8-Jul-87 00:00:01-PDT,14439;000000000000 Return-Path: <NEUMANN@f4.csl.sri.com> Received: from csl.csl.sri.com (CSL.SRI.COM) by F4.CSL.SRI.COM with TCP; Tue 7 Jul 87 23:53:44-PDT Received: from F4.CSL.SRI.COM by csl.csl.sri.com (3.2/4.16) id AA01159 for RISKS-LIST@f4.csl.sri.com; Tue, 7 Jul 87 23:45:06 PDT Message-Id: <8707080645.AA01159@csl.csl.sri.com> Date: Tue 7 Jul 87 23:52:15-PDT From: RISKS FORUM (Peter G. Neumann -- Coordinator) <RISKS@csl.sri.com> Subject: RISKS DIGEST 5.8 Sender: NEUMANN@csl.sri.com To: RISKS-LIST@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Tuesday, 7 July 1987 Volume 5 : Issue 8 FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Erasing Ford (and other) car computers (Shaun Stine) 7 Inmates Escape; Computer Blamed! (PGN) Hardware failures (Don Chiasson) Liability of Expert System Developers (Benjamin I Olasov via Martin Minow) PC's and Ad-Hoc Distributed DB's (Amos Shapir) Risks of proposed FCC ruling (Keith F. Lynch) RISKS in "Balance of Power" (Heikki Pesonen) Re: Aviation Safety Reporting System (Doug Pardee) A computer RISK in need of a name... (Jerry Leichter) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, nonrepetitious. Diversity is welcome. Contributions to RISKS@CSL.SRI.COM, Requests to RISKS-Request@CSL.SRI.COM. FTP back issues Vol i Issue j from F4.CSL.SRI.COM:<RISKS>RISKS-i.j. Volume summaries for each i in max j: (i,j) = (1,46),(2,57),(3,92),(4,97). ---------------------------------------------------------------------- Date: Mon, 6 Jul 87 13:41:15 edt From: stine@ICST-SE (Shaun Stine) To: risks@csl.sri.com Subject: Erasing Ford (and other) car computers I don't know how much this subject has been hashed/re-hashed in RISKS, but a paragraph from an article in _Mustang Monthly_ caught my eye. The gist of the article is on boosting the horsepower of the new Mustangs. > From: "Free Horsepower for HOs!" (Mustang Monthly, July 1987) > > To get a more immediate horsepower boost from the elimination > of the intake silence, disconnect the negative post on the > battery for at least 45 seconds to erase the computer's memory. > That way, when you crank the engine again, the computer will > immediately begin monitoring the fuel mixture to compensate for > the extra air flowing into the fuel injection. Be sure to > disconnect the negative post; if you disconnect the positive > post, the reconnection could cause a power surge that could > possibly damage the computer. The Mustang freaks here where I work (including myself) were interested in these tips, but as computer people, we were more intrigued by the last bit about damaging the computer and erasing the memory. A couple of questions: 1) If disconnecting the negative post will erase the computer's memory, what happens when your battery dies? Or _you_ yourself take the battery off for some reason? Does that also erase it, or does taking the positive post off within 45 seconds somehow keep you from losing the memory? 2) From that, what exactly do you lose when the memory is erased? 3) Is this mentioned by Ford manuals or any shop manuals (i.e. Chilton's)? I know dealers don't mention this - my family just bought a Sable, and I would presume that the computers are basically the same, and our salesman never mentioned it. 4) What does this do with emissions control? Some counties in Maryland have regular testing - would you still pass with the fuel being mixed differently? Whatever information anyone could provide would be greatly appreciated. Thanks. Shaun [A Racer's Edge becomes Erasor's Edge? Please send responses to Shaun, and he'll condense the results. PGN] ------------------------------ Date: Tue 7 Jul 87 23:13:45-PDT From: Peter G. Neumann <Neumann@csl.sri.com> Subject: 7 Inmates Escape; Computer Blamed! To: RISKS@csl.sri.com On the 4th of July in Santa Fe, New Mexico, a prisoner kidnapped one guard, shot another, commandeered the control center, and released six other prisoners. All 7 went through an emergency roof door, pole-vaulted over a barbed-wire prison fence, and disappeared. The guard tower was being staffed only during daylight hours ``because of financial restrictions'' (SF Chronicle, 6 Jul 1987). A PBS item noted that the prison computer control system was down at the time, and otherwise would have prevented the escape! ------------------------------ Date: Mon 6 Jul 87 15:55:58-ADT From: Don Chiasson <CHIASSON@DREA-XX.ARPA> Subject: Hardware failures To: risks@csl.sri.com I read recently of some problems that Intel had with the 32-bit multiply instruction on their 80386 processors. I am surprised that this sort of problem does not occur more often: an obscure hardware bug which sometimes gives incorrect answers. All the emphasis is on software bugs. The assumption is that hardware will work or fail catastrophically, or that error correcting circuits will detect problems. Is this always so? How often do microprocessors fail in minor ways? People have written about proving correctness of code: it is not possible to prove the correctness of hardware. For example, a complete test of a 32 bit multiplier would require 2**64, or 1.8E19 operations. (A year has only 3E13 microseconds.) Even without complete tests, writing diagnostic programs was extremely difficult when various margin and worst case conditions had to be considered. For example, memory diagnostic programs moved themselves around in memory; they would write bit patterns of 1's, 0's, alternating 10's and 01's, actual addresses into locations, and so on. Hardware problems can also be bizarre. My favorite was during an experiment at sea. We were recording data, and occasionally the magnetic tape unit would hang. Putting cards on extender boards to check signals showed us that sometimes the tape was erroneously showing up busy, and sometimes the computer couldn't even find the tape. Some hours later, we found a small (1-2 mm) piece of loose wire in the back plane. As the ship rolled, the wire would sometimes short out the busy line, and sometimes short out a line which changed the physical address of the drive. We had another problem (this on land) where the card side of a backplane had been painted; tiny paint chips fell off and short/open circuited various cards. We only found it when someone took out all the cards and noticed the paint. Can't happen again? I read recently that a radar in a US fighter plane was having intermittent problems. The problem was tin whiskers which grew inside an IC, were shaken loose by vibrations and sometimes caused internal shorts. Everything repeats, only different. ------------------------------ Date: 5 Jul 87 22:00:58 GMT From: bloom-beacon!bolasov@husc6.harvard.edu (Benjamin I Olasov) Subject: Liability of Expert System Developers Forwarded-From: AIList@STRIPE.SRI.COM Forwarded-By: minow%thundr.DEC@src.DEC.COM I'm told that a hearing is now underway which would set a legal precedent for determining the extent of liability to be borne by software developers for the performance of expert systems authored by them. Does anyone have details on this? [AIList Digest Monday, 6 Jul 1987 Volume 5 : Issue 171] [AIList Moderator Kenneth Laws AIList-REQUEST@STRIPE.SRI.COM] ------------------------------ To: nsc!comp-risks@Sun.COM From: nsc!nsta!nsta.UUCP!amos@Sun.COM (Amos Shapir) Subject: PC's and Ad-Hoc Distributed DB's Date: 5 Jul 87 13:12:42 GMT The last time I moved, I have noticed that certains organizations were becoming slower in accepting change of address notices. I have been receiving mail to my old address even after some mail (all computer printed) had already been sent to my new address. Some organizations had to be notified several times in writing, by phone and in person. The latter revealed a possible explanation to this phenomenon: Many departments acquired PC's lately and kept their own personal 'phone books'; in effect they have created a distributed database, without the discipline and procedures needed to manage it. Changes to the organization's central DB did not propagate well, if at all, to these small personal DB's. It seems that nowadays when dealing with a big organization, one has to notify them of any change in writing, so that the central DB would be updated; then by phone or in person, directly to the department one is dealing with, so that the change would *really* be done. So far this has not been a risk, only a nuisance. Horror stories, anyone? Amos Shapir National Semiconductor (Israel) 6 Maskit st. P.O.B. 3007, Herzlia 46104, Israel Tel. (972)52-522261 amos%nsta@nsc.com @{hplabs,pyramid,sun,decwrl} 34 48 E / 32 10 N ------------------------------ Date: Mon, 6 Jul 87 01:08:19 EDT From: "Keith F. Lynch" <KFL@AI.AI.MIT.EDU> Subject: Risks of proposed FCC ruling To: pallas@PESCADERO.STANFORD.EDU Cc: KFL@AI.AI.MIT.EDU, RISKS@csl.sri.com Perhaps it isn't correct to call it a tax - though it has never been made clear just who is to get the money. But it is hardly "nonsense" to criticize it. The same bandwidth that supports one voice link supports fifty 1200-baud data links. In practice, far more, because of packet switching - i.e., 1200-baud data is not usually sent continuously. Charge $5 an hour for a 1200 baud link? Only if at least $250 an hour is charged for voice lines! If this bill passes, it will no longer be profitable to sublet small slices of T1 lines. There will be no reason not use use a full 56kb voice band line even for 300 baud data. The only ones who will benefit from this radical decrease of efficiency are those who will profit from installing unneeded new bandwidth, to be used in this inefficient manner. I say, if they can't compete in the free market, tough. Don't let them trash our freedom to communicate. If this passes, it will keep me off the net, since my networking cost would go from $25 a month to over $2000 a month. I don't believe that anyone is subsidizing this. As far as the local phone company is concerned, it's just another local call, and it is absurd to suggest it costs them any more than any other local call. As long as competing local phone companies are not allowed, it is outrageous to allow the one local phone company to take one's data hostage, demanding thousands of dollars for what costs them pennies, for no better reason than that they can get away with it. I would also question how the FCC can make laws. That is the perogative of Congress, and I see nothing in the Constitution allowing them to delegate their power to unelected bureaucrats. ...Keith ------------------------------ Date: Tue, 07 Jul 87 16:05:15 FIN From: Heikki Pesonen <LK-HPE%FINOU.BITNET@wiscvm.wisc.edu> Subject: RISKS in "Balance of Power" To: Risk Digest <RISKS@csl.sri.com> There is a computer game about "Geopolitics in the nuclear age" called BALANCE OF POWER. It is sold at least for Commodore Amiga. I bought one and now master the beginners level -- being able to beat Soviet Union. (We Finns have tried that twice before...) I do not have time and interest to do that on the expert level, as I find many other things more interesting to do. What does interest me is how people in the USA percieve the world view of this game. Do you think it is reasonable? There may be some risk in designing games simulating international affairs, if they are seemingly realistic. Some childish people may take them as the truth. [Please address any resposes to Heikki Pesonen directly. Cc: RISKS if you wish. PGN] ------------------------------ Date: Tue, 7 Jul 87 10:49:59 PDT From: edge!doug@Sun.COM To: RISKS@csl.sri.com Subject: Re: Aviation Safety Reporting System (RISKS-5.7) [Although this is only marginally relevant, it raises related questions about awareness, database completeness, and ethics. PGN] > For many years, NASA has operated the Aviation Safety Reporting System > (ASRS) for the FAA. It has been quite successful, producing important > information about flight safety. >... > The ASRS works because it offers an inducement for reporting (immunity), I think that the past tense should be used here. I'm just going from memory, but I recall that in the late '70s the immunity provisions were dropped and ASRS quickly faded into oblivion. If it is still in operation, few pilots (including me) are aware of it. Doug Pardee, Edge Computer Corp; ihnp4!mot!edge!doug, seismo!ism780c!edge!doug ------------------------------ Date: 29 JUN 1987 10:13:29 EST From: <LEICHTER-JERRY@YALE.ARPA> To: risks@csl.sri.com Subject: A computer RISK in need of a name... The following appeared in the Wednesday (24-Jun) New York Times, in the Metropolitan Diary, a weekly column of "human interest" stories sent in by readers: A small sign was taped to a building on West 120th Street near Amsterdam Avenue, and Ellen Shaw of Scotch Plains, N.J., noticed it as she passed by. It was a discreet advertiesement for a nearby stand run by three young entrepreneurs - two boys and a girl - who were selling iced tea, cola and cookies. Ms. Shaw ordered tea and offered the youngsters a suggestion: "You may want to make a bigger sign," she said. "That one is really not to noticeable." "I know," said one of the boys, gesturing toward one of his partners, "but that's as big as his computer makes them." He paused, thought for a moment, and slapped his forehead. "Hey, I've got it!" he exclaimed. "Maybe we could DRAW a bigger sign!" The tea, incidentally, was herbal. [As we have noted before, computers are addictive. PGN] ------------------------------ End of RISKS-FORUM Digest ************************ -------