[Chaos-Knoten]12. Chaos Communication Congress '95


Prof. Dr. Klaus Brunnstein (Computer science department - University of Hamburg)

Having fun with computer and network failures

by cand. dipl. inform. Christoph Haas [signum@torfhh.hanse.de]

Those who know Professor Brunnstein tended to know that the V.I.P.s of the computer scene will not get good marks. His way of speaking is always very amusing and let people think about his new information. Obviously the recently ceased Mr. Zuse was not criticized. Prof. Brunnstein felt sad about the fact that Zuse died before he could receive his honour membership. Zuse and him shared the same aims in research during the last years. Somehow he feels familiar with the CCC, but does not share exactly the basic thoughts of the CCC - whatever he meant with them.

At first Prof. Brunnstein explained to the audience that the motto of his speach is not to understand word by word. A computer's failure means the loss of functionality and money for users and whole companies. In between the information technology rules more and more our daily life so that a simple failure could harm the whole company.

As an example for deeply linked goods guarding systems he referred to the Hamburg-Altona railway station and its problems. If one of the system components stuck, the whole traffic is stopped. Euphemistically, he called the problems experienced by the railway station in March a "function minimizing" or "train's handicap" if a train could drive into a station but cannot get out.

Even worse is the problem of transferring money via computer networks. A driver or biker needs about 30 kilometers per hour during rush hour, inspite of this money nearly moves at the speed of light through computer networks. The best known network is the SWIFT network which is used e.g. by the Deutsche Bundesbank and nearly all the important banks in the world. This network is not absolutely secure. The failure of a mainframe computer of a bank department disables all transfers. Last happened: during a bank transaction the authorization computer of a well known bank in Hamburg went into Nowhere and a database entry could not been properly created. The amount of this transaction was booked more than once. Before this error was noticed by the bank, a tabloid of Hamburg already ran the headline: "Bank in Hamburg betrays customers". At last only 400 customers were affected. The mistake was corrected as soon as possible.

If you consider that the Deutsche Bundesbank transfers hundreds of billions of Deutschmarks daily, the catastrophe appears in another light. Even here "small errors" occur without knowledge of the public.

However the customers are sometimes too naive. Enjoying the new freedom of homebanking quite a lot of people were diving thoughtless into the T-Online business, an old-fashioned online service owned by soon-to-be-privatized Deutsche Telekom, hacked some 10 years ago by the CCC, when it was still called "BTX". Brunnstein: "The renaming has not lead to more security in this service." Don't be fooled by the neatly designed desktop.

The dependency on technology grows more and more. It does not only reach bits and bytes. The actual topic at the department of Computer Sciences deals with the total failure of the local mail system. Background: the air condition increased up to 30 degrees Celcius, so the VAX refused to work.

Businesses easily run into trouble with network restrictions. For example, the following study will show how long a company can survive with a damaged computer system:

                  IBM-Study '92     today app.
Finance           2 days            12-24 h
Trade             3.3 days          24-48 h
Production and
Industry          4.8-4.9 hours     a few minutes
Insurance         4.8 days          several days

Average           4.8 days
Today even the fittest user loses control about his files by running MS-DOS. Thanks to Windows 95 we do not "plug-and-play" any more but "plug-and-pray". Unfortunately we lost transparence to th easy-to-use graphical user interface. A responsible use of networking would be easier if already children learnt how to deal with it. In our days it is quite common to have an e-mail address. The loss of money in the cultural system is a great danger in our quickly growing information society. Prof. Brunnstein criticized the users who carelessly put their floppy disks in foreign infected computers or even use easyly guessed passwords.

Prof. Brunnstein accused Microsoft Chairman Bill Gates for the complete disdevelopment. Once upon a time his dream was to invent a "home computer". When he called the "home computer" a "personal computer" it was getting worse. The every day life computer was not ready for the world. Gates: "For me there are no bugs. The attributes are features. I have developed an easy sold system for the home. The professional use of it was not intended."

For the one who is not convinced yet it happened that a space simulation should be developed on a PDP-1. The premise was a plain construction. The first simple designed system core was taken away as the system was not intended for public use. This system is today well known as UNIX or similar. Problems appear obviously in the password database which is always located in the same directory and accessible for nearly everybody. Though the passwords are encrypted, they are easy to crack (a kind of dictionary of frequently used passwords, run over the password database, leads to app. 30% of successfully cracked passwords).

Let us stay a while at Prof. Brunnsteins most favourite subject - Microsoft-bashing. The biggest disease of a LAN (local area networks) could be invoked by locally connected computers, but outside attacks are even more dangerous.

Prof. Brunnstein divides the possible errors in a system into three classes:

He also devides the "destructive activities" in a computer network into "cracking" and "hacking". While "hacking" means the pointation of security lacks, "cracking" means to sell foreign data to other secret services - data espionage.

Throughout the Computing Community, Prof. Brunnstein is well known as a "virus god". By now, there are more than 8000 viruses for PCs. Until today only alpha PCs and Power-PCs were not infected by them. Even Prof. Brunnstein's PC was infected by a macro virus. Suddenly: "Stop all french nuclear testing in the pacific!" appeared at the end of his MS Word documents - A good message but maybe the wrong way to spread it. Every user using F-Prot or familiar virus killers that busts macro viruses may not always find all of them.

Mr. Brunnsteins comment for the last paragraph:
"I always refused to be called 'virus god', or 'virus pope', as some people like to call me. I dont think the terms are appropriate. <irony mode on>After all, Im not totally infallible<irony mode off>

Read on:

Usenet collection of computer desasters


Michael Rademacher, 27.12.1995
Archived page - Impressum/Datenschutz