4-Sep-87 13:35:30-PDT,18034;000000000000
Return-Path: <NEUMANN@f4.csl.sri.com>
Received: from csl.csl.sri.com (CSL.SRI.COM) by F4.CSL.SRI.COM with TCP; Fri 4 Sep 87 13:33:11-PDT
Received: from F4.CSL.SRI.COM by csl.csl.sri.com (3.2/4.16)
	id AA03061 for RISKS-LIST@f4.csl.sri.com; Fri, 4 Sep 87 13:35:01 PDT
Message-Id: <8709042035.AA03061@csl.csl.sri.com>
Date: Fri 4 Sep 87 13:31:52-PDT
From: RISKS FORUM    (Peter G. Neumann -- Coordinator) <RISKS@csl.sri.com>
Subject: RISKS DIGEST 5.32 
Sender: NEUMANN@csl.sri.com
To: RISKS-LIST@csl.sri.com

RISKS-LIST: RISKS-FORUM Digest  Friday, 4 September 1987  Volume 5 : Issue 32

        FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS 
   ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Contents:
  Honda eschews computers for new 4-wheel steering system (Roy Smith)
  Another Trojan Horse? (Brian Tompsett)
  Transatlantic Flights at Risk from Computer (Daniel Karrenberg)
  Re: "Computer Failed to Warn Jet Crew" (Mark Ethan Smith)
  Delta-Continental Near-Miss
  Decomposing Software (Charles Gard)
  Why the Phalanx Didn't Fire (IEEE Spectrum Reference) (Eugene Miya)
  Cheap modems and other delights (Steve Leon via bobmon)
  Reach out, touch someone (Michael Sclafani)
  SDI event (Gary Chapman)

The RISKS Forum is moderated.  Contributions should be relevant, sound, in good
taste, objective, coherent, concise, nonrepetitious.  Diversity is welcome. 
Contributions to RISKS@CSL.SRI.COM, Requests to RISKS-Request@CSL.SRI.COM.
FTP back issues Vol i Issue j from F4.CSL.SRI.COM:<RISKS>RISKS-i.j.  
Volume summaries for each i in max j: (i,j) = (1,46),(2,57),(3,92),(4,97).

----------------------------------------------------------------------

From: cmcl2!phri!roy@seismo.CSS.GOV (Roy Smith)
Subject: Honda eschews computers for new 4-wheel steering system
Date: 24 Aug 87 02:03:54 GMT
Organization: Public Health Research Institute, NYC, NY

	In the September SciAm, there is an ad from Honda announcing that
the new Prelude Si4WS has 4-wheel steering.  I seem to remember this type
of steering being discussed at some length on this list in the past, so I
won't go into the details other than to quote the following from the ad:

	"The rear wheels are linked directly to the front wheels by a
steering shaft, gears and rods.  There are no computers, wiring or
electronic black boxes.  The Honda system is mechanical and sure."

	Have the Honda engineers been reading RISKS, I wonder?  Perhaps our
discussions steered them away from electo-gadgetry?  Has car design turned
a corner because of us?

Roy Smith, {allegra,cmcl2,philabs}!phri!roy
System Administrator, Public Health Research Institute
455 First Avenue, New York, NY 10016

------------------------------

Date: 24 Aug 87 15:39:48 BST
From: Brian Tompsett <mcvax!ecsvax.ed.ac.uk!BCT@seismo.CSS.GOV>
Subject: Another Trojan Horse?
To: "risks%csl.sri.com@ukc" <csl.sri!risks@ukc.ac.uk>

 The following is quoted the Engineering Computing Newsletter of the Rutherford
Appleton Laboratory, Issue 4:July/Oct 87. The article describes a visual
version of the file comparator program diff called vdiff.

    "Recently, the staff of the Houses of Parliament have become interested in
  this work, since they need to monitor changes to Bills as they pass through
  Parliament. As a result, we are planning a new feature whereby vdiff secretly
  adds extra lines to a file without the user knowing. Our future funding may
  therefore come from an extra clause in an Act of Parliament, supporting us in
  perpetuity at a base in Tahiti with ......... . "

Brian Tompsett. Department of Computer Science, University of Edinburgh,
JCMB, The King's Buildings, Mayfield Road, EDINBURGH, EH9 3JZ, Scotland, U.K.
Telephone:         +44 31 667 1081 x3332.
JANET:  bct@uk.ac.ed.ecsvax  ARPA: bct%ecsvax.ed.ac.uk@cs.ucl.ac.uk
USENET: bct@ecsvax.ed.ac.uk  UUCP: ...!seismo!mcvax!ukc!ecsvax.ed.ac.uk!bct
BITNET: psuvax1!ecsvax.ed.ac.uk!bct or bct%ecsvax.ed.ac.uk@earn.rl.ac.uk

------------------------------

To: Most Entertaining and Educating Mailinglist <risks@csl.sri.com>
Subject: Transatlantic Flights at Risk from Computer
Date: Wed, 26 Aug 87 01:40:37 +0100
From: Daniel Karrenberg <mcvax!cwi.nl!dfk@seismo.CSS.GOV>

The obvious mistakes being made here are well known to Risks readers:

  1) no backup systems or backup copies of vital real-time information,
  2) discrediting anonymous reporting schemes.

Daniel Karrenberg, Centrum voor Wiskunde en Informatica, Amsterdam
Phone +31 20 5924112                    Future Net:  <dfk@cwi.nl>

                       [But the following is worth including anyway.  Who 
                       do you know who never makes obvious mistakes?  PGN]

  From "The Independent" of August 24th:

  Transatlantic flights at risk from computer,  By David Black

  The computer which controls airliners flying between Europe and North
  America failed yesterday morning, causing delays of up to three hours on
  all transatlantic flights. 

  It is the ninth serious breakdown of the system, which has had, on average,
  minor failures every other day since it became operational earlier this year.

  It crashed just after 11.30am.  By mid-afternoon Heathrow airport began to
  run out of parking space for delayed aircraft, many with passengers on
  board.  Similar delays were experienced at Paris, Schipol (Amsterdam),
  Frankfurt, Zurich and other major European airports and complaints from
  airlines began flooding in last night.  The failure on the busiest day of
  the year is bound to embarrass the Civil Aviation Authority internationally.

  Although the computer was restored by tea time, controllers were unable to
  bring it back on line without stopping all transatlantic traffic.  Last
  night, the intention was to wait until traffic eased prior to the surge of
  eastbound traffic from North America before restoring the computer.

  The computer, known as the Flight Data Processing System (FDPS), is
  based at the National Air Traffic Service's Oceanic centre at Prestwick
  in Scotland.  Yesterday's failure is the second in which all information
  available to controllers was wiped from the system. 

  Controllers there monitor weather systems over the Atlantic and every day
  draw up a network of airways, known as the Organized Track Routing
  system, offering the quickest transit times.  So busy was demand
  yesterday, that instead of six parallel tracks, nine were planned. 

  The computer takes data from domestic air traffic control centres and works
  out the times at which aircraft will enter Oceanic airspace.  Safety for
  aircraft crossing the Atlantic depends entirely on separation, not by radar,
  but by releasing the planes into the track system at regular intervals.

  All movements are displayed on large screens which yesterday had to be
  isolated from the computer, with flight details entered manually. 
  Strict flow control limiting the number of airliners allowed to enter the
  tracks was then imposed to prevent collisions. 

  The new system is all electronic, and when the screens go blank, there are
  no printed cardboard progress strips to fall back on.  It is the subject of
  highly critical reports in the latest CHIRP (Confidential Human Factors
  Incident Reports) bulletin, which is published by the RAF's Institute for
  Aviation Medicine.  CHIRP allows pilots and controllers to report incidents
  in confidence, without jeopardising their or their colleagues' careers while
  alerting others in the aviation industry to possible safety problems.

  It is based on a similar scheme in the US, run by NASA.  However, last week, 
  in advance of publication of the latest CHIRP bulletin, the CAA said that
  because references which could identify staff were removed, the reports
  lacked sufficient detail to be investigated, and were undermining flight
  safety.

  One controller used that CHIRP bulletin to describe what happens during
  a system crash: "On one occasion when the system crashed all information 
  available electronically to staff was wiped out.  For two and a half hours 
  the staff had no idea what traffic was in their area."

  The oceanic controllers were reduced to telephoning adjacent air traffic
  control centres to find out which airliners had been handed over to the
  recently, and to examining old strips to get some kind of picture what
  airliners were flying, supposedly under their control. 

  Adjoining control centres, meanwhile, had to hold airliners on the
  boundary between their area and Oceanic's while the mess was resolved. 

  During one crash, a westbound and an eastbound airliner were accidently
  placed on a collision course 35,000 feet over the Atlantic.  The controller
  concerned wrote: "The potentially horrific situation was resolved by pure
  good luck when another controller noticed that the eastbound was missing
  from the display, and may have been deleted by mistake."

  A senior controller at the Oceanic centre said last night:
  "They wonder why we have so little confidence in our top management when
  they give us tools like this - aeroplanes have to have duplicated or even
  triplicated systems as back-up, but the same safety rules clearly do not
  apply to our equipment.  These continual failures are the basic ingredients
  of a mid-air disaster."

  Christopher Tugendhat, the chairman of the CAA, was unavailable for
  comment yesterday. 
     
------------------------------

Return-Path: <sdcsvax!ames!ptsfa!hoptoad!academ!killer!era@ucbvax.Berkeley.EDU>
From: sdcsvax!ames!hoptoad!academ!killer!era@ucbvax.Berkeley.EDU
Date: Mon, 24 Aug 87 03:19:50 CDT
To: academ!CSL.SRI!RISKS@csl.sri.com
Subject: Re: "Computer Failed to Warn Jet Crew" (RISKS DIGEST 5.31)

With regard to the crash of Northwest Flight  255, if the faulty fasteners
that are common throughout military and nuclear installations have also
been used in civilian aircraft, it is not entirely impossible that the
flaps deployed but broke off the moment stress was applied in takeoff.
These bolts do not meet design specifications, and are not ordinarily
detected by maintenance workers.
                                          --Mark Ethan Smith

    [Incidentally, Danny Cohen noted that my implicit assumption that the 
    flap warning system might have been working because the stall warning 
    system was working was unjustified -- the two systems are independent.
    "In the MD-80 there are 2 independent Stall Warning Systems, one of which
    shares a power supply with the Takeoff Configuration Warning System
    (TCWS) that is supposed to warn about incorrect flap setting on takeoff."
    But the common power supply does indeed imply that the circuit breaker
    did not fail.  Furthermore, it now appears that the flaps WERE 
    retracted (not deployed) on takeoff, in spite of the visual testimonies 
    of other pilots, and that would make it very hard to take off.  PGN]

------------------------------

Date: Fri 4 Sep 87 13:24:57-PDT
From: Peter G. Neumann <Neumann@csl.sri.com>
To: RISKS@csl.sri.com
Subject: Delta-Continental Near-Miss

The 4 Sept 87 papers note that the Delta L-1011 flight on 8 July 1987 that
was 60 miles off course actually came within 30 feet of colliding with the
Continental 747, and that four of the five safety measures that had been
previously recommended had been ignored, including plotting the expected
course on a map -- in fact, the appropriate chart was not even on board.
The cause of the near-miss is attributed to false data entry of the inertial
navigation heading.  Both the USA and Canada announced stepped-up use of
redundant checks in the navigational procedures...

------------------------------

From: hplabs!intelca!ceg@ucbvax.Berkeley.EDU
To: hplabs!CSL.SRI!RISKS@csl.sri.com
Subject:        Decomposing Software
Date:           Fri, 21 Aug 87 17:30:31 PDT
Organization:   Intel, Santa Clara, CA

The other day I was called in to repair an old terminal which was spewing
random characters across the screen.  I tracked the problem down to the
keyboard, specifically the i8741 microcontroller. (BTW, the i8741 is an 8
bit intel uController with 1k EPROM & 64 bytes RAM) This uController and the
keyboard had manufacture dates of early 1977.  I was in school in 1977, and
the EPROM cells were touted as being able to store a charge for 10 years
(nearly infinite time for systems where time is measured in nanoseconds
:-)), so no one ever cared about 10 years in the future.  Guess what? It's
now 1987 and in comparing the EPROM code with another device, some entire
words had floated to back to FF, causing the failure.  I was thinking about
how many other computer keyboards/systems had older style EPROMs and how the
firmware was slowly decomposing.  Where might these controllers be?  ICBM
launch control systems?  ATM machines?  Pacemakers?  Now I have something
else to lay awake at night and worry about. :-)
                                                      Charles Gard

------------------------------

Date: Thu, 3 Sep 87 17:02:30 pdt
From: Eugene Miya N. <eugene@ames-pioneer.arpa>
To: arms-d@xx.lcs.mit.edu, risks@csl.sri.com
Subject: Why the Phalanx Didn't Fire (IEEE Spectrum Reference)

%A John A. Adam
%T USS Stark: What Really Happened?
%J Spectrum
%V 24
%N 9
%D September 1987
%X Cover "Why the Phalanx Didn't Fire"

------------------------------

Date: Friday, 14 August 1987  14:21-MDT
Sender: ihnp4!inuxc!iuvax!iucs!bobmon@UCBVAX.BERKELEY.EDU
From: ihnp4!inuxc!iuvax!iucs!bobmon@UCBVAX.BERKELEY.EDU
To: info-modems@SIMTEL20.ARPA
Subject:   Cheap modems and other delights (Compuscan warning)
Resent-To: RISKS@csl.sri.com

I recently posted a request for info about a company offering a modem for
$122 (at least two other people posted similar queries).  I've since seen
the following bulletin, which I am passing along...

  Message #1951
    To ALL                                    08-11-87
  >From STEVE LEON (SYSOP)                     Subject WARNING
  ---------------------------------------------------------------------------
  There is an ad appearing in BYTE, INFO WORLD, Compuserve's ONLINE and
  perhaps other places (it may be scheduled for PC WORLD). It is a full
  page ad by an outfit in Beverly Hills California called Compuscan.
  Prices are absurdly low - in fact - they are below wholesale.
  To make a long story short - the whole thing is a scam. We have the
  postal authorities on it. INFO WORLD will have a front page story next
  week on it.
  In the meantime, don't fall for it. If you already have - RUN to the
  bank and stop payment on the check. (Get to the bank in person and get
  it from them in writing that you told them.) If you already sent money
  and your check was cashed - next time remember the old -but true fact -
  that if sounds too good to be true - chances are it is not true.
  Please pass it on through the BBS networks.
                                         STEVE LEON

------------------------------

Date: Fri, 28 Aug 87 17:57:57 edt
From: sclafani+@andrew.cmu.edu (Michael Sclafani)
To: risks@csl.sri.com
Subject: Reach out, touch someone

From The Miami Herald, August 14, 1987.  

It's 10 p.m. Do you know where your children are?  No?  Well, just
dial them up on your computer, via satellite link to the tiny implant
embedded just behind their left ears.

This is not science fiction.  Dr. Daniel Man, a Boca Raton plastic
surgeon, just won a patent on the basic technology.

He says the satellite link won't work until he perfects techniques
for making the human body act as an antenna.  Be he predicts its use
by parents, pet owners, overseas workers in potential hostage
situations, Alzheimers's patients and police tracking criminals or
parolees.

Does Dr. Man see any hint of Big Brother in all of this?

"Yes, but I don't want to go into it.  I'm more into the technical
aspects."


   [What will it take before inventors of technology consider
   implications of their work as part of their responsibilities?  MS]

------------------------------

Date: Tue, 25 Aug 87 11:52:43 pdt
From: Gary Chapman <chapman@russell.stanford.edu>
Subject: SDI event (Physicians for Social Responsibility)
To: Neumann@csl.sri.com

                "AN UPDATE ON THE STRATEGIC DEFENSE INITIATIVE"

                              September 15, 1987
                                   7:30 p.m.
                              Stanford University
                            Dinkelspiel Auditorium
                               Admission is free

                Sponsored by the Stanford/Mid-Peninsula Chapter
                     Physicians for Social Responsibility

Panelists:

     David Redell -- DEC Systems Research Center, Palo Alto, CA

     Gary Chapman -- Executive Director, Computer Professionals for
          Social Responsibility, Palo Alto, CA

     Professor Joseph Goodman -- Department of Electrical Engineering,
          Stanford University

     Angelo Codevilla -- Research Associate, Hoover Institute, Stanford,
          CA

The panel will be moderated by Dr. David Bernstein, of the Stanford Center for
International Security and Arms Control.

This panel discussion is intended to review the current state of the Strategic
Defense Initiative in technical, political and research terms.  There will be a
period for questions and answers after the panelists speak, which is scheduled
to take about 80 minutes.

Dinkelspiel Auditorium is directly in front of Tressider Student Union of
Stanford, on the west side of the campus.

------------------------------

End of RISKS-FORUM Digest
************************
-------