Subject: RISKS DIGEST 17.03
REPLY-TO:
[email protected]
RISKS-LIST: RISKS-FORUM Digest Tuesday 4 April 1995 Volume 17 : Issue 03
FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator
***** See last item for further information, disclaimers, etc. *****
Contents:
Chunnel has ghost trains (Lord Wodehouse)
Overzealous clock correction? (Robert Rhode)
Israelis cough at the name of "Kaf" (Edward P Ravin)
A Tale of Two Organs... (Matthew D. Healy)
Mysteries of the Mind psychological SW advertisement (Rodney D. Van Meter)
Police cop it from computer (Jon Hunt)
Japanese transcription (was Re: Patent searchers) (Rodney D. Van Meter)
OSHA Ergonomics draft (Jim Horning)
Software safety, new handbook, standards (Archibald McKinlay via Jim Horning)
Andersen Law Suit Report (Bernard Robertson-Dunn via Jim Horning)
Complexity (was RISKS of non-standard interfaces) (Bob English)
Re: More on German Train Problems (Branam)
Is there a RISK in misremembering SF novels? (Peter da Silva)
Re: Self-Censorship of NetPorn (Jerry Leichter)
Info on RISKS (comp.risks), contributions, subscriptions, FTP, etc.
----------------------------------------------------------------------
Date: Sun, 2 Apr 1995 16:25:15 +0100 (BST)
From: Lord Wodehouse <
[email protected]>
Subject: Chunnel has ghost trains
It was probably to be expected, but the Chunnel trains are in trouble
because of sea water. In today's Sunday Times (3rd April 1995), John Harlow
writes that because of unexpectedly (really?!) high levels of sea water,
rogue signals are sent to the drivers and controllers of trains. The
drivers get 3 red flashing lights and have to do an emergency stop and wait
until controllers have checked the position of all trains in the tunnel,
radio back and reset the signals, which takes up to about 20 minutes.
A driver for Le Shuttle said there were about 5 emergency stops a week.
They are running about 100 trains a day, so this is not many, but there
should be no ghost trains at all.
Safety inspectors are worried. On March 17th a train had to stop so
quickly, glasses fell off tables, and another time a lorry moved forward
into another vehicle (the trains carry cars and lorries).
The action of the train at 100mph going through the tunnel raises a mist
of salt water behind it and this short circuits a low-voltage connection
between the rails, which mimics a train.
It appears that engineers have underestimated the effect of sea water,
an excellent conductor of electricity, on trackside electronic equipment.
It is also my belief that they also may have underestimated the corrosive
effects of salt water. This will have the opposite effect and thus cause
other problems.
We wait, for the next ``advanced technology meets old-fashioned, well-known
problem and fails again.''
Lord John - The Programming Peer
[email protected] +44 181 966 2109
------------------------------
Date: Sat, 1 Apr 1995 17:32:47 -0500 (EST)
From: Robert Rhode <
[email protected]>
Subject: Overzealous clock correction?
I run an extension on my Mac that compensates for the error in the
computer's realtime clock by occasionally calling up the Naval Observatory
and checking the difference. It also has the option of automatically
adjusting the clock by an hour for Daylight Savings Time. Apparently, so
does the new System 7.5. Anyone want to guess when I'll arrive at work on
Monday?
- Bob
------------------------------
Date: Wed, 29 Mar 1995 21:49:02 EST
From:
[email protected] (EDWARD P RAVIN)
Subject: Israelis cough at the name of "Kaf"
Israeli military censorship forbids the local press from publishing the name
of the person who heads the internal security police (known as Shin Bet or
"Shabak"). He can only be referred to as "Kaf" (a letter of the Hebrew
alphabet). But the Jerusalem Report of 6 April 1995 says that the chief's
name and address were published in a mid-March message on the Internet
(presumably a Usenet post) "circulated freely to millions of net-users all
over the world." The message, probably circulated by opponents of the man
newly appointed to the post, invited "Internet readers to send 'letters of
congratulation' to the new head man" and gave his correct name and address.
The article went on to note the "anachronism of trying to keep the
secret-service chief's name under wraps in an era when the flow of
information can no longer be controlled." Opponents of "Kaf" have also
"daubed his name in bold letters on the censor's office in Jerusalem."
[A Feted Kaf or a Fated Kaf? PGN]
On the same page, another story mentions 104 year old Yosef Tzadok,
who has 24 grandchildren and 36 great-grandchildren, but also just
got a notice to register at a Jerusalem kindergarten because his
birthday was recorded in a computer somewhere as "December '90"...
[Not the first, but yet another premonition of things to come. PGN]
------------------------------
Date: Sun, 2 Apr 95 14:17:07 PST
From:
[email protected]
Subject: Police cop it from computer
[This incident is amusing and bizarre, but I doubt that it is very uncommon.]
Police cop it from computer (Eugene Bingham, NZ Herald, Thursday 30 March 1995)
A police information-gathering exercise turned into a matchmaking fiasco
as a computer system went haywire. Printouts sent to staff this week as
part of the police department census have recorded as fact a large number of
nonsensical living arrangements.
If the census forms are to be believed:
- A policewoman stationed at an Auckland City base is married to
the wife of another policeman.
- Another female colleague is married to four officers.
- Eight officers at a West Auckland station have the same mother.
"It is obviously a real big screw-up," a police source said yesterday.
"Everyone thinks it is hilarious."
The problems arose when staff began opening the census forms and read a
page of personal information supposedly held on police records. It is
understood hundreds of errors are contained in the section recording
next-of-kin details. Embarrassed police officials said yesterday that a
computer glitch had led to the mistakes.
Superintendent Jon White, in charge of human resources planning, said the
computer became confused when no information appeared in a staff member's
next-of-kin file. "It picked up other records and inserted them in their
place." Mr White said the mistake was "most unfortunate and regrettable."
"Fortunately, most of the staff see the amusing side."
Those affected by the glitch have simply been told to cross out the wrong
information and send the corrected form back. Mr White said the problem
highlighted the fact that many officers had let their personal information
file become out of date. It was important to keep the next-of-kin
information up to date. The census, covering sworn and non-sworn staff,
aims to establish a databank of information about the police department.
[email protected] Christchurch, New Zealand
------------------------------
Date: Wed, 29 Mar 1995 18:17:25 -0800
From:
[email protected] (Rodney D. Van Meter)
Subject: Mysteries of the Mind psychological SW advertisement
I received in the mail yesterday an advertisement for a CD ROM called
"Mysteries of the Mind". It includes several (apparently) Eliza-like
programs that provide you with psychological counseling. While it is
referred to as edutainment software, the advertising makes some
extraordinary claims. For example:
Exiting [sic] new technology gives you...advantage in...relationships
and even sex!
No More:
* Hopelessness in your life
...
* Horrible sensation of Stress and Depression"
Thoughts of liability when somebody kills themself after an
unproductive session with MotM cross my mind.
It refers later to the "loving, personal guidance of World's best
psychological software". Now we get into the issues of falling in love with
your computer (or robot) that is a popular topic in science fiction.
It may be entertaining to use, and perhaps be relaxing, both of which are
good, but the thought of people with real problems relying on this rather
than seeking professional human help ought to cause the authors to lose
sleep at night.
Still, is it any worse than the multimillion-dollar self-help book business?
Does this potentially represent a fundamentally different problem, or is it
only a matter of degree?
Perhaps it is even a good thing (self-help books arguably are), but it's
certainly not without a downside.
--Rod
------------------------------
Date: Mon, 03 Apr 1995 12:19:43 -0500
From:
[email protected] (Matthew D. Healy)
Subject: A Tale of Two Organs...
{The New York Times}, 3 Apr 1995, has an interesting article about two organ
restorations in Paris.
In late 1992, a much-ballyhooed renovation of the organ at Notre-Dame in
Paris was declared complete, to much publicity. About a year earlier, to
much less fanfare another Paris organ (at St Sulphice and nearly as large)
had been put into service after it was renovated.
The St Sulphice restoration was done in a very traditional manner; the
president of the firm doing the job told the {Times} that if there was any
difference in sound (except for fixing actual problems) after his work, then
he'd failed. He saw his company's job as nothing more or less than making
the organ work precisely as it had the day it was built. The only
electrical part in the restored organ is the air pump. And everyone agrees
that the company did a most competent job, exactly as planned.
Notre Dame is a very different story. They installed a new high-tech
computer system that allows unheard-of flexibility:
Literally any combination of pipes can be programmed to operate with
any key -- total freedom of registration, so a "stop" is just a
subroutine
A performance can be recorded, then played back with microsecond
accuracy at any later time
etc., etc. -- lots of bells and whistles (so to speak :-)
And it has been a disaster! Only after months of debugging has it reached
the point of being able to get through a Sunday service without glitches.
Now there's talk of replacing the computer with a more conventional
electronic control system -- one that does nothing more or less than
did the old relays that had been used before the renovation. The pipes
and valves are all working perfectly, so once they sort out the control
system, they'll be in good shape.
The basic problem was a classic indeed: going directly to full-scale
implementation of new and untested technology without first building
a prototype! This should be familiar to all regular RISKS readers.
[email protected] Postdoc, Genetics & Medical Informatics
http://paella.med.yale.edu/~healy/matt_healy.html
------------------------------
Date: Wed, 29 Mar 1995 17:56:35 -0800
From:
[email protected] (Rodney D. Van Meter)
Subject: Japanese transcription (was Re: Patent searchers)
In risks 17.01, John Gray <
[email protected]> wrote, quoting from
New Scientist:
entries in the EPO's international Inpadoc database for patent applicants
called Robaato Uiraaton Furemingu, Uiriamu Bii Reisufuiirudo, Bii Oo Shii
Guruupu and Kuringe Fuarama... Japanese tapes contain names which have
been translated from Western originals into pictorial characters and back
again by computer.
First, to correct a point: Japanese writing consists of three complementary
character sets: the kanji borrowed from Chinese, hiragana, and katakana.
Only the first is pictogram-derived, the other two are phonetic. Foreign
loan words are always written using katakana. Thus, the statement above
misrepresents the source of the problem.
In addition, the "corrected" name Laceford, from looking at the above, seems
more likely to have been Lacefield (because of the double-i).
In Japanese (both written and spoken) there are a number of limitations that
make it impossible to render every English word or name correctly (or even
unambiguously): for example, 'th', 'w', and 'v' are essentially impossible
to represent; the sound 'shi' is made to work for the English equivalents of
'si', 'shi' and 'thi'; 'v' and 'b', sometimes 'j' and 'z', and of course the
infamous 'r' and 'l' cannot be distinguished.
This leads to an entire field of (sometimes amusing) problems well known
among language students. One of my favorites from even before they filed
Chapter 11 is that Thinking Machines rendered in katakana becomes (roughly)
"shinkingu mashiinzu" -- which can then be reread in English as either
"Thinking Machines" or "Sinking Machines".
Because of the ambiguities introduced, even if heuristics were developed for
translating Japanese katakana words back into English (or other languages),
they could never be 100% perfect. Seeing the katakana for the above
Laceford(field?), it could be reread as Raceford or perhaps even Raysford.
Even in relatively unambiguous cases, English variations in spelling (Jon or
John?) and homonyms (bite or byte?) are troublesome without using context,
where "context" may have to include _a priori_ knowledge of the correct
spelling of individuals' names.
The problem is not one-way; seeing Japanese or Chinese words rendered in the
Roman alphabet often leaves their corresponding Chinese characters
ambiguous, and without the help of diacritics Chinese pronunciation cannot
be fully represented in the Roman alphabet.
The problem extends to further levels that are related to the overall
difficulties of searching and indexing free text as well as the difficulties
of translation; I have seen the name of the religious sect likely to be
charged with last week's Tokyo (toukyou, if you transliterate the Japanese
pronunciation) subway attack written in English newspapers as variously Oom
Shinri Kyo (roughly the Japanese pronunciation), Aum Shinri Kyo and Aum
Supreme Truth.
And of course for Chinese there are several methods of romanizing names; is
a search engine supposed to equate Qing and Ching? And how many automated
indexing systems will correctly work with, for example, the name !Kung?
It goes up another ugly level when you begin to discuss translating articles
originally written in Japanese about Chinese persons, places or historical
events; the Japanese use the Chinese characters but their own pronunciation,
while we use (roughly) the Chinese pronunciation but know nothing about the
characters.
None of this is news to language students or developers or users of machine
translation systems, and these fundamental problems are likely unsolvable,
despite the progress of machine translation systems. But with the huge
volumes of material to be translated, how can we do any better than living
with what the best machine translators produce? For that matter, accurate
human translation often requires the active participation of the original
author.
The risks, besides the above problems of search and index? How about
international banking and medical records never getting correctly
reconciled, or worse, getting improperly reconciled? Are we going to have to
go above the U.S. Social Security Number to an internationally valid
identifier? Talk about Orwellian consequences...
--Rod
------------------------------
Date: Wed, 29 Mar 95 17:52:53 -0800
From:
[email protected]
Subject: OSHA Ergonomics draft
[Anyone concerned with RSI and the like might be interested in this,
available via the University of Utah starting at URL
http://tucker.mech.utah.edu/
and probably various other places. Jim H.]
Note from OSHA
These draft pre-proposal materials are intended to facilitate informed
discussion as the Occupational Safety and Health Administration (OSHA)
develops an Ergonomic Protection Standard. These materials are not being
promulgated as a rule or standard. They do not constitute either a Notice of
Proposed Rulemaking or a source of official OSHA guidance on ergonomics.
Until such time that a final Ergonomic Protection Standard is adopted, OSHA
will continue to rely on Section 5(a)(1) of the Occupational Safety and
Health Act (the "General Duty Clause") for enforcement authority. Failure to
adhere to any draft requirement or guideline in these materials is not a
violation of the General Duty Clause; use of these materials to assist in
ergonomic protection may indicate that workplace hazards are receiving
adequate attention.
------------------------------
Date: Wed, 29 Mar 95 17:58:52 -0800
From:
[email protected]
Subject: Software safety, new handbook, standards [Fwd from sci.engr.safety]
>From:
[email protected] (Archibald McKinlay)
Subject: Software safety, new handbook, standards
Date: Tue, 28 Mar 1995 12:47:28 -0600
Software Safety Engineering
New software safety handbook:
sponsored by the US military services, pending NASA, FAA and Coast Guard
joining. Book is structured to be compatible with process oriented
software development (ISO 12207, DOD-STD-498, IEEE 1498/EIA IS-640) in
similarly oriented system engineering life cycle (EIA 632, IEEE 120) and
usable for inspections and reviews (IEEE 1028, ISO 9000-3 and/or TickIT).
Any acquisition, development and fielding life cycle, including re-use,
can be configured/tailored from the "building block" approach. A list of
"best practices" is envisioned as an appendix. Possible CD ROM version
under investigation. A display will be given at the System Safety Society
meeting in July in San Jose, CA, and at the American Society of Safety
Engineers Technology 2000 in Orlando, FL, in June. A similar tutorial is
hoped for at COMPASS in Gaitherberg, MD, in late June 95. An industry
review period is expected beginning in Sept 1995.
IEC 1508 "Functional Safety: Safety related systems".
Work began and otherwise known as IEC/SC65A working groups 9 & 10 now
re-named IEC 1508. Standard will be released for review in mid 1995 in
seven parts. Part 1 is general requirements, part 2 requirements for
electrical/electronic/ programmable electronic systems, part 3 software
requirements, part 4 definitions, part 5 guidelines on application of part
1, part 6 guidelines on application of parts 2 and 3, part 7 bibliography
of techniques. This standard will apply to industrial and consumer goods.
Extension standards for specific industries is encouraged, hence a medical
device and software (databases?) standard has already been formed.
Robotics, fire detection and suppression, elevators, off shore rigs,
automobile and aircraft parts are expected to be effected.
UL 1998 (Underwriter's Laboratory) Standard for Safety-related Software
"Standard is to be used in conjunction with current methods used to
investigate hardware. The standard covers both software that directly
controls safety-related functions and software that has the potential to
pose a risk of injury to persons or loss of property. (quoted from UL
cover letter)". This standard is appended to end product standards, which
include: solid state controls for appliances, primary safety controls for
gas and oil fired appliances, molded case circuit breakers and enclosures,
industrial control equipment, temperature indicating and regulating
equipment, burglar alarm communicator systems, and information technology
equipment.
System Safety Society and commercial STD-882
The System Safety Society is working with a standards group to make
available a commercial version of MIL-STD-882. This standard is in work
and a rough draft has been produced for the committee use. There is
currently no commercial equivalent that covers all aspects of a system
safety program. This will be usable for safety V&V and audits. Software
safety should be included.
------------------------------
Date: Wed, 29 Mar 95 18:46:19 -0800
From:
[email protected]
Subject: Andersen Law Suit Report [Fwd from comp.software-eng]
>From: Bernard Robertson-Dunn <
[email protected]>
Subject: Andersen Law Suite Report
Date: 27 Mar 1995 09:33:02 GMT
The following report appeared today (Monday 27 March 1995)
in the Australian Financial Review.
Andersen Charged
Andersen Consulting is charged with fraud, incompetence and neglect in a
$US100 million lawsuit filed by UOP, a US-based engineering company. In its
lawsuit, which also seeks unspecified punitive damages, UOP said Andersen
Consulting bungled the development of computer systems it needed to help
manage its business. The company's complaint alleges that after winning the
contract, Andersen Consulting's "ineptitude and deception" caused late
deliveries, "bilked millions" of dollars from UOP and wound up supplying a
computer system that was largely unusable. Bloomberg
[Anyone know any more? brd]
------------------------------
Date: 28 Mar 1995 19:50:26 GMT
From:
[email protected] (Bob English)
Subject: Complexity (was RISKS of non-standard interfaces, Cook, RISKS-17.01)
: ... much of the problem we have with medical devices is the result of
: designers attempting to produce a device surface that _appears_ simple
: but actually hides a wealth of complexity...
The same comment applies to most of the "computer-" and "software-" related
risks discussed in this forum. Computer and software risks are not
fundamentally different from other types of risks. In all cases, the root
cause of unexpected behavior lies in the complexity of the total system, not
in the nature of its components. And when we build systems to perform
complex functions, the systems we build are necessarily complex.
There are, of course, reasons to build complex systems. Consider the often
attacked practice of using software in safety-critical systems, like
airplanes. Aircraft companies compete with one another to build the most
efficient planes, and as in so many cases, squeezing the last bit of
efficiency out of a plane introduces a great deal of complexity into the
design. In order to realize the gains, manufacturers have to find ways to
allow the planes to be flown with a minimum amount of crew, so they turn to
computers to help them manage the complexity, a step that increases (rather
than decreases) the complexity of the plane.
The fact that something is complex and sometimes behaves unexpectedly does
not mean that it's overall performance is not more beneficial than a less
complex alternative. A more complex, more efficient plane, for example, may
reduce the cost of air travel, allowing more people to choose air travel
over other, riskier modes of transportation (it could be argued, for
example, that air travel is currently too safe, because the close attention
to safety raises the cost of short-haul flights and encourages people to
drive instead). An infuser interface that hides complexity from the user
may allow infusers to be used beneficially in more circumstances than they
otherwise would, and those benefits may outweigh the costs of the cases
where the infuser causes harm.
With sufficiently complex systems and sufficiently large stakes, however, it
is very difficult to make reasonable judgements about the tradeoffs, and
even if we make good judgements, we are unlikely to be comfortable depending
on systems whose behavior we will never fully understand.
--bob--
------------------------------
Date: 3 Apr 1995 16:50:59 GMT
From:
[email protected]
Subject: Re: More on German Train Problems (Weber-Wulff, RISKS-17.02)
In RISKS-17.02, Debora Weber-Wulff indicates surprise at the use of a stack
and "dynamic data structures in a safety-critical system", the Deutsche
Bahn's new train control system. While my experience with real-time
development is limited, and I have no experience whatsoever in
safety-critical systems, I would not fault them for using a stack-based
architecture. Dynamic data structures, whether stack or heap, are a
reasonable means for managing limited memory resources, provided there is a
means for storing critical data in permanent, recoverable structures in an
atomic fashion.
Where I would fault them is for not being aware of the behavior and capacity
requirements of their system under load and overload conditions. Were they
unaware of the depth of their deepest routine call tree? Or, since this was
apparently related to the number of trains being managed, was it a recursive
algorithm run amok? A little more modeling and testing by a few paranoid
personalities would be in order (my belief is that every project should have
a "token pessimist" to combat the general Barney-like optimism that pervades
most development work). Further, I would expect a railroad to have done
significant capacity planning (how many trains on the tracks at different
hours, etc.), which would be used as input into the design and test phases.
It's not like they haven't seen rush hour and holiday loads before.
Running out of memory is a common risk in dynamic memory management. The
naive programmer will simply assume that all allocations are successful (or
that the system will deal with allocation failures in a benign and
acceptable manner), and is generally unaware of this latent bug because he
fails to test the system under sufficient load. The defensive programmer
will assume that all allocations will fail, and structure the software to
handle such a case. This is a critical decision that can totally alter the
design of a program; it is not easy to retrofit defensive code into software
that was not built with a defensive frame of mind.
------------------------------
Date: 3 Apr 1995 11:03:22 -0500
From:
[email protected] (Peter da Silva)
Subject: Is there a RISK in misremembering SF novels?
The Stars My Destination is an excellent book, and the descriptions of the
methods people used to prevent folks jaunting into their houses are
analogous to the current use of firewalls, but I don't recall this
particular RISK being brought up in that book.
So far as my own poor memory recalls, the "Flash Crowd" idea is Niven's. It
was first brought up in the short stories "Flash Crowd", "All the Bridges
Rusting" and "The Last Days of the Permanent Floating Riot Club". Many of
Niven's other transfer booths stories like "A Kind of Murder" are equally
appropriate to the Internet.
[Martin Poole <
[email protected]> also noted TLDotPFRC. PGN]
------------------------------
Date: Sun, 2 Apr 95 12:02:11 EDT
From: Jerry Leichter <
[email protected]>
Subject: re: Self-Censorship of NetPorn
Peter Wayner suggests that providers of Web pages (and presumably other on-
line resources) follow in the footsteps of the movie industry and rate their
own materials, so that viewers could be written to limit access by children.
It's a nice idea, but Mr. Wayner fails to understand how the movie rating
system works. First of all, ratings are not, as in Wayner's suggestion,
provide by the producers of movies. Rather, there is a central organization,
composed mainly of non-industry people, who set the standards, preview each
movie, and provide a rating. The rating is subject to negotiation, and
producers can make suggested modifications to get a different rating if they
like. The rating system has been the subject of significant debate between
producers and the rating board. In particular, the "X" rating, originally
meant to describe movies with "adult" themes - "Urban Cowboy" and "Blow Up"
are probably significant early examples of mainstream X-rated movies - soon
came to apply only to pornographic material, and in fact fell into complete
disuse, except for self-ratings by those who made frankly pornographic
material. The ratings board added a trademarked "NC-17" rating a few years
back to have some way to rate non-pornographic but adult material, but it
hasn't seen much use.
The second error is that the movie rating system is in meaningful sense
"voluntary". The vast majority of movie theatres in the US, other than
those specializing in pornographic material, will not show non-rated
material. The reason the X rating fell into disuse was that they wouldn't
show X-rated material either. NC-17 is in trouble because it is avoided by
some of the larger chains, too. More recently, the largest video stores
refuse to rent non-rated or X-rated (or perhaps NC-17-rated) material.
So ... the rating system is "voluntary", so long as you don't mind being shut
out of the market.
As a result, I see little similarity between what Mr. Wayner proposes and the
movie rating system as it actually exists, and little reason to use the
success of one, such as it is, as evidence for the workability of the other.
More generally, I see little reason to believe that "netiquette" will be
sufficient to restrain anyone interested in providing material to the net -
as it has had little effect on flaming, inappropriate commercial postings,
or many other net problems.
-- Jerry
------------------------------
Date: 24 March 1995 (LAST-MODIFIED)
From:
[email protected]
Subject: ABRIDGED Info on RISKS (comp.risks) [See other issues for full info]
The RISKS Forum is a moderated digest. Its USENET equivalent is comp.risks.
SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) on
your system, if possible and convenient for you. BITNET folks may use a
LISTSERV (e.g., LISTSERV@UGA): SUBSCRIBE RISKS or UNSUBSCRIBE RISKS. [...]
REQUESTS to <
[email protected]> (which is not yet automated). [...]
CONTRIBUTIONS: to
[email protected], with appropriate, substantive Subject:
line, otherwise they may be ignored. Must be relevant, sound, in good taste,
objective, cogent, coherent, concise, and nonrepetitious. Diversity is
welcome, but not personal attacks. [...]
RISKS can also be read on the web at URL
http://catless.ncl.ac.uk/Risks
Individual issues can be accessed using a URL of the form
http://catless.ncl.ac.uk/Risks/VL.IS.html [...]
RISKS ARCHIVES: "ftp unix.sri.com<CR>login anonymous<CR>[YourNetAddress]<CR>
cd risks<CR> or cwd risks<CR>, depending on your particular FTP. [...]
[Back issues are in the subdirectory corresponding to the volume number.]
------------------------------
End of RISKS-FORUM Digest 17.03
************************
