University of Bielefeld -  Faculty of technology
Networks and distributed Systems
Research group of Prof. Peter B. Ladkin, Ph.D.
Back to Abstracts of References and Incidents Back to Root
This page was copied from:

Previous Issue Index Next Issue Info Searching Submit Article

The Risks Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 16, Issue 23

Weds 13 July 1994

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator


o Inmates con jail computer
Peter Ilieve
o White House Buys Off EES Patent Holder
Brock N. Meeks via Stanton McCandlish
o New National ID Card Proposal
David Banisar
o SimCity
Phil Agre
o Teletext run amok
Michael J. Stern
o "Glyphs" may track your demographics
Walter C. Daugherity
o EMI of 'VW'? YES
Rick Cook
o Correction to A330 report
Peter Ladkin
o Re: Promises and "Scary"
Phil Agre
o Laptop Danger for Airplanes
Dan Arias via Martin Howard
o "If Ajax had a good computer system, Peter would still be alive."
Daniel P. B. Smith
o Re: Roller coaster accident -- computer blamed
Clive D.W. Feather
o Re: ACM Crypto Policy Statement
Dave Golber
o Re: Phone records
S. E. Grove
o Re: Signatures in electronic commerce
Robin Kenny
o Re: Digitized CC Signatures
Mark Brader
o Re: Shopping Risks...
Philip H. Smith III
o Info on RISKS (comp.risks), contributions, subscriptions, FTP, etc.

Inmates con jail computer

Peter Ilieve <>
Tue, 12 Jul 94 13:14:57 BST
     There was a piece under the above headline in the Times (a UK quality paper)
     on 5 July. The byline is Adam Fresco.
     `Prisoners at a top security jail beat an expensive security system using a
     mirror and a piece of wire to join each other in late-night card games.
     Inmates at Albany prison on the Isle of Wight had been roaming around at night
     for weeks, unknown to staff.
     `The sophisticated computerised security system was designed to end slopping
     out by allowing one prisoner at a time from each landing to go to the toilet
     during the night. [Sanitation is not the UK prison system's strong point,
     prisoners usually have to make do with a bucket in the corner of the cell,
     even if there are 2 or 3 people in the cell.  Buckets are `slopped out' into a
     drain in the morning. PJI] By pressing a button in his cell, a prisoner was
     allowed out for a certain amount of time. When he returned he was supposed to
     punch in a number which would appear on a console inside his cell and the door
     would lock.  The computer would then let the next inmate out.
     `However, the prisoners were staying outside their cells, shutting the door
     and threading a wire though the hinge to tap in the required number, which
     they could see through the mirror, set up before they closed the door. The
     computer, thinking the prisoner was back in his cell, would let the next
     person out.
     `The prisoners were found out when they made too much noise one night.  An
     astonished guard discovered three of them in one cell playing cards.
     `Max Morrison, the governor, has started an enquiry into the incidents and has
     turned off the system, which has been installed in other prisons around the
     country. A Home Office [the government department responsible PJI] spokesman
     declined to comment on the cost of the equipment, which was installed a few
     months ago, but confirmed that the computer system had been suspended and
     alternative sanitation arrangements introduced.'
     Peter Ilieve

Administration Buys Off EES Patent Holder (fwd)

Stanton McCandlish <>
Tue, 12 Jul 1994 17:52:21 -0400 (EDT)
     Date: Mon, 11 Jul 1994 14:53:56 -0700
     From: "Brock N. Meeks" <
     Subject: White House Pays
     CyberWire Dispatch // Copyright (c) 1994 // July 11 //
     Jacking in from the "Blank Check" Port [begins as follows:]
     Washington, DC -- The Administration will today announce it has sidestepped
     the threat of patent infringement lawsuit involving its Escrow Encryption
     System, commonly known as Clipper.  The solution: Toss the original patent
     holder a blank check and buy him off.
       PGN Excerpting: NIST has agreed in principle to license two key patents
       relating to the technical workings of the key escrow system from Silvio
       Macali at MIT, whose patents cover the notion of separate escrowed keys.

New National ID Card Proposal

David Banisar <>
Tue, 12 Jul 1994 20:11:46 -0500
     CBS Evening News just reported that Clinton has "tentatively signed off" on a
     National ID card recommended to him by a commission on immigration reform. The
     ostensible reason for the card is for employment and immigration.  Each card
     will contain a name, photo, mag stripe with info and a "verified SSN." It was
     supported by Senator Alan Simpson of Wyoming, a long-time supporter of ID
     cards. Gov. Pete Wilson of California has apparently offered to make
     California a test-bed for the proposal.  The proposal was opposed by Xavier
     Beccera, a Congressman from California.  A previous effort to impose a
     national ID card was rejected by Congress in 1986.
     EPIC is working with Privacy International to investigate this report. PI has 
     led successful campaigns against national ID cards in Australia, New Zealand, 
     and the Philippines. 
     In Australia, the PI-led campaign led to the dissolution of both houses of the
     federal Parliament in 1987 after hundreds of thousands marched in protest. The
     Australian campaign brought together groups from all parts of the political
     spectrum from the Communist Party to the Libertarian Alliance, farmers and
     conservation groups, rock stars, academics, large businesses such as banks and
     mining corporations, but the overwhelming support came from the public who
     created the biggest civil protest in Australian history.
     David Banisar (  Electronic Privacy Information Center
     666 Penn. Ave, SE #301, Washington, DC 20003 202-544-9240 (v) 202-547-5482 (f)


Phil Agre <>
Tue, 12 Jul 1994 16:25:35 -0700
     The spring issue of the liberal journal "The American Prospect" includes a
     detailed critique of policy simulation programs such as SimCity.  The full
     reference is:
       Paul Starr, Seductions of Sim: Policy as a simulation game, The American
       Prospect 17, Spring 1994, pages 19-29.
     The gist is that the real politics of policy and its implementation are much
     more complicated than the basic framework of such simulations can possibly
     Phil Agre, UCSD

Teletext run amok

"Michael J. Stern" <>
Sat, 9 Jul 1994 16:35:21 -0400
     The following comes from _New Scientist_, 21 May 1994.
     JOHANNA Darlington often watches the news on television with her mother, who
     is deaf and relies on teletext to follow what is broadcast. Darlington has
     discovered that the words spoken by the news-caster and the words on the
     teletext frequently disagree with each other in surprising ways. Over the past
     18 months she has culled a list of teletext "translations", some of which we
     give below. The first words in the list are what the newscaster said, the
     second are the teletext version:
        initially: in Italy
        romantics: Roman tricks
        Europe:    querp
        Liverpool: limp pool
        nutrition: new electrician
        psychologist: sigh ecologist
        semblance: semi ambulance
        succeed:   suck see
        rescue:    regulars cue
        it really: trillion
        his street: history
        ozone:     owe zone
        lesbians:  lez beans
        solves:    as far as
        categoric: cat gurk
     Darlington also reports a long news item about someone called the Princess of
     Whales. She adds, unsurprisingly, that watching the news is sometimes a rather
     baffling experience for her mother. Feedback finds these errors fascinating
     and wonders how they arise. Is a voice-recognising computer involved? Or is
     our old friend the spellchecker running amok again?

"Glyphs" may track your demographics

Walter C. Daugherity < >
Mon, 11 Jul 94 18:38:10 -0500
     EDUPAGE (gopher to cites the 7/10/94 New York Times (Sec.3, p.9):
             A Xerox technology known as glyphs will allow documents to carry
     thousands of characters of information placed unobtrusively in gray background
     patterns. One possible use: "If you see a spreadsheet in an annual report, it
     sits there, lifeless on the paper. But if there was a glyph border that had
     the mathematical model of the spreadsheet, you could scan that into a computer
     and make it come to life." Another possible use would be to encode info about
     the recipient of a direct mail piece or a survey, for ease of processing when
     the document is returned. (End quote from EDUPAGE)
     In that case, I'll be sure to xerox [sic] the anonymous survey form 
     at a "light" setting to keep from telling them who I am.
     Walter C. Daugherity, Dept. of Computer Science, Texas A & M University
     College Station,TX 77843-3112  uunet!!daugher

EMI of 'VW'? YES

Sun, 10 Jul 1994 05:03:31 -0400 (EDT)
     VWs of a certain vintage are indeed subject to EMI. This is a known
     'bug' (so to speak) and is mentioned, I believe, in the later editions
     of "How To Keep Your Volkswagen Alive For The Complete Idiot" -- the
     standard reference for VW shade tree mechanics.
     The confusion arises from two things. First, it was not the 1963 models
     which were affected. The '63s had a thoroughly conventional ignition and
     fuel system. (I have owned two of them). Second, I don't think it was
     the fuel pump per se that was the problem.
     The problem comes in the later models fitted with the Bosch fuel injection
     system, one of the most misbegotten pieces of crap ever hung on an
     automobile. This used electronically operated injectors controlled by
     an on-board computer. Unfortunately the Bosch implementation as found
     on the 1969 or so VWs was not well designed, to put it mildly. Not only
     was it subject to EMI, but I am told it also had no way to adjust for
     the changing resistance of the wires as they aged. Meaning the thing
     would get flaky as it aged and there was nothing you could do about it.
     The standard advice on getting a bug or squareback with Bosch fuel injection
     was to discard the system and replace it with carburetors.  As as result I've
     never had much dealings with the system personally -- except for pulling it.
     --Rick Cook

Correction to my RISKS-16.22 account of the A330 report

Peter Ladkin <>
Mon, 11 Jul 1994 19:42:23 +0200
     In my partial translation of the article from Air et Cosmos 11-24 Juillet
     concerning the A330 crash on 30 June, I translated `assiette' as `angle of
     attack', or `AoA'. Mea culpa. `Assiette' means `pitch', the angle that the
     airplane makes to the horizontal (`incidence' is `angle of attack'). The
     difference is important. Goodness knows what caused me to write that. The
     mistake may be rectified by replacing all occurrences of `AoA' (except only in
     the parentheses in which I comment on `incidence') by `pitch'.
     An autopilot can effectively command pitch, but not effectively angle of
     attack. Whether an aircraft stalls or not depends on the angle of attack.  The
     two concepts are related via angle of climb.  Roughly, 
     angle of climb = pitch - angle of attack.
     Other vocabulary omitted from my article for US residents and non-pilots: QNH
     is indicated altitude above sea level with the altimeter set to mean pressure
     at sea level for that day/time (as given by Flight Control). QFE is indicated
     altitude above highest elevation of the field with the altimeter set to
     airport measured pressure. So 460mQFE = approximately 460m above the airport
     surface's highest point.
     Peter Ladkin

Re: Promises and "Scary"

Phil Agre <>
Fri, 8 Jul 1994 15:51:25 -0700
     In RISKS-16.21, Peter Denning <> asks why I find it scary that
     politicians might use individually targeted communications to make
     personalized promises based on information from demographic databases.  He
     considers that contradictory promises would be exposed through public bulletin
     boards.  This is conceivable, but it's not something I'd want to bet the
     future of democracy on.  Nobody would be stupid enough to make clearly
     contradictory promises to different people.  Rather, extrapolating some
     current practices, they would find out the "hot button" themes for particular
     segments of the electorate and tailor strongly worded but vague statements for
     each group, based on its particular themes.
     (Right now the most common way to find out the "hot button" themes is to call
     people on the phone and ask them under the guise of poll-taking.  If someone
     doesn't have any buttons you can press, you simply say "thank you" and leave
     them out of your get-out-the-vote plans.  The expense of this method limits
     its application, but once the data collected this way is pooled, stored, and
     merged with other available databases, the costs should come way down.)
     When analyzing the pathologies of electoral systems, I think it's a big
     mistake to focus on "politicians".  It's a system with a logic, and changing
     the faces won't change the logic.  Quite the contrary, term limits (which PD
     says he supports) will intensify the role of money and campaign experts, since
     candidates will be even more unknown to voters on average than before.  (For
     those outside the US, the US is currently experiencing a wave of plebiscites,
     promoted by a far right-wing organization, limiting political candidates to
     one or two terms of office.)
     The computer-related Risk here pertains to the construction of the sphere of
     public debate.  When public debate is conducted through a common medium, such
     as the newspaper, there exists at least a *chance* that public decisions that
     affect everyone equally will be made by the citizenry reasoning together as a
     group.  But when every campaign has a separate channel to every voter, the
     whole notion of a public goes out the window, replaced by fragmentary
     micropublics who know they're being manipulated but cannot do anything about
     it without investing enormous effort in organizing.  If computer networks
     facilitate that organizing then that's terrific, but first we need to achieve
     something much more like universal access to them.
     Phil Agre, UCSD

Laptop Danger for Airplanes

11 Jul 1994 17:49:31 +0800
     From: Martin Howard, Hong Kong
     Reposted from comp.protocols.ibmpc.tcp-ip
     Subject: Laptops and Airplanes Not Recommended
     Date: Thu, 7 Jul 1994 23:01:59 GMT
     Here's something to think about for anyone who's considering using their
     laptop computer, cellular phone, or radio on an airplane.
     Non-pilots should be aware that a course deviation of plus or minus 10 degrees
     is the maximum tolerance for an approach to landing using instruments, e.g.,
     in clouds or bad weather.  In general flying more than 10 degrees off course
     is considered "flying all over the sky."
     This excerpt is reproduced from "Callback" which is a safety bulletin for
     pilots derived from the reports of pilots, controllers, and other aviation
     personnel to NASA's Aviation Safety Reporting System. ASRS is a research
     organization and not a regulatory organization such as the Federal Aviation
     Administration nor an oversight organization such as the National
     Transportation Safety Board.
     --Dan Arias, Cupertino, CA
     Callback, Number 180, May 1994
     A Monthly Safety Bulletin from The Office of the NASA Aviation Safety
     Reporting System, P.O. Box 189, Moffet Field, CA 94035-0189
     Flight Interference
     More than 40 reports submitted to ASRS over the last few years indicate that
     in-flight operation of personal electronic devices by passengers may be a
     factor in aircraft track deviations, communications problems, and other
     incidents.  While some crews are quick to pick up on the possibility of
     electronic interference, others find these events initially difficult to
     detect.  More from this ASRS report:
     * After takeoff, we were given a turn direct to the fix.  The ONS (Omega
     Navigation System) checked good on the ground and was used to turn towards
     fix.  The heading seemed good, cross-checking with the VOR.  There was a
     strong crosswind from the northwest which made determining a quick fix-to-fix
     on the VOR only a rough estimate...  Center gave us about a 20 to 30 degree
     correction to the right or north of course to intercept...  We then noticed an
     intermittent "DR" [Ded Reckoning] light on the Omega... Jet route was
     intercepted and VOR track was annunciated on our FMA [Flight Management
     Annunciator].  We appeared to be tracking Jet route outbound when Center gave
     us about a 20 to 30 degree turn to the north, saying it was "a vector for
     climb."  We were now around 25,000-27,000 feet.  The VOR fluctuated 30 to 40
     degrees again, settled down, and we appeared to be south of course.  Upon
     intercepting Jet route, Center gave us a left turn of 10-20 degrees and said
     we were established on Jet route and to continue our flight planned course...
     [This] was a surprise to us since we had not been apprised we were off course
     After level-off, the Captain went back through the cabin and found a portable
     radio with headset in use.  A cellular phone was also found on, although its
     owner claimed it had not been used.  We believe the VOR fluctuations and
     navigation problems could have been caused by these items...  Several
     passenger announcements were made explaining the importance of leaving these
     items off as well as the required announcements concerning electrical items.
     Loss of EFIS and Autonav
     * During climb EFIS [Electronic Flight Instrumentation System] screens blanked
     suddenly, then indicated missed approach fail along with loss of all auto nav
     functions.  We immediately reverted to manual lateral nav and kept the
     aircraft climbing on autopilot while requesting the flight attendants to see
     if any personal electronic devices were in use.  As this aircraft is equipped
     with inertial reference units that were properly aligned at the gate, it was
     very suspicious that a failure occurred.  The flight attendants found 3
     passengers using laptop computers and one listening to a portable radio.  We
     asked that they be turned off and, after reprogramming the FMS [Flight
     Management System], resumed auto nav.  At cruise altitude the laptops were
     allowed to be used... [but] the listener was asked not to use his [radio].
     A serious study needs to be made of the electronic interference problem on
     today's modern fleets in order to resolve the issue of what the newspapers are
     telling the public that they may bring aboard and use in-flight.  The printed
     material on the aircraft does not seem to be effective.  While in this event
     no serious harms was done, the effect could have been different if the
     aircraft was in heavy weather flying a complicated departure or arrival...
     Compass Deflection
     * In cruise flight at FL310 [31,000 feet] 24 NM [nautical miles] west of the
     VOR, the #1 compass suddenly precessed 10 degrees to the right.  I asked the
     First Flight Attendant if any passenger-operated electronic devices were in
     operation in the cabin.  She said that a passenger had just turned on his
     laptop computer.  I asked that the passenger turn off his laptop computer for
     a period of 10 minutes, which he did.  I slaved the #1 compass, and it
     returned to normal operation for the 10-minute period.  I then asked that the
     passenger turn on his computer once again.  The #1 compass immediately
     precessed 8 degrees to the right.  The computer was then turned off for a
     30-minute period during which the #1 compass operation was verified as normal.
     It was very evident to all on the flight deck that the laptop computer
     operation was adversely affecting the operation of the #1 compass.  I believe
     that the operation of all passenger-operated electronic devices should be
     prohibited on airlines until the safe operation of all of these devices can be
     Short Hops
     Turning to a different type of flight interference, here's a report that gives
     new meaning to the expression, "short hop":
     * On a night flight... we had a passenger with a massive bladder attack and
     poor timing.  Traffic was stacked up and we had a 20-minute delay in taking
     off.  We were cleared into position on the runway behind landing traffic and
     prepared for an immediate takeoff ahead of traffic on a two-mile final
     approach.  We had signaled the flight attendants (F/As) that we were taking
     the active runway when a passenger bolted out of his seat and headed into the
     lavatory.  The flight attendant asked him to return to his seat.  He ignored
     her request.  She then demanded he be seated.  He still ignored her command.
     She promptly called the lead F/A who called us in the cockpit.  We cancelled
     our takeoff clearance and headed for the nearest exit.  It was blocked by
     departing traffic.  We then headed 2,000 feet down the runway to the next
     turnoff.  Traffic on final approach was closing in on our tail as we departed
     the runway, an aircraft whizzing past our tail with precious few feet to
     spare.  It was the quick thinking and timing of our flight attendant that
     allowed me the time to clear the runway...
       Uptown 411 Online Information Exchange

"If Ajax had a good computer system, Peter would still be alive."

"Daniel P. B. Smith" <>
Mon, 11 Jul 1994 19:41:53 -0400 (EDT)
     OK, it's fictional.  I don't know if it's interesting to the RISKS readership
     or not, but it caught _my_ eye.  (Someone else can figure out whether
     it actually indicates some kind of actual RISK).
     from Sara Paretsky's mystery novel, "Indemnity Only," copyright 1982,
     chapter 15, p. 206 in the Dell 1990 reprint:
     "'... one of the things they asked him to do was check records of claim drafts
     against claim files--see if they matched, you know.  Did Joe Blow get fifteen
     thousand dollars when his file shows he should only have gotten twenty
     thousand dollars.  That kind of thing.  They had a computer program that did
     it, but they thought there was something wrong with the program, so they
     wanted Peter to do a manual check....  You know, if Ajax had a good computer
     system, Peter would still be alive.  I think of that sometimes, too, and it
     makes me want to shoot all their programmers.'"
     Daniel P. B. Smith

Re: Roller coaster accident -- computer blamed (RISKS-16.22)

"Clive D.W. Feather" <>
Mon, 11 Jul 1994 14:58:38 +0100 (BST)
     I heard an item about this on the radio last week. According to this item, the
     roller coaster is of a standard design: trains are hauled up to the high
     point, and then run free under gravity without brakes until they approach the
     station. On the approaches to the station are several more braking units -
     movable clamps which grip the train wheels to slow it down. The system should
     stop each train just behind the previous one.  The various stopping points are
     called "berths" in railway terminology.
     The problem appears to be that there was one train in the station, and a
     second waiting to enter. The third train was braked so as to stop in the berth
     nearest the station (occupied by the second train), rather than the previous
     (empty) berth.
     Clive D.W. Feather, Santa Cruz Operation, Croxley Centre, Hatters Lane, Watford
     WD1 8YN, UK   Phone: +44 923 816 344  Fax:   +44 923 210 352 

Re: ACM Crypto Policy Statement (van Zuurens, RISKS-16.22)

Dave Golber < >
Mon, 11 Jul 1994 09:09:19 -0700
     You claim that there is no reason for the police stopping a vehicle to 
     know the registered address of the vehicle or the driver?
        "Officer, I was just going out to buy some groceries."
        "But why do you shop for groceries 150 miles from your home?"
     Sounds pretty believable to me.
     I think this is more than just me being picky.  Rather than me trying to
     explain why, just ask yourself, Dear Reader: Why did you first read Mr van
     Zuuren's statement as being reasonable?  What does that tell you about your
     own prejudices?
     Dave Golber

Re: Phone records (Weinstein, RISKS-16.20)

S. E. Grove < >
Wed, 13 Jul 1994 13:11:16 GMT
     As I remember it the giving of information to vendors of telecomunication
     services is normal if you don't state you want it private. The reason is the
     local telephone company already has the information as a part of its service,
     and if they don't share it with their competitors, it gives them an unfair
     advantage. It is all part of trying to open the telephone utilities to
     competition in as fair as possible way.
     Stephen Grove  Comm. Tech. ESS Pacific Bell	segrove@pbhya.PacBell.COM

Re: Signatures in electronic commerce (Kabay/Wright, RISKS-16.21)

Robin Kenny <>
Mon, 11 Jul 94 9:54:09 EST
     In RISKS DIGEST 16.21, Benjamin Wright was quoted:
        You can write e-mail and make it appear to come from someone
        else.  You can easily send e-mail from an address opened under a
        false name.  But just as you can send fake e-mail, so you can send
        fake letters, telegrams, telexes, and faxes.
     Small error. Telegrams in Australia have a copy made by the communications
     authority that is kept on file for six (?seven) years. I think that is part 
     of the Berne convention. Other countries' communications companies would 
     also keep copies - expressly for legal verification. 
     I believe the same is true of Telex.
     *Also in Australia a FAX is legally binding, as is a VERBAL AGREEMENT OVER THE
     TELEPHONE. (You merely have to "believe you are talking to a company officer"
     even if the other party is actually not authorised to negotiate - like the
     cleaning staff answering the Sales department phones at night)
     Robin Kenny -           

Re: Digitized CC Signatures (Richards, RISKS-16.21)

Mark Brader < >
Fri, 8 Jul 1994 04:40:50 -0400
     > ... I'm not especially thrilled of the notion that someone can have a
     > digitized version of my signature.
     Neither would I be, but let's be fair: if they have your signature in
     traditional form, there's nothing to stop them from using a scanner on it.
     Mark Brader,             "Remember that computers are very,
     SoftQuad Inc., Toronto               very fast..."          -- Steve Summit

Previous Issue Index Next Issue Info Searching Submit Article

Report problems with the web pages to
This page was copied from:
Last modification on 1999-06-15
by Michael Blume