22-Mar-87 22:22:21-PST,14334;000000000000

22-Mar-87 22:22:21-PST,14334;000000000000
Mail-From: NEUMANN created at 22-Mar-87 22:20:58
Date: Sun 22 Mar 87 22:20:58-PST
From: RISKS FORUM (Peter G. Neumann -- Coordinator) <[email protected]>
Subject: RISKS DIGEST 4.66
Sender: [email protected]
To: [email protected]

RISKS-LIST: RISKS-FORUM Digest Sunday, 22 March 1987 Volume 4 : Issue 66

FORUM ON RISKS TO THE PUBLIC IN COMPUTER SYSTEMS
ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Contents:
Question for Risks Readers on Overcoming Information Overload with Technology
(Dave Taylor)
Fumes from PC's (Lauren Weinstein)
Re: health hazards of poorly placed CRT screens (Brinton Cooper)
How to lose your ATM card (Jan Kok)
Re: ATM experience (Bruce McKenney)
Re: Increased Telephone Switching Capabilities (Dan Graifer)
Releasing the phone line (edg)
Automatic dialing devices in Canada (Michael Wagner)
Overconfidence in Airplane Computers? (Ted Lee)

The RISKS Forum is moderated. Contributions should be relevant, sound, in good
taste, objective, coherent, concise, nonrepetitious. Diversity is welcome.
(Contributions to [email protected], Requests to [email protected])
(Back issues Vol i Issue j available in CSL.SRI.COM:<RISKS>RISKS-i.j. MAXj:
Summary Contents Vol 1: RISKS-1.46; Vol 2: RISKS-2.57; Vol 3: RISKS-3.92.)

----------------------------------------------------------------------

From: Dave Taylor <taylor%[email protected]>
To: [email protected] (RISKS FORUM)
Date: Thu, 19 Mar 87 23:50:10 PST
Subject: Question for Risks Readers on Information Overload and Technology
ReSent-To: [email protected]

I'm working on a paper entitled:

Overcoming Information Overload with Technology
(Why It Can't Work) ,

talking about mostly (from the abstract):

Most of the solutions that are commonly posed to the problem of
information overload are to ``build better mousetraps'', the
hope being that the technology will catch up and allow us to
sift through enormous amounts of data easily. I believe that
not only is this thinking flawed, but dangerous, and discuss the
inherent problems from both a technological and cultural perspective.

and would be most interested in any thoughts readers of this digest
had about this subject matter. (It's for the upcoming Directions and
Implications of Advanced Computer Systems conference in Seattle) (not
that I've had it accepted yet, or anything...)

I'm especially interested in horror stories people could tell me about
relying on information filtering systems and finding that they actually
weeded out critical information... Thanks!
-- Dave Taylor <[email protected]>

------------------------------

Date: Fri, 20-Mar-87 08:52:42 PST
From: [email protected] (Lauren Weinstein)
Subject: Fumes from PC's
To: [email protected]

The most likely cause of a problem is OZONE. Created by "high" voltages, it
is commonly associated with sparks and (particularly A.C.) motors. Given
that the average PC circuit board or disk doesn't do much sparking (one
hopes!) a possible culprit is the fans commonly on power supplies or other
equipment in PC's. These are usually driven by A.C. motors. If the fan(s)
brushes are sparking internally (this will generally be invisible from
outside inspection), considerable ozone can be created--this is very
irritating to some people and generally not great for anyone (ozone is one
of the commonly measured components of air pollution).
--Lauren--

------------------------------

Date: Fri, 20 Mar 87 13:00:33 EST
From: Brinton Cooper <[email protected]>
To: [email protected]
cc: [email protected]
Subject: Re: health hazards of poorly placed CRT screens

One of the most common causes of neck pain is anxiety (stress). Excessive
worrying about daily use of a CRT might bring on or exacerbate neck pain,
might it not?
_Brint

------------------------------

Date: Fri, 20 Mar 87 11:22 EST
From: Jan Kok <[email protected]>
Subject: How to lose your ATM card
To: [email protected]

Recently an ATM machine (operated by the CA$H Network) confiscated my
card. Here's what happened:

I entered my password, but didn't press the keyboard hard enough, thus
losing the first digit. Realizing what had happened, I pressed CANCEL,
and the machine ejected the card. Since I just wanted to try again, I
poked the card part-way back in, rather than taking the card out as the
machine instructed. The machine didn't "accept" the card, i.e. the
motor which normally pulls in the card didn't operate. At that point I
realized the machine wanted me to take out the card, but by then there
wasn't enough of the card exposed for me to get a grip on it. After I
had fiddled with it for about a minute, a helpful bystander pushed the
card all the way in, and the machine promptly informed me that it had
taken the card and that I should contact my bank. I guess the machine
thought I was tampering.

By the way, the person at the bank told me that when an ATM machine
seizes a card, it chops it in two, so I have to wait a couple of weeks
for a new card. Meanwhile I've opened an account at another bank so
I'll have another card for a different ATM network.

------------------------------

Date: Fri, 20 Mar 87 10:56:54 EST
From: Bruce_McKenney%[email protected]
To: [email protected]
Subject: Re: ATM experience

In reference to the person whose ATM deposit went into the account written
on the back of the check, rather than that associated with the ATM card:

A few months ago, I had precisely the opposite experience: after
carefully filling out the deposit envelope, checking the "Checking
Deposit" box and writing the account number for the checking account,
I inadvertently punched the "savings deposit" button on the machine,
and sure enough that's where it went, much to the detriment of checks
drawn over the next week. Though I confess I failed to study the
deposit receipt closely enough to detect the discrepancy, I was
a bit surprised that the conflicting information didn't set off
red flags somewhere.
A query directed at one of the people who opens those envelopes
received the response "Oh, we never look at what's written on the
envelope". I never did receive a satisfactory answer as to:
1) why, given a choice, information requiring 10 penstrokes (and
presumably a bit more thought) should be ignored in favor of
information requiring only a single button-push (presumably
much more susceptible to accident)
2) (the larger question) why redundant information which could
be useful for cross-checking is requested but ignored. It seems
to me that this latter is a classical issue in hardware,
software, and humanware systems.

------------------------------

Date: Fri, 20 Mar 87 11:13:37 pst
From: [email protected] (Dan Graifer) (tty08)
To: ucbvax!CSL.SRI.COM!RISKS
Subject: Re: Increased Telephone Switching Capabilities

A recent article ("Telephones: Learning Some Manners"; The Economist, March
14, 1987, pg. 82) discusses a pilot project at three exAT&T local operating
companies of a system called Local Area Signalling Service (LASS). The new
technology is a "line history memory" at the originating line's switch which
records the number dialed. This number can be queried by the receiving
line's switch. Some of the capabilities require a new instrument with display
but most do not. The article quotes $5/month marginal cost.

The big gain is in reducing the current invasion of privacy. Most people
wouldn't admit physical persons into their home before determining their
identity, but we don't know who we are going to talk to until we answer the
phone. Other tricks include:

Got a busy signal? Punch a code for automatic reconnect. When both caller
and called lines are free, the system calls the caller and asks if the call
should be completed. Several calls may be pending.

Pick up the phone just in time to hear the other end disconnect? Ask your
local switch to call him/her back.

The incoming identifier phones would be useful to mail order houses etc. to
verify the origination of a call, as well as the privacy application. (The
article also points out that it will prevent calling your spouse from a bar
with a fib about working late.)

The local switch could also contain a "screen list" of numbers for special
treatment; selective call forwarding, call waiting, or exclusion. (The
original system gave a message "At the customers request, your call is not
being completed" to excluded callers. This annoyed a lot of people, so it
was changed to a "fake" ring-no-answer.)

The article also points out that over half of all nuisance calls are placed
from home. The new system will discourage that sort of thing.

I discussed this article with a friend, who made two interesting assertions:

1) The information (calling #) is already available, and is encoded somehow
just prior to the ring spike on the receiving line.

2) He was told by manufacturers of telephone sets that a feature to display
this information on the recipient telephone was against current FCC
regulation.

Such a system opens and closes many abuses of the phone system. The article
mentions nuisance calls and mail order verification. I don't see any
obvious risks to the new features, but I can imagine weird combinations of
screens leading to unintended results.

Can anyone comment on my friend's assertions, or know which three operating
companies were involved in this project?
Dan Graifer

------------------------------

From: [email protected]
To: [email protected]
Subject: Releasing the phone line
Date: 20 Mar 87 11:20:58 PST (Fri)

The issue of automatic callers releasing the phone line is actually
a people issue rather than a technology issue. Most telephone companies
will release an incoming call when the recipient has hung up for about 15
seconds. This does not depend on the caller hanging up. When I was a kid,
we knew that we could move from one phone to another as long as we did so
in less than 15 seconds (and were the recipients of the call) rather than
the callers.

The problem comes when the call is unwanted. The recipient generally hangs
up for as long as it normally takes to get a dial tone (1-2 seconds) and then
goes off-hook, to "check" and make sure that the call was dropped. Naturally,
it was not. The recipient goes on hook for another two or three seconds and
checks again. Call still connected. Panic sets in and a feedback loop
ensues. The recipient is unable to drop the call, not because the line
is being held from outside, but because s/he does not know how to do so.

When I get an unwanted call, I hang up, and walk away. I admit that the
parent trying to call an ambulance does not have this presence of mind,
but in truth, it would work.

This is not to imply that I approve of automatic telephone solicitors.
I consider them to be one of the few things worse than human
solicitors.
-edg

------------------------------

Date: Sun, 22 Mar 87 12:58:12 EST
From: Michael Wagner <[email protected]>
X-To: [email protected]
Subject: Automatic dialing devices in Canada

I was recently cleaning up my files in preparation to moving to Europe for
a year, and came across the following insert in a phone bill from some time
ago (a year or two, judging by the stratigraphy). I thought it might be of
interest to RISKS readers. My phone supplier is Bell Canada (I'm in Ontario).

Are you offended by recorded telephone solicitation calls?

To help regulate the number of unwanted phone calls coming into your
home or business, ground rules have been established by the Canadian
Radio-television and Telecommunications Commission (CRTC) governing
automatic dialing and announcing devices (ADADS) _when used for
telephone solicitation purposes_. [italics in the original..mw]

ADADS are ... [explanation of what they are and what they do...mw]

Now, before the pre-recorded message starts, you must be informed
of the nature of the call, the identity of the caller, and that you
may end the call by hanging up.

Within 10 seconds of [your] hanging up, the ADAD must disconnect
from the line. ADAD calls may be made only between
9:30-20:00 weekdays, 10:30-17:00 Saturday, 12:00-17:00 Sunday.

[two more paragraphs explain how and to whom you complain about
violations, and the fact that organizations using ADADs have been
warned what violations will do to their phone privileges...mw]

------------------------------

Date: Sat, 21 Mar 87 14:29 EST
From: [email protected]
Subject: Overconfidence in Airplane Computers?
To: [email protected]

Somehow, having just had the time to catch up on the last dozen issues or so
of Risks, the following seems appropriate. My last flight back from DC
Thursday afternoon had one of those chatty pilots, which I'm never sure I
appreciate or don't. Anyway, once we were well underway he boasted about
all the wonderful features of the 757. (I'm not knocking the plane: as a
passenger I like it.) After talking about how the thrust is half the weight
(mass, technically) of the loaded plane, the seven-color radar that spots
precipitation and turbulence, etc., he then added (paraphrased), "and this
plane has over a 100 on-board computers for your comfort and safety; for all
you know you may be sitting on one right now." That almost ruined the whole
flight! (at least, I pondered over it quite a while.)
Ted
[Seat-of-the-pants computing? PGN]

------------------------------

End of RISKS-FORUM Digest
************************
-------