RISKS@KL.SRI.COM (RISKS FORUM, Peter G. Neumann -- Coordinator) (10/23/87)
RISKS-LIST: RISKS-FORUM Digest Thursday, 22 October 1987 Volume 5 : Issue 47
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
Contents:
Programmed Trading and the Stock Market Decline (Lt Scott A. Norton)
Overload closes Pacific Stock Exchange computers, and other sagas (PGN)
BankAmerica Aides Quit; Sources Cite Data System (Jerome H. Saltzer)
Air Force explores SDI-like technology (Walt Thode)
Who knows where the computer is? (Graeme Hirst)
Anonymity (Fred Baube)
Re: UNIX Passwords (Richard Outerbridge)
CD vs ADP security (Barry Nelson)
Civil Disobedience and Computers (Robert Stanley)
The RISKS Forum is moderated. Contributions should be relevant, sound, in good
taste, objective, coherent, concise, nonrepetitious. Diversity is welcome.
Contributions to RISKS@CSL.SRI.COM, Requests to RISKS-Request@CSL.SRI.COM.
For Vol i issue j, FTP SRI.COM, CD STRIPE:<RISKS>, GET RISKS-i.j.
Volume summaries for each i in max j: (i,j) = (1,46),(2,57),(3,92),(4,97).
----------------------------------------------------------------------
Date: Thu, 22 Oct 87 00:34:10 PDT
From: "LT Scott A. Norton, USN" <4526P%NAVPGS.BITNET@wiscvm.wisc.edu>
Subject: Programmed Trading and the Stock Market Decline
To: Risk List <RISKS@csl.sri.com>
An interview on this afternoon's (21 Oct 87) "All Things Considered" with an
investment expert named Thomas Tisch [sp?] discussed the impact that
programmed stock trading had on last Monday's stock market losses.
According to Mr. Tisch, aggressive programmed trading typically is an
attempt to take advantage of a difference in prices between different
offerings of the same stock. For example, analysts will compare the price
of a group of stocks on the NY Stock Exchange with the price of an option on
the same stocks on the Chicago exchange. If a sufficiently large disparity
exists, the programmed sales will be activated, buying the lower priced
package and simultaneously selling the higher priced package. Because the
disparities in price are usually small, this strategy requires large
purchases, on the order of $25 million. During Monday's decline, trading on
index futures was suspended, reducing the impact of this form of programmed
trading on the market.
In the case of Monday's fall, Mr. Tisch felt that a lot of the volatility
the market showed was caused by another kind of programmed trading. Many
large institutional investors, such as insurance companies, pension funds,
and university endowments, had tried to protect their assets with "portfolio
insurance."
To protect against their assets being wiped out, these investors had
programmed in a bail-out if their portfolio's value dropped too far.
This resulted in an automated panic once the market as a whole started
to drop.
[ I didn't tape previous the broadcast, so I can't give you Mr. Tisch's
credentials. All I have is hastily scribbled notes I took during the
interview. I did, though get the following item on tape ]
On Tuesday, during an address to the National Press Club, Garrison
Keillor was asked what effect the market's decline would have on Bob's
Bank in Lake Woebegone. Keillor replied,
"I think the terrifying thing about this stock market crash
is the idea that this could all be going on between computers
with human beings hardly involved at all. That these vast
banks of computers all over the country, using the phone
lines, are battling each other for stocks, and that we have
no part in this."
LT Scott A. Norton, USN | From Internet, if you need a gateway, use
Naval Postgraduate School | 4526p%navpgs.bitnet@jade.berkley.edu
Monterey, CA 93943-5018 | or 4526p%navpgs.bitnet@ucscc.ucsc.edu
4526P@NavPGS.BITNET | The WISCVM gateway will close 15 Dec 87. )
------------------------------
Date: Thu 22 Oct 87 17:49:07-PDT
From: Peter G. Neumann <Neumann@KL.SRI.Com>
Subject: Overload closes Pacific Stock Exchange computers, and other sagas
To: RISKS@KL.SRI.Com
On Monday, a number of NASDAQ market makers abandoned their posts while
stockholders were trying to bail out. (A good thing? Don't let 'em sell
until it goes up again?) Although this was not a computer-caused problem,
it kept the computers from handling the relevant trading during the
508-point drop.
On Tuesday, computerized trading in stock-index futures and options was
temporarily suspended for the first time in history in New York, Chicago,
and Kansas City.
On Wednesday, the PSE had to shut down its computerized trading system
(SCOREX) for about five hours yesterday due to intolerable transmission
delays resulting from the avalanche of orders. This was its first complete
shutdown since installation in 1979. Volume dropped significantly. (On
Monday SCOREX trading was halted in about 5% of the options, due to
"technical problems".)
[Source: San Francisco Chronicle, 22 October 1987]
When a brokerage house loses out on transactions it was not able to make,
this is what is known as an ERROR OF COMMISSION!
------------------------------
Date: Thu, 22 Oct 87 08:57:29 EDT
To: RISKS FORUM (Peter G. Neumann -- Coordinator) <RISKS@KL.SRI.Com>
Subject: BankAmerica Aides Quit; Sources Cite Data System
From: Jerome H. Saltzer <Saltzer@ATHENA.MIT.EDU>
This morning's (Thursday, October 22) Wall Street Journal, Eastern Edition
page 44, contains an article with the above headline, which continues:
"Two top BankAmerica Corp. executives quit after being asked to resign . . .
in an action related to data processing problems that cost the company an
estimated $25 Million.
"The two men were held responsible . . . for problems in converting to a new
computerized accounting system for the bank's trust department last March.
". . . A bank spokesman said the conversion to a new system, called MasterNet,
disrupted data processing records to the extent that BankAmerica is frequently
unable to produce or deliver customer statements on a timely basis."
The good (?) news is that ". . .the spokesman said . . . 'to the best of our
knowledge, no customer information has been lost. . .'"
Jerry
------------------------------
From: thode@nprdc.arpa (Walt Thode)
Date: 21 October 1987 1426-PDT (Wednesday)
To: risks@csl.sri.com
Subject: Air Force explores SDI-like technology
From the Federal Computer Week (10/19/87) (excerpted, without permission):
The Air Force has issued technology assessment contracts to four teams to
explore deployment of a multibillion-dollar Air Defense Initiative that
could rival SDI for cost, complexity, and possibly for political debate.
Issued by the Air Force Electronics Systems Division, the contracts, though
slightly less than $1 million each, signal the beginning of a major
tri-service effort to protect North America from attack by Soviet bombers or
cruise missiles.
A central impetus for the ADI research is the effect SDI will have on
Soviet strategic planning, according to Air Force officials. The Air
Force operates on the assumption that the ongoing progress on SDI has
already pushed the Soviets to improve their bomber and cruise missile
forces. If this improvement continues, the US will need to deploy ADI
even if the threat it is designed to counter is an indirect result of SDI.
The ADI system will bear more than a casual resemblance to SDI, according
to Pentagon officials. Like SDI, it probably will include numerous
space-based sensing platforms, which can see the entire North American
continent and which can control air, ground, and space-based interceptors
or hypersonic aircraft. ADI will require a complex real-time
computerized command and control system to monitor threats coming from
every compass quadrant. Like SDI, ADI's command and control system will
have to be able to assess these multiple threats and then control widely
dispersed defensive systems...
John Pike of the Federation of American Scientists, a long-time critic of
SDI, said the command and control problems of ADI will be even more complex
than SDI. "Airplanes tend to blend into the background, especially when
they are flying only a few hundred feet above the ground ... The Soviets are
obviously going to have their missiles coming in from the north, but
airplanes could come in from any direction." ... Former Defense Secretary
James Schlesinger estimated that total costs for ADI could run as high as
$50 billion.
(The rest of the article discussed contractors/subcontractors and some of
the suggestions for methods and timing. One interesting item was the
suggestion that airships (lighter than air) are a possible sensor
platform alternative.)
--Walt Thode (thode@nprdc.arpa)
------------------------------
Date: Wed, 21 Oct 87 12:49:16 EDT
From: Graeme Hirst <gh%ai.toronto.edu@RELAY.CS.NET>
To: RISKS@csl.sri.com
Subject: Who knows where the computer is?
Organization: Dept of Computer Science, University of Toronto
In RISKS-5.44, Scott Dorsey (kludge@pyr.gatech.edu) writes:
> I seem to recall a mention that the Berkeley computer center was
>occupied by protesters sometime in the sixties, ...
I attended Monash University, Melbourne, Australia, in the 1970s at the
height of the student rebellions. The Computer Centre, fearing an imitation of
events in the U.S., posted large notices on the doors of the machine room
alleging that after the fire alarm bells went off, you had 45 seconds to
clear the room before the carbon dioxide came in, the oxygen disappeared, and
those remaining died. (This was before the advent of Halon.) It was assumed
that the operators were expected to trigger the fire alarm at any sign of a
student invasion, though the administration denied this.
In RISKS-5.45, Brent Chapman (koala!brent@lll-tis.arpa) writes:
>Have there been any cases of terrorist or political attacks on comp centers?
Perhaps someone who was there at the time can tell us about the most famous
computer centre trashing, that at Sir George Williams in Montreal.
>How many of you have no idea where the machines you use are physically located
In teaching first year, I always make a point of telling the students what the
machine is, where it is, and telling them to have a look at it (through the
glass). Reason: I want them to have a mental image of the machine, and to
understand clearly that the terminal is not the computer.
This is less important than it used to be, but it is still a good idea; many of
our freshmen are still complete computer novices (though no longer the
majority). Also, knowing the name, power, ability, etc., of many machines will
be important for some of the students later on, if they become systems
programmers or administrators. It's never too early to start learning that the
old ones are Vaxes, the new ones are Suns, the 3/280 is about three times as
powerful as the Vax, etc.
\\\\ Graeme Hirst University of Toronto Computer Science Department
//// utcsri!utai!gh / gh@ai.toronto.edu / 416-978-8747
------------------------------
To: RISKS@KL.SRI.COM
Subject: Anonymity
Date: Thu, 22 Oct 87 10:20:07 -0400
From: Fred Baube <fbaube@note.nsf.gov>
> > One of the greatest guarantees of privacy is anonymity.
The Social Security number is a standard item on many forms where
it has no business being. If you find yourself in a situation
where they want to know it and they won't settle for not having
it, it might be better to switch than fight .. make one up.
Disclaimer: not recommended for interest-bearing accounts and
other income-generators, or for giving blood.
[...]
I'm not sure about the current state of affairs here in the States, but
about three years ago a fellow in Buffalo was being harassed by the Postal
Service for setting up just such a service, where people could get a PO box
under a pseudonym. Their excuse was the need to prevent mail fraud, which
he said he would always co-operate in the investigation of. For every box
the Postal Service wanted to see a real name and a real occupation. When
mail pseudonyms are outlawed, only outlaws will have mail pseudonyms.
P.S. I presume the Internet has a rule against anonymous messages.
------------------------------
Date: Thu, 22 Oct 87 00:16:39 EDT
From: Richard Outerbridge <outer%csri.toronto.edu@RELAY.CS.NET>
To: csl.sri!RISKS%ai.toronto.edu@RELAY.CS.NET
Subject: Re: UNIX Passwords
The eight character limit may have been designed in, but direct mapping
into DES keys is no feature. The average entropy of English is about one
bit per letter over blocks of eight or more letters; so rather than 56 bits
of equivocation the routine assuredly provides eight. Hashing long strings
together using CBC or CFB message authentication techniques yields eight
byte hex strings in which every last trace of equivocation is present in
a 'random' looking pattern. Time for a change of password routines.
------------------------------
Date: Thu, 22 Oct 87 09:21:34 EDT
From: Barry Nelson <bnelson@ccb.bbn.com>
Subject: CD vs ADP security
To: risks@csl.sri.com
In RISKS 5.45 (Brent Chapman, Re: Civil Disobedience), several
minimal computer physical security mechanisms were listed.
Although it may be slightly dated, I have found the FIPS-PUB-31
(Guidelines For Automated Data Processing Physical Security and
Risk Management,NBS,1974, 95 pp) to be a good basic reference for
the issues needing consideration, including: security analysis,
natural disasters, supporting utilities, system reliability,
physical protection, internal controls, off-site facilities,
contingency planning, security awareness, and internal audit.
Of course, there are more recent texts dealing with the same
topic, but this is one of the more complete ones I've seen that
focuses on computer facilities, control and contingencies.
It is axiomatic that organizations will supply only that security
that is (a) affordable and (b) justifiable under the
circumstances. Someone must take the responsibility to identify
the various options available and evaluate the local risks,
making a final recommendation to the top management.
"This document contains statements of opinion by the author which are not
attributable to BBN Communications Corporation or its management."
Barry C. Nelson /Senior Systems Engineer /
BBN Communications Corporation / 70 Fawcett Street, Cambridge, MA 02238
------------------------------
To: comp-risks
From: Robert Stanley <roberts%cognos%math.waterloo.edu@RELAY.CS.NET>
Subject: Civil Disobedience and Computers (Re: RISKS-5.44)
Date: 20 Oct 87 16:23:38 GMT
Organization: Cognos Inc., Ottawa, Canada
A very interesting fictional treatment of Civil Disobedience in a terminally
automated society is to be found in John Brunner's novel "The Shockwave Rider"
which has achieved the status of a minor classic in the science fiction world.
Some very telling points are made, and the subject is explored in considerable
depth. However, it also points up the fact that the distinction between CD and
criminal activity is not so much a point of law, as the degree of fear/anger
triggered in the targetted beureaucracy, which usually has sufficient dollars
to overwhelm all but the most visible of protestants.
Robert Stanley Cognos Incorporated S-mail: P.O. Box 9707
Voice: (613) 738-1440 (Research: there are 2!) 3755 Riverside Drive
FAX: (613) 738-0002 Compuserve: 76174,3024 Ottawa, Ontario
uucp: decvax!utzoo!dciem!nrcaer!cognos!roberts CANADA K1G 3Z4
------------------------------
End of RISKS-FORUM Digest
************************
-------