University of Bielefeld -  Faculty of technology
Networks and distributed Systems
Research group of Prof. Peter B. Ladkin, Ph.D.
Back to Abstracts of References and Incidents Back to Root
This page was copied from: http://catless.ncl.ac.uk/Risks/16.35.html


Previous Issue Index Next Issue Info Searching Submit Article

The Risks Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 16, Issue 35

Thursday 25 August 1994

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Contents

o Fraud and Identity
Mich Kabay
o Summary of Der Speigel interview with Airbus' Bernard Ziegler
Peter Ladkin
o CORRECTION, Report on the *1993* Gatwick near-miss
PGN
o Re: pi = 3
James Dudley
L. P. Levine
o Re: The new Cray and Unix passwords...
Chris Ransom
---------------------------------------------

Fraud and Identity

"Mich Kabay [NCSA Sys_Op]" <75300.3232@compuserve.com>
20 Aug 94 17:13:41 EDT
     
     According to the U.K. Press Association newswire (94.08.10), the final culprit
     has been jailed for defrauding the British social security administration of a
     small fortune:
     
     LAWYER'S DAUGHTER JAILED FOR BENEFITS FRAUD
     
     By Melvyn Howe, PA News
     
       `The daughter of a wealthy and respected lawyer was jailed for three and a
     half years today for her part in a massive countrywide social security fraud. 
        Public school educated Olu Atobatele, regarded as a "pariah" by her
     "shamed" family, took a leading role in a highly sophisticated operation which
     involved 2,000 false identities and was the largest benefits conspiracy of its
     kind in Britain.'
     
     Key points from the article:
     
     o	Part of a gang of 11 who defrauded the Crown of 1 million pounds.
     
     o	She herself stole 90,000 pounds in 20 months.
     
     o	The gang members used "details of students' identities" and fabricated
     identities using information "from the Death Register at St Katherine's House,
     as well as identities from the British and African edition of Who's Who to
     make more than 240 bogus claims for income support between early 1992 and
     August last year."
     
     o	The Department of Social Security "has instituted new procedures" to
     reduce fraud as a result of this scam.
     
     [Comments from MK: 
     
     Please skip on to the next message if you're not in the mood for a leisurely
     stroll through some speculation.  I got to thinking about this case of a
     Saturday afternoon and wrote down this little essay on identity in the real
     world and in cyberspace.
     
     Impersonation is one of the techniques used by criminals, including criminal
     hackers, to acquire goods and services belonging to or due to others.  Many
     people will be familiar with the techniques of "social engineering" (properly
     called "lying, cheating and extorting") used by criminal hackers to obtain
     information need in penetrating restricted systems.  Such techniques include
     impersonating journalists, technicians and high-ranking personnel.
     High-resolution colour scanners, photocopiers, printers and image-processing
     software, have been turned to evil effect by high-tech forgers of currency and
     of authenticating documents.
     
     In the case above, criminals were able to bamboozle human beings into entering
     false information into computerized systems--a kind of data diddling at one
     remove.
     
     Disproportionate public outrage over much-publicized social services fraud by
     immigrants is pushing many jurisdictions towards insisting on biometric
     pattern recognition (e.g., fingerprints) to authenticate claims on social
     entitlements.  Such a system would preclude inventing identities to be claimed
     by the same human being, since the "different" people would all have the same
     fingerprints.
     
     However, biometric systems do not solve the fundamental problem: the
     difficulty of authentication of identity in today's world of fragmented
     communities and highly mobile individuals.  Consider the true story underlying
     the film "Le Retour de Martin Guerre" (severely distorted in the US remake
     called "Sommersby").  A young man in mid-Renaissance France is forced to marry
     an even younger woman against their wishes because of family pressures.  After
     seven years of unconsummated marriage, he runs away, only to reappear many
     years later.  With his detailed knowledge of everything he ought to know as
     Martin Guerre, he is re-integrated into his village despite oddities like the
     wrong shoe size and hostility from his own dog. Even his wife welcomes him
     back to the conjugal bed.  However, envious relatives eventually challenged
     him as an imposter.  The real Martin Guerre reappears and the imposter is
     hanged.
     
     This story has been part of French history for centuries precisely because
     successful imposture was so unusual in agrarian Europe.  Most people never
     travelled more than a day's journey from their place of birth in their entire
     lives.  They married the people they had known all their lives; they were no
     more likely to take on other identities than to learn to read.
     
     Now contrast today's world: there would be nothing unusual about being born in
     Tucson, growing up in San Francisco, going to college in Boston, taking the
     first job in Chicago, moving to Denver, and ending up in Syracuse with a
     spouse from Edmonton.  In such a society it's a wonder that there aren't
     _more_ impersonations--and who knows, maybe there are lots but they're real
     successful <g>.
     
     Benjamin Wright, author of _The Law of Electronic Commerce_ and instructor in
     the National Computer Security Association's online seminar on _EDI Security_
     has often commented that we seem to demand more of identity in cyberspace than
     we do in reality.  Suppose Able Baker carries on a discussion with Charlie
     Delta; does it matter to either "who" the other is in another context?  What
     _would_ matter is for an imposter to pretend to be Able or Charlie and
     interfere in their communication by inserting fraudulent messages or
     intercepting legitimate messages.
     
     Real-world authentication fails because of reliance on paper documents which
     are just too easy to falsify; perhaps computer-based authentication could
     reduce such fraud.  Despite relatively poor reliability for any one biometric
     technique, the error rates for combinations are very low.  Combining any two
     of, say, fingerprints, retinal scans and signature dynamics, for example,
     would provide trustworthy authentication.  The question will be
     cost-effectiveness; would the enormous expense of installing huge numbers of
     biometric input devices and the network and database infrastructure be seen as
     justified?  And would the costs of protecting the "cyberspace shadow" (as some
     writers are calling it) against tampering exceed the reduction in fraud?
     
     The remaining difficulty is the bridge between social identity and identity in
     cyberspace.  How does one ensure that the person registering as Echo Foxtrot
     _really is_ Echo Foxtrot in other aspects of his life?  And how much do we
     care?  Enough to implant a non-forgeable device in the person's body at birth
     or upon receiving legal immigration status?  Yuk!  Sounds like the basis for a
     police state, doesn't it?
     
     I predict that under the increasing pressures of immigration (legal and
     illegal), increasing economic disparities, and continuing entitlement
     programs, the occurrence of impersonation will increase.  At some point,
     fingerprinting will become mandatory for all claims on the social welfare
     systems; eventually, pressures will mount for authentication even in the
     initial claims for entitlements.  At that point, societies will turn to
     mechanisms of authentication familiar to computer system users.  Will the time
     come when microprocessors will be implanted under people's skin to transfer
     their cryptographically-sound identifiers on demand? And what will the
     consequences of such institutionalized scepticism be on social relations?
     Will people meeting in person for the first time press their wrists together
     to exchange public keys?  Will those who refuse to participate in rituals of
     authentication be frowned upon?  And will such tokens become valuable
     commodities--valuable enough to steal and trade in the underworld?  Sounds
     like the subject for an interesting science fiction novel.]
     
     M.E.Kabay/DirEd/Natl Computer Security Assn (Carlisle, PA)
     
     
---------------------------------------------

Summary of Der Speigel interview with Bernard Ziegler, Airbus Ind.

Peter Ladkin <Peter.Ladkin@loria.fr>
Sat, 20 Aug 1994 21:32:45 +0200
     
     The German newsweekly Der Spiegel, issue 33 (1994) dated 15 Aug 94, contains
     an interview with Bernard Ziegler, described as Technical Director of Airbus
     Industrie, responsible for flight test and certification (`Zulassung') of all
     Airbus aircraft.  There is a short background statement concerning the
     accidents on pp160-161, and the interview is on pp161-164.
     
     The interview focuses on the reliability of Airbus aircraft, in the light of
     the following crashes: Bangalore, Feb 90 (A320: landed short of the runway in
     clear weather, 92 dead); Strasbourg, Jan 92 (A320 descended into a hill in
     clouds on a backcourse approach to the airport, 87 dead); Warsaw, Sep 93
     (A320, landing in a thunderstorm, overran the runway, 2 dead, many injured);
     Nagoya, Apr 94 (A300, copilot and autopilot in control conflict, eventually
     nose rose at an extreme angle and the plane stalled, crashing tail first onto
     the ground, 246 dead); Toulouse-Blagnac Jun 94 (A330, testing engine-out
     go-arounds, stalled and crashed, 7 dead including the Airbus chief test
     pilot). The Habsheim A320 accident is not mentioned. The header to the intro
     says:
     
     "Airbus Industrie is under pressure. Twelve total-losses since 1987 with 815
     dead have awakened doubts about the concept of airplanes dependent on
     electronics [`elektronisch hochgeruesteten Flugzeuge'].  Do technical failures
     contribute to the series of accidents? Or are pilots overextended by the
     `flying computers'?"
     
     Here is a summary of what I surmise are the salient parts of the interview for
     RISKS readers.
     
     [begin summary]
     
     Ziegler says they've had a lot of bad luck recently, contrasted with the first
     14 accident-free years (except for the Iranian Airbus shot down by the US
     Navy). But he suggests comparing the record of the A320 with that of the B727,
     B737 or DC9 when they were introduced.  He says that Airbus is 30 per cent
     better than the average of all builders - but he wants to be 100 per cent
     better. He says there's no reason to change the Airbus `philosophy' of taking
     over some of the pilot's tasks by computer, pointing out that all of the new
     technology developed by Airbus, from `glass cockpit' to new types of
     autopilot, has been followed by `all the others'. And, `[..] the pilot still
     has the last decision. Whoever suggests the contrary doesn't know what they're
     talking about.'
     
     They discuss the problems in Warsaw concerning the late deployment of
     airbrakes and thrust reverse, concerning which he points out that (a) it's a
     requirement for all modern airplanes that deployment is not enabled until the
     plane is firmly on the ground; and (b) there are particular limits on landing,
     for example not when a tailwind is stronger than 10 knots, or when the landing
     speed is too high. In Warsaw, these boundaries, which were carefully
     ascertained in test flights, were crossed. Also, runway overrun is one of the
     `classical' airplane accidents, regardless of type. When asked why the Polish
     investigators singled out late deployment of airbrakes and reversers, he noted
     that the report also misses important details, including the problem with the
     false weather information given to the pilots, and notes that many of the
     Polish recommendations contradict various requirements of the air transport
     supervisory authorities. He said that the level of the compression sensors on
     the landing gear, and the landing logic, has been changed for Lufthansa at the
     request of the client, but that only an expert can tell the difference between
     the old and the new landing logic.
     
     There follows a discussion about computers vs other kinds of flight control,
     during which he says that there is in principle no difference between more
     traditional methods of control and the fly-by-wire of the A320, and that it's
     an illusion to believe that there's ever a direct connection between the
     pilot's hand and the behavior of an airplane - flying is in this sense
     something artificial.
     
     He says that there are always ways to improve airplanes, and they remain in
     close contact with the clients to make such improvements.
     
     He is asked about the involvement of the autopilot in Nagoya, and about a
     prima facie similar problem with an autopilot in 1991 in Moscow (an A310), and
     why Airbus had not modified all the autopilots of these types. He replies that
     requiring expensive modifications is not a simple matter, and must first be
     thoroughly investigated to see if they cause more problems than they solve
     [not his phrase - I am paraphrasing. pbl]. He notes that Boeing has waited
     twelve years before recommending modifications in one case.  He says that in
     conjunction with the certification authorities, Airbus had developed an
     autopilot modification and recommended that A300-600 clients perform it, and
     after the Moscow incident had notified everyone officially of the correct use
     of the autopilot [there are standard procedures for doing these things - he's
     pointing out that the standard procedures for clarification of operating
     procedure were vigorously pursued. pbl] After the Nagoya accident, Airbus
     decided that the modifications they had recommended to A300-600 and A310
     aircraft should be mandatory. It will take about 2 years and $60m to alter the
     fleet.
     
     When asked about the `spectacular crashes' in India, he rejects the
     categorisation and points out the statistics for India show that it's a
     difficult environment for airlines, and that the A320 crash happened right
     after two B737 crashes. There's then some discussion of pilot training and
     capabilities.
     
     Concerning the A330 test flight crash in Toulouse, he points out that it was a
     difficult but not dangerous test, and in response to a question concerning
     entering the right autopilot `flight level', he points out that it was
     mistakenly left at 2000ft but should have been at 7000ft according to the
     checklist. He says that the fundamental error was that the crew let the
     nose-high, low-speed situation persist too long, and speculates why: because
     they took the nose-high situation for an anomaly and they wanted to see what
     would develop [according to the preliminary report, it was pilot commanded.
     They were confused as to which mode the flight control was in. pbl]; because
     the test engineer trusted the pilot to know when to return to normal; and Nick
     Warner [the chief test pilot of Airbus, one of the two pilots. pbl] had been
     critised before by test engineers for retaking control too quickly, and maybe
     was sensitive to potential criticism in this case also. It was a question just
     of two seconds delay.
     
     The consequences, he says, will be that automatic protection will be developed
     that will rule out such extremely unlikely accidents, and that the A330 and
     A340 will be the first aircraft to be protected automatically against the
     development of such a flight condition (`entsprechend ueberzogenen
     Flugzustand').
     
     [end summary]
     
     A few comments - 
     
     Warsaw: Ziegler correctly points out regulations concerning thrust reverse and
     airbrakes. However, no mention was made by the interviewer or Ziegler of the
     wheel brakes themselves. The wheels did not spin up on landing to the required
     speed to allow the anti-skid system to function as designed.  Ziegler's
     selection of the tailwind for commentary raises some hypothetical
     considerations.  At the given landing speed, with the tail wind, the wings
     were developing less lift than they would have been without the tail wind,
     making it more likely that the braking functions would have been enabled by
     the sensors. On the other hand, had there been no tailwind, the pilots would
     have landed at the same indicated airspeed, which would have given them 10 kts
     slower ground speed, but the same amount of lift preventing the sensors from
     indicating ground contact. For similar problems not to have occurred in this
     situation, the wheels would have not to have aquaplaned at this slower landing
     speed. But in the accident situation, they did not appear to spin up to speed
     until the ground speed was well below this, and much more of the airplane
     weight was on the wheels.
     
     It's a simple consequence of the landing logic that braking systems did not
     deploy under the landing condition in Warsaw, as may be seen from an
     inspection of the description of the logic in the Flight Crew Operating
     Manual.  The sensor settings and landing logic has apparently been changed
     sufficiently so that A320s landing in similar conditions, in a similar manner
     to the accident airplane, will not suffer a lengthy delay in activation of
     braking systems (brakes, airbrakes, thrust reversers).  The logic is written
     in the Flight Crew Operating Manual which your local A320 pilot might be happy
     to show you.
     
     Bangalore: it appears the pilots were confused as to which control mode the
     airplane was in. Under the particular conditions of flight, the engines went
     to flight-idle and the airplane descended rapidly into the ground while the
     pilots were trying to figure out what was going on.
     
     Nagoya: The autopilot appears to have been engaged and in `go-around' mode
     (`abort landing, gain altitude quickly'). The copilot, who was flying, was
     pushing hard forward on the control column trying to land the airplane. The
     autopilot was counteracting this by configuring the airplane aerodynamically
     for full nose-up (this `trim' feature is a standard control in all airplanes).
     When the copilot eventually let go of the column, the airplane's nose rapidly
     rotated upwards to an extremely high angle (given the trim condition, this is
     what one would expect) and the speed decayed severely, causing the aircraft to
     stall nose-high, close to the ground. It hit the ground tail-first.  The
     standard procedure in which pilots are trained (on this and all other
     transport airplanes) is to disconnect the autopilot and ensure it is
     disconnected if they want to hand-fly the plane onto the runway. There are
     numerous puzzles concerning this accident.
     
     Toulouse: Under the correct checklist settings, the pitch (nose-upward angle)
     of the aircraft on takeoff would have been automatically controlled when the
     autopilot was engaged.  The co-pilot who was flying rotated on take-off to a
     high angle.  Meanwhile, Warner engaged the autopilot (which took three tries)
     and `failed' the left engine.  It's surmised they were expecting the autopilot
     to return the aircraft to a precise pitch as it handled the situation, as
     planned.  The aircraft was flying in a different control regime than planned
     due to the mistaken altitude-capture setting of 2000ft rather than 7000ft on
     the autopilot. Pitch was not `protected' by the autopilot in this regime.
     Speed decayed rapidly since the nose did not go down, the aircraft was unable
     to maintain lateral control when it was below the airspeed required to do so,
     and yawed and rolled. After this situation had developed, Warner throttled
     back the right engine to regain lateral control, as well as regaining
     wings-level and nose-level.  When control was regained, the ground was just a
     little too close.  There are a couple of important reports on this accident in
     Flight International for 10-16 Aug and 17-23 Aug.
     
     The Strasbourg crash was reported in RISKS-13.06, with follow-ups in numerous
     immediately following RISKS-13 numbers. The official verdict was reported in
     RISKS-14.74, with follow-ups in 14.76 and 14.77.  Warsaw, Nagoya and Toulouse
     accidents have been discussed in RISKS-15.13, 15.30, 15.31, 15.32, 15.36,
     16.07, 16.13, 16.14, 16.15, 16.16, 16.22 and 16.23.  For a survey of these
     accidents (except for the A330), see RISKS contributor Peter Mellor's paper:
     `CAD: Computer-Aided Disaster'.
     
     Additional comments on Airbus aircraft may also be found in RISKS-13 numbers
     06,07,08,09,11,12,16,19,20,21,22,23,24,27,64,67; and RISKS-14 numbers
     01,07,74,76,77.
     
     Peter Ladkin
     
     
---------------------------------------------

CORRECTION, Report on the 1993 Gatwick near-miss (Ladkin, RISKS-16.34)

"Peter G. Neumann" <neumann@csl.sri.com>
Thu, 25 Aug 94 10:23:10 PDT
     
     I must apologize for an overzealous attempt to correct what appeared to be an
     error.  Peter Ladkin's message explicitly referred to the *1993* Gatwick
     near-miss.  I was reading some out-of-band communications in which there
     had been a date error that made it appear that the *1993* was incorrect,
     so I miscorrected it miscorrectly.  Sorry.  Mea culpa.  PGN
     
     
---------------------------------------------

pi = 3 (Re: Wayner, RISKS-16.34)

James Dudley <james@cssnps.com >
Wed, 24 Aug 94 20:52:40 EST
     
     Actually, my home state of Indiana did try to legislate that the value of pi 
     should be 3. Here is some information from the alt.folklore.urban archives
     from an article written by Mark Bader (msb@sq.com) (Further information can
     be found in "Mathematical Cranks", Underwood Dudley, The Mathematical 
     Association of America, Washington D.C.).  James Dudley
     
     
     THE STORY
     
     The author of the bill was Dr. Edwin J. Goodwin, an M.D., of Solitude,
     Indiana.  It seems that he was a crank mathematician.  He contacted his
     Representative, one Taylor I. Record, with his epoch-making suggestion: if the
     State would pass an Act recognizing his discovery, he would allow all Indiana
     textbooks to use it without paying him a royalty.
     
     Nobody in the Indiana Legislature knew enough mathematics to know that the
     "discovery" was nonsense. In due course the bill had its third House reading,
     and passed 67-0.  At this point the text of the bill was published "and, of
     course, became the target for ridicule", "in this and other states".
     
     By this time a real mathematician, Prof. C. A. Waldo, had learned what was
     going on.  In fact, he was present when the bill was read on February 5, 1897.
     ("...imagine [the author's] surprise when he discovered that he was in the
     midst of a debate upon a piece of mathematical legislation.  An ex-teacher was
     saying ... 'The case is perfectly simple.  If we pass this bill which
     establishes a new and correct value for Pi, the author offers ... its free
     publication in our school text books, while everyone else must pay him a
     royalty'", Waldo wrote in a 1916 article.)  But the House had passed the bill.
     
     Fortunately, Indiana has a bicameral legislature.  The bill came up for first
     reading in the Senate on Thursday, February 11.  Apparently in fun, they
     referred it to the Committee on Temperance.  The Committee reported back on
     Friday, February 12, approving the bill, which then had its second reading.
     
     The Indianapolis Journal reported what happened: "The Senators made bad puns
     about it, ridiculed it, and laughed over it.  The fun lasted half an hour.
     Senator Hubbell said that it was not meet for the Senate, which was costing
     the State $250 a day [!], to waste its time in such frivolity ... He moved the
     indefinite postponement of the bill, and the motion carried.  ...  All of the
     senators who spoke on the bill admitted that they were ignorant of the merits
     of the proposition.  [In the end,] it was simply regarded as not being a
     subject for legislation."
     
     
     ANNOTATED TEXT OF THE BILL
     
     /*  Following is the text of Indiana House Bill #246 of 1897, with my
      *  own annotations (in comment signs and exdented, like this text).
      *  In my annotations, A, r, d, c, and s are respectively the circle's
      *  area, radius, diameter, circumference, and the side of the inscribed
      *  square.  */
     
                   A bill for an act introducing a  new  mathematical
             truth  and  offered as a contribution to education to be
             used only by the State of Indiana free of cost by paying
             any  royalties  whatever on the same, provided it is ac-
             cepted and adopted by the official action  of  the  leg-
             islature of 1897.
     
     /*  You normally have to pay royalties on mathematical truths?
      *  The Pythagoras estate must be doing well by now...  */
     
     
             SECTION 1.
                   Be it enacted by the General Assembly of the State
             of Indiana: It has been found that a circular area is to
             the square on a line equal to the quadrant of  the  cir-
             cumference,  as  the area of an equilateral rectangle is
             to the square on one side.
     
     /*  The part after the last comma is a remarkable way of saying
      *  "as 1 is to 1".  In other words, this says A = (c/4)^2, which
      *  is the same as A = (pi*r/2)^2 = (pi^2/4)*r^2 instead of the
      *  actual A = pi*r^2.  */
     
                                 The diameter employed as the  linear
             unit  according  to  the  present  rule in computing the
             circle's area is entirely wrong, as  it  represents  the
             circle's  area  one  and  one-fifth  times the area of a
             square whose perimeter is equal to the circumference  of
             the circle.
     
     /*  The formula A = pi*r^2 is interpreted as A = d*(c/4), which is correct.
      *  The author claims that the d factor should be c/4, so the ratio of
      *  the area by the author's formula to the area by the real formula
      *  is c/(4*d), that is, pi/4.  Since he believes pi = 3.2, this ratio
      *  is 3.2/4, which is 4/5.  Therefore the area by the author's rule
      *  is 1/5 smaller than the actual area.  Now he apparently thinks that
      *  the reciprocal of 1-1/5 is 1+1/5, and thus that the other area is
      *  1/5 larger than his area, which of course would actually require
      *  the ratio to be 5/6.  */
     
                                 This is because one-fifth of the di-
             ameter  fails  to  be  represented  four  times  in  the
             circle's circumference.
     
     /*  In other words, c = (1-1/5) * (4*d); consistent with pi = 3.2.  */
     
                                 For example: if we multiply the per-
             imeter  of  a square by one-fourth of any line one-fifth
             greater than one side, we can in like  manner  make  the
             square's area to appear one fifth greater than the fact,
             as is done by taking the diameter for  the  linear  unit
             instead of the quadrant of the circle's circumference.
     
     /*  He says that if we consider the area of a square of side x to be
      *  (4*x)*(x/4) and we replace the second x by (1+1/5)*x, we get an
      *  area 1/5 too large, and this is analogous to using d in place of
      *  c/4 with the circle.  */
     
     
             SECTION 2.
                   It is impossible to compute the area of  a  circle
             on  the diameter as the linear unit without  trespassing
             upon the area outside the circle to the  extent  of  in-
             cluding one-fifth more area than is contained within the
             circle's circumference, because the square on the diame-
             ter produces the side of a square which equals nine when
             the arc of ninety degrees equals eight.
     
     /*  I can only assume that "nine" is a mistake for "ten".  See also
      *  the annotation after the next one.  */
     
                                 By  taking  the  quadrant   of   the
             circle's  circumference  for the linear unit, we fulfill
             the requirements of both quadrature and rectification of
             the circle's circumference.
     
     /*  Getting repetitive here...  */
     
                                 Furthermore, it has revealed the ra-
             tio  of the chord and arc of ninety degrees, which is as
             seven to eight, and also the ratio of the  diagonal  and
             one  side of a square which is as ten to seven, disclos-
             ing the fourth important fact, that the ratio of the di-
             ameter and circumference is as five-fourths to four; and
             because of these facts and the further fact that the rule
             in  present  use fails to work both ways mathematically,
             it should be discarded as wholly wanting and  misleading
             in its practical applications.
     
     /*  The meat of the bill.  He says that s/(c/4) = 7/8, and d/s = 10/7,
      *  therefore d/c = (10/7)*(7/8)/4, which he reduces only as far as
      *  (5/4)/4.  Of course this is 5/16, and gives pi = c/d = 16/5 = 3.2.
      *  It also implies that the square root of 2 is 10/7.  */
     
     
             SECTION 3.
                   In further proof of the value of the author's pro-
             posed  contribution  to education, and offered as a gift
             to the State of Indiana, is the fact of his solutions of
             the trisection of the angle, duplication of the cube and
             quadrature of the circle having been already accepted as
             contributions  to  science  by the American Mathematical
             Monthly, the leading exponent of mathematical thought in
             this country.
     
     /*  When I first posted this I assumed that the A.M.M. must have had a
      *  policy of politely acknowledging crankish submissions, but apparently
      *  at one time they simply printed whatever they were sent.  I haven't
      *  checked this out.  */
     
                                 And be it remembered that these not-
             ed  problems  had been long since given up by scientific
             bodies as unsolvable mysteries and above  man's  ability
             to comprehend.
     
     /*  "Given up" is not the same as "proved insoluble"!  */
     
        [Also noted by 
           pcw@access.digex.net (Peter Wayner),
           "Tom Zmudzinski" <zmudzint@cc.ims.disa.mil>, who suggests using 355/113,
           mhaynes@bgsu.edu (Michael F. Haynes),
           clark@cpd125.cpd.ford.com (Andrew Clark), 
           nhy@panix.com (Nina H. Yuan),
           George Jansen <gjansen@seas.gwu.edu>,
           dalamb@qucis.queensu.ca (David Lamb), and
           cc32859@vantage.fmrco.com (Donald Sharp), who wonders 
             ``how many other technically flawed ideas have actually been codified
             into law because not enough people in the legislature understood 
             flaw?  And what is the risk involved in trying to implement laws that
             contradict the fundamental truths of nature?''.
        (However, two of those remembered the state incorrectly.)  I am delighted
        to have this urban nonlegend put to rest.  Thanks.  PGN]
     
     

PI = 3

"Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Thu, 25 Aug 1994 06:56:54 -0500 (CDT)
     
     There are two biblical verses that show PI to have a value of three.
     They seem to be the same information repeated, but from the King James
     version as reported in the Library of the Future CDROM, which seems to
     be filled with texts from the past:
     
     Kings-1 verse 7:23  And he made a molten sea, ten cubits from the one
     brim to he other: [it was] round all about, and his height [was] five
     cubits and a line of thirty cubits did compass it round about.
     
     Chronicles-2 verse 4:2  Also he made a molten sea of ten cubits from
     brim to brim, round in compass, and five cubits the height thereof; and
     a line of thirty cubits did compass it round about.
     
     Leonard P. Levine, Professor, Computer Science, Univ. of Wisconsin-Milwaukee  
     Box 784, Milwaukee, WI 53201  levine@cs.uwm.edu   1-414-229-5170
     
     
---------------------------------------------

Re: The new Cray and Unix passwords...

"Chris Ransom" <chris@quests.com>
Thu, 25 Aug 94 09:45:13 PDT
      
     Mr. Wayner neglects to consider the "salt" values used to hash the passwords
     which prevent this type of attack. All 1000 passwords would likely require
     independent encryption with unique salt values.
      
     Chris Ransom   chris@quests.com
     
     
---------------------------------------------

Previous Issue Index Next Issue Info Searching Submit Article


Report problems with the web pages to Lindsay.Marshall@newcastle.ac.uk.
This page was copied from: http://catless.ncl.ac.uk/Risks/16.35.html
COPY!
COPY!
Last modification on 1999-06-15
by Michael Blume