Welcome home, fellow Gator.

The Gator Nation's oldest and most active insider community
Join today!

Risks Digest

Discussion in 'Gator Bytes' started by LakeGator, Apr 25, 2015.

  1. LakeGator

    LakeGator Mostly Harmless Moderator

    4,747
    518
    368
    Apr 3, 2007
    Tampa
    Risks Digest 32.11

    RISKS List Owner

    Jul 16, 2020 8:54 PM

    Posted in group: comp.risks

    RISKS-LIST: Risks-Forum Digest Thursday 16 July 2020 Volume 32 : Issue 11

    ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
    Peter G. Neumann, founder and still moderator

    ***** See last item for further information, disclaimers, caveats, etc. *****
    This issue is archived at <The RISKS Digest> as
    <The RISKS Digest, Volume 32 Issue 11>
    The current issue can also be found at
    <http://www.csl.sri.com/users/risko/risks.txt>

    Contents:
    High-profile Twitter accounts hacked (Sundry sources)
    Russian Hackers Trying to Steal Coronavirus Vaccine Research
    Intelligence Agencies Say (NYTimes)
    Iranian Spies Accidentally Leaked Videos of Themselves Hacking (WiReD)
    NOAA storm-spotting app was suspended after being overrun with
    false and hateful reports (WashPost)
    An invisible hand: Patients aren't being told about the AI systems
    advising their care (StatNews)
    CJEU rejects EU-US Privacy Shield (EAID-Berlin)
    EU court rules U.S. servers not private enough for its citizens' data
    (WashPost)
    When tax prep is free, you may be paying with your privacy (WashPost)
    Re: Why Some Birds Are Likely To Hit Buildings (Keith Medcalf)
    Re: 24-Year-Old Australian Man Spent $2 Million After a Bank Glitch
    (Martin Ward)
    Abridged info on RISKS (comp.risks)

    ----------------------------------------------------------------------

    Date: Wed, 15 Jul 2020 15:10:24 -0700
    From: Paul Saffo <pa...@saffo.com>
    Subject: High-profile Twitter accounts hacked (Sundry sources)

    Biden, Gates, Musk: Bitcoin scam breaches some of world's most prominent Twitter accounts

    The Twitter accounts of Barack Obama, Jeff Bezos, Joe Biden, Elon Musk and
    many other high-profile people and companies became pawns Wednesday in one
    of the most visible cyberscams in the Internet's history.

    Suspected bitcoin scammers grabbed control of accounts belonging to the rich
    and famous, as well as lower-profile accounts, for more than two hours
    during the afternoon and tricked at least a few hundred people into
    transferring the cryptocurrency.

    A tweet typical of the attack sent from the account of Bill Gates, the
    software mogul who is the world's second-wealthiest person, promised to
    double all payments sent to his Bitcoin address for the next 30 minutes.

    ``Everyone is asking me to give back, and now is the time. You send $1,000,
    I send you back $2,000.''

    Similar tweets appeared on the accounts of rapper Kanye West, investor
    Warren Buffett and corporations including Apple, Wendy's, Uber and the money
    transfer app Cash.

    Twitter said it was looking into the attack.

    ``We are aware of a security incident impacting accounts on Twitter. We are
    investigating and taking steps to fix it. We will update everyone shortly,''
    the company said in a tweet.

    [See also
    A Brazen Online Attack Targets V.I.P. Twitter Users in a Bitcoin Scam
    Twitter lost control of its internal systems to Bitcoin-scamming hackers
    A Twitter insider was responsible for a wave of high profile account
    takeovers on Wednesday, according to leaked screenshots obtained by
    Motherboard and two sources who took over accounts. [...]
    Hackers Convinced Twitter Employee to Help Them Hijack Accounts
    After a wave of account takeovers, screenshots of an internal Twitter user
    administration tool are being shared in the hacking underground:.
    Hackers Convinced Twitter Employee to Help Them Hijack Accounts
    ]

    [Assume everything can be hacked -- and most easily by insiders.
    Perhaps the only sane policy is this: Always say/write what you believe
    to be true, because everyone may be listening or someone may hack into
    it. And damn the torpedos. The truth will out, even if it may take a
    long time. PGN]

    [Lauren Weinstein also noted (with no URL):
    Twitter shutdown of verified accounts blocked NWS from issuing tornado
    warnings. PGN]

    ------------------------------

    Date: Thu, 16 Jul 2020 15:44:54 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: Russian Hackers Trying to Steal Coronavirus Vaccine Research,
    Intelligence Agencies Say

    The hackers have been targeting British, Canadian and American organizations researching vaccines using spear-phishing and malware.

    Russia Is Trying to Steal Virus Vaccine Data, Western Nations Say

    ------------------------------

    Date: Thu, 16 Jul 2020 08:32:32 -0700
    From: Lauren Weinstein <lau...@vortex.com>
    Subject: Iranian Spies Accidentally Leaked Videos of Themselves Hacking
    (WiReD)

    Iranian Spies Accidentally Leaked Videos of Themselves Hacking

    ------------------------------

    Date: Tue, 14 Jul 2020 21:20:17 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: NOAA storm-spotting app was suspended after being overrun with
    false and hateful reports (WashPost)

    The NOAA's "mPING" application was compromised, sending false severe weather data to forecasters and the public.

    https://www.washingtonpost.com/weather/2020/07/14/noaa-app-mping-suspended/

    ------------------------------

    Date: July 16, 2020 at 22:08:12 GMT+9
    From: Richard Forno <rfo...@infowarrior.org>
    Subject: An invisible hand: Patients aren't being told about the AI systems
    advising their care (StatNews)

    Rebecca Robbins and Erin Brodwin, 15 Jul 2020, via Dave Farber

    Since February of last year, tens of thousands of patients hospitalized at
    one of Minnesota's largest health systems have had their discharge planning
    decisions informed with help from an artificial intelligence model. But few
    if any of those patients has any idea about the AI involved in their care.

    That's because frontline clinicians at M Health Fairview generally don't
    mention the AI whirring behind the scenes in their conversations with
    patients.

    At a growing number of prominent hospitals and clinics around the country,
    clinicians are turning to AI-powered decision support tools -- many of them
    unproven -- to help predict whether hospitalized patients are likely to
    develop complications or deteriorate, whether they're at risk of
    readmission, and whether they're likely to die soon. But these patients and
    their family members are often not informed about or asked to consent to the
    use of these tools in their care, a STAT examination has found.

    The result: Machines that are completely invisible to patients are
    increasingly guiding decision-making in the clinic.

    Hospitals and clinicians ``Care operating under the assumption that you do
    not disclose, and that's not really something that has been defended or
    really thought about,'' Harvard Law School professor Glenn Cohen said. Cohen
    is the author of one of only a few articles examining the issue, which has
    received surprisingly scant attention in the medical literature even as
    research about AI and machine learning proliferates.

    https://www.statnews.com/2020/07/15/artificial-intelligence-patient-conse-hospitals/

    ------------------------------

    Date: Thu, 16 Jul 2020 16:01:25 +0100
    From: Martyn Thomas <mar...@72f.org>
    Subject: CJEU rejects EU-US Privacy Shield (EAID-Berlin)

    European Academy for Freedom of Information and Data Protection

    If you are baffled by the penultimate sentence, replace "wear" by "carry".
    (with thanks to Judith Rauhofer for the explanation that "tragen" in German
    has both meanings).

    [Conversely, the German language used to uses "Sicherheit" for both
    security and safety. Perhaps that has changed with the use of
    Cyber/Kyber/...? PGN]

    ------------------------------

    Date: Thu, 16 Jul 2020 18:32:51 +0900
    From: far...@gmail.com
    Subject: EU court rules U.S. servers not private enough for its citizens'
    data (WashPost)

    https://www.washingtonpost.com/worl...c0fe06-c736-11ea-a825-8722004e4150_story.html

    ------------------------------

    Date: Wed, 15 Jul 2020 09:47:57 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: When tax prep is free, you may be paying with your privacy
    (WashPost)

    *Free* tax software is not all created equal. Some want to upsell you.
    Others want the data in your tax return.

    https://www.washingtonpost.com/tech...-is-free-you-may-be-paying-with-your-privacy/

    ------------------------------

    Date: Tue, 14 Jul 2020 21:46:33 -0600
    From: "Keith Medcalf" <kmed...@dessus.com>
    Subject: Re: Why Some Birds Are Likely To Hit Buildings (Scientific American)

    While this may be entertaining, I would point out that it is unlikely that
    the bird was responsible for the collision. I would suggest that the more
    realistic situation is that the bird was just flying along minding its own
    business when a bloody big fat and fast moving airplane that was not
    watching where it was going ran into the poor bird.

    Calling it a "bird strike" is ridiculous. The bird did not strike the
    aeroplane, the aeroplane ran down the bird. And then the aeroplane and its
    operator carried on away from the scene of the mishap -- in actual fact the
    aeroplane pilot committed a hit and run.

    I suppose we should also call pedestrian collisions with automobiles
    "pedestrian strikes" and blame it on the pedestrian deliberately striking
    the automobiles. It would certainly put an end to a lot of issues if we did
    this.

    ------------------------------

    Date: Wed, 15 Jul 2020 15:05:01 +0100
    From: Martin Ward <mar...@gkc.org.uk>
    Subject: Re: 24-Year-Old Australian Man Spent $2 Million After a Bank
    Glitch (RISKS-32.09)

    Given that the court ruled that the overdraft was perfectly legal, and Milky
    therefore had a legal right to spend the money, it may well have been the
    *bank* that acted illegally in confiscated Milky's belongings. So, writing
    off the rest of his debt and hoping that he wouldn't go after them is the
    best that they can do, under the circumstances.

    ------------------------------

    Date: Mon, 1 Jun 2020 11:11:11 -0800
    From: RISKS-...@csl.sri.com
    Subject: Abridged info on RISKS (comp.risks)

    The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
    comp.risks, the feed for which is donated by panix.com as of June 2011.
    => SUBSCRIPTIONS: The mailman Web interface can be used directly to
    subscribe and unsubscribe:
    http://mls.csl.sri.com/mailman/listinfo/risks

    => SUBMISSIONS: to ri...@CSL.sri.com with meaningful SUBJECT: line that
    includes the string `notsp'. Otherwise your message may not be read.
    *** This attention-string has never changed, but might if spammers use it.
    => SPAM challenge-responses will not be honored. Instead, use an alternative
    address from which you never send mail where the address becomes public!
    => The complete INFO file (submissions, default disclaimers, archive sites,
    copyright policy, etc.) is online.
    <http://www.CSL.sri.com/risksinfo.html>
    *** Contributors are assumed to have read the full info file for guidelines!

    => OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
    searchable html archive at newcastle:
    http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
    Also, ftp://ftp.sri.com/risks for the current volume
    or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
    If none of those work for you, the most recent issue is always at
    http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-32.00
    ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
    *** NOTE: If a cited URL fails, we do not try to update them. Try
    browsing on the keywords in the subject line or cited article leads.
    Apologies for what Office365 and SafeLinks may have done to URLs.
    ==> Special Offer to Join ACM for readers of the ACM RISKS Forum:
    <http://www.acm.org/joinacm1>

    ------------------------------

    End of RISKS-FORUM Digest 32.11
    ************************
     
  2. LakeGator

    LakeGator Mostly Harmless Moderator

    4,747
    518
    368
    Apr 3, 2007
    Tampa
    Risks Digest 32.12

    RISKS List Owner

    Jul 20, 2020 4:50 PM

    Posted in group: comp.risks

    RISKS-LIST: Risks-Forum Digest Monday 20 July 2020 Volume 32 : Issue 12

    ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
    Peter G. Neumann, founder and still moderator

    ***** See last item for further information, disclaimers, caveats, etc. *****
    This issue is archived at <The RISKS Digest> as
    <The RISKS Digest, Volume 32 Issue 12>
    The current issue can also be found at
    <http://www.csl.sri.com/users/risko/risks.txt>

    Contents:
    `Friendliest,' not fittest, is key to evolutionary survival, scientists
    argue in their new book (The Hour)
    Russian group targeted COVID-19 vaccine research in Canada, U.S. and UK, say
    intelligence agencies (CBC)
    Cloudflare DNS goes down, taking a large piece of the Internet with it
    (TechCrunch)
    Boeing's future is cloudy as it tries to restore credibility (WashPost)
    Seven 'no log' VPN providers accused of leaking -- yup, you guessed it --
    1.2TB of user logs onto the Internet (The Register)
    Outlook Woes: I have no email and I must scream (Computerworld)
    The Anatomy of a Cisco Counterfeit Shows Its Dangerous Potential (WiReD)
    Bottleneck for U.S. Coronavirus Response: The Fax Machine (NYTimes)
    The Role of Cognitive Dissonance in the Pandemic (The Atlantic)
    Machine Learning (MIT Tech Review)
    Re: The Dark Secret at the Heart of AI (Matthew Kruk)
    Re: An invisible hand: Patients aren't being told about the AI
    systems advising their care (Amos Shapir)
    Re: When tax prep is free, you may be paying with your privacy (Amos Shapir,
    Chris Drewe)
    Re: Why Some Birds Are Likely To Hit Buildings (Richard Stein,
    Craig S. Cottingham)
    Abridged info on RISKS (comp.risks)

    ----------------------------------------------------------------------

    Date: Mon, 20 Jul 2020 08:41:10 -1000
    From: geoff goodfellow <ge...@iconia.com>
    Subject: `Friendliest,' not fittest, is key to evolutionary survival,
    scientists argue in their new book (The Hour)

    British naturalist Charles Darwin got it right, but maybe we got Darwin
    wrong.

    Most people assume that Darwin was talking about physical strength when
    referring to *survival of the fittest*, meaning that a tougher, more
    resilient species always will win out over its weaker counterparts. But
    what if he didn't mean that at all?

    Scientists Brian Hare and Vanessa Woods, both researchers at Duke
    University's Center for Cognitive Neuroscience, believe something else has
    been at work among species that have thrived throughout history,
    successfully reproducing to sustain themselves, and it has nothing to do
    with beating up the competition.

    Their new book, Survival of the Friendliest: Understanding Our Origins and
    Rediscovering Our Common Humanity <https://amzn.to/30tOgez>, posits that
    friendly partnerships among species and shared humanity have worked
    throughout centuries to ensure successful evolution. Species endure --
    humans, other animals and plants - they write, based on friendliness,
    partnership and communication. And they point to many life examples of
    cooperation and sociability to prove it.

    ``Survival of fittest, which is what everyone has in mind as evolution and
    natural selection, has done the most harm of any folk theory that has
    penetrated society,'' Hare says. ``People think of it as strong alpha males
    who deserve to win. That's not what Darwin suggested, or what has been
    demonstrated. The most successful strategy in life is friendliness and
    cooperation, and we see it again and again.''

    ``Dogs are exhibit A. They are the extremely friendly descendants of
    wolves. They were attracted to humans and became friendly to humans, and
    changed their behavior, appearance and developmental makeup. Sadly, their
    close relative, the wolf, is threatened and endangered in the few places
    where they live, whereas there are hundreds of millions of dogs. Dogs were
    the population of wolves that decided to rely on humans - rather than
    hunting - and that population won big.''

    In nature, for example, flowering plants attract animals to spread their
    pollen, forming a partnership that benefits both. ``The plants provide food
    and energy, while the animals provide transportation for the pollen,'' Hare
    says. [...]

    'Friendliest,' not fittest, is key to evolutionary survival, scientists argue in their new book

    [Tom Van Vleck suggests Darwin's statement is a tautology: the fittest
    are by definition the ones that survive! PGN]

    ------------------------------

    Date: Thu, 16 Jul 2020 19:06:09 -0600
    From: "Matthew Kruk" <mkr...@gmail.com>
    Subject: Russian group targeted COVID-19 vaccine research in Canada,
    U.S. and UK, say intelligence agencies (CBC)

    A hacker group *almost certainly* backed by Russia is trying to steal
    COVID-19-related vaccine research in Canada, the U.K. and the U.S.,
    according to intelligence agencies in all three countries.

    The Communications Security Establishment (CSE), responsible for Canada's
    foreign signals intelligence, said APT29 - also known as Cozy Bear and the
    Dukes - is behind the malicious activity.

    The group was accused of hacking the Democratic National Committee before
    the 2016 U.S. election.

    Russian group targeted COVID-19 vaccine research in Canada, U.S. and U.K., say intelligence agencies | CBC News

    [See also Julian E. Barnes, *The New York Times*, 17 July 2020,
    Hackers sought data from companies trying to eradicate coronavirus
    PGN]

    ------------------------------

    Date: Fri, 17 Jul 2020 15:13:13 -0700
    From: Lauren Weinstein <lau...@vortex.com>
    Subject: Cloudflare DNS goes down, taking a large piece of the Internet with
    it (TechCrunch)

    Cloudflare outage takes down Discord, Shopify, Politico and others – TechCrunch

    ------------------------------

    Date: Sun, 19 Jul 2020 18:24:52 -0400
    From: Gabe Goldberg <ga...@gabegold.com>
    Subject: Boeing's future is cloudy as it tries to restore credibility
    (WashPost)

    Boeing is also scrambling to prove it can fly astronauts safely to low Earth
    orbit. In December, a test flight of its Starliner spacecraft without any
    astronauts onboard ran into trouble as soon as it reached orbit. A software
    problem reminiscent of the issues with the 737 Max made the spacecraft think
    it was at a different point in the mission. As engineers moved to fix that
    problem, they uncovered another that could have caused the service module to
    collide with the crew module when they separated in flight. They were able
    to quickly send up a software fix to that problem so that the two modules
    separated cleanly.

    The problems prevented the spacecraft from docking with the International
    Space Station, and Boeing had to bring the spacecraft home after just two
    days.

    Since then, NASA and Boeing launched an investigation, and Boeing said it
    has better integrated its hardware and software teams, and has taken a hard
    look at its culture and processes. It's also reviewed all 1 million lines of
    code in the spacecraft ``resulting in increased robustness of flight
    software,'' the company said in a statement to The Post. [...]

    Nearly a decade after winning the Air Force contract to build a fleet of
    KC-46 Pegasus aerial refueling tankers, Boeing's assembly lines outside of
    Seattle have been busy. The company has delivered 34 of the planes so far.

    But the military has said it won't be able to use them for most missions
    until at least 2023 because of persistent technical flaws.

    The plane's boom, the long tube through which fuel is transferred, isn't
    flexible enough to safely link up with smaller jets. And the Defense
    Department's testing office has determined that the complex camera system
    that guides the boom into place isn't accurate enough. The Air Force also
    has repeatedly found trash, wrenches and other debris scattered inside newly
    delivered jets.

    The Washington Post

    ------------------------------

    Date: Sat, 18 Jul 2020 08:20:36 -0700
    From: Lauren Weinstein <lau...@vortex.com>
    Subject: Seven 'no log' VPN providers accused of leaking -- yup, you guessed
    it -- 1.2TB of user logs onto the Internet (The Register)

    Seven 'no log' VPN providers accused of leaking – yup, you guessed it – 1.2TB of user logs onto the internet

    [Gabe Goldberg noted this as well: VPN with 'strict no-logs policy'
    exposed millions of user log files including account passwords
    VPN with 'strict no-logs policy' exposed millions of user log files including account passwords
    PGN]

    ------------------------------

    Date: Sun, 19 Jul 2020 15:32:35 -0400
    From: Gabe Goldberg <ga...@gabegold.com>
    Subject: Outlook Woes: I have no email and I must scream (Computerworld)

    It turns out someone in Microsoft's quality assurance team (There is one,
    RIGHT!?) didn't bother to test the newest edition of Outlook with the latest
    version of Windows. I mean why would you want to check that e-mail, an
    application almost no one uses today, actually works with your main
    operating system??

    The truth is there was never anything wrong with your PST files. Somehow,
    the combination of the newest versions of Outlook and Windows led to a total
    failure. The fix required you to manually edit your registry – always a fun
    job for a user who's miles away from the closest tech support staff.

    Outlook Woes: I have no email and I must scream

    ------------------------------

    Date: Sun, 19 Jul 2020 15:39:10 -0400
    From: Gabe Goldberg <ga...@gabegold.com>
    Subject: The Anatomy of a Cisco Counterfeit Shows Its Dangerous Potential
    (WiReD)

    By tearing down bootleg network switches, researchers found ample
    opportunity for malice -- but no signs of a backdoor this time.

    The Anatomy of a Cisco Counterfeit Shows Its Dangerous Potential

    ------------------------------

    Date: Sat, 18 Jul 2020 10:32:02 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: Bottleneck for U.S. Coronavirus Response: The Fax Machine (NYTimes)

    Before public health officials can manage the pandemic, they must deal with
    a broken data system that sends incomplete results in formats they can't
    easily use.

    Bottleneck for U.S. Coronavirus Response: The Fax Machine

    ------------------------------

    Date: Sat, 18 Jul 2020 12:52:48 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: The Role of Cognitive Dissonance in the Pandemic (The Atlantic)

    The minute we make any decision —- I think COVID-19 is serious; no, I'm sure
    it is a hoax -- we begin to justify the wisdom of our choice and find
    reasons to dismiss the alternative.

    The Role of Cognitive Dissonance in the Pandemic

    ------------------------------

    Date: Thu, 16 Jul 2020 18:02:25 PDT
    From: "Peter G. Neumann" <neu...@csl.sri.com>
    Subject: Machine Learning (MIT Tech Review)

    Machine learning is a black box. That makes it a double-edged sword?

    The Dark Secret at the Heart of AI

    ------------------------------

    Date: Sun, 19 Jul 2020 13:04:26 -0600
    From: "Matthew Kruk" <mkr...@gmail.com>
    Subject: Re: The Dark Secret at the Heart of AI (RISKS-32.11)

    In 2016, a strange self-driving car was released onto the quiet roads of
    Monmouth County, New Jersey. The experimental vehicle, developed by
    researchers at the chip maker Nvidia, didn't look different from other
    autonomous cars, but it was unlike anything demonstrated by Google, Tesla,
    or General Motors, and it showed the rising power of artificial
    intelligence. The car didn't follow a single instruction provided by an
    engineer or programmer. Instead, it relied entirely on an algorithm that
    had taught itself to drive by watching a human do it.

    The Dark Secret at the Heart of AI

    ------------------------------

    Date: Sun, 19 Jul 2020 11:04:29 +0300
    From: Amos Shapir <amo...@gmail.com>
    Subject: Re: An invisible hand: Patients aren't being told about the AI
    systems advising their care (RISKS-32.11)

    A somewhat apocryphal story I've heard (but now cannot verify), at the time
    when AI systems were just making their first steps in the world:

    A graduate student was tasked with generating an AI system to distinguish
    between benign and malignant cells in microscope images, for research at a
    local hospital. The hospital gave him a pile of images, and an oncologist
    doctor to help him decipher them.

    So they sat down, and the doctor started to go over the images, stating
    ``this is malignant, this is not, this is malignant...'' The student had to
    stop her ``but can you please explain a bit more about how you make the
    distinction?'' She looked at him sternly and said ``Look, young man; I've
    been doing this for 30 years now, and when I say it's malignant, it's
    malignant!.''

    I hope AI systems had improved since then!

    [AI has actually improved, but the over-hyping has not? PGN]

    ------------------------------

    Date: Sun, 19 Jul 2020 11:06:57 +0300
    From: Amos Shapir <amo...@gmail.com>
    Subject: Re: When tax prep is free, you may be paying with your privacy
    (RISKS-32.11)

    It seems that the old principle is still valid: ``If you're not paying,
    you're not the customer, you're the merchandise.''

    ------------------------------

    Date: Sun, 19 Jul 2020 18:10:02 +0100
    From: Chris Drewe <e76...@yahoo.co.uk>
    Subject: Re: When tax prep is free, you may be paying with your privacy
    (RISKS-32.11)

    No such thing as a free lunch, as the saying goes. This has been the case
    for many other topics over the years; just from my memory:

    * Since I was a kid, garages have been offering ``have a free safety check
    on your car from us'', which makes cynics wonder how the 'free' offer is
    paid for.

    * Not sure if this is still the case, but in the UK banks often used to
    provide travel insurance as one of the benefits of holding an account,
    either 'free' or with a modest additional payment. Reportedly the problem
    is that this will likely be a minimum-cost generic policy which may not
    actually meet your needs and/or may have unexpected limitations,
    e.g. 'hazardous activities', which could be anything. If you've actually
    paid for your insurance, you're more likely to get what you wanted.

    * Historically, buying a house in the UK was strictly controlled; mortgages
    were generally only obtainable from building societies (non-profit
    organisations run like credit unions) and only proper lawyers could do
    conveyancing (handling the sale contract and title deed documents). In
    the early 1980s these controls were relaxed so loads of financial
    organisations now offer mortgages. As it happened, a work colleague was
    buying his first house at the time, and a common offer was ``if you get
    your mortgage from us we'll give you free conveyancing,'' but as he said,
    if you are paying for the lawyer yourself, you know who he/she is working
    for.

    * Businesses offering maintenance and repair work may offer fixed-price
    jobs, which appear to have the attraction of avoiding any nasty surprises
    with the bill, but I have a feeling that unexpected costs may be against
    your interests and in favour of the business, in the sense that the
    business will try to do the work as cheaply as possible as this is to
    their benefit, while they may be less inclined to put in any extra effort
    to deal with unexpected difficulties.

    ------------------------------

    Date: Fri, 17 Jul 2020 18:33:28 +0800
    From: Richard Stein <rms...@ieee.org>
    Subject: Re: Why Some Birds Are Likely To Hit Buildings (RISKS-32.11)

    The *bird strike* term labels a cruel and unfortunate incident in use since
    1988 per Bird strike - Wikipedia.

    The FAA's wildlife strike reporting mechanism was a serendipitous discovery
    via web search query for *bird strike* while composing.

    I was surprised to learn of the reporting system's existence, and supposed a
    simple calculation of incident rate would inform the flying public.

    ------------------------------

    Date: Fri, 17 Jul 2020 08:14:49 -0500
    From: "Craig S. Cottingham" <cr...@cottingham.net>
    Subject: Re: Why Some Birds Are Likely To Hit Buildings (RISKS-32.11)

    While I assume that the correspondent's tongue is planted in their cheek, I
    would like to point out that according to maritime rules of the road (and I
    would guess that aviation rules are similar), the more maneuverable craft is
    supposed to give way to the less maneuverable craft should their courses
    intersect. If I, operating a personal watercraft such as what is
    colloquially referred to as a *jet ski*, were mowed down by a Panamax-class
    container ship under the command of the correspondent, the latter would
    likely not be held responsible, as I should have given way to the bloody big
    fat and fast moving other vessel.

    (Removing *my* tongue from my cheek at this point.)

    ------------------------------

    Date: Mon, 1 Jun 2020 11:11:11 -0800
    From: RISKS-...@csl.sri.com
    Subject: Abridged info on RISKS (comp.risks)

    The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
    comp.risks, the feed for which is donated by panix.com as of June 2011.
    => SUBSCRIPTIONS: The mailman Web interface can be used directly to
    subscribe and unsubscribe:
    RISKS Info Page

    => SUBMISSIONS: to ri...@CSL.sri.com with meaningful SUBJECT: line that
    includes the string `notsp'. Otherwise your message may not be read.
    *** This attention-string has never changed, but might if spammers use it.
    => SPAM challenge-responses will not be honored. Instead, use an alternative
    address from which you never send mail where the address becomes public!
    => The complete INFO file (submissions, default disclaimers, archive sites,
    copyright policy, etc.) is online.
    <riskinfo.html>
    *** Contributors are assumed to have read the full info file for guidelines!

    => OFFICIAL ARCHIVES: The RISKS Digest takes you to Lindsay Marshall's
    searchable html archive at newcastle:
    The RISKS Digest --> VoLume, ISsue.
    Also, ftp://ftp.sri.com/risks for the current volume
    or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
    If none of those work for you, the most recent issue is always at
    http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-32.00
    ALTERNATIVE ARCHIVES: The RISKS Forum Mailing List (only since mid-2001)
    *** NOTE: If a cited URL fails, we do not try to update them. Try
    browsing on the keywords in the subject line or cited article leads.
    Apologies for what Office365 and SafeLinks may have done to URLs.
    ==> Special Offer to Join ACM for readers of the ACM RISKS Forum:
    <Join ACM>

    ------------------------------

    End of RISKS-FORUM Digest 32.12
    ************************
     
    Last edited by a moderator: Jul 21, 2020
  3. LakeGator

    LakeGator Mostly Harmless Moderator

    4,747
    518
    368
    Apr 3, 2007
    Tampa
    Risks Digest 32.13

    RISKS List Owner

    Jul 23, 2020 7:18 PM

    Posted in group: comp.risks

    RISKS-LIST: Risks-Forum Digest Thursday 23 July 2020 Volume 32 : Issue 13

    ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
    Peter G. Neumann, founder and still moderator

    ***** See last item for further information, disclaimers, caveats, etc. *****
    This issue is archived at <The RISKS Digest> as
    <The RISKS Digest, Volume 32 Issue 13>
    The current issue can also be found at
    <http://www.csl.sri.com/users/risko/risks.txt>

    Contents:
    Russia report reveals UK government failed to investigate Kremlin (WashPost)
    Iranian state hackers caught with their pants down in intercepted videos
    (Ars Technica)
    Crooks have acquired proprietary Diebold software to jackpot ATMs
    (Ars Technica)
    Major new climate study rules out less-severe global warming scenarios (MSN)
    Is it time to reassess our relationship with nature? (BBC)
    European Public Sphere Towards Digital Sovereignty for Europe (ACATech)
    How Berkshire Hathaway May Have Been Snookered in Germany (NYTimes)
    Ongoing Meow attack has nuked >1,000 databases without telling anyone why
    (Ars Technica)
    Corporate giants shut down Trump texting program (Politico)
    Thieves Are Emptying ATMs Using a New Form of Jackpotting (WIRED)
    AT&T tells customers to change their phones or they won't work anymore
    (Android Police)
    CBP does end run around warrants, simply buys license plate-reader data
    (Ars Technica)
    Wattpad warns of data breach that stole user info (CBC-CA)
    There's a reason your inbox has more malicious spam -- Emotet is back
    (Ars Technica)
    Hackers use recycled backdoor to keep a hold on hacked e-commerce server
    (Ars Technica)
    Uber helping public health officials contact-trace riders and drivers for
    Covid-19 (Forbes)
    Banks' unique pandemic problem: Now everyone is wearing a mask (WashPost)
    The Spanish government prepares to implement facial recognition tech
    (Voz Populi)
    Phone carriers that profit from robocalls could have all calls blocked (FCC)
    CBP does end run around warrants, simply buys license-plate reader data
    (Ars Technica)
    Hackers Tell the Story of the Twitter Attack From the Inside (NYTimes)
    Re: When tax prep is free, you may be paying with your privacy
    (David E. Ross, Pete Resiak)
    Re: Boeing's future is cloudy as it tries to restore credibility
    (Martin Ward, Gabe Goldberg, Martin Ward)
    Re: Darwin's tautology? (John Harper)
    Abridged info on RISKS (comp.risks)

    ----------------------------------------------------------------------

    Date: Tue, 21 Jul 2020 8:09:49 PDT
    From: "Peter G. Neumann" <neu...@csl.sri.com>
    Subject: Russia report reveals UK government failed to investigate Kremlin
    interference (Dan Sabbagh]

    [I had more or less assumed this, but this is certainly damning. PGN]

    Dan Sabbagh, The Guardian, 21 Jul 2020

    Russia report reveals UK government failed to investigate Kremlin
    interference.
    <Russia report reveals UK government failed to investigate Kremlin interference>

    British government and British intelligence failed to prepare or conduct any
    proper assessment of Kremlin attempts to interfere with the 2016 Brexit
    referendum, according to the long-delayed Russia report.
    <Brexit | The Guardian>

    The damning conclusion is contained within the 50-page document from
    parliament's intelligence and security committee, which said ministers ``had
    not seen or sought evidence of successful interference in UK democratic
    processes''.

    The committee, which scrutinises the work of Britain's spy agencies, said:
    ``We have not been provided with any post-referendum assessment of Russian
    attempts at interference'' -- and contrasted the response with that of the
    US. [...] This situation is in stark contrast to the US handling of
    allegations of Russian interference in the 2016 presidential election, where
    an intelligence community assessment was produced within two months of the
    vote, with an unclassified summary being made public.''

    Committee members said they could not definitively conclude whether the
    Kremlin had or had not successfully interfered in the Brexit vote because no
    effort had been made to find out. ``Even if the conclusion of any such
    assessment were that there was minimal interference, this would nonetheless
    represent a helpful reassurance to the public that the UK's democratic
    processes had remained relatively safe,'' the report added.

    The cross-party committee noted that publicly available studies have pointed
    to ``the preponderance of pro-Brexit or anti-EU stories'' on the Russia
    Today and Sputnik TV channels at the time of the vote and ``the use of
    `bots' and `trolls' on Twitter, as evidence of Russian attempt to influence
    the process.

    Committee members complained that when they asked for written evidence from
    MI5 at the start of their inquiry, the domestic spy agency ``initially
    provided just six lines of text'' prompting criticism from the committee.

    It accused MI5 of operating with ``extreme caution'' and said its ``attitude
    is illogical'' because the issue at hand was ``the protection of the process
    and mechanism from hostile state interference, which should fall to our
    intelligence and security agencies''.

    The keenly anticipated document was completed last October, but was sat on
    by Boris Johnson before the general election and only declassified and
    cleared for release by the prime minister in December.

    It could not be released until No 10 had nominated Conservative members to
    the committee, although its nominee for chair Chris Grayling was ambushed by
    opposition members who voted instead for Julian Lewis.

    Downing Street is expected to publish its own response shortly.

    ------------------------------

    Date: Wed, 22 Jul 2020 08:35:48 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: Iranian state hackers caught with their pants down in intercepted
    videos (Ars Technica)

    IBM researchers steal 40GB of data from group targeting presidential campaigns.

    Iranian state hackers caught with their pants down in intercepted videos

    ------------------------------

    Date: Wed, 22 Jul 2020 08:27:56 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: Crooks have acquired proprietary Diebold software to jackpot ATMs
    (Ars Technica)

    ATM maker is investigating the use of its software in black boxes used by
    thieves.

    Crooks have acquired proprietary Diebold software to “jackpot” ATMs

    ------------------------------

    Date: Wed, 22 Jul 2020 14:39:06 -1000
    From: geoff goodfellow <ge...@iconia.com>
    Subject: Major new climate study rules out less-severe global warming
    scenarios (MSN)

    The current pace of human-caused carbon emissions is increasingly likely to
    trigger irreversible damage to the planet, according to a comprehensive
    international *study*
    <Error - Cookies Turned Off>
    released Wednesday. Researchers studying one of the most important and
    vexing topics in climate science -- how sensitive the Earth's climate is to
    a doubling of the amount of carbon dioxide in the atmosphere -- found that
    warming is extremely unlikely to be on the low end of estimates.

    These scientists now say it is likely that if human activities -- such as
    burning oil, gas and coal along with deforestation -- push carbon dioxide
    to such levels, the Earth's global average temperature will most likely
    increase between 4.1 to 8.1 degrees Fahrenheit (2.3 and 4.5 degrees
    Celsius). The previous and long-standing estimated range of climate
    sensitivity, as first laid out in a 1979 report, was 2.7 to 8.1 degrees
    Fahrenheit (1.5 to 4.5 Celsius).

    If the warming reaches the midpoint of this new range, it would be extremely
    damaging, said Kate Marvel, a physicist at NASA's Goddard Institute of Space
    Studies and Columbia University, who called it the equivalent of a
    *five-alarm fire* for the planet. [...]
    https://www.washingtonpost.com/weather/2020/07/22/climate-sensitivity-co2/

    Major new climate study rules out less severe global warming scenarios

    ------------------------------

    Date: Wed, 22 Jul 2020 14:40:05 -1000
    From: geoff goodfellow <ge...@iconia.com>
    Subject: Is it time to reassess our relationship with nature? (BBC)

    *Western societies tend to see nature and humanity as separate. But are
    there other ways of relating to the natural world?* [...]
    Is it time to reassess our relationship with nature? - BBC Ideas

    ------------------------------

    Date: Thu, 23 Jul 2020 08:02:59 +0900
    From: Dave Farber <far...@gmail.com>
    Subject: European Public Sphere Towards Digital Sovereignty for Europe
    (ACATech)

    https://www.acatech.de/wp-content/uploads/2020/07/aca_IMP_EPS_en_WEB_FINAL.pdf

    Executive Summary

    Europe can strengthen its digital sovereignty by creating a sovereign
    European digital ecosystem that is democratically accountable to its
    citizens. A digital ecosystem that observes European values such as
    transparency, openness and privacy protection, even in its technical design,
    can create a digital public sphere that offers fair terms of access and use,
    strengthens the public debate and safeguards the plurality that forms a key
    part of Europe's identity. This sphere would be open to everyone, both
    within Europe and beyond -- the key to Europe's digital sovereignty lies not
    in isolationism but in the creation of ambitious alternatives.

    The current coronavirus crisis has shone a light not only on how digital technology is increasingly penetrating every area of our lives, but also on just how dependent Europe has become on non-European platform operators. Europe is losing its influence over the digital public sphere at a time when it has taken on a central role in the continent's economic and social life. As well as diminishing Europe's economic competitiveness and thus the prosperity of European society, this poses a particularly serious threat to people's individual freedom and privacy and to Europe's democratic values. The time has come for both the member state and European Union levels to demonstrate the common political will to actively shape a digital public sphere that provides a basis for democratic debate, public opinion-forming and respect for European values, and to develop and establish an open European digital ecosystem that offers a genuine alternative. If incorporated into the special funding!
    measures to overcome the coronavirus crisis, this European Public Sphere (EPS) can also provide a huge opportunity for European companies and start-ups, thereby helping to boost value creation in Europe.

    This paper describes how a European Public Sphere can be established as an alternative European ecosystem, and sets out
    the concrete measures that will be necessary in order to do so. These include:

    * Design of a technology infrastructure for delivering the digital public
    sphere as a public service.

    * Formulation of a technology strategy characterised by modularity,
    interoperability, openness and transparency that enables continuous
    development and a diverse range of business models.

    * Establishment of a governance entity such as a European Digital Agency or
    agency network, together with an alliance of European actors including
    content, service and infrastructure component providers, civil society
    initiatives and research institutions.

    * Government funding coupled with European regulation to kick-start the
    establishment of an open, European digital ecosystem for the development
    and operation of the key technological components and products for a
    digital public sphere.

    * Requirement for all the digital ecosystem's actors to adopt a *values
    by design* approach.

    These measures will enable the establishment of a trusted digital public
    sphere for the citizens of Europe that puts European values first and that
    facilitates cross-border services and a dialogue between people who live in
    different countries and speak different languages.

    Together with key partner France, and in conjunction with the European
    Commission and European Parliament, the Trio Presidency of Germany, Portugal
    and Slovenia can initiate the European Public Sphere as an ambitious,
    pan-European development project. Provided that they receive the necessary
    backing and financial support from government, stakeholders from the private
    sector, culture, civil society and academia are ready to create an
    alternative European digital ecosystem.

    ------------------------------

    Date: Tue, 21 Jul 2020 12:08:48 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: How Berkshire Hathaway May Have Been Snookered in Germany (NYTimes)

    A unit of Warren Buffett's empire paid an inflated price for a pipe maker
    that used fake sales to look profitable, an arbitration panel concluded. The
    firm was close to bankruptcy.

    https://www.nytimes.com/2020/07/01/business/berkshire-hathaway-fraud-germany.html

    ------------------------------

    Date: Thu, 23 Jul 2020 08:36:47 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: Ongoing Meow attack has nuked >1,000 databases without telling
    anyone why (Ars Technica)

    Ongoing attack hitting unsecured data leaves the word "meow" as its calling card.

    https://arstechnica.com/information...bases-have-been-nuked-by-mystery-meow-attack/

    ------------------------------

    Date: Tue, 21 Jul 2020 12:20:47 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: Corporate giants shut down Trump texting program (Politico)

    It took days to resolve anti-spam concerns that halted a 4 July 2020 test
    run, costing Trump donations and raising GOP fears about November.

    https://www.politico.com/news/2020/07/20/trump-massive-texting-program-suspended-372302

    ------------------------------

    Date: Wed, 22 Jul 2020 23:23:28 -0400
    From: Gabe Goldberg <ga...@gabegold.com>
    Subject: Thieves Are Emptying ATMs Using a New Form of Jackpotting (WIRED)

    The new hardware-based attack, which has targeted machines across Europe,
    can yield a stream of cash for the attacker.

    https://www.wired.com/story/thieves-are-emptying-atms-using-a-new-form-of-jackpotting/

    ------------------------------

    Date: Thu, 23 Jul 2020 08:19:21 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: AT&T tells customers to change their phones or they won't work anymore
    (Android Police)

    Even recent unlocked phones like the Galaxy S10e or the Nokia 6.1 are
    affected

    Amid an economy-crushing pandemic, AT&T has decided that now is the best
    time to send a scaremongering email to some customers, telling them that
    their device "is not compatible with the new network and you need to replace
    it to continue receiving service." The email conveniently doesn't explicitly
    mention that this will only affect customers as late as February 2022, only
    linking to that information. [...]

    https://www.androidpolice.com/2020/...hange-their-phones-or-they-wont-work-anymore/

    [Lauren Weinstein commented that AT&T email about phone shutoffs was so
    confusing some users thought it was a scam.
    https://arstechnica.com/information...ut-network-change-in-bid-to-sell-more-phones/
    Also noted by Gabe Goldberg. PGN]

    ------------------------------

    Date: Tue, 21 Jul 2020 23:49:30 -0400
    From: Gabe Goldberg <ga...@gabegold.com>
    Subject: CBP does end run around warrants, simply buys license plate-reader
    data (Ars Technica)

    How does "unreasonable search" work when any agency can buy data from
    anywhere?

    https://arstechnica.com/tech-policy...rrants-simply-buys-license-plate-reader-data/

    ------------------------------

    Date: Tue, 21 Jul 2020 22:37:10 -0600
    From: "Matthew Kruk" <mkr...@gmail.com>
    Subject: Wattpad warns of data breach that stole user info (CBC-CA)

    Wattpad Corp. has provided more details about a breach of user data provided
    to its online storytelling platform. The Toronto-based company has sent out
    a note to users that says hackers may have had access to email addresses,
    birth dates, the gender of members and encrypted passwords.

    It says user stories, private messages, and phone numbers were not part of
    this incident.

    https://www.cbc.ca/news/business/wattpad-data-breach-1.5657724

    ------------------------------

    Date: Wed, 22 Jul 2020 08:30:37 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: There's a reason your inbox has more malicious spam -- Emotet is
    back (Ars Technica)

    After taking a five-month break, the botnet returns with a short burst of
    activity.

    https://arstechnica.com/information...eturns-with-250k-strong-blast-of-toxic-email/

    ------------------------------

    Date: Wed, 22 Jul 2020 08:22:26 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: Hackers use recycled backdoor to keep a hold on hacked e-commerce
    server (Ars Technica)

    Easy-to-miss script can give attackers a new access should they ever be
    booted out.

    https://arstechnica.com/information...or-to-keep-a-hold-on-hacked-ecommerce-server/

    ------------------------------

    Date: Wed, 22 Jul 2020 01:55:32 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: Uber helping public health officials contact-trace riders and
    drivers for Covid-19 (Forbes)

    Uber said Monday that it had established a service to give public health
    officials access to data within hours on riders and drivers who are presumed
    to have come in contact with someone infected with Covid-19, helping to fill
    in a gap in the coronavirus response of the U.S., which does not have a
    federal contact tracing program.

    https://www.forbes.com/sites/elanag...riders-and-drivers-for-covid-19/#a067c957b07e

    ------------------------------

    Date: Thu, 23 Jul 2020 09:47:00 +0800
    From: Richard Stein <rms...@ieee.org>
    Subject: Banks' unique pandemic problem: Now everyone is wearing a mask
    (WashPost)

    https://www.washingtonpost.com/business/2020/07/22/face-mask-banks/

    "There have already been 'recent reports of face-covering-related robberies
    at bank branches...make clear that broadly applicable face mask requirements
    are not safe or sustainable on a permanent basis.'"

    A new bank visitation protocol to deter the criminally inept:

    a) Remove face mask for a photograph to gain unobstructed bank entry.
    Assumes one does not wear a 2nd disguise.
    b) If undeterred, pass the "Abt natural, I have a gub" note (per Woody
    Allen's "Take the Money and Run") to the teller.

    ------------------------------

    Date: Wed, 22 Jul 2020 14:43:12 -0400
    From: =?iso-8859-1?Q?Jos=E9_Mar=EDa?= Mateos <ch...@rinzewind.org>
    Subject: The Spanish government prepares to implement facial recognition tech
    (Voz Populi)

    Original article:
    https://www.vozpopuli.com/economia-...to-facial-causas-pendientes_0_1375363234.html.

    Automatic translation:
    https://translate.google.com/transl...to-facial-causas-pendientes_0_1375363234.html

    > The Ministry of the Interior wants a solution based on facial recognition
    > to be installed in large sporting or cultural shows football matches,
    > concerts ... that allows detecting people with pending cases with the
    > Justice.

    ------------------------------

    Date: Wed, 22 Jul 2020 08:33:31 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: Phone carriers that profit from robocalls could have all calls
    blocked (FCC)

    Safe harbor lets phone companies block all calls from bad-actor telecoms.

    https://arstechnica.com/tech-policy...-from-robocalls-could-have-all-calls-blocked/

    ------------------------------

    Date: Wed, 22 Jul 2020 08:32:29 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: CBP does end run around warrants, simply buys license-plate
    reader data (Ars Technica)

    How does "unreasonable search" work when any agency can buy data from
    anywhere?

    US Customs and Border Protection can track everyone's cars all over the
    country thanks to massive troves of automated license plate scanner data, a
    new report reveals -- and CBP didn't need to get a single warrant to do it.
    Instead, the agency did just what hundreds of other businesses and
    investigators do: straight-up purchase access to commercial databases.

    CBP has been buying access to commercial automated license plate-reader
    (ALPR) databases since 2017, TechCrunch reports, and the agency says bluntly
    that there's no real way for any American to avoid having their movements
    tracked. [...]

    https://arstechnica.com/tech-policy...rrants-simply-buys-license-plate-reader-data/

    ------------------------------

    Date: Thu, 23 Jul 2020 16:03:37 -0400
    From: Gabe Goldberg <ga...@gabegold.com>
    Subject: Hackers Tell the Story of the Twitter Attack From the Inside
    (NYTimes)

    [Re: High-profile Twitter accounts hacked (RISKS-32.11)]

    Several people involved in the events that took down Twitter this week spoke
    with *The Times*, giving the first account of what happened as a pursuit of
    Bitcoin spun out of control.

    OAKLAND, Calif. A Twitter hacking scheme that targeted political, corporate
    and cultural elites this week began with a teasing message between two
    hackers late Tuesday on the online messaging platform Discord.

    ``yoo bro,'' wrote a user named Kirk, according to a screenshot of the
    conversation shared with The New York Times. ``i work at twitter / don't
    show this to anyone / seriously.''

    He then demonstrated that he could take control of valuable Twitter accounts
    -- the sort of thing that would require insider access to the company's
    computer network.

    https://www.nytimes.com/2020/07/17/technology/twitter-hackers-interview.html

    ------------------------------

    Date: Mon, 20 Jul 2020 17:11:46 -0700
    From: "David E. Ross" <da...@rossde.com>
    Subject: Re: When tax prep is free, you may be paying with your privacy,
    (RISKS-32.11)

    For several years now, I have been an unpaid AARP (American Association of
    Retired Persons) volunteer doing U.S. and California income tax returns.
    Our clients do not pay for the service. Their returns are filed
    electronically over encrypted Internet connections. Even before the returns
    are filed, we print paper copies of their returns at the time of service for
    them to take home.

    We retain NO client data when we do taxes, not one piece of paper brought by
    a client or generated by our volunteers. If a client forgets to take all
    paper, we contact that client to return to the facility to collect it.
    Otherwise, the paper is shredded.

    We ask our clients whether they want to be contacted by AARP regarding other
    services, but we do not urge them to say "yes". We ask our clients whether
    they want their tax returns made available electronically to other AARP
    locations the following year to simplify data entry, but we do not urge them
    to say "yes". We ask our clients whether they want their tax returns made
    available electronically to other authorized free services authorized by the
    Internal Revenue Service the following year, but we do not urge them to say
    "yes".

    Overall, the AARP Tax-Aide service operates with strict rules protecting the
    client's data. Using those data for any purpose other than completing a tax
    return is prohibited.

    On top of all that, the state of California's Franchise Tax Board has a Web
    site where taxpayers can enter their own data and file their returns
    electronically for free. California has very stringent laws protecting the
    privacy of its residents. The state is not in the business of selling
    personal data.

    ------------------------------

    Date: Tue, 21 Jul 2020 10:22:25 +0300
    From: Amos Shapir <amo...@gmail.com>
    Subhect: Re: The Dark Secret at the Heart of AI (RISKS-32.12)

    > "it relied entirely on an algorithm that had taught itself to drive by
    > watching a human do it."

    Does this mean that it learned about traffic lights, "Red = stop, Green =
    go, Yellow == charge forward at top speed to catch it before it turns red"?

    ------------------------------

    Date: Tue, 21 Jul 2020 17:13:00 +0200
    From: Pete <d...@resiak.org>
    Subject: Re: When tax prep is free, you may be paying with your privacy
    (RISKS-32.11)

    > It seems that the old principle is still valid: ``If you're not paying,
    > you're not the customer, you're the merchandise.''

    The canton of Zurich provides free tax preparation software for private
    persons: you can do it online, with access to your previous tax records, or
    you can download the software and do it offline on your own computer --
    Windows, Mac, or Linux. There the software can pick up and use last year's
    data if you've kept it; and you generate PDF to print and mail the completed
    tax forms.

    The name of the software is "Private Tax". It works, and it saves time and
    money for the tax office as well as for individual taxpayers. I have a hard
    time thinking of any down side to this.

    ------------------------------

    Date: Tue, 21 Jul 2020 17:43:05 +0100
    From: Martin Ward <mar...@gkc.org.uk>
    Subject: Re: Boeing's future is cloudy as it tries to restore credibility
    (WashPost)

    > It's also reviewed all 1 million lines of code in the spacecraft
    > ``resulting in increased robustness of flight software''

    That sounds reassuring, but is actually rather worrying. Boeing found
    problems with their software, then uncovered another problem when fixing the
    first. So they reviewed all 1 million lines of code which resulted in
    "increased robustness".

    If the review had not found any further problems then the result would have
    been "increased confidence". "Increased robustness" on the other hand meant
    that *even more* problems were found!

    As any software engineer knows, anyone who says "I have just fixed the last
    bug" is wrong.

    ------------------------------

    Date: Tue, 21 Jul 2020 13:47:35 -0400
    From: Gabe Goldberg <ga...@gabegold.com>
    Subject: Re: Boeing's future is cloudy as it tries to restore credibility
    (Ward, RISKS-32.12)

    Right. Also, what does "reviewed" mean? And by whom?

    Original developer(s)? People see what they want/expect to see. (That's
    surely true trying to edit my own writing).

    And if they don't like what they see -- they "fix" it? How many times are
    new problems introduced when fixing (maybe) old ones?

    Combine that with being rushed through the million lines. As you say, it's
    not reassuring.

    ------------------------------

    Date: Tue, 21 Jul 2020 22:02:29 +0100
    From: Martin Ward <mar...@gkc.org.uk>
    Subject: Re: Boeing's future is cloudy as it tries to restore credibility
    (Goldberg, RISKS-32.13)

    Probably junior programmers get this boring grunt work: senior programmers
    get to do more interesting jobs, like writing new code!

    I think it was IBM's OS/360 operating system that, after release,
    consistently had several thousand bug fixes per month. There are two
    possible explanations for this phenomena:

    (1) The software contained an infinite number of bugs

    (2) Each month the programmers fixed 2,000 bugs and in the process
    introduced another 2,000 bugs.

    ------------------------------

    Date: Tue, 21 Jul 2020 10:00:42 +1200 (NZST)
    From: John Harper <har...@msor.vuw.ac.nz>
    Subject: Re: Darwin's tautology? (RISKS-32.12)

    Tautologies often need to be pointed out. Mathematics textbooks from
    Euclid's Elements onward are full of them, but millions still buy them
    because they are useful.

    ------------------------------

    Date: Mon, 1 Jun 2020 11:11:11 -0800
    From: RISKS-...@csl.sri.com
    Subject: Abridged info on RISKS (comp.risks)

    The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
    comp.risks, the feed for which is donated by panix.com as of June 2011.
    => SUBSCRIPTIONS: The mailman Web interface can be used directly to
    subscribe and unsubscribe:
    http://mls.csl.sri.com/mailman/listinfo/risks

    => SUBMISSIONS: to ri...@CSL.sri.com with meaningful SUBJECT: line that
    includes the string `notsp'. Otherwise your message may not be read.
    *** This attention-string has never changed, but might if spammers use it.
    => SPAM challenge-responses will not be honored. Instead, use an alternative
    address from which you never send mail where the address becomes public!
    => The complete INFO file (submissions, default disclaimers, archive sites,
    copyright policy, etc.) is online.
    <http://www.CSL.sri.com/risksinfo.html>
    *** Contributors are assumed to have read the full info file for guidelines!

    => OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
    searchable html archive at newcastle:
    http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
    Also, ftp://ftp.sri.com/risks for the current volume
    or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
    If none of those work for you, the most recent issue is always at
    http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-32.00
    ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
    *** NOTE: If a cited URL fails, we do not try to update them. Try
    browsing on the keywords in the subject line or cited article leads.
    Apologies for what Office365 and SafeLinks may have done to URLs.
    ==> Special Offer to Join ACM for readers of the ACM RISKS Forum:
    <http://www.acm.org/joinacm1>

    ------------------------------

    End of RISKS-FORUM Digest 32.13
    ************************
     
  4. LakeGator

    LakeGator Mostly Harmless Moderator

    4,747
    518
    368
    Apr 3, 2007
    Tampa
    Risks Digest 32.14

    RISKS List Owner

    Jul 26, 2020 7:58 PM

    Posted in group: comp.risks

    RISKS-LIST: Risks-Forum Digest Sunday 26 July 2020 Volume 32 : Issue 14

    ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
    Peter G. Neumann, founder and still moderator

    ***** See last item for further information, disclaimers, caveats, etc. *****
    This issue is archived at <The RISKS Digest> as
    <The RISKS Digest, Volume 32 Issue 14>
    The current issue can also be found at
    <http://www.csl.sri.com/users/risko/risks.txt>

    Contents:
    Anatomy of an Election `Meltdown' in Georgia (NYTimes)
    Intel's Stunning Failure Heralds End of Era for U.S. Chip Sector (Bloomberg)
    Russia's GRU hackers hit U.S. government and energy targets (Ars Technica)
    Unsolicited Chinese seeds? (Washington State Dept of Agriculture)
    Homeland in Portland? No, USAF. (The Intercept)
    Finally there's a handbook on voting (Kimberly Wehle)
    Conflict Over a Rental Car Leads to Elusive ATM Skimming Suspect (NYTimes)
    Letting Your Insurer Ride Shotgun, for a Discounted Rate (NYTimes)
    The three worst things about email, and how to fix them (WashPost)
    PDF signatures useless (ZDNet)
    Google is aware of 'w5' Wi-Fi failures on some Nest thermostats and
    providing replacements (Android Police)
    Re: Boeing's future is cloudy as it tries to restore credibility
    (Joseph Gwinn)
    Re: European Public Sphere Towards Digital Sovereignty for Europe
    (Drew Dean)
    Abridged info on RISKS (comp.risks)

    ----------------------------------------------------------------------

    Date: Sun, 26 Jul 2020 12:44:01 -0700
    From: Peter Neumann <neu...@csl.sri.com>
    Subject: Anatomy of an Election `Meltdown' in Georgia (NYTimes)

    .. Was the Result of Cascade of Failures
    Danny Hakim, Reid J. Epstein, and Stephanie Saul
    *The New York Times*, 26 July 2020
    National Edition front page continued in pp.22-23.

    Stuggles to get the new high-text voting system working, failures to detect
    check marks instead of 'X', a huge management problem, barrage of partisan
    blame-throwing, Reps blame Fulton County (Atlanta, Dems), Dems blame just
    another Rep effort to disenfranchizes Dems, problems still unresolved six
    weeks later, with no signs of any improvements for November. "It has become
    increasingly clear that what happened in June was a collective collapse.''
    [Seriously PGN-ed, but the entire article is really scary and ominous.]

    ------------------------------

    Date: Sat, 25 Jul 2020 17:36:53 +0900
    From: David Farber <far...@keio.jp>
    Subject: Intel's Stunning Failure Heralds End of Era for U.S. Chip Sector
    (Bloomberg)

    Intel ‘Stunning Failure’ Heralds End of Era for U.S. Chip Sector

    ------------------------------

    Date: Sat, 25 Jul 2020 09:59:08 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: Russia's GRU hackers hit U.S. government and energy targets
    (Ars Technica)

    Russia's GRU military intelligence agency has carried out many of the most
    aggressive acts of hacking in history: destructive worms, blackouts, and --
    closest to home for Americans -- broad hacking-and-leaking operation
    designed to influence the outcome of the 2016 U.S. presidential
    election. Now it appears the GRU has been hitting U.S. networks again, in a
    series of previously unreported intrusions that targeted organizations
    ranging from government agencies to critical infrastructure.

    Russia’s GRU hackers hit US government and energy targets

    Russia's GRU Hackers Hit US Government and Energy Targets

    ------------------------------

    Date: Sat, 25 Jul 2020 15:37:40 -0700
    From: Paul Saffo <pa...@saffo.com>
    Subject: Unsolicited Chinese seeds? (Washington State Dept of Agriculture)

    This from Facebook. Anyone know the background? Any guesses what this is
    about? Cover for drug deals? There don't seem to be any explanations on the
    web.

    People are receiving an unsolicited package of seeds from China in the mail


    Washington State Department of Agriculture, with Stephanie Marshall and 14
    others.

    Today we received reports of people receiving seeds in the mail from China
    that they did not order. The seeds are sent in packages usually stating
    that the contents are jewelry. Unsolicited seeds could be invasive,
    introduce diseases to local plants, or be harmful to livestock.

    Here's what to do if you receive unsolicited seeds from another country:

    1) DO NOT plant them and if they are in sealed packaging (as in the photo
    below) don't open the sealed package.

    2) This is known as agricultural smuggling. Report it to USDA and maintain
    the seeds and packaging until USDA instructs you what to do with the
    packages and seeds. They may be needed as evidence.

    https://www.aphis.usda.gov/=E2=80=A6/impor=E2=80=A6/sa_sitc/ct_antismuggling

    [APHIS = Animal and Plant Health Inspection Service. I don't find the
    item on the aphis site. Maybe this is the symbiosis between the Chinese
    A(u)nts and the Aphi(d)s? PGN]

    ------------------------------

    Date: Sat, 25 Jul 2020 15:36:57 -0700
    From: Paul Saffo <pa...@saffo.com>
    Subject: Homeland in Portland? No, USAF. (The Intercept)

    The Air Force Spy Plane Over Portland

    ------------------------------

    Date: Sat, 25 Jul 2020 14:23:46 -0400
    From: David Lesher <wb8...@8es.com>
    Subject: Finally there's a handbook on voting (Kimberly Wehle)

    [In need of VV education? DL]

    <https://www.washingtonpost.com/opinions/2020/06/19/finally-theres-handbook-voting/>

    Kim Wehle: Congress needs to appropriate money to the states every year
    exclusively for elections. The last serious influx of federal funding for
    equipment occurred in 2002. How many of us are using computers or flip
    phones from 18 years ago? I would like to see modern encryption technology
    brought to bear on voting so that, just like we conduct private and
    sensitive bank transactions on our phones, we vote on our phones safely and
    securely. This would address much of the fraud and the suppression concerns
    from both sides of the aisle.

    [Disclosure: She is not a RISKS reader. PGN]

    ------------------------------

    Date: Fri, 24 Jul 2020 23:31:37 -0400
    From: Gabe Goldberg <ga...@gabegold.com>
    Subject: Conflict Over a Rental Car Leads to Elusive ATM Skimming Suspect
    (NYTimes)

    https://www.nytimes.com/2020/07/17/business/credit-card-skimmer-arrest-alaska.html

    The risks? Greed, hubris, patterns, personality...

    ------------------------------

    Date: Sat, 25 Jul 2020 19:06:43 -0400
    From: Gabe Goldberg <ga...@gabegold.com>
    Subject: Letting Your Insurer Ride Shotgun, for a Discounted Rate (NYTimes)

    Most big car insurers offer apps that monitor your driving, and one start-up
    requires it. The trade-off in privacy is a premium that could be
    substantially cheaper for safe drivers.

    https://www.nytimes.com/2020/07/16/business/car-insurance-app-discounts.html

    Same old, same old: except here you're the product *and* the customer.

    ------------------------------

    Date: Sat, 25 Jul 2020 10:33:33 +0800
    From: Richard Stein <rms...@ieee.org>
    Subject: The three worst things about email, and how to fix them (WashPost)

    https://www.washingtonpost.com/technology/2020/07/21/gmail-alternative-hey

    The inconveniences of convenience.

    "Problem 1: Anybody can email you. And they do." True. Email account content
    can resemble a litter box. Delivery, while not 100%, surpasses snail mail
    speed and cost-effectiveness. Caveat emptor for anything that is
    free. Without authenticated credential provenance, via a nationalized (or
    global) identity, authorization, and maintenance mechanism, random and
    arbitrary recipient address email transmission is no-go.

    "Problem 2: Important stuff gets lost." True. Check your SPAM folder for
    important content mischaracterized by the latest attempt to automatically
    pick fly poop from a pepper pile. Filters are like rocket science: they
    intimidate the unskilled and uninitiated discouraging use.

    "Problem 3: Your email isn't really private." True. Corporate email service
    provider terms of service (aka, privacy policies) routinely authorize
    collection, exploitation, followed by the unfortunate involuntary breach
    (via hack or negligence) of said collected or transmitted email content.

    The privacy policy entitles the service to potentially gain from the content
    (if there's anything of value or merit) in exchange for convenient and free
    public access.

    Some entities (government security agencies specifically) might find
    interest in the names/email addresses of dissidents -- see the recent
    Twitter hack of Geert Wilders.
    https://www.washingtonpost.com/worl...79af96-ccd2-11ea-99b0-8426e26d203b_story.html.

    That "Hey" may partially mitigate these foundational email features to suit
    certain clientele (or their investors) does not diminish technological risk
    exposure.

    ------------------------------

    Date: Sat, 25 Jul 2020 14:13:58 +0930
    From: William Brodie-Tyrrell <william.br...@gmail.com>
    Subject: PDF signatures useless (ZDNet)

    It turns out that PDF cryptographic signatures do not protect the entire
    contents or visual appearance of the file. Which makes them utterly
    pointless.

    https://www.zdnet.com/google-amp/ar...eplace-content-in-digitally-signed-pdf-files/

    ------------------------------

    Date: Sat, 25 Jul 2020 09:48:23 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: Google is aware of 'w5' Wi-Fi failures on some Nest thermostats
    and providing replacements (Android Police)

    If troubleshooting doesn't work, it's a known issue and you can get a
    replacement

    https://www.androidpolice.com/2020/...-nest-thermostats-and-providing-replacements/

    ------------------------------

    Date: Sat, 25 Jul 2020 16:50:15 -0400
    From: Joseph Gwinn <joeg...@comcast.net>
    Subject: Re: Boeing's future is cloudy as it tries to restore credibility
    (Ward, RISKS-32.13)

    > Probably junior programmers get this boring grunt work: senior programmers
    > get to do more interesting jobs, like writing new code! [...]

    Ahh, no. This was the customer tolerance level, to which IBM managed. As I
    recall, IBM alternated fixup releases (nothing new add, so more stable) and
    improvement releases (sorta beta test).

    ------------------------------

    Date: Sat, 25 Jul 2020 20:51:10 -0700
    From: Drew Dean <drew...@gmail.com>
    Subject: Re: European Public Sphere Towards Digital Sovereignty for Europe
    (ACATech, RISKS-32.13)

    I think there's an unmentioned risk: that of an EU boondoggle. :)

    ------------------------------

    Date: Mon, 1 Jun 2020 11:11:11 -0800
    From: RISKS-...@csl.sri.com
    Subject: Abridged info on RISKS (comp.risks)

    The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
    comp.risks, the feed for which is donated by panix.com as of June 2011.
    => SUBSCRIPTIONS: The mailman Web interface can be used directly to
    subscribe and unsubscribe:
    http://mls.csl.sri.com/mailman/listinfo/risks

    => SUBMISSIONS: to ri...@CSL.sri.com with meaningful SUBJECT: line that
    includes the string `notsp'. Otherwise your message may not be read.
    *** This attention-string has never changed, but might if spammers use it.
    => SPAM challenge-responses will not be honored. Instead, use an alternative
    address from which you never send mail where the address becomes public!
    => The complete INFO file (submissions, default disclaimers, archive sites,
    copyright policy, etc.) is online.
    <http://www.CSL.sri.com/risksinfo.html>
    *** Contributors are assumed to have read the full info file for guidelines!

    => OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
    searchable html archive at newcastle:
    http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
    Also, ftp://ftp.sri.com/risks for the current volume
    or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
    If none of those work for you, the most recent issue is always at
    http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-32.00
    ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
    *** NOTE: If a cited URL fails, we do not try to update them. Try
    browsing on the keywords in the subject line or cited article leads.
    Apologies for what Office365 and SafeLinks may have done to URLs.
    ==> Special Offer to Join ACM for readers of the ACM RISKS Forum:
    <http://www.acm.org/joinacm1>

    ------------------------------

    End of RISKS-FORUM Digest 32.14
    ************************
     
  5. LakeGator

    LakeGator Mostly Harmless Moderator

    4,747
    518
    368
    Apr 3, 2007
    Tampa
    Risks Digest 32.15

    RISKS List Owner

    Jul 28, 2020 3:36 PM

    Posted in group: comp.risks

    RISKS-LIST: Risks-Forum Digest Tuesday 28 July 2020 Volume 32 : Issue 15

    ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
    Peter G. Neumann, founder and still moderator

    ***** See last item for further information, disclaimers, caveats, etc. *****
    This issue is archived at <The RISKS Digest> as
    <The RISKS Digest, Volume 32 Issue 15>
    The current issue can also be found at
    <http://www.csl.sri.com/users/risko/risks.txt>

    Contents:
    EncroChat (ZDNet)
    China's Huawei holds a 5G trump card (Reuters)
    Elon and Jeff are brilliant! Surely *they* can solve our broadband issues.
    (Amitel)
    Why Scientists Stored "The Wizard of Oz" in DNA (Popular Mechanics)
    Coronavirus misinformation goes wild again (NYTimes Tech)
    The dishonest reporting on the riots is breathtaking. The crisis in our
    media deepens... (Twitter)
    NIST study finds that masks defeat most facial recognition algorithms
    Only those with plastic visors were infected: Swiss government warns
    against face shields (TheLocal.ch)
    Long-Lost Computation Dissertation of Unix Pioneer Dennis Ritchie
    (Rebecca Mercuri via PGN)
    PDF signatures *worse than* useless (Anthony Thorn)
    Re: Darwin's tautology? (Martin Ward)
    Re: The three worst things about email (Dmitri Maziuk)
    Re: Unsolicited Chinese seeds? (Devon McCormick)
    Abridged info on RISKS (comp.risks)

    ----------------------------------------------------------------------

    Date: Mon, 27 Jul 2020 16:54:54 -0700
    From: Peter Neumann <neu...@csl.sri.com>
    Subject: EncroChat (ZDNet)

    Law enforcement in the United Kingdom has touted the takedown of encrypted
    communications platform EncroChat as its "biggest ever" operation, so far
    resulting in the arrest of 746 individuals, the seizing of 54 million pounds
    in cash, 77 firearms, and over two tons of drugs.

    EncroChat was one of the largest providers of encrypted communications and
    offered a secure mobile-phone instant-messaging service. Its sole use was
    for coordinating and planning the distribution of illicit commodities, money
    laundering, and plotting to kill rival criminals, the UK's National Crime
    Agency said.

    Police take down encrypted criminal chat platform EncroChat | ZDNet

    ------------------------------

    Date: July 28, 2020 at 08:16:44 GMT+9
    From: geoff goodfellow <ge...@iconia.com>
    Subject: China's Huawei holds a 5G trump card (Reuters)

    Huawei is not so easy for Western countries to rip out. The Chinese
    telecommunications-equipment giant founded by Ren Zhengfei owns a huge trove
    of next-generation wireless patents. As a global standard for 5G emerges,
    Huawei technology may become essential to carriers.

    For years, the Shenzhen-based company has dominated the mobile
    infrastructure market, outselling rivals Nokia and Ericsson by offering
    cheaper alternatives. But U.S. concerns that Huawei equipment could be used
    by Beijing for espionage has gained traction: officials in the UK and France
    are purging their own networks of Chinese-made kit. A similar reaction
    elsewhere will seriously dent a business that generated nearly $43 billion
    in revenue for Huawei last year, roughly a third of the company's
    total.

    Replacing antennas and mast towers is one thing, though. Even if the likes
    of Britain's Vodafone and BT remove all existing Huawei equipment -- a move
    the UK government conservatively estimates will cost 2 billion pounds --
    global carriers will still be dependent on technology from Huawei to roll
    out next generation networks. Research firm IPlytics has found that the
    Chinese outfit owns the most 5G-related patents, and of that, roughly 15% of
    the essential ones.

    Simply put, these are technical specifications global carriers can build to
    in order to ensure different networks are compatible with each other. Having
    one unified standard will be vital for 5G, which is meant to seamlessly link
    up billions of machines, cars, and gadgets around the world. [...]

    Breakingviews - China's Huawei holds a 5G trump card

    ------------------------------

    Date: Mon, 27 Jul 2020 13:14:51 -1000
    From: geoff goodfellow <ge...@iconia.com>
    Subject: Elon and Jeff are brilliant! Surely *they* can solve our broadband
    issues. (Amitel)

    Much has happened since we last visited the wacky world of low-earth orbit
    (LEO) satellite constellations and their use in providing improved broadband
    service to Canada's rural and remote users. This past Tuesday, July 21, all
    of Iqaluit, the capital of the Territory of Nunavut was without
    communication services; no Internet, no landline, no cell service, no cable
    TV -- simply because it was raining! In a first-world country like Canada
    this is unacceptable. We need better broadband service in Canada's North
    NOW.

    There is a rash of breathless newspaper stories in the mainstream media
    touting LEO service as arriving soon to resolve our remote and rural
    broadband issues. I wrote about it before <Elon is not coming to rescue Canada’s remote broadband>,
    that Elon Musk is not coming to save us any time soon. I also wrote about
    the Chapter 11 bankruptcy of the early leader to provide LEO service to the
    Arctic, OneWeb, here <Sat Firm OneWeb Files for Bankruptcy>.
    <Sat Firm OneWeb Files for Bankruptcy> So where do we stand now on July 27, 2020?

    Well on July 10, the U.S. bankruptcy court of the Southern District of New
    York (SDNY) approved a joint $1 billion bid for OneWeb by Britain and Bharti
    Airtel. The UK government and Bharti Global, an arm of Bharti Enterprises,
    which part owns India's Airtel, will each have roughly 45 per cent of
    OneWeb. The existing secured creditors, including SoftBank of Japan,
    OneWeb's former biggest shareholder, will own the balance.

    But the landscape has changed from before OneWeb's descent into Chapter 11
    in the spring. OneWeb's original mission was to *connect the unconnected*;
    ie it wanted to provide broadband service to the millions of people around
    the world that do not have access to the Internet. The UK has invested $500M
    into OneWeb for other strategic reasons, mainly to mitigate the effects of
    Brexit on British industry. I sure hope they realize that it is going to
    cost them more, much more and that $500M was just the table stakes to play
    in the LEO game. [...]

    Elon and Jeff are brilliant ! Surely THEY can solve our broadband issues.

    ------------------------------

    Date: Mon, 27 Jul 2020 13:13:51 -1000
    From: geoff goodfellow <ge...@iconia.com>
    Subject: Why Scientists Stored "The Wizard of Oz" in DNA (Popular Mechanics)

    *DNA Is Millions of Times More Efficient Than Your Computer's Hard Drive*

    - DNA can store far more data than a magnetic hard drive, but the
    technology is limited because the genetic material is prone to errors.
    <External Hard Drives 2020 - 6 Best Hard Drives To Store Anything>

    - Scientists at the University of Texas at Austin have come up with a
    way to store information in strands of DNA, while also correcting those
    errors.
    <Power of DNA to Store Information Gets an Upgrade>

    - To prove it, they've put the entirety of *The Wizard of Oz --
    translated into Esperant -- into strands of DNA, with greater accuracy
    than prior methods.

    When the Voyager spacecrafts launched in 1977, ready to study the outer
    limits of our solar system, they brought with them two golden phonograph
    records that each contained an assemblage of sounds and images meant to
    represent life on Earth. But in the future, the perfect next-gen space
    capsule could be found within our bodies.
    <Voyager 2 | Voyager 2 Location, Speed | What Did Voyager 2 Find>

    That's because DNA is millions of times more efficient at storing data than
    your laptop's magnetic hard drive. Since DNA can store data far more
    densely than silicon, you could squeeze all of the data in the world inside
    just a few grams of it. "Because DNA has been chosen by all of life as the
    information storage medium of choice...it turns out to be very robust," Ilya
    Finkelstein, an associate professor of molecular biosciences at the
    University of Texas at Austin, tells *Popular Mechanics. "*Long after our
    magnetic storage becomes obsolete, nature will still be using DNA."
    <Catalog claims DNA data storage is economically feasible for the first time – Blocks and Files>
    <How To Wipe a Computer | Reset Computer Guide 2019>

    Finkelstein is part of a team at the University of Texas at Austin who are
    pushing the limits on DNA-based storage methods. While this research area at
    the intersection of molecular biology and computer science has been around
    since the 1980s, scientists have struggled to find a way to correct the
    errors that DNA can be so prone to making.

    In a new paper published this week in the journal *Proceedings of the
    National Academy of Sciences*, Finkelstein and company detail their new
    error correction method, which they tested out on a classic novel. They were
    able to store the entirety of *The* *Wizard of Oz*, translated into
    Esperanto, with more accuracy than prior DNA storage methods ever could
    have. We're on the yellow brick road toward the future of data storage.

    A Brief History of DNA Storage. [...]
    What is DNA Storage? | "The Wizard of Oz" Stored In DNA

    ------------------------------

    Date: Tue, 28 Jul 2020 10:19:19 -0700
    From: Peter Neumann <neu...@csl.sri.com>
    Subject: Coronavirus misinformation goes wild again (Shira Ovide)

    Shira Ovide [PGN-excerpted from a piece called `Amazon is Jeff Bezos', *The
    New York Times* online On Tech Newsletter, 28 Jul 2020. Another timely
    item for our coverage of misinformation and truthiness. PGN]]

    Amazon Is Jeff Bezos

    In just a few hours yesterday, another video with false information about
    the coronavirus spread like wildfire on Facebook before the company started
    to stamp it out.

    The video -- which I won't link to here, but you can find on Breitbart News
    -- showed a group of purported doctors touting unproven treatments.

    One of the videos racked up 14 million views in six hours, my colleague
    Kevin Roose tweeted. A few months ago, another video filled with coronavirus
    conspiracies, called *Plandemic* was watched more than eight million times
    on YouTube, Facebook and other spots over multiple days.

    Some of you may be wondering why it's so bad for people to watch a couple of
    videos that go against the consensus of health experts. After all, there's a
    lot about the virus we don't understand.

    The problem is that it's not so easy to correct the record once someone sees
    bogus ideas. We've seen that good information doesn't necessarily undo bad
    information. Doses of falsehoods can make people doubt the recommendations
    of proven health experts -- or even, the validity of elections.

    That's why Facebook, YouTube and other Internet companies, which have
    highlighted coronavirus information from authoritative sources such as the
    Centers for Disease Control and Prevention, have said they also would be
    aggressive about deleting false information related to the virus. (On
    Tuesday, Twitter temporarily limited some functions of the account of Donald
    Trump Jr., one of the president's sons, as punishment for posting the video
    with misleading information.)

    And yet, this latest bogus video went wild, again making me wonder whether
    Facebook and other popular Internet sites are so sprawling that the
    companies can't control even the most high-profile kinds of false
    information.

    ------------------------------

    Date: Mon, 27 Jul 2020 13:11:57 -1000
    From: geoff goodfellow <ge...@iconia.com>
    Subject: The dishonest reporting on the riots is breathtaking. The crisis in
    our media deepens... (Twitter)



    ------------------------------

    Date: Mon, 27 Jul 2020 10:26:12 -0700
    From: Lauren Weinstein <lau...@vortex.com>
    Subject: NIST study finds that masks defeat most facial recognition algorithms
    (VentureBeat)

    NIST study finds that masks defeat most facial recognition algorithms

    [As kids in the 1940s, some of us learned that some masked men were good
    -- e.g, The Lone Ranger!]

    ------------------------------

    Date: Mon, 27 Jul 2020 11:31:08 +0900
    From: far...@keio.jp
    Subject: Only those with plastic visors were infected: Swiss government
    warns against face shields (TheLocal.ch)

    https://www.thelocal.ch/20200715/on...d-swiss-government-warns-against-face-shields

    ------------------------------

    Date: Tue, 28 Jul 2020 14:19:52 -0400
    From: Rebecca Mercuri <not...@mindspring.com>
    Subject: Long-Lost Computation Dissertation of Unix Pioneer Dennis Ritchie

    Great article, especially for Ritchie fans -- check it out!

    The Long-Lost Computation Dissertation of Unix Pioneer Dennis Ritchie – The New Stack

    Poll: Should he have been awarded the Ph.D. posthumously? Yes / No

    [(Please to not submit your vote to RISKS.)
    Back-story: Dennis's thesis was never properly entered into the Harvard
    dissertation archives, because he did not submit a bound copy, although
    his PhD was indeed properly awarded. Risks? Having archaic rules that do
    not adapt to online submission, where today the bound copy would not have
    to be manually torn up in order to be scanned in -- assuming it could
    instead now be submitted online as a pdf! How does one submit a bound
    copy online? Unless the rule has changed, we might presume an online
    might today be optional rather than mandatory? PGN]

    ------------------------------

    Date: Mon, 27 Jul 2020 07:53:50 +0200
    From: Anthony Thorn <anthon...@atss.ch>
    Subject: PDF signatures *worse than* useless (Re: RISKS-32.14)

    Thanks to Mr Brodie-Tyrrell -- and of course the researchers -- for bring
    this to our attention.

    I just want to make a small correction ;-)

    The title should be PDF signatures WORSE THAN useless, because they give the
    appearance of security without providing it, whereas although an unsigned
    PDF has the same "layers" vulnerability, it dose not claim to be authentic.

    ------------------------------

    From: Martin Ward <mar...@gkc.org.uk>
    Date: Tue, 28 Jul 2020 10:56:37 +0100
    Subject: Re: Darwin's tautology? (Harper, RISKS-32.12)

    > Tautologies often need to be pointed out. Mathematics textbooks from
    > Euclid's Elements onward are full of them, but millions still buy them
    > because they are useful.

    There are useful tautologies, such as mathematical theorems, and
    content-free tautologies such as "Brexit means Brexit!". An argument such
    as the following is viciously circular and therefore fallacious: "God exists
    because the Bible says so. The Bible is true because it is the Word of
    God". A similar fallacious argument is: "Miracles don't happen. Therefore,
    any actual report of a miracle must be false. Therefore, there are no true
    reports of miracles. Therefore, miracles don't happen".

    On the other hand, an argument such as the Ontological Argument (for
    example, as formalised by mathematician Kurt Gödel) is a valid argument and
    tells us something useful about God: that if it is possible that God exists,
    then God does in fact necessarily exist. The argument is often criticised
    by saying "The conclusion is implicit in the premises": but this is just a
    property of every valid mathematical argument.

    "Survival of the fittest" is often defined in a way that is viciously
    circular: the "fittest" are defined as "those best fitted to survive" and
    "those best fitted to survive" are determined by looking at survival
    rates. The statement then becomes the content-free assertion "survival of
    those that survived". However, we can define "fittest" in terms of
    heritable characteristics, then the statement becomes "survivors survive,
    reproduce and therefore propagate any heritable characters which have
    affected their survival and reproductive success" which is a meaningful
    statement with a testable hypothesis: that such heritable characteristics
    actually exist.

    ["A rose is a rose is a rose" is arisen. PGN]

    ------------------------------

    Date: Sun, 26 Jul 2020 21:04:17 -0500
    From: dmaziuk <dma...@bmrb.wisc.edu>
    Subject: Re: The three worst things about email (RISKS-32.14)

    This is all very interesting I'm sure, but what does it have to do with
    e-mail?

    The article is using "issues" with 3 major web-based "e-mail providers":
    Microsoft, Google, and Yahoo, as a promo for the new "e-mail provider"
    startup who will get Everything Right(tm).

    It's just a promo piece for something called "Hey", the only risk here is
    someone might believe it has anything to do with RISKS.

    ------------------------------

    Date: Sun, 26 Jul 2020 23:36:11 -0400
    From: Devon McCormick <devo...@gmail.com>
    Subject: Re: Unsolicited Chinese seeds? (RISKS-32.14)

    I received an email like this but in my case, I have actually ordered seeds
    online that came to me from China. Each delivery was in a squarish grey
    non-rip plastic envelope with the contents listed as "stud earrings". The
    whole thing looked very amateurish, from the unlabeled enclosed tiny ziploc
    bag to the return address which was something like "the south side of the
    <something> gate, <some city>..."

    I wonder if this alert is simply the result of mis-delivered seed packages
    that were actually ordered by people. Given the slap-dash appearance of
    what I've received, that does not seem far-fetched.

    ------------------------------

    Date: Mon, 1 Jun 2020 11:11:11 -0800
    From: RISKS-...@csl.sri.com
    Subject: Abridged info on RISKS (comp.risks)

    The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
    comp.risks, the feed for which is donated by panix.com as of June 2011.
    => SUBSCRIPTIONS: The mailman Web interface can be used directly to
    subscribe and unsubscribe:
    RISKS Info Page

    => SUBMISSIONS: to ri...@CSL.sri.com with meaningful SUBJECT: line that
    includes the string `notsp'. Otherwise your message may not be read.
    *** This attention-string has never changed, but might if spammers use it.
    => SPAM challenge-responses will not be honored. Instead, use an alternative
    address from which you never send mail where the address becomes public!
    => The complete INFO file (submissions, default disclaimers, archive sites,
    copyright policy, etc.) is online.
    <riskinfo.html>
    *** Contributors are assumed to have read the full info file for guidelines!

    => OFFICIAL ARCHIVES: The RISKS Digest takes you to Lindsay Marshall's
    searchable html archive at newcastle:
    The RISKS Digest --> VoLume, ISsue.
    Also, ftp://ftp.sri.com/risks for the current volume
    or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
    If none of those work for you, the most recent issue is always at
    http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-32.00
    ALTERNATIVE ARCHIVES: The RISKS Forum Mailing List (only since mid-2001)
    *** NOTE: If a cited URL fails, we do not try to update them. Try
    browsing on the keywords in the subject line or cited article leads.
    Apologies for what Office365 and SafeLinks may have done to URLs.
    ==> Special Offer to Join ACM for readers of the ACM RISKS Forum:
    <http://www.acm.org/joinacm1>

    ------------------------------

    End of RISKS-FORUM Digest 32.15
    ************************
     
    Last edited by a moderator: Jul 29, 2020
  6. LakeGator

    LakeGator Mostly Harmless Moderator

    4,747
    518
    368
    Apr 3, 2007
    Tampa
    Risks Digest 32.16

    RISKS List Owner

    Jul 31, 2020 1:20 AM

    Posted in group: comp.risks

    RISKS-LIST: Risks-Forum Digest Thursday 30 July 2020 Volume 32 : Issue 16

    ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
    Peter G. Neumann, founder and still moderator

    ***** See last item for further information, disclaimers, caveats, etc. *****
    This issue is archived at <The RISKS Digest> as
    <The RISKS Digest, Volume 32 Issue 16>
    The current issue can also be found at
    <http://www.csl.sri.com/users/risko/risks.txt>

    Contents:
    Theoretical Physicists Say 90% Chance of Societal Collapse Within Several
    Decades (VICE)
    The Panopticon Is Already Here: Chinese AI Creating Axis of Autocracy
    (The Atlantic)
    Let a thousand poppies bloom, thanks to cheap solar power (Areu)
    Hackers broke into real news sites to plant fake stories (WiReD)
    How Government Entities Use Geolocation Data To Identify Everyone (Shtfplan)
    Scientists Goofed and Accidentally Created a New Kind of Fish
    (Popular Mechanics)
    Apple's CEO Just Made This Extraordinary Statement About the Company's Most
    Important Product (INC)
    An unprecedented Nintendo leak turns into a moral dilemma for archivists
    (The Verge)
    Hospital lab tests delayed by "Twilight Zone" births (Paul Eggert)
    In Portland, getting out of jail requires relinquishing constitutional
    rights (ProPublica)
    Here's Trump's Plan To Regulate Social Media (Forbes)
    Trump's ... new Postmaster General wants your mail to be late or lost ...
    (NPR)
    America's *Frontlline Doctors*? (Gizmodo)
    Re: When tax prep is free, you may be paying with your privacy (Greg Searle)
    Re: Long-Lost Computation Dissertation of Unix Pioneer Dennis Ritchie
    (Bob Wilson)
    Re: Darwin's tautology? (Henry Baker, Bob Wilson, Martin Ward)
    CFIA investigating mysterious shipments of seeds landing in mailboxes (CBC)
    Abridged info on RISKS (comp.risks)

    ----------------------------------------------------------------------

    Date: Tue, 28 Jul 2020 10:46:20 -1000
    From: geoff goodfellow <ge...@iconia.com>
    Subject: Theoretical Physicists Say 90% Chance of Societal Collapse Within
    Several Decades (VICE)

    *Deforestation and rampant resource use is likely to trigger the
    'irreversible collapse' of human civilization unless we rapidly change
    course.*

    Two theoretical physicists specializing in complex systems conclude that
    global deforestation due to human activities is on track to trigger the
    *irreversible collapse of human civilization within the next two to four
    decades.

    If we continue destroying and degrading the world's forests, Earth will no
    longer be able to sustain a large human population, according to a
    peer-reviewed paper <Deforestation and world population sustainability: a quantitative analysis | Scientific Reports>
    published this May in Nature Scientific Reports. They say that if the rate
    of deforestation continues, ``all the forests would disappear approximately
    in 100 to 3200 years.''

    "Clearly it is unrealistic to imagine that the human society would start to
    be affected by the deforestation only when the last tree would be cut
    down," they write.

    This trajectory would make the collapse of human civilization take place
    much earlier due to the escalating impacts of deforestation on the
    planetary life-support systems necessary for human survival -- including
    carbon storage, oxygen production, soil conservation, water cycle
    regulation, support for natural and human food systems, and homes for
    countless species.

    In the absence of these critical services, ``it is highly unlikely to
    imagine the survival of many species, including ours, on Earth without
    [forests]. The progressive degradation of the environment due to
    deforestation would heavily affect human society and consequently the human
    collapse would start much earlier.''

    The paper is written by Dr Gerardo Aquino, a research associate at the Alan
    Turing Institute in London currently working on political, economic and
    cultural complex system modeling to predict conflicts; along with Professor
    Mauro Bologna of the Department of Electronic Engineering at the University
    of Tarapac=C3=A1 in Chile.

    Both scientists are career physicists. Aquino has previously conducted
    research at the Biological Physics Groups at Imperial College, the Max
    Planck Institute of Complex Systems and the Mathematical Biology group at
    the University of Surrey.

    Their research models current rates of population growth and deforestation
    as a proxy for resource consumption, to calculate the chance of
    civilization avoiding catastrophic collapse.

    Point of no return. [...]
    Theoretical Physicists Say 90% Chance of Societal Collapse Within Several Decades

    ------------------------------

    Date: Thu, 30 Jul 2020 09:22:15 -1000
    From: geoff goodfellow <ge...@iconia.com>
    Subject: The Panopticon Is Already Here: Chinese AI Creating Axis of Autocracy
    (The Atlantic)

    *Xi Jinping is using artificial intelligence to enhance his government's
    totalitarian control -- and he's exporting this technology to regimes around
    the globe.* [...]
    The Panopticon Is Already Here

    ------------------------------

    Date: Wed, 29 Jul 2020 20:43:12 -0700
    From: Henry Baker <hba...@pipeline.com>
    Subject: Let a thousand poppies bloom, thanks to cheap solar power (Areu)

    Oops! Cheap solar power makes Afghan poppy farmers profitable.

    It's nice to see how cheap Chinese solar panels are being used to combat
    global warming, by replacing diesel.

    BTW, a similar-sized solar system installed at my home in California would
    cost $40,000 instead of $4,000 (including the Taliban tax). Perhaps I need
    to bring over some Afghan solar installers to the U.S. ?

    ``farmers began to experiment with solar power as early as 2014, a time when
    many were experiencing losses on their opium crop. By 2018, there were more
    than 50,000 solar deepwells, and projections indicate that there were at
    least 63,000 in 2019.''

    ``This farmer reported paying the equivalent of US$12,200 to install a solar
    deepwell, complaining that the recurrent costs on his diesel deepwell had
    been $1,757 per year for maintenance and diesel.''

    ``Whereas in 2013, all of those interviewed in Bakwa fueled their deepwells
    with diesel and none used solar power, by 2017, 68 percent were using solar,
    and 98 percent of respondents had solar tubewells in 2018.''

    ``For example, when solar was first introduced, farmers used as many as 60
    of the smaller 150 Amp (1.5 metre) panels to power their deepwells. By
    2017, there were signs of much larger panels in use, typically 300 Amp (2.5
    metre). Thirty of these panels generate more power and allow a greater
    amount of water to be pumped, an advantage given the falling water table.''

    ``more recent improvements in technology have also led to integrated
    systems, including the ability to store solar power in batteries, making
    solar a more attractive and reliable energy source than ever before. The
    result is, after an initial outlay of around $5,000 to $7,000 (depending on
    depth and the number of panels), solar technology can be used with very few
    recurrent costs (see Table 2).''

    ``There was consensus of a notable change in the water table since the
    increase in the uptake of solar technology. For example, while farmers
    reported that the water table was falling from one-half to one metre per
    year when diesel was the primary method for pumping ground water, they
    report that the water table fell by as much as two to three metres per year
    in 2018. There was little doubt that the fall in the water table was a
    direct function of the significant uptick in the number of farmers using
    solar technology.''

    https://areu.org.af/wp-content/uploads/2020/06/2010E-When-the-Water-Runs-Dry-WB.pdf.pdf

    ------------------------------

    Date: Thu, 30 Jul 2020 09:56:26 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: Hackers broke into real news sites to plant fake stories (WiReD)

    A disinfo operation broke into the content management systems of Eastern European media outlets in a campaign to spread misinformation about NATO.

    Hackers Broke Into Real News Sites to Plant Fake Stories

    ------------------------------

    Date: Thu, 30 Jul 2020 09:23:16 -1000
    From: geoff goodfellow <ge...@iconia.com>
    Subject: How Government Entities Use Geolocation Data To Identify Everyone
    (Shtfplan)

    How Government Entities Use Geolocation Data To Identify Everyone

    ------------------------------

    Date: Tue, 28 Jul 2020 10:45:20 -1000
    From: geoff goodfellow <ge...@iconia.com>
    Subject: Scientists Goofed and Accidentally Created a New Kind of Fish
    (Popular Mechanics)

    *In an effort to save the Russian sturgeon, scientists accidentally created
    a fish hybrid while breeding the endangered species in captivity.*

    - A new paper <Hybridization of Russian Sturgeon (Acipenser gueldenstaedtii, Brandt and Ratzeberg, 1833) and American Paddlefish (Polyodon spathula, Walbaum 1792) and Evaluation of Their Progeny> in *Genes*
    describes how two different types of fish (sturgeon and paddlefish) bred
    to create hybrid offspring.

    - The creation of these hybrid *sturddlefish* was accidental and occurred
    in a lab in Hungary while researchers were trying to breed Russian
    sturgeons in captivity because the fish is endangered (with some sturgeon
    species being critically endangered.)
    <Sturgeon>

    [Sturdlefish? or Padgeon if it nibbles at morsels? PGN]

    In a wild turn of events, a new kind of fish has been born in a lab
    *entirely by accident*. The sturddlefish is a hybrid between a Russian
    sturgeon (*Acipenser gueldenstaedtii*) and an American paddlefish and came
    into existence by accident. [...]
    https://www.popularmechanics.com/sc...9/scientists-accidentally-create-hybrid-fish/

    ------------------------------

    Date: Thu, 30 Jul 2020 09:25:15 -1000
    From: geoff goodfellow <ge...@iconia.com>
    Subject: Apple's CEO Just Made This Extraordinary Statement About the
    Company's Most Important Product (INC)

    *Is the App Store a product or a feature?*

    The biggest tech news this week is the antitrust hearing before Congress
    that involved the CEOs of four of the largest tech companies in the world,
    Apple, Facebook, Google, and Amazon. I'm generally not someone who thinks
    these hearings do much to advance the cause of, well, anything beyond
    scoring political points.
    <https://www.inc.com/jason-aten/why-...e-to-hold-big-tech-companies-accountable.html>
    <https://www.inc.com/jason-aten/4-th...ou-know-about-privacy-what-you-should-do.html>

    To that end, the format left plenty to be desired, including the fact that
    more than one of the most powerful tech leaders in the world had technical
    difficulties with their Cisco WebEx connection. The hearing even stopped at
    one point to fix a "problem with the connection."
    <https://www.inc.com/jason-aten/worried-about-zoom-here-are-some-alternatives.html>

    There were plenty of bad questions, this being Congress after all. That
    doesn't mean that everyone's motivation was wrong, it's just that for the
    most part, Congress isn't that great at understanding or investigating
    anything related to technology and the Internet.
    <https://www.inc.com/jason-aten/the-...why-there-wont-be-any-winners-if-they-do.html>

    Still, there was one extraordinary statement from Apple's CEO, Tim Cook,
    that's worth a deeper look.

    The first question for Cook was quite pointed, and remarkably simple:
    ``Apple is the sole decision-maker as to whether an app is made available
    through the App Store, isn't that correct?'' Representative Hank Johnson
    from Georgia asked.

    "Sir ... the App Store is a feature of the iPhone much like the camera is,
    and much like the chip is," said Cook before Johnson repeated the same
    question.

    Think about that for a moment. Theater aside, that's the most insightful
    answer I've heard for how Apple views the App Store. I'm not saying it's
    necessarily a good reason, but it certainly sheds light on why Apple exerts
    the level of control that it does, including its review process.

    To Apple, the App Store is a feature. It isn't a platform for developers,
    it's a part of the product Apple sells, just like the camera. According to
    Apple, that justifies the level of control it exerts.

    "Because we care so deeply about privacy and security and quality, we do
    look at every app," said Cook to another of Johnson's questions. [...]
    https://www.inc.com/jason-aten/appl...bout-companys-most-controversial-product.html

    ------------------------------

    Date: Thu, 30 Jul 2020 13:21:52 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: An unprecedented Nintendo leak turns into a moral dilemma for
    archivists (The Verge)

    For the past week, Nintendo fans have resembled digital
    archaeologists. Following a massive leak of source code and other internal
    documents — appropriately dubbed the gigaleak — previously unknown details
    from the company’s biggest games have steadily trickled out. Those poring
    over the code have uncovered a new Animal Crossing villager, early
    prototypes for games like Pokémon Diamond, cut characters from Star Fox, a
    very weird Yoshi, and strange titles like a hockey RPG. Perhaps the biggest
    discovery has been a Luigi character model from Super Mario 64.

    >From a historical and preservationist perspective, the leak is an
    incredible find. It’s a rare look into the process and discarded ideas of
    one of the most influential — and secretive — companies in video games. But
    for those preservationists digging through the data, that excitement is
    tainted by a moral dilemma. The origins of the code leak are still largely
    unknown, but it’s likely that it was obtained illegally. That presents a
    pertinent question: does the source of the leak tarnish all that historians
    can learn from it? [...]

    https://www.theverge.com/2020/7/30/...eak-controversy-history-preservation-archives

    ------------------------------

    Date: Thu, 30 Jul 2020 09:14:38 -0700
    From: Paul Eggert <egg...@cs.ucla.edu>
    Subject: Hospital lab tests delayed by "Twilight Zone" births

    In a paper published today by the Journal of Applied Laboratory Medicine,
    Andrew Lyon and collaborators describe a series of crashes in a hospital lab
    information system that used handheld wireless devices to identify patients
    in the Jim Pattison Children's Hospital, which opened last year in
    Saskatoon, Saskatchewan. JPCH has pediatric and maternal services, and also
    has an emergency room. The SoftID-based system first crashed 19 days after
    installation, and continued to crash roughly every two weeks thereafter. Lab
    staff reverted to paper procedures during crashes.

    To help diagnose the crashes, the hospital's support team sent logs to the
    SoftID developers, who eventually tracked the problem down to elderly
    patients with birthdays like April 13, 1941, a day when most of
    Saskatchewan's clocks sprang forward at midnight due to a daylight-saving
    time transition. A patient with birthday on that date would have their birth
    time default to 00:00, a time that did not exist in Saskatoon because the
    clocks had already been switched to 01:00. The Joda-Time software within
    SoftID used the IANA time zone database to translate times, and crashed
    because the local time was invalid.

    Lyon et al. suggest several takeaways from this software glitch, including:

    * A DST transition can disrupt hospital operations long after the transition.

    * Hospital software and hardware systems should be validated by test-patient
    records with birth dates on daylight-saving transitions.

    My own takeaway for politicians and legislators is:

    * Do not mess with the clock at midnight.

    Lyon AW, Delayen K, Reddekopp R. "No Lab Tests" When You Are Born in The
    Twilight Zone: A Clinical Informatics Case Report [published online ahead of
    print, 2020 Jul 30]. J Appl Lab Med. 2020;jfaa080.
    https://doi.org/10.1093/jalm/jfaa080

    ------------------------------

    Date: Thu, 30 Jul 2020 09:24:16 -1000
    From: the keyboard of geoff goodfellow <ge...@iconia.com>
    Subject: In Portland, getting out of jail requires relinquishing
    constitutional rights (ProPublica)

    *A dozen protesters facing federal charges are barred from going to *public
    gatherings* as a condition of release from jail -- a tactic one expert
    described as ``sort of hilariously unconstitutional.''*

    Federal authorities are using a new tactic in their battle against
    protesters in Portland, Oregon: arrest them on offenses as minor as *failing
    to obey* an order to get off a sidewalk on federal property -- and then tell
    them they can't protest anymore as a condition for release from jail.

    Legal experts describe the move as a blatant violation of the
    constitutional right to free assembly, but at least 12 protesters arrested
    in recent weeks have been specifically barred from attending protests or
    demonstrations as they await trials on federal misdemeanor charges.

    ``Defendant may not attend any other protests, rallies, assemblies or public
    gathering in the state of Oregon,'' states one *Order Setting Conditions of
    Release* for an accused protester, alongside other conditions such as
    appearing for court dates. The orders are signed by federal magistrate
    judges.

    For other defendants, the restricted area is limited to Portland, where
    clashes between protesters and federal troops have grown increasingly
    violent in recent weeks. In at least two cases, there are no geographic
    restrictions; one release document instructs, ``Do not participate in any
    protests, demonstrations, rallies, assemblies while this case is pending.''

    Protesters who have agreed to stay away from further demonstrations say they
    felt forced to accept those terms to get out of jail. [...]
    https://www.propublica.org/article/...-requires-relinquishing-constitutional-rights

    ------------------------------

    Date: Wed, 29 Jul 2020 10:24:01 +0900
    From: far...@keio.jp
    Subject: Here's Trump's Plan To Regulate Social Media (Forbes)

    https://www.forbes.com/sites/robpegoraro/2020/07/28/heres-trumps-plan-to-regulate-social-media/

    ------------------------------

    Date: Wed, 29 Jul 2020 11:35:06 -0700
    From: Lauren Weinstein <lau...@vortex.com>
    Subject: Trump's ... new Postmaster General wants your mail to be late
    or lost (NPR)



    ------------------------------

    Date: Wed, 29 Jul 2020 11:06:33 PDT
    From: "Peter G. Neumann" <neu...@csl.sri.com>
    Subject: America's *Frontlline Doctors*? (Gizmodo)

    https://gizmodo.com/who-are-americas-frontline-doctors-the-pro-trump-pro-1844528900

    [This one is really amazing. PGN]

    ------------------------------

    Date: Tue, 28 Jul 2020 15:25:17 -0400
    From: Greg Searle <greg....@gmail.com>
    Subject: Re: When tax prep is free, you may be paying with your privacy
    (RISKS-32.11)

    The IRS guarantees that you can file your taxes for free if you are under a
    certain income level. You can do it directly through the IRS or through
    another service. These services will really attempt to "recommend" a product
    that is more "suitable" for you (that they charge a fee for), but they can't
    charge you at all for the free option.

    https://www.irs.gov/filing/free-file-do-your-federal-taxes-for-free

    ------------------------------

    Date: Tue, 28 Jul 2020 17:33:00 -0500
    From: Bob Wilson <wil...@math.wisc.edu>
    Subject: Re: Long-Lost Computation Dissertation of Unix Pioneer Dennis Ritchie
    (RISKS-32.15?)

    When I submitted my dissertation (1969), we were required not just to submit
    a hard copy to the university (UW-Madison) but also to sign a form giving
    permission for it to be copied and recorded at a national repository: I
    think that was maintained at the University of Michigan. We had to give
    them permission to use it, under our copyright prerogatives.

    Quite a few people did not like being required to "give away" some of their
    copyright ownership. (It did not make too much difference for folks like me,
    in mathematics, but in many of the humanities subjects people at least hoped
    to turn their theses into books they could sell, where copyright ownership
    could really matter.) We were told that the requirement to sign that form
    was essentially universal in U.S. graduate education, mandatory before your
    degree would be granted. So I am surprised it was not required at Harvard!

    ------------------------------

    Date: Tue, 28 Jul 2020 13:42:10 -0700
    From: Henry Baker <hba...@pipeline.com>
    Subject: Re: Darwin's tautology? (Ward, RISKS-32.15)

    The evolution(!) of terminology which converts meaningful statements into
    tautologies happens all the time in math and science, and is almost always a
    'good thing'(tm), as it signifies 'progress'.

    The terms 'survival' and 'fit, fitter, fittest' preceded Darwin and
    'evolution', so there was a bit of carving and sanding required to 'fit'
    these terms into Darwin's evolutionary theory. However, now that Darwin's
    evolutionary theory has been mostly accepted, the terms 'survival' and 'fit,
    fitter, fittest' are now (re)defined in terms of this evolutionary theory;
    hence 'survival of the fittest' has now *become* a tautology.

    Ditto in the world of mathematics. Prior to Cardano, Fermat, Pascal and
    Laplace, 'probability' was a very elusive term. Modern probability theory
    (due to Kolmogorov) has been so successful that the notion of 'probability'
    is now identical to the mathematical definition, so many previously
    meaningful statements about probability have been converted into
    tautologies.

    Ditto in the engineering world. Prior to Claude Shannon, an 'error' in
    communications was an imprecise term; however, post-Shannon, it's almost
    impossible to discuss non-Shannon-like 'errors', e.g., errors that correlate
    widely separated bits/characters, because the definition of the terms have
    changed to make Shannon-like errors the easiest to discuss.

    All this is progress, because it converts PhD theses into undergraduate
    exercises; thence to high school exercises; and finally into definitions.
    We now 'see' the world using terminology and definitions that make
    previously difficult concepts blindingly obvious. Only those in the
    transition period old enough to remember the previous confusion will fully
    appreciate the clarity produced by these new ways of perceiving.

    ------------------------------

    Date: Tue, 28 Jul 2020 17:39:47 -0500
    From: Bob Wilson <wil...@math.wisc.edu>
    Subject: Re: Darwin's tautology? (Ward, RISKS-32.15)

    The comment that
    > "The conclusion is implicit in the premises": but this is just a
    > property of every valid mathematical argument.
    correctly tells us that any mathematical proof amounts to discarding
    information, or at best copying it over! I have always loved that. (It does
    not say that proofs are useless: Presumably they lay clear(er) why something
    might have been obvious!)

    ------------------------------

    Date: Wed, 29 Jul 2020 12:00:12 +0100
    From: Martin Ward <mar...@gkc.org.uk>
    Subject: Re: Darwin's tautology? (Baker, RISKS-32.15?)

    > The evolution(!) of terminology which converts meaningful statements into
    > tautologies happens all the time in math and science, and is almost always
    > a 'good thing'(tm), as it signifies 'progress'.

    This is true, as long as you are not implying that the meaningful statement
    becomes *less* meaningful when it is "converted" into a tautology.

    Fermat's Last Theorem was always a meaningful statement, and since Andrew
    Wile proved it we now know it is a tautology: but still just as meaningful.
    The statement "God exists" is (with a suitably precise definition of "God")
    a meaningful statement, and Plantinga's Ontological Argument uses Model
    Logic to prove that it is a tautology: it is true in all possible worlds.
    But it is still just as meaningful, if not even more so!

    ------------------------------

    Date: Wed, 29 Jul 2020 17:10:38 -0600
    From: "Matthew Kruk" <mkr...@gmail.com>
    Subject: CFIA investigating mysterious shipments of seeds landing in mailboxes
    (CBC)

    U.S. residents are not the only ones:
    https://www.cbc.ca/news/canada/warning-about-unauthorized-seeds-in-mail-1.5667883

    ------------------------------

    Date: Mon, 1 Jun 2020 11:11:11 -0800
    From: RISKS-...@csl.sri.com
    Subject: Abridged info on RISKS (comp.risks)

    The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
    comp.risks, the feed for which is donated by panix.com as of June 2011.
    => SUBSCRIPTIONS: The mailman Web interface can be used directly to
    subscribe and unsubscribe:
    http://mls.csl.sri.com/mailman/listinfo/risks

    => SUBMISSIONS: to ri...@CSL.sri.com with meaningful SUBJECT: line that
    includes the string `notsp'. Otherwise your message may not be read.
    *** This attention-string has never changed, but might if spammers use it.
    => SPAM challenge-responses will not be honored. Instead, use an alternative
    address from which you never send mail where the address becomes public!
    => The complete INFO file (submissions, default disclaimers, archive sites,
    copyright policy, etc.) is online.
    <http://www.CSL.sri.com/risksinfo.html>
    *** Contributors are assumed to have read the full info file for guidelines!

    => OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
    searchable html archive at newcastle:
    http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
    Also, ftp://ftp.sri.com/risks for the current volume
    or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
    If none of those work for you, the most recent issue is always at
    http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-32.00
    ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
    *** NOTE: If a cited URL fails, we do not try to update them. Try
    browsing on the keywords in the subject line or cited article leads.
    Apologies for what Office365 and SafeLinks may have done to URLs.
    ==> Special Offer to Join ACM for readers of the ACM RISKS Forum:
    <http://www.acm.org/joinacm1>

    ------------------------------

    End of RISKS-FORUM Digest 32.16
    ************************
     
  7. LakeGator

    LakeGator Mostly Harmless Moderator

    4,747
    518
    368
    Apr 3, 2007
    Tampa
    Risks Digest 32.17

    RISKS List Owner

    Aug 1, 2020 7:34 PM

    Posted in group: comp.risks

    RISKS-LIST: Risks-Forum Digest Saturday 1 August 2020 Volume 32 : Issue 17

    ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
    Peter G. Neumann, founder and still moderator

    ***** See last item for further information, disclaimers, caveats, etc. *****
    This issue is archived at <The RISKS Digest> as
    <The RISKS Digest, Volume 32 Issue 17>
    The current issue can also be found at
    <http://www.csl.sri.com/users/risko/risks.txt>

    Contents:
    Florida Teen Arrested in Twitter Hack (The New York Times)
    How self-driving cars can alter consumer morality (JCR)
    PayPal and Venmo QR payments are coming to CVS Pharmacies (Engadget)
    Data isn't just being collected from your phone. It's being used to score
    you. (WashPost)
    Google accused by developer of retaliation for cooperating with House
    antitrust investigation (WashPost)
    Twitter hackers used "phone spear phishing" in mass account takeover
    (Ars Technica)
    MRI study reveals all mammals, including humans, share equal brain
    connectivity (StudyFinds)
    Global methane emissions soar to record high (Stanford)
    A concert is being held to learn how COVID-19 spreads at large events.
    Here's how? (Miami Herald)
    The "Cubic Model" (Martin Ward)
    Re: Theoretical Physicists Say 90% Chance of Societal Collapse Within
    Several Decades (Amos Shapir)
    Re: Let a thousand poppies bloom, thanks to cheap solar power (Scott Dorsey)
    Re: When tax prep is free, you may be paying with your privacy (
    Re: Darwin's tautology? (Amos Shapir)
    Re: Long-Lost Computation Dissertation of Unix Pioneer Dennis Ritchie
    (Al Stangenberger, John Levine)(
    Photo Deposit (xkcd)
    Quote of The Day (Thomas Sowell)
    Quote of The Day (Sven Henrich)
    Abridged info on RISKS (comp.risks)

    ----------------------------------------------------------------------

    Date: Fri, 31 Jul 2020 18:09:47 -0400
    From: Gabe Goldberg <ga...@gabegold.com>
    Subject: Florida Teen Arrested in Twitter Hack (The New York Times)

    The authorities arrested a 17-year-old who they said ran a scheme that
    targeted the accounts of celebrities, including former President Barack
    Obama and Elon Musk. Two others were also charged.

    OAKLAND, Calif. The authorities said on Friday that a Florida teenager was
    the *mastermind* of a recent high-profile hack of 130 Twitter accounts,
    including the accounts of celebrities like former Vice President Joseph
    R. Biden Jr. and the Silicon Valley mogul Elon Musk.

    Graham Ivan Clark, 17, was arrested in his Tampa home early Friday, state
    officials said. He is believed to be the linchpin of a hack that turned into
    an embarrassment for Twitter and called into question the security measures
    of a range of tech companies. Two other people were also charged with taking
    part in the hack. [...]

    The hackers tweeted from 45 of the accounts, gained access to the direct
    messages of 36 accounts, and downloaded full information from seven
    accounts. They gained access to internal Twitter systems by stealing login
    information from employees, then used their access to reset passwords on the
    accounts.

    Florida Teenager Is Charged as ‘Mastermind’ of Twitter Hack

    Where to start? Employees losing internal system credentials, Twitter not
    validating login location or requiring VPN, and people responding to
    tweets offering to double their bitcoins. Comments are interesting -- half
    condemning the kid, half praising him and suggesting he work as
    IT/security consultant.

    ------------------------------

    Date: Fri, 31 Jul 2020 12:35:54 -0400
    From: George Mannes <gma...@gmail.com>
    Subject: How self-driving cars can alter consumer morality (JCR)

    A paper by Tripat Gill in the August 2020 issue of *Journal of Consumer
    Research* addresses how people in an autonomous vehicle might resolve the
    dilemma of harm to themselves vs. harm to a pedestrian. From the abstract:

    ...participants considered harm to a pedestrian more permissible with an
    AV as compared to self as the decision agent in a regular car. This shift
    in moral judgments was driven by the attribution of responsibility to the
    AV and was observed for both severe and moderate harm.... However, the
    effect was attenuated when five pedestrians or a child could be
    harmed. These findings suggest that AVs can change prevailing moral
    norms.... Blame It on the Self-Driving Car: How Autonomous Vehicles Can Alter Consumer Morality

    Note to self: When the glorious age of self-driving cars arrives, be sure
    to walk around in large groups...or dress in a onesie. Maybe then the
    "driver" will grab the wheel.

    ------------------------------

    Date: Fri, 31 Jul 2020 12:58:51 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: PayPal and Venmo QR payments are coming to CVS Pharmacies
    (Engadget)

    CVS pharmacies will soon let you do touch-free payments using your PayPal or
    Venmo accounts by using PayPal's QR code payment system, PayPal has
    announced. The system will let shoppers ``securely pay for their items
    without needing to touch a keypad or sign a receipt,'' according to PayPal.

    PayPal supports various means of payment, including stored debit or credit
    cards, bank accounts, a PayPal balance or a PayPal credit. On Venmo (which
    is owned by PayPal), ``customers can pay using their stored debit or credit
    cards, bank account, Venmo balance or Venmo rewards'' without any user fees,
    according to PayPal. [...]

    PayPal and Venmo QR payments are coming to CVS Pharmacies

    ------------------------------

    Date: Sat, 1 Aug 2020 02:04:14 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: Data isn't just being collected from your phone. It's being used to
    score you. (WashPost)

    It's called surveillance scoring. And everybody's doing it.

    https://www.washingtonpost.com/opin...ollected-your-phone-its-being-used-score-you/

    ------------------------------

    Date: Sat, 1 Aug 2020 02:08:35 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: Google accused by developer of retaliation for cooperating with
    House antitrust investigation (WashPost)

    Blix, Inc., the maker of an email app, has been on Google's Play Store for
    six years. On Friday, just two days after a Capitol Hill hearing on
    antitrust issues, Google kicked the app off the store. Blix says it's
    because the company cooperated with lawmakers.

    https://www.washingtonpost.com/technology/2020/07/31/google-accused-antitrust-retaliation/

    ------------------------------

    Date: Fri, 31 Jul 2020 10:26:34 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: Twitter hackers used "phone spear phishing" in mass account takeover
    (Ars Technica)

    The hackers behind this month's epic Twitter breach targeted a small number
    of employees through a *phone spear phishing attack*, the social media site
    said on Thursday night. When the pilfered employee credentials failed to
    give access to account support tools, the hackers targeted additional
    workers who had the permissions needed to access the tools. [...]

    https://arstechnica.com/information...hone-spear-phishing-in-mass-account-takeover/

    ------------------------------

    Date: Sat, 1 Aug 2020 01:14:00 -1000
    From: geoff goodfellow <ge...@iconia.com>
    Subject: MRI study reveals all mammals, including humans, share equal brain
    connectivity (StudyFinds)

    Mankind's collective ego may be about to take a big hit. Humans have always
    reigned supreme on planet Earth when it comes to intelligence. Indeed, it's
    our intellect and capacity for critical thinking that primarily separates us
    from the rest of this planet's inhabitants. That's why the findings of a
    new study are so surprising. Researchers from Tel Aviv University, after
    examining and comparing brain connectivity across 130 different mammalian
    species (including humans), conclude that brain connectivity is equal among
    *all* mammals. <https://www.studyfinds.org/mammals-poop-feces-study/>

    These findings, reached via MRI brain scans, oppose long-standing beliefs
    and assumptions among medical and scientific professionals
    <https://www.studyfinds.org/covid-19-gender-gap-academia/>.

    ``We discovered that brain connectivity -- namely the efficiency of
    information transfer through the neural network -- does not depend on
    either the size or structure of any specific brain,'' says Professor Yaniv
    Assaf, of the School of Neurobiology, Biochemistry and Biophysics, in a
    release. In other words, the brains of all mammals, from tiny mice
    through humans to large bulls and dolphins, exhibit equal connectivity,
    and information travels with the same efficiency within them. We also
    found that the brain preserves this balance via a special compensation
    mechanism: when connectivity between the hemispheres is high, connectivity
    within each hemisphere is relatively low, and vice versa.''

    <https://www.aftau.org/press-release---brain-connectivity---july-20-2020>

    Brain connectivity compared via MRI scans. [...]
    https://www.studyfinds.org/mri-stud...luding-humans-share-equal-brain-connectivity/

    ------------------------------

    Date: Sat, 1 Aug 2020 01:13:00 -1000
    From: geoff goodfellow <ge...@iconia.com>
    Subject: Global methane emissions soar to record high (Stanford)

    *The pandemic has tugged carbon emissions down, temporarily. But levels of
    the powerful heat-trapping gas methane continue to climb, dragging the
    world further away from a path that skirts the worst effects of global
    warming.*

    Global emissions of methane have reached the highest levels on record.
    Increases are being driven primarily by growth of emissions from coal
    mining, oil and natural gas production, cattle and sheep ranching, and
    landfills.

    Between 2000 and 2017, levels of the potent greenhouse gas barreled up
    toward pathways that climate models suggest will lead to 3-4 degrees Celsius
    of warming before the end of this century. This is a dangerous temperature
    threshold at which scientists warn that natural disasters, including
    wildfires, droughts and floods, and social disruptions such as famines and
    mass migrations become almost commonplace. The findings are outlined in two
    papers published July 14 in *Earth System Science Data*
    <https://doi.org/10.5194/essd-12-1561-2020> and *Environmental Research
    Letters* <https://doi.org/10.1088/1748-9326/ab9ed2> by researchers with the
    Global Carbon Project <https://www.globalcarbonproject.org/>, an initiative
    led by Stanford University scientist Rob Jackson
    <https://profiles.stanford.edu/jackson>.

    In 2017, the last year when complete global methane data are available,
    Earth's atmosphere absorbed nearly 600 million tons of the colorless,
    odorless gas that is 28 times more powerful than carbon dioxide at trapping
    heat over a 100-year span. More than half of all methane emissions now come
    from human activities. Annual methane emissions are up 9 percent, or 50
    million tons per year, from the early 2000s, when methane concentrations in
    the atmosphere were relatively stable.

    In terms of warming potential, adding this much extra methane to the
    atmosphere since 2000 is akin to putting 350 million more cars on the
    world's roads or doubling the total emissions of Germany or France. ``We
    still haven't turned the corner on methane,'' said Jackson, a professor of
    Earth system science in Stanford's School of Earth, Energy & Environmental
    Sciences <https://earth.stanford.edu/> (Stanford Earth).

    *Growing sources of methane*. [...]
    https://earth.stanford.edu/news/global-methane-emissions-soar-record-high

    ------------------------------

    Date: Sat, 1 Aug 2020 01:12:00 -1000
    From: geoff goodfellow <ge...@iconia.com>
    Subject: A concert is being held to learn how COVID-19 spreads at large
    events. Here's how? (Miami Herald)

    One of the worst activities you can do in the middle of a pandemic is attend
    a large gathering with thousands of attendees -- but researchers in Germany
    want people to do just that.

    It's not for recreation: The goal is to examine just how dangerous those
    events really are, especially as parts of the world prepare to return to
    normalcy.

    For a project called *RESTART-19*, scientists with the University Medical
    Center Halle (Saale) plan on throwing a concert with 4,000 fans and a German
    music artist in an indoor arena to simulate how people move, gather and
    spread potentially coronavirus-infected germs.
    <https://restart19.de/das-projekt/#1594374092971-9e179e0a-f140>

    But there's a catch: participants must test negative for SARS-CoV-2, the
    virus driving the pandemic, and wear a mask at all times aside from snack
    and outdoor breaks, according to their website.

    The team says data on how respiratory diseases spread in large events is
    ``sparse overall and practically nonexistent for COVID-19,'' so they want to
    fill in the gaps.

    ``The corona pandemic paralyzes the event industry. As long as there is a
    risk of contagion, no major concerts and trade fairs or sports events are
    allowed to take place.''
    <https://www.medizin.uni-halle.de/in...]=6410&cHash=40a36e8e42d018d4f4ca42fa135a6378>
    Dr. Armin Willingmann, minister of economics for the German state of
    Saxony-Anhalt and a science professor, said in a news release. ``That is
    why it is so important to find out which technical or organizational
    framework can effectively minimize the risk of infection.'' [...]

    https://www.miamiherald.com/news/coronavirus/article244375897.html

    ------------------------------

    Date: Fri, 31 Jul 2020 13:18:08 +0100
    From: Martin Ward <mar...@gkc.org.uk>
    Subject: The "Cubic Model"

    Do you remember the Trump administration's "cubic model" of coronavirus
    deaths? On 4th May a Washington Post report said "people with knowledge of
    that model say it shows deaths dropping precipitously in May -- and
    essentially going to zero by May 15". The "model" turned out to be a stock
    Excel function, which fits a cubic polynomial to the data (hence the name
    "cubic model").

    With the data at the time, the best fitting cubic model has a negative
    coefficient for x^3: meaning that the model will show deaths rapidly
    dropping the zero. (Note that you have to avoid plotting the model *beyond*
    that date since the number of deaths then rapidly goes negative as the model
    predicts a huge Zombie Apocalypse, or something!)

    But now look at today's figures, e.g., here:

    https://ourworldindata.org/grapher/daily-covid-deaths-per-million-7-day-average

    or here (scroll down for graphs):

    https://www.worldometers.info/coronavirus/country/us/

    I haven't run the model, but I am pretty sure that the uptick in deaths over
    the last month or so means that the best fit cubic will now have a
    *positive* x^3 coefficient: meaning that the model will predict deaths
    rapidly rising with a quadratically increasing slope. I would be interested
    to know the exact date when the cubic model predicts the death of the last
    remaining person in the USA.

    I wonder if the Trump administration is still using their "cubic model"?

    ------------------------------

    Date: Sat, 1 Aug 2020 12:22:24 +0300
    From: Amos Shapir <amo...@gmail.com>
    Subject: Re: Theoretical Physicists Say 90% Chance of Societal Collapse
    Within Several Decades (RISKS-32.16)

    This prediction sounds like those made during the 1890's, predicting
    precisely when civilization is going to collapse because of excess
    accumulation of horses dung on the streets...

    It's rather easy to extrapolate current trends, but it's obvious that in
    matters of human welfare and survival, it's safe to assume that people are
    going to intervene to change such trends. I suspect however that a
    prediction of collapse within a 100 years might delay intervention to no
    earlier than 90 years later.

    ------------------------------

    Date: 31 Jul 2020 14:43:37 -0000
    From: klu...@panix.com (Scott Dorsey)
    Subject: Re: Let a thousand poppies bloom, thanks to cheap solar power
    (Baker, RISKS-32.16)

    > BTW, a similar-sized solar system installed at my home in California would
    > cost $40,000 instead of $4,000 (including the Taliban tax). Perhaps I
    > need to bring over some Afghan solar installers to the U.S.?

    Perhaps this is because the writers of the original article appear to have
    confused amps and watts. A 1.50-meter solar panel is apt to be 150 watts,
    not 150 amps.

    ------------------------------

    Date: 31 Jul 2020 14:43:37 -0000
    From: klu...@panix.com (Scott Dorsey)
    Subject: Re: When tax prep is free, you may be paying with your privacy
    (RISKS-32.11)

    I don't get this. The IRS guarantees anyone can file their taxes for free
    on paper. I don't know anyone who has ever paid a fee to the IRS for
    submitting their taxes... only people who have paid a fee to the IRS because
    they did not submit them.

    You fill out the forms, you put them in the mail, it costs maybe a dollar in
    stamps. I do not understand why people are willing to pay any money to do
    it online when doing it by hand is simple and cheap unless you have a lot of
    income or very complex deductions.

    ------------------------------

    Date: Sat, 1 Aug 2020 13:23:08 +0300
    From: Amos Shapir <amo...@gmail.com>
    Subject: Re: Darwin's tautology? (Ward, Risks 32.16)

    Tautology is a term in logic defined as a statement which is true
    unconditionally, determined just by its formulation, e.g., "A or not A".
    Thus when a statement is a tautology, its truthfulness requires no proof. A
    statement cannot "become a tautology" by a proof.

    > The statement "God exists" is (with a suitably precise definition of
    > "God") a meaningful statement.

    Let's not step into this quagmire, which stems mainly from the fact that
    what constitutes a "suitably precise" definition of God depends a lot on
    whether the person making the definition believes in God or not.

    ------------------------------

    Date: Thu, 30 Jul 2020 22:51:25 -0700
    From: Al Stangenberger <for...@sbcglobal.net>
    Subject: Re: Long-Lost Computation Dissertation of Unix Pioneer Dennis
    Ritchie (RISKS-32.15)

    All Berkeley dissertations are now filed electronically as PDF's.

    https://grad.berkeley.edu/academic-progress/dissertation/#formatting-your-manuscript

    ------------------------------

    Date: 31 Jul 2020 16:03:59 -0400
    From: "John Levine" <jo...@iecc.com>
    Subject: Re: Long-Lost Computation Dissertation of Unix Pioneer Dennis
    Ritchie (RISKS-32.15)

    I think it was required at Harvard. The story says the issue was that
    Ritchie wasn't willing to pay to have a copy bound for the library. I would
    be surprised if they didn't also have the usual form allowing them to
    provide a copy to University Microfilms.

    When I got my PhD from Yale in 1984 I was living in Cambridge, so I took my
    thesis to the bindery that was probably the same place that Ritchie didn't
    take his. I submitted my thesis to Yale, who rejected it because
    (inevitably) it was bound according to Harvard rules which were different
    from Yale rules. Fortunately, the difference boiled down to Harvard wanted
    only the author's last name on the spine while Yale wanted initials before
    the name. So I got a gold ink pen at the stationery store, carefully added
    my initials, and now I have my PhD.

    Ritchie's approach to day to day life was famously flaky and it is not out
    of the question that he just never got around to going to the bindery. At
    Bell Labs he chronically failed to cash his paychecks. I talked to someone
    who told me a story that one time they voided all the uncashed checks, wrote
    him a check for something like $20,000 (a lot of money in the 1970s), and
    personally walked him to the bank to deposit it.

    ------------------------------

    Date: Fri, 31 Jul 2020 20:26:57 -0400
    From: Monty Solomon <mo...@roscom.com>
    Subject: xkcd: Photo Deposit

    https://xkcd.com/2335/

    ------------------------------

    Date: Fri, 31 Jul 2020 12:04:20 -1000
    From: geoff goodfellow <ge...@iconia.com>
    Subject: Quote of The Day (Thomas Sowell)

    *"The first lesson of economics is scarcity: there is never enough of
    anything to fully satisfy all those who want it. The first lesson of
    politics is to disregard the first lesson of economics."*



    ------------------------------

    Date: Sat, 1 Aug 2020 01:11:00 -1000
    From: geoff goodfellow <ge...@iconia.com>
    Subject: Quote of The Day (Sven Henrich)

    *"Can't wait to take a vaccine that's been rushed through the system with
    none of the established safety protocols in place that require years of peer
    review and testing for side effects knowing that big pharma companies stand
    to make huge profits from it in a race to be first."*



    ------------------------------

    Date: Mon, 1 Aug 2020 11:11:11 -0800
    From: RISKS-...@csl.sri.com
    Subject: Abridged info on RISKS (comp.risks)

    The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
    comp.risks, the feed for which is donated by panix.com as of June 2011.
    => SUBSCRIPTIONS: The mailman Web interface can be used directly to
    subscribe and unsubscribe:
    http://mls.csl.sri.com/mailman/listinfo/risks

    => SUBMISSIONS: to ri...@CSL.sri.com with meaningful SUBJECT: line that
    includes the string `notsp'. Otherwise your message may not be read.
    *** This attention-string has never changed, but might if spammers use it.
    => SPAM challenge-responses will not be honored. Instead, use an alternative
    address from which you never send mail where the address becomes public!
    => The complete INFO file (submissions, default disclaimers, archive sites,
    copyright policy, etc.) is online.
    <http://www.CSL.sri.com/risksinfo.html>
    *** Contributors are assumed to have read the full info file for guidelines!

    => OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
    searchable html archive at newcastle:
    http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
    Also, ftp://ftp.sri.com/risks for the current volume/previous directories
    or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
    If none of those work for you, the most recent issue is always at
    http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-32.00
    ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
    *** NOTE: If a cited URL fails, we do not try to update them. Try
    browsing on the keywords in the subject line or cited article leads.
    Apologies for what Office365 and SafeLinks may have done to URLs.
    ==> Special Offer to Join ACM for readers of the ACM RISKS Forum:
    <http://www.acm.org/joinacm1>

    ------------------------------

    End of RISKS-FORUM Digest 32.17
    ************************