RISKS Forum mailing list archives
Risks Digest 29.35
From: RISKS List Owner <risko () csl sri com>
Date: Wed, 16 Mar 2016 15:30:31 PDT
RISKS-LIST: Risks-Forum Digest Wednesday 16 March 2016 Volume 29 : Issue 35 ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <http://www.risks.org> as <http://catless.ncl.ac.uk/Risks/29.35.html> The current issue can be found at <http://www.csl.sri.com/users/risko/risks.txt> Contents: Apple's Brief Hits the FBI With a Withering Fact Check (WiReD) Apple and Justice Dept. Trade Barbs in iPhone Privacy Case (NYTimes) Spontaneous Windows 10 Upgrade (Martin Fong) City's Public Wi-Fi Raises Privacy Concerns (NYCLU) Typo thwarts hackers in $1 billion cyber heist on Bangladesh central bank ... (WashPo) Yet another reason why expiring and reusing domain names is a really bad idea (ZDNet) Heat Scanning vs. Privacy (Harper's) ICANN -- "Time for America to relinquish custody of the Internet" (James Titcomb) Internet mismanagement (The Independent) Stealing Nude Pics From iCloud Requires Zero Hacking Skills -- Just Some YouTube Guides (Forbes) "YOGA* - A Software Development Process Based On Ancient Principles" (ACM Learning Center) Threat Intelligence & AI (Business Wire) Re: Florida Senate endorses making computer coding a foreign language (Dan Geer) Re: President Obama at SXSW (Mark E. Smith) Re: Skype Co-Founder Launches End-To-End Encrypted 'Wire' App (John Levine) Re: Why no secure architectures in commodity systems? (Dick Mills, Henry Baker) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Wed, 16 Mar 2016 11:27:23 -0700 From: PRIVACY Forum mailing list <privacy () vortex com> Subject: Apple's Brief Hits the FBI With a Withering Fact Check http://www.wired.com/2016/03/apple-fact-checks-the-feds-in-latest-brief/ APPLE'S LATEST BRIEF in its battle with the FBI over the San Bernardino iPhone offered the tech company an opportunity to school the Feds over their misinterpretation and misquotations of a number of statutes and legal cases they cited as precedent in their own brief last week. Many viewed Apple's arguments as a withering commentary on the government's poor legal acumen. ------------------------------ Date: Tue, 15 Mar 2016 23:04:15 -0400 From: Monty Solomon <monty () roscom com> Subject: Apple and Justice Dept. Trade Barbs in iPhone Privacy Case Apple and Justice Dept. Trade Barbs in iPhone Privacy Case http://www.nytimes.com/2016/03/16/technology/apple-court-filing-iphone-case.html The company said a ruling on unlocking the phone of a gunman in a mass shooting had to take into account the national debate over data privacy. ------------------------------ Date: Tue, 15 Mar 2016 16:40:08 -0700 From: Martin Fong <martin.fong () sri com> Subject: Spontaneous Windows 10 Upgrade Yesterday morning a coworker mentioned that his mother had called him and said that her Windows 7 desktop spontaneously updated to Windows 10. Skeptical, he asked if she had inadvertently clicked "Yes" on an "Accept Upgrade" dialog, but she replied that there wasn't one. Unfortunately, because her Windows 7 computer was configured to perform an auto-login, she did not know or have her login credentials now required by the Windows 10 login dialog. (This morning she called MicroSoft support and was told she needed to create a MicroSoft account from a different computer and use that to log into her machine; this procedure worked.) However, starting yesterday, other users have complained about their Windows 7 machines being forcibly upgraded to Windows 10 without their approval. It appears that MicroSoft changed the Windows 10 upgrade from "optional" to "recommended", and that this upgrade preemptively installs without explicit user approval, something that MicroSoft has denied. For more info, see http://www.theguardian.com/technology/2016/mar/15/windows-10-automatically-installs-without-permission-complain-users ------------------------------ Date: Wed, 16 Mar 2016 09:29:49 -0700 From: Lauren Weinstein <lauren () vortex com> Subject: City's Public Wi-Fi Raises Privacy Concerns (NYCLU) NYCLU via NNSquad: City's Public Wi-Fi Raises Privacy Concerns http://www.nyclu.org/news/citys-public-wi-fi-raises-privacy-concerns The city's new public Wi-Fi network LinkNYC raises several privacy concerns for users, the New York Civil Liberties Union announced today after sending a letter to the Office of the Mayor on Tuesday. CityBridge, the company behind the LinkNYC kiosks that have begun replacing phone booths in Manhattan, retains a vast amount of information about users - often indefinitely - building a massive database that carries a risk of security breaches and unwarranted NYPD surveillance. ------------------------------ Date: Tue, 15 Mar 2016 16:25:41 -0400 From: Gabe Goldberg <gabe () gabegold com> Subject: Typo thwarts hackers in $1 billion cyber heist on Bangladesh central bank ... (WashPo) https://www.washingtonpost.com/business/economy/typo-thwarts-hackers-in-1-billion-cyber-heist-on-bangladesh-central-bank/2016/03/11/83466dd0-e7d8-11e5-a6f3-21ccdbc5f74e_story.html ... demonstrating that not all typos are bad! The risk? Bad guys knowing how to spell. ------------------------------ Date: 16 Mar 2016 15:44:19 -0400 From: "Bob Frankston" <Bob19_0501 () bobf frankston com> Subject: Yet another reason why expiring and reusing domain names is a really bad idea (ZDNet) Malvertising campaign strikes top websites worldwide http://www.zdnet.com/article/malvertising-campaign-strikes-top-websites-worldwide/ "According to Trustwave, the cyberattacker behind this malvertising campaign "acquired an expired domain of a small but probably legitimate advertising company in order to utilize this for malicious purposes," providing them with the avenue to exploit high-ranking websites through BrentsMedia.com." ------------------------------ Date: Tue, 15 Mar 2016 16:19:00 -0500 From: "Alister Wm Macintyre \(Wow\)" <macwheel99 () wowway com> Subject: Heat Scanning vs. Privacy (Harper's) April 2016 Harper's Magazine has a short photographic essay on the NYC PD "Domain Awareness System," which has: * 8,300 cameras * 500 license plate readers * An unspecified volume of thermal imaging. NYPD claims to have canceled the heat scanning. The article shares some pictures of what we can see with the latter, at various ambient temperatures. Interesting . I see a cop with a spare gun by his knee. http://harpers.org/archive/2016/04/packing-heat/ To see this, you have to either be a subscriber, or pick it up at the newsstand. https://en.wikipedia.org/wiki/Domain_Awareness_System ------------------------------ Date: Wed, 16 Mar 2016 16:58:53 +0000 From: Chris Drewe <e767pmk () yahoo co uk> Subject: ICANN -- "Time for America to relinquish custody of the Internet" (James Titcomb) James Titcomb, *The Telegraph*, 14 Mar 2016 Why it's time for America to relinquish custody of the Internet http://www.telegraph.co.uk/technology/2016/03/13/why-its-time-for-america-to-relinquish-custody-of-the-internet/ The World Wide Web can often seem like a lawless place; free and open and beyond the control of any one government or censor. It has been one of the basic principles of the web in the three decades since it was invented. But in one way, America does control the Internet. It has had ultimate control over the Internet Corporation for Assigned Names and Numbers, better known as ICANN, since it was formed in 1998. That was until last Thursday, when the organisation submitted long-awaited proposals to the US Government that would see it made independent. No idea if this is a risk or not, but looks like it could be important. [In this case, please remember that risks involve many people, many nations, many corporations, many institutions, and so on, possibly in different ways. PGN] ------------------------------ Date: Tue, 15 Mar 2016 16:39:32 -0500 From: "Alister Wm Macintyre \(Wow\)" <macwheel99 () wowway com> Subject: Internet mismanagement Misleading headlines say the US gov is giving up control of the Internet. http://www.independent.co.uk/news/world/americas/us-government-to-surrender-control-of-internet-administrator-icann-a6829466.html The truth is that ICANN was in charge of the Internet, but was doing such a bad job, that a handful of domain registrars make their money by enabling criminals responsible for 90% of the spam, hacker-cracker activities, phishing, sales of phony & illegal products, etc., while ICANN was taking forever to act on reports of this digital-mafia support. http://www.infoworld.com/article/2641410/application-development/20-registrars-control-90--of-illicit-domains--says-knujon.html http://krebsonsecurity.com/tag/knujon/ http://www.pcworld.com/article/159058/spam_sources.html http://www.knujon.com/registrars/ While ICANN incorporated in California, and thus theoretically under some kind of US oversight regulation, reality has been clueless oversight. What will we be getting in place of ICANN? Seems to me a dramatic increase in anarchy. ------------------------------ Date: 16 Mar 2016 08:38:14 -0400 From: "Bob Frankston" <Bob19_0501 () bobf frankston com> Subject: Stealing Nude Pics From iCloud Requires Zero Hacking Skills -- Just Some YouTube Guides (Forbes) Amid the worries about the backdoor, a reminder that the front door is easily pried open. http://www.forbes.com/sites/thomasbrewster/2016/03/16/icloud-hacking-jennifer-lawrence-fappening-apple-nude-photo-leaks/#7d195ef97b88 ------------------------------ Date: Tue, 15 Mar 2016 16:47:19 -0400 (EDT) From: "ACM Learning Center" <learning () acm org> Subject: "YOGA* - A Software Development Process Based On Ancient Principles" Register for a Special April 1 Webcast: "YOGA* -- A Software Development Process Based On Ancient Principles" Register for the next free ACM Learning Webinar: http://event.on24.com/wcc/r/1155985/486853632F1F828E87AD631548733301?partnerref=b1 "YOGA*--A Software Development Process Based On Ancient Principles," presented on Friday, April 1 at 12 pm ET by Seth Winis, Software Development Guru and YOGA Expert (at the encouragement of David Weiss, longtime researcher in software engineering and IEEE Fellow). Will Tracz, Lockheed Martin Fellow Emeritus and Past Chair of ACM SIGSOFT, moderates the questions and answers session. (If you'd like to attend but can't make it to the virtual event, you still need to register to receive a recording of the webinar when it becomes available.) Note: You can stream this and all ACM Learning Webinars on your mobile device, including smartphones and tablets. YOGA* is a software development process based on ancient principles and derived from many years of experience with software production and introspective research into and measurement of software production. I thank the guru Fapsan Rat for his many hours of discussion and joint meditation with me concerning these principles. YOGA stands for You Only Go Ahead and its theme is to be forward looking. It consists of 10 basic commandments such as: -Ignore the past and only look ahead. Don't worry about repeating past mistakes. -Don't try to be rational. There is substantial evidence that there's no such thing as a rational software production process. Think of yourselves as artists, free to create. -Each team member should meditate on his/her code for an hour every day. The purpose of the meditation is to become more enlightened about the code and coding. The goal should be to find a place in the code that the team member can modify today. -Strengthen your core. Your core developers are the ones who make 80% of the changes. Give them coding exercises to do and hold an occasional refactoring contest to see who can refactor fastest. Duration: 60 minutes (including audience Q&A) Presenter: Seth Winis, Software Development Guru, YOGA Expert Seth Winis has many years of development experience at places such as AS&T, Lucid, Motovola, The Software Feasibility Consortium, The Numerical Research Laboratory, and Howaya. He has also spent time in academia as a professor of software reengineering at Moo U. and others. David Weiss, long time researcher in software engineering and IEEE Fellow, encouraged Seth to publish his ideas on YOGA. David has worked in industry, such as Bell Labs, Avaya Labs, the Software Productivity Consortium, Computer Sciences Corp., in government, such as the Naval Research Laboratory and the Office of Technology Assessment, and in academia, where he was professor of software engineering at Iowa State University. He is now retired, with time to step back and inject some humor into his history in software engineering. Moderator: Will Tracz, Lockheed Martin Fellow Emeritus; Past Chair, ACM SIGSOFT When he retired in 2012, Will Tracz was a principal software engineer/application architect for the Global Combat Support System - Air Force program. He is Past Chair of the ACM Special Interest Group on Software Engineering (SIGSOFT) and a member of the ACM Professional Development Committee. He was the editor of the ACM SIGSOFT Software Engineering Notes (1994-2012), 2002 chairman of the International Conference on Software Engineering, and 2012 chairman of the ACM Foundations of Software Engineering. Visit http://learning.acm.org/webinar for our full archive of past webinars Applicative 2016 (June 1-2, New York City) brings together researchers and practitioners to share the latest emerging technologies and trends in software development. http://applicative.acm.org/. We computer scientists take our profession very seriously and sometimes partition ourselves along dogmatic, almost religious lines. Perhaps every once in a while we need to to step back and inject some humor into our arguments. April Fool's Day seems like a good time to practice some well-grounded satire. ------------------------------ Date: Wed, 16 Mar 2016 01:58:37 -0500 From: "Alister Wm Macintyre \(Wow\)" <macwheel99 () wowway com> Subject: Threat Intelligence & AI Drowning in Threat Intelligence: National Security, and Cyber Security, workers have a similar set of challenges. They are overwhelmed with clues, without adequate resources to deal with them all effectively, or identify which are the most critical. http://www.businesswire.com/news/home/20160315005555/en/Phantom-ESG-Research-Finds-Companies-Ignore-Majority National Security looks for a needle, not in a haystack of needles, but a Grand Canyon of them, finding they did have the relevant data after many successful terrorist attacks. In my opinion, This may be partly their fault, for: scooping up masses of info on people who are unlikely to be a terrorist threat; not fixing the ICANN corruption where a handful of rogue registrars are responsible for enabling the vast majority of cyber crime; not figuring out how to stop terrorist funding; not evacuating US weaponry, now in ISIS and alQ hands, when pulling out of various theaters. Some IT workers lack the corporate funding support to work smart with cyber warnings. Fire-Eye has a white paper with guidelines to help manage tradeoff between alerts and risk. (registration required) https://www2.fireeye.com/04aGoToMarket-Advanced.0034NTRADVEDUWPUncomfortable CyberSecurityTradeoff_LP.html Several breaches, of Mega-corps, had the clues that could have been acted upon to stop the breach, but they were buried in a deluge of clues. http://www.darkreading.com/threat-intelligence/threat-intelligences-big-data-problem/d/d-id/1324702 Maybe AI could help? Check out the story on Dark Trace in March 20 BBW. This British startup is run by ex-spies using AI to detect network breaches, with color coded alerts. It first watches the systems in place for standard patterns, then reports on irregularities. https://www.darktrace.com/ This sounds like the same technique that UPI's Needle in Haystack uses to detect embezzlement and stupid errors in ERP management. http://unbeatenpath.com/compass Artificial Intelligence (AI) stories cropping up many places. https://www.linkedin.com/pulse/would-you-vote-machine-2024-eric-gervet Here is an article on Hardware Evolution. http://www.damninteresting.com/on-the-origin-of-circuits/ ------------------------------ Date: Tue, 15 Mar 2016 19:01:00 -0400 From: dan () geer org Subject: Re: Florida Senate endorses making computer coding a foreign language (RISKS-29.33) In many settings where a degree in some aspect of social service (broadly defined) is to be awarded, American Sign Language satisfies the language requirement. ------------------------------ Date: Wed, 16 Mar 2016 03:59:51 +0800 From: "Mark E. Smith" <mymark () gmail com> Subject: Re: President Obama at SXSW (Baker, RISKS-29.34)
"Weak encryption + voting apps = GAME OVER for democracy."
Elections are irrelevant to democracy. Free, fair, open, and honest elections can be held for a dictator, but that doesn't make a dictatorship into a democracy. It was "game over" for democracy in the USA when the counterrevolutionary Constitution betrayed the American revolution by establishing neither a democracy nor a republic, but a plutocracy in which all men were not equal, the votes of some (Electors) counted more than the votes of others, not everyone was allowed to vote, those who could vote were not allowed to vote directly for the highest office in the land, and rather than vesting supreme power in the hands of the people, supreme power was vested in the hands of an unelected Supreme Court. To further ensure inequality and an undemocratic form of government, there was no right of recall at the federal level so that constituents could not hold their elected officials accountable during their terms of office, which is the only time they hold power, the only time they are supposed to represent their constituents, and the only time that they might need to be held directly and immediately accountable to prevent permanent damage to the nation. Tweaks like mandatory or online registration (it is extremely difficult not to get caught rigging elections when there are more votes than there are registered voters, so corrupt elections officials are always looking for ways to add phantom voters to the rolls to facilitate the creation of phantom votes), and online voting, merely make our corporate-controlled, unverifiable, undemocratic elections easier to manipulate. ------------------------------ Date: 15 Mar 2016 21:11:51 -0000 From: "John Levine" <johnl () iecc com> Subject: Re: Skype Co-Founder Launches End-To-End Encrypted 'Wire' App The good news is that Wire is technically very sophisticated and if their white paper is to be believed, the crypto is very strong. The bad news is that since it lets anyone sign up with no ID beyond an e-mail address and start calling anyone else in the Wire phonebook for free, you get a lot of spam. Within hours of signing up, my phone was beeping with calls from random people I'm quite sure I do not want to talk to. It's surprising that people who ran Skype don't remember that problem and what they did to deal with it. ------------------------------ Date: Wed, 16 Mar 2016 09:58:10 -0400 From: Dick Mills <dickandlibbymills () gmail com> Subject: Re: Why no secure architectures in commodity systems? (Sizemore, RISKS-29.34) Nick Sizemore did a good job of surveying the subject. But there's one glaring omission IMO. Governments, including but not limited to the USA, are opposing true security as a matter of policy. Any truly secure system or technology could get into the hands of criminals, terrorists, or foreign states. They could use it to shield themselves from law enforcement, intelligence gatherings, or the attacks of US Cyber Command. Is it not the duty of Cyber Command to have the ability to successfully defeat any cyber security anywhere at any time? Any secure organization can be infiltrated by bad people. Not only single actors like Manning, but even groups who might use the facilities to communicate securely among themselves about their criminal plans not related to the organization's mission. Before addressing *how* to make things secure, we need clarity on the issue of *whether* secure computing or secure communications will be tolerated in any context. ------------------------------ Date: Tue, 15 Mar 2016 13:54:54 -0700 From: Henry Baker <hbaker1 () pipeline com> Subject: Re: Why no secure architectures in commodity systems? (Sizemore, RISKS-29.34) Thanks, Nick, for a terrific summary status report. Even though I'm a formalist by nature & training, I can see that formal methods are not going to be sufficient to solve most of the problems in computer security today. Part/most of the reasons have to do with the fact that we're trying to replace the engine & wings on a plane that's already flying with billions of folks aboard. For example, we jumped into e-commerce before we even knew how to build safe & secure crypto systems. We still don't, but we're a lot better than we used to be; unfortunately, we're still putting out crypto fires that started 25 years ago. I've come around to Dan Geer's way of thinking: look to biological systems. They've been dealing with "security" problems for perhaps 2 billion years, so there's some chance that they have some tricks up their microscopic sleeves. For example, it would seem that cell "suicide" is a lot more common than previously thought. If a cell determines that it has been overwhelmed by forces that it cannot control, and this is a threat that can overwhelm other cells, as well, it will commit suicide in an attempt to stop a pathogen from spreading. Ditto for individual plants and animals; the survival of the species is more important than the survival of the individual. As IoT computers become cheaper than the postage it costs to mail them, it is no longer necessary to "save" the computer or even "reprogram" it. Throw it away -- or better yet, grind it to dust. (Note to E.E.'s: we need cheap chips which can self-destruct rather than disclose priceless information.) Since it's "turtles all the way down", and since turtles can't be trusted, we need to *build distrust* into all of our systems. We can no longer take a NAND gate at face value & trust that it computes correctly. Yes, the vast majority of faulty NAND gates will be due to the usual manufacturing defects, but some will be due to *faulty design*, and some will be due to *malicious behavior* on the part of some criminal or state (but I might be repeating myself). We now build *distributed* power supplies into all of our electronic components, because it's far more robust than attempting to guarantee a sufficiently smooth source of power from the higher-level subsystem. We didn't do this out of a lack of trust in power supplies, but perhaps we should attribute "distributed" to "distrustful". We now build *error correcting codes* into nearly every subsystem, because 1) it's relatively cheap; and 2) because the cost of attempting to debug every single type of signal propagation error is prohibitive. We may not have considered trust when incorporating ECC, but nowadays we might seriously consider using SHA256 instead of (or in addition to) traditional ECC. For all of these reasons, we need to build distributed *distrust* into every component. Another inspiration from biology: embrace randomness. We've gone to every conceivable effort to eliminate randomness from our electronic systems, yet every IoT device *requires* randomness in order to properly generate the random crypto *keys* it will need in order to communicate with other components *securely*. Furthermore, this exquisite *cleanliness* of component power supplies and signals means that it is almost trivial to snoop on these subsystems to determine when they are computing with crypto keys and then to extract those keys. There has got to be a new type of computer design in which the randomness is not only not extinguished, but embraced, so that computations are inherently far more random (and hence can't be easily snooped), and randomness for crypto keys is trivially available. I don't have the solutions, but I'm afraid that we've only been looking near the lampposts where the light is the brightest. We need to move away from the lampposts & look further afield. ------------------------------ Date: Mon, 17 Nov 2014 11:11:11 -0800 From: RISKS-request () csl sri com Subject: Abridged info on RISKS (comp.risks) The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is comp.risks, the feed for which is donated by panix.com as of June 2011. => SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) if possible and convenient for you. The mailman Web interface can be used directly to subscribe and unsubscribe: http://mls.csl.sri.com/mailman/listinfo/risks Alternatively, to subscribe or unsubscribe via e-mail to mailman your FROM: address, send a message to risks-request () csl sri com containing only the one-word text subscribe or unsubscribe. You may also specify a different receiving address: subscribe address= ... . You may short-circuit that process by sending directly to either risks-subscribe () csl sri com or risks-unsubscribe () csl sri com depending on which action is to be taken. Subscription and unsubscription requests require that you reply to a confirmation message sent to the subscribing mail address. Instructions are included in the confirmation message. Each issue of RISKS that you receive contains information on how to post, unsubscribe, etc. => The complete INFO file (submissions, default disclaimers, archive sites, copyright policy, etc.) is online. <http://www.CSL.sri.com/risksinfo.html> *** Contributors are assumed to have read the full info file for guidelines. => .UK users may contact <Lindsay.Marshall () newcastle ac uk>. => SPAM challenge-responses will not be honored. Instead, use an alternative address from which you NEVER send mail! => SUBMISSIONS: to risks () CSL sri com with meaningful SUBJECT: line. *** NOTE: Including the string `notsp' at the beginning or end of the subject *** line will be very helpful in separating real contributions from spam. *** This attention-string may change, so watch this space now and then. => ARCHIVES: ftp://ftp.sri.com/risks for current volume or ftp://ftp.sri.com/VL/risks for previous VoLume http://www.risks.org takes you to Lindsay Marshall's searchable archive at newcastle: http://catless.ncl.ac.uk/Risks/VL.IS.html gets you VoLume, ISsue. Lindsay has also added to the Newcastle catless site a palmtop version of the most recent RISKS issue and a WAP version that works for many but not all telephones: http://catless.ncl.ac.uk/w/r <http://the.wiretapped.net/security/info/textfiles/risks-digest/> . ==> PGN's historical Illustrative Risks summary of one liners: <http://www.csl.sri.com/illustrative.html> for browsing, <http://www.csl.sri.com/illustrative.pdf> or .ps for printing is no longer maintained up-to-date except for recent election problems. *** NOTE: If a cited URL fails, we do not try to update them. Try browsing on the keywords in the subject line or cited article leads. ==> Special Offer to Join ACM for readers of the ACM RISKS Forum: <http://www.acm.org/joinacm1> ------------------------------ End of RISKS-FORUM Digest 29.35 ************************
Current thread:
- Risks Digest 29.35 RISKS List Owner (Mar 16)