RISKS Forum mailing list archives

Previous By Date Next
Previous By Thread Next

Risks Digest 31.47

From: RISKS List Owner <risko () csl sri com>
Date: Tue, 12 Nov 2019 16:53:37 PST
RISKS-LIST: Risks-Forum Digest  Tuesday 12 November 2019  Volume 31 : Issue 47

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
  <http://catless.ncl.ac.uk/Risks/31.47>
The current issue can also be found at
  <http://www.csl.sri.com/users/risko/risks.txt>

  Contents:  [Cleared the backlog.]
Galileo satellite system failure (The Register)
Boeing Shaped a Law to Its Liking. Weeks Later, a 737 Max Crashed. (NYTimes)
Illegal drones ground water-dropping helicopters at critical moment in Maria
  fire battle (LA Times)
Drones Used in Crime Fly Under the Law's Radar (NYTimes)
Kiwibot delivery bots drones (NYTimes)
AT&T claims a weeks-long voicemail outage will be fixed with a single device
  update (The Verge)
Wrong-way driverless Tesla Model 3 (Geoff Goodfellow)
Uber self-driving car involved in fatal crash couldn't detect jaywalkers
  (Engadget)
Testing Cars That Help Drivers Steer Clear of Pedestrians (NYTimes)
How Russia Meddles Abroad for Profit: Cash, Trolls and a Cult Leader
  (NYTimes)
Russia Will Test Its Ability to Disconnect from the Internet (via GeoffG)
Brian Kernighan: Unix: A History and a Memoir (PGN)
GitHub blocking: vandal's dream (Dan Jacobson)
PSA: Turning off silent macros in Office for Mac leaves users wide open to
  silent macro attacks (The Register)
Large Bitcoin Player Manipulated Price Sharply Higher, Study Says (WSJ)
Inside the Icelandic Facility Where Bitcoin Is Mined (WiReD)
Amazon blames 'error' for blocking Nintendo resellers from listing products
  (The Verge)
What happens if your mind lives for ever on the Internet? (The Guardian)
1.5 Million Packages a Day: The Internet Brings Chaos to NY Streets
  (NYTimes)
Security Researchers Warn of Online Voting Risks (Computerworld)
Calculation gives different results on different operating systems
  (Techxplore)
Microsoft's Secured-Core PC Feature Protects Critical Code (WiReD)
The rise of microchipping: are we ready for technology to get under the
  skin? (The Guardian)
Saudi Arabia recruited Twitter workers to spy on users, feds say (CBS News)
U.S. Charges Former Twitter Employees With Spying for Saudi Arabia (WSJ)
The Internet is tilting toward tyranny (WashPost)
Network Solutions: Important Security Information re: Breach (via GabeG)
Radios do interfere with garage-door openers! (fauquiernow)
Automatic bug tracker issue closers (stalebot)
Robinhood Markets -- rob the poor to feed the rich? (Bloomberg)
Apps track students from the classroom to bathroom, and parents are
  struggling to keep up (WashPost)
At an Outback Steakhouse Franchise, Surveillance Blooms (WiReD)
Researchers hack Siri, Alexa, and Google Home by shining lasers at them
  (Ars Technica)
Insanely humanlike androids have entered the workplace and soon may take
  your job (CNBC)
HireVue's AI face-scanning algorithm increasingly decides whether you
  deserve the job (Wash Post)
Screen time is actually good for kids!  (Oxford)
Risks of posting the wrong emoji (Dan Jacobson)
We Have No Reason to Believe 5G Is Safe (Scientific American Blog Network)
She Accidentally Uncovered a Nationwide Scam on Airbnb (VICE)
Expanded testbed in Singapore for autonomous vehicles a big boost for
  research and developers (The Straits Times)
Coalfire CEO statement (via Gabe Goldberg)
Cirrus' $2 Million Vision Jet Now Lands Itself, No Pilot Needed (WiReD)
These Machines Can Put You in Jail. Don't Trust Them. (NYTimes)
Trolling Is Now Mainstream Political Discourse (WiReD)
Video giant Twitch pushes Trump rallies and mass violence into the
  live-stream age (WashPost)
Text messages delayed from February were mysteriously sent overnight
  (The Verge)
Netflix to stop supporting older devices from Samsung, Roku, and Vizio in
  December (The Verge)
Members of violent white supremacist website exposed in massive data dump
  (Ars Technica)
Re: Mountain village begs tourists not to follow Google Maps and
  get stuck (Dan Jacobson)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Mon, 11 Nov 2019 10:48:17 -1000
From: the keyboard of geoff goodfellow <geoff () iconia com>
Subject: Galileo satellite system failure (The Register)

*Also organizational chaos, secrecy and self-regulation*

EXCERPT:

Key details about the failure of Europe's Galileo satellite system over the
summer have started to emerge -- and it's not pretty.

While one key official has sought to blame a single individual for the
system going dark, insiders warn that organizational chaos, excessive
secrecy and some unusual self-regulation is as much to blame.

Combined with those problems, a battle between European organizations over
the satellite system, and a delayed independent report into the July
cock-up, means things aren't looking good for Europe's answer to America's
GPS system. A much needed shake-up may be on its way.

In mid-July, the agency in charge of the network of 26 satellites, the
European Global Navigation Satellite Systems Agency (EGSA), warned of a
`service degradation' but assured everyone that it would quickly be
resolved.  <https://www.theregister.co.uk/2019/07/15/galileo_outage/>

It wasn't resolved however, and six days later the system was not only still
down but getting increasingly inaccurate
<https://www.theregister.co.uk/2019/07/17/europe_galileo_satellites_down/>,
with satellites reporting that they were in completely different positions
in orbit than they were supposed to be - a big problem for a system whose
entire purpose is to provide state-of-the-art positional accuracy to within
20 centimeters.

Billions of organizations, individuals, phones, apps and so on from across
the globe simply stopped listening to Galileo. It's hard to imagine a
bigger mess, aside from the satellites crashing down to Earth.

But despite the outage and widespread criticism over the failure of those
behind Galileo to explain what was going on and why, there has been almost
no information from the various space agencies and organizations involved
in the project.

*Inquiry*...

[...]
https://www.theregister.co.uk/2019/11/08/galileo_satellites_outage/

------------------------------

Date: Sun, 27 Oct 2019 10:23:20 -0400
From: Monty Solomon <monty () roscom com>
Subject: Boeing Shaped a Law to Its Liking. Weeks Later, a 737 Max Crashed.
  (NYTimes)

The government has been handing over more responsibility to manufacturers
for years. The new law makes it even harder for regulators to review
Boeing's work.

https://www.nytimes.com/2019/10/27/business/boeing-737-max-crashes.html

------------------------------

Date: Sun, 3 Nov 2019 09:42:25 -0700
From: Jim Reisert AD1C <jjreisert () alum mit edu>
Subject: Illegal drones ground water-dropping helicopters at critical
  moment in Maria fire battle (LA Times)

Colleen Shalby, Mark Puente, Hannah Fry, LA Times, 2 Nov 2019

  As flames rapidly spread along a hillside in Santa Paula early Friday
  morning, firefighters were faced with a perilous dilemma: ground
  night-flying helicopters working to contain the growing fire or risk an
  aerial collision with a thrill-seeking drone.

  A Ventura County Fire Department helicopter pilot radioed in at 3:19
  a.m. that a drone had been spotted flying above the flames, apparently
  trying to take a photograph or video of the scene below. Air operations
  were immediately stopped for at least 45 minutes until the sky was clear.

  But at 4:05 a.m., another drone sighting occurred.

  The aerial fight against the wildfire was upended for another hour while
  at least two helicopters with night-flying capabilities that had been
  deployed to help contain the Maria fire were grounded. Meanwhile, the
  blaze that broke out atop South Mountain, just south of Santa Paula,
  shortly after 6 p.m. Thursday marched toward the small agricultural towns
  of Somis and Saticoy.

  The interruption of the aerial firefighting underscores growing concerns
  about how drones can bring added dangers to pilots battling major fires.

https://www.latimes.com/california/story/2019-11-01/maria-fire-drone-hinders-firefighting-efforts-as-blaze-doubles-in-size-overnight

------------------------------

Date: Sun, 3 Nov 2019 18:57:12 -0500
From: Monty Solomon <monty () roscom com>
Subject: Drones Used in Crime Fly Under the Law's Radar (NYTimes)

https://www.nytimes.com/2019/11/03/us/drones-crime.html

Drones are increasingly being used by criminals across the country, and
local law enforcement agencies are often powerless to stop them.

------------------------------

Date: Mon, 11 Nov 2019 17:04:07 -0500
From: Gabe Goldberg <gabe () gabegold com>
Subject: Kiwibot delivery bots drones (NYTimes)

https://www.nytimes.com/2019/11/07/business/kiwibot-delivery-bots-drones.html

The risk? It's in the title.

I've encountered these critters roaming George Mason University campus in
Fairfax VA.  One was being chased by a student who'd placed an order but
forgotten to update his address, so it was going where he used to live.

------------------------------

Date: Thu, 24 Oct 2019 23:13:58 -0400
From: Gabe Goldberg <gabe () gabegold com>
Subject: AT&T claims a weeks-long voicemail outage will be fixed with a
  single device update (The Verge)

AT&T has been experiencing a weeks-long voicemail outage affecting some
customers across the country. But it's hard to tell exactly
what's causing the outage, or how long until it will be fixed
-- and AT&T is saying conflicting things about what's
going on.

Here's what the company told us, when we asked:

  `A recent software update to some devices may be affecting our customers'
  voicemail. We are working with the device manufacturer to issue a patch to
  resolve this and apologize for any inconvenience this has caused.''

That statement seems to suggest that only a single phonemaker is affected,
and that phonemaker might share the blame for the outage -- but
that wouldn't make sense, because AT&T customers are reporting a wide array
of different phones are having the same issue.

Right now, there's a 40+ page thread on AT&T's support forums concerning the
recent voicemail issues. (It was marked as `solved' on page 8 by AT&T.) In
the thread, AT&T reps have attributed the issues to something much different
than a recent software update -- they've said it's because of a `vendor
server problem' as first stated on October 9th, and reiterated as recently
as today, October 23rd.

https://www.theverge.com/2019/10/23/20929133/att-voicemail-outage-patch-vendor-server-problem

------------------------------

Date: Thu, 7 Nov 2019 14:22:00 -1000
From: geoff goodfellow <geoff () iconia com>
Subject: Wrong-way driverless Tesla Model 3

 - Footage of the dodgy driving was captured in Richmond, British Columbia
 - The Model 3 car stops and starts as it tentatively tries to reach its
   owner
 - Smart Summon was rolled out to supported Tesla cars on 26 Sep 2019
 - It has been met with a very mixed reception from Tesla users and
   pedestrians

EXCERPT:

An alarming video shows a 'smart summoned' driverless Tesla Model 3 car
tentatively trying to find its owner -- while going down the wrong side of
the road.

Stopping and starting -- in the dead middle of the road at one point -- the
vehicle's ham-fisted driving is seen to attract the concerned attention of
passersby.

This latest worrying exhibition of driverless tech was filmed in a shopping
centre parking lot in Richmond, British Columbia.

------------------------------

Date: Wed, 6 Nov 2019 08:26:09 -1000
From: geoff goodfellow <geoff () iconia com>
Subject: Uber self-driving car involved in fatal crash couldn't detect
   jaywalkers (Engadget)

*The system had several serious software flaws, the NTSB said*

EXCERPT:

Uber's self-driving car that struck and killed a pedestrian in March 2018
had serious software flaws, including the inability to recognize jaywalkers,
according to the NTSB.  The US safety agency said that Uber's software
failed to recognize the 49-year-old victim, Elaine Herzberg, as a pedestrian
crossing the street.  It didn't calculate that it could potentially collide
with her until 1.2 seconds before impact, at which point it was too late to
brake.
<https://www.engadget.com/2018/03/19/uber-stops-all-self-driving-car-tests-after-fatal-accident/>
<https://www.documentcloud.org/documents/6540547-629713.html>

More surprisingly, the NTSB said Uber's system design "did not include a
consideration for jaywalking pedestrians." On top of that, the car
initiated a one second braking delay so that the vehicle could calculate an
alternative path or let the safety driver take control. (Uber has since
eliminated that function in a software update.)

*Although the [system] detected the pedestrian nearly six seconds before
impact ... it never classified her as a pedestrian, because she was
crossing at a location without a crosswalk [and] the system design did not
include a consideration for jaywalking pedestrians.*

Uber's autonomous test vehicles may have failed to identify roadway hazards
in at least two other cases, according to the report. In one case, a
vehicle struck a bicycle lane post that had bent into a roadway. In
another, a safety driver was forced to take control to avoid an oncoming
vehicle and ended up striking a parked car. In the seven months prior to
the fatal crash, Uber vehicles were involved in 37 accidents, including 33
in which other vehicles struck the Uber test cars...

[...]
https://www.engadget.com/2019/11/06/uber-self-driving-car-fatal-accident-ntsb/

  [Monty Solomon noted the article here:]
https://www.washingtonpost.com/local/trafficandcommuting/pedestrian-in-self-driving-uber-collision-probably-would-have-lived-if-braking-feature-hadnt-been-shut-off-ntsb-finds/2019/11/05/7ec83b9c-ffeb-11e9-9518-1e76abc088b6_story.html

------------------------------

Date: Wed, 6 Nov 2019 10:48:32 -0600
From: Monty Solomon <monty () roscom com>
Subject: Testing Cars That Help Drivers Steer Clear of Pedestrians (NYTimes)

https://www.nytimes.com/2019/10/29/business/pedestrian-deaths-collision-avoidance.html

As pedestrian deaths climb, collision-avoidance systems could reduce that
toll, but new tests show significant differences in how well they work.

------------------------------

Date: Mon, 11 Nov 2019 14:37:26 -0500
From: Monty Solomon <monty () roscom com>
Subject: How Russia Meddles Abroad for Profit: Cash, Trolls and a Cult
  Leader (NYTimes)

https://www.nytimes.com/2019/11/11/world/africa/russia-madagascar-election.html

Madagascar has little obvious strategic value for the Kremlin or the global
balance of power. But Russians were there during an election, offering
bribes, spreading disinformation and recruiting an apocalyptic cult leader.

"The Russians were hard to miss. They appeared suddenly last year in
Madagascar's traffic-snarled capital, carrying backpacks stuffed with cash
and campaign swag decorated with the name of Madagascar's president.

"It was one of Russia's most overt attempts at election interference to
date.  Working from their headquarters in a resort hotel, the Russians
published their own newspaper in the local language and hired students to
write fawning articles about the president to help him win another
term. Skirting electoral laws, they bought airtime on television stations
and blanketed the country with billboards.

"They paid young people to attend rallies and journalists to cover
them. They showed up with armed bodyguards at campaign offices to bribe
challengers to drop out of the race to clear their candidate's path.

At Madagascar's election commission, officials were alarmed.  `'We all
recall what the Russians did in the United States during the election,' said
Thierry Rakotonarivo, the commission's vice president. 'We were truly
afraid.''

https://www.nytimes.com/2019/11/11/world/africa/russia-madagascar-election.html

------------------------------

Date: Thu, 24 Oct 2019 14:21:00 -1000
From: geoff goodfellow <geoff () iconia com>
Subject: Russia Will Test Its Ability to Disconnect from the Internet
  (sundry sources)

*The nascent RuNet is meant to allow the country to survive an attack --
and Putin to monitor and control his subjects*

EXCERPT:

Russia will test its internal RuNet network to see whether the country can
function without the global Internet, the Russian government announced
Monday. The tests will begin after Nov. 1, recur at least annually, and
possibly more frequently. It's the latest move in a series of technical and
policy steps intended to allow the Russian government to cut its citizens
off from the rest of the world.

``On Monday, the government approved the provision on conducting exercises
to ensure the stable, safe and holistic functioning of the Internet and
public communications networks in the Russian Federation,'' notes an article
in D-Russia.
<http://d-russia.ru/opublikovano-polozhenie-o-regulyarnyh-ucheniyah-po-vyyavleniyu-ugroz-i-otrabotke-mer-po-vosstanovleniyu-rabotosposobnosti-runeta.html>

(The original article is in Russian. We verified a translation with the
help of a native Russian speaker.) ``The exercises are held at the federal
(in the territory of the Russian Federation) and regional (in the territory
of one or more constituent entities of the Russian Federation) levels.''

The word ``holistic'' shows that the exercises follow April's passage of
the sovereign Internet law
<https://www.cnn.com/2019/05/01/europe/vladimir-putin-russian-independent-internet-intl/index.html>
that will require all Internet traffic in Russia to pass through official
chokepoints, allowing the government to shut down outside access, block
websites that they don't like and monitor traffic.
<https://www.defenseone.com/technology/2019/04/russians-will-soon-lose-uncensored-access-internet/156531/>

In 2016, Russia launched the Closed Data Transfer Segment: basically, a big
military intranet for classified data, similar to the Pentagon's Joint
Worldwide Intelligence Communications System
<https://en.wikipedia.org/wiki/Joint_Worldwide_Intelligence_Communications_System>.
The following year, Russia announced
<https://www.defenseone.com/technology/2017/11/russia-will-build-its-own-internet-directory-citing-us-information-warfare/142822/>
that it intends to build its own domain name directory, which would allow
it to re-route traffic intended for one website to another
<https://www.defenseone.com/technology/2017/11/russia-will-build-its-own-internet-directory-citing-us-information-warfare/142822/>.
And last year, Putin's top IT advisor Herman Klimenko
<http://www.businessinsider.com/putin-internet-advisor-allegedly-owns-piracy-torrent-site-2016-1>and
others suggested that the new segment might be able to carry the rest of
the country's Internet traffic. But Klimenko cautioned that moving to the
new system would be painful. As recently as March, Gen. Paul Nakasone,
director of U.S. Cyber Command and the NSA, expressed skepticism
<https://www.youtube.com/watch?time_continue=3D12&v=3DApd2ReXB6vk> that Russia would succeed. ...

https://www.defenseone.com/technology/2019/10/russia-will-test-its-ability-disconnect-internet/160861/

------------------------------

Date: Mon, 11 Nov 2019 10:19:10 PST
From: "Peter G. Neumann" <neumann () csl sri com>
Subject: Brian Kernighan: Unix: A History and a Memoir

Brian Kernighan
Unix: A History and a Memoir
Kindle Direct Publishing
October 2019
ISBN 9891695978553

This is Brian's 13th book, and I think we are very lucky that he has made a
significant effort to write it.

Why is this book relevant to RISKS?

* It provides a well-documented long-term success story, a genre that we
  have long sought for RISKS (and indeed explicitly requested in our first
  few decades, although there have been few examples as far-reaching as this
  one).

* It is a wonderful example of the fundamental importance of skilled,
  devoted, and committed individuals in building new systems and enabling
  those systems to have long lives, as well as enabling an ever-growing
  group of other contributors to create relevant enhancements, and of course
  inspiring the advent of many open-source operating systems and supporting
  software.

* The book is a fine example of the effective use of constructive
  self-publishing.  The process of getting a book published through the
  usual channels is typically very labor intensive and time consuming,
  sometimes making aspects of the book no longer timely.  However, the
  historical aspects of Brian's book are timeless, and carefully prepared.
  Incidentally, the memoir aspects demonstrate Brian's modesty: ``For 30
  years, he was a member of the original Unix research group, ... present at
  the creation, though not responsible for it.''  I believe he had a
  decidedly nontrivial role in its success.  PGN

------------------------------

Date: Sat, 09 Nov 2019 23:11:13 +0800
From: Dan Jacobson <jidanni () jidanni org>
Subject: GitHub blocking: vandal's dream

Let's take another look at GitHub blocking.

On Facebook if Boris BadUser blocks Gerry GoodUser, both lose access to each
other's stuff.

On GitHub, Boris blocks Gerry's *notifications of Boris' actions*, including
vandalizing Gerry's stuff to his heart's content (until one day some third
party hopefully tells Gerry.)

Unbelievable, undocumented, but true (as confirmed by staff in my previous
post.)

------------------------------

Date: Tue, 5 Nov 2019 23:05:43 -0600
From: Monty Solomon <monty () roscom com>
Subject: PSA: Turning off silent macros in Office for Mac leaves users wide
  open to silent macro attacks (The Register)

https://www.theregister.co.uk/2019/11/05/office_mac_macro_bug/

------------------------------

Date: Mon, 4 Nov 2019 08:01:45 -0600
From: Monty Solomon <monty () roscom com>
Subject: Large Bitcoin Player Manipulated Price Sharply Higher, Study Says
  (WSJ)

A single large player, using the Bitfinex exchange and a cryptocurrency
called tether, manipulated the price of bitcoin as it ran up to a peak of
nearly $20,000 two years ago, a new study has concluded.

https://www.wsj.com/articles/large-bitcoin-player-manipulated-price-sharply-higher-study-says-11572863400

------------------------------

Date: Sun, 3 Nov 2019 22:06:49 -0500
From: Gabe Goldberg <gabe () gabegold com>
Subject: Inside the Icelandic Facility Where Bitcoin Is Mined (WiReD)

Cryptocurrency mining now uses more of the Nordic island nation's
electricity than its homes.

It wasn't long after Bitcoin's creation on 3 Jan 2009 that cryptocurrency
companies began moving to Iceland. In 2016, large data centers accounted for
nearly 1 percent of its GDP, with cryptocurrency mining operations making up
90 percent of those. They now use more electricity than all of Iceland's
homes combined, with electric bills at Enigma running more than $1 million
per month. But however green the energy, miners still can't escape a dilemma
as old as picks and shovels: how to extract resources without marring the
landscape. According to local experts cited by The Wall Street Journal,
keeping up with demand for electricity requires building more dams and power
stations that could alter Iceland's unique, sensitive environment.

https://www.wired.com/story/iceland-bitcoin-mining-gallery/

------------------------------

Date: Sun, 3 Nov 2019 20:56:51 -0600
From: Monty Solomon <monty () roscom com>
Subject: Amazon blames 'error' for blocking Nintendo resellers from listing
  products (The Verge)

https://www.theverge.com/2019/11/1/20943772/amazon-marketplace-nintendo-deal-used-retro-games-consoles-counterfeit

------------------------------

Date: October 22, 2019 8:18:27 GMT+8
From: geoff goodfellow <geoff () iconia com>
Subject: What happens if your mind lives for ever on the Internet?
  (The Guardian)

(The Guardian, 20 Oct 2019)

It may be some way off, but mind uploading, the digital duplication of your
mental essence, could expand human experience into a virtual afterlife.

Imagine that a person's brain could be scanned in great detail and recreated
in a computer simulation. The person's mind and memories, emotions and
personality would be duplicated. In effect, a new and equally valid version
of that person would now exist, in a potentially immortal, digital form.
This futuristic possibility is called mind uploading. The science of the
brain and of consciousness increasingly suggests that mind uploading is
possible -- there are no laws of physics to prevent it. The technology is
likely to be far in our future; it may be centuries before the details are
fully worked out -- and yet given how much interest and effort is already
directed towards that goal, mind uploading seems inevitable. Of course we
can't be certain how it might affect our culture but as the technology of
simulation and artificial neural networks shapes up, we can guess what that
mind uploading future might be like.

Suppose one day you go into an uploading clinic to have your brain scanned.
Let's be generous and pretend the technology works perfectly. It's been
tested and debugged. It captures all your synapses in sufficient detail to
recreate your unique mind. It gives that mind a standard-issue, virtual body
that's reasonably comfortable, with your face and voice attached, in a
virtual environment like a high-quality video game. Let's pretend all of
this has come true...

https://www.theguardian.com/technology/2019/oct/20/mind-uploading-brain-live-for-ever-internet-virtual-reality

  [Of course, we will need truly trustworthy systems on which to house such
  a facility, to prevent and detect impersonations, alterations, and the
  creation of entirely fake persona.  PGN]

------------------------------

Date: Sun, 3 Nov 2019 22:21:48 -0500
From: Gabe Goldberg <gabe () gabegold com>
Subject: 1.5 Million Packages a Day: The Internet Brings Chaos to NY Streets
  (NYTimes)

The push for convenience is having a stark impact on gridlock, roadway
safety and pollution in New York City and urban areas around the world.

https://www.nytimes.com/2019/10/27/nyregion/nyc-amazon-delivery.html

------------------------------

Date: Fri, 18 Oct 2019 12:16:21 -0400 (EDT)
From: ACM TechNews <technews-editor () acm org>
Subject: Security Researchers Warn of Online Voting Risks (Computerworld)

Security Researchers Warn of Online Voting Risks
Rohan Pearce, Computerworld, 17 Oct 2019) via ACM TechNews, 18 Oct 2019

Security researchers said Australia should not rely on any online voting
system that lacks a thorough ballot-verification method, to ensure against
fraudulent voting. The University of Melbourne's Chris Culnane and Vanessa
Teague warned of the vulnerability of Scytl's iVote platform, designed to
accommodate visually impaired voters and those traveling on the day of the
election, as well as substituting for voting by mail. The researchers cited
findings that votes cast via iVote in a 2017 Western Australia election were
channeled through a content delivery network that could potentially "read
and alter votes." Culnane, Teague, and their colleagues told an ongoing
Victorian inquiry examining the conduct of the state's 2018 election,
"Electronic voting risks introducing into Australian elections the
possibility of large-scale, undetectable fraud that could potentially be
committed from anywhere in the world."

https://orange.hosting.lsoft.com/trk/click?ref=3Dznwrbbrs9_6-22109x21e58dx070251&;

------------------------------

Date: Mon, 21 Oct 2019 07:05:26 -0700
From: Barry Gold <barrydgold () ca rr com>
Subject: Calculation gives different results on different operating systems
  (Techxplore)

Chaos is loose in the world.

A grad student who was checking the calculations in a study discovered that
the algorithm returned different results on MacOS, Windows, and Linux.

"Studies that used the original code for NMR computations could probably be
incorrect," Luo said. "Because most researchers didn't include the type of
operating system they used, there is no easy way to know if their results
were affected by this glitch."

https://techxplore.com/news/2019-10-team-glitch-affect-scientific.html?fbclid=IwAR0RjcX4HtZVjXsU5gq6IPQ9E36NqkeGWm6BL181nOr3Lg3qsRor0MJQsuU

------------------------------

Date: Mon, 21 Oct 2019 17:54:35 -0400
From: Gabe Goldberg <gabe () gabegold com>
Subject: Microsoft's Secured-Core PC Feature Protects Critical Code (WiReD)

The idea of secured-core PC is to take firmware out of that equation,
eliminating it as a link in the chain that determines what's trustworthy on
a system. Instead of relying on firmware, Microsoft has worked with AMD,
Intel, and Qualcomm to make new central processing unit chips that can run
integrity checks during boot in a controlled, cryptographically verified
way. Only the chip manufacturers will hold the encryption keys to broker
these checks, and they're burned onto the CPUs during manufacturing rather
than interacting with the firmware's amorphous, often unreliable code layer.

"It's rooted in the CPU and no longer in the firmware, because it still
boots early," Weston says. "But if there's anything tampered with, the
system code would identify this and shut everything down. So we're taking
firmware and any potential compromise out of the circle of trust."

https://www.wired.com/story/microsoft-secured-core-pc/

Only the chip manufacturers will hold the encryption keys

Hmmm.

------------------------------

Date: November 9, 2019 9:22:22 JST
From: geoff goodfellow <geoff () iconia com>
Subject: The rise of microchipping: are we ready for technology to get under
  the skin? (The Guardian)

As implants grow more common, experts fear surveillance and exploitation of
workers. Advocates say the concerns are irrational

EXCERPT:

On 1 August 2017, workers at Three Square Market, a Wisconsin-based company
specializing in vending machines, lined up in the office cafeteria to be
implanted with microchips. One after the other, they held out a hand to a
local tattoo artist who pushed a rice-grain sized implant into the flesh
between the thumb and forefinger. The 41 employees who opted into the
procedure received complimentary t-shirts that read ``I Got Chipped''.

This wholesale implant event, organized by company management, dovetailed
with Three Square Market's longer-term vision of a cashless payment system
for their vending machines =E2=80=93 workplace snacks purchased with a flick
of the wrist. And the televised ``chipping party'' proved to be a savvy
marketing tactic, the story picked up by media outlets from Moscow to
Sydney. ...

https://www.theguardian.com/technology/2019/nov/08/the-rise-of-microchipping-are-we-ready-for-technology-to-get-under-the-skin

------------------------------

Date: Wed, 06 Nov 2019 20:55:50 -0500
From: José María (Chema) Mateos <chema () rinzewind org>
Subject: Saudi Arabia recruited Twitter workers to spy on users, feds say
  (CBS News)

Yet another example that you can't trust your data out there. Private
messages are not private if you send them as plain text.

https://www.cbsnews.com/news/saudi-arabia-recruited-twitter-workers-to-spy-on-users-feds-say/

Saudi Arabia's government recruited two Twitter employees to get personal
account information on some of their critics, prosecutors with the
U.S. Department of Justice said Wednesday.

A complaint unsealed in U.S. District Court in San Francisco detailed a
coordinated effort by Saudi government officials to recruit employees at the
social media giant to look up the private data of thousands of Twitter
accounts. The accounts included those of a popular journalist with more than
1 million followers and other prominent government critics.

------------------------------

Date: Wed, 6 Nov 2019 17:33:56 -0600
From: Monty Solomon <monty () roscom com>
Subject: U.S. Charges Former Twitter Employees With Spying for Saudi Arabia
  (WSJ)

Justice Department says the two former accessed information about people who
made posts critical of the Saudi royal family

https://www.wsj.com/articles/justice-department-charges-individuals-for-fraudulently-accessing-twitter-users-private-data-and-providing-info-to-saudi-arabia-11573080810

------------------------------

Date: Wed, 6 Nov 2019 08:24:33 -1000
From: geoff goodfellow <geoff () iconia com>
Subject: The Internet is tilting toward tyranny (WashPost)

The Internet in its early days seemed destined to enhance freedom.
Authoritarian governments might bar citizens from the Web or decrease what
citizens could do on the Web, but they would not use the Web as a tool to
clamp down. Needless to say, things have changed.

For the ninth year in a row, Freedom House's annual ``Freedom on the Net''
report
<https://www.freedomonthenet.org/report/freedom-on-the-net/2019/the-crisis-of-social-media>
charts a decrease in Internet freedom around the world. Authoritarian
regimes and democratic ones both are marshaling sophisticated technology to
turn the Web against the people with aggressive media manipulation campaigns
and mass surveillance.

More than 3.8 billion people have access to the Internet today, and more
than 70 percent live in countries where individuals have been arrested for
posting about political, social or religious issues. Sixty-five percent live
in countries where individuals have been attacked or killed for their online
activities -- individuals like the two Thai anti-government activists whose
bodies were found <https://apnews.com/46be62385c4e40aea66fe5881a7492ed>
stuffed with concrete in the Mekong River last December.
<https://www.theguardian.com/world/2019/mar/17/thailand-dissidents-murder-mekong-election>

Freedom House found that unscrupulous politicians launder disinformation
into the mainstream through local actors such as pop culture personalities
and business magnates, many of whom are paid for their efforts to amplify
conspiracy theories, misleading memes and more. Consultants in the
Philippines charge 30 million pesos, or $580,000, for three-month influence
efforts conducted in closed groups as well as on hyperpartisan ``alternative
news'' channels. Brazil's presidential election featured operatives who
scraped phone numbers from Facebook to add voters to WhatsApp groups filled
with propaganda based on their personal identifiers. In India, 1.3 million
youths in the National Cadet Corps were instructed to download a special app
from Prime Minister Narendra Modi marketed as a source for official news and
stuffed with deceptive and divisive material.

The report also focuses on ``machine-driven monitoring of the public,''
realized to its fullest dystopian extent in China. The Muslim Uighur
minority there is systematically tracked by law enforcement equipped with a
biometric database
<https://www.cnn.com/2017/12/12/asia/china-xinjiang-dna/index.html>of almost
the entire population. But even in the United States, agencies have become
more aggressive with warrantless searches of electronic devices at the
border and social media sweeps of immigrants and immigration activists.
There's also a booming market for high-tech surveillance capabilities among
less advanced countries, particularly in Africa and the Middle East. A 2020
trade show in Dubai will feature the best of the worst from global firms,
such as a product from the Chinese company Semptian that can audit the
online activity of 5 million people for $1.5 million to $2.5 million, a
bargain for any dictator.

The Internet, we have learned, does not inevitably bring freedom. Society's
blindness to anything but the good of the Web might have left well-meaning
governments behind in regulating to enshrine privacy or ensure transparency
in elections. It's not too late to aim for a better Year 10.
https://www.washingtonpost.com/opinions/the-internet-gets-less-free--for-the-ninth-year-in-a-row/2019/11/05/ffe3fca0-ff48-11e9-8bab-0fc209e065a8_story.html

------------------------------

Date: Tue, 5 Nov 2019 15:18:47 -0500
From: Gabe Goldberg <gabe () gabegold com>
Subject: Network Solutions: Important Security Information re: Breach

What Happened?

On October 16, 2019, Network Solutions determined that a third-party gained
unauthorized access to a limited number of our computer systems in late
August 2019, and as a result, account information may have been accessed. No
credit card data was compromised as a result of this incident.

Upon discovery of this unauthorized access, the company immediately began
working with an independent cybersecurity firm to conduct a comprehensive
investigation to determine the scope of the incident, including the specific
data impacted. We have also reported the intrusion to federal authorities
and are notifying affected customers.

Safeguarding our customer's information is core to our mission. We are
committed to protecting our customers against misuse of their information
and have invested heavily in cybersecurity. We will continue to do so as we
incorporate the key learnings of this incident to further strengthen our
cyber defenses.

https://notice.networksolutions.com/

------------------------------

Date: Thu, 7 Nov 2019 10:37:57 PST
From: "Peter G. Neumann" <neumann () csl sri com>
Subject: Radios do interfere with garage-door openers! (fauquiernow)

https://www.fauquiernow.com/fauquier_news/article/fauquier-feds-admit-radios-interfere-with-garage-door-openers-11-5-2019

------------------------------

Date: Tue, 12 Nov 2019 00:56:05 +0800
From: Dan Jacobson <jidanni () jidanni org>
Subject: Automatic bug tracker issue closers (stalebot)

Yeah I told 'em.
https://github.com/probot/stale/issues/247#issuecomment-552521764

"Sure, for you young whippersnappers, closing issues automatically is only
natural.

But for older users who are in and out of the hospital (for longer periods
than stalebot default settings), when they return to their desks to find
their issues all automatically closed, it sends just one message: Don't
bother with the project (that uses stalebot.)"

------------------------------

Date: Tue, 5 Nov 2019 11:34:52 -1000
From: geoff goodfellow <geoff () iconia com>
Subject: Robinhood Markets -- rob the poor to feed the rich? (Bloomberg)

EXCERPT:

A glitch in the Robinhood Markets Inc.
<https://www.bloomberg.com/quote/1278015D:US> system is allowing users to
trade stocks with excess borrowed funds, giving them access to what amounts
to free money.

Dubbed the `infinite money cheat code' by users of Reddit Inc.'s
WallStreetBets forum, the bug is being exploited, according to users on the
forum.  One trader bragged <https://www.reddit.com/r/wallstreetbets/> about a
$1 million position funded by a $4,000 deposit.
https://www.reddit.com/r/wallstreetbets/comments/drt5tr/guh_of_fame_2019/

Robinhood is ``aware of the isolated situations and communicating directly
with customers,'' spokesperson Lavinia Chirico said in an email response to
questions.

The Menlo Park, California-based money-management software designer touts
trading ``free from commission fees.'' Robinhood Gold customers are invited
to ``supercharge'' their investing by paying $5 a month to trade on margin,
or money borrowed from the company.

A Guy on Reddit Turns $766 Into $107,758 on Two Options Trades
<https://www.bloomberg.com/news/articles/2019-10-17/a-guy-on-reddit-turns-766-into-107-758-on-two-options-trades>

Here's how the trade works. Users of Robinhood Gold are selling covered
calls using money borrowed from Robinhood. Nothing wrong with that. The
problem arises when Robinhood incorrectly adds the value of those calls to
the user's own capital. And that means that the more money a user borrows,
the more money Robinhood will lend them for future trading. ...

https://www.bloomberg.com/news/articles/2019-11-05/robinhood-has-a-glitch-that-gives-traders-infinite-leverage

------------------------------

Date: Mon, 4 Nov 2019 03:17:40 -0600
From: Monty Solomon <monty () roscom com>
Subject: Apps track students from the classroom to bathroom, and parents are
  struggling to keep up (WashPost)

A digital hallpass app that tracks bathroom trips is the latest school software to raise privacy concerns.

https://www.washingtonpost.com/technology/2019/10/29/school-apps-track-students-classroom-bathroom-parents-are-struggling-keep-up/

------------------------------

Date: Sun, 20 Oct 2019 16:11:15 -0400
From: Gabe Goldberg <gabe () gabegold com>
Subject: At an Outback Steakhouse Franchise, Surveillance Blooms (WiReD)

Fried onion meets 1984.

As casual dining chains have declined in popularity, many have experimented
with surveillance technology designed to maximize employee efficiency and
performance. Earlier this week, one Outback Steakhouse franchise announced
it would begin testing such a tool, a computer vision program called Presto
Vision, at a single outpost in the Portland, Oregon area.  Your Bloomin'
Onion now comes with a side of Big Brother.

https://www.eater.com/2017/10/3/16360878/decline-applebees-olive-garden-tgi-fridays
https://www.wired.com/story/guide-artificial-intelligence/
https://www.wired.com/story/outback-steakhouse-presto-vision-surveillance/

------------------------------

Date: Tue, 5 Nov 2019 15:17:42 -0500
From: Gabe Goldberg <gabe () gabegold com>
Subject: Researchers hack Siri, Alexa, and Google Home by shining lasers at
  them (Ars Technica)

MEMS mics respond to light as if it were sound. No one knows precisely why.

https://arstechnica.com/information-technology/2019/11/researchers-hack-siri-alexa-and-google-home-by-shining-lasers-at-them/

------------------------------

Date:   Thu, 31 Oct 2019 14:23:00 -1000
From:   geoff goodfellow <geoff () iconia com>
Subject: Insanely humanlike androids have entered the workplace and
  soon may take your job (CNBC)

 * Russian start-up Promobot recently unveiled what it calls the
   world's first android that looks just like a real person and can
   serve in a business capacity.
 * Robo-C can be made to look like anyone, so it's like an android clone.
 * It comes with an artificial intelligence system that has more than
   100,000 speech modules.
 * It can perform workplace tasks, such as answering customer questions
   at offices, airports, banks and museums, while accepting payments.
 * Hiroshi Ishiguro and his Japanese collaborators have created a
   number of androids that look like humans, including one called
   Erica, a newscaster on Japanese TV.

EXCERPT:

November 2019 is a landmark month in the history of the future.  That's when
humanoid robots that are indistinguishable from people start running amok in
Los Angeles. Well, at least they do in the seminal sci-fi film `Blade
Runner'.  Thirty-seven years after its release, we don't have murderous
androids running around. But we do have androids like Hanson Robotics'
Sophia and they could soon start working in jobs traditionally performed by people.
<https://www.cnbc.com/2017/12/05/hanson-robotics-ceo-sophia-the-robot-an-advocate-for-womens-rights.html>,

Russian start-up Promobot recently unveiled what it calls the world's first
autonomous android. It closely resembles a real person and can serve in a
business capacity. Robo-C can be made to look like anyone, so it's like an
android clone. It comes with an artificial intelligence system that has more
than 100,000 speech modules, according to the company. It can operate at
home, acting as a companion robot and reading out the news or managing smart
appliances -- basically, an anthropomorphic smart speaker. It can also
perform workplace tasks such as answering customer questions in places like
offices, airports, banks and museums, while accepting payments and
performing other functions.

*Digital immortality?*

`We analyzed the needs of our customers, and there was a demand,'' says
Promobot co-founder and development director Oleg Kivokurtsev.  `But, of
course, we started the development of an anthropomorphic robot a long time
ago, since in robotics there is the concept of the `Uncanny Valley,' and the
most positive perception of the robot arises when it looks like a
person. Now we have more than 10 orders from companies and private clients
from around the world.''

Postulated by Japanese roboticist Masahiro Mori in 1970, the Uncanny Valley
<https://en.wikipedia.org/wiki/Uncanny_valley> is a hypothesis related to
the design of robots. It holds that the more humanlike a robot appears, the
more people will notice its flaws.  This can create a feeling akin to
looking at zombies, and can creep people out. A properly designed android
that's as faithful as possible to the human original, however, can overcome
this `valley'' (a dip when the effect is imagined as a graph) and the zombie
factor.

While it can't walk around, Robo-C has 18 moving parts in its face, giving
it 36 degrees of freedom. The company says it has over 600 micro facial
expressions, the most on the market. It also has three degrees of freedom in
its neck and torso, offering limited movement.  Still, Promobot says it can
be useful in homes and workplaces. The price of the robot is $20,000 to
$50,000 depending on options and customized appearance.

The company says it's building four Robo-Cs: one for a government service
center, where the machine will scan passports and perform other functions,
one that will look like Einstein and be part of a robot exhibition, and two
for a family in the Middle East that wants to have android versions of its
father and his wife to greet guests.

``The key moment in development [of Robo-C] is the digitization of
personality and the creation of an individual appearance, As a result,
digital immortality, which we can offer our customers.''  (Kivokurtsev)

*The robotic revolution in Japan*...

https://www.cnbc.com/2019/10/31/human-like-androids-have-entered-the-workplace-and-may-take-your-job.html

------------------------------

Date: Wed, 23 Oct 2019 00:07:22 -0400
From: Gabe Goldberg <gabe () gabegold com>
Subject: HireVue's AI face-scanning algorithm increasingly decides whether
  you deserve the job (Wash Post)

The AI, he said, doesn't explain its decisions or give candidates their
assessment scores, which he called `not relevant.'' But
it is `not logical,'' he said, to assume some people
might be unfairly eliminated by the automated judge.

https://www.washingtonpost.com/technology/2019/10/22/ai-hiring-face-scanning-algorithm-increasingly-decides-whether-you-deserve-job/

------------------------------

Date: Sat, 26 Oct 2019 10:26:09 -1000
From: geoff goodfellow <geoff () iconia com>
Subject: Screen time is actually good for kids!  (Oxford)

*Contrary to what you've heard, a study from the Oxford Internet Institute
says screen time is actually good for kids*
EXCERPT:

Here's what the American Academy of Pediatrics says about screen time for
kids:

   - children between 2 and 5 should be limited to ``one hour a day of
   high-quality programming''
   - infants between 18 and 24 months can have screen time so long as it's
   high quality and with a caregiver
   - babies shouldn't be exposed to screens other than video chat

Andrew Przybylski of the Oxford Internet Institute thinks that's way off
base. In a controversial new study published in the Journal of the American
Academy of Child and Adolescent Psychiatry, he and colleagues don't just
swipe at the predominant thinking that kids should be exposed to as little
screen time as possible -- they argue that moderate screen time is
actually *good* for kids.
<https://www.jaacap.org/article/S0890-8567(19)31437-6/fulltext>

The study set out to test two ideas. ``The first was to test if there were
`optimal' levels of screen time in young people,'' Przybylski said via
email. ``The second was to look for a critical value, or tipping point, at
which screen engagement was significantly related to well-being outcomes.''

Przybylski, along with his colleagues, found ``modest positive relations''
when kids used devices and/or watched television for up to two hours a day.
Contrary to medical recommendations, the team reported that kids would need
to be using screens ``for more than five hours a day'' before parents would
notice any differences.

The study's findings are based on data from more than 35,000 American
children and caregivers and reported by the National Survey of Children's
Health via the US Census Bureau between June 2016 and February 2017.
Przybylski says his analysis suggests that children who are using a digital
device -- a television, video game console
<https://www.technologyreview.com/f/613959/video-games-dont-depress-teens-as-much-as-other-screen-time/>,
tablet, laptop, smartphone, or any other gadget with a screen -- have better
social and emotional skills than kids who don't use this technology.

The research overturns dominant thinking about screen time, which has
overwhelmingly pointed to worrisome increases in rates of depression
<https://www.technologyreview.com/f/614297/teens-are-anxious-and-depressed-after-three-hours-a-day-on-social-media/>
, anxiety
<https://www.technologyreview.com/f/614038/josh-hawley-social-media-addictive-design-legislation-smart-act-bill/>,
and suicidal tendencies...

https://www.technologyreview.com/s/614619/screen-time-is-good-for-youmaybe/

------------------------------

Date: Thu, 24 Oct 2019 07:37:39 +0800
From: Dan Jacobson <jidanni () jidanni org>
Subject: Risks of posting the wrong emoji

I saw this in a web discussion:

  "I am so sorry that I pressed the emoji by accident, I was hoping to give
  one like [cheery smiles] instead of [thumbs down]! but I don't know how to
  change it."

------------------------------

Date: Wed, 23 Oct 2019 23:07:27 -0400
From: Gabe Goldberg <gabe () gabegold com>
Subject: We Have No Reason to Believe 5G Is Safe
  (Scientific American Blog Network)

The technology is coming, but contrary to what some people say, there could
be health risks

https://blogs.scientificamerican.com/observations/we-have-no-reason-to-believe-5g-is-safe/

------------------------------

Date: Fri, 1 Nov 2019 13:25:01 -0400
From: Gabe Goldberg <gabe () gabegold com>
Subject: She Accidentally Uncovered a Nationwide Scam on Airbnb (VICE)

Author writes:

Feeling I had all the evidence I needed to prove my point to Airbnb, I
emailed the company's press team a long note, asking them, among other
things, how they make sure that people are accurately representing
themselves on their profiles and how case managers are directed to deal with
allegations of fraud.

A little more than 24 hours later, a company flak responded in an emailed
statement.

``Engaging in deceptive behavior such as substituting one listing for
another is a violation of our Community Standards.  We are suspending the
listings while we investigate further.''

That was it. No one at the company ever agreed to speak on the record about
the specifics of what I uncovered. Nor would anyone answer any of my
questions about Airbnb's verification process. As far as what obligation it
has to people who have fallen victim to a scam on Airbnb's platform, the
company only said in an email that it is "here 24/7 to support with
rebooking assistance, full refunds and reimbursements" in cases of fraud or
misrepresentation by hosts. Maybe Airbnb couldn't get more detailed about
its verification process because it doesn't have much of one at all.

https://www.vice.com/en_us/article/43k7z3/nationwide-fake-host-scam-on-airbnb

------------------------------

Date: Fri, 25 Oct 2019 10:57:25 +0800
From: Richard Stein <rmstein () ieee org>
Subject: Expanded testbed in Singapore for autonomous vehicles a big
  boost for research and developers (The Straits Times)

https://www.straitstimes.com/singapore/transport/expanded-test-bed-a-big-boost-for-research-developers
(behind paywall)

The area in Singapore authorized for silicon-based self-driving trial
deployment is under-populated. A carbon-based safety-driver is required
equipment.

Before wide-spread deployment is authorized in Singapore (or anywhere), it
is strongly recommended that the self-driving manufacturer's board of
directors, CxOs, employees, and their families be exclusive passengers for a
1 year trial under normal traffic conditions.

Technology dog-fooding never harms anyone, right?

If trial participation does not materialize and persist, self-driving
vehicle product viability and industry will sink.

If nothing untoward arises per established metrics during the trial, then
public confidence will justifiably build for the current self-driving
product release version.

------------------------------

Date: Fri, 1 Nov 2019 15:49:29 -0400
From: Gabe Goldberg <gabe () gabegold com>
Subject: Coalfire CEO statement

Westminster, COl, 29 Oct 2019 -- The ongoing situation in Iowa is completely
ridiculous, and I hope that the citizens of Iowa continue to push for
justice and common sense. Today, we found out that charges against Justin
Wynn and Gary DeMercurio, the two Coalfire employees at the center of the
Dallas County Courthouse incident on September 11, 2019, have been reduced
from felony accusations of Burglary in the third-degree and possession of
burglary tools to criminal trespass.

I do not consider this a `win; for our employees, and Coalfire will continue
to support and aggressively pursue all avenues to ensure that all charges
are dropped and their criminal records are purged of any wrongdoing. After
the Iowa Supreme Court Chief Justice apologized and admitted mistakes were
made, I was expecting all charges to be dropped.

As seen in the statement of work that was made public online, our employees
were simply doing the job that Coalfire was hired to do for the Iowa State
Judicial Branch, a job similar in nature to one we did three years ago for
the Iowa State Judicial Branch and have done hundreds of times around the
world for similar clients.

Active penetration testing, including physical penetration testing, is a
best practice and a common engagement. We identify issues and risks before
criminals find them. Oftentimes the risks are systems issues, sometimes the
risks are as simple as finding a broken door that would allow a person with
malicious intent to enter a secure area unnoticed.  Our mission is to help
our clients secure their environments and protect the people that work for
them, their customers, and the confidential information they maintain. In
this case, we were helping to protect the residents of Iowa.

https://www.coalfire.com/News-and-Events/Press-Releases/Coalfire-CEO-Tom-McAndrew-statement

  [So much backstory we'll likely never learn.  Long and fascinating.]

------------------------------

Date: Fri, 1 Nov 2019 17:13:27 -0400
From: Gabe Goldberg <gabe () gabegold com>
Subject: Cirrus' $2 Million Vision Jet Now Lands Itself, No Pilot Needed
  (WiReD)

The Safe Return Emergency Autoland System lets passengers hit a big red
button to bring the plane to safety if the pilot's incapacitated.

https://www.wired.com/story/cirrus-garmin-vision-jet-autoland-safe-return/

------------------------------

Date: Sun, 3 Nov 2019 09:20:35 -0500
From: Monty Solomon <monty () roscom com>
Subject: These Machines Can Put You in Jail. Don't Trust Them. (NYTimes)

https://www.nytimes.com/2019/11/03/business/drunk-driving-breathalyzer.html

Alcohol breath tests, a linchpin of the criminal justice system, are often
unreliable, a Times investigation found.

5 Reasons to Question Breath Tests

https://www.nytimes.com/2019/11/03/business/breathalyzer-investigation-takeaways.html

Technology at the heart of drunken-driving cases across the country has been
successfully challenged, with tens of thousands of tests thrown out.

------------------------------

Date: Fri, 8 Nov 2019 11:18:25 -0500
From: Gabe Goldberg <gabe () gabegold com>
Subject: Trolling Is Now Mainstream Political Discourse (WiReD)

We have entered an era where silence is not golden, and our participation is
beholden to technology platforms. It's a rigged game we cannot win. Which
means that American voters have but one way out: taking action in 2020.

https://www.wired.com/story/opinion-trolling-is-now-mainstream-political-discourse/

------------------------------

Date: Sun, 20 Oct 2019 16:30:04 -0400
From: Monty Solomon <monty () roscom com>
Subject: Video giant Twitch pushes Trump rallies and mass violence into the
  live-stream age (WashPost)

Video giant Twitch pushes Trump rallies and mass violence into the
live-stream age

Tens of millions of viewers have watched video streamed on Twitch this
year. But the site's exploding fan base has attracted those seeking to sow
discord and spotlight mass violence.

https://www.washingtonpost.com/technology/2019/10/17/video-giant-twitch-pushes-trump-rallies-mass-violence-into-live-stream-age/

------------------------------

Date: Fri, 8 Nov 2019 11:34:54 -0500
From: Gabe Goldberg <gabe () gabegold com>
Subject: Text messages delayed from February were mysteriously sent
  overnight IThe Verge)

It's happening to people across all major US carriers

Something strange is happening with text messages in the US right now.
Overnight, a multitude of people received text messages that appear to have
originally been sent on or around Valentine's Day 2019. These people never
received the text messages in the first place; the people who sent the
messages had no idea that they had never been received, and they did nothing
to attempt to resend them overnight.

https://www.theverge.com/platform/amp/2019/11/7/20953422/text-messages-delayed-received-overnight-valentines-day-delay

------------------------------

Date: Fri, 8 Nov 2019 11:36:20 -0500
From: Gabe Goldberg <gabe () gabegold com>
Subject: Netflix to stop supporting older devices from Samsung, Roku, and
  Vizio in December (The Verge)

https://www.theverge.com/2019/11/8/20955155/netflix-samsung-vizio-smart-tv-roku-set-top-box-support-ending-date

The risk? "Progress".

------------------------------

Date: Fri, 8 Nov 2019 22:17:48 -0500
From: Gabe Goldberg <gabe () gabegold com>
Subject: Members of violent white supremacist website exposed in massive
  data dump (Ars Technica)

https://arstechnica.com/information-technology/2019/11/massive-data-dump-exposes-members-of-website-for-violent-white-supremacists/

Comments are mixed between cheering and advocating privacy for all ...

------------------------------

Date: Tue, 22 Oct 2019 20:43:09 +0800
From: Dan Jacobson <jidanni () jidanni org>
Subject: Re: Mountain village begs tourists not to follow Google Maps and
  get stuck (CNN via Reisert, RISKS-31.46)


launched an appeal to visitors, telling them not to rely on Google Maps


In my mountain village if Google can't deal with house number "1-6" it sends
the user to house number 1.

If Google doesn't know where an address is on a road, it sends the user to
the mid-point of the road (kilometer 1.23 of a 2.46 km. long road.)

If 488 Main St. in Town A is closer than 488 Main St. in Town B, that is
where it will send you despite you entering the latter...

The only thing that still hasn't screwed up yet here in Taiwan with Google
is good old fashioned latitude,longitude pairs.

So I had to take all the addresses off my website, just because people kept
inserting them into Google, and ending up over the hills and far away.

And because nobody at Google is ever home, I don't have to worry about them
disputing my above claims.

------------------------------

Date: Mon, 14 Jan 2019 11:11:11 -0800
From: RISKS-request () csl sri com
Subject: Abridged info on RISKS (comp.risks)

 The ACM RISKS Forum is a MODERATED digest.  Its Usenet manifestation is
 comp.risks, the feed for which is donated by panix.com as of June 2011.
=> SUBSCRIPTIONS: The mailman Web interface can be used directly to
 subscribe and unsubscribe:
   http://mls.csl.sri.com/mailman/listinfo/risks

=> SUBMISSIONS: to risks () CSL sri com with meaningful SUBJECT: line that
   includes the string `notsp'.  Otherwise your message may not be read.
 *** This attention-string has never changed, but might if spammers use it.
=> SPAM challenge-responses will not be honored.  Instead, use an alternative
 address from which you never send mail where the address becomes public!
=> The complete INFO file (submissions, default disclaimers, archive sites,
 copyright policy, etc.) is online.
   <http://www.CSL.sri.com/risksinfo.html>
 *** Contributors are assumed to have read the full info file for guidelines!

=> OFFICIAL ARCHIVES:  http://www.risks.org takes you to Lindsay Marshall's
    searchable html archive at newcastle:
  http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
  Also,  ftp://ftp.sri.com/risks for the current volume
     or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
  If none of those work for you, the most recent issue is always at
     http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-31.00
  Lindsay has also added to the Newcastle catless site a palmtop version
  of the most recent RISKS issue and a WAP version that works for many but
  not all telephones: http://catless.ncl.ac.uk/w/r
  ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
 *** NOTE: If a cited URL fails, we do not try to update them.  Try
  browsing on the keywords in the subject line or cited article leads.
  Apologies for what Office365 and SafeLinks may have done to URLs.
==> Special Offer to Join ACM for readers of the ACM RISKS Forum:
    <http://www.acm.org/joinacm1>

------------------------------

End of RISKS-FORUM Digest 31.47
************************
Previous By Date Next
Previous By Thread Next

Current thread: