risks@csl.sri.com (RISKS Forum) (10/17/90)
RISKS-LIST: RISKS-FORUM Digest Tuesday 16 October 1990 Volume 10 : Issue 51
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
Contents:
A Schaching Development in Kasparov-Karpov (anonymous)
Software problem contributes to woman's death (Mike Overstreet)
Airliner story (Christopher C. Stacy, Richard Neitzel)
Re: A320s and Northwest Airlines (Craig A. Finseth)
Technophilia-induced problem at Educom? (R. Aminzade)
The RISKS Forum is moderated. Contributions should be relevant, sound, in good
taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome.
CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line
(otherwise they may be ignored). REQUESTS to RISKS-Request@CSL.SRI.COM.
TO FTP VOL i ISSUE j: ftp CRVAX.sri.com<CR>login anonymous<CR>AnyNonNullPW<CR>
CD RISKS:<CR>GET RISKS-i.j<CR>; j is TWO digits. Vol summaries in
risks-i.00 (j=0); "dir risks-*.*<CR>" gives directory; bye logs out.
ALL CONTRIBUTIONS ARE CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY.
The most relevant contributions may appear in the RISKS section of regular
issues of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise.
----------------------------------------------------------------------
Date: Tue, 16 Oct 1990 16:52:53 PDT
From: anonymous
Subject: A Schaching Development
Computer blunders, revealing Kasparov's sealed move
Moscow, 16 october 1990 (tass)
The computer used for the world chess title match between Kasparov and Karpov
accidentally disclosed a move sealed by the reigning champion in the adjourned
third game, Izvestia reports from New York today. Izvestia writes in its
evening issue that Kasparov "moves the king to attack the white rook".
This means the sealed move was 41...kd6.
[Perhaps he was using the Gary Indiana Jones Beach Defense,
and the computer had never seen seals there before. PGN]
------------------------------
Date: Mon, 15 Oct 90 18:22:29 EDT
From: Mike Overstreet <cmo@xanth.cs.odu.edu>
Subject: Software problem contributes to woman's death
The following is taken without permission from the October 14, 1990,
edition of The Virginian-Pilot and The Ledger-Star, Norfolk, VA.
"NORFOLK -- Glitches in the city's new emergency computer system
and a dispatcher's mistake caused rescue workers to take 30 minutes
to get to a 65-year-old heart attack victim in July, according to
city records, and the delay may have been responsible for her death.
"Shortly after 9 p.m. on July 7, Dorothy G. Morris of 8256 Wedgewood
Drive became short of breath and called to her son, Michael, for help.
Michael Morris, who lived with his mother, dialed the 911 emergency
telephone number three time before an ambulance was dispatched. ...
"... City documents show that after Dorothy Morris' death, city officials
tried to pinpoint the cause of the delay. They interviewed dispatchers
and checked call records and tapes of 911 phone calls. They also
interviewed Michael Morris.
"Records indicate that they discovered an internal audit, or `logging,'
program -- designed to track messages through the city's new computer-
aided dispatch system -- had not been installed as promised by the
software vendor, PRC Public Management Services of McLean Va. The
new $760,000 system, called CADMAS, has been on-line since May 1.
"The omission was the latest problem encountered with the system and
with PRC, said Martin Mendelsohn, director of the city's Department
of General Services. He said the problems, which appeared after
CADMAS was installed, included: too much computer down time; difficulties
with a backup computer, which repeatedly failed to kick in automatically
when the first computer crashed; turnovers and conflicts with PRC project
managers; and the missing audit system.
"But the most disturbing problem was the tendency for some message to
disappear after they were entered into CADMAS, city officials and
dispatchers have said. Police have said that messages for detectives
and forensic investigators often disappeared between dispatchers'
shift changes, and that the disappearances are continuing. Mendelsohn
of Friday said he was aware of fewer then five messages that disappeared
between May 1 and July 12, when the audit system was installed.
"Mendelsohn said he was not aware of any disappearances after July 12.
"City officials said that, even after an investigation, they are not
sure what happened to the 911 message typed by the dispatcher when
Michael Morris first called.
"`The logging system would have tracked the message, but ... the logging
system was not operational,' Mendelsohn said. `We could not prove whether
the dispatcher entered the message improperly or whether it was somehow
lost in the system.'
------------------------------
Date: Fri, 12 Oct 90 00:36:36 EDT
From: cstacy@ai.mit.edu (Christopher C. Stacy)
Subject: Airliner story (RISKS-10.49)
Gene Spafford writes about his decision to never again fly on Northwest
airlines, citing that they have just purchased "a bunch of" A320s for domestic
use. (The A320 is a controversial fly-by-wire airplane.)
He forwarded us a "horror story" from his friend Rich Epstein, who appears to
have been badly frightened by an airline experience in which rain leaked into
the airplane and disabled the transponder and auto-pilot computer. In the
story, the airliner departed from Chicago O'Hare enroute to Washington Dulles,
but then has to turn back to O'Hare 15 minutes later because the air traffic
controllers have lost radar contact with the flight. On the way back, the
pilot made an announcement about the airplane having steel control cables,
which Rich interprets as "a reference to the fact that an Airbus would probably
have been disabled completely in a similar circumstance." In conclusion, Rich
describes the further trauma of exiting the airplane at the terminal, having to
pass through a thick sheet of rain, some of which was leaking into the
airplane, which he speculates may not have been docked correctly.
I am very skeptical about the safety of new airplane systems such as
fly-by-wire, and I also wonder about the quality of the maintenence and
procedures of the airlines, especially in light of the recent serious
fines against Eastern.
However, I am not sure that Gene's message or his friend's story sheds
any light on these issues or supports any conclusions about the A320.
The message did not make clear to me exactly what risks Gene finds
unacceptable. The tone of fear and alarm, coupled with a lack of
information about air traffic procedures, may lead to misunderstandings.
I don't have any more information about what happened on that flight
than what I read in the story. However, my interpretation would be a
little bit different.
The radar scopes that the air traffic controllers at O'Hare are watching,
display targets based on both primary returns (the signal bouncing off
the airplane), and secondary returns from the onboard transponder.
The transponder makes detection more reliable, and also transmits such
data as the flight identification number and present altitude.
Radar contact is not a necesary to conduct a flight, even in bad weather.
Radar is not used for navigation, nor is it required for landing.
It does increase safety, and allows greater utilization of the airspace,
since the controllers can track the progress of a plane more directly.
Before the airliner took off, the details of its flight plan were arranged
and airspace was reserved for it. The flight could have been conducted
safely without radar, even if radio communications had been lost.
The auto-pilot computer is not a critical part of the airplane, and
it's loss is not very interesting. It merely means the pilots would
have to actually put their hands on the controls and fly the plane.
The flight was returned to the departure point in order to avoid any
additional problems. The pilot probably declared an emergency for
priority handling because nobody fully understood the extent of the failures.
This accounts for the emergency vehicles at the airport.
Most people have various degrees of fear regarding flying, and knowing
that something has gone wrong with the plane, not understanding any of the
details, being disconcerted about hanging around in the clouds, seeing the
flashing lights of emergency vehicles, not having any control over your
fate, and finallly getting rained on when you disembark your canceled
flight, can all combine to thoroughly upset even a seasoned air traveler.
My alternate interpretation of the pilot's remark about the "stainless
steel" cables, is that he was attempting to calm the passengers by making
a joke about the airplane controls not rusting in the rain.
Maybe Gene is trying to make the analogy that if a computer in a regular
airplane can get rained on and fail, that this would be catastrophic in
a computer-controlled plane like the A320. However, this story does not
support that idea, and it presents nothing particularly relavent to the
safety of the A320, the airplane in the story, or the airline.
Except perhaps to note that an onboard systems failure was easily
handled, and resulted in nothing but inconvenienced passengers.
Any proposed analogy to systems failures on the A320 is far too general
to be very useful, since the A320 and the airplane in the story don't
have the same design or the same kind of computer systems.
------------------------------
Date: 16 Oct 90 14:15:04 GMT
From: thor@thor.atd.ucar.edu (Richard Neitzel)
Subject: Re: Airliner Story (RISKS-10.49)
I find the dissemination of this kind of misinformation troubling, especially
when it apparently comes from a source that should know the correct
information. The aircraft in question was most certainly not "invisible". How
"an Air Force ROTC student" could claim radar requires transponders is beyond
comprehension (so that`s how stealth technology works - turn off the
transponder!). However, what is most disturbing about this is not the apparent
ignorance of a (hopefully) poor student, but the easy accept ence of this
"expert" information by non-experts. Since the original source of this story
allowed one of his friends to forward it to RISKS, it is very likely that many
other channels of communication has been used to speard this story.
Undoubtabley there are now more people who are now even less confident in the
air traffic control system, based on completely erroneous information. It seems
to me that this is a much greater risk then it might appear on simple
reflection. As our society becomes increasingl y technical, it becomes less
possible for each individual to determine if information outside their area of
expertise is correct. Unfortunately, I submit that most "technical" information
that is disseminated is in fact either incorrect or, even worse, deliberately
distorted. Try watching reading your local newspaper or watching TV news
programs and pay close attention to the level of accuracy in technical matters.
A very good example to the current "debate" on the greenhouse effect - people
with a political agenda are attempting to lead the public`s opinion by
selective use of information. Indeed, some "greenhouse backers" have been
candid enough to admit that they do not feel that real evidence of any such
phenomena is required, rather a public perception of a problem is all they
require. Remember the ridicule when then President Reagen said that plants were
the largest contributors of carbon dioxide "polluiton". Well, there is growing
evidence that the rise in CO2 may well be largely due to purely natural
effects caused by plants - a process that man likely cannot alter for good or
ill. But this is not politcally correct science, so it is buried in silence.
And witness the neat trick used in another recent RISKS article about bank
computer security - banks have security problems, they don't want them
discussed, so if they deny there are any this is proof they don't like to
discuss problems (you are mentally ill and the fact that you deny this is proof
that you are mentally ill). It is very likely that most readers of this piece
simply believed the implication that such massive breaches of systems is common
and (for the hacker) simple. Unfortunately, there is no proof of the claims.
Many of these stories have a suspicously similar format and are strikingly like
many of the popular urban myths - no hard evidence, but "I heard from someone
that they heard".
Faced with the pronouncements of experts or those percieved as experts, how can
outsiders make correct decisions, if the experts are supplying false or
misleading information? Perhaps we should all start examining our sources more
critically, but more important, we should make certain that we are not
responseable for spreading misinformation. Are you certain that the person to
whom you just explained a techincal matter outside their field really
understood what you said? Do you pass on as "true", information you only
partially (mis)understand. Above I implied that the ROTC student was to blame
for the mistaken information about radar, but perhaps the listener gleaned that
"fact" when something quite different was said. The wise man speaks only what
he knows is the truth and knows his own ignorance.
Richard Neitzel National Center For Atmospheric Research Box 3000
Boulder, CO 80307-3000 303-497-2057
------------------------------
Date: Tue, 16 Oct 90 09:16:51 -0500
From: "Craig A. Finseth" <fin@unet.unet.umn.edu>
Subject: Re: A320s and Northwest Airlines (RISKS-10.50)
I hate to deflate a good story, but there is another reason why 747-400s are
used on the Minneapolis to Detroit run. The 747-400s are mainly intended for
trans-Pacific use. However, each aircraft that is intended for such
international use must first be operated within the US before it is certified
by the FAA. I believe that the operation is both in total hours and in
takeoffs/landings. Hence, using short runs allows the airplane to accumulate
many takeoffs and landings. In addition, the large capacity of the aircraft
allows better use of the heavily-travelled corridor (I believe that they take
two smaller planes off the run).
Craig A. Finseth, University Networking Services, University of Minnesota
130 Lind Hall, 207 Church St SE Minneapolis MN 55455-0134 +1 612 624 3375
------------------------------
Date: Tue, 16 Oct 90 13:55:32 EDT
From: r.aminzade@lynx.northeastern.edu
Subject: Technophilia-induced problem at Educom?
Today's EDUCOM keynote speech, by former President Jimmy Carter was
open-captioned for the hearing impaired. The big-video display in the
auditorium showed a textual representation of the speech as Carter spoke. This
was provided by "11-Alive," an Atlanta television station.
The system must have used some kind of voice-recognition algorithm, because no
human typist that I know could have kept up with the speaker at times. The
weakness of the voice-recognition system was made painfully obvious to
attendees, when those with the ability to hear the presentation noticed
substitutions like:
"man well" noriega, "wak dem iks" for academics, "oath yope yam" for Ethiopia,
"Jap neens" for Japanese, "My Robe by" N Nairobi for "Ken Yeah" for Kenya,
"Home Jean yes" for homogeneous.
Carter's speech was thoughtful and moving (he talked about academia's moral
responsibilities to the third world), but the seriousness of the speech was
undercut by the occasional giggle from the audience.
Later in the speech, human control seemed to be asserted a bit more, and
"another country" was frequently substituted for the name of a third-world
country, but Carter must have been most puzzled when he explained that the
Carter Foundation was nonpartisan, and that "Prominent Republicans" worked
closely with him on every major project. It was presented to the
hearing-impaired (and to the rest of us) as "Prominent Rubble Cans." Of
course, the audience broke into laughter, and I suspect he still doesn't know
why.
I'm a strong supporter for appropriate adaptive technology, but a low-tech
solution (an ASL interpreter) would have been less distracting and reached many
(though not all) of the hearing-impaired.
------------------------------
End of RISKS-FORUM Digest 10.51
************************