Personal tools
total.html
The CPSR Newsletter Volume 17, Number 1; Winter 1999 Print-Ready Layout http://www.cpsr.org/publications/newsletters/issues/1999/Winter1999/total.html Welcome. This is the printable, complete version of the first-ever online newsletter of CPSR (http://www.cpsr.org/publications/newsletters/issues/1999/Winter1999/index.html). Welcome to the first-ever online newsletter of CPSR. You will notice the table of contents is on your left on all our pages. We know that this issue will prove fruitful and fun for you. If you are a CPSR member, you can contact our National Office at cpsr@cpsr.org to have the print-out file sent in the mail. CPSR maintains an e-mail list server for Y2K discussions. To subscribe, send an e-mail message to listserv@cpsr.org with the body of the message containing the line "subscribe cpsr-y2k myname" except use your own name in place of myname. For more information, see http://www.cpsr.org/lists/list-subscription.html. We know that this issue will prove fruitful and fun for you. A good place to begin is the introduction, Y2K: The Broad View, by guest editor Marsha Woodbury. You can browse through some of our older issues, too, by following the link to the CPSR Newsletter Index (http://www.cpsr.org/publications/newsletters/). Table of Contents: Marsha Woodbury CPSR-Y2K Web Pages
at http://www.cpsr.org/program/y2k
Arthur C. Clarke Anthony Ralston Peter Neumann Gary Chapman Lenny Siegel Norman Kurland Y2K and Nuclear Weapons Letters Seeking Help on Nuclear Weapons Issues from Michael Kraig Alan Phillips
Gary Chapman Y2K Humor from the Internet and Beyond Cartoon (may crash older browsers) CPSR news: Aki Namioka Netiva Caftori The CPSR Newsletter is published quarterly by Computer
Professionals for Social Responsibility, P.O. Box 717, Palo Alto, CA 94302 www.cpsr.org Copyright 1999 by CPSR. The CPSR Newsletter is guest edited by CPSR members.The newsletter articles do not necessarily reflect an official CPSR position on issues. Guest Editor Executive Editor Editing Online Layout & Design CPSR Board of Directors Aki Namioka, President Marsha Woodbury, Chair Tom Thornton, Treasurer Paul Baker, Secretary Richard Barry, MidAtlantic Director CPSR National Office Staff CPSR's Corporate Sponsors You can send comments or questions to newsletter@cpsr.org.Last modified: Sunday, 14 March 1999. |
Y2K: The Broad View
by Marsha Woodbury
"Will my house be warm on January 1, 2000?" "Will I be able to fill my gas tank?" "Will we have an accidental war?" "Should I take all my cash out of the bank?" These are the questions inundating CPSR members. The most obvious response CPSR can make is to dedicate an issue of the newsletter to sating the thirst for accurate, no-nonsense knowledge and sharing our take on the issues.
However, among our own ranks is an ambivalence about the millennium bug, or the year-2000, or Y2K, problem. While one CPSR member stated that Y2K "is absolutely the most important CPSR issue for the coming year," another insisted that Y2K is no different than any other issue of computer risk, and a third worried that CPSR would join the media bandwagon or be seen as one of the doomsday groups.
We may not have to worry on that last score. A recent issue of the New York Times Magazine neatly divided the millennium watchers into categories such as "Christian doomsday," "U.F.O. deliverance," "Y2K chaos," and "avenging planet." The Y2K risk has prompted the formation on one survivalist group in the hills of Arkansas awaiting Judgment Day [1]. We would have to go out on a thin limb indeed to outdo the apocolypters. We do, however, think you will enjoy both our section on Y2K humor and the "The Century Syndrome" from Arthur C. Clarke's 1990 novel The Ghost from the Grand Banks. By email from Sri Lanka, Clarke generously allowed CPSR to publish the book chapter, which envisions financial fallout from millennium computer problems.
Though not extremists, we in CPSR are devoting this newsletter to Y2K because there is no escaping the unique features of this problem: the universal date for concern, the uncertainties, the technological causes. These technological causes prompted the article "A Perspective on Y2K" by Peter Neumann, who won the Norbert Weiner Award in 1997 for his work documenting computer risks. He views Y2K as a serious concern and also as the tip of a much larger iceberg of computer risk.
This global deadline has handed CPSR a gift, a "teachable moment" when the community wants to listen. That's an odd thing to say about the possibility of frustration and hardship, but it's true. People are looking for answers, for reasons. President Clinton mentioned Y2K in his State of the Union message-it is becoming a household word. Y2K provides us with an opportunity to let others know about computer risks and incorrect assumptions, about reliable technology and sound programming practice. As Gary Chapman, former Executive Director of CPSR, writes in his article "Now for Another Daunting Y2K Task: Educating America's Masses," we have work to do.
The Problem
Does "01/01/00" stand for January 1, 1900 or January 1, 2000? That's the simplified translation of the date-sensitive computing glitch. The real explanation is a bit more complicated. The Y2K problem originated with a standard accounting practice used before computers became ubiquitous. That practice was to write the date with two digits, as in '39 or '51 [2]. Early programmers found it natural to continue the abbreviation, because as Don Million wrote, "Back then a 630-megabyte disk drive was about the size of a 30-gallon trash can, and cost as much as a new car" [3]. Wasting two characters every time a date was stored seemed foolish. Also, programming itself was more time-intensive and expensive, and spending hours writing a date routine that would deal with 2000 would have seemed wasteful of scarce resources. Later, when computing became less expensive and less labor-intensive, the year 2000 could be handled more easily. As the millions watching the 1999 Super Bowl learned from Apple Computer's clever HAL commercial, Apple computers have been date-compliant from their beginning.
Yet other producers didn't deal with 2000 properly, and computer chips and startup systems are configured incorrectly to deal with time. Even though memory and storage became cheaper and programming more efficient, date-sensitive errors continued to occur. Today, IBM-compatible personal computers (PCs) have Y2K problems and must be checked for compliance. In fact, PCs using 486 processors or lower can be expected to have century-date problems, and some pentium processors are not year-2000 compatible either, according to the Federal Reserve Board http://www.bog.frb.fed.us/y2k/pctesting.htm(http://www.bog.frb.fed.us/y2k/pctesting.htm).
We must also remember that the phrase Y2K can refer to any date-related malfunction during 1999, such as 04/07/99, the 99th day of 1999, because the numbers 999 were once used to indicate the termination of a computer program. Some computers could thus terminate when they reach 9999. Another date that some programmers worry about is in the next millenium, 02/29/00, the leap-year day. Many date-associated problems are possible (see the CPSR Y2K Working Group Web pages for more details). In this article and throughout the issue, the term Y2K includes related problems of date sensitivity and date compliance.
We can revise and correct software code for computers, but what will we do about embedded systems? The Institution of Electrical Engineers (IEE) has mounted vast quantities of information at http://www.iee.org.uk/2000risk/. Embedded systems are single- or multi-purpose devices than exist within a larger product, be it a coffee maker, a car, or a missile. Although only a small percentage of these chips will not be date-compliant, we don't know which ones they are. If we do find the chips that will fail, how quickly can we replace them?
Think of the problem this way: a worker may have access to three or four PCs, including laptops and personal assistants, perhaps using Windows 95 or Windows NT. Some of these machines may be old and all have a variety of software added by former users. Perhaps one of these machines is dependent on a network involving the hundreds of computers in a building. When that machine is attached to the Internet, the number of switches and routers and computers that the worker depends upon grows astronomically. A small failure anywhere may have consequences far beyond a single cubicle. Of course, a failure in the computer-dependent power supply will render computers useless anyway.
James Gleick said that "dawn will break on Sunday, January 1, and the Western calendar will turn to the year 2000 C.E., and the sky will not fall" [4]. The severity of the computer problems may be slight, or as Howard Rubin says, at worst Y2K will be the weather equivalent of a sunspot barrage, as if we had natural disasters in scattered locations at the same time. If nothing big happens, our worries could then concern things that we cannot touch or feel, such as slight errors in financial statements.
How about celebrating in Times Square on New Year's Eve, 1999? That would not be my choice, because large population centers could suffer discomfort if traffic lights or utilities were to fail. However, forewarned is forearmed, and if everyone in Times Square watching the crystal ball fall were aware that they might undergo delays caused by malfunctioning of traffic lights, no harm would be done. It's all a matter of education and awareness.
We in CPSR should inform people about what we know and what we don't, and help our country, local government, services, companies, and families adjust to some uncertainty. Wherever we are, we have to help set priorities and avert spreading panic. After Y2K, we have to replace or fix problem technology. To further that end, Norman Kurland and others in the CPSR Y2K Working Group wrote the letter to the New York Times that appears in this issue of the newsletter.
What Do We Know?
My own research into the risks of Y2K problems reveals that not every computer or embedded chip will be Y2K compliant. In fact, that is probably an understatement. Even if every mainframe problem were repaired, many desktops, palmtops, and laptops might have noncompliant applications on them [5].
The complexity of our credit card systems of billing and records are so elaborate that we might shudder at the thought of making everything work together. We now carry several cards with expiration dates of 00 and 01, and that is scant cause for complacency. Should we feel better because of the reassuring posts we receive in our bank statements? Repeatedly, banks assure us that date-sensitivity will not be a problem, and they may be correct, within the realm they can control.
And even if all computers in the United States work perfectly on January 1, 2000, we have real reason to fear failures in other parts of the world in systems that are interconnected with ours and that we depend upon. A noncompliant system can effect a compliant one. When pressed to identify the countries that are not working hard enough to meet the challenge, Ahmad Kamal, Pakistan's Ambassador to the United Nations, said, "I think it would be self-defeating to try to identify the worst parts of the world. Everybody is in the worst part of the world. All of us are responsible" [6].
China is seriously working on Y2K and has given its airline CEOs an ultimatum for fixing the problem: all the heads of the airlines will be in the air on January 1, 2000. Zhao Bo, Y2K head of the Chinese Ministry of Information Industries, said, "We have to make sure there are no problems in aviation" [7]. By the way, a survey of technology executives who were asked, "Would you fly on January 1, 2000?" turned up 63 percent of the respondents saying "no," in comparison to other travelers, 39 percent of whom answered "no" [8].
China has other concerns too. Since the Chinese use pirated software-indeed, 90 percent of their software is pirated-their technicians cannot consult the manufacturers about how to fix Y2K problems. Accordingly, the Ministry of Information Industries has trained more than 5,000 freelance fixers who will fan out across the country to work on computer systems, and the government has published a list of emergency procedures for computer users [9].
The Russian government has relied more heavily on PCs and midrange computers than larger mainframes, so its repairs of Y2K will be decentralized. Also, many of its PC-based applications are written in nontraditional programming languages, and Russia has been working to convert Russian systems into more universally used computer languages, such as C++ and Java [10].
Here in the United States, industry trainers are preparing people to fix Y2K coding. Their students may have never seen code before, and the trainers have to expand their short courses to introduce the multitude of problems that appear in existing, or legacy, code. Students need to learn such techniques as data expansion, year compression, full date compression, and conversion to binary dates. These trainers are also preparing the people who answer the help desk/technical support calls to cope with increased numbers and kinds of inquiries. Help workers will need expertise in distinguishing between a Y2K problem and a normal one [11]. Hewlett-Packard offers a three-day course on the planning and implementation of Y2K procedures, good for people in the early stages of coping with Y2K. IBM offers a 12-day course on COBOL for new programmers, a "fast track Y2K boot camp." Some programs are being sent to other countries such as India to have the corrections made.
Obviously, if you make changes in an existing program, you need to test it extensively to ensure that it works or that you have not introduced more errors. Y2K thus opens the door to even more problems.
On the other hand, in some instances,Y2K may be a blessing, because old programs filled with patches and quick fixes will be junked, and firms and governments will spend the money necessary to make long overdue replacements.
Should We Run to the Hills?
The short answer is no. The longer answer is that computer professionals can help communities and organizations prepare for possible computer failures. We shouldn't try to do the work already being done by civil defense experts; we can leave that to the people who specialize in handling emergencies. The Red Cross (http://www.redcross.org/Y2K.html) is one such organization helping to assist in Y2K contingency planning. Our role is to help with the things we know about and to take this opportunity to educate people about what computers are, how they are made and programmed, and what the risks are of relying on them so completely. You will notice the word responsibility repeated through this issue. Tony Ralston, professor emeritus of computer science and member of the CPSR advisory board, gives his impressions of the Y2K problem in "Y2K and Social Responsibility." Ralston argues for finding hard facts and verifiable incidents before talking about any problems with time-sensitive programs. He points out the absence of hard data.
We need to anticipate some failures and plan ahead. Actions are simple: back up your files. Keep copies of all your financial statements. Organizations ought to be ready to send out checks by hand. If railroad signals fail, we can keep freight and people moving by using humans to signal trains onward. Airports can slow traffic to a pace that can be dealt with.
Since we deal with weather-caused disasters all the time, we should likewise be able to cope with any stoppages or shortages from computer failure. Perhaps that explains why concerned computer scientists are focusing on nuclear and chemical hazards rather than the everyday problems. We know what to do when a traffic light stops working, but what will happen in Russia if an early-warning missile-detection computer freezes up? Accordingly, in this issue we devote most of our attention to these questions. Lenny Siegel's article "OOPs 2000: The Y2K Bug and the Threat of Catastrophic Chemical Releases," covers one aspect. CPSR has also been in touch with Helen Caldicott (Physicians for Social Responsibility) and Alan Phillips (Physicians for Global Survival, Canada). They've helped us present statements from prominent computer scientists Khursch Ahmed, David Parnas, Barbara Simons, and Terry Winograd on nuclear weapons concerns. The goal is to remove nuclear warheads from missiles, "de-alerting" them, to ensure safety during the coming years. This theme is dealt with in letters from Alan Phillips and Michael Kraig, "Seeking Help on Nuclear Weapons Issues." For further analysis, you can read Michael Kraig's monograph A Bug in the Bomb [12]. Gary Chapman also focuses on weapons in his article "A Moral Project for the 21st Century: Stop Creating Better Weapons."
The Big Picture
Peter Neumann, Tony Ralston, and others warn us that our society is becoming increasingly dependent on systems that have no owner. As CPSR member Ellen Ullman has written in Salon Magazine:
Even if you have the source code in front of you, there are limits to what a human reader can absorb from thousands of lines of text designed primarily to function, not to convey meaning. . . . The Year 2000 problem is an example on a vast scale of knowledge disappearing into code. And the soon-to-fail national air-traffic control system is but one stark instance of how computerized expertise can be lost. In March, the New York Times reported that IBM had told the Federal Aviation Administration that, come the millennium, the existing system would stop functioning reliably. IBM's advice was to completely replace the system because, they said, there was "no one left who understands the inner workings of the host computer."
No one left who understands. Air-traffic control systems, bookkeeping, drafting, circuit design, spelling, differential equations, assembly lines, ordering systems, network object communications, rocket launchers, atom-bomb silos, electric generators, operating systems, fuel injectors, CAT scans, air conditioners-an exploding list of subjects, objects, and processes rushing into code, which eventually will be left running without anyone left who understands them [13].
CPSR would like to catch public attention now, at this teachable moment, and use the heightened awareness that Y2K gives us to talk about more than date sensitivity. Let's use Y2K to explore computer risks and our relationship to them. With that in mind, welcome to the Y2K newsletter!
References
[1] Heard, Alex and Peter Klebnikov, "Apocalypse Now, No, Really. Now!"
New York Times, Dec. 27, 1998, p. 42.
[2] Holmes, Neville Computer, Nov. 1998, 31(11), p. 2.
[3] Million, Don, "1999: A Mystical Year?" Mensa Bulletin,
Jan./Feb. No. 423, pp. 26-27.
[4] Hamilton, Scott, "Diary of a Y2K Consultant: Bracing for the
Millennium," interview of Howard Rubin, Computer 1999, 32 (1).
[5] Gowan, J. A. , C. Jesse, and R. G. Matthew, "Y2K Compliance and the
Distributed Enterprise," Communications of the ACM, Feb. 1999, 42(2), pp.
69-73.
[6] Kirsner, Scott "Millennium Man," CIO Enterprise, 12(7), pp.
54-57.
[7] St. Petersburg Times, January 15, 1999, as reported in Edupage.
[8]Communications of the ACM, 41(11), Nov. 1998, p 10.
[9] Associated Press, January 23, 1999, as reported in Edupage.
[10] TechWeb January, 15, 1999, as reported in Edupage.
[11] Auerbach, Sarah, "Teaching Methods Change as Time Grows Short,"
Inside Technology Training, Nov. 1998, 2(10) p. 53.
[12]Kraig, Michael, "A Bug in the Bomb,"published by the British American
Security Information Council, 1998, ISBN 874533-34-2, http://www.basicint.org/.
[13] Ullman, Ellen "The Dumbing-Down of Programming, Part Two: Returning to the Source." Salon Magazine, May 13, 1998, http://www.salonmagazine.com/21st/feature/1998/05/13feature.html.
Marsha Woodbury is the Chair of CPSR. She can be contacted at mwoodbury@cpsr.org.
The Century Syndrome
by Arthur C. Clarke
Published with permission of the author. "The Century Syndrome" is a chapter from the book The Ghost from the Grand Banks (New York: Bantam Books, 1990, pp. 19-21). You can buy books by Arthur C. Clarke through the CPSR Online Bookstore.
When the clocks struck midnight on Friday, 31 December, 1999, there could have been few educated people who did not realize that the Twenty-first Century would not begin for another year. For weeks, all the media had been explaining that because the Western calendar started with Year 1, not Year 0, the Twentieth Century still had twelve months to go.
It made no difference; the psychological effect of those three zeros was too powerful, the fin de siécle ambience too overwhelming. This was the weekend that counted; 1 January 2001 would be an anticlimax, except to a few movie buffs.
There was also a very practical reason why 1 January 2000 was the date that really mattered, and it was a reason that would never have occurred to anyone a mere forty years earlier. Since the 1960s, more and more of the world's accounting had been taken over by computers, and the process was now essentially complete. Millions of optical and electronic memories held in their stores trillions of translations--virtually all the business of the planet.
And, of course, most of these entries bore a date. As the last decade of the century opened, something like a shock wave passed through the financial world. It was suddenly, and belatedly, realized that most of those dates lacked a vital component.
The human bank clerks and accountants who did what was still called "bookkeeping" had very seldom bothered to write in the "19" before the two digits they had entered. These were taken for granted; it was a matter of common sense. And common sense, unfortunately, was what computers so conspicuously lacked. Come the first dawn of '00, myriads of electronic morons would say to themselves "00 is smaller than 99. Therefore today is earlier than yesterday--by exactly 99 years. Recalculate all mortgages, overdrafts, interest-bearing accounts on this basis. . . . The results would be international chaos on a scale never witnessed before; it would eclipse all earlier achievements of artificial stupidity--even Black Monday, 5 June 1995, when a faulty chip in Zurich had set the bank rate at 150 percent instead of 15 percent.
There were not enough programmers in the world to check all the billions of financial statements that existed, and to add the magic "19" prefix wherever necessary.The only solution was to design special software that could perform the task, by being injected--like a benign virus--into all the programs involved.
During the closing years of the century, most of the world's star-class programmers were engaged in the race to develop a "Vaccine '99"; it had become a kind of Holy Grail. Several faulty versions were issued as early at 1997--and wiped out any purchasers who hastened to test them before making adequate backups The lawyers did very well out of the ensuing suits and countersuits.
Edith Craig belonged to the small pantheon of famous women programmers that began with Byron's tragic daughter Ada, Lady Lovelace, continued through Rear Admiral Grace Hopper, and culminated with Dr. Susan Calvin. With the help of only a dozen assistants and one SuperCray, she had designed the quarter million lines of code of the DOUBLEZERO program that would prepare any well-organized financial system to face the Twenty-first Century. It could even deal with badly organized ones, inserting the computer equivalent of red flags at danger points where human intervention might still be necessary.
It was just as well that 1 January 2000 was a Saturday; most of the world had a full weekend to recover from its hangover--and to prepare for the moment of truth on Monday morning.
The following week saw a record number of bankruptcies among firms whose accounts receivable had been turned into instant garbage. Those who had been wise enough to invest in DOUBLEZERO survived, and Edith Craig was rich, famous. . . .and happy.
Only the wealth and fame would last.
Y2K and Social Responsibility
by Anthony Ralston
What does it mean for a computer professional to be socially responsible about Y2K? Not, I submit, a simple question. On the one hand, Y2K is a real problem with potentially life- and safety-threatening consequences for a considerable number of people. Thus, social responsibility by computer professionals requires them to publicize the dangers and, for those in appropriate professional positions, to do everything possible to alleviate the dangers. But on the other hand, fomenting unnecessary fear, even hysteria, about Y2K is, has been and will be socially irresponsible. Finding the line between these is not trivial.
I am told that recently a televangelist in the U. S. claimed that the Y2K problem is the work of Satan and that the great calamity which would result from it is among those actually mentioned in the Book of Revelation. We may--and probably should--laugh at such idiocy. But are we sure that the genesis (no pun intended) of such predictions is not perhaps the result of excessive hand-wringing about Y2K? Then there are those, including, sadly, some computer professionals, who are already storing food or making plans to retreat to cabins in the woods because of the awfulness that will occur on 1 January 2000. Whatever may occur on that day--and, I repeat, there could be some very serious effects, indeed--does any sane person really believe in such an apocalyptic vision of what may happen?
I don't pose as a technical expert on Y2K or, for that matter, on much of anything else. Although at one time my knowledge of computer systems might have merited the expert label, those times are long past. Still, it is hard not to wonder whether the doomsayers have got it right or are even in the vicinity of being right, given the flimsy evidence to support their predictions of trouble or the cost of averting that trouble. Perhaps it is true that, for example, Citibank is planning to spend $600 million on avoiding Y2K problems but, even if this estimate proves anywhere near correct, it is surely true that some (much?) of these funds will be used for normal software maintenance and upgrades.
In the health, transportation (particularly airline), and utility sectors of the world economy, we should all hope that successful efforts will be made to make systems Y2K compliant since failure might well put lives at risk. A similar stricture is in order for production facilities where sudden shutdown could endanger life. And, although the risks seem to be somewhere between minimal and nonexistent (except, perhaps, in Russia), steps should and surely are (see F.A.S. Public Interest Report, Journal of the Federation of American Scientists, July/August 1998) being taken to ensure that nuclear weapons systems are Y2K compliant. Beyond these areas, however, the risks are almost entirely financial and, while these risks should not be taken lightly, most are probably better approached by benign neglect than by major expenditures before the fact. Indeed, a socially responsible position on Y2K suggests the following triage: work flat out on making life- and health-critical systems Y2K compliant, make appropriate effort when major financial interests are involved, but otherwise, see what happens on 1 January 2000 while making preparations for anything that might go wrong.
The last category surely involves the vast majority of all situations. Moreover, very few such systems will prove to be Y2K noncompliant on 1 January 2000. Almost no one believes any more, for example, that credit cards with expiration dates in 2000 will cause trouble. And even when problems do occur--with bank accounts, for example--they will be short-lived and relatively benign. Some people have suggested that "bank accounts could be wiped out" (The Times, London, 6 November 1998) but, given standard system backups, to say nothing of personal records, such an eventuality was never in the cards.
I seem to have detected a lessening in recent months of what can only be called the Y2K hysteria. As Anthony Finkelstein has written, "The vast majority of these stories [about forthcoming Y2K disasters] are irresponsible scaremongering" (London Daily Telegraph, 1 April 1998). Examples of such scaremongering are predictions that those made "cold, hungry and unemployed" (Stuart Umpleby, Internet distribution, 7 July 1998) in other countries by Y2K will view Americans as scapegoats, since Y2K may make Americans relatively even wealthier than they are. Senator Robert Bennett (Republican, of Utah) has even suggested that one result of Y2K will be the largest wealth transfer in history "from noncompliant firms and countries to compliant firms and countries" (Stuart A. Umpleby, op cit). Or how about: "Y2K is probably the biggest problem our nation has faced in 100 years" (J. Wise, email to Harlan Smith, 19 July 1998)?
Indeed, it seems to be true as I write that real empirical evidence about serious potential Y2K problems is still (almost?) totally lacking. What have been the costs of Y2K fixes already made? What Y2K problems have been found which, if not corrected, would have caused serious threats to life, health, or wallets on 1 January 2000? Perhaps it is the absence of such data that has resulted in reduced anxiety; if good data on costs and problems are not available, perhaps the problem is less serious than thought only several months ago.
Since incompetence is a kind of social irresponsibility, CPSR members should be particularly concerned about how Y2K reflects on computer software professionals and, it must be said, on those who taught them. It may be that little blame can be attached to the Cobol programmer who wrote a non-Y2K-compliant program in 1966. But any program written later than, say, the mid-1980s that was not Y2K compliant was written by an incompetent programmer. And buying any such program was a sign of incompetent management. Is the software industry as incompetent as the furor about Y2K would imply?
Of particular note here are embedded systems, partly because there are so many millions of embedded chips and partly because so many of them are in online systems whose failure would generally be more serious than in business information systems. Very few, if any, of the chips in embedded systems were programmed so long ago that it would have been forgivable to ignore Y2K. On the other hand, probably very few such systems are Y2K noncompliant because "most [chips in such systems] do not have a clock function" and, of those that do, many "only measure time intervals between events without reference to days, weeks, months or years" (Alastair McIntosh on Silicon Investor Website, 3 May 1998). This is another Y2K issue for which it would be nice to have some data rather than just claims on both sides.
Y2K presents many challenges to CPSR. In addition to those mentioned heretofore, there is the need to educate the public generally, since many of the more hysterical reactions to Y2K stem from the fact that, despite the ubiquity of computers, "people do not understand software" (Anthony Finkelstein, The Engineer, 1998). As Marsha Woodbury noted in the fall 1997 issue of this newsletter, "Leadership is needed to raise public awareness of the year 2000 problem without causing panic." That is surely as true now as it was over a year ago.
Tony Ralston is Professor Emeritus of Computer Science and Mathematics at SUNY at Buffalo and an Academic Visitor in the Department of Computing, Imperial College, London, U.K. Dr. Ralston is also a long-time member of the CPSR Advisory Board. He can be contacted by email at ar9@doc.ic.ac.uk.
A Perspective on Y2K
by Peter Neumann
The year-2000 problem is either massive overhype, a serious problem, or both. The most nagging aspect is that exactly what will happen is not clear, although it is clear that outages in electric power systems and telecommunications would have significant effects elsewhere--transportation, food delivery, water supplies, and indeed the abilities of governments to operate effectively. We have become enormously dependent on computer-communication technology in almost every respect. We should expect that some people and businesses could be seriously inconvenienced--especially in the northern hemisphere, where it will be winter. Thus, it would be prudent for everyone to understand the risks and act accordingly. Panic is not appropriate; however, due care is clearly socially responsible in light of the considerable uncertainty about what might really happen.
All of the critical national infrastructures are increasingly dependent on information systems and the Internet. Public utilities are of concern, particularly with respect to smaller companies. Aviation is potentially at risk, with its archaic air-traffic control systems. Railway transportation is also at risk. Financial systems are reportedly in better shape--potential loss of money is clearly a motivating factor.
For about a year and a half, Congressman Stephen Horn has been issuing a periodic report card on the Y2K preparedness of the departments and agencies of the U.S. Government. The Departments of Justice, State, Education, Energy, and Health and Human Services are all flunking. In recent months, Justice and Education have fallen further behind. Transportation and Defense have only slightly improved their earlier failing grades. Treasury (which issues the checks) gets a D+. (The report cards are on line at http://www.house.gov/reform/gmit.) Furthermore, local governments may be particularly vulnerable, because they lack the knowledge and resources needed to understand the risks.
Calendar-clock problems have been around for a long time; it's just that this one has an immovable point of no return. (There are likely to be leap-year effects as well.) However, much deeper problems are being masked by the feeding frenzy over Y2K. One is a perpetual lack of foresight in building complex computer-based systems. Another is the poor practice of software development, particularly with respect to life-critical and mission-critical systems, with requirements such as very high availability and strong security. One nasty manifestation of development practice is that trying to fix systems, especially in a hurry, often introduces new flaws and vulnerabilities. The archives of the Risks Forum document many of these difficulties.The RISKS archives are available with a nice search facility at http://catless.ncl.ac.uk/Risks courtesy of Lindsay Marshall, or by ftp at ftp://unix.sri.com/risks. You can send automated Majordomo subscriptions to risks-request@csl.sri.com with the one-line text SUBSCRIBE.
Unfortunately, there are no easy answers. Many different operating systems, application programs, programming languages, and databases are involved. Even if everything appears to work locally, interdependencies are likely to emerge when Y2K happens that could not be detected by testing. One of the largely unnoticed problems is that database management systems may have lurking two-digit data fields; heterogeneous combinations of database management systems may result in insidious incompatibilities if different fixes are used.
Intriguing risks can also arise from letting supposedly trustworthy third-parties fix your software. These risks include further flaws, theft of proprietary code, Trojan horses, and liability issues when the third party goes out of business on January 1, 2000. Note that many Y2K repair efforts for domestic software are being performed in other countries. This risk, of course, applies to other nations as well, some of which are in much worse shape than the United States.
One serious concern is that even if no Y2K technological problems occur when January 2000 rolls around (and I seriously doubt that we will escape unscathed), panic may set in as the end of the year approaches. The current Federal Reserve cash amounts would not be adequate if everyone decided to have more than (on average) $1,000 in hand for Y2K. Food hoarding is also likely. Moreover, there already appears to be a huge new market for electrical generators and emergency food rations.
To stave off panic, we may hear from government and utility officials that everything is under control, don't worry about a thing, everyone will be taken care of. But that is also not credible, especially in light of Stephen Horn's report card and the fact that many organizations have yet to begin assessing their vulnerabilities. Such reassurance also runs counter to the grain of logic, based on the archives of the Risks Forum, not to mention Murphy's Law. Even worse, Y2K represents an extraordinary target for terrorists, who just might have read the report of the President's Commission on Critical Infrastructure Protection (http://www.pccip.gov). Therefore, realism is required, as well as much deeper study of what the real vulnerabilities and risks are, and what must be done to reduce those risks. But throughout, we must not lose sight of the longer-range issues: there are many risks to the public in the use of computers and communications (for example, see ftp://ftp.csl.sri.com/pub/users/neumann/illustrative.ps or .pdf), and Y2K is just the tip of a very large iceberg.
Peter Neumann is Principal Scientist, Computer Science Lab; Chairman of the ACM Committee on Computers and Public Policy; Moderator of the Risks Forum; and member of the General Accounting Office Executive Council on Information Management and Technology (focusing largely on Y2K, particularly regarding the U.S. Government). He received CPSR's Norbert Wiener Award in 1997. His book Computer-Related Risks (Addison-Wesley 1995, more recent information on line) documents many of the risks involved in the use of information systems. You can reach him by email at Neumann@CSL.sri.com, or on the Web at http://www.csl.sri.com/~neumann/.
Now for Another Daunting Y2K Task: Educating America's Masses
by Gary Chapman
From the March 1 edition of Gary's column "Digital Nation" in the Los Angeles Times. Copyright 1999 Los Angeles Times. All Rights Reserved. Reprinted with permission of the author.
Last week, details of a new U.S. Senate report on the year 2000 software bug leaked to the media revealed serious concerns about the readiness of several national economic sectors, including health care, oil, education, farming, food processing, and construction, among others.
A number of government agencies are woefully behind too, including the Departments of Defense and Energy and the Federal Aviation Administration.
The new report, one of the most comprehensive reviews of the Y2K bug to date, is expected to be formally released Tuesday, March 8, at a news conference in Washington called by the Senate Special Committee on the Year 2000 Technology Problem.
By now, most experts, even the optimists, agree that many computer systems vulnerable to the software date flaw will not be fixed by January 1. And the draft copy of the Senate report says that "The interdependent nature of technology systems makes the severity of possible disruptions difficult to predict."
We've gone through three distinct phases of the year 2000 problem so far. The first involved simply alerting people responsible for computer systems to the nature of the bug. Next came a phase in which many companies and other institutions remain, that of fixing software by rewriting code or replacing programs and chips. And now many managers are in a third phase, that of contingency planning, sometimes called "business continuity planning," which attempts to forecast possible disruptions and prepare for them.
But now it's time for a fourth phase, one we're only beginning to see unfold: public education and preparedness.
Most of the people who have been responsible for and knowledgeable about the Y2K bug have been so busy fixing computers that they haven't had time to think about how to educate the public, but they're beginning to regard doing so as the most important task for the time we have left, which is now a mere 305 days. It's a daunting task, unprecedented in its scope and significance: educating each and every citizen of the United States about a relatively arcane technical problem that many citizens still do not understand or even know about.
Many communities throughout the country are planning public education efforts, such as town hall meetings, media campaigns, public service announcements, brochures, and the engagement of churches, community organizations, schools, and private businesses. Useful material has been developed to support such activities, especially the Y2K Citizens' Action Guide, a small booklet published by the Utne Reader in Minnesota, available in bookstores and on the Web.
The challenge of public education about Y2K is especially severe in a city the size and diversity of Los Angeles.
Frank Martinez is executive director of the city's Year 2000 Project, a program of the city's Information Technology Agency, and his team has been thinking about how to get the word out.
The City Council recently approved $100,000 to hire a professional public relations firm to craft a multimedia campaign to educate the public about Y2K in Los Angeles. Martinez said his agency has received three proposals and expects to hire a PR firm this month.
"We're hoping for a multimedia campaign with public service announcements, material in libraries, police stations, social service agencies, and so on," Martinez says. His agency is sending people out to community meetings and homeowners' associations that request public speakers on how to prepare for Y2K. Because of limited personnel, Martinez and his staff are trying to get community organizations to hold joint meetings.
The city has a toll-free telephone number with Y2K information (888-356-4661), as well as a Web page with some useful tips about preparedness.
"Our main message," Martinez says, "is that the kind of preparation we are recommending is the kind of preparation that should be done on a regular basis if you live in Southern California."
He means that people in the region should observe the same kind of preparation as for an earthquake or other natural disaster. That includes storing food, water, emergency supplies, prescription drugs, and cash for up to a week. Cash reserves should be accumulated over the entire year, rather than in November and December, he said.
"In addition, specific to Y2K, we are recommending that people have good and accurate financial records, bank statements, credit card records, insurance policies, etcetera, in hard-copy form and stored in a safe place," Martinez said, adding that people should get in the habit of keeping their gas tanks filled.
Any concerns about specific devices, he added, should be addressed to the manufacturer.
"We continue to believe that any disruptions will be relatively minor and of short duration, and we think we can respond quickly," Martinez said.
However, Los Angeles needs to prepare for worst-case scenarios, he noted, so all city agencies will be involved in an emergency-preparedness exercise the last weekend in May.
Public officials responsible for the Y2K problem are faced with several competing and vexing difficulties. They are typically charged with fixing the Y2K bug in public-sector computers at the same time that they're supposed to be educating people about how to prepare, and both tasks are full-time jobs.
They need to strike a balance between alerting people and not fostering unnecessary and dangerous panic. They have to negotiate with some people who have alarmist agendas, and they have to reach out to communities with diverse ranges of literacy, language, familiarity with technology, and capabilities. Low-income neighborhoods have to be a priority, of course, because they're likely to be least prepared and least able to set aside supplies they might need in an emergency.
Eric Utne, founder of the Utne Reader, sees a silver lining in this crisis. He says in his publication's booklet, "As we prepare for Y2K, something surprising and quite wonderful is going to happen. We're going to get to know our neighbors." This is one of those rare times, encountered usually only in war or after a natural disaster, in which the public-spiritedness of citizens will be tested, no matter what the effects of the computer bug turn out to be. Every citizen who cares about the quality of life in the nation should turn his or her attention to how to help avert a crisis and build common bonds of trust and preparedness. We have 305 days left to show how well we can work together.
Gary Chapman is director of the 21st Century Project at the University of Texas at Austin. His email address is gary.chapman@mail.utexas.edu.
OOPS 2000: The Y2K Bug and the Threat of Catastrophic Chemical Releases
by Lenny Siegel
One critical year-2000 issue that has not yet been adequately addressed is the risk of large accidental releases of toxic or even lethal chemicals. As many as 85 million Americans live close enough to chemical, petroleum, and other facilities where there is a risk of death or acute injury from a chemical release. Those plants, like most other modern industrial operations, are vulnerable to the Y2K bug. Fearing the economic loss and/or liability of shutdown, many of the companies that own and run those facilities are working to identify and correct Y2K-dependent software and hardware. At least at those firms that are addressing the problem, the chance of a catastrophic breakdown is low.
But it is not zero. And many businesses--particularly the smaller, financially strapped, and less sophisticated ones--are making little, if any progress. A large, unknown number of embedded chips and software that control chemical systems throughout the United States--in fact the world--are Y2K dependent and probably noncompliant. Even if system owners redouble their efforts to identify those points of weakness and render them compliant, there remains a real chance that both industrial processes and safety backup systems will fail. We don't know where the leaks or explosions will occur, but the chance is real that vast numbers of workers and plant neighbors will be killed or injured unless contingency plans are made.
Particularly since Union Carbide's plant in Bhopal, India released deadly chemicals into adjacent communities, residents and emergency responders near U.S. chemical facilities have demanded that they play a role in preparing for the worst. They have a right to know the risks. They must have the opportunity to develop or influence contingency plans.
In some areas, such as Richmond, California--site of numerous toxic refinery releases--emergency warning systems have been established. In Silicon Valley, where I live, municipalities, led by their fire departments, have enacted strict controls on the storage of toxic gases at chipmaking and other factories. To be prepared for Y2K toxic releases, communities need to know which chemicals each facility stores, and how the containment of those substances depends upon the uninterrupted operation of computer systems and embedded chips. Though there are laws and regulations on the books that require some disclosure, they are insufficient. Given the slow pace of the regulatory process, there is scant chance that new rules will be promulgated anywhere in time to provide the public with the information it needs.
Nothing, however, prevents companies that handle deadly chemicals from voluntarily reporting their vulnerabilities to the public, as well as the steps they are taking to manage those risks. Some producers may hesitate, for fear of whipping up more Y2K paranoia. However, I think fear will escalate even more as "midnight" approaches if people remain uninformed. The first step, therefore, for residents of threatened communities, is to ask, even demand, that toxic chemical handlers come clean. Public interest experts, such as members of CPSR, can help guide communities in their inquiries. What kinds of systems are likely to break down? Which ones can be identified and tested before the witching hour arrives?
The next step, logically, is for communities, their emergency response agencies, and chemical handlers to prepare for system breakdown. Operational contingency plans, based upon enhanced monitoring during the Y2K transition period, should establish mechanisms to override malfunctioning systems, contain remaining problems, and warn and protect the public. Evacuation, if necessary, will require extra preparation at a time when other services and infrastructure--power, transportation, and communications--are also at risk of failure.
Third, there are probably many situations in which the risk of catastrophic breakdown on January 1, 2000 justifies the preemptive shutdown of industrial processes. Companies often close down for New Years to save money. They should be able to scale back operations to prevent catastrophe. Then, when the Y2K dust and confetti have settled, that is, when the state of infrastructure, emergency response agencies, and social order are better known, these companies can start up again. Communities unconvinced that protective measures are adequate should demand preemptive protection.
Open preparation will do more than reduce the risk of toxic disasters. It will diminish the likelihood of social breakdown. I recall the classic Twilight Zone episode, "The Shelter." In that story, warning of a nuclear attack drove a family into its personal, privately constructed bomb/fallout shelter. The entire fabric of the immediate neighborhood disintegrated as neighbors demanded entry to the shelter. In our case, an organized, encompassing collective response that provides protection for all will weaken the appeal of competitive survivalism.
There is no longer time to prevent all potential Y2K system breakdowns, but there is time to get ready for them. Public interest groups, emergency responders, and environmental organizations, hopefully backed by state agencies, the federal government, and private foundations, can mobilize to demand the right to know about, prepare for, and prevent toxic Y2K catastrophes. CPSR can help organizers not only to understand the nature and extent of the problem, but to identify those systems whose risk of catastrophe is greatest.
Lenny Siegel is the Director of the Center for Public Environmental Oversight at San Francisco State University and a member of CPSR.
How Y2K Will Impact
the New York Times
by Norman Kurland
of the CPSR-Y2K Working Group
On June 13, 1998 a number of people involved in Y2k wrote a joint letter to Arthur Ochs Sulzberger, Jr., publisher of the New York Times. The letter urged Sulzberger to use the powerful influence of the Times "to arouse the nation to the seriousness of situation."
The letter said,
- "It is imperative that we use the few remaining
months
until
December 31, 1999, to fix what still can be fixed and to prepare
the
public for the disruptions that will affect the safety, health
and
security of everyone."
We explained why this is such a crucial issue and concluded:
-
"Because of the urgency action must begin immediately. We are,
therefore,
calling on you to speak out now. In the attachment [included below] we
suggest a
number of
things you can do. In addition, many of us have very concrete proposals,
including ways to assure that systems essential for the safety,
health<
and security of the nation are fixed in time. We would be pleased
to
share these with you."
(See also the full text of the
original letter.)
Following is the response received from Mr. Sulzberger on June 22nd:
"Thank you for your letter. As the chairman of a company that publishes dozens of newspapers, let me assure you I am very aware of the Y2k problem. The New York Times newspaper will continue to cover this issue thoroughly--for all our sakes.
Sincerely,
[handwritten signature]
On July 21st, we sent a response to the Times' response.
Here is the portion of the original letter entitled How Y2K Will Impact the New York Times, written by Norman Kurland of the CPSR-Y2K Working Group:
Of the thousands of facts that we could supply to show you the seriousness of the problem, consider just these few.
The electric power companies, including those serving New York City, have embedded controls throughout their production and distribution systems that have not yet all passed Y2K readiness tests. Moreover, 40 percent of power in the Northeast comes from nuclear generation, and the Nuclear Regulatory Commission (NRC) has said it will not let plants operate if they cannot guarantee security. Electrical power. What will it mean for your operations if there are extended disruptions of electrical power?
The telecommunications industry has not yet given assurances that their highly computer-dependent systems will all function after the rollover to 00. The recent Galaxy 4 satellite failure was a reminder of how dependent on telecommunications we have become. While the quick recovery was welcome, the situation will be very different if many systems go out simultaneously. As a company now heavily dependent on reliable telecommunications, questions about the safety of the telecommunications infrastructure must concern you.
Railroads and other transportation systems are at risk because routing and switching is now almost fully automated. Consider just the availability of paper supplies if the transportation system is disrupted.
Most large corporations are working to solve their problems and spending hundreds of millions of dollars on the work. As just one example, General Motors reports that it will spend over $360 million. While the major corporations are now aware of the problem and working diligently on it, thousands of smaller firms, which together are critical to the economic health of the nation, are either only in the early stages of remediation or not even aware of how much they will be affected. Many of them are your advertisers or will affect your advertisers' economic viability in 2000.
We are not claiming that any or all of these situations will occur. As Federal Reserve chairman Alan Greenspan said, "We do not know or cannot really realistically make an evaluation of what the economic impact is as a consequence of the breakdowns that may occur."
What we do know is that the impacts will be serious and, most important, we know that every day that massive action to address the problem is delayed the probability increases that breakdowns in key sectors of the economy will occur. Given the interconnectedness of modern systems, such disruptions will rapidly spread throughout the economy.
What the New York Times Can Do
Acknowledge that it is extremely difficult to believe that the Y2K problem could be serious but that you now recognize that it is a matter that will have grave consequences for everyone if adequate measures are not taken in the remaining 18 months until the year 2000.
Urge President Clinton to join you in this recognition. Propose that he appoint someone with appropriate credibility and credentials to head a massive national effort to prepare the nation for the transition to the new millennium.
Urge the business, academic, and political leadership of the country to enlist in a national effort to use the time remaining to correct what can be corrected and to make provision for mitigating the impact of failures and disruptions that cannot be prevented.
Call on the other media to follow your lead and help prepare the nation to understand and cope with the problem. You in the media will play a critical role in avoiding the panic and civil unrest that will be inevitable if the public only discovers what Y2K will mean to them when it is too late to avert major disasters.
Finally, urge the leadership of the rest of the world to follow our lead and join with us in addressing this problem on the global scale it requires.
The following people have also authorized me to add their names as signatories:
Cynthia Beal
Grocer and Moderator
Year 2000 Regional Preparedness Forum
Pacific Northwest
Eugene, Oregon
Pastor Daniel Cormier
Montreal Downtown Church
Y2K Water Discussion Moderator
Montreal, Quebec, Canada
Peter de Jager
Speaker/Consultant
de Jager & Company Limited
Brampton, Ontario, Canada
David Eddy
President
Software Sales Group, Inc.
Babson Park, Massachusetts
Reynolds Griffith
Professor of Finance
Stephen F. Austin State University
Nacogdoches, Texas
Gary Allan Halonen
Y2K Policy Analyst
Toronto, Ontario, Canada
Roleigh Martin
Software Engineer Consultant
Edina, Minnesota
Dick Mills
Technology Consultant
Albany, New York
Victor Porlier
Executive Director
Center for Civic Renewal
New York, New York
Alan H. Russell, Ph.D., C.C.P.
Lead I.T. Specialist
Air Products and Chemicals, Inc.
Allentown, Pennsylvania
Don "Doc" Taylor
President
Hampton Roads 2000
Newport News, Virginia
Robert Theobald
Author, speaker, and consultant in transformational change
Spokane, Washington
Marsha Woodbury
Visiting Assistant Professor
University of Illinois, Urbana-Champaign
Urbana, Illinois
Letters Seeking Help On Nuclear Weapons Issues
Michael Kraig, British American Security Information Council
Michael Kraig, British American Security Information Council (BASIC)
I am heading a project on Y2K and nuclear weapons arsenals at the British American Security Information Council (BASIC) in Washington, DC, and London, the United Kingdom. We just released a first report on the nature of the millennium bug, or Y2K problem, as it relates to the Department of Defense and nuclear operations. The report summarizes the generic computer problem, the state of existing DoD Y2K remediation programs (including their many management deficiencies and failures), and possible Y2K vulnerabilities for nuclear weapons and associated operations. In particular, it concerns the command, control, communications, and intelligence (C3I) systems, which include warning satellites, radar arrays, data storage and correlation centers, and communications nodes. The report's conclusion outlines some general policy alternatives, such as the reduction, or de-alerting, of our alert rates from launch on warning to a lower state of readiness. The entire text (including endnotes) can be found on BASICs web page, www.basicint.org.
I have sent the report to the key staffers of all house members and senators with nuclear warhead storage or deployment in their own backyard, as well as majority and minority staffers on the Armed Services Committee in the Senate. Reports have also gone to some key committee staffers (for instance, one person on Stephen Horn's Y2K subcommittee in the House, which has given "D" grades to the DoD on its Y2K repair progress) and all members of the Senate's Special Committee on the Year 2000 Problem. To support these mailings, we have had several meetings with the offices of Senators Jeff Bingaman, Robert Kerrey, John Kerry, Daniel Patrick Moynihan, Pete Dominici, Tom Harkin, Joseph Lieberman, and Christopher Dodd. Our hope is that senators such as Bob Kerry of Nebraska and Tom Daschle of South Dakota--both of whom are recommending de-alerting of the arsenals and unilateral cutbacks--will add Y2K to their agenda, or possibly use it to gain leverage with the U.S. Strategic Command (STRATCOM) in Omaha, Nebraska. In the past several years, both STRATCOM and civilian nuclear planners in the Office of Secretary of Defense have scuttled any attempts to consider de-alerting options.
Helen Caldicott, currently head of the STAR Foundation (Standing for Truth about Radiation) and former head and founder of the Physicians for Social Responsibility, is putting together a symposium jointly with BASIC and the Nuclear Information Resource Service (NIRS) in March with Bruce Blair, Ted Taylor, myself, and multiple experts on the domestic, or energy, side of nuclear power. Our policy goal is twofold: to get Congress to 1) charge the DoD Inspector General to do a series of highly specific reports on individual "high-risk" nuclear systems, including nuclear C3I, and 2) to move ahead on de-alerting (or at the very least, consider it as a realistic policy option).
The General Accounting Office (GAO) has made and is making reports on DoD procedures, test data, contingency planning, and so on for its remediation program, but no one at the GAO is preparing narrowly focused reports on critical nuclear systems. In other words, the activity at this point is at least one step removed from the actual sources of potential trouble.
If you are interested in this program or have your own suggestions for action, please contact me by phone at 202-785-1266 or email at mkraig@basicint.org. John Pike of the Federation of American Scientists has suggested, for instance, that CPSR get 40 to 50 top computer scientists to write a letter to Congress, containing clearly defined goals and policy alternatives, including the tasking of Inspector General reports as well as more technical advice from the field.
As a last note, I should say that BASIC is pretty much alone on this issue. Most expert analysts currently have other well-funded programs, and thus, other responsibilities for the foreseeable future. Other than appearing in the joint STAR-BASIC-NIRS symposium in March, or keeping an updated Web page, no one seems to be devoting time or resources to the topic. I have been looking for ways to split the research pie, since I cannot possibly cover all facets of DoD-STRATCOM nuclear operations. If you know of someone who could help on nuclear weapons, either in terms of original research or as a source of technical information for nuclear C3I and/or launch platform support systems, I would be very grateful.
Michael R. Kraig, Scoville Fellow
BASIC
1900 L Street NW, Suite 401
Washington, DC 20036
mkraig@basicint.org
202-785-1266
Return to top
Alan Phillips, Physicians for Global Survival, Canada
Thousands of nuclear weapons in Russia and the United States and hundreds more in four other countries are still on full alert 10 years after the end of the Cold War. Warning systems and some aspects of the launch and control systems are run by computers. The world has survived many false alarms and computer malfunctions in the past 50 years, but accidental nuclear war was, and still is, a disaster waiting to happen.
Three years ago, the Russian government failed to notify their Defence Department that Norway had fired a rocket for atmospheric research. The military at first thought the rocket was heading for Moscow, and reacted vigorously. Bruce Blair of the Brookings Institute reported to the U.S. Congress that the false alarm had "for the first time in Russian history triggered a strategic alert of their LOW [launch on warning] forces, an emergency nuclear decision conference involving their President and other national command authorities, and the activation of their famous nuclear suitcases." (Launch on warning means they don't wait for a nuclear explosion or a rocket to land before "retaliating.")
Beginning on 1 January 2000 the operation of all computer programs and systems with a two-digit year in them anywhere will be unpredictable. Military computer programs contain millions of lines, and a correction to one line does not necessarily correct the operation of many others that depend on it. "Fixes" short of writing complete new programs cannot be certain to work under every combination of circumstances.
In June 1998, the Pentagon was more than a year behind its deadline to complete an assessment of the problem. The Russian situation is probably worse, with older computers, and less money to spend on updating them. There are bound to be some malfunctions on both sides. Might there be a malfunction that could trigger an accidental nuclear war? No expert can guarantee not. Could a computer fault generate a false alarm of attack? Suppose the guidance on a test rocket was faulty, and it landed in quite the wrong place--or appeared to a computer-operated early warning system as if it were going to?
Risk of accidental war throughout the nuclear deterrence era has been unacceptable, and now we have a firm date when the risk will increase.
It should, however, be quite easy to abolish the risk. The best way might be to remove all warheads from their delivery systems. That would guarantee that a purely accidental war could not occur. It would give everybody time to stop and think.
Knowing the uncertainly about how computers will actually function, some airlines are planning not to fly on New Year's day, 2000. If it is too dangerous for people to take an airplane ride, then why is it OK to have 5,000 nuclear warheads on hair-trigger alert linked to these same kinds of computers?
Alan Phillips, M.D., F.R.C.P.
980 Concession Street
Hamilton, Ontario L8T 1A1
Canada
(905) 385 0353
aphil@icom.ca
Y2K and Nuclear Weapons
Letters from Four Prominent Scientists
Kursch Ahmed, McMaster University
David Parnas, McMaster University
Kursch Ahmed, McMaster University
The year-2000 problem has major implications for many computer-controlled systems, resulting from the fact that many of these systems were programmed with a two-digit year, which will result in unpredictable consequences on January 1, 2000, if not corrected. This problem affects information systems much as it does hospitals, banking, and the airline industry. Operation of common devices such as elevators, telephones, and process control machines may also be affected. While the computer industry is frantically trying to test for and fix these problems, many specialists feel that there is not enough time to test and fix all possible problems resulting from the complexity and interdependence of computer systems. Some international airlines have decided not to fly on January 1, 2000 just to avoid risking the safety of passengers.
It is highly likely that the computer systems controlling nuclear weapons, many of them programmed in the 1970s and 1980s at the height of the Cold War, also have the Y2K bug. Hopefully, the military programmers have realized the possibilities and tested all their programs. However, there remains the question of what risks are involved if a program fails to operate correctly. We know that no major program is 100 percent bug free.
In my opinion, the risk imposed by even a very small probability of nuclear accident is too grave for humanity. The nations with nuclear weapons should strongly consider deactivating these devices to prevent a major disaster from happening. Scientists, engineers, and all responsible citizens of the world owe it to themselves to put pressure on the governments of the world and the United Nations to pass a resolution to deactivate nuclear weapons in the face of the Y2K problem.
Khursh Ahmed, Manager
Computer Services Unit
Faculty of Health Sciences
McMaster University
Hamilton, Ontario L8N 3Z5
Canada
ahmed@fhs.mcmaster.ca
David Parnas, McMaster University
The newspapers are filled with simple explanations and illustrations of the set of computer program bugs known as the Y2K or year-2000 problem. These examples are kept simple so that nonprogrammers can understand them. Unfortunately, such examples make the problem sound as if it would be easy to find and fix. That is not necessarily the case. Many of the problems are much more subtle than the examples usually published.
Computer programs are very complex constructions, and they are full of bugs because they are difficult to understand. When a problem is discovered, it often takes weeks to find it and additional weeks to fix it. Very often, the "fixed" program is still not right and requires further repair after the revised program is put into service. The Y2K problem is not easier to fix than other bugs. Au contraire!
It is not always easy to determine whether or not a program is sensitive to dates. Sometimes programs that are not sensitive to dates exchange data with programs that are date-sensitive and therefore will fail when those partner programs fail. Many of these programs are poorly documented, their authors are no longer around, and there is nobody who understands them.
Responsible organisations have been investing a great deal of time, effort, and money into reviewing their software to (a) find those programs that would fail around the first day of 2000, (b) find the parts of the program that must be revised, and (c) make and test the necessary revisions. However, because of the poor quality of most software and documentation, because it will be difficult to test complete systems under realistic conditions, and because much of the software is old and must be repaired by people who do not understand it, I expect that some errors will remain. It is common to find that when a software product is repaired, the "patch" introduces new problems. I see no reason why Y2K problems will be easier to repair than other bugs.
The U.S. military establishment is heavily dependent on computers for communications, intelligence, and control of weapons. Failure of its systems could endanger all of us. The U.S. Department of Defense and other military organizations owe the public the assurance that they are doing what is needed to examine, repair, and test all their systems. Moreover, they must be realistic enough to create safeguards against the effects of residual errors in weapon systems. In some cases, the only way we can be confident that there will be no serious problems is to disconnect the systems until we can observe their behavior in 2000.
Professor David Lorge Parnas, Principal Engineer
NSERC/Bell Industrial Research Chair in Software Engineering
Director of the Software Engineering Programme
Department of Computing and Software
Faculty of Engineering
McMaster University,
Hamilton, Ontario L8S 4K1
Canada
Barbara Simons, ACM U.S. Public Policy Office
10 November 1998
While no one knows what problems will develop because of the Y2K problem, we can state with confidence that there will be problems. This is because our society is dependent on large complex computer programs. Even fixing mistakes in recently written programs that have good documentation can be very difficult. The problem expands enormously when the programs are old and poorly documented.
It may be possible to state with certainty that a particular piece of software will have no problems on January 1, 2000. But it is mathematically impossible to guarantee that an arbitrary computer program will not make any mistakes.
I don't worry about whether my VCR will become confused on January 1, 2000. The worst case scenario is not especially bad. I do, however, worry about whether or not a computer that controls a major weapons system will become confused. Although the probability of a computer-generated accident might be very small, no one really knows just what that probability is. The worst case scenario of accidental nuclear war is simply unacceptable.
Moreover, the problem is not limited to the United States. Not only must we be concerned about weapons we control;we must be even more concerned about those weapons that are aimed at us. The economic situation in Russia is not reassuring. Russia does not have much money to pay people to guarantee that its weapons systems do not have Y2K problems.
We don't need to gamble that none of the critical weapons systems will malfunction. Rather, we should actively push for an alternative approach. As a last resort, nuclear powers such as the United States and Russia can remove the warheads from their missiles during the critical time period. Then, even if some computers in the United States or in Russia malfunction, we will not face massive death and destruction. Other less drastic actions might be possible, but it is in no one's interest to risk a Y2K nuclear doomsday.
Barbara Simons, Ph.D.
ACM U.S. Public Policy Office
666 Pennsylvania Avenue SE
Suite 302b
Washington, D.C. 20003
Terry Winograd, Stanford University
All the publicity surrounding the year-2000 (Y2K) problem should serve as a reminder of the dangers of assuming bug-free computer functioning in life-critical systems. Of course, all computer systems have some bugs, whether Y2K problems or others. We are accustomed to experiencing errors, then finding and fixing the bugs. But we can't afford to do that when the cost of a single error can be catastrophic.
Large, complex, computer-based systems are always on the edge of massive consequences in the nuclear retaliatory launch systems of the United States, Russia, and an increasing number of other countries. When launch-on-warning systems are automated, the computer can unleash nuclear destruction so quickly that no human judgment can be applied, and the consequences can be immeasurable.
We know that computer systems can fail, and we need guarantees that those failures will not be catastrophic. All governments with nuclear-capable forces need to ensure that there is a sufficient set of checks and safety locks (and sufficient time for judgment) between a computer-based warning of a nuclear confrontation and any action that escalates the situation. During the Cold War, many of us feared that human civilization would not reach the next millennium. Even in this period of reduced tension, we cannot allow a technical error to push us into destruction. Let us enter the millennium in a safer world, in which governments take action on the basis of wisdom about the limitations of computer systems.
Terry Winograd
Professor of Computer Science
Stanford University
Stanford, California 94305
winograd@cs.stanford.edu
A Moral Project for the 21st Century: Stop Creating Better Weapons*
by Gary Chapman
As we approach a new millennium, there will undoubtedly be a wave of general public introspection about the state of the human race--where we've been and where we're headed.
If we look back on the last few centuries, it's clear that each one has been defined by singular and historic moral projects that affected the world's entire population.
The 18th century introduced the modern concepts of democracy and the social contract. The 19th century saw the end of slavery in most of the world and its condemnation as an immoral human relationship. In the 20th century, the universal moral project has been expanding civil and human rights and ending racism.
What will be the moral project of the 21st century?
This is difficult to predict, obviously, and it will depend on what seizes the imaginations of millions of people, and on leaders who can move people to action. But here's a worthy candidate for consideration: severing the relationship between scientific-technological progress and the means of war.
The "technological imperative" of improving weaponry has lodged itself in our minds as an inescapable part of the human condition ever since our primitive ancestors first improved the club. But if we take away any lesson from this century, it should be that continual improvement in weapons threatens the long-term survival and welfare of the human race.
If the 20th century is remembered for anything, it will certainly be for the introduction of vast advances in the ways we kill one another--for nuclear weapons, mass-produced biological and chemical weapons, "smart" weapons, bombers, tanks, machine guns, ad infinitum. This is the historical blight that must be corrected, which will require jettisoning the stubbornly held idea that people and nations will always seek better and more deadly weapons.
It may seem naive or utopian to propose that science and technology be decoupled from weaponry in the next century. But we should remember that people once believed that emperors, slavery, and the notion of racial superiority would be with us forever too.
What steps can we take toward such a goal? Fortunately, we have a number of opportunities before us right now, but we need leadership to take advantage of them.
First, the end of the Cold War is a unique historic opportunity, one that we have yet to recognize fully. No other nation in the world is now a military threat to the United States the way the Soviet Union once was. Because of this, we should regard the military spending of the Cold War as an anomaly in U.S. history that can be corrected in a time of peace.
This correction could lead to a significantly lower defense budget than we have even now, nearly a decade after the demise of the Soviet Union. We could take steps to dismantle the remnants of the "national security state," end our war-posture nuclear weapons alert status and shut down the laboratories that continue to work on nuclear weapons.
Unfortunately, President Clinton recently announced a large increase in defense spending, the largest since the huge military buildup of the Reagan years. He wants $100 billion more for defense over six years, and Republican leaders in the Congress want even more than that--as much as $150 billion.
Chris Hellman, senior analyst at the Center for Defense Information, a Washington-based organization founded and led by retired senior military officers, calls this proposed increase "an unnecessary waste of American tax dollars." Hellman thinks we can cut $20 billion to $30 billion from a $270-billion annual defense budget without hurting national security. He notes that the United States still spends $25 billion a year in preparation for a nuclear war and is "continuing to improve and enhance the performance of nuclear weapons."
The year 2000 software bug may, interestingly, pose another opportunity for rethinking defense policy. Defense experts are concerned about the sensitivity of the highly interdependent "hair-trigger" nuclear command and control systems in both the United States and Russia--especially in Russia, because the Russians haven't begun to address the Y2K problem and have no hope of fixing it in time. Last November, the Pentagon's Defense Special Weapons Agency was caught lying about its own Y2K preparations with regard to U.S. nuclear command and control systems: the agency reported that the systems had been fixed when they hadn't even been tested.
Because of this, public interest groups such as the British American Security Information Council have called for a year-end shutdown of all nuclear weapons systems around the world to prevent problems caused by the software bug. This measure seems prudent, given the risk.
Further, if we shut these systems down, why would we need or want them turned on again? Coming to grips with this question may be one of the few benefits of the Y2K problem.
Another opportunity is provided by the Internet, launched and funded for many years by the Defense Department. Now that the Net is a nearly ubiquitous global communications medium, the world is tied together as never before. That seems to make the prospect of war that might disrupt this interdependency increasingly unlikely. As the Internet grows and becomes more and more embedded in world commerce, the need for globe-spanning military resources should diminish, not increase.
Congressman George Brown of San Bernardino, California, the ranking Democrat on the House Science Committee, told me, "We're too interconnected now to have sane national leaders contemplate war as a viable national option for solving problems."
Brown believes that in 20 years, U.S. military research-and-development spending could be half its current level of about $32 billion per year, and decline further after that. "We cannot continue to sustain the illusion that we're going to fight a war with nuclear weapons or other weapons of mass destruction," he said.
To cut the ties between technological progress and war, to shut down the indefensible and obscene international arms trade and reorient hundreds of thousands of scientists and engineers around the world to peaceful and sustainable work, we'll need courageous and determined moral leaders. And those people will almost certainly come from the common citizenry--no social change of this magnitude has ever been sparked or led by political officials.
Those leaders may be living among us already.
Notes
*Copyright 1999, The Los Angeles Times, all rights reserved. Reprinted with the author's permission.
Gary Chapman is director of the 21st Century Project at the University of Texas at Austin. His email address is gary.chapman@mail.utexas.edu.
Y2K HUMOR
from the Internet and Beyond
Dear Boss:
I hope I haven't misunderstood your instructions because, to be honest,
none of this Y to K problem makes any sense to me. At any rate I have finished
the conversion of all the months on all the company calendars for next year (year
2000). The calendars have been returned from the printer and are ready to be
distributed with the following new months:
Januark
Februark
Mak
Julk.
Top "Happenings" on January 1, 2000
- IRS demands 100 years of interest from stunned taxpayers.
- "99 Bottles of Beer on the Wall" gets stuck in infinite loop.
- At the stroke of midnight, Windows 99 turns back into DOS 1.0, the Pentium V turns back into an 8088 and the Handsome User is left holding a beautiful glass mouse.
- Internet Movie Database now lists 1901: A Space Odyssey.
- Software engineers point out that since computers think it's almost 1900, we technically have to "party like it's 1899," which, frankly, doesn't seem like much fun.
- Microsoft declares the year 1900 to be the new standard of the "Gatesian" calendar.
Special Announcement on Y2K
Bill Gates, Chairman and CEO of Microsoft Corporation, announced today that the latest version of their Windows operating system, Windows 2000, would be delayed until the second quarter of 1901.
No reason was given.
1999: The Year in Headlines
POLL: MOST AMERICANS THINK Y2K IS A NEW BRAND OF LUBRICANT TARGETED AT DYSLEXIC MARKET.
From an article by Christopher Buckley in the New Yorker, January 11, 1999, p. 40
January 1, 00
Dear Valued Employee:
Re: Vacation Pay
Our records indicate that you have not used any vacation time over the past 100 year(s). As I'm sure you are aware, employees are granted 4 weeks of paid leave per year or pay in lieu of time off. One additional week is granted for every 5 years of service. Please either take 9,400 days off work, or notify our office and your next pay cheque will reflect payment of $8,277,442.22, which will include all pay and interest for the past 1,200 months.
Sincerely,
Automated Payroll Processing
Cartoon
From the New Yorker, a cartoon showing someone on hands and knees with a magnifying glass examining the fine print on the bottom of the front of the PC, reading aloud the message "Best if used before 1/1/2000."
Headline:
Mexico Prepares for Year 200 Problem
The Y1K Crisis
Canterbury, England, A.D. 999
An atmosphere close to panic prevails today throughout Europe as the millennial year 1000 approaches, bringing with it the so-called Y1K Bug, a menace which, until recently, hardly anyone had ever heard of. Prophets of doom are warning that the entire fabric of Western civilization, based as it now is upon monastic computations, could collapse, and that there is simply not enough time left to fix the problem. Just how did this disaster-in-the-making ever arise?
Why did no one anticipate that a change from a three- to a four-digit year would throw into total disarray all liturgical chants and all metrical verse in which any date is mentioned? Every formulaic hymn, prayer, ceremony, and incantation dealing with dated events will have to be rewritten to accommodate three extra syllables.
All tabular chronologies with three-space year columns, maintained for generations by scribes using carefully hand-ruled lines on vellum sheets, will now have to be converted to four-space columns, at enormous cost. In the meantime, the validity of every official event, from baptisms to burials, from confirmations to coronations, may be called into question.
"We should have seen it coming," says Brother Cedric of St. Michael Abbey, here in Canterbury. "What worries me most is that thousand contains the word thou, which occurs in nearly all our prayers, and of course always refers to God. Using it now in the name of the year will seem almost blasphemous, and is bound to cause terrible confusion. Of course, we could always use Latin, but that might be even worse-the Latin word for thousand is mille which is the same as the Latin for mile. We won't know whether we are talking about time or distance!"
Stonemasons are already reported threatening to demand a proportional pay increase for having to carve an extra numeral in all dates on tombstones, cornerstones, and monuments. Together with the inevitable ripple effects, this alone could plunge the hitherto-stable medieval economy into chaos.
A conference of clerics has been called at Winchester to discuss the entire issue, but doomsayers are convinced that the matter is now one of personal survival. Many families, in expectation of the worst, are stocking up on holy water and indulgences.
A Roman Letter
Dear Cassius,
Are you still working on the Y zero K problem? This change from BC to AD is giving us a lot of headaches, and we haven't much time left. I don't know how people will cope with working the wrong way around. Having been working happily downward forever, now we have to start thinking upwards. You would think that someone would have thought of it earlier and not left it to us to sort it all out at the last minute.
I spoke to Caligula the other evening. He was livid that Julius hadn't done something about it when he was devising the calendar. He said he could see why Brutus turned nasty. We called in the consulting astrologers, but they simply said that continuing downward using minus BC won't work. As usual, the consultants charged a fortune for doing nothing useful. As for myself, I just can't see the sand in an hour glass flowing upward. We have heard that there are three wise men in the East who have been working on the problem, but unfortunately they won't arrive until it's all over. Some say the world will cease to exist at the moment of transition. Anyway, we are still continuing to work on this blasted Y zero K problem, and I will send you a parchment if anything further develops.
Best,
Plutonius
Lost in Air
A man flying in a hot air balloon realizes he is lost. He reduces height and spots another man down below. Descending further, he shouts, "Excuse me, can you tell me where I am?"
The man below answers, "Yes, you're in a hot air balloon, hovering 40 feet above this field."
"You must be a Y2K consultant," responds the balloonist.
"I am," replies the man. "How did you know?"
"Well," says the balloonist, "everything you have told me is technically correct, but it's of no use to anyone."
The man below says, "You must be an IT/Y2K project manager."
"I am," replies the balloonist, "but how did you know?"
"Well," says the man, "you don't know where you are, or where you're going, but you expect me to be able to help. You're in the same position you were before we met, but now it's my fault."
From This is True for 17 January 1999
Bank One Texas, testing to make sure their computers are ready for the transition to the year 2000, generated more than 2,000 dummy overdraft notices on real customer accounts. No problem: the computer handled the next-millennium dates just fine. Well, one problem: after the test, efficient employees dropped the notices into the mail, instead of into the trash. "We have apologized profusely" to anxious customers who called the bank after getting the notices, a bank spokesman said. "We've spent millions of dollars to make sure the Y2K problem doesn't exist at Bank One" (Reuters).
British Parliament's Environment, Transport and Regions Committee has recommended that airlines which have not adequately prepared for the "year 2000" bug should be banned from the country's airports "at or around the millennium." Besides safety issues, they say inadequate systems on those planes might cause delays for the better- prepared airliners. But China has a better idea to help ensure its airliners are ready: the government has ordered the chief executives of all Chinese air transport companies to be in the air on one of their own planes as the calendar changes to January 1, 2000 (Reuters).
Time Warp
It seems there was this programmer who was a Cobol expert, and as the year 2000 approached, he found that more and more of his time was taken up by managers and friends asking him to examine code for possible Y2K bugs. Finally, he decided he'd had as much of this as he could take! He arranged to have himself cryogenically frozen, programmed to wake up a few months into the year 2000.
All went well as he went under. He closed his eyes, knowing that the next time he opened them, many months would have gone by.
Then he woke up. To him, it seemed as though only an instant had gone by, but he knew that was false. As he looked around, he began to hear people speaking -- "He's waking up!" "He's really alive!" Then he noticed that the ceiling (the only thing he could see) looked different. As he sat up, he felt people helping him. He looked around, and they were dressed in odd clothes. And the room seemed different from the one in which he had gone to sleep. The person helping him spoke . . .
"Hi. You're OK now, but we need to explain what has happened. Somewhat more time has gone by than you expected. You didn't wake up when you were supposed to -- someone messed up the programming of the sleep capsule. But you're going to like it here in our culture. Mankind has progressed a lot, sickness is almost unknown, things are a lot better than they used to be! And your programming skills will still be in demand. We understand that you are a Cobol expert, and we need such people.You see, it's actually the year 9999, and we're worried about programs that only have 4-digit fields for the year....."
The Ballad of the Y2K
(Sing to the tune of "Gilligan's Island")
Just sit right back and you'll hear a tale
Of the doom that is our fate.
That started when programmers used
Two digits for a date
Two digits for a date
RAM memory was smaller then;
Hard drives were tiny, too.
"Four digits are extravagant,
So let's get by with two.
So let's get by with two."
"This works through 1999,"
The programmers did say.
"Unless we write new code by then
The data goes away.
The data goes away."
But management had not a clue;
"It works fine now, you bet!
Rewriting code costs money;
We won't do it just yet.
We won't do it just yet."
Now when 2000 rolls around
It all goes straight to hell,
For zero's less than ninety-nine,
As anyone can tell.
As anyone can tell.
The mail won't bring your pension check;
It won't be sent to you
When you're no longer sixty-eight
But minus thirty-two.
But minus thirty-two.
The problems we're about to face
Are frightening, for sure.
And reading every line of code's
The only certain cure.
The only certain cure.
[ key change, the big finish coming]
There's not much time, there's too much code,
And COBOL-coders, few.
When the century is finished,
We may be finished, too.
WE MAY BE FINISHED, TOO!
It's All Becoming Clear Now
The Y2K glitch could potentially cause computers and all kinds of electrical equipment to malfunction at the turn of the century, bringing everything to a halt. "Know what this means?" Jay Leno quips. "This is the change the Amish have been waiting for. Global domination!"
The U.S. Department of Defense's Year 2000 Oversight and Contingency Planning Office
Their home page is http://www.dtic.mil/c4i/y2k/
It uses a JavaScript program to calculate the time until the year 2000. However, the program assumes a two-digit date field, and thus will give incorrect results for dates after 41 December 1999.
The relevant program line is
var Yearleft = 99 - CurYear
A Letter from CPSR's President
by Aki Namioka
Dear CPSR Supporter,
Valentine's Day has just passed, and spring is around the corner. So for this column, instead of writing about all the wonderful things CPSR is doing this quarter, I'm going to tell you a little story.
When I joined CPSR in 1989, I was added to a local CPSR list called local-computer-activists. One of the highlights of this list was a regular publication from CPSR/Portland called CPSR/PDX. It was a wonderful, easy-to-read summary of local and national CPSR issues. I especially enjoyed the annual April 1st publication of CPSR/PDX, which contained spoofs so realistic that several people took them seriously.
In March of 1992, Doug Schuler, CPSR's Northwest Regional Director at the time, asked me if I would consider being a candidate for that position since he wasn't going to run for reelection. I was flattered by the suggestion, but hesiitated because there were other active members in the Northwest who had been members longer. I suggested that Doug get in touch with the editor of CPSR/PDX. Doug immediately contacted him, and he agreed to run, but not unopposed. So Doug convinced me to run as the opposing candidate. I should have realized that Seattle's larger chapter base would help determine the outcome of the election. Nevertheless, I was surprised when Eric Roberts, then President, contacted me to say I'd won.
Between 1992 and 1996, a couple of key CPSR/Portland activists moved up to Seattle. I was looking forward to working with them and eventually convinced one of them, Carl Page, to run for the Northwest regional position I had vacated when elected President. However, the other activist, the former editor of CPSR/PDX, remained scarce. His challenging new job was taking up a lot of time. Finally, after a couple of years, I decided to contact him to see if he could help with local CPSR/Seattle activities. We got together for dinner to discuss CPSR/Seattle and soon discovered we had more in common than a passion for CPSR. Last June we got married.
Erik Nilsson's long history with CPSR and his interest in the organization have been a tremendous help to me over the last two and a half years. He has been a sounding board for issues--often helping me think through difficult situations. He has also been a vigilant editor for all my contributions to CPSR-related publications (except, of course, this quarter's column).
My role as President has not always been easy, but we have made progress in some important areas. Our membership is growing, we have brought in some corporate and foundation support from organizations that haven't funded us in the past, and we have launched a new program. As some of you know, my term is up at the end of June, and I will not be running for another.
I am grateful for Erik's love and support during my tenure as President.
Thank you, Erik.
Aki Namioka
President, CPSR
CPSR Chapter News
From Netiva Caftori, Midwestern Regional Director:
This is certainly a cold, wet winter for a lot of us; perhaps we rejoiced too long this past long summer. Since it is a bit too cold to get out to a meeting, much more is happening in our working groups online. Make sure you join one.
However, in my Midwest region where we are used to the cold, the Chicago chapter met in December for a very educational evening. David Loundy talked about Internet Law; Don Goldhamer reported on his panel appearance at the Madison chapter's joint conference with the ACLU, Data Protection in the Global Economy: Is Privacy Passe?; Ron Quizior talked about the upcoming 4th Annual Ethics & Technology Conference in Boston, June 4-5 1999, and the past Information Systems Education Conference (ISECON). Finally Art Stawinski and I reported on the Boston symposium on Internet Governance, October 9-10, 1998.
The Michigan chapter's annual physical meeting in Ann Arbor on February 3 featured Dr. Jessica Litman, professor of law at Wayne State University. Her talk was entitled "The 105th Congress and the Internet."
Minnesota's members are working hard on providing email for all Minnesotans by July 2000.
I haven't heard much from our other chapters. Lines of communication may be frozen, I suspect. Let's hope spring arrives soon--I can sense the buds ready to bloom . . . Until then, keep warm and high on life!
STUDENT CHAPTERS
The CPSR board has recently voted to recognize student chapters. Since many of you are working on universities campuses I think you may find founding a new student chapter a nice and rewarding activity.
I used to be a student advisor for DPMA and found it exciting to challenge students to improve their leadership skills and get them involved in their new computing profession. It also looks good on their resume. The fee ($20) will remain the same for each student, but since universities support student activities you may get some funding thru them if you can find a few motivated students who are willing to run for the usual posts of chair/treasurer etc. If you need a leaflet to distribute to students, please email Susan (above) and she will be happy to send you a copy. ...Please ask me questions if you are interested in pursuing the idea... Thanks again for supporting CPSR!... Netiva
From Coralee Whitcomb, Northeastern Regional Director:
CPSR/Boston continues to host the TV show "Everybody's Internet" on Boston's public access channel. Our 1/2 hour talk show gives us the opportunity to discuss many of issues CPSR deals with and to invite local luminaries as guests. We have had guests from government, education, small business, corporations, you name it. It gives us a great opportunity to spread the word about CPSR!
Our Boston based Andy Oram writes a wonderful weekly editorial for the online "American Reporter" magazine. He has a wonderful take on many of today's pertinent issues. An archive of his pieces can be found at http://www.oreilly.com/people/staff/andyo/ar/.
With the start of the new semester, Bentley College will take its first steps to organize a student chapter. The initial energy will come from students earning extra credit through Bentley's Service Learning program and academic support will come from the Computer Information Systems and the Government departments.
Return to top
Created before October 2004