RISKS@KL.SRI.COM (RISKS FORUM, Peter G. Neumann -- Coordinator) (12/15/88)
[ Headers concocted by dave@stcns3.stc.oz to get this into the system ]
RISKS-LIST: RISKS-FORUM Digest Saturday 15 October 1988 Volume 7 : Issue 65
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
Contents:
Vendor introduces "safe" Ada subset (Jonathan Jacky)
Re: ethics of conflict simulation (Sean Malloy)
Re: Assault on Privacy (Ronni Rosenberg)
Software warranties and Trade Practices in Australia
(B L Coombs annoted by "cbp", via Lee Naish)
RISKS of EPROMS (George Sukenick)
The RISKS Forum is moderated. Contributions should be relevant, sound, in good
taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome.
CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line
(otherwise they may be ignored). REQUESTS to RISKS-Request@CSL.SRI.COM.
FOR VOL i ISSUE j / ftp kl.sri.com / login anonymous (ANY NONNULL PASSWORD) /
get stripe:<risks>risks-i.j ... (OR TRY cd stripe:<risks> / get risks-i.j ...
Volume summaries in (i, max j) = (1,46),(2,57),(3,92),(4,97),(5,85),(6,95).
----------------------------------------------------------------------
Date: Fri, 14 Oct 88 09:04:38 PDT
From: jon@june.cs.washington.edu <Jonathan Jacky, University of Washington>
Subject: Vendor introduces "safe" Ada subset
From ELECTRONIC ENGINEERING TIMES, 26 Sept 1988, p. 25:
Ada SUBSET ADDRESSES SOFTWARE SAFETY
Southampton, England - (A subset of Ada called Spark) is reported to overcome
the drawbacks of (Ada) in applications where software integrity is critical.
... Spark was developed at the University of Southampton with the sponsorhip
of the British Ministry of Defence. It is now being marketed by Program
Validation Ltd.
(A representative of Program Validation) said that the use of Ada for safety
critical programming poses some serious problems. There is no formal
definition of the language and the precise meaning of some its constructions is
unclear. According to Program Validation, the resulting uncertainties make
formal verification of Ada programs impossible and cast doubts on the integrity
of the compiled code. A further complication is that the richness of Ada
allows programs to be constructed that are apparently simple, but hide great
underlying complexity.
... To achieve Ada integrity, Spark has introduced several restrictions. It
does not allow the use of tasks, exceptions or generic units. Access types
are also omitted, as these are considered unacceptable in real-time safety
critical applications. ... Certain features - such as "go to" statements
and "declare" statements - are totally barred.
------------------------------
Date: Thu, 13 Oct 88 13:40:12 PDT
From: malloy@nprdc.arpa (Sean Malloy)
Subject: Re: ethics of conflict simulation
>From RISKS-FORUM 7.74: (Scott Wilde) The problem is not some nebulous
>fear of the Pentagon "poisoning" the industry as a whole, but rather
>that they would interfere _with the particular game under consideration_.
In fact, one of the games designed by Simulations Publications, Inc. (SPI)
before they were bought out by TSR was _ordered_ by the Army. _Firefight_ was
intended as a simulation for warfare in Europe, to teach tactics to infantry
and armor commanders. Within a number of simplifying abstractions, it modeled
the weapons systems available to a unit commander in Germany.
SPI later made this game available as part of their regular line. It soon
became apparent that the game was not only useful for teaching tactics, it was
also a device to build confidence and improve morale -- the way the rules and
weapons systems data were set up, it was almost impossible for a Soviet player
to pull anything better than a draw out of the game. The game mechanics were
biased so that an American player could win by using the `right' tactics
(`right' in the Army sense -- the approved Army tactics for a given situation),
rather than encouraging the players to come up with their own tactics.
>From the Army's point of view, it was a very good simulation. From the
opinions expressed about it in the gaming community, it flopped
miserably as a _game_.
Sean Malloy, Navy Personnel Research & Development Cntr, San Diego CA 92152-6800
------------------------------
Date: Thu, 13 Oct 88 13:36:10 edt
From: Ronni Rosenberg <ronni@VX.LCS.MIT.EDU>
Subject: Re: Assault on Privacy
Thanks to Anthony Atkielski for providing information on privacy legislation
in France. I hope that France's legislation closes some of the loopholes in
U.S. privacy legislation. But it is worth pointing out that laws that may
sound good on the books often do not translate into tough action.
For instance, the Fair Credit Reporting Act (1971) specifies expiration
periods, for bankruptcy data (14 years) and other adverse data (7 years),
which is not well defined. Where legislation contains vague definitions,
applying it may be left to the judgement of the agency being regulated.
The FCRA also requires credit agencies to provide you with the data in their
file about you, on request, and to allow you to correct it. Sounds good.
But you can get such info. for free only after you have been denied credit on
the basis of it. If you want to get the info. before you have a problem, it's
not too expensive, but you'll have quite a time trying to find all the private
organizations that maintain files about you. If you make a correction, there
is no guarantee that it will be propogated to other files based on this one
and to other organizations that obtained the false data previously. And if
you lost something, such as a mortgage, because of false data, tough luck.
The Privacy Act (1974) makes it easier for people to know about their files
(in government agencies and the private organizations with which they do
business). But publication of the existence of records is done in the Federal
Register, which is not exactly handy.
Agencies are restricted from releasing personal data to another agency without
written permission of the person who provided the data, except for "routine"
purposes. In 1979, the Office of Personnel Management released lots of its
data to other agencies. What was the "routine" purpose? "To protect the
legitimate interests of government." Similar definitions can be used to
"justify" the collection of any sort of info.
Atkielski thinks that individuals in France can insist that a credit bureau
erase its file about themselves. But if society is structured so that many of
the normal transactions of life depend on credit ratings, how real a "choice"
do you have about participating?
I wish much more of the burden were on the organizations that maintain (and,
in many cases, profit from) data banks. I'd like to see organizations held
responsible for notifying individuals directly about the existence of files
about themselves; requesting permission from individuals every time info. is
released; guaranteeing that corrections will be made and propogated quickly;
assuming liability for losses based on false data; and so on.
------------------------------
Date: Wed, 12 Oct 88 13:43:36 EST
From: lee@munmurra.mu.oz.au (Lee Naish)
Subject: Software warranties and Trade Practices in Australia
Organization: University of Melbourne, Comp Sci Dept
[This was picked off the net in Australia, from "cbp",
including and commenting on a letter from B L COOMBS. Lee]
Software Warranties - The Truth
[The Trade Practices Commission recently sent the following letter to 2000
Australian computer companies.
Permission has been obtained from Ian Searle of the TPC to reproduce this
letter here
<<i.e.,ACSnet, but I don't think they would mind further distribution>>.]
Trade Practices Commission
18 March 1988
The Commission is concerned that many computer software packages sold in
Australia contain statements which place their suppliers at risk of
contravening the Trade Practices Act. Such contravention, if proven in court,
can lead to penalties of up to $20,000 for an individual or $100,000 for a
corporation.
2. Legal action is not contemplated by the Commission at this time, but the
Commission is concerned that suppliers become aware of their obligations under
the Act and comply with it for the benefit of their customers as well as
avoiding risk of legal action against them by either the Commission, a customer
or a competitor.
3. The Trade Practices Act implies into consumer transactions broad warranties,
conditions, rights and remedies with cannot be restricted, modified or
excluded. Any attempt to do so is void and places suppliers at risk of
contravening the Act.
4. A sample of software documentation examined by the Commission indicates that
statements which attempt to limit, or exclude altogether, all warranties
whether expressed or implied are quite common. Other statements considered
likely to mislead consumers as to their legal rights and remedies were also
detected. A number of these statements and the sections of the Act they are
likely to contravene are set out in Attachment A.
5. With the large number of suppliers in the industry the Commission is of
course not aware of the documentation of each supplier and is thus unable to
comment specifically on individual documentation at this stage and some may
well already comply with the Act. You are however urged to consider the
documentation of software supplied by you and the representations made by your
employees (and, if appropriate, by distributors and retailers supplying your
software) to ensure that they do comply with the Act. This consideration should
encompass a review of representations made regarding the capabilities of the
software. When modification to documentation is required you should not neglect
current stocks held by you (and your distributors and retailers, if
appropriate) as well as having documentation for future stocks modified.
6. When reviewing the documentation where warranties and customers' rights are
discussed, the Commission considers it prudent that a statement such as the
following be included to ensure the documentation proceeds on an accurate
positive footing and in a manner not likely to mislead or deceive -
"The benefits conferred by this warranty are in addition to all other rights
and remedies you have in respect of the product under the Trade Practices Act
and similar State and Territory laws".
7. The Commission will continue to monitor the documentation associated with
computer software and, if the incidence of statements which contravene the Act
continues, will consider what further action it should take.
8. If you have any queries regarding software documentation or think the
Commission may be able to assist you generally, please contact John Nicholl of
this office (telephone 062-642918).
Yours faithfully
(signed) B L COOMBS
Assistant Commissioner, Fair Trading and Consumer, Protection Branch
ATTACHMENT A
Sample Statements from Software Packages
(i) General Exclusion
"Except as hereafter provided the program(s) is(are) provided "as is" without
warranty of any kind, either expressed or implied, including, but not limited
to the implied warranties of merchantability and fitness for a particular
purpose. The entire risk as to the quality and performance of the program(s) is
with you. Should the program(s) prove defective, you (and not the licensor or
its authorized dealers) assume the entire cost of all necessary servicing,
repair or correction."
Comment:
The conditions and warranties implied and the rights and remedies created by
the Trade Practices Act cannot be restricted, modified or excluded. Any attempt
to do so is void. Statements of this type are therefore void and put suppliers
at risk of contravening section 53(g) of the Act which prohibits false or
misleading representations concerning the existence, exclusion or effect of any
condition, warranty, guarantee, right or remedy. Suppliers would also be at
risk under section 52 of the Act which prohibits misleading or deceptive
conduct.
(ii) No Refunds If Package Opened
"No refunds will be given for products that have an opened disk package".
Comment:
Consumers have a non-excludable right under the Trade Practices Act to rescind
the contract, return the goods and obtain a refund where there has been a
breach of a condition implied by the Act (which include conditions of
merchantable quality and fitness for purpose). Statements such as this are void
and place suppliers at risk of contravening sections 52 and 53(g) of the Act.
(iii) Express Warranties
"No oral or written information or advice given by the company, its dealers,
distributors, agents, or employees shall create a warranty or in any way
increase the scope of this warranty and you may not rely on any such
information or advice".
Comment:
Consumers have a right under the Trade Practices Act to recover loss or damage
arising from the failure of the manufacturer or importer to comply with an
"express warranty" (briefly, an assertion or representation about the goods
likely to induce a person to acquire them). There may be cases where assertions
or statements by the company's dealers, distributors, agents or employees may
constitute an "express warranty" made with apparent authority. It is doubtful
whether a denial of authority in a document likely to come to a customer's
notice, if at all, after the transaction is concluded would be sufficient to
rebut the presumption (inferred under the Act) that the "express warranty" was
in such cases given by, or for, the company. Statements such as this may place
suppliers at risk of contravening sections 52 and 53(g) of the Act.
(iv) Time Limits
"All implied warranties on the media and manual, including implied warranties
of merchantability and fitness for a particular purpose, are limited in
duration to ninety (90) days from the date of the original retail purchase of
this product".
Comment:
The duration of the non-excludable conditions and warranties implied under the
Trade Practices Act cannot be limited. Statements which attempt to do so are
void and place suppliers at risk of contravening sections 52 and 53(g) of the
Act. Suppliers can, of course, limit the duration of their express warranty.
However, in doing so suppliers should ensure that consumers will not be likely
to be misled concerning their non-excludable rights and remedies under the
Trade Practices Act.
(v) Forcing Acceptance Of Unseen Terms
"Opening the sealed packet signifies your acceptance of the terms of the
enclosed agreement".
Comment:
Statements of this type may mislead consumers as to their rights to dispute
terms of agreements to which they had no prior access (and which, therefore,
are not binding), and/or terms which may in fact be misleading under the Trade
Practices Act. Such statements place suppliers at risk of contravening sections
52 and 53(g) of the Act.
(vi) State Law Rights
"This warranty gives you specific legal rights, you may have other rights which
vary from state to state. Some states do not allow the exclusion of incidental
or consequential damages, or the limitation on how long an implied warranty
lasts so some of the above may not apply to you".
Comment:
The Trade Practices Act applies throughout Australia to the conduct of
companies generally, and also to unincorporated firms (eg Sole traders,
partnerships, etc) who trade inter-state or within a Territory. The statutory
rights and remedies implied into consumer transactions under the Act cannot be
excluded. These include the right to claim consequential damages in some cases
and a time limit cannot be placed on these rights. Statements such as the above
could therefore mislead consumers as their statutory rights under the Act and
place suppliers at risk under sections 52 and 53(g) of the Act.
cbp@foster.avid.oz - {ACS,CS}net
cbp%foster.oz.au@uunet.uu.net - ARPAnet
...!{hplabs,mcvax,nttlab,ukc,uunet}!munnari!foster.oz.au!cbp - UUCP
------------------------------
Date: Mon, 10 Oct 88 15:35:08 EDT
From: sukenick%ccnysci%cucard@nyu.edu (George Sukenick)
Subject: RISKS of EPROMS
> RISKS of EPROMS (Daniel Klein)
>The UV eraseable EPROMS that are found in many smaller computers are also
>subject to failure when their picture is taken. Yep, you read that correctly.
(Due to camera shy EPROMS? :-))
Electronic flashes draw a lot of current in a short time. The unshielded
system might have been crashing due to EMP rather than light interfering with
the EPROMs. I guess that the test would then be to see what happens with
various combinations of covering the EPROM's windows (they were open in the
machine?) and shielding the flash.
-george
------------------------------
End of RISKS-FORUM Digest 7.65
************************