RISKS-LIST: Risks-Forum Digest Weds 26 November 2008 Volume 25 : Issue 46 ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <http://www.risks.org> as <http://catless.ncl.ac.uk/Risks/25.46.html> The current issue can be found at <http://www.csl.sri.com/users/risko/risks.txt> Contents: E-prescription for IT disaster (Tom Yager via Gene Wirchenko) Computer virus shuts down three London hospitals (Patrick O'Beirne) The Blackberry, the President, and Reality (Fred Cohen, Steve Wildstrom) Choose too large a sample interval and look like an idiot (Max Power) The Great RoHS/Tin Whisker Fiasco of 20?? (Jay R. Ashworth) ACMS helps recover lost Moon data (David Shaw) Re: Vintage IBM tape drive in Apollo moon dust rescue (David Brunberg) Re: BBC Domesday Project (Kees Huyser, Amos Shapir) Re: NASA's Mars Lander dies in the dark (John Levine) Excel user awareness (Patrick O'Beirne) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Sat, 22 Nov 2008 16:28:04 -0800 From: Gene Wirchenko <genew_at_private> Subject: E-prescription for IT disaster (Tom Yager) Tom Yager, E-prescription for IT disaster, *Infoworld* Blog, 19 Nov 2008 http://weblog.infoworld.com/yager/archives/2008/11/eprescribing_mo.html?source=NLC-DAILY&cgd=2008-11-19 The federal paperless prescription mandate is a model for pathetic planning that will leave users and IT blamed for failures Researchers just finished mapping a patient's leukemia tumor genome, finding only eight differences between her tumor cells and normal ones taken from her skin. This breakthrough in medical technology was somehow accomplished while the American Medical Association and U.S. government health agencies are doing a rip and replace of the nation's medication distribution system. Taking the prescription system paperless has been on the national road map since timeshared mainframes were the rage, but up to now, those delivering, managing, regulating, and receiving health care always found wiser uses for the time and money required for a prescription system overhaul. Now, in the final seconds before an administration sworn to reform health care takes office, e-prescribing is being lofted as a Hail Mary pass by interests with a mix of honorable and questionable intentions. It has not remotely begun to gel, but now it is poor planning made law, and it falls to practitioners, pharmacies, and IT to make it work. Make it work now, or the government will dock already inadequate reimbursement for treatment under Medicare and Medicaid. Company-paid insurance can't be handled any other way. It probably seems that I'm casting too jaundiced an eye on the issue. Who could oppose the modernization of a paper system whose flaws exact tolls in lives and taxpayer dollars lost to fraud? Trouble is, e-prescribing is loaded with agendas, with conduits for control and work-arounds for potential future regulation and reformation (whatever those may be). It is being executed under the rubric of urgent social necessity, but the health care system has far more pressing issues to deal with. Doctors have less time to see patients, new reasons to refuse to treat patients on government assistance, and new levels of complication that tacitly discourage certain types of prescriptions. Ain't broke E-prescribing is sold as an essential modernization of a creaky, error-prone, inefficient, and costly paper system that cannot keep pace with the explosive growth of prescriptions. If you didn't know better, you might say they're right. This archaic system has its roots in simpler times when small-town pharmacists knew small-town doctors and their office staff personally. Pharmacists' experience and face-to-face dealings with patients red-flagged erroneous or suspicious prescriptions. [...] ------------------------------ Date: Tue, 18 Nov 2008 16:13:25 +0000 From: Patrick O'Beirne <Mail3nospam_at_private> Subject: Computer virus shuts down three London hospitals A computer virus infection has forced a number of London hospitals to shut down their IT systems, and revert to manual operation. [Searching on this turned up many reports, naming St Bartholomew's, the Royal London Hospital, and the London Chest Hospital, all part of the Barts and London NHS Trusts. The URL Patrick gave me did not seem to work. PGN] ------------------------------ Date: Mon, 17 Nov 2008 17:55:00 -0800 From: Fred Cohen <fc_at_private> Subject: The Blackberry, the President, and Reality (Re: Solomon, RISKS-25.45) The Records Act does not prevent the use of a Blackberry - all you have to do is record what you send (and receive) - a relatively simple matter. The fact that sending classified over a blackberry is a problem is, of course, a limitation, but hardly a surprise. The other challenge relates to the traceability of the blackberry to a location and the ability to use this information to deliver smart weapons on target. And then there is the use of the voice part for recording conversations when it appears to be off. And of course the list goes on. But isn't this a good thing for computer security? After all, we can secure things like this if we want to, and the fact that so public an official has to deal with these sorts of issues should be an eye-opener for lots of folks. It's a good thing that it is being brought up, but it should not force him to stop using the device. Assuming it is properly managed. That brings us to the real issue. The security of Federal systems and the measures taken to protect (and not protect) them are problematic, they tend to get low scores on relatively simple tests of security, and of course the White House computer systems have been broken into recently (according to the news stories) and emails revealed - blackberry not even involved. At the dawn of the information age, as it enters the highest parts of our government, we may actually see an executive who has to deal with these issues and a serious effect on notional policy and operational decisions. Change is coming, but will that change be change we can rely on? Fred Cohen & Associates, 572 Leona Drive, Livermore, CA 94550 http://all.net/ 1-925-454-0171 http://tech.groups.yahoo.com/group/FCA-announce/join ------------------------------ Date: Tue, 18 Nov 2008 13:25:35 -0500 From: Steve Wildstrom <steve_wildstrom_at_private> Subject: The Blackberry, the President, and Reality (Re: Solomon, RISKS-25.45) Most of what has been written about the President-elect and his BlackBerry is nonsense. As President, he may not have time for as big a time-suck as a BlackBerry, but neither the Presidential Records Act nor security concerns (for unclassified material) should be an issue. A BlackBerry certainly meets all the retention requirements of the PRA (actually, these would be met by the underlying mail system-Exchange, Lotus Domino, or GroupWise.) With respect to security, the BlackBerry has picked up a long list of approvals, including certification under FIPS for "sensitive but unclassified" information. BlackBerrys are widely used within the government, including by law enforcement agencies, as is a similar technology for Windows Mobile and Palm from Motorola Good Mobile Messaging. Steve Wildstrom, Technology & You columnist, BusinessWeek, 1200 G St NW Suite 1100, Washington, DC 20005 www.businessweek.com/technology/wildstrom.htm ------------------------------ Date: Wed, 19 Nov 2008 13:35:49 -0800 From: Max Power <dist23_at_private> Subject: Choose too large a sample interval and look like an idiot ... Risks of using poorly customized map software ... http://news.bbc.co.uk/2/hi/in_depth/629/629/7600053.stm The BBC Box uses GPS based satellite transponder technology. The Box pings its location every 24 hours. The Box should ping its location every 11 hours, or some oddball number smaller than 24. Sadly, the sample ping sample interval is too small -- and the mapping software is not bright enough to use arcs between sample points to avoid clearly wrong map displays. In this case The Box's trip around Taiwan looks totally wrong (19/10/2008 & 20/10/2008). The ship did not plow thru the Taiwanese mountains! Also, the trip around Indonesia, and Malaya to Singapore looks totally wrong as well. And the trip skirting around Sri Lanka does not look right either. And Yemen, eeesh! * These nation's EEZ's are somewhat unsafe due to piracy, but that issue needs to be tackled by the UN. * I don't believe that a smaller ping interval is any less safe, if the new data point is delayed from being displayed by 120 minutes. What other visual mapping gaffes will we have to tolerate for the next year? The Box project will last a year at least. I actually hope the BBC inserts interpolated data points, or even better -- get a GPS log of the container ship's route. The GPS unit in use here probably stores a data point every 15 minutes, and can probably send trip logs autonomously. Max Power, CEO, Power Broadcasting, http://HireMe.geek.nz ------------------------------ Date: Thu, 20 Nov 2008 11:03:14 -0500 (EST) From: "Jay R. Ashworth" <jra_at_private> Subject: The Great RoHS/Tin Whisker Fiasco of 20?? Slashdot just ran a story about a lead substitute based on bisumth. http://tech.slashdot.org/article.pl?sid=08/11/19/2330241 As I had expected, some of the commenters (me among them) noted that the removal of lead from solder to meet European RoHS requirements is causing problems with the formation of tin whiskers. http://www.siliconfareast.com/whiskers.htm So, now, the question you have to ask yourselves is: what happens when one of those tin whiskers shorts out a critical piece of avionics in the plane you're flying in? And, more importantly... has that thought already occurred to people who build avionics, and make RoHS laws... and if so, why does Google have so much trouble finding evidence thereof? http://www.google.com/search?q=rohs+tin+whiskers+avionics Everybody seems to be trying to *fix* this potential problem, but the whole point of RoHS was, as I understand it, keeping lead out of landfills. How many avionics and other such life-critical items end up in landfills in the first place? Jay R. Ashworth, Ashworth & Associates, St Petersburg FL +1 727 647 1274 http://baylink.pitas.com http://photo.imageinc.us ------------------------------ Date: Thu, 20 Nov 2008 17:13:10 +1100 From: "David Shaw" <d.shaw_at_private> Subject: ACMS helps recover lost Moon data The risk of not being able to read aging storing media / formats is no doubt familiar to many RISKS readers, but this particular story seems like a textbook example. "Scientists hope to recover lost data from the Apollo moon missions using a 40-year-old tape drive borrowed from the Australian Computer Museum Society (ACMS). NASA lost its original tapes - containing data from studies of lunar dust but thankfully back-ups were stored at Sydney University. Work is now underway to restore a 1960s-era IBM 729 Mark V tape drive so the tapes can be read." More info at: http://www.abc.net.au/news/stories/2008/11/10/2415393.htm The real irony here is that the ACMS's valuable, historical collection of computers has been evicted twice and struggles for funding. I suspect we went awfully close to never being able to retrieve NASA's lost data. ------------------------------ Date: Mon, 17 Nov 2008 22:03:05 -0500 From: "David Brunberg" <dbrunberg_at_private> Subject: Re: Vintage IBM tape drive in Apollo moon dust rescue (RISKS-25.45) While the problem (loss of data due to obsolete formats/equipment) is real, consider this: the moon dust/rock samples have been carefully preserved and are available for analysis by qualified scientists. It would probably be cheaper to re-run the chemical and isotopic analyses. The analytic technology has progressed to be able to use much smaller masses and would probably offer more precision and flexibility. It's been discussed thoroughly before, but a more significant problem, in my opinion, is the loss of data due to aging of storage media, and specifically the loss of time sensitive data. For instance, 30-year-old photographs that, when compared against current images, might lead to major astronomical findings by showing long-term changes in positions or conditions of celestial objects. ------------------------------ Date: Tue, 18 Nov 2008 09:31:20 +0100 From: Kees Huyser <kees.huyser_at_private> Subject: Re: BBC Domesday Project (Tibbetts, RISKS-25.44) Jeffrey Darlington of the Digital Preservation Department of the The National Archives wrote in 2003 about the rescue in an article in Ariadne, a magazine for information professionals in archives, libraries and museums: http://www.ariadne.ac.uk/issue36/tna/ ------------------------------ Date: Wed, 19 Nov 2008 17:45:31 +0200 From: Amos Shapir <amos083_at_private> Subject: Re: BBC Domesday Project (Tibbetts, RISKS-25.44) In other words, they have bound the data format from the start to specific hardware implementations, which were rare even then. This put an extra burden on the archivers who would necessarily have to convert it later. (Maybe this reflects the general attitude in a country where power is still measured by horses, and people are weighed by stones :-)) Once data is digitized, it would certainly fare much better if it was kept in the most simple form; I suspect it would have been easier to rescue even if it was all put on punched cards! ------------------------------ Date: 18 Nov 2008 13:02:19 -0000 From: John Levine <johnl_at_private> Subject: Re: NASA's Mars Lander dies in the dark (RISKS-25.45) In fairness, that was always the plan. The original schedule when Phoenix landed in May was to operate for three months during the Martian summer, but it worked well enough that they extended the mission twice until it ran out of sunlight. I wonder why they didn't design it to go to sleep and try waking it up when the days get longer. Perhaps they figure that by then there will be so much dust on it that it won't get enough sunlight to restart. John Levine, johnl@private, http://www.johnlevine.com Primary Perpetrator of "The Internet for Dummies", ------------------------------ Date: Tue, 18 Nov 2008 08:47:06 +0000 From: Patrick O'Beirne <Mail3nospam_at_private> Subject: Excel user awareness (Re: Magda, RISKS-25.45) It's not Excel auto-formatting. It's a breakdown in the communication of significance between those who know what something means and those who just manipulate spreadsheets without knowing what they mean; compounded by last-minute rush and pressure and lack of supervision. see http://www.sysmod.com/praxis/prax0811.htm Some of my comments are: "A maximum of one minute checking time, then. If you delegate work, you have the responsibility to check it. Spotting 179 differences in 1000 rows is not that hard. Lawyers always work with paper evidence, so a simple check would have been to print the excel sheet as received, print the PDF, and visually compare the pagination. If they had had to do it by midnight, then at least the largest numbers could be checked in 15-20 mins. After all, even with the late submission by the client, counsel had nearly four hours just to look at it and convert it to PDF. If the check had been done on Sept 18, much embarrassment would have been spared." "Let's look at the interface between client and lawyer. Clients should be able to expect well-paid lawyers to exercise vigilance and help protect the clients against themselves. As well as their first job which is to review the substantive content of documents, it should be standard practice in to review all received files for metadata and hidden data. It could be hidden text in a Word document, blacked-out text in a PDF, or file properties in an Office document that reveal identities. However, lawyers are rather expensive IT reviewers, so for one's own protection, one should review documents both in content and form before release. Form includes not just hidden data, but anything that is not manifestly clear to the parties involved and could be a source of confusion. Is "Y/N" in column Z a sufficient indicator, and was its significance made plain?" I have not read about the judgment yet on the case which was due Nov. 5 Patrick O'Beirne, Systems Modelling Ltd. http://www.sysmod.com/ (+353)(0) 5394 22294 ------------------------------ Date: Thu, 29 May 2008 07:53:46 -0900 From: RISKS-request_at_private Subject: Abridged info on RISKS (comp.risks) The ACM RISKS Forum is a MODERATED digest, with Usenet equivalent comp.risks. => SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) if possible and convenient for you. The mailman Web interface can be used directly to subscribe and unsubscribe: http://lists.csl.sri.com/mailman/listinfo/risks Alternatively, to subscribe or unsubscribe via e-mail to mailman your FROM: address, send a message to risks-request_at_private containing only the one-word text subscribe or unsubscribe. You may also specify a different receiving address: subscribe address= ... . You may short-circuit that process by sending directly to either risks-subscribe_at_private or risks-unsubscribe_at_private depending on which action is to be taken. Subscription and unsubscription requests require that you reply to a confirmation message sent to the subscribing mail address. Instructions are included in the confirmation message. Each issue of RISKS that you receive contains information on how to post, unsubscribe, etc. => The complete INFO file (submissions, default disclaimers, archive sites, copyright policy, etc.) is online. <http://www.CSL.sri.com/risksinfo.html> The full info file may appear now and then in RISKS issues. *** Contributors are assumed to have read the full info file for guidelines. => .UK users should contact <Lindsay.Marshall_at_private>. => SPAM challenge-responses will not be honored. Instead, use an alternative address from which you NEVER send mail! => SUBMISSIONS: to risks_at_private with meaningful SUBJECT: line. *** NOTE: Including the string "notsp" at the beginning or end of the subject *** line will be very helpful in separating real contributions from spam. *** This attention-string may change, so watch this space now and then. => ARCHIVES: ftp://ftp.sri.com/risks for current volume or ftp://ftp.sri.com/VL/risks for previous VoLume <http://www.risks.org> redirects you to Lindsay Marshall's Newcastle archive http://catless.ncl.ac.uk/Risks/VL.IS.html gets you VoLume, ISsue. Lindsay has also added to the Newcastle catless site a palmtop version of the most recent RISKS issue and a WAP version that works for many but not all telephones: http://catless.ncl.ac.uk/w/r <http://the.wiretapped.net/security/info/textfiles/risks-digest/> . ==> PGN's comprehensive historical Illustrative Risks summary of one liners: <http://www.csl.sri.com/illustrative.html> for browsing, <http://www.csl.sri.com/illustrative.pdf> or .ps for printing ==> Special Offer to Join ACM for readers of the ACM RISKS Forum: <http://www.acm.org/joinacm1> ------------------------------ End of RISKS-FORUM Digest 25.46 ************************Received on Wed Nov 26 2008 - 20:14:10 PST
This archive was generated by hypermail 2.2.0 : Wed Nov 26 2008 - 20:35:41 PST