RISKS Forum mailing list archives
Risks Digest 32.53
From: RISKS List Owner <risko () csl sri com>
Date: Fri, 12 Mar 2021 17:00:53 PST
RISKS-LIST: Risks-Forum Digest Friday 12 February 2021 Volume 32 : Issue 53 ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, founder and still moderator ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <http://www.risks.org> as <http://catless.ncl.ac.uk/Risks/32.53> The current issue can also be found at <http://www.csl.sri.com/users/risko/risks.txt> Contents: Confusing computer-interface complexity causes train crash (Mark Brader) Expectations of GPS accuracy contribute to train derailment (Mark Brader) Boeing calls for global grounding of 777s with Pratt&Whitney engines (NYTimes) NOAA begins transition exclusively to electronic navigation charts (Gabe Goldberg) Weather Service set to discontinue `advisories' for hazardous weather in 2024 (WashPost) Never seen anything like this': Chaos strikes global shipping (NYTimes) New Browser Attack Allows Tracking Users Online With JavaScript Disabled (The Hacker News) Calling All Ham Radio Operators ( Kentucky mom alleges hospital workers missed her cancer, then Microsoft's dream of decentralized IDs enters the real world (WiReD) What the worldwide shortage of semiconductor chips is *really* Why a YouTube chat about chess got flagged for hate speech (WiReD) Farms are going to need different kinds of robots (bbc.com) The robots are coming for Phil in accounting (NYTimes) Spy agencies have big hopes for AI (The Economist via Ross Anderson) A new type of supply-chain attack with serious consequences is flourishing (Ars Technica) Google will remove *facts* if they think they're harmful (geoff goodfellow) Thousands of Android and iOS Apps Leak Data From the Cloud (WiReD) Hackers are finding ways to hide inside Apple's walled garden (Techology Review) ICE investigators used a private utility database covering millions to pursue immigration violations (WashPost) L.A. sheriff's office gets warrant for 'black box' in Tiger Woods' crashed SUV. (NBC News) Amazon has become a prime revolving-door destination in Washington (Mother Jones) Too much choice is hurting America (Paul Krugman via Richard Stein) CDC Links Restaurant Dining with Spread of Covid-19 in U.S. (Jonathan Spira) Those fever scanners that everyone is using to fight covid can be wildly inaccurate, researchers find (WashPost) The problems with anti-vaccers' precautionary principle arguments (The Logic of Science) You got a vaccine. Walgreens got your data. (Vox) Research highlights impact of Digital Divide (University of Houston) ES&S hashcode testing is wrong in 3 ways (Andrew Appel) At least 30,000 U.S. organizations newly hacked via holes in Microsoft's email software (geoff goodfellow) Texas PUC to electricity users who received outragrous bills from grid mismanagment during winter storm: SCREW YOU! (NPR via Lauren Weinstein) Rookie coding mistake prior to Gab hack came from site's CTO (Ars Technica) What lies beneath... on disaster respone (NYU Tandon) Re: Post Office scandal (Peter Bernard Ladkin) Re: Fed outage shuts down U.S. payment system (John Levine) Re: his lights stayed on during Texas's storm. Now he owes $16,752 (John Levine) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Thu, 4 Mar 2021 19:19:11 -0500 (EST) From: Mark Brader <msb () Vex Net> Subject: Confusing computer-interface complexity causes train crash In November 2019, the driver of an "Intercity Express" class 800 train was heading into the maintenance depot at Neville Hill, near Leeds, England. Another empty train was in front of him on the same track into the depot, so he waited for it to start moving, then put on power at the lowest setting. About 30 seconds later the two trains collided. (There were no injuries, but his train was derailed and both trains needed repairs.) Although an experienced driver, the man was relatively unfamiliar with the class 800, and didn't realize that even the lowest power setting would accelerate this train so fast. So he'd assumed it was safe to look down at the computerized controls for a little while. The reason he needed to do this was that, partly for political reasons, the class 800 is equipped both with on-board diesel engines and with a pantograph for overhead electric power. So the pantograph should be raised, and the diesels turned off, if and only if there *is* an overhead wire. Rather than leave the control of this to fallible humans, it is implemented by computer ("Automatic Power Changeover" or APCO). Trackside beacons mark the key positions where things have to be done, and the specific train service must be identified to the computer by the driver typing its 4-character code into the control console touchscreen. The train's previous code of 5D29 had expired when it got to Leeds, and the driver should have changed it to 1D29 to go into the depot, but the system would not accept it. This was because, after typing the 4 characters, he was supposed to touch a "Check Stops" button, which would cause the computer to display a list of the stops for this train service, and then a "Home" button to return the console to the home screen. Well, the driver knew there weren't any stops before getting to the depot, so he skipped Check Stops and just touched "Home". But what his training on the controls had *not* mentioned was that this canceled the change of code. Seeing that this hadn't worked, and not wanting the diesels to come on unnecessarily, he used the controls to disable the APCO, and then when he passed the last beacon before the depot, re-enabled it -- as he had been trained to, so that the next driver wouldn't be confused. And it was the re-enabling step what distracted him from avoiding the crash. More detail in "Modern Railways" magazine, January 2021, pages 30-32. Full report, raising a number of points I haven't mentioned here, at: https://assets.publishing.service.gov.uk/media/5fb3c146d3bf7f63e1b6f55a/R132020_201118_Neville_Hill.pdf ------------------------------ Date: Thu, 4 Mar 2021 20:26:16 -0500 (EST) From: Mark Brader <msb () Vex Net> Subject: Expectations of GPS accuracy contribute to train derailment In January 2020 a freight train derailed on an overpass over a road in north London, England. There were no injuries, but the train was damaged as well as a considerable length of track. The track on the bridge was supported on wooden beams running lengthwise under the rails (like on the old Great Western Railway) and connected by steel cross-members. This design is lighter than conventional track and therefore allowed the bridge to be more lightly built, but the long-term plan is to eliminate it from use. In this case the configuration did not allow the wood to be easily inspected, and it had deteriorated, but this was not known. What could readily be done, and was done regularly, was to check the position of the rails by running a track-recording train over the line, and repair any problems seen. On several occasions in the preceding months, this train had reported a problem in the area of this bridge: the rails were wide to gauge, i.e. too far apart. Crews were sent out to the location it reported, repaired some faults they saw in the track, and then checked that the rails were within the allowed tolerance of the correct gauge. But the train had reported its position using GPS, and while this was claimed to be accurate to 1 meter, it wasn't. Crews were expected to use handheld GPS devices to locate the same position within 3 meters, but the work they did was a few meters west of the bridge, not where they might have seen the actual problem. This wasn't the only cause of the accident, but it is the one I'm mentioning here. Full report at: https://assets.publishing.service.gov.uk/media/5faea3a68fa8f55de55af7c9/R122020_201116_Wanstead_Park.pdf ------------------------------ Date: Sat, 6 Mar 2021 23:32:14 +0800 From: Richard Stein <rmstein () ieee org> Subject: Boeing calls for global grounding of 777s with Pratt&Whitney engines (NYTimes) https://www.nytimes.com/2021/02/21/business/faa-boeing-777-engines.html "Boeing said on Sunday that all 128 of its 777 jetliners powered by a particular Pratt & Whitney engine model should be grounded worldwide until the Federal Aviation Administration determines the best way to inspect the engines." Several hundred passengers experienced "the flight of their lives" in two incidents, apparently due to engine blade fracture from metal fatigue. Curiously, discloses the FAA met a few days before the UAL 328 incident on 20FEB2021 to discuss airline engine inspection frequency. https://edition.cnn.com/2021/02/24/politics/faa-meeting-engine-inspections/index.html The investigatory dust will eventually settle. A revised Pratt & Whitney jet engine inspection protocol will become regulation standard operating procedure. The flying public relies on trained and qualified professionals to certify an aircraft as safe-to-fly. Their ethics, competence, and professional judgment are key to sustain aircraft maintenance life cycle, and the air transportation industry reliability. Public safety depends on inspection to determine essential aircraft maintenance actions. Aircraft maintenance is an example of the "expert service problem." It is a well-known subject in economics. See "When Trust in an Expert Is Unwise," via https://www.nytimes.com/2007/11/07/business/07leonhardt.html "...the same expert who is diagnosing the flaw is the one who will be paid to fix it. In most of these cases, consumers aren�t sophisticated enough to make an independent judgment. That�s why they went to the expert." Jet engine blade fracture from metal fatigue exemplifies the expert service problem. Jet mechanics and engineers apply procedures and tools to diagnose engine problems and recommend maintenance. They are paid to repair engines to achieve safety compliance. Consumers rely on jet engine maintenance experts to sustain safe-to-fly readiness. Faulty, or compromised, expertise can intensify consumer air transportation risks. These incidents are notable, and sometimes spectacular. Aircraft maintenance records are apparently analogous to personal medical records: they constitute confidential information requiring protections against disclosure. Devastating economic consequences would materialize if aircraft maintenance records were stolen, manipulated or falsified, and leaked. Hypotheticals: How many passengers involved in these two incidents would have chosen to book a different flight if they knew the engine blades on their flights were identified as vulnerable to fracture from metal fatigue? How many passengers would be deterred from booking the flight given the chance to examine the engine inspection records at the point-of-sale? Risk: Aircraft maintenance record disclosure. ------------------------------ Date: Thu, 4 Mar 2021 15:23:34 -0500 From: Gabe Goldberg <gabe () gabegold com> Subject: NOAA begins transition exclusively to electronic navigation charts (NOAA) As Lauren Weinstein says: [What could go wrong?] NOAA begins transition exclusively to electronic navigation charts
Well, let's see. How about, if your device battery goes dead or the device dies in other ways. Or gets wet maybe and shorts out? You don't have a chart any more. Yeah. Great thinking, NOAA! -L
And keep in mind, to be useful, printed charts need to be larger than letter-size paper. So now NOAA expects people to print their own pages and tape them together? Wow. https://www.noaa.gov/media-release/noaa-begins-transition-exclusively-to-electronic-navigation-charts ------------------------------ Date: Thu, 4 Mar 2021 22:41:32 -0500 From: Monty Solomon <monty () roscom com> Subject: Weather Service set to discontinue `advisories' for hazardous weather in 2024 (WashPost) It's part of a larger hazard simplification effort; watches and warnings will remain. https://www.washingtonpost.com/weather/2021/03/04/national-weather-service-advisories/ ------------------------------ Date: Sat, 6 Mar 2021 23:15:53 -0500 From: Gabe Goldberg <gabe () gabegold com> Subject: Never seen anything like this': Chaos strikes global shipping (NYTimes) The pandemic has disrupted international trade, driving up the cost of shipping goods and adding a fresh challenge to the global economic recovery. https://www.nytimes.com/2021/03/06/business/global-shipping.html The risk? Everything is connected... ------------------------------ Date: Fri, 12 Mar 2021 11:19:07 -1000 From: geoff goodfellow <geoff () iconia com> Subject: New Browser Attack Allows Tracking Users Online With JavaScript Disabled (The Hacker News) Researchers have discovered a new side-channel that they say can be reliably exploited to leak information from web browsers that could then be leveraged to track users even when JavaScript is completely disabled. "This is a side-channel attack which doesn't require any JavaScript to run," the researchers said. "This means script blockers cannot stop it. The attacks work even if you strip out all of the fun parts of the web browsing experience. This makes it very difficult to prevent without modifying deep parts of the operating system." In avoiding JavaScript, the side-channel attacks are also architecturally agnostic, resulting in microarchitectural website fingerprinting attacks that work across hardware platforms, including Intel Core, AMD Ryzen, Samsung Exynos 2100, and Apple M1 CPUs =E2=80=94 making it the first known side-channel attack on the iPhone maker's new ARM-based chipsets. The *findings* <https://arxiv.org/abs/2103.04952>, which come from a group of academics from the Ben-Gurion Univ. of the Negev, the University of Michigan, and the University of Adelaide, will be presented at the USENIX Security Symposium in August 2020. Side-channel attacks typically rely on indirect data such as timing, sound, power consumption, electromagnetic emissions, vibrations, and cache behavior in an effort to infer secret data on a system. Specifically, microarchitectural side-channels exploit the shared use of a processor's components across code executing in different protection domains to leak secret information like cryptographic keys. Additionally, studies have also previously demonstrated fully automated attacks such as Rowhammer <https://arxiv.org/pdf/1507.06955v1.pdf> that rely on nothing but a website with malicious JavaScript to trigger faults on remote hardware, thereby gaining unrestricted access to systems of website visitors. [...] https://thehackernews.com/2021/03/new-browser-attack-allows-tracking.html ------------------------------ Date: Mon, 8 Feb 2021 11:30:40 -0500 From: Rebecca Mercuri <notable () mindspring com> Subject: Calling All Ham Radio Operators I'd have thought if they were smarter they'd have used a more obscure code, but this was readily available and reasonably ubiquitous. https://www.bleepingcomputer.com/news/security/new-phishing-attack-uses-morse-code-to-hide-malicious-urls/ Writer Lawrence Abrams describes the attack as follows: An email includes an HTML attachment named in such a way as to appear to be an Excel invoice for the company. These attachments are named in the format '[company_name]_invoice_[number]._xlsx.hTML.' The attachment includes JavaScript that maps letters and numbers to Morse code. For example, the letter '*a*' is mapped to '*.-*' and the letter '*b*' is mapped to '*-...*', etc. The script then calls a decodeMorse() function to decode a Morse code string �into a hexadecimal string. This hexadecimal string is further decoded into JavaScript tags that are injected into the HTML page.These injected scripts combined with the HTML attachment contain the various resources necessary to render a fake Excel spreadsheet that states their sign-in timed out and prompts them �to enter their password again. Once a user enters their password, the form will submit the password to a remote site where the attackers can collect the login credentials. This campaign is highly targeted, with the threat actor using the logo.clearbit.comservice to insert logos for the recipient's companies into the login form to make it more convincing. If a logo is not available, it uses the generic Office 365 logo. ------------------------------ Date: Wed, 3 Mar 2021 20:09:16 -0500 From: Monty Solomon <monty () roscom com> Subject: Kentucky mom alleges hospital workers missed her cancer, then covered up their mistake (NBC News) https://www.nbcnews.com/news/us-news/kentucky-mom-alleges-hospital-workers-missed-her-cancer-then-covered-n1258533 ------------------------------ Date: Wed, 3 Mar 2021 20:23:10 -0500 From: Gabe Goldberg <gabe () gabegold com> Subject: Microsoft's dream of decentralized IDs enters the real world (WiReD) The company will launch a public preview of its identification platform this spring -- and has already tested it at the UK's National Health Service. For years, tech companies have touted blockchain technology as a means to develop identity systems that are secure and decentralized. The goal is to build a platform that could store information about official data without holding the actual documents or details themselves. Instead of just storing a scan of your birth certificate, for example, a decentralized ID platform might store a validated token that confirms the information in it. Then when you get carded at a bar or need proof of citizenship, you could share those pre-verified credentials instead of the actual document or data. Microsoft has been one of the leaders of this pack -- and is now detailing tangible progress toward its vision of a decentralized digital ID. https://www.wired.com/story/microsoft-decentralized-id-blockchain/ ------------------------------ Date: Sat, 6 Mar 2021 11:18:36 +0800 From: Richard Stein <rmstein () ieee org> Subject: What the worldwide shortage of semiconductor chips is *really* teaching us (guardknox.com) https://blog.guardknox.com/what-the-worldwide-shortage-of-semiconductor-chips-is-really-teaching-us "After the start of development, every change request requires a lengthy process to approve, as suppliers are attempting to increase the impact of the change (due to financial and risk considerations) and the OEMs are trying to downplay the change (to reduce costs). This leads to a very inflexible process. This is made worse by the fact that introducing additional suppliers or specialized suppliers to solve a particular issue, is almost impossible. This is true for software level changes, and even more so for hardware level changes." "The Resilient Enterprise: Overcoming Vulnerability for Competitive Advantage," by Yossi Sheffi teaches that whipsawing multiple suppliers on price and quantity procurement affords a reflexive means to sustain manufacturing capacity. (https://www.amazon.com/Resilient-Enterprise-Overcoming-Vulnerability-Competitive/dp/0262693496) But if there's a supply shortage? One cannot whipsaw during a supply deficit without procurement cost escalation (aka biding war). The semiconductor manufacturing shortage reveals a global capacity gap arising from pandemic-driven demand signals, similar to commodity shortages (oil or rare earth metals) when demand out-paces supply. Semiconductor manufacturing is principally performed in Asia; the US and Europe dominate semiconductor design, but find greater profit margins from license royalties. What drove the semiconductor manufacturing exodus from US and European shores? Follow the money: "The Private Equity Party Might Be Ending. It's About Time," @ https://www.nytimes.com/2021/02/28/opinion/business-economics/private-equity-reckoning.html. Risk: Market-driven industrial policy ------------------------------ Date: Wed, 3 Mar 2021 20:38:09 -0500 From: Gabe Goldberg <gabe () gabegold com> Subject: Why a YouTube chat about chess got flagged for hate speech (WiReD) AI programs that analyze language have difficulty gauging context. Words such as *black*, *white*, *attack* can have different meanings. Last June, Antonio Radic [with superscript c overstrikc '], the host of a YouTube chess channel with more than a million subscribers, was live-streaming an interview with the grandmaster Hikaru Nakamura when the broadcast suddenly cut out. Instead of a lively discussion about chess openings, famous games, and iconic players, viewers were told Radic's video had been removed for *harmful and dangerous* content*. Radic saw a message stating that the video, which included nothing more scandalous than a discussion of the King's Indian Defense, had violated YouTube's community guidelines. It remained offline for 24 hours. Exactly what happened still isn't clear. YouTube declined to comment beyond saying that removing Radic's video was a mistake. But new study suggests it reflects shortcomings in artificial intelligence programs designed to automatically detect hate speech, abuse, and misinformation online. https://www.wired.com/story/why-youtube-chat-chess-flagged-hate-speech/ ------------------------------ Date: Sun, 7 Mar 2021 10:43:41 +0800 From: Richard Stein <rmstein () ieee org> Subject: Farms are going to need different kinds of robots (bbc.com) https://www.bbc.com/news/business-56195288 "From autonomous harvesting robots and drones that can spray crops, to artificial intelligence, and the use of 'big data', farmers around the world are turning to high-tech solutions to address issues ranging from food insecurity, to climate change, and pandemic-induced staff cuts. "Collectively, this increased use of technology in agriculture is known as 'precision farming', and it is a booming industry. One report suggests that its global value will reach $12.9bn (�9.1bn) by 2027, with average annual growth of 13% between now and then." US Department of Agriculture estimates 2019 agricultural and food sector economy @ US$ 1.1T. The farm contribution to this US$ 1.1T figure is ~US$ 125B with the food service industry (restaurants, primarily) contributing ~US$ 400B. https://www.ers.usda.gov/data-products/ag-and-food-statistics-charting-the-essentials/ag-and-food-sectors-and-the-economy/) I cannot locate farm expense breakdown (labor, seed, fertilizer, pesticide, irrigation, equipment, insurance, power) to estimate rate of robotic substitution for human harvest given the projected 13% 'precision farming' growth rate. Robotic farm operations will emerge as corporate cost reduction strategies are pursued. Risk: 'Precision farming' practices reduce ecosystem genetic diversity, promote pesticide resistance ------------------------------ Date: Sat, 6 Mar 2021 14:58:48 -0500 From: Gabe Goldberg <gabe () gabegold com> Subject: The robots are coming for Phil in accounting (NYTimes) Workers with college degrees and specialized training once felt relatively safe from automation. They aren't. The robots are coming. Not to kill you with lasers, or beat you in chess, or even to ferry you around town in a driverless Uber. These robots are here to merge purchase orders into columns J and K of next quarter's revenue forecast, and transfer customer data from the invoicing software to the Oracle database. They are unassuming software programs with names like Auxiliobits DataTable To Json String, and they are becoming the star employees at many American companies. Some of these tools are simple apps, downloaded from online stores and installed by corporate I.T. departments, that do the dull-but-critical tasks that someone named Phil in Accounting used to do: reconciling bank statements, approving expense reports, reviewing tax forms. Others are expensive, custom-built software packages, armed with more sophisticated types of artificial intelligence, that are capable of doing the kinds of cognitive work that once required teams of highly-paid humans. https://www.nytimes.com/2021/03/06/business/the-robots-are-coming-for-phil-in-accounting.html Great. It's bad enough now having errors introduced by undebuggable spreadsheets, now there'll be black-box apps massaging numbers. It'll all be gospel, of course. What could go wrong. ------------------------------ Date: Thu, 4 Mar 2021 11:34:13 PST From: Peter Neumann <neumann () csl sri com> Subject: Spy agencies have big hopes for AI [Thanks to Ross Anderson] *The Economist* has just run a piece that's bang on topic: https://www.economist.com/science-and-technology/2021/03/02/spy-agencies-have-big-hopes-for-ai Spy agencies have big hopes for AI; This isn't their first attempt *The Economist*, 2 Mar 2021 When it comes to artificial intelligence (AI), spy agencies have been at it longer than most. In the cold war, America's National Securit Agency (NSA) and Britain's Government Communications Headquarters (GCHQ) explored early AI to help transcribe and translate the enormous volumes of Soviet phone-intercepts they began hoovering up in the 1960s. Yet the technology was immature. One former European intelligence officer says his service did not use automatic transcription or translation in Afghanistan in the 2000s, relying on native speakers instead. Now the spooks are hoping to do better. The trends that have made AI attractive for business -- more data, better algorithms, and more processing power to make it all hum -- are giving spy agencies big ideas, too. On February 24th GCHQ published a paper on how AI might change its work. ``Machine-assisted fact-checking'' could spot faked images, check disinformation against trusted sources and identify social-media bots. AI might block cyber-attacks by ``analysing patterns of activity on networks and devices'', and fight organised crime by spotting suspicious chains of financial transactions. This sort of thing is now commonplace. The Nuclear Threat Initiative, an NGO, recently showed that applying machine learning to publicly available trade data could spot previously unknown companies suspected of involvement in the illicit nuclear trade. But spy agencies are not restricted to publicly available data. Some hope that, aided by their ability to snoop on private information, such modest applications could pave the way to an AI-fueled juggernaut. ``AI will revolutionise the practice of intelligence, gushed a report published on March 1st by America's National Security Commission on Artificial Intelligence, a high-powered study group co-chaired by Eric Schmidt, a former executive chairman of Alphabet, Google's parent company; and Bob Work, a former deputy defence secretary. The report does not lack ambition. It says that by 2030 America's 17 or so spy agencies ought to have built a "federated architecture of continually learning analytic engines" that crunches everything from human intelligence to satellite imagery to foresee looming threats. The commission points approvingly to the Pentagon's response to covid-19, which integrated dozens of data sets to identify covid hotspots and manage demand for supplies. Yet what is possible in public health is not always so easy in national security. Western intelligence agencies must contend with laws governing how private data may be gathered and used. In its paper, GCHQ says that it will be mindful of systemic bias, such as whether voice-recognition software is more effective with some groups than others, and transparent about margins of error and uncertainty in its algorithms. American spies say, more vaguely, that they will respect `human dignity, rights, and These differences may need to be ironed out. One suggestion made by a recent task force of former American spooks in a report published by the Centre for Strategic and International Studies (CSIS) in Washington was that the Five Eyes intelligence alliance -- America, Australia, Britain, Canada and New Zealand -- create a shared cloud server on which to store data. In any case, the constraints facing AI in intelligence are as much practical as ethical. Machine learning is good at spotting patterns -- such as distinctive patterns of mobile-phone use -- but poor at predicting individual behaviour. That is especially true when data are scarce, as in counter-terrorism. Predictive-policing models can crunch data from thousands of burglaries each year. Terrorism is much rarer. That rarity creates another problem, familiar to medics pondering mass-screening programs for rare diseases. Any predictive model will generate false positives, in which innocent people are flagged for investigation. Careful design can drive the false-positive rate down. But because the "base rate" is lower still -- there are, mercifully, very few terrorists -- even a well-designed system risks sending large numbers of spies off on wild-goose chases. Even the data that do exist may not be suitable. Data from drone cameras, reconnaissance satellite and intercepted phone calls, for instance, are not currently formatted or labeled in ways that that are useful for machine learning. Fixing that is a ``tedious, time-consuming, and still primarily human task exacerbated by differing labeling standards across and even within agencies'', notes the CSIS report. That may not be quite what would-be spies signed up for. ------------------------------ Date: Sun, 7 Mar 2021 11:21:02 -0800 From: Tom Van Vleck <thvv () multicians org> Subject: A new type of supply-chain attack with serious consequences is flourishing (Ars Technica) https://arstechnica.com/gadgets/2021/03/more-top-tier-companies-targeted-by-new-type-of-potentially-serious-attack/ Ars Technica article by Dan Goodin: The goal of these attacks is to execute unauthorized code inside a target's internal software build system. The technique works by uploading malicious packages to public code repositories and giving them a name that's identical to a package stored in the target developer's internal repository. Two attack mechanisms are mentioned in the article: putting evil code in a module with the same name as a target developer's code but with an apparently newer version, or putting the evil code in a post-install script which is part of the fake package. The people tricked by these attacks trusted external repositories and package manager programs that turned out to be vulnerable. Ken Thompson's 1984 "Reflections on Trusting Trust" is a clear description of the risk. "The moral is obvious. You can't trust code that you did not totally create yourself." https://dl.acm.org/doi/pdf/10.1145/358198.358210 (In the 1090s I worked for Silicon Valley companies that had a strongly enforced policy against using any kind of code obtained from the Internet, public domain or not. This rule was justified as a way to avoid intellectual property disputes.) ------------------------------ Date: Fri, 5 Mar 2021 15:48:08 -1000 From: geoff goodfellow <geoff () iconia com> Subject: Google will remove *facts* if they think they're harmful https://twitter.com/sullydish/status/1367951537260072961 ------------------------------ Date: Sat, 6 Mar 2021 22:12:00 -0500 From: Gabe Goldberg <gabe () gabegold com> Subject: Thousands of Android and iOS Apps Leak Data From the Cloud (WiReD) It's the digital equivalent of leaving your windows or doors open when you leave the house -- and in some cases, leaving them open all the time. For years, simple setup errors have been a major source <https://www.wired.com/story/amazon-s3-data-exposure/> of exposure <https://www.wired.com/story/magecart-amazon-cloud-hacks/> when companies keep data in the cloud. Instead of carefully restricting who can access the information stored in their cloud infrastructure, organizations too often misconfigure their defenses. It's the digital equivalent of leaving the windows or doors open at your house before going on a long vacation. That leaky data problem applies to more than just the web services that typically grab headlines. Mobile security firm Zimperium has found that these exposures pose a major problem for iOS and Android apps as well. Zimperium ran automated analysis on more than 1.3 million Android and iOS apps to detect common cloud misconfigurations that exposed data. The researchers found almost 84,000 Android apps and nearly 47,000 iOS apps using public cloud services -- like Amazon Web Services, Google Cloud, or Microsoft Azure in their backend as opposed to running their own servers. Of those, the researchers found misconfigurations in 14 percent of those totals -- 11,877 Android apps and 6,608 iOS apps -- exposing users' personal information, passwords, and even medical information. https://www.wired.com/story/ios-android-leaky-apps-cloud/ [Also noted by Monty Solomon. PGN] ------------------------------ Date: Thu, 4 Mar 2021 21:49:15 -0500 From: Monty Solomon <monty () roscom com> Subject: Hackers are finding ways to hide inside Apple's walled garden (Techology Review) https://www.technologyreview.com/2021/03/01/1020089/apple-walled-garden-hackers-protected/ ------------------------------ Date: Thu, 4 Mar 2021 22:11:11 -0500 From: Monty Solomon <monty () roscom com> Subject: ICE investigators used a private utility database covering millions to pursue immigration violations (WashPost) ICE's use of the vast database offers another example of how government agencies have targeted commercial sources to access information they are not authorized to compile on their own. One researcher called it a `massive betrayal of people's trust': ``When you sign up for electricity, you don't expect them to send immigration agents to your front door.'' https://www.washingtonpost.com/technology/2021/02/26/ice-private-utility-data/ ------------------------------ Date: Wed, 3 Mar 2021 20:12:29 -0500 From: Monty Solomon <monty () roscom com> Subject: L.A. sheriff's office gets warrant for 'black box' in Tiger Woods' crashed SUV. (NBC News) https://www.nbcnews.com/news/us-news/l-sheriff-s-office-gets-warrant-black-box-tiger-woods-n1259450 ------------------------------ Date: Wed, 3 Mar 2021 20:44:25 -0500 From: Gabe Goldberg <gabe () gabegold com> Subject: Amazon has become a prime revolving-door destination in Washington (Mother Jones) Its interests probably transverse the U.S. government more than any other company. Everything about Amazon is big. It's the second-biggest retailer in the world. Its founder, Jeff Bezos, possesses the biggest fortune in the world. And the company has developed a big revolving door in Washington through which government officials and employees whisk and land in well-paying jobs at Amazon, which has a big list of interests it seeks to protect and advance in the nation's capital. A Mother Jones investigation has identified at least 247 US government officials and employees -- with about 150 hailing from the intelligence, cybersecurity, law enforcement, and military fields -- who were hired by Amazon in the past 10 years or so. About 200 of them have been retained by the fast-growing company since the start of 2017. This list is not comprehensive and represents what is likely only a portion of federal employees who left government service for Amazon. It was compiled by searching LinkedIn and locating people who, according to their profiles, had worked in the federal government directly before moving to Amazon; it relies on information provided by the platform's users. There are no public records that track all the US officials and employees hired by Amazon or other firms. https://www.motherjones.com/politics/2021/03/amazon-has-become-a-prime-revolving-door-destination-in-washington/ "transverse"? ------------------------------ Date: Thu, 4 Mar 2021 11:28:03 +0800 From: Richard Stein <rmstein () ieee org> Subject: Too much choice is hurting America (NY Times) https://www.nytimes.com/2021/03/01/opinion/deregulation-health-care-electricity.html "But the argument that more choice is always good rests on the assumption that people have more or less unlimited capacity to do due diligence on every aspect of their lives -- and the real world isn't like that. People have children to raise, jobs to do, lives to live and limited ability to process information." Due diligence fulfillment is exhausting, and requires specific subject matter expertise to competently pursue. A consumer cannot conceivably comprehend all supply chain intricacies that either promote or suppress product risks. Restricted product information disclosure conceal industrial trade secrets or other intellectual property, information essential to aid consumer safety or health determination. The law and regulation, when enforced, usually deters irresponsible and harmful products from entering the marketplace. Public trust abuse accrues from product failures. These unfortunate, often spectacular, events elevate awareness of product risks. Public trust erodes when these incidents are traced to industry-influenced political decisions and legislation directing regulators to cede approval authority. Self-certification authority is a political choice that empowers businesses to deprioritize public health and safety interests. Krugman concludes, "So the next time some politician tries to sell a new policy -- typically deregulation -- by claiming that it will increase choice, be skeptical. Having more options isn't automatically good, and in America we probably have more choices than we should." Self-certification accelerates product approvals and marketplace introduction, but diminishes consumer protections to a legal thread dangling by "terms of service," a frail substitute for independent oversight and skilled judgment of product safety -- the last line of consumer defense. The self-certification juggernaut might sail on, but disaster trails its wake. Risk: Deregulation. ------------------------------ Date: March 7, 2021 4:34:42 JST From: jonathan.spira () accuramediagroup com Subject: CDC Links Restaurant Dining with Spread of Covid-19 in U.S. [Definitively] This is more definitive than what has been "speculated" in the past. CDC Links Restaurant Dining with Spread of Covid-19 in U.S. ``...In cases where counties in the United States allowed on-premises dining, case and death rates sped up. ... In counties where states required masks, case and death rates slowed....'' ------------------------------ Date: Fri, 5 Mar 2021 12:39:52 +0800 From: Richard Stein <rmstein () ieee org> Subject: Those fever scanners that everyone is using to fight covid can be wildly inaccurate, researchers find (WashPost) https://www.washingtonpost.com/technology/2021/03/05/fever-scanner-flaws-covid/ "A flood of thermal scanners hit the market last year with promises to detect the signs of possible infection. But many of the devices use software that can make a feverish person appear perfectly well." False positive/false negative thermometer readings can endanger public health and cause unnecessary inconvenice. The FDA's Total Product Life Cycle platform assigns product code FLL to regulate devices identified as "Thermometer, Electronic, Clincial." The product code captures medical device reports for oral thermometers, tympanic thermometers, and screening thermographic devices. See https://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfTPLC/tplc.cfm?id=2611 for a list of equivalent devices and recalls. The page identifies ~41 unique suppliers. The last recall was in 04FEB2020 for a Cardinal Health 200, LLC tympanic thermometer unit. For recall content, see: https://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfres/res.cfm?start_search=1&event_id=84202 The top-10 device problems traced to medical device reports, in CSV format: Device Problems,MDRs with this Device Problem,Events in those MDRs Thermometer,132,132 Adverse Event Without Identified Device or Use Problem,80,80 False Negative Result,64,64 Insufficient Information,60,60 Power Problem,33,33 Incorrect, Inadequate or Imprecise Resultor Readings,31,31 Battery Problem,29,29 Product Quality Problem,27,27 Nonstandard Device,27,27 Device Issue,22,22 Device Operates Differently Than Expected,18,18 The top-10 patient problems traced to medical device reports, in CSV format: Patient Problems,MDRs with this Patient Problem,Events in those MDRs Fever,143,143 No Known Impact Or Consequence To Patient,116,116 No Consequences Or Impact To Patient,25,25 Seizures,17,17 No Information,12,12 No Patient Involvement,8,8 Patient Problem/Medical Problem,6,6 Blood Loss,5,5 Foreign Body In Patient,5,5 No Code Available,4,4 ------------------------------ Date: Sat, 6 Mar 2021 23:25:47 -0500 From: Gabe Goldberg <gabe () gabegold com> Subject: The problems with anti-vaccers' precautionary principle arguments (The Logic of Science) Invoking the precautionary principle is a favorite tactic of anti-vaccers, anti-GMO activists, and various other groups that are prone to opposing scientific advances, but there are numerous issues with this strategy. The exact definition of the precautionary principle is a bit amorphous and variable, but the general concept is that before taking an action that has potential risks (particularly with the application of something new), the burden of proof should be on the proponent to demonstrate the safety of that action before taking it. There is certainly an element of validity to this. I absolutely agree, for example, that new medications should be tested and shown to be safe before being made publicly available (indeed, that is part of why we have organizations like the FDA that regulate the approval of new drugs). Similarly, months ago when COVID vaccines were in early stages of testing, I and many other ardent pro-vaccers stated that while the vaccines were promising, we wanted to see the results of the tests before drawing any conclusions. That is a completely rational, evidence-based way to approach the situation. New drugs, vaccines, and technologies certainly have the potential to cause harm. So, it is not unreasonable to want safety testing prior to their use. Where this becomes problematic, however, is in determining what constitutes reasonable evidence. Groups like anti-vaccers have a tendency to stretch the precautionary principle to unreasonable limits and use it as an excuse for science-denial, rather than a legitimate decision-making tool. Usually, what I see is an incorrect insistence that the precautionary principle demands absolute assurance of safety and that it should be used in a strictly binary decision tree where any possible risk means that the thing in question should not be used, regardless of the known benefits. This is very bad risk assessment and ignores important aspects of how science actually works. As I'll explain, science is about probabilities, not absolutes, and you must consider both the risk and benefit of an action. https://thelogicofscience.com/2021/03/02/the-problems-with-anti-vaccers-precautionary-principle-arguments/ ------------------------------ Date: Fri, 5 Mar 2021 12:06:21 -0500 From: Monty Solomon <monty () roscom com> Subject: You got a vaccine. Walgreens got your data. Retail pharmacies are now giving out Covid-19 vaccines, and some of them are using it as an opportunity to profit off your information. https://www.vox.com/recode/22310281/covid-vaccine-walgreens-cvs-rite-aid-walmart-data ------------------------------ Date: Fri, 5 Mar 2021 11:44:09 -0500 (EST) From: ACM TechNews <technews-editor () acm org> Subject: Research highlights impact of Digital Divide University of Houston News, 3 Mar 2021 via via ACM TechNews, 5 Mar 2021 Researchers at the University of Houston, Rutgers University, and Temple University found that people with basic IT skills are more likely to be employed, even if their jobs are not explicitly associated with those skills. In addition, the researchers found that people with more advanced IT skills tend to earn higher salaries. The researchers said, "Workers who possess relevant IT skills might have an edge in an increasingly digital economy." The University of Houston's Paul A. Pavlou said the study highlights the need for strong public policy to enable people more likely to deal with employment discrimination, like women and older workers, to obtain basic IT skills. Pavlou said, "Workers are expected to obtain these IT skills themselves, in order to get a job in the first place. And the less-privileged population they are, the harder time they have obtaining these skills that require computer equipment and Internet access." https://orange.hosting.lsoft.com/trk/click?ref=znwrbbrs9_6-29c88x228ff6x068077&; ------------------------------ Date: Fri, 5 Mar 2021 06:52:38 -0500 (EST) From: Andrew Appel <appel () princeton edu> Subject: ES&S hashcode testing is wrong in 3 ways We just published this article: Andrew Appel and Susan Greenhalgh Voting Machine Hashcode Testing: Unsurprisingly insecure, and surprisingly insecure https://freedom-to-tinker.com/2021/03/05/voting-machine-hashcode-testing-unsurprisingly-insecure-and-surprisingly-insecure/ The accuracy of a voting machine is dependent on the software that runs it. If that software is corrupted or hacked, it can misreport the votes. There is a common assumption that we can check the legitimacy of the software that is installed by checking a hash code and comparing it to the hash code of the authorized software. In practice the scheme is supposed to work like this: Software provided by the voting-machine vendor examines all the installed software in the voting machine, to make sure it's the right stuff. There are some flaws in this concept: it's hard to find ``Call the installed software in the voting machine,'' because modern computers have many layers underneath what you examine. But mainly, if a hacker can corrupt the vote-tallying software, perhaps they can corrupt the hash-generating function as well, so that whenever you ask the checker ``does the voting machine have the right software installed,'' it will say, ``Yes, boss.'' Or, if the hasher is designed not to say ``yes'' or ``no,'' but to report the hash of what's installed, it can simply report the hash of what's supposed to be there, not what's actually there. For that reason, election security experts never put much reliance in this hash-code idea; instead they insist that you can't fully trust what software is installed, so you must achieve election integrity by doing recounts or risk-limiting audits of the paper ballots. But you might have thought that the hash-code could at least help protect against accidental, nonmalicious errors in configuration. You would be wrong. It turns out that [ https://www.essvote.com/ | ES&S ] has bugs in their hash-code checker: if the ``reference hashcode'' is completely missing, then it'll say ``yes, boss, everything is fine'' instead of reporting an error. It's simultaneously shocking and unsurprising that ES&S's hashcode checker could contain such a blunder and that it would go unnoticed by the U.S. Election Assistance Commission's federal certification process. It's unsurprising because testing naturally tends to focus on ``does the system work right when used as intended?'' Using the system in unintended ways (which is what hackers would do) is not something anyone will notice. Until somebody does notice. In this case, it was the State of Texas's voting-machine examiner, Brian Mechler. In [ https://ftt-uploads.s3.amazonaws.com/wp-content/uploads/2021/03/03172500/brian-mechler-ESS-exam-report-EVS6110-aug.pdf | his report dated September 2020 ] he found this bug in the hash-checking script supplied with the ES&S EVS 6.1.1.0 election system (for the ExpressVote touch-screen BMD, the DS200 in-precinct optical scanner, the DS450 and DS850 high-speed optical scanners, and other related voting machines). (Read Section 7.2 of [ https://ftt-uploads.s3.amazonaws.com/wp-content/uploads/2021/03/03172500/brian-mechler-ESS-exam-report-EVS6110-aug.pdf | Mr. Mechler's report ] for details). We can't know whether that bug was intentional or not. Either way, it's certainly convenient for ES&S, because it's one less hassle when installing firmware upgrades. (Of course, it's one less hassle for potential hackers, too.) Another gem in Mr. Mechler's report is in Section 7.1, in which he reveals that acceptance testing of voting systems is done by the vendor, not by the customer. Acceptance testing is the process by which a customer checks a delivered product to make sure it satisfies requirements. To have the vendor do acceptance testing pretty much defeats the purpose. When the Texas Secretary of State learned that their vendor was doing the acceptance testing themselves, the SOS's attorney wrote to ES&S to admonish them about it, pledging to ensure all Counties amend their procedures to ensure local officials conduct acceptance testing. The attorney may encounter a problem, though: the ES&S sales contract specifies that ES&S must perform the acceptance testing, or they [ https://ftt-uploads.s3.amazonaws.com/wp-content/uploads/2021/03/04141319/48428_2018-241-Contract.pdf | will void your warranty (see clause 7b) ] . There's another little gem in Mr. Mechler's report, Section 7.3. The U.S. Election Assistance Commission requires that `` [ https://www.eac.gov/sites/default/files/document_library/files/VVSG.1.0_Volume_1.PDF | The vendor shall have a process to verify that the correct software is loaded, that there is no unauthorized software, and that voting system software on voting equipment has not been modified, using the reference information from the [National Software Reference Library] or from a State designated repository. The process used to verify software should be possible to perform without using software installed on the voting system. ] '' This requirement is usually interpreted to mean, ``check the hash code of the installed software against the reference hash code held by the EAC or the State.'' But ES&S's hash-checker doesn't do that at all. Instead, ES&S instructs its techs to create some ``golden'' hashes from the first installation, then subsequently check the hash code against these. So whatever software was first installed gets to be ``golden'', regardless of whether it's been approved by the EAC or by the State of Texas. This design decision was probably a convenient shortcut by engineers at ES&S, but it directly violates the EAC's rules for how hash-checking is supposed to work. So, what have we learned? We already knew that hash codes can't protect against hackers who install vote-stealing software, because the hackers can also install software that lies about the hash code. But now we've learned that hash codes are even more useless than we might have thought. This voting-machine manufacturer * has a hash-code checker that erroneously reports a match, even when you forget to tell it what to match against; * checks the hash against what was first installed, not against the authorized reference that they're supposed to; * and the vendor insists on running this check itself -- not letting the customer do it -- otherwise the warranty is voided. As a bonus we learned that the EAC certifies voting systems without checking if the validation software functions properly. Are we surprised? You know: fool me once, shame on you; fool me twice, shame on me. Every time that we imagine that a voting-machine manufacturer might have sound cybersecurity practices, it turns out that they've taken shortcuts and they've made mistakes. In this, voting-machine manufacturers are no different from any other makers of software. There's lots of insecure software out there made by software engineers who cut corners and don't pay attention to security, and why should we think that voting machines are any different? So if we want to trust our elections, we should vote on hand-marked paper ballots, counted by optical scanners, and recountable by hand. Those optical scanners are pretty accurate when they haven't been hacked -- even the ES&S DS200 -- and it's impractical to count all the ballots without them. But we should always check up on the machines by doing random audits of the paper ballots. And those audits should be ``strong'' enough -- that is, use good statistical methods and check enough of the ballots -- to catch the mistakes that the machines might make, if the machines make mistakes (or are hacked). The technical term for those ``strong enough'' audits is [ https://freedom-to-tinker.com/2019/05/23/how-to-do-a-risk-limiting-audit/ | Risk-Limiting Audit ] Andrew W. Appel is Professor of Computer Science at Princeton University. Susan Greenhalgh is Senior Advisor on Election Security at [ http://www.freespeechforpeople.org/ | Free Speech For People ] . ------------------------------ Date: Fri, 5 Mar 2021 16:05:23 -1000 From: geoff goodfellow <geoff () iconia com> Subject: At least 30,000 U.S. organizations newly hacked via holes in Microsoft's email software At least 30,000 organizations across the United States -- including a significant number of small businesses, towns, cities and local governments -- have over the past few days been hacked by an unusually aggressive Chinese cyber-espionage unit that's focused on stealing email from victim organizations, multiple sources tell KrebsOnSecurity. The espionage group is exploiting four newly-discovered flaws in *Microsoft Exchange Server* email software, and has seeded hundreds of thousands of victim organizations worldwide with tools that give the attackers total, remote control over affected systems. On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange. <https://krebsonsecurity.com/2021/03/microsoft-chinese-cyberspies-used-4-exchange-server-flaws-to-plunder-emails/> In the three days since then, security experts say the same Chinese cyber espionage group has dramatically stepped up attacks on any vulnerable, unpatched Exchange servers worldwide. In each incident, the intruders have left behind a ``web shell,'' an easy-to-use, password-protected hacking tool that can be accessed over the Internet from any browser that gives the attackers administrative access to the victim's computer servers. Speaking on condition of anonymity, two cybersecurity experts who've briefed U.S. national security advisors on the attack told KrebsOnSecurity the Chinese hacking group thought to be responsible has seized control over *hundreds of thousands* of Microsoft Exchange Servers worldwide -- with each victim system representing approximately one organization that uses Exchange to process email. Microsoft said the Exchange flaws are being targeted by a previously unidentified Chinese hacking crew it dubbed *Hafnium*, and said the group had been conducting targeted attacks on email systems used by a range of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs. [...] https://blogs.microsoft.com/on-the-issues/2021/03/02/new-nation-state-cyberattacks/ https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/ ------------------------------ Date: Sat, 6 Mar 2021 15:12:54 -0800 From: Lauren Weinstein <lauren () vortex com> Subject: Texas PUC to electricity users who received outrageous bills from grid mismanagment during winter storm: SCREW YOU! https://www.npr.org/2021/03/06/974417969/texas-wont-reduce-16-billion-in-electricity-charges-from-winter-storm and later this one: https://www.khou.com/article/news/local/puc-overcharge-winter-freeze-electricity-ercot/285-134ee343-7389-4f33-8284-19ea88959968 ------------------------------ Date: Wed, 3 Mar 2021 19:40:26 -0500 From: Gabe Goldberg <gabe () gabegold com> Subject: Rookie coding mistake prior to Gab hack came from site's CTO (Ars Technica) Site executive introduces, then removes, insecure code, then hides the evidence. https://arstechnica.com/gadgets/2021/03/rookie-coding-mistake-prior-to-gab-hack-came-from-sites-cto/ Funny comments... ------------------------------ Date: Sat, 6 Mar 2021 22:14:35 -0500 From: Gabe Goldberg <gabe () gabegold com> Subject: What lies beneath... on disaster respone (NYU Tandon) NYU Tandon-led effort sheds light beneath the surface for NYC disaster response (NYU Tandon School of Engineering) Project gets NSF City Innovation Challenge award to help communities respond to floods, storms and other disasters by making info on underground infrastructure viewable, usable and shareable. https://engineering.nyu.edu/news/nyu-tandon-led-effort-sheds-light-beneath-surface-nyc-disaster-response ------------------------------ Date: Sun, 7 Mar 2021 14:46:26 +0100 From: Peter Bernard Ladkin <ladkin () causalis com> Subject: Re: Post Office scandal (RISKS-32.52) The issues with the Post Office Horizon POS system and prosecutions and convictions of subpostmasters for alleged fraud has led to what I believe is the largest referral of possibly-unsafe cases to the Criminal Cases Review Commission in UK history. I and a number of colleagues, namely Martyn Thomas, Bev Littlewood, Harold Thimbleby and barrister Stephen Mason, have written individually and collectively, and more recently with others, a number of recent papers about these cases, published in the University of London School of Advanced Study's journal Digital Evidence and Electronic Signature Law Review, which Stephen edits. Volume 17 contains four papers on this issue by Ladkin et al, Ladkin, Marshall and Christie https://journals.sas.ac.uk/deeslr/issue/view/578 . Paul Marshall was invited in 2020 to submit some considerations about the probity of computer evidence to the Parliamentary Under-Secretary of State for Justice in the UK Ministry of Justice, Alex Chalk MP. A public version of this submission (Marshall et al) has been published by DEESLR at https://journals.sas.ac.uk/deeslr/article/view/5240 There are deeper issues involved in this series of cases than that some people were unsafely convicted. Readers of the above articles will see that a certain presumption in English law (since a Law Commission recommendation in 1997) about the correct/incorrect operation of computers comes into question (addressed by Ladkin et al, and in the MoJ submission by Marshall et al). Some of the argumentation used in court was technically spectacularly poor (cf. Ladkin on "Robustness"). And it came to light in a civil case brought by a large number of suffering subpostmasters against Post Office Limited that the developers and operators of the system (Fujitsu and Post Office Limited) had not disclosed pertinent information about the dependability of the Horizon system to defendants that Post Office Limited had prosecuted. Indeed, it is as a result of the superb judgment by Justice Sir Peter Fraser in that civil case that the large number of convictions were referred to the CCRC as possibly unsafe. Fraser J's judgment is at https://www.judiciary.uk/wp-content/uploads/2019/12/bates-v-post-office-judgment.pdf It is over 300pp long but bears close reading for those interested in the behaviour of large IT systems; I anticipate it will become a "landmark judgment". Because of these deeper issues, I anticipate that these cases will continue to reverberate for some time in the English judicial system. Some people have worked on this matter for decades. Stephen Mason is one. He obtained and published the transcript in DEESLR of the criminal case of subpostmaster Seema Misra. It is because of Stephen's persistence that Martyn, Bev, Harold and I became involved. A blog with extensive, detailed references is maintained by Nick Wallace at https://www.postofficetrial.com ------------------------------ Date: 7 Mar 2021 12:44:41 -0500 From: "John Levine" <johnl () iecc com> Subject: Re: Fed outage shuts down U.S. payment system (Ars Technica) Re: https://arstechnica.com/tech-policy/2021/02/fed-outage-shuts-down-us-payment-systems-for-more-than-an-hour/ The ACH system suffers from having been cutting edge when it was set up, and is now aging badly. The U.S. is also unique in having over 4000 banks and 5000 credit unions. Some are large and well known but there is a long tail that are very small and not very sophisticated. (By comparison, France and the UK each have about 400 banks.) I hear that some of the small banks still do their ACH transfers with a daily FTP session. The Federal Reserve is working on a faster and more modern payment system called FedNow, but the rollout will be slow as all of those tiny banks and credit unions have to figure it out and get connected. Since this is the US, some big banks have a competing system called TCH which they claim is just as good, no need for FedNow, but it is unlikely to reach all those small banks, at least not at a price they can afford. ------------------------------ Date: 6 Mar 2021 23:16:11 -0500 From: "John Levine" <johnl () iecc com> Subject: Re: his lights stayed on during Texas's storm. Now he owes $16,752 (RISKS-32.52) It must be interesting to live in a world where insurance does not exist. For the most part, it's true, paying the marginal price is more cost effective. But there is a huge difference between "the most part" and "always". For the most part, it is more cost effective to pay your medical bills as they occur rather than paying for insurance. But then you're hit but a bus, your bills are a million dollars and you do not have a million dollars. Now what? The market solution is too bad, you die. In the middle of the freeze, there was no market clearing price. Much of the cheaply built generation system failed so there was no more power to be had, while people with electric heat can't just turn it off or they and their water pipes will freeze. That's why the other 49 states spend money to make their electric system resilient even though it makes the day to day costs a little higher. Ask people in El Paso whether they think they'd be better off with cheaper ERCOT power. ------------------------------ Date: Mon, 1 Aug 2020 11:11:11 -0800 From: RISKS-request () csl sri com Subject: Abridged info on RISKS (comp.risks) The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is comp.risks, the feed for which is donated by panix.com as of June 2011. => SUBSCRIPTIONS: The mailman Web interface can be used directly to subscribe and unsubscribe: http://mls.csl.sri.com/mailman/listinfo/risks => SUBMISSIONS: to risks () CSL sri com with meaningful SUBJECT: line that includes the string `notsp'. Otherwise your message may not be read. *** This attention-string has never changed, but might if spammers use it. => SPAM challenge-responses will not be honored. Instead, use an alternative address from which you never send mail where the address becomes public! => The complete INFO file (submissions, default disclaimers, archive sites, copyright policy, etc.) is online. <http://www.CSL.sri.com/risksinfo.html> *** Contributors are assumed to have read the full info file for guidelines! => OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's searchable html archive at newcastle: http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue. Also, ftp://ftp.sri.com/risks for the current volume/previous directories or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume If none of those work for you, the most recent issue is always at http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-32.00 ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001) *** NOTE: If a cited URL fails, we do not try to update them. Try browsing on the keywords in the subject line or cited article leads. Apologies for what Office365 and SafeLinks may have done to URLs. ==> Special Offer to Join ACM for readers of the ACM RISKS Forum: <http://www.acm.org/joinacm1> ------------------------------ End of RISKS-FORUM Digest 32.53 ************************
Current thread:
- Risks Digest 32.53 RISKS List Owner (Mar 12)