4-Oct-85 14:11:02-PDT,14232;000000000000
Mail-From: NEUMANN created at 4-Oct-85 14:07:29
Date: Fri 4 Oct 85 14:07:29-PDT
From: RISKS FORUM (Peter G. Neumann, Coordinator) <
[email protected]>
Subject: RISKS-1.18
Sender:
[email protected]
To:
[email protected]
RISKS-LIST: RISKS-FORUM Digest Friday, 4 Oct 1985 Volume 1 : Issue 18
FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS
Peter G. Neumann, moderator
Contents:
Lack of a backup computer closes stock exchange (Marty Moore)
DPMA survey on computer crime offenses (J.A.N. Lee)
Ethics vs. morality (Marty Cohen)
The Mythical Man-Month of Risk (Stavros Macrakis)
Risk Assessment by real people (Mike McLaughlin)
CRTs again, solution to one eye-problem (Mike McLaughlin)
Failure of Mexican Networks (Dave Flory)
Technical Reports Lists (Laurence Leff)
Summary of Groundrules:
The RISKS Forum is a moderated digest. To be distributed, submissions should
be relevant to the topic, technically sound, objective, in good taste, and
coherent. Others will be rejected. Diversity of viewpoints is welcome.
Please try to avoid repetition of earlier discussions.
[Note: Despite SRI-CSL having had a nasty disk controller wipe-out [Sun-Mon]
which prevented this issue from coming out on Monday, and despite my being
East, here is RISKS-1.18.]
(Contributions to
[email protected], Requests to
[email protected])
(FTP Vol 1 : Issue n from SRI-CSL:<RISKS>RISKS-1.n)
----------------------------------------------------------------------
Date: Mon, 30 Sep 85 11:44:49 CDT
From: mooremj@EGLIN-VAX
Subject: Lack of a backup computer closes stock exchange
To:
[email protected]
When Hurricane Gloria was approaching the New York area, the New York and
American Stock Exchanges did not open. The Midwest Exchange, located in
Chicago, opened on schedule; unfortunately, it had to close 40 minutes later,
when its nationwide computer system failed. Where is the central computer
of that system located? New York, of course. The Director of the Exchange
was quoted as saying, "Well, this has got to change."
------------------------------
Date: Wed, 2 Oct 85 15:39 EST
From: Jan Lee <janlee%
[email protected]>
To:
[email protected]
Subject: DPMA survey on computer crime offenses
Peter ... here are the proper figures on Computer Crime Offenses as reported
by the DPMA from a survey taken by COMP-U-FAX (TM) and reported 1985 May 27:
(It doesn't say how many people were surveyed -- just that DPMA is an
organization of 50,000 members.)
21% reported one or more abuses in past 3 years in their workplace. 2% of
these offenses were committed by outsiders (so much for the Hacker myth!!).
The reasons for the abuses were:
27% ignorance of proper professional conduct
26% playfulness
25% personal gain
22% maliciousness
Only 45% of respondents worked for a company who had a full-time
or part-time data security person.
Only 2.2% of abuses were reported publicly (does that mean
reported to the news media or the legal authorities?).
The surveyor was Detmar Straub, Grad. School of Business Admin.,
Indiana University.
(In a note I got from Donn Parker, Donn seems to cast some aspersions
on the validity of this survey, but I haven't had chance to do anything
other than read the press release myself.)
JAN
------------------------------
Date: Fri, 27 Sep 85 13:18:47 PDT
From: Marty Cohen <mcohen%
[email protected]>
To:
[email protected]
Subject: Ethics vs. morality
"Morals: Society's code for individual survival"
"Ethics: An individual's code for society's survival"
From Theodore Sturgeon, "More Than Human" ("Baby is Three" is one
part of the book), page 177 of the Ballentine books paperback.
------------------------------
Date: Thu, 3 Oct 85 19:14:56 EDT
From:
[email protected] (Stavros Macrakis)
To: risks@sri-csl
Subject: The Mythical Man-Month of Risk
In reference to the discussion on the Wilson article:
> ... formula that measures risks [as] ... seconds of life lost ...
In discussing risks, whether from computer systems or other causes, it
would surely be desirable to have some reasonable guidelines.
Wilson's basic point was that we should be able to calculate costs and
benefits; a point with which I am in fundamental agreement. However,
this calculation has many difficulties. In this note, I should like
to sketch (in a somewhat disorganized way) some of these difficulties.
It is often useful to reduce complicated facts to simple unidimensional
measures for comparison. But such reduction loses a great deal of
information in general; and also ignores variation in personal utility
functions. For that matter, statistical measures should differentiate
between associations and causation.
Among the figures cited, there were several misleading measures along
these lines.
For instance, although perhaps cigarette smokers ought to allocate 12
minutes of their lives per cigarette, a lung cancer death is typically far
harder than an automobile accident death. On the other hand, car accidents
subtract years by killing fewer, younger, people; cancer by killing more,
but older, people. How to compare 5 x (lifespan 25-70) with 25 x (lifespan
63-70)? Is each 175 man-years? I have no answer, although I have certain
intuitions--in particular, `losing' the 69 man-years 1-70 seems far less
tragic than losing the 69 man-years 3 x (47-70) (`struck down in the prime
of life'): but the Wilson extract did explicitly talk only of 25+-year-olds.
Economics has various answers: discounted productivity contribution; market
value attached to hazardous jobs; .... None is satisfactory, but all are
useful for separating grossly different risks.
As for correlations, why is it that living in New York is hazardous?
Perhaps it is the pollution. But if it is the poverty or the street crime,
then poverty or bad neighborhoods (regardless of city) probably relate far
better statistically and surely causally than does residence. New York just
has many poor people and bad neighborhoods. A statistical analysis that
excludes such correlated hazards is surely non-trivial.
`Post hoc ergo propter hoc' seems especially implicated in the case of
unmarried males. There are likely advantages to being married, but
perhaps inability to find or keep a wife indicates other problems.
Then there is the presumption of linear additivity. Even the risks which
are not strongly correlated may combine: consider asbestosis and smoking.
Of course, in other cases the unidimensional metrics may be far more useful.
In the case of the costs of unreliable funds transfer, the cost to the bank
can be calculated quite precisely. In cases where these errors affect
customers, it may also be reasonable to estimate that damage (e.g., you may
lose $100 of annual profits per error of type X if a retail customer takes
his business elsewhere). If you're a materials supplier to a just-in-time
manufacturer, the monetary consequences may be far more serious: still, a
monetary measure may be meaningful.
In conclusion, it seems to me useful to develop a range of measures of cost
and benefit, and not try to reduce them to single numbers. If one wishes to
be ultra-cautious, one will then weigh the minimum expected benefit against
the maximum expected cost. If one is a `rational' gambler, perhaps the
average benefit against average cost. If one is an optimist or a gambler,
perhaps the maximum benefit against the minimum cost. I believe Howard
Raiffa (among others) discusses such issues (although I'm afraid I can't
provide a reference).
Risk-free systems are unlikely. We need good ways of evaluating risks
and benefits.
-s
------------------------------
Date: Sat, 28 Sep 85 16:05:48 edt
From: mikemcl@nrl-csr (Mike McLaughlin)
To:
[email protected]
Subject: Risk Assessment by real people
Ellen Goodman's column in The Washington Post, Saturday, 28 Sep 85, (c) 1985,
The Boston Globe Newspaper Company, is worth reading. Title is: "AIDS: The
Risks We'll Take." No, it doesn't mention computers. It really isn't much
about AIDS, either.
What it is about is people, and how risks are assessed by real people - not
by computers, or calculators, but by the folks that would die of boredom
reading this forum... or might die of something else if *we* do not
understand how *they* evaluate risks.
"In California, members of a family cut back on sugar in the decaffeinated
coffee they drink in their house - on the San Andreas fault."
"Another friend drinks only bottled water these days, eats only meat un-
touched by steroids and spends weekends hang-gliding."
"The AIDS story... is a tale about experts and the public, about the gap
between our skepticism and our longing for certainty."
Ms. Goodman also quotes an article in October's Science '85: "We may be much
more willing to accept higher risks in activities over which we have control,
such as smoking, drinking, driving or skiing, than things over which we have
little control, such as industrial pollution, food additives and commercial
airlines."
Her summation is very relevant to *us*, who read and write about SDI, the use
and non-use of computers, and so on: "This is, after all, a country that bans
saccharin and builds nuclear bombs. We argue and will go on arguing about
risk in two different languages: numbers and emotions, odds and anxieties."
If *we* cannot make ourselves understood by *them* when we discuss what
matters for the survival of *all of us*, then this forum is just a
modern form of omphaloskepsis.
- Mike
------------------------------
Date: Sat, 28 Sep 85 16:25:57 edt
From: mikemcl@nrl-csr (Mike McLaughlin)
To:
[email protected]
Subject: CRTs again, solution to one eye-problem
CRTs can cause eye strain in users who wear glasses. Distance lenses won't
focus at closer than arm's length. Reading lenses focus too close. Bifocals
require you to hold your head in one of two specific positions... neither of
which works. What to do?
I already done it. Several years ago. So much a part of my computerized
life that I didn't think of it while reading/writing via computer about CRT
usage. Got "intermediate lenses" - an Rx for glasses optimized for my CRT/
VDT viewing habits. Got comfy in front of the tube & keyboard, had a friend
measure distance from bridge of nose to CRT screen. Averaged several tries.
Gave the distance to my opthamologist - he turned out an Rx in short order.
Bought frame & lenses. Expensive. Use them *only* at office computer - don't
take them home (don't have a computer at home). Declared them as a non-
reimbursed business expense. IRS content, helped reduce cost.
Did NOT get tri-focals, because:
1. They force you into an even more rigid head position - and I believe
that rigid posture is a major cause of computer-fatigue.
2. They confused the IRS issue, which was quite clear with intermediate-
only glasses.
3. I'm not old enough to wear TRI-focals, for heaven's sake!
Suggestion:
Employers requiring use of CRT should consider paying for intermediates;
should resist paying for trifocals (or even the incremental cost of tri- over
bi-focals).
An acceptable alternative might be bifocals, distance/intermediate or inter-
mediate/reading, depending upon the user's eye condition and job content.
- Mike
------------------------------
Date: Wed 2 Oct 85 13:43:03-EDT
From: Shadow <Z.HXWY-FLORY-DAVID%
[email protected]>
Subject: Failure of Mexican Networks
To:
[email protected]
This doesn't refer to computer networks, but it is similar.
According to Fred Goldstein on Telecom Digest (
[email protected]),
phone service from most of the world to Mexico City was destroyed by the
collapse of the building containing the switches, frames, etc. for Mexico
City's international gateway switch.
Sites which are major network nodes collapsing due to earthquake/etc could
result in a similar effect.
David Flory
ARPANET --->
[email protected] or
[email protected]
BITNET ---->
[email protected]
[Good engineering tends to avoid sensitivity to single-point failures
and to avoid singly connected nodes. Designing for massive failures
and disasters is of course much more difficult. PGN]
------------------------------
Date: Fri, 27 Sep 85 13:38:21 cdt
From: Laurence Leff <leff%
[email protected]>
Subject: Technical Reports Lists
To: [... all sorts of lists...]
[Here is what could be a useful service if suitable indexing occurs. I
have stripped Laurence's message down. SEND to him for the original.
This is of course more general in scope than just RISKS, but seemed
worth including. -- in case you missed it elsewhere. Respond to him,
not me. PGN]
I have volunteered to organize an electronic mechanism for the distribution
of technical report lists from Universities and R&D labs. Some (and
hopefully all) of the people producing technical reports would send a copy
of the list to me. I would then send these to a moderated group on USENET
as well as a mailing list for those sites on the INTERNET who do not get
news (ARPANET, CSNET, etc.).
I need two things from you:
1) if your organization prepares technical reports and sends them
out to interested parties (perhaps for a fee), please arrange
to have electronically readable copy of your lists sent
to trlist%smu@csnet-relay.
2) if people at your organization would like to receive lists
of tech reports produced by universities and R&D labs, please
provide me an electronic address to send them to (if you are not
on USENET). Send such administrative mail to trlist-request%smu@
csnet-relay.
------------------------------
End of RISKS-FORUM Digest
************************
-------
