30-Jul-87 17:31:50-PDT,10458;000000000000 Return-Path: Received: from csl.csl.sri.com (CSL.SRI.COM) by F4.CSL.SRI.COM with TCP; Thu 30 Jul 87 17:27:53-PDT Received: from F4.CSL.SRI.COM by csl.csl.sri.com (3.2/4.16) id AA02517 for RISKS-LIST@f4.csl.sri.com; Thu, 30 Jul 87 17:30:01 PDT Message-Id: <8707310030.AA02517@csl.csl.sri.com> Date: Thu 30 Jul 87 17:26:52-PDT From: RISKS FORUM (Peter G. Neumann -- Coordinator) Subject: RISKS DIGEST 5.20 Sender: NEUMANN@csl.sri.com To: RISKS-LIST@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Thursday, 30 July 1987 Volume 5 : Issue 20 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Lack of sanity at the IRS (Victor S. Miller) Hot Stuff (Burch Seymour) Re: Nuclear power plant monitoring and engineering (Brian Douglass) Re: Credit card risks (Ross Patterson) Re: Passwords and telephone numbers (Brian Randell, Keith F. Lynch) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, nonrepetitious. Diversity is welcome. Contributions to RISKS@CSL.SRI.COM, Requests to RISKS-Request@CSL.SRI.COM. FTP back issues Vol i Issue j from F4.CSL.SRI.COM:RISKS-i.j. Volume summaries for each i in max j: (i,j) = (1,46),(2,57),(3,92),(4,97). ---------------------------------------------------------------------- Date: 30 Jul 1987 16:41:11-EDT (Thursday) From: "Victor S. Miller" To: risks@csl.sri.com Subject: Lack of sanity at the IRS The following incident may seem familiar, but given the extreme dread and terror that many people find in the IRS, it could be quite serious: My father-in-law is retired (and has been for a few years), but ocasionally works. My mother-in-law is still working. When she filled out their tax returns this year, she filled in the amount of social security payments received in the calendar year (as required), which was the maximum of $10,400 (I think). However, in transcribing the rough copy of the tax return to the final copy, she made a mistake and copied the vertical line between dollars and cents as a 1. Thus she filled in 104001. About a month later they received a letter from the IRS stating that recomputation of their taxes showed that they owed another $4,500! Needless to say, they were quite upset until they realized what had happened. After it was pointed out, the IRS eventually cleared things up. It would seem that the simplest sort of sanity check in the figures would have eliminated such behavior. The amount of social security benefits for a tax return with two dependents can't be anywhere in the neighborhood of $104,001. I wonder if there any sanity checks at all in the code? Victor S. Miller -- IBM Research victor@ibm.com [I thought you knew: When it comes to the IRS, there is no Sanity Clause. PGN] ------------------------------ Date: Thu, 30 Jul 87 15:33:53 EDT From: gould!augusta!bs@seismo.CSS.GOV (Burch Seymour) To: risks@csl.sri.com Subject: Hot Stuff [and Air-Cooled Gould?] I spent a year working at Large Manufacturer of Space Craft. One of my duties was system manager of a large Gould Supermini-computer system. This was a dual processor ECL based system with 16 Megabytes of memory and about 2 Gigabytes of disk, plus lots of I/O controllers. One of the last things I did before leaving was start the paper work to get the system certified for classified operation. Two years later.. I am talking to my former boss there and he says that the computer had been very unreliable lately. I am surprised as it was *extremely* reliable during the time I was there and ask what happened. It seems when the system went classified, they put locks on the doors -- which precluded normal security patrol checks. They also put the only audible temperature alarm in the room with the computer. One Friday night, the A/C went out. Monday morning (according to the report I got) the machine's cabinet was too hot to touch. This is not hard to believe as an 18 board ECL CPU puts out LOTS of heat, and this is a dual CPU system. Anyway ever since that incident, the machine has been flaky. Gee, I wonder why? I'm amazed that it works at all. -Burch Seymour- ------------------------------ To: risks@csl.sri.com Subject: Re: Nuclear power plant monitoring and engineering Organization: Applied Systems Consultants, Inc. Las Vegas Date: 29 Jul 87 10:04:07 PDT (Wed) From: Brian Douglass This article is in regards to Leff's article in RISKS-5.17. >If nuclear power plants were removed and replaced with coal burning plants, >more people would die from the radiation released into the atmosphere by the >burning coal. This ignores the death toll from coal mine accidents and air >pollution. In short nuclear power plants are about as risk free as one can >get in this society and our energies are much better off being devoted to >automobile accidents, cigarrette smoking and alcohol addiction. I've often heard these statistics and believe in their validity, as a statistic. However, what is not talked about is the potential death per accident. If a car crashes there is a reasonable chance somebody can survive (seat belts, luck), but that probably someone will die. In an airliner crash, your chances of surviving are nearly nonexistent, with the body count surely in the hundreds. Although the chances of an accident in a nuclear plant are small, the potential body count is astronomical. After Chernobyl, I heard an engineer say the odds of a nuclear accident was once in 10,000 years, but that the accumulated operating time of all reactors world wide was over 10,000 years! Does this mean we should expect a major accident about once every 30 or 40 years? Yes, nuclear plants are the safest overall, and offer better long term energy resources (look at France), but the chances of surviving the accident and potential body count of an accident must also be factored into the safety equation. I don't think you can say nuclear power is safer than say coal power when you compare the number of coal related deaths (mining, processing, burning) versus the potential death from a nuclear power station accident. It does mean we must be much more careful with this fire than we have with other fires we've harnessed before, but we should not walk away from it. That would be a greater burden for future generations then we have the right to inflict. Brian Douglass, Applied Systems Consultants, Inc. (ASCI), P.O. Box 13301 Las Vegas, NV 89103, Office: (702) 733-6761, Home: (702) 871-8182 brian@asci.uucp UUCP: {akgua,ihnp4,mirror,psivax,sdcrdcf}!otto!jimi!asci!brian [Don't forget nuclear wastes in your calculations! PGN] ------------------------------ Date: Thu, 30 Jul 87 14:25:02 EDT From: Ross Patterson Subject: Re: Credit card risks (Michael Wagner, RISKS 5.15) To: RISKS@csl.sri.com Amos Shapir is quite correct. AT&T credit card numbers consist of your 10 digit telephone number, followed by 4 random digits. Indeed, this is the basis for one of their "features" - the ability to "phone home". One can dial one's own phone number, and when prompted to key in the credit card number (by an otherwise unidentified "bong"), simply type the last four digits. The call will be accepted and your wife/husband says "Hi!". This risk Amos mentions, involved in someone knowing your name, is obviously that, given the AT&T card numbers, all but the last four digits can be derived by "letting your fingers do the walking". As to the Internation Number, at least in the AT&T case it's just a two character prefix to your phone number and a one digit suffix. Hi tech, right? _ Incidentally, US Sprint does it much better. I just received my FONCARD (pronounced with a long O, e.g. PhoneCard) from them. The card number is 14 digits, none of which relate to my phone number, account number, or even area code. In addition, the card is bright silver, highly reflective, and the imprint is *not* in a contrasting color - it's the same silver. I have trouble reading it from 12 inches away, and I doubt it's possible to read over someone's shoulder. Ross Patterson, Rutgers University ------------------------------ From: Brian Randell Date: Thu, 30 Jul 87 16:20:54 BST To: RISKS@csl.sri.com Subject: Re Passwords and telephone numbers (RISKS 5.19) Jonathan Thornburg's comment ignores the point that people do not normally expect to change their telephone frequently, and that when the number does change, it takes quite a while to memorise it again. ------------------------------ Date: Thu, 30 Jul 87 00:56:46 EDT From: "Keith F. Lynch" Subject: Passwords To: Jonathan_Thornburg%UBC.MAILNET@MULTICS.MIT.EDU Cc: KFL@AI.AI.MIT.EDU, RISKS@csl.sri.com > From: Jonathan_Thornburg%UBC.MAILNET@MIT-Multics.ARPA > (A) What's your office phone number? > (B) What's your home phone number? > I suspect almost everyone can answer both questions correctly. The > two together give 14 fairly patternless digits, ... But I have only one phone and one office, and neither number has changed for years. I have accounts on about ten computers, with a different password on each. Passwords sometimes change as often as monthly. However, the only ones I write down are those that I cannot set myself. It isn't difficult to think of passwords that is easy to remember but hard to guess. Run two words together, or use the initials of some phrase, or misspell some word or name. Of course you should never have the same password on two machines. Another password risk is terminal programs which offer to remember your password for you. These should come with strong warning messages. ...Keith ------------------------------ End of RISKS-FORUM Digest ************************ -------