[mod.risks] RISKS-3.48

RISKS@CSL.SRI.COM (RISKS FORUM, Peter G. Neumann -- Coordinator) (09/03/86)

RISKS-LIST: RISKS-FORUM Digest,  Tuesday, 2 September 1986  Volume 3 : Issue 48

           FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS 
   ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Contents:
  Aeromexico Crash (UPI via PGN)
  Air Force puts secrets up for sale (Peter G. Neumann) 
  Randi, Popoff, and Data Privacy Laws (Phil Karn via Geoff Goodfellow)
  Flight Simulators Have Faults (Gary Whisenhunt)
  On-Line with Taco Bell Telephone (John Mulhollen)
  Titanic photo expedition (Lindsay F. Marshall)
  New Zealand $1 million deposit (Dave Sherman)
  Examination Processing Error (Joe Stoy)

The RISKS Forum is moderated.  Contributions should be relevant, sound, in good
taste, objective, coherent, concise, nonrepetitious.  Diversity is welcome. 
(Contributions to RISKS@CSL.SRI.COM, Requests to RISKS-Request@CSL.SRI.COM)
  (Back issues Vol i Issue j available in CSL.SRI.COM:<RISKS>RISKS-i.j.
  Summary Contents in MAXj for each i; Vol 1: RISKS-1.46; Vol 2: RISKS-2.57.)

----------------------------------------------------------------------

Date: Tue 2 Sep 86 09:59:20-PDT
From: Peter G. Neumann <Neumann@CSL.SRI.COM>
Subject: Aeromexico Crash
To: RISKS@CSL.SRI.COM

The New York Times news summary, Tuesday, 2 Sept 1986, had this item
on the LA plane crash.

      New York - The California plane collision Sunday occurred in a
  government-established restricted zone where the private plane that was
  destroyed in the collision with an Aeromexico DC-9 was not authorized
  to fly, the Federal Aviation Administration said.  An FAA spokesman also
  said the controller guiding the DC-9 could not have radioed warnings to
  avert the collision because ''as far as we can determine'' no radar
  blip designating the small plane appeared on his scope.  The controller
  did not know of the small plane's existence, the spokesman said.

A SF Chron report on the same day indicated that the controller in question
was distracted by the pilot of another private plane, with whom he was
having a two-minute interaction -- during which time the crash occurred.

PBS added several more pieces to the puzzle.  The pilot of the private plane
(a Piper Archer) apparently had had a heart attack just before the crash.
The private plane did indeed appear on the controller's radar after all.
However, it was not equipped with an altitude-measuring transponder, so the
controller had no idea whether or not there was any danger.

The death toll is 64 on the jetliner, 3 on the Piper PA-28, and at least
18 on the ground.

------------------------------

Date: Tue 2 Sep 86 16:00:31-PDT
From: Peter G. Neumann <Neumann@CSL.SRI.COM>
Subject: Air Force puts secrets up for sale
To: RISKS@CSL.SRI.COM

Fred Ostapik went off to Ashland, Oregon, for some Shakespeare plays, and
brought back this clipping from the local Ashland paper of 23 August 1986:

              Audit: Air Force put secrets up for sale

  Washington (UPI) -- A military audit, examining the latest lapse in
Pentagon security, says the Air Force inadvertently allowed computer tapes
containing ``sensitive, unclassified'' data to be auctioned off to the
public.
  The Air Force Audit Agency found more than 1,200 magnetic tapes
containing the data -- dealing with launch times, aircraft tests,
and launch and aircraft vehicles -- available for public purchase at
three key bases...
  Auditors said they found 1,980 analog tapes available for purchase, 64
percent of which had not been erased and contained sensitive unclassified
data.  Five of the seven installations checked had inadvertently made secret
tapes available to the public.

------------------------------

Mail-From: GEOFF created at  2-Sep-86 12:16:02
From: Phil Karn <karn@ka9q.bellcore.COM>
Subject: Randi, Popoff, and Data Privacy Laws
Date: 31 Aug 86 02:29:11 GMT
Organization: Bell Communications Research, Inc
ReSent-To: RISKS@CSL.SRI.COM
Original-Subject: I wonder if the Congress considered this one

I picked up a copy of the magazine "Free Inquiry" at the bookstore today.
The cover article was written by James Randi (the magician who debunks lots
of ESP frauds). In fact, the magazine seems to be run by the same folks who
do the Skeptical Inquirer, but is slanted more towards religious debunking.

Randi's article was titled "Peter Popoff Reaches Heaven via 39.17
Megahertz".  Popoff is one of the most notorious TV faith healers.  Randi's
group went to the shows and noticed that Popoff wore a hearing aid. Then
they got a scanner and quickly found the frequency his wife was using to
tell him the names and ills of people whom she had pumped for information
before the show.

Now ponder the fact that the proposed Communications Privacy Act now pending
in the US Senate would have made this expose' illegal.  The conversation was
meant to be private, and Popoff certainly would have objected to its
interception.

Could there be a connection here? Hmm......
                                                    Phil

------------------------------

Date: Tue, 2 Sep 86 10:35:47 cdt
From: Gary Whisenhunt <gwhisen%ccvaxa@GSWD-VMS.ARPA>
To: RISKS@CSL.SRI.COM
Subject: Flight Simulators Have Faults

    I developed flight simulators for over 7 years and could describe many such
bizarre incidents.  I seriously doubt that the sky went blank in the B-1
simulator when it was delivered to the government.  Military simulators have
formal acceptance tests that last for months.  The last one that I worked on
had a test procedure over 12 inches thick.  To point out a failure during
testing (or more likely development) seems meaningless.  Failures that make
it into the actual product are what should be of concern.
    Most flight simulators procured by the Air Force and the Navy require
Mil-Std 1644 or Mil-Std 1679 to be followed when developing software.  These
standards detail how software is to be developed and tested.  The standards
are fairly strict and exhaustive.  This is to ensure product correctness 
even if it incurrs greater costs.  It would be interesting study for a 
class in Software Engineering.
    The greatest risks that I see from flight simulators (especially
military) is that the simulator often lags behind the aircraft in
functionality by a year or 2.  Simulators require design data to be frozen
at a certain date so that the simulator can be designed using consistent,
tested data.  After 2 years of development, the aircraft may have changed
functionaly (sometimes in subtle ways) from the simulator design.  The
effect is much more dramatic for newer aircraft than it is for more
established ones.  The simulator is upgraded, but during the upgrade period
pilots train on a simulator that is mildly different from their aircraft.
    As for the effectiveness of simulators, I've been told by more than one
pilot that the simulator saved his life because he was able to practice
malfunction conditions in the simulator that prepared him for a real emergency
that occurred later.

Gary Whisenhunt
Gould Computer Systems Division
Urbana, Ill.

    [I thought that by now these simulators were designed so that they could
     be driven by the same software that is used in the live aircraft -- a
     change in one place would be reflected by the same change in the other,
     although changing the application code without having to modify the
     simulator itself.  Maybe not...  PGN]

------------------------------

Date: Mon 1 Sep 86 22:32:00-PDT
From: John Mulhollen <JOHNM@USC-ECLC.ARPA>
Subject: On-Line with Taco Bell Telephone
To: Neumann@CSL.SRI.COM
ReSent-To: RISKS@CSL.SRI.COM

It seems that more and more fast food places are switching from the
old-fashioned cash register to computerized ones that enable management to
get reports on how many burgers we sold today between 10pm and 11pm, the
average number of tacos per patron, or how many french fries were wasted.
        [Results are automatically telecommunicated back to headquarters.  PGN]
However, along with the capability for better-informed management, the
capability for unbelievable confusion also increases. Case in point -- our
local Taco Bell has been "computerized" for almost 9 months now (equipment
from Par Microsystems in NY) and patrons and employees alike have become
accustomed to not getting receipts, and other quirks. Last week, the
computer "locked up" (their term) just as I arrived. It was also just before
the noon rush. The employees behind the counter did not know what to do. Do
we take orders (on paper) and wait for the machine to come back up? Do we
tell the customers to go away? It appears that with all this wonderful
automation, the employees were incapable of 1) figuring out what to do;
2) taking orders without the computer; and 3) figuring out not only the total
due for each patron, but the amount of change to return!!

	When I was working my way through school, I did a brief stint at a
local taco joint. We had an "old-fashioned" cash register (it didn't even 
compute the change -- how backward can you get!!) and we did just fine. When 
it didn't work, we just used a pad of paper (we knew all the prices and such).

	Apparently one of the risks to society of the increasingly wide-spread
use of computers is the possibility of losing the ability to think and reason.

JohnM

------------------------------

From: "Lindsay F. Marshall" <lindsay%cheviot.newcastle.ac.uk@Cs.Ucl.AC.UK>
Date: Mon, 1 Sep 86 09:10:44 gmt
To: risks@csl.sri.com
Subject: Titanic photo expedition

There was a program last night on ITV about the Woods Hole expedition to the
Titanic. During the first dive, the program that was being used to help
locate the ship "developed a mind of its own" and the people on the support
ship had to guess headings for the sub to follow. Does any one have
information on this??
                                        	Lindsay

------------------------------

From: mnetor!lsuc!dave@seismo.CSS.GOV
Date: Tue, 2 Sep 86 14:22:27 edt
To: mnetor!seismo!CSL.SRI.COM!RISKS@seismo.CSS.GOV
Subject: New Zealand $1 million deposit (RISKS-3.41)

  >Bank machine is no match for schoolboy with a lollipop
  >
  >  AUCKLAND, New Zealand [UPI] -- A schoolboy outsmarted an automatic
  >bank machine by using the cardboard from a lollipop packet to
  >transfer $1 million New Zealand dollars into his account, bank
  >spokesmen said Thursday.

As the article indicates, this wasn't caught because of delays in
reconciling the physical deposits with the computer records (4 WEEKS?
my bank does it in a day!).

I find it somewhat misleading and irritating that the media choose
to make a big deal about the lollipop packet. Obviously, he could
have fed in an empty envelope just as easily. But "outsmarted ...
by using the cardboard from..."?  I guess this is one of the RISKs
of having reporters who feel they need to make their stories interesting.

Dave Sherman, The Law Society of Upper Canada, Toronto
{ ihnp4!utzoo  seismo!mnetor  utzoo  hcr  decvax!utcsri  } !lsuc!dave

------------------------------

Date:    Mon, 1 Sep 86 13:56:43 GMT
From: Joe Stoy <stoy%sevax.prg.oxford.ac.uk@Cs.Ucl.AC.UK>
To: risks <@Cs.Ucl.AC.UK:risks@csl.sri.com>
Subject: Examination Processing Error

EXAMINATION PROCESSING ERROR

The following is copied (without permission) from The Times (London).
(C) TIMES NEWSPAPERS LIMITED 1986.

[Glossary:
O level ("Ordinary level") - an exam. taken by children aged fifteen or so.
A level ("Advanced level") - an exam. taken two years after O level; a
  prerequisite for university entrance.
CSE ("Certificate of Secondary Education") - an exam. for children who are not
  up to O level standard.
GCSE ("General Certificate of Secondary Education") - a forthcoming
  amalgamation of O level and CSE, in preparation for which some boards are
  already setting papers common to both existing exams.]
[[American readers should note that Public School means Private School. PGN]]

[28 August 1986]
COMPUTER MARK STARTS O-LEVEL PANIC
By Lucy Hodges
Education Correspondent

Hundreds of pupils who took a new joint O level/CSE examination in chemistry
received the wrong grade because of a computer error.

It meant that no candidate received more than a grade C, the pass mark at O
level, sending many parents and their offspring into a panic.

Schools were telephoned to be asked if this meant that the pupils involved
would be prevented from doing chemistry at A level next year.  The schools
queried the grades with the boards and the rogue computer program was
discovered.

The examination boards involved are the three GCE boards, Cambridge, Oxford
and Cambridge, Southern Universities Joint, and the two CSE boards, West and
East Midlands.

These five boards are combining to form the Midlands Examining Group for the
new GCSE exam.  As part of their preparation they are running joint
examinations in certain subjects and new computer programs have had to be
set up.

"The boards have to collaborate and with new computer programs we cannot find
out mistakes until something happens," Mr. John Reddaway, secretary of the
Cambridge board, said.

A total of 12,000 students entered for the joint examination in chemistry, of
which 3,800 were awarded a grade C by the computer.  In fact 800 of these
should have been a grade A and 1,000 a grade B, Mr. Reddaway said.

The error appears to have occurred at the offices of the West Midlands CSE
board in Birmingham, which was administering this particular exam.  Mr.
Reddaway said that the mistaken grades had all been rectified.  "I hope schools
and colleges will receive them tomorrow."

Whitgift School in Croydon, a boys' public school which normally gets very
good results, was one of those involved.  It was surprised to find that all its
O-level pupils had been awarded a grade C.

"It was ridiculous in a school like this not to have any grades A or B," Miss
Patricia Dawson-Taylor, the school secretary, said.  "I told the board that we
would be querying them."

Parents of Whitgift boys have been informed by the school that there has been
an error and that some candidates may be upgraded.


[29 August 1986 -- excerpts from the follow-up report]

EXAMS RESULT IS CORRECTED

.... Because of what the Midlands Examining Group described as "a procedural,
rather than a computer error", none of the 12,000 entrants ... was awarded
more than a grade C ...

.... Mr John Reddaway, secretary of the Cambridge board, said that because of
misunderstandings between the five boards, the "hurdle" mark that
distinguishes an A or B grade was not programmed into the computer. ...

[1 September 1986 - Letters to the Editor]

O-LEVEL ERRORS
>From Mr P.D.R. Talbot Willcox

Sir, The case reported in your columns today (August 28) of the computer error
affecting the grades of O-level candidates raises the question whether other
undetected computer errors are resulting in injustice and danger.  The
statement made by the Secretary of the Cambridge Board that "with new computer
programmes [sic] we cannot find out mistakes until something happens" is hardly
reassuring.

The error was sufficiently gross to excite determined questioning by those
most obviously affected.  But one dreads to think what might have happened if
only a smaller number of pupils had been affected.  There are many other
computer applications where errors of this kind would have more serious and
even disastrous implications, not least being medical and criminal records.

Is it not time for a Government enquiry to be held into ways and means of
legislating to ensure that all potentially dangerous programmes are thoroughly
checked before they are used?

Yours faithfully,
P.D.R. TALBOT WILLCOX, Rodwell House,Middlesex St, [London] E1, August 28.

------------------------------

End of RISKS-FORUM Digest
************************
-------