Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!shadooby!samsung!cs.utexas.edu!tut.cis.ohio-state.edu!ucbvax!CSL.SRI.COM!risks From: risks@CSL.SRI.COM (RISKS Forum) Newsgroups: comp.risks Subject: RISKS DIGEST 9.49 Message-ID: Date: 28 Nov 89 02:09:32 GMT Sender: daemon@ucbvax.BERKELEY.EDU Reply-To: risks@csl.sri.com Organization: The Internet Lines: 269 Approved: risks@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Monday 27 November 1989 Volume 9 : Issue 49 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Davis on arguing about technology vs policy (Phil Agre) Re: Check inquiry / binary search: Gardner (Jim Griffith) Re: Check inquiry / binary search: Theroux (Roy Smith) Re: Privacy and risks in credit information (Brinton Cooper) Re: UNIX EXPO Blackout" (Glenn Story) How to improve your financial standing (Glenn Story) Re: Self-trust and computer professionals (Mike McNally) Re: problems with government project specifications (Bob Estell) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line (otherwise they may be ignored). REQUESTS to RISKS-Request@CSL.SRI.COM. TO FTP VOL i ISSUE j: ftp CRVAX.sri.comlogin anonymousAnyNonNullPW cd sys$user2:[risks]get risks-i.j . Vol summaries now in risks-i.0 (j=0) ---------------------------------------------------------------------- Date: Sat, 25 Nov 89 15:40:52 198 From: "Phil Agre" Subject: Davis on arguing about technology vs policy Randy Davis certainly offers a coherent argument and we should be clear just how much it would take to refute it. His argument, at least as I understand it, requires that one accept no more than our society's usual definition of engineering as an instrumental activity: ends are to be distinguished from means; society decides upon its ends; and engineering concerns itself with the means. If new technology facilitates certain forms of invasion of privacy, then that calls for a societal decision about privacy, not about technology. To refute this argument (if that is something one wishes to do) one must address this distinction between ends and means, arguing either that it does not make sense, that it does not and could not remotely approximate the actual conditions, or that it is inherently unhealthy for us to organize our thinking in those terms. All of these arguments have been made [*], though not so far as I recall on the Risks list. Arguing the points in the abstract would presumably be a uselessly redundant activity, but using the many examples that come up on the list to explore them concretely could well be constructive. Phil Agre, Computer Science Department, University of Chicago [*] Some of the standard references are: Hannah Arendt, "The Human Condition" Martin Heidegger, "The Question Concerning Technology" Theodor Adorno and Max Horkheimer, "Dialectic of Enlightenment" Stanley Aronowitz, "Science as Power" Jurgen Habermas, "Science and Technology" Bruno Latour, "Science in Action" Carolyn Merchant, "The Death of Nature" ------------------------------ Date: Sat, 25 Nov 89 16:29:23 -0800 From: griffith@scam.Berkeley.EDU (Jim "The Big Dweeb" Griffith) Subject: Re: Check inquiry / binary search: Gardner (Mauney, RISKS-9.47) This scenario was used in _THE CASE OF THE BEAUTIFUL BEGGAR_, a Perry Mason mystery by Erle Stanley Gardner. In it, a wealthy elderly man was institutionalized by his money-grubbing relatives, and they got a court order that forced the bank to turn over all of the man's assets. Well, the man had previously written a $125,000 check to a niece of his (who wasn't money-grubbing, just poor). But there was no money in the account to cover it, because of the court order. After the court order, the bank received a $50,000 deposit for that man's account from a past-due business transaction. Mason took out a loan for $75,000, deposited it in the account, cashed the $125,000 check, and repaid the loan, along with $12.50 interest, all within 15 minutes. And it was entirely legal, because the court order had specified that the bank had to turn over all money *currently* deposited in the bank. The book mentioned here was published in 1965. Jim ------------------------------ Date: Sun, 26 Nov 89 09:07:54 EST From: Roy Smith Subject: Re: Check inquiry / binary search: Theroux (Mauney, RISKS-9.47) As with the case of the library card records recently discussed, there is nothing particularly new about this risk just because computers have made it easier to exploit. In chapter 7 of Paul Theroux's novel "Fong and the Indians", published in 1968, exactly the same scheme is used to cash at least part of a meant-to-bounce 1000 shilling check against a 632 shillings ninepence balance. The book does not make it clear how the actual balance in the account was discovered, however. Roy Smith, Public Health Research Institute, 455 First Avenue, New York, NY 10016 ------------------------------ Date: Sun, 26 Nov 89 16:42:27 EST From: Brinton Cooper Subject: Re: Privacy and risks in credit information (Gorman, RISKS-9.46) John DeBert, in the referenced article provides a good summary of TWR's "promised practice" in protecting the privacy of credit records while affording anyone access to his/her own information. It's chilling to reflect upon the fact that, in my community, TRW runs a for-profit alcoholism treatment center to which first-time DWI offenders are often sent for treatment as part of a program of "probation before judgement." One wonders how mutually compartmented these TRW operations are? _Brint ------------------------------ Date: 27 Nov 89 14:35:00 -0800 From: story_glenn@comm.tandem.com Subject: re: UNIX EXPO Blackout" I forwarded Brian Randell's item, "UNIX EXPO Blackout" from RISKS forum 9.45, to Tandem's internal mail system. I received several responses which seemed to fall into one of two categories: (1) requests for more information, and (2) justifications of Tandem's performance in the "race" described in the article. I found these responses curious since they seemed to diregard the fact that I was merely repeating third- or fourth-hand information. Meanwhile, no one seems to have noticed this fatal flaw in the original contest: fault tolerence has no direct relationship with how fast a computer restarts after a power failure (unless, of course, it fails to come up at all). Even computers that make no claims whatever about fault tolerence (such as the lowliest PC) still are expected to restart after a power outage. Glenn Story, Tandem Computers, story_glenn@comm.tandem.com ------------------------------ Date: 27 Nov 89 16:28:00 +1600 From: story_glenn@comm.tandem.com Subject: How to improve your financial standing A recent RISKS posting on credit information reminded me of an incident that happened to me a few years ago. Due to some flaw in my personality, I love to fill out questionaires. One day I received a "marketing" questionaire on oil-well speculations, the last question of which was "Would you be interested in hearing about opportunities in this area?" I answered that one, "no" and mailed the questionaire off. Soon I started receiving phone calls from oil-well salesmen. Having forgotten all about the questionaire, I asked one of these salesmen where he got my name. He said from some data service in Texas; he even read my profile which described me as a "wealthy entrepeneur who likes to invest in high-risk projects". I wrote to the company sending the data, informing them of their error. They responded with a form letter explaining my rights under the Fair Credit Practices Act. Since their information about me was not derogatory, I did not respond. Later when I got yet another sales call I explained about the flakey data base in Texas. The salesman responded that he didn't get my name from there--he got it from Dunn and Bradstreet! So, now that I'm rich, I'm working on famous. Anyone know who runs the computers for "Who's Who in America"? Glenn Story, Tandem Computers, story_glenn@comm.tandem.com ------------------------------ Date: Mon, 27 Nov 89 09:31:10 PST From: m5@lynx.UUCP (Mike McNally) Subject: Re: Self-trust and computer professionals (Fagan, RISKS-9.45) The other day, whilst merrily shopping at my lovely neighborhood Mervyn's, I overheard a conversation between a gentleman buying some clothes (shirts I think) and the cashier. A disagreement arose over the price of a shirt: the customer thought it was on sale for 14.95, but the "computer" responded to the bar code with a price of 15.99. (Note: all the price tags I saw had the price clearly printed, by "the computer" of course, beneath the bar code. Perhaps the tag in question had been mutilated.) The customer, not at all irate, wanted to check the price he thought was advertised on a small placard above the display on which he found the garment. The salesperson gladly agreed, but pointed out two things: first, that they never have prices that are NN.95; second, that "the computer is usually right". The customer grinned and said "No, I build systems, and I know that's not true." "Well, gee," I thought to myself. I work on computer systems, and while I know that they have the potential of being pretty danged wrong in pretty big ways, I also know that the salesperson was right: *usually* the computer is right; or, more precisely in this case, when she presents the UPC code to the POS terminal, and the thing likes it and responds with the price that matches the code, most of the time it will be correct. It may be the case that the database has not been properly updated to match short-term sales, as (apparently, from previous postings in RISKS) happens in grocery stores, but I really must wonder if it's correct to say that the computer is "wrong". In the Mervyn's example, there is the additional "ECC" of the Mervyn's pricing scheme, which only allows certain fractions. (In the end, the customer decided that the computer was right after all.) I'm as leary of computerization as the next man, but not to the point of having an almost manic distrust. I'm not an auto mechanic or designer, but off the top of my head I can name a few critical systems that could fail on 280 at 70 mph with disastrous consequences. I still drive. I ride a bicycle, but I can't really say I trust those little spokes. In short, I don't have complete faith in *any* system I trust with my life, but I use (and rely on) those systems nevertheless. Mike McNally Lynx Real-Time Systems 408 370 2233 ------------------------------ Date: 27 Nov 89 14:13:00 PDT From: "FIDLER::ESTELL" Subject: RE: problems with government project specifications Like almost all old [more than 70 years], large [more than 10,000 people] institutions, the government did not get to be as successful as it is by acting the way it does now. [Paraphrased from the original statement by Robert Townsend, in _Up the Organization._ He was talking about GM. Similar symptoms, probably same causes.] An all too typical scenario for developing the technical section of a DoD RFP [request for proposal] is that some technical folks may write 10 pages of plain English, describing what they want; e.g., a typical mini-computer RFP may begin with a list of software tools and applications that the users must have; then talk about relaibility, so that the uses will indeed be able to work; then mention cost, so that bidders don't blow the budget; then specify that the new system must interface to the extant network; and finally, within those constraints, be as fast as possible. Enter then the good people who must actually negotiate the contract. Usually, that means least cost, or best bargain. So the above RFP gets rewritten to put cost first, and speed next; the software gets put in as a list of "mandatory" and/or "desirable" options. [Yes, that's one of my favorite oxymorons - "mandatory option."] Reliability is addressed in terms of guaranteed response times to failures. [An argument was once made by H-P that it is better to respond in two days to only one failure per year, than in two hours to a failure every week. Sometimes the government accepts such logic; sometimes not.] Network interface is often left as an exercise for the buyer. [On other occasions, "compatibility" becomes the reason for a sole source buy of a the same brand, similar model.] In most cases, those 10 pages now number over 100. And the rewrite usually takes 6 months or more. At the extreme, we have written specifications for systems that the vendors do not make; e.g., instead of saying that we want lots of disk capacity in little floor space, we specify drive characteristics. That has led to some "no bid" responses, much to the consternation of both sides. And the process then exceeds a year, including rewrites. In that much time, the project needs have evolved, since 25% to 35% of the project schedule has elapsed; and of course the computer industry has evolved too; almost one PC-generation has passed. Ancient wisdom tells us that "Too many cooks spoil the broth." That "A camel is a horse designed by a committee." Modern wisdom [Robert Heinlein] tells us that "A committee is an animal with at least 6 legs and no brain." Why do we do this? One good friend, Harry Parode, says that we only strive to spend public funds honestly. Somehow, we seem to feel that, if enough people contribute enough words, the RPF, and the resulting system, will be better. I doubt it. I tend to agree with the lesson in the story told after CRAY Research built a better scientific computer than mighty IBM: Thomas Watson asked how three dozen folks could beat a team of about 1000; when Seymour Cray was told of the inquiry, he opined, "I believe Mr. Watson has answered his own question." Bob Disclaimer: The opinions herein are my own; and I know darn well that the government does NOT agree. ------------------------------ End of RISKS-FORUM Digest 9.49 ************************ Brought to you by Super Global Mega Corp .com