Subject: RISKS DIGEST 16.73
REPLY-TO: [email protected]

RISKS-LIST: RISKS-FORUM Digest  Friday 6 January 1995  Volume 16 : Issue 73

  FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
  ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

[NOTE: If you are overwhelmed with RISKS, cheer up.  After an active week,
a two-week slowdown is coming.  There's the potential of another entire
issue devoted to new date-time stuff, but it may get deep-sixed.   PGN]
***** See last item for further information, disclaimers, etc.       *****

 Contents:
My life as an international arms courier [longish, but good] (Matt Blaze)
Work monitoring (Phil Agre)
GRE by computer, the sequel (Cris Pedregal Martin)
More on "Cell phones in Israeli army" (Heinz Wrobel)
Re: Adopting Programming Improvements (Douglas W. Jones)
Re: CompuServe-Unisys GIF Tax Protest (Kenneth Albanowski)
Info on RISKS (comp.risks), contributions, subscriptions, FTP, etc.

----------------------------------------------------------------------

Date: Fri, 06 Jan 95 16:58:50 -0500
From: Matt Blaze <[email protected]>
Subject: My life as an international arms courier

 [This is admittedly a bit long, but I thought this experience might be of
 some interest to RISKS readers.  -matt]
   [Matt, Struggling as we are with export controls in the NRC crypto
   policy review, this is quite interesting.  Thanks.  PGN]

Under an obscure provision of US law, devices and computer programs
that use encryption techniques to hide information from prying eyes
and ears are considered ``munitions'' and subject to the same rules
that govern the international arms trade.  In particular, taking such
items out of this country requires the approval of the State
Department, which decides whether exporting something might endanger
national security.  In the past, these restrictions were of little
concern to the average citizen; encryption found most of its
application in military and diplomatic communications equipment.
Today, however, growing concern over electronic fraud and privacy
means that encryption techniques are starting to find their way into
more conventional commercial products like laptop computers and
portable phones.

Mostly to find out what the process was like, I recently applied for a
temporary export license for a portable telephone encryption product
that I wanted to take with me on a business trip to England and
Belgium.

The item in question is more properly called a ``telephone security
device.''  This is a little box that scrambles telephone conversations
to protect them against eavesdroppers; this sort of protection is
sometimes important when discussing confidential business matters from
faraway places.  The particular model I bought was already approved
for export; it employs a cipher algorithm that the government has
already decided is not a threat to national security even should it
fall into the hands of some rogue government.  This model is aimed
primarily, I presume, at international business travelers who want to
communicate in a reasonably secure manner with their home offices in
the states.  In other words, a typical user buys two of them, leaving
one at the home office and carrying the other when traveling abroad.
The options that came with my device included a James Bond-ish looking
acoustic coupler and handset to facilitate its connection to the
hardwired phones that are still common in European hotel rooms.

It turns out that there was recently some discussion in the government
about exempting products like my secure phone from the licensing
paperwork requirements.  Unfortunately, however, this exemption never
actually took effect.  So even though the device I had was already
approved for sale abroad, I still needed to get a temporary export
license before I could take it with me.  But I was assured that ``this
is an easy, routine process''.  Well, sure enough, about two weeks
before I was to leave I got back my official US State Department
``license for the temporary export of unclassified defense articles''.
So far, so good.

>From what I was able to figure out by reading the license (and having
a few conversations with an export lawyer), I'm required to leave from
an international airport with a Customs agent present (no problem
there, although Customs is geared to arriving, rather than departing,
travelers).  At the airport, I'm supposed to fill out a form called a
``shipper's export declaration'' (SED) on which I have to declare that
``these commodities are authorized by the US government for export
only to Belgium and the United Kingdom.  They may not be resold,
transshipped, or otherwise disposed of in any country, either in their
original form or incorporated into other end-items without the prior
written approval of the US Department of State''.  Then I'm to present
the SED and export license to a Customs official at the airport before
I leave.  The Customs officer is supposed to take my SED and endorse
my license to show what I'm actually taking out of the country.

On the way back in, I'm supposed to ``declare'' my item at Customs
(even though it was manufactured in the US) and show them my license,
and they're supposed to endorse the license again as proof that I
have, in fact, returned the ``defense article'' to the safety of the
United States.

The first hitch I ran into was that no one could actually tell me
where I could get an SED form.  But when I called Customs they assured
me that this was no big deal.  ``Just come by when you get to the
airport and we stamp the license.  I guess you can just fill out the
SED there,'' they said.

I made sure to get to the airport early anyway.

Although there was moderately heavy traffic near the airport, I made
it to JFK two and a half hours before my 10pm flight.  I was flying
United, which has their own terminal at JFK, so Customs has an office
right there in the same building from which I was to depart (JFK is
awful to get around, so I was glad for this).  I checked in for my
flight (and got upgraded to first class, which bolstered my
expectation that everything was going to be really easy from here on).
Then, luggage, license and phone in hand, I made my way downstairs to
Customs, expecting to fill out the SED form and ``just have my license
stamped'' as they had assured me earlier on the telephone.  I
explained my situation to the security guard who controls entry to the
Customs area, and he led me to ``the back office'' without much
argument or delay.  The head uniformed Customs guy in the back office
(which I think is same office where they take the people suspected of
being ``drug mules'' with cocaine-filled condoms in their stomaches)
looked approachable enough.  He had a sort of kindly, grandfatherly
manner, and he was playing a video game on a laptop computer.  I got
the impression that most of the people he encounters are suspected
drug smugglers, and he seemed pleased enough to be dealing with
something a little different from the norm.  When I explained what I
was doing he looked at me as if I had just announced that I was a
citizen of Mars who hadn't even bothered to obtain a visa.

He explained, carefully, that a) I really do need the SED form; b) not
only that, I should have already filled it out, in duplicate; c) he
doesn't have blank SED forms; d) he, like everyone else in the entire
US government that I had spoken to, has no idea where one gets them
from, but people must get them from somewhere; and e) it doesn't
really matter, because I'm in the wrong place anyway.

I asked him where the right place is.  ``The cargo building, of
course,'' he told me, patiently.  I remembered the cargo building
because I passed it in the taxi just as the traffic jam began, about
half an hour before I got to the United terminal.  The airport shuttle
bus doesn't stop there.  I'd have to call a taxi.  ``But I think
they're closed now, and even if they were open you'd never make it
before your flight'' he helpfully added, saving me the trip.  He also
complemented me for going to the trouble to get the license.

I must have looked hurt and confused.  Eventually he called in some
fellow in a suit who I presume to have been his boss.

``Are you the guy who wants to export the fancy gun?'' the fellow in
the suit asked me.

``It's not a gun, it's a telephone,'' I responded, with a straight
face.

``Why do you have a license to export a telephone?''  Good question, I
thought.  I explained about the export law and showed him the thing.
He agreed that it looked pretty harmless.

The fellow in the suit reiterated points a through e almost verbatim
(do they rehearse for these things?) and explained that this isn't
really their department, since my license was issued by the State
Department, not Customs, and my situation doesn't come up very often
because exports usually go via the cargo building.  He'd love to help
me, but the computer in which these things get entered is over in
Cargo.  ``That's how the records get made.  But you do have a valid
license, which is nice.''  He also suggested that I would have had an
easier time had I shipped the device instead of carrying it with me.

I asked what I should do, given that my plane was scheduled to leave
in less than an hour.  Neither was sure, but the fellow in the suit
seemed willing leave it to the discretion of the uniformed guy.  ``How
does this thing work, anyway?'' he asked.  I explained as best as I
could, trying to make it sound as harmless as it is.  ``You mean like
that Clipper chip?'' he asked.

At this point, given that he has a computer and knows something about
the Clipper chip, I figured that maybe there was some hope of making
my flight.  Or maybe I was about to spend the night in jail.  In my
mind, I put it at about a 90:10 hope:jail ratio.

Then he asked, ``Do you know about this stuff?''

So we chatted about computers and cryptography for a while.  Finally,
the two of them decided that it wouldn't really hurt for them to just
sign the form as long as I promised to call my lawyer and get the SED
situation straightened out ASAP.  They assured me that I won't be
arrested or have any other trouble upon my return.

I made my flight, validated license in hand.

An aside: Throughout my trip, I discovered an interesting thing about
the phone and the various options I was carrying with it.  Under X-ray
examination, it looks just like some kind of bomb.  (I suspect it was
the coiled handset cords).  Every time I went through a security
checkpoint, I had to dig the thing out of my luggage and show it to
the guard.  I almost missed the new ``Eurostar'' chunnel train (3hrs
15mins nonstop from London to Brussels, airport-style checkin and
security) as the guards were trying to figure out whether my telephone
was likely to explode.

Coming back to the US was less eventful, though it did take me an
extra hour or so to get through Customs.  Expecting a bit of a hassle
I didn't check any luggage and made sure to be the first person from
my flight to reach the Customs line.  The inspector was ready to
wordlessly accept my declaration form and send me on my way when I
opened my mouth and explained that I needed to get an export license
stamped.  That was obviously a new one for him.  He finally decided
that this had to be handled by something called the ``Ships Office''.
I was sent to an unoccupied back room (a different back room from
before) and told to wait.  I thought about the recent Customs
experiences of Phil Zimmermann.  (Zimmermann, the author of a popular
computer encryption program, was recently detained, questioned and
searched by Customs officials investigating whether he violated the
same regulations I was trying so hard to follow.)  After about half an
hour, an officer came in and asked me what I needed.  I explained
about my export license that had to be endorsed.  She just shrugged
and told me that she had to ``process the flight'' first.  As best as
I could tell, her job was to clear the airplane itself through
Customs, that being, technically speaking, a very expensive import.
It would take a little while.  She was pleasant enough, though, and at
least didn't look at me as if she intended to send me to jail or have
me strip searched.

Finally, she finished with the plane and asked me for my form.  She
studied it carefully, obviously never having seen one before, and
eventually asked me what, exactly, she was supposed to do.  I
explained that I had never actually gone through this process before
but I understood that she's supposed to record the fact that I was
re-importing the device and stamp my license somewhere.  She told me
that she didn't know of any place for her to record this.  After some
discussion, we agreed that the best thing to do was to make a Xerox
copy of my license and arrange for it to go wherever it had to go
later.  She stamped the back of the license and sent me on my way.  It
was a little over an hour after I first reached the Customs desk.

My conclusion from all this is that it just isn't possible for an
individual traveler to follow all the rules.  Even having gone through
the process now, I still have no idea how to obtain, let alone file,
the proper forms, even for a device that's already been determined to
be exportable.  The export of export-controlled items is ordinarily
handled by cargo shipment, not by hand carrying by travelers, and the
system is simply not geared to deal with exceptions.  Technically
speaking, everyone with a laptop disk encryption program who travels
abroad is in violation of the law, but since no one actually knows or
checks, no mechanism exists to deal with those who want to follow the
rules.  While (fortunately) everyone I dealt with was sympathetic, no
one in the government who I spoke with was able to actually help me
follow the rules.  I was permitted to leave and come back only because
everyone involved eventually recognized that my telephone was pretty
harmless, that my intentions were good, and that the best thing to do
was be flexible.  If anyone had taken a hard line and tried to enforce
the letter of the law, I simply wouldn't have been able to take the
thing with me, even with my license.  Had I just put my telephone in
my suitcase without telling anyone instead of calling attention to
myself by trying to follow the rules, chances are no one would have
noticed or cared.

Unfortunately, however, these absurd rules carry the full force of
law, and one ignores them only at the risk of being prosecuted for
international arms trafficking.  While it may seem far-fetched to
imagine US citizens prosecuted as arms smugglers simply for carrying
ordinary business products in their luggage, the law as written allows
the government to do just that.  At the same time, anyone who is aware
of and who tries to follow the regulations is made to jump through
pointless hoops that are so obscure that even the people charged with
enforcing them don't know quite what to make of them.

Copyright 1995 by Matt Blaze. All rights reserved.

Electronic redistribution permitted provided this article is reproduced
in its entirety.

------------------------------

Date: Fri, 6 Jan 1995 16:36:05 -0800
From: Phil Agre <[email protected]>
Subject: Work monitoring

The *Wall Street Journal* has a couple of articles about work monitoring:

 Amy Stevens, Clients second-guess legal fees on-line, The Wall Street
 Journal, 6 January 1995, page B1.

This article discusses several law firms whose clients get daily updates on
their bills, including explanations for each billed bit of time.  Not all
lawyers are happy about this, as one might imagine.  They probably won't get
a lot of sympathy, but imagine a world in which everyone billed by the minute
in real time and had to explain any given minute to the customer on demand.

This trend may be relevant to another article on the same page:

 Barbara Carton, What's up doc?: Stress and counseling, The Wall Street
 Journal, 6 January 1995, page B1.

It's about the growth of stress management programs for doctors who can't
handle being made to see a new patient every fifteen minutes regardless of
the nature of the cases.

Phil Agre, UCSD

------------------------------

Date: Fri, 6 Jan 1995 15:17:07 -0500 (EST)
From: Cris Pedregal Martin <[email protected]>
Subject: GRE by computer, the sequel (RISKS-15.30, Dec 1993)

GREetings!  Just over a year ago *The New York Times* reported that the GRE
would be (partially) administered with the use of computers. The system was
to be "adaptive" (i.e., questions were selected by the computer based on
previous answers by the person tested).  I pointed out some RISKS in the use
of computers for this in general, and the "adaptive" strategy in particular.

I overlooked a simpler RISK.  According to a story by Alice Demnner in
today's *Boston Globe* (1995 Jan 6, p.4), the computerized GRE has problems
because of *recycled questions*.

Apparently questions repeated so frequently that they could be memorized
and given to other test takers.

The Educational Testing Service (ETS, the private entity that administers
GRE) is "eliminating about three-quarters [!] of the test dates scheduled in
the next five months;" ETS is also "adding questions to the exam."  [Which I
interpret to mean that they won't change the length but will add more
questions to the pool from which the program draws its questions--CPM]
[Well, I interpreted an earlier article to suggest merely that they would
cut down on the opportunities for people to reuse the same answers!  PGN]

The problem was identified by Kaplan Educational Centers, which expressed
doubts that the ETS would be able to cope with the demand for testing with
their reduced schedule.

I guess the lesson is to never underestimate the simplest risks. The
other lesson, not to base a lot on the GRE scores, was always there.

Cris Pedregal Martin                      [email protected]
Computer Science Department            UMass / Amherst, MA 01003-4610

------------------------------

Date: Thu, 5 Jan 1995 21:20:27 +0100
From: [email protected] (Heinz Wrobel)
Subject: More on "Cell phones in Israeli army"

>From the german newspaper "Starnberger Merkur", January 4th, 1995:

[Sorry, my translation and spelling may be inadequate. I try to get the
meaning across.]

   Pizza in the fields

   Cellular phones make it possible: Israeli soldier's like to order pizza
   delivered even on delicate duty at the lebanon border. [...]
   Almost every night they order food at pizza places and restaurants in
   the neighbourhood. [...] Some pizza joints can already find out about
   troop movement by analyzing the orders.

Even if this currently an exaggeration, it might definitely be a risk for
some.

Heinz Wrobel   [email protected]

  [Ah, yes, the old pizza inference strikes again.  We have had
  various reports in the past relating to increased late-night
  activities in the White House, the Pentagon, etc.  The intelligence
  term for preventing this kind of inference is OPSEC.  I guess in the
  old days it was the apple vendors rather than the pizza parlors that
  were being watched.  This of course led to OPSECing the apple cart.  PGN]

------------------------------

Date: 6 Jan 1995 16:35:44 GMT
From: [email protected] (Douglas W. Jones)
Subject: Re: Adopting Programming Improvements (Ballard, RISKS-16.71)

In RISKS-16.71 Fred Ballard <[email protected]> discussed the
problems with getting programmers to use new features of programming
languages in their code.  He commented that the example of surgeons learning
to wash their hands before surgery suggested that we should expect long
delays between the introduction of a feature in a language, for example, the
ANSI COBOL solution to the date problem, and the utilization of that feature
by "front line" programmers.

I believe that there's a sound engineering reason for many programmer's
failure to adopt new features of programming languages.  It's more than just
ignorance and cussed stubbornness that keeps some of us writing in, for
example, Kernighan and Ritchie C instead of newer versions of the language!

If I am writing software for a specific system, I have no reason not to
use the full language that happens to be supported on that system.  On
the other hand, if I am writing software intended to be portable, I have
every reason to avoid new features and language extensions.  Each such
feature I use will add to the complexity of the instructions I must give
for porting the program, and each such feature may prevent some potential
user from running my code.

For example, if I want to write code using a sophisticated GUI on UNIX,
you'd probably advise me to use C++ and Motif, or some similar combination
of tools.  On the other hand, not all UNIX systems have C++, and not all
have Motif.  If I want to minimize the work needed to port my code to
new systems, I'd better stick to the older, more universally available
standards, the Xt widget set and K&R C.  Anyone with a UNIX system
supporting X will have those!

Not all system administrators are technophilic, in the sense that they rush
out to get the newest implementation of every language or toolkit as soon as
it's released, and as system administration is decentralized, with each
workstation user responsible for upgrading their software, more and more
people will be running ancient compilers and toolkits simply because it's
too much of a hassle to keep installing the newest versions of every
language on their system.

Doug Jones   [email protected]

------------------------------

Date: Fri, 6 Jan 1995 16:38:12 -0500 (EST)
From: Kenneth Albanowski <[email protected]>
Subject: Re: CompuServe-Unisys GIF Tax Protest (Bishop, RISKS-16.71)

> This standard needs to:
> 1) Be compact
> 2) Decode fast
> 3) Be free from patent/copyright restrictions
> 4) Be rapidly available
>
> JPEG is certainly a candidate as it is a public standard. The only
> drawback is the slow decoding time.

I'm not saying that replacing GIF is the best solution, but I should point
out some additional factors that would be useful in a generalized image
format:

* The image format should allow for commentary text.

* The image format should be able to contain arbitrary binary data.

* The image format should support "partial retrieval" where the image data
can be used to construct a low-res version before the entire image is
received. Currently I am only aware of one application, Netscape, that can
make use of this feature, but it is invaluable on low-bandwidth connections.

GIF supports all of these features, although they aren't heavily used.
Various applications make use of the comment field. Fractint uses custom
"tagged" data to store fractal generation parameters in the image, and
Netscape can use interlaced GIFs to support low-to-high resolution retrieval
of an image.

GIF has turned out to be an extremely important and useful graphics format,
with some of it's features (like interlacing) only beginning to be used.
Before replacement of something is considered, we must fully understand what
it is we already have.

Kenneth Albanowski ([email protected], CIS: 70705,126)

------------------------------

Date: 22 December 1994 (LAST-MODIFIED)
From: [email protected]
Subject: Info on RISKS (comp.risks), contributions, subscriptions, FTP, etc.

The RISKS Forum is a moderated digest.  Its USENET equivalent is comp.risks.
Undigestifiers are available throughout the Internet, but not from RISKS.

SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) on
your system, if possible and convenient for you.  BITNET folks may use a
LISTSERV (e.g., LISTSERV@UGA): SUBSCRIBE RISKS or UNSUBSCRIBE RISKS.  U.S.
users on .mil or .gov domains should contact <[email protected]>
(Dennis Rears <[email protected]>).  UK subscribers please contact
<[email protected]>.  Local redistribution services are
provided at many other sites as well.  Check FIRST with your local system or
netnews wizards.  If that does not work, THEN please send requests to
<[email protected]> (which is not yet automated).  SUBJECT: SUBSCRIBE
or UNSUBSCRIBE; text line (UN)SUBscribe RISKS [address to which RISKS is sent]

CONTRIBUTIONS: to [email protected], with appropriate,  substantive Subject:
line, otherwise they may be ignored.  Must be relevant, sound, in good taste,
objective, cogent, coherent, concise, and nonrepetitious.  Diversity is
welcome, but not personal attacks.  PLEASE DO NOT INCLUDE ENTIRE PREVIOUS
MESSAGES in responses to them.  Contributions will not be ACKed; the load is
too great.  **PLEASE** include your name & legitimate Internet FROM: address,
especially from .UUCP and .BITNET folks.  Anonymized mail is not accepted.
ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY.
Relevant contributions may appear in the RISKS section of regular issues
of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise.
All other reuses of RISKS material should respect stated copyright notices,
and should cite the sources explicitly; as a courtesy, publications using
RISKS material should obtain permission from the contributors.

CURRENT ARCHIVES: "ftp unix.sri.com<CR>login anonymous<CR>YourName<CR>
cd risks<CR> or cwd risks<CR>, depending on your particular FTP.
Issue J of volume 16 is in that directory: "get risks-16.J<CR>".  For issues
of earlier volumes, "get I/risks-I.J<CR>" (where I=1 to 15, J always TWO
digits) for Vol I Issue j.  Vol I summaries in J=00, in both main directory
and I subdirectory; "bye<CR>"  I and J are dummy variables here.  REMEMBER,
Unix is case sensitive; file names are lower-case only.  <CR>=CarriageReturn;
UNIX.SRI.COM = [128.18.30.66]; FTPs may differ; Unix prompts for username,
password; [email protected] and WAIS are alternative repositories.
Risks can also be read on the web at URL http://catless.ncl.ac.uk/Risks
  Individual issues can be accessed using a URL of the form
  http://catless.ncl.ac.uk/Risks/VL.IS.html
  (Please report any format errors to [email protected])

FAX: ONLY IF YOU CANNOT GET RISKS ON-LINE, you may be interested in receiving
it via fax; phone +1 (818) 225-2800, or fax +1 (818) 225-7203 for info
regarding fax delivery.  PLEASE DO NOT USE THOSE NUMBERS FOR GENERAL
RISKS COMMUNICATIONS; as a last resort you may try phone PGN at
+1 (415) 859-2375 if you cannot send E-mail to [email protected] .

------------------------------

End of RISKS-FORUM Digest 16.73
************************

You are viewing proxied material from gopher.quux.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.