Cornell University a computer and a doctor diagnosed the ailments of 350 people, and the computer did a better job than the doctor. Airplanes without human pilots may soon fly passengers and freight across the country. Air traffic will be controlled from the ground by computers. Some airports are now using computers to help prevent mid-air collisions. Computers already have translated Russian books, speeches, and scientific papers into English. So far, these machine translations are crude and imperfect, but improvements are made all the time. Soon we may see translations of hundreds of foreign books and magazines in any bookstore. It will be possible because computers made the translations many times aster than human language experts could. How rapidly new ideas will travel! [...] People who work with computers sometimes call them "idiots." A man, called a programmer, has to tell the machine how to work problems step-by-step. He feeds instructions into the machine, and each time the machine works a problem it must consult the instructions. This series of directions is called a program. A program is so somplicated that a man may sped several months developing it. [...] A prominent scientist has suggested that we eliminate wars by having the generals of unfriendly countries play war on the computer. No lives would be lost, and no cities destroyed. The generals of each country would simply feed their battle plans into the computer. The machine would run through the battles and show which side won. The losing country could perhaps pay a fine to the winner, and everyone would continue living peacefully. We have seen very little of what computers can do, but we can expect amazing things of them. One day the development of the computer may be regarded as a greater achievement than smashing the atom! Curtis Galloway -- The Santa Cruz Operation, Inc. ------------------------------ Date: Wed, 14 Jun 89 19:16:16 +1000 From: pete@basser.cs.su.OZ.AU Subject: "Illuminatus!" (Brunnstein, Wily hackers, RISKS-8.77) I believe that the book in question must be "Illuminatus!" by Harold Shea and Robert Anton Wilson. The book is a spoof on conspiracy theories, and intimates that many and probably all human institutions are just fronts for a small group of 'enlightened ones', who are themselves a front for the Time dwarves of Reticuli Zeta, or perhaps Atlantean Adepts, remnants of Crowley's Golden Dawn, or even more likely the Lloigor of H.P. Lovecraft's Cthulhu Mythos. A leading character in this book is named Hagbard Celine. "Illuminatus!" is a fun read if you like psychedelia and paranoia. It also seems to have influenced a lot of subsequent work, most notably Adams' "Hitchhiker's Guide to the Universe". It is easy to see how an unbalanced mind, taking it literally, could be completely absorbed. In fact "Illuminatus!" purports to intend just this sort of programming, referring to it as 'Operation Mindf**k'. I don't think this constitutes a real danger for the vast majority of sane adults, but it may, tragically, have been the case here. Or perhaps, no disrepect intended, Koch may in the course of various hacks really have discovered too much about the Illuminati. After all, they are supposed to be the secret power behind the KGB ... :-) (pete%basser.oz.AU@UUNET.UU.NET){uunet,mcvax,ukc,nttlab}!munnari!basser.oz!pete JANET: (POST) pete%au.oz.basser@EAN-RELAY (MAIL) EAN%"pete@au.oz.basser" ------------------------------ Date: Tue, 13 Jun 89 10:29:24 EDT From: Hugh Miller Subject: Praise and Blame -- Computers and People Michael Doob ("The Computer Didn't Commit the Crime," RISKS 8.78) remarked that his bank has taken to citing "human error" instead of "computer error" when apportioning blame for mistakes. This is, of course, getting to be a familiar pattern to RISKS users (e.g. the Airbus crash, the Vincennes, etc.). Two things are worth mentioning: (1) In the case of big systems, the investment grows so great and becomes such a milk-cow for so many people and institutions that any scapegoat but the system itself will do in the event of a breakdown. The irony in this lies in the fact that the charge of "human error" is correct, in a way: we humans erred in constructing a buggy system and regarding it as reliable. (2) We used to cite "computer error" because it was a convenient way to deflect blame away from human persons. Implicit in this behaviour was a view that human persons possessed a moral dignity not proper to the machine, and that it was therefore better that the lower entity take the rap. Our new pattern of blame suggests that we have set this order of values on its head. Hugh Miller, University of Toronto ------------------------------ Date: 13 Jun 89 04:59:00 GMT From: karl@sugar.hackercorp.com (Karl Lehenbauer) Subject: NORAD Computers: Years Late, Unusably Slow, $207 Million Over Budget Two major new North American Aerospace Defense Command computer systems have encountered software development problems that have increased costs by at least $207 million dollars and will be at least seven years late when delivered. According to Aviation Week and Space Technology (May 22, 1989, pp. 24 & 25), the Space Defense Operations Center (SPADOC) modernization and the Communications System Segment Replacement (CSSR) programs, both part of the Cheyenne Mountain upgrade at Colorado Springs, have encountered major delays in their development, prompting criticism of the management of both programs from the General Accounting Office (GAO). The GAO report criticized the project for its unrealistic expectations and the willingness to start the second phase before the first phase had been completed. The commander of the U. S. Space Command, USAF General John Pitrowski, said that the reports are substantially correct, but he disagreed with certain of the GAO's recommendations. SPADOC is the data processing and communications center that supports the North American Aerospace Defense Command. The center is supposed to be able to maintain information on the position of up to 10,000 man-made objects in space. It is also to provide warning of an attack, and to determine when satellites need to be maneuvered for their safety. The SPADOC modernization program was divided into three blocks -- A, B and C. Full-scale development on Block A started in 1983 and was intended to provide the hardware and software to automatically monitor and assess foreign activities that might put U. S. satellites at risk. Block B is to have the ability to make predictions of the orbits of about 400 satellites, and to automate a space object database that catalogs about 10,000 objects. Finally, Block C is to add greater automation, and to provide for the growth requirements of the system through the year 2005. The prime contractor is Ford Aerospace and Communications Corp. IBM is the major hardware supplier. Logicon, Inc. is providing independent validation and verification of the software for the Air Force, and the Mitre Corp. is providing engineering support to the Air Force as well. According to the GAO report, both Mitre and Logicon raised concerns about the quality of Ford's software development and whether Ford would be able to meet the schedule. The Air Force accepted the Block A system, even though (according to the GAO) it did not satisfactorily perform 14 of 23 required functions within the specified time limits. One example is that notification that a satellite is under attack takes four times longer than specified. According to the article, Mitre reported that in tests conducted in 1988, the system was so slow that at several points it was almost impossible to interface with it through the operators' consoles. The software is unstable as well, and unacceptable times to restart the system after a problem had occurred (presumably software exceptions and such) were also cited. Ford has proposed a new architecture for Block B using IBM 3090 computers. Ford also says that these computer will be sufficient to handle the Block C portion as well. The GAO also noted that, even if the software had worked and been on time, it could not have been installed in Cheyenne Mountain due to a lack of uniform wiring standards for computer and telecommunications equipment and congestion in the cabling area. Pitrowski agreed that the Air Force should have resolved the wiring problems sooner, but noted that the Air Force awarded a contract for facility modifications on April 19th. Karl Lehenbauer ------------------------------ End of RISKS-FORUM Digest 8.79 ************************ -------