risks@CSL.SRI.COM (RISKS Forum) (11/18/89)
RISKS-LIST: RISKS-FORUM Digest Friday 17 November 1989 Volume 9 : Issue 44
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
Contents:
More on BART's new computer system (PGN)
Computer misdirects phone calls for TV programme (Olivier Crepin-Leblond)
Murphy's Law Meets the Navy (PGN)
Unwanted Credit (Stuart Bell)
Saskatchewan shuts down translation project (Peter Jones)
Re: Another intrusive database with associated privacy problems
(Brinton Cooper)
Re: Are you sure you declared ALL your dividends? (Jim Frost)
Re: L.A. Times "computer" problems [anonymous]
The RISKS Forum is moderated. Contributions should be relevant, sound, in good
taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome.
CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line
(otherwise they may be ignored). REQUESTS to RISKS-Request@CSL.SRI.COM.
TO FTP VOL i ISSUE j: ftp CRVAX.sri.com<CR>login anonymous<CR>AnyNonNullPW<CR>
cd sys$user2:[risks]<CR>get risks-i.j . Vol summaries now in risks-i.0 (j=0)
----------------------------------------------------------------------
Date: Fri, 17 Nov 1989 10:13:21 PST
From: "Peter G. Neumann" <neumann@csl.sri.com>
Subject: More on BART's new computer system
Last Saturday's San Francisco Chronicle article by Harre Demoro (summarized in
RISKS-9.41) concerning BART computer troubles was apparently based on a partial
simulation with only 10 trains and with intentional performance degradation
resulting from the presence of trace software being used during a
special-purpose test. That data was extrapolated to give the cited numbers.
Also, the intended maxium number of trains was given incorrectly, and should
have been 74 instead of 108. Thus, it appears that the article should be taken
with a grain of salt.
The first real test to measure performance was conducted for eight hours,
ending last Saturday morning -- after the article appeared. Dr. Norman
Zachary, President of Logica Data Architects Inc. (the Logica subsidiary
responsible for the BART software), said on 15 November that "The results of
the performance test conclusively show that Logica's system meets BART's
specifications, including the ability to operate 74 trains automatically. We
currently estimate we are very close to delivery of the system." (BART
currently operates no more than 45 trains, but intends to go to 74 as part of
its capacity expansion program.)
This update is based on several phone calls with BART and Logica people.
Stay tuned for any later developments. Peter
------------------------------
Date: Thu, 16 NOV 89 13:44:29 GMT
From: Olivier Crepin-Leblond <zdee699@elm.cc.kcl.ac.uk>
Subject: Computer misdirects phone calls for TV programme
Cricket is our equivalent of baseball in England.
Taken from ORACLE Teletext TV News Service, 2:00am, 16 NOV 89
"Yorkshire cricket fans were hit for six [ that's six runs... - OCL ] when they
were invited to take part in a Yorkshire TV phone-in and received sex advice
instead. After a programme called `What's to do about Yorkshire Cricket',
viewers were invited to ring a special number to give their opinions. But when
they dialled, they heard a recorded message from `Barbara' about sexual
problems.
British Telecom (BT) blamed a computer fault... "
No comment.
Olivier Crepin-Leblond, Computer Systems & Electronics,
Electrical & Electronic Eng., King's College London, UK.
[Also noted by Tim Steele <tjfs@tadtec.uucp> ]
------------------------------
Date: Wed, 15 Nov 1989 18:27:43 PST
From: "Peter G. Neumann" <neumann@csl.sri.com>
Subject: Murphy's Law Meets the Navy
The Navy has an elaborate safety program that includes extensive concern for
safety in software-controlled systems. Unfortunately there is an apparent gap
between the intent and the execution. (It will be interesting to see how much
the Navy's two-day reorientation period designed to increase awareness actually
helps.) For the record, here is a summary of the past weeks. It may be worth
noting that none of this run of problems seems to have been blamed on computers
(as far as I know), but then most of our so-called "computer problems" are
people problems anyway, irrespective of where the blame is placed.
29 Oct. Pilot's first-ever carrier landing kills 5 on carrier Lexington.
30 Oct. FA-18 pilot drops 500-pound bomb on guided missile cruiser Reeves;
5 injured.
31 Oct. Wave washes 3 sailors overboard on carrier Eisenhower;
2 rescued; several dozen missiles lost.
31 Oct. 12-foot swells on carrier Vinson, sailor swept overboard, lost.
1 Nov. Boiler room fire on oiler Monongahela, 9 suffer smoke inhalation.
9 Nov. A-7E Corsair 2 crashes into apartment complex in Smyrna GA.
2 killed, 4 injured.
11 Nov. Destroyer Kinkaid collides with merchant ship.
1 sailor killed, 5 injured.
11 Nov. Two A-6 attack bombers dropped bombs near a capsite. One injured.
14 Nov. Amphibious assault ship Inchon catches fire in Norfolk, 31 injured.
14 Nov. F-14 Tomcat fighter crashes at sea, FL training flight, no injuries.
(Source: San Francisco Chronicle, 15 November 1989, p. A4)
------------------------------
Date: Thursday, 16 Nov 1989 14:25:58 EST
From: stu@mwvm.mitre.org (Stuart Bell)
Subject: Unwanted Credit
Several months ago, an alcoholic relative applied for a credit card in his and
my name - without my authorization. Eventually he began drinking and failed
to intercept the bill when it arrived at my home. I immediately called the
800 number, cancelled the card and followed up with a registered letter.
Now the problems begin.
They sent me a follow up letter that indicated the balance had grown from
$1200 when I cancelled the letter to somewhat over $2000. I called them and
was informed that their computer was unable to cancel credit cards and was not
programmed to refuse charges.
In the registered letter that followed, I informed them that I would pay the
original $1200 - even though both they and I agreed I was not responsible for
this money. I declined to pay any further charges and told them there was no
chance to recover the money from by relative - he was in a rehab center with
no income.
They responded by encouraging him to declare bankruptcy - since that was the
only entry their computer would accept to cancel a credit card. Amazed, I
tried to explain to them about fair credit laws and such (I am not a lawyer
but the concept isn't too difficult to understand). Eventually they agreed
that neither he or I was responsible for the charges - but they still couldn't
cancel the credit card - only put it in a warning bulletin in case someone
bothered to look it up.
About the time the bill reached $3000, they sent him a supply of pre-
authorized checks to write against his credit limit. Another phone call
prompted the response that neither he or I was responsible for any charges
incurred by writing these checks - but their computer has no way to stop
sending these out once we are entered into the database.
Eventually, the supervisor I spoke with began to understand the social
responsibility of not giving unlimited funds to a drunk - was very sorry - but
had no way to instruct the computer to stop sending out the credit cards
(presumably he will get a new one when the current one expires) and the checks.
I sent a registered letter to the president of the bank offering some
computing consulting to help fix their computer systems.
Any takers if he replies? The letter was acknowledged by receipt - but has
caused no action from the bank. /Stu Bell
MS=NASA (713) 333-0906 STU%MWVM.MITRE.ORG
------------------------------
Date: Fri, 17 Nov 89 08:13:19 EST
From: Peter Jones <MAINT@UQAM.bitnet>
Subject: Saskatchewan shuts down translation project
According to a national newscast by the CBC at 7:00 EST, the Saskatchewan
provincial government has decided to abandon the project to translate its laws
into French using a computer system. This system was supplied by Guy Montpetit,
who was also involved in LOGO Systems here in Montreal. The NDP opposition
party had been criticizing the government for not checking into Mr. Montpetit's
track record. (See "Gigatext Translation Services Inc. scandal" by Bhota San
in RISKS-8.84 for a lengthy report on this project.)
Peter Jones MAINT@UQAM (514)-987-3542
------------------------------
Date: Thu, 16 Nov 89 13:56:08 EST
From: Brinton Cooper <abc@BRL.MIL>
Subject: Re: Another intrusive database with associated privacy problems
Bill Gorman writes about "a treaty to detect and combat tax evasions on both
countries. By means of this treaty both nations will have access to
information concerning the income of mexicans living in the States and of
northamericans living in Mexico."
It may be even worse than inter-governmental data sharing. More and more
governmental functions are now being performed by contractors. (By using
contractors, the US Government doesn't incur "entitlement" expenses such as
pensions, injury/accident compensation, unemployment insurance, etc.) So, not
only would the Mexican government have your tax history, but so would some
contractor such as TRW or another "data basing" corporation that may already
have access to your medical and credit histories. The possibilities are
boundless.
Brint
------------------------------
Date: Thu, 16 Nov 89 18:10:52 GMT
From: madd@world.std.com (jim frost)
Subject: Re: Are you sure you declared ALL your dividends?
On a similar note (Jones, RISKS-9.43), a few years back I wrote a system to be
used by a bank to do electronic submission of 1099 forms (and some other
similar forms). Shortly after submitting the forms, the bank received a letter
from the IRS stating that the submission contained errors, each of which was
fined, to a total of $65,000. The bank was upset.
The error was that I left the "alpha" field, which is supposed to be the
taxpayer's last name, blank for businesses (it's kind of hard to determine the
last name of businesses). This was exactly what the documentation said you
were supposed to do if you couldn't determine the correct field value.
Apparently they didn't tell their DP department that...
jim frost, software tool & die
------------------------------
Date: Wed, 15 Nov 89 18:48:00 [X]ST
From: [anonymous]
Subject: Re: L.A. Times "computer" problems
Actually, since the database showed that the subscriber was only supposed
to be receiving the Sunday edition, it is most probably the case that the
daily deliveries were the result of a "lazy" newspaper delivery person,
not the computers.
It is quite common for these folks, especially in metro areas where they
drive by and throw papers rapidly at many houses, to not want to bother
differentiating between people with different types of subscriptions.
So instead of paying attention to the computer generated lists of who
should get what, they just throw a paper at every house that EVER gets
a paper, regardless of the list.
Sometimes it's even worse than that. For years we received our metro
paper every day, without fail, even though we didn't have ANY
subscription to the paper and called numerous times to try stop it.
We weren't on any subscription lists. Apparently the delivery folks
found it easier to just throw a paper at every house in the area instead
of keeping track of the lists. One can assume relatively few people
ever complained.
------------------------------
End of RISKS-FORUM Digest 9.44
************************