info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Risks Digest 32.21
38 views
Skip to first unread message
RISKS List Owner
Aug 21, 2020, 8:24:35 PM8/21/20
to ri...@csl.sri.com
RISKS-LIST: Risks-Forum Digest Friday 21 August 2020 Volume 32 : Issue 21
ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator
***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.21>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>
Contents:
Groundbreaking new material 'could allow artificial intelligence to merge
with the human brain' (The Independent)
What would happen to Earth if humans went extinct? (Live Science)
Would you like to live forever? (The Sun)
A typo created a 212-story monolith in Microsoft Flight Simulator (Engadget)
Microsoft Put Off Fixing Zero Day for 2 Years (Krebs on Security)
"Driverless cars are coming soon." (The Telegraph)
How Your Phone Is Used to Track You, and What You Can Do About It (NYTimes)
Tokyo's latest attraction: Transparent public toilets (cnn.com)
DC No Longer Has Online Voter Registration (DCist)
GOP-led Senate panel details ties between 2016 Trump campaign and Russian
interference (NYTimes)
Trump's 2016 campaign chair was a 'grave counterintelligence threat'
(WashPost)
Postal Service backs down on changes as at least 20 states sue over
potential mail delays ahead of election (CNN)
America Has Two Feet. It’s About to Lose One of Them. (NYTimes)
U.S. Secret Service buys location data that would otherwise need a warrant
(Ars Technica)
Booze and cruise providers are the latest to be hit by ransomware scourge
(Ars Technica)
Researchers Can Duplicate Keys from the Sounds They Make (Kottke)
Bluetooth update could turn wearables into COVID-19 trackers (Engadget)
USPS filed a patent for Blockchain voting system (Decrypt)
Russian opposition leader Alexei Navalny 'poisoned' (BBC)
Bottleneck for U.S. Coronavirus Response: The Fax Machine (NYTimes)
U.S. COVID-19 and World War 2 mortality rates, interim comparison
(Richard Stein)
Israeli gargle trial gives COVID results in 1 sec., 95% accuracy
(Henry Crun)
Abridged info on RISKS (comp.risks)
----------------------------------------------------------------------
Date: Mon, 17 Aug 2020 17:15:56 -1000
From: geoff goodfellow <ge...@iconia.com>
Subject: Groundbreaking new material 'could allow artificial intelligence to
merge with the human brain' (The Independent)
Technology could enable new health diagnostics and achieve Elon Musk's
goal of integrating with artificial intelligence
Scientists have discovered a ground-breaking bio-synthetic material that
they claim can be used to merge artificial intelligence with the human
brain.
The breakthrough, presented today at the American Chemical Society Fall
2020 virtual expo, is a major step towards integrating electronics with the
body to create part human, part robotic "cyborg" beings.
Connecting electronics to human tissue has been a major challenge due to
traditional materials like gold, silicon and steel causing scarring when
implanted.
Scars not only cause damage but also interrupt electrical signals flowing
between computers and muscle or brain tissue. The researchers from the
University of Delaware were able to overcome this after various types of
polymers. [...]
https://www.independent.co.uk/life-style/gadgets-and-tech/news/artificial-intelligence-brain-computer-cyborg-elon-musk-neuralink-a9673261.html
------------------------------
Date: Mon, 17 Aug 2020 17:09:42 -1000
From: geoff goodfellow <ge...@iconia.com>
Subject: What would happen to Earth if humans went extinct? (Live Science)
*Nature always finds a way*
Deep within Guatemala's rainforest sits one of the most famous remnants of
the *Maya* <https://www.livescience.com/41781-the-maya.html> civilization: a
roughly 2,000-year-old citadel turned to ruins called *Tikal*
<https://www.livescience.com/23479-tikal-mayan-civilization.html>. When Alan
Weisman hiked through the surrounding region, he discovered something
fascinating along the way: "You're walking through this really dense
rainforest, and you're walking over hills," said Weisman, author and
journalist. "And the archaeologists are explaining to you that what you're
really walking over are pyramids and cities that haven't been excavated."
In other words, we know about sites like Tikal because humans have gone to
great efforts to dig up and restore their remains. Meanwhile, countless
other ruins remain hidden, sealed beneath forest and earth. "It's just
amazingly thrilling how fast nature can bury us," Weisman told *Live
Science*.
This scene from the rainforest allows us a glimpse of what our planet could
look like, if humans simply stopped existing. Lately, that idea has been
especially pertinent, as the global COVID-19 *pandemic*
<https://www.livescience.com/pandemic.html> has kept people inside, and
emboldened animals to return to our quieter urban environments -- giving us
a sense of what life might look like if we retreated further into the
background. Weisman, who wrote "The World Without Us" (Thomas Dunne Books,
2007), spent several years interviewing experts and systematically
investigating this question: What would happen to our planet -- to our
cities, to our industries, to nature -- if humans disappeared?
*A different kind of skyline*. [...]
https://www.livescience.com/earth-without-people.html
------------------------------
Date: Mon, 17 Aug 2020 17:18:48 -1000
From: geoff goodfellow <ge...@iconia.com>
Subject: Would you like to live forever? (The Sun)
BIO-UPGRADABLE: Meet the super-rich biohackers turning into cyborgs
with in-built armour and injecting teenagers' *blood* to stay young
>From daily sessions in sub-zero cryo-chambers to stem cell injection and
transfusions of teenagers' blood, their bizarre attempts to become
superhuman have fueled a multi-million dollar industry.
It may sound like something out of a sci-fi novel, but there's a growing
band of Silicon Valley billionaires who believe they can achieve eternal
life through *biohacking* -- the process of making alterations to your body
to keep it younger.
Netflix's new drama Biohackers, released on Thursday, (20 Aug) seizes on the
terrifying trend by imagining a secretive lab where a young student, played
by Luna Wedler, discovers a sinister experiment using the techniques on an
entire town.
Here we meet the real Silicon Valley biohackers - the men who want to be
immortal. [...]
https://www.the-sun.com/news/1323518/silicon-valley-biohackers-injecting-teenage-blood/
------------------------------
Date: Fri, 21 Aug 2020 14:39:41 +0800
From: Dan Jacobson <jid...@jidanni.org>
Subject: A typo created a 212-story monolith in Microsoft Flight Simulator
(Engadget)
Flight Simulator users recently found an unusual landmark: a 212-story
monolith towering over an otherwise nondescript suburb in Melbourne,
Australia.
After some sleuthing, the title's community found what had caused the tower
to appear in Flight Simulator. When developer Asobo Studio built its
detailed recreation of the globe, they pulled data from OpenStreetMap, a
free map of the world to which anyone can contribute. About a year ago, a
user named nathanwright120 added a tag that said this one building in
Melbourne had 212 floors instead of two. Based on their other contributions,
it appears the edit was a simple typo, not them trying to mislead
anyone. The error was later corrected by another OpenStreetMap contributor,
but not before it made its way into Flight Simulator.
https://www.engadget.com/flight-simulator-open-street-map-building-205545509.html
------------------------------
Date: Mon, 17 Aug 2020 17:12:47 -1000
From: geoff goodfellow <ge...@iconia.com>
Subject: Microsoft Put Off Fixing Zero Day for 2 Years (Krebs on Security)
A security flaw in the way *Microsoft Windows* guards users against
malicious files was actively exploited in malware attacks for two years
before last week, when Microsoft finally issued a software update to correct
the problem.
One of the 120 security holes Microsoft fixed on the 11 Aug Patch Tuesday
[NOTED IN RISKS-32.20. PGN] was CVE-2020-1464, a problem with the way every
supported version of Windows validates digital signatures for computer
programs.
<https://krebsonsecurity.com/2020/08/microsoft-patch-tuesday-august-2020-edition/>
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1464>
Code signing <https://en.wikipedia.org/wiki/Code_signing> is the method of
using a certificate-based digital signature to sign executable files and
scripts in order to verify the author's identity and ensure that the code
has not been changed or corrupted since it was signed by the author.
Microsoft said an attacker could use this spoofing vulnerability to bypass
security features intended to prevent improperly signed files from being
loaded. Microsoft's advisory makes no mention of security researchers having
told the company about the flaw, which Microsoft acknowledged was actively
being exploited. [...]
https://krebsonsecurity.com/2020/08/microsoft-put-off-fixing-zero-day-for-2-years/
------------------------------
Date: Wed, 19 Aug 2020 22:16:44 +0100
From: Chris Drewe <e76...@yahoo.co.uk>
Subject: "Driverless cars are coming soon." (The Telegraph)
Old news for RISKS readers, but just announced in the UK.
Driverless cars are coming soon, and will bring a host of ethical and
moral dilemmas with them
https://www.telegraph.co.uk/cars/comment/driverless-cars-coming-soon-will-bring-host-ethical-moral-dilemmas/
A driverless future is not far away, but what are the implications for
passengers and pedestrians?
Whether drivers like them or not, autonomous cars are coming soon to a
road near you. Well, actually, they are already here. Many modern
vehicles have the ability to 'see' white lines, kerbs, pedestrians, other
cars and obstacles, and can steer, brake and accelerate in accordance with
the road and surrounding traffic. They already have all the hardware
needed for Level 3 autonomy (although a software update would likely be
needed before it could be fully activated) but legislation prohibits the
use of it. Currently, a driver must be in control of the vehicle at all
times regardless of how clever the vehicle's autonomous systems may be.
That could be about to change. Ministers in the UK are considering plans
that could see drivers being allowed to take their hands off the wheel in
Level 3 autonomous cars, as early as next spring.
This is what puzzles me. When I'm driving a car, the driving takes my full
attention (I have to explain to passengers that my conversation may be a
little erratic), whereas if I'm a passenger then I try to avoid looking at
the road so as not to be a mental back-seat driver. If I'm riding in an
autonomous vehicle, I would have difficulty in keeping close-enough
attention to be able to take over instantly if needed. If I have a crash,
who is liable?
One example that springs to mind is if the car was approaching a red traffic
light; I would initially assume that the car will stop, but if it doesn't, I
may not realise until it's too late.
------------------------------
Date: Fri, 21 Aug 2020 07:00:00 -0600
From: "Matthew Kruk" <mkr...@gmail.com>
Subject: How Your Phone Is Used to Track You, and What You Can Do About It
(NYTimes)
Smartphone location data, often used by marketers, has been useful for
studying the spread of the coronavirus. But the information raises troubling
privacy questions.
https://www.nytimes.com/2020/08/19/technology/smartphone-location-tracking-opt-out.html?surface=home-living-vi&fellback=false&req_id=845505994&algo=identity&imp_id=61664156&action=click&module=Smarter%20Living&pgtype=Homepage
------------------------------
Date: Tue, 18 Aug 2020 23:59:09 +0800
From: Richard Stein <rms...@ieee.org>
Subject: Tokyo's latest attraction: Transparent public toilets (cnn.com)
https://edition.cnn.com/travel/article/tokyo-toilet-project-transparent-toilets/index.html
Light valves control opacity electrically or optically. When not energized,
the valve is dark.
Energize the valve to expose the toilet interior when the door is unlocked.
Lock the door to power-down the valve, and the walls darken in ~1-3 seconds.
Not hard to imagine a lock bypass when occupied. There might be a backup
interlock using an motion detector to defeat door lock shorts/bypasses.
Doubt this prank would arise in Tokyo given civility and group cohesion.
Regardless of culture or country, an uneventful bio-break should be a
guaranteed human right.
[Smart loos? What could possibly go wrong? PGN]
------------------------------
Date: Tue, 18 Aug 2020 17:33:38 -0400
From: Gabe Goldberg <ga...@gabegold.com>
Subject: DC No Longer Has Online Voter Registration (DCist)
But as Jackson, 27, tried to use the app and its companion portal online,
neither would work. And he soon learned why: In a move that wasn't widely
publicized, the D.C. Board of Elections recently discontinued the
long-troubled app, killing the only means for residents to register online
to vote in the process. ``I was just frustrated that there was no
information online. There was no clear communication.''
Election officials say the app was notoriously buggy and no longer
reliable. And they concede it isn't likely that the elections board will be
able to roll out a new app before the Nov. 3 election, potentially making it
more difficult for new residents to register to vote or for existing voters
to change their information. ``We are working to identify a new possible
vendor, but significant testing would need to be done prior to launch, and
we’re not sure this will be doable before the general [election],'' said
Rachel Coll, a spokeswoman for the elections board, in an email. ``We're
actively looking, though.''
https://dcist.com/story/20/08/18/dc-no-longer-has-online-voter-registration/
------------------------------
Date: Tue, 18 Aug 2020 14:02:54 PDT
From: "Peter G. Neumann" <neu...@csl.sri.com>
Subject: GOP-led Senate panel details ties between 2016 Trump campaign and
Russian interference (NYTimes)
https://www.nytimes.com/2020/08/18/us/politics/senate-intelligence-russian-interference-report.html
------------------------------
Date: Tue, 18 Aug 2020 09:14:28 -0700
From: Lauren Weinstein <lau...@vortex.com>
Subject: Trump's 2016 campaign chair was a 'grave counterintelligence
threat' (WashPost)
Trump's 2016 campaign chair was a 'grave counterintelligence threat,' had
repeated contact with Russian intelligence, Senate panel finds
https://www.washingtonpost.com/national-security/senate-intelligence-trump-russia-report/2020/08/18/62a7573e-e093-11ea-b69b-64f7b0477ed4_story.html
------------------------------
Date: Tue, 18 Aug 2020 11:45:23 -0700
From: Lauren Weinstein <lau...@vortex.com>
Subject: Postal Service backs down on changes as at least 20 states sue over
potential mail delays ahead of election (CNN)
https://www.cnn.com/2020/08/18/politics/post-office-dejoy/index.html
------------------------------
Date: Wed, 19 Aug 2020 15:05:30 -0400
From: Gabe Goldberg <ga...@gabegold.com>
Subject: America Has Two Feet. It’s About to Lose One of Them. (NYTimes)
For decades, U.S. metrologists have juggled two conflicting measurements for
the foot. Henceforth, only one shall rule.
https://www.nytimes.com/2020/08/18/science/foot-surveying-metrology-dennis.html
[Who's going to foot the bill? Or, do we need a bill for the foot?
Could this become a partisan issue in the U.S. Congress? PGN]
------------------------------
Date: Tue, 18 Aug 2020 17:59:01 -0400
From: Monty Solomon <mo...@roscom.com>
Subject: U.S. Secret Service buys location data that would otherwise need a
warrant (Ars Technica)
Agencies' ability to purchase any data on the open market is a big loophole.
https://arstechnica.com/tech-policy/2020/08/secret-service-other-agencies-buy-access-to-mobile-phone-location-data/
------------------------------
Date: Tue, 18 Aug 2020 17:53:48 -0400
From: Monty Solomon <mo...@roscom.com>
Subject: Booze and cruise providers are the latest to be hit by ransomware
scourge (Ars Technica)
Jack Daniel's distiller and Carnival cruise operator both warn of personal
data theft.
https://arstechnica.com/information-technology/2020/08/booze-and-cruise-providers-are-the-latest-to-be-hit-by-ransomware-scourge/
------------------------------
Date: Wed, 19 Aug 2020 10:05:56 -0400
From: Tom Van Vleck <th...@multicians.org>
Subject: Researchers Can Duplicate Keys from the Sounds They Make (Kottke)
https://kottke.org/20/08/researchers-can-duplicate-keys-from-the-sounds-they-make-in-locks
------------------------------
Date: Wed, 19 Aug 2020 12:44:19 -0400
From: Monty Solomon <mo...@roscom.com>
Subject: Bluetooth update could turn wearables into COVID-19 trackers
(Engadget)
https://www.engadget.com/covid-bluetooth-sig-ens-wearables-plan-120555994.html
------------------------------
Date: Thu, 20 Aug 2020 9:03:54 PDT
From: "Peter G. Neumann" <neu...@csl.sri.com>
Subject: USPS filed a patent for Blockchain voting system (Decrypt)
https://decrypt.co/39162/usps-blockchain-voting-not-ready-primetime
[This keeps getting sillier. PGN]
------------------------------
Date: Thu, 20 Aug 2020 13:07:07 PDT
From: Lauren Weinstein <lau...@vortex.com>
Subject: Russian opposition leader Alexei Navalny 'poisoned' (BBC)
https://www.bbc.com/news/world-europe-53844958
Why is this relevant to RISKS? Because the truth is a precursor to
avoiding risks. Dissent into hell? PGN]
------------------------------
Date: Fri, 21 Aug 2020 14:26:57 -0400
From: Gabe Goldberg <ga...@gabegold.com>
Subject: Bottleneck for U.S. Coronavirus Response: The Fax Machine (NYTimes)
Before public health officials can manage the pandemic, they must deal with
a broken data system that sends incomplete results in formats they can't
easily use.
https://www.nytimes.com/2020/07/13/upshot/coronavirus-response-fax-machines.html
Doesn't mention eFax and similar services which at least eliminate paper
mountains. But they cost $ for these volumes. GG
------------------------------
Date: Tue, 18 Aug 2020 17:40:53 +0800
From: Richard Stein <rms...@ieee.org>
Subject: U.S. COVID-19 and World War 2 mortality rates, interim comparison
[Note: I undertook this historical comparison out of curiosity. I am not
an epidemiologist. The calculations yield average mortality rate measures
based on accumulated public epidemiological reports and historical US
government sources.]
COVID-19 represents a mortal threat, analogous to an enemy combatant in
battle.
nUS involvement in World War 2, per Congressional Research Service (see
https://fas.org/sgp/crs/natsec/RL32492.pdf), identifies 291,557 battle
deaths between 07DEC1941 and 14AUG1945 (192 weeks and 2 days). Total deaths
are much higher: 405,399 (which includes 113,842 "Other Deaths" arising from
accidents, disease, and infections).
The arithmetic yields: 291,557 battle deaths/192.29 weeks ~= 1516 battle
deaths per week.
Since 22JAN2020 until 18AUG2020 (29 weeks, 6 days), Johns Hopkins
(https://coronavirus.jhu.edu/data/new-cases active since 22JAN2020, see
US tracker) reports 170,584 deaths from COVID-19.
These casualty rate figures shock my senses.
Consider the reporting time interval ratio (COVID-19 29.86 weeks/WW2
192.29 weeks) ~= 0.16, or ~1/6th the total duration of World War 2.
The ratio of COVID-19 to WW2 battle deaths per week: 5712/1516 ~= 3.77.
The casualty rate ratio shatters my senses!
Without a viable and effective vaccine, the US COVID-19 casualty risk will
accumulate until effective disease prophylactic measures are adopted and
applied with civility.
------------------------------
Date: Tue, 18 Aug 2020 13:58:05 +0300
From: Henry Crun <mi...@rechtman.com>
Subject: Israeli gargle trial gives COVID results in 1 sec., 95% accuracy
Championing it as instant, cheap and reliable, innovators at Israel's
largest hospital say their invention could become the world's standard COVID
screening method.
[No source given. PGN]
------------------------------
Date: Mon, 1 Aug 2020 11:11:11 -0800
From: RISKS-...@csl.sri.com
Subject: Abridged info on RISKS (comp.risks)
The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
comp.risks, the feed for which is donated by panix.com as of June 2011.
=> SUBSCRIPTIONS: The mailman Web interface can be used directly to
subscribe and unsubscribe:
http://mls.csl.sri.com/mailman/listinfo/risks
=> SUBMISSIONS: to ri...@CSL.sri.com with meaningful SUBJECT: line that
includes the string `notsp'. Otherwise your message may not be read.
*** This attention-string has never changed, but might if spammers use it.
=> SPAM challenge-responses will not be honored. Instead, use an alternative
address from which you never send mail where the address becomes public!
=> The complete INFO file (submissions, default disclaimers, archive sites,
copyright policy, etc.) is online.
<http://www.CSL.sri.com/risksinfo.html>
*** Contributors are assumed to have read the full info file for guidelines!
=> OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
searchable html archive at newcastle:
http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
Also, ftp://ftp.sri.com/risks for the current volume/previous directories
or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
If none of those work for you, the most recent issue is always at
http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-32.00
ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
*** NOTE: If a cited URL fails, we do not try to update them. Try
browsing on the keywords in the subject line or cited article leads.
Apologies for what Office365 and SafeLinks may have done to URLs.
==> Special Offer to Join ACM for readers of the ACM RISKS Forum:
<http://www.acm.org/joinacm1>
------------------------------
End of RISKS-FORUM Digest 32.21
************************
ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator
***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.21>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>
Contents:
Groundbreaking new material 'could allow artificial intelligence to merge
with the human brain' (The Independent)
What would happen to Earth if humans went extinct? (Live Science)
Would you like to live forever? (The Sun)
A typo created a 212-story monolith in Microsoft Flight Simulator (Engadget)
Microsoft Put Off Fixing Zero Day for 2 Years (Krebs on Security)
"Driverless cars are coming soon." (The Telegraph)
How Your Phone Is Used to Track You, and What You Can Do About It (NYTimes)
Tokyo's latest attraction: Transparent public toilets (cnn.com)
DC No Longer Has Online Voter Registration (DCist)
GOP-led Senate panel details ties between 2016 Trump campaign and Russian
interference (NYTimes)
Trump's 2016 campaign chair was a 'grave counterintelligence threat'
(WashPost)
Postal Service backs down on changes as at least 20 states sue over
potential mail delays ahead of election (CNN)
America Has Two Feet. It’s About to Lose One of Them. (NYTimes)
U.S. Secret Service buys location data that would otherwise need a warrant
(Ars Technica)
Booze and cruise providers are the latest to be hit by ransomware scourge
(Ars Technica)
Researchers Can Duplicate Keys from the Sounds They Make (Kottke)
Bluetooth update could turn wearables into COVID-19 trackers (Engadget)
USPS filed a patent for Blockchain voting system (Decrypt)
Russian opposition leader Alexei Navalny 'poisoned' (BBC)
Bottleneck for U.S. Coronavirus Response: The Fax Machine (NYTimes)
U.S. COVID-19 and World War 2 mortality rates, interim comparison
(Richard Stein)
Israeli gargle trial gives COVID results in 1 sec., 95% accuracy
(Henry Crun)
Abridged info on RISKS (comp.risks)
----------------------------------------------------------------------
Date: Mon, 17 Aug 2020 17:15:56 -1000
From: geoff goodfellow <ge...@iconia.com>
Subject: Groundbreaking new material 'could allow artificial intelligence to
merge with the human brain' (The Independent)
Technology could enable new health diagnostics and achieve Elon Musk's
goal of integrating with artificial intelligence
Scientists have discovered a ground-breaking bio-synthetic material that
they claim can be used to merge artificial intelligence with the human
brain.
The breakthrough, presented today at the American Chemical Society Fall
2020 virtual expo, is a major step towards integrating electronics with the
body to create part human, part robotic "cyborg" beings.
Connecting electronics to human tissue has been a major challenge due to
traditional materials like gold, silicon and steel causing scarring when
implanted.
Scars not only cause damage but also interrupt electrical signals flowing
between computers and muscle or brain tissue. The researchers from the
University of Delaware were able to overcome this after various types of
polymers. [...]
https://www.independent.co.uk/life-style/gadgets-and-tech/news/artificial-intelligence-brain-computer-cyborg-elon-musk-neuralink-a9673261.html
------------------------------
Date: Mon, 17 Aug 2020 17:09:42 -1000
From: geoff goodfellow <ge...@iconia.com>
Subject: What would happen to Earth if humans went extinct? (Live Science)
*Nature always finds a way*
Deep within Guatemala's rainforest sits one of the most famous remnants of
the *Maya* <https://www.livescience.com/41781-the-maya.html> civilization: a
roughly 2,000-year-old citadel turned to ruins called *Tikal*
<https://www.livescience.com/23479-tikal-mayan-civilization.html>. When Alan
Weisman hiked through the surrounding region, he discovered something
fascinating along the way: "You're walking through this really dense
rainforest, and you're walking over hills," said Weisman, author and
journalist. "And the archaeologists are explaining to you that what you're
really walking over are pyramids and cities that haven't been excavated."
In other words, we know about sites like Tikal because humans have gone to
great efforts to dig up and restore their remains. Meanwhile, countless
other ruins remain hidden, sealed beneath forest and earth. "It's just
amazingly thrilling how fast nature can bury us," Weisman told *Live
Science*.
This scene from the rainforest allows us a glimpse of what our planet could
look like, if humans simply stopped existing. Lately, that idea has been
especially pertinent, as the global COVID-19 *pandemic*
<https://www.livescience.com/pandemic.html> has kept people inside, and
emboldened animals to return to our quieter urban environments -- giving us
a sense of what life might look like if we retreated further into the
background. Weisman, who wrote "The World Without Us" (Thomas Dunne Books,
2007), spent several years interviewing experts and systematically
investigating this question: What would happen to our planet -- to our
cities, to our industries, to nature -- if humans disappeared?
*A different kind of skyline*. [...]
https://www.livescience.com/earth-without-people.html
------------------------------
Date: Mon, 17 Aug 2020 17:18:48 -1000
From: geoff goodfellow <ge...@iconia.com>
Subject: Would you like to live forever? (The Sun)
BIO-UPGRADABLE: Meet the super-rich biohackers turning into cyborgs
with in-built armour and injecting teenagers' *blood* to stay young
>From daily sessions in sub-zero cryo-chambers to stem cell injection and
transfusions of teenagers' blood, their bizarre attempts to become
superhuman have fueled a multi-million dollar industry.
It may sound like something out of a sci-fi novel, but there's a growing
band of Silicon Valley billionaires who believe they can achieve eternal
life through *biohacking* -- the process of making alterations to your body
to keep it younger.
Netflix's new drama Biohackers, released on Thursday, (20 Aug) seizes on the
terrifying trend by imagining a secretive lab where a young student, played
by Luna Wedler, discovers a sinister experiment using the techniques on an
entire town.
Here we meet the real Silicon Valley biohackers - the men who want to be
immortal. [...]
https://www.the-sun.com/news/1323518/silicon-valley-biohackers-injecting-teenage-blood/
------------------------------
Date: Fri, 21 Aug 2020 14:39:41 +0800
From: Dan Jacobson <jid...@jidanni.org>
Subject: A typo created a 212-story monolith in Microsoft Flight Simulator
(Engadget)
Flight Simulator users recently found an unusual landmark: a 212-story
monolith towering over an otherwise nondescript suburb in Melbourne,
Australia.
After some sleuthing, the title's community found what had caused the tower
to appear in Flight Simulator. When developer Asobo Studio built its
detailed recreation of the globe, they pulled data from OpenStreetMap, a
free map of the world to which anyone can contribute. About a year ago, a
user named nathanwright120 added a tag that said this one building in
Melbourne had 212 floors instead of two. Based on their other contributions,
it appears the edit was a simple typo, not them trying to mislead
anyone. The error was later corrected by another OpenStreetMap contributor,
but not before it made its way into Flight Simulator.
https://www.engadget.com/flight-simulator-open-street-map-building-205545509.html
------------------------------
Date: Mon, 17 Aug 2020 17:12:47 -1000
From: geoff goodfellow <ge...@iconia.com>
Subject: Microsoft Put Off Fixing Zero Day for 2 Years (Krebs on Security)
A security flaw in the way *Microsoft Windows* guards users against
malicious files was actively exploited in malware attacks for two years
before last week, when Microsoft finally issued a software update to correct
the problem.
One of the 120 security holes Microsoft fixed on the 11 Aug Patch Tuesday
[NOTED IN RISKS-32.20. PGN] was CVE-2020-1464, a problem with the way every
supported version of Windows validates digital signatures for computer
programs.
<https://krebsonsecurity.com/2020/08/microsoft-patch-tuesday-august-2020-edition/>
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1464>
Code signing <https://en.wikipedia.org/wiki/Code_signing> is the method of
using a certificate-based digital signature to sign executable files and
scripts in order to verify the author's identity and ensure that the code
has not been changed or corrupted since it was signed by the author.
Microsoft said an attacker could use this spoofing vulnerability to bypass
security features intended to prevent improperly signed files from being
loaded. Microsoft's advisory makes no mention of security researchers having
told the company about the flaw, which Microsoft acknowledged was actively
being exploited. [...]
https://krebsonsecurity.com/2020/08/microsoft-put-off-fixing-zero-day-for-2-years/
------------------------------
Date: Wed, 19 Aug 2020 22:16:44 +0100
From: Chris Drewe <e76...@yahoo.co.uk>
Subject: "Driverless cars are coming soon." (The Telegraph)
Old news for RISKS readers, but just announced in the UK.
Driverless cars are coming soon, and will bring a host of ethical and
moral dilemmas with them
https://www.telegraph.co.uk/cars/comment/driverless-cars-coming-soon-will-bring-host-ethical-moral-dilemmas/
A driverless future is not far away, but what are the implications for
passengers and pedestrians?
Whether drivers like them or not, autonomous cars are coming soon to a
road near you. Well, actually, they are already here. Many modern
vehicles have the ability to 'see' white lines, kerbs, pedestrians, other
cars and obstacles, and can steer, brake and accelerate in accordance with
the road and surrounding traffic. They already have all the hardware
needed for Level 3 autonomy (although a software update would likely be
needed before it could be fully activated) but legislation prohibits the
use of it. Currently, a driver must be in control of the vehicle at all
times regardless of how clever the vehicle's autonomous systems may be.
That could be about to change. Ministers in the UK are considering plans
that could see drivers being allowed to take their hands off the wheel in
Level 3 autonomous cars, as early as next spring.
This is what puzzles me. When I'm driving a car, the driving takes my full
attention (I have to explain to passengers that my conversation may be a
little erratic), whereas if I'm a passenger then I try to avoid looking at
the road so as not to be a mental back-seat driver. If I'm riding in an
autonomous vehicle, I would have difficulty in keeping close-enough
attention to be able to take over instantly if needed. If I have a crash,
who is liable?
One example that springs to mind is if the car was approaching a red traffic
light; I would initially assume that the car will stop, but if it doesn't, I
may not realise until it's too late.
------------------------------
Date: Fri, 21 Aug 2020 07:00:00 -0600
From: "Matthew Kruk" <mkr...@gmail.com>
Subject: How Your Phone Is Used to Track You, and What You Can Do About It
(NYTimes)
Smartphone location data, often used by marketers, has been useful for
studying the spread of the coronavirus. But the information raises troubling
privacy questions.
https://www.nytimes.com/2020/08/19/technology/smartphone-location-tracking-opt-out.html?surface=home-living-vi&fellback=false&req_id=845505994&algo=identity&imp_id=61664156&action=click&module=Smarter%20Living&pgtype=Homepage
------------------------------
Date: Tue, 18 Aug 2020 23:59:09 +0800
From: Richard Stein <rms...@ieee.org>
Subject: Tokyo's latest attraction: Transparent public toilets (cnn.com)
https://edition.cnn.com/travel/article/tokyo-toilet-project-transparent-toilets/index.html
Light valves control opacity electrically or optically. When not energized,
the valve is dark.
Energize the valve to expose the toilet interior when the door is unlocked.
Lock the door to power-down the valve, and the walls darken in ~1-3 seconds.
Not hard to imagine a lock bypass when occupied. There might be a backup
interlock using an motion detector to defeat door lock shorts/bypasses.
Doubt this prank would arise in Tokyo given civility and group cohesion.
Regardless of culture or country, an uneventful bio-break should be a
guaranteed human right.
[Smart loos? What could possibly go wrong? PGN]
------------------------------
Date: Tue, 18 Aug 2020 17:33:38 -0400
From: Gabe Goldberg <ga...@gabegold.com>
Subject: DC No Longer Has Online Voter Registration (DCist)
But as Jackson, 27, tried to use the app and its companion portal online,
neither would work. And he soon learned why: In a move that wasn't widely
publicized, the D.C. Board of Elections recently discontinued the
long-troubled app, killing the only means for residents to register online
to vote in the process. ``I was just frustrated that there was no
information online. There was no clear communication.''
Election officials say the app was notoriously buggy and no longer
reliable. And they concede it isn't likely that the elections board will be
able to roll out a new app before the Nov. 3 election, potentially making it
more difficult for new residents to register to vote or for existing voters
to change their information. ``We are working to identify a new possible
vendor, but significant testing would need to be done prior to launch, and
we’re not sure this will be doable before the general [election],'' said
Rachel Coll, a spokeswoman for the elections board, in an email. ``We're
actively looking, though.''
https://dcist.com/story/20/08/18/dc-no-longer-has-online-voter-registration/
------------------------------
Date: Tue, 18 Aug 2020 14:02:54 PDT
From: "Peter G. Neumann" <neu...@csl.sri.com>
Subject: GOP-led Senate panel details ties between 2016 Trump campaign and
Russian interference (NYTimes)
https://www.nytimes.com/2020/08/18/us/politics/senate-intelligence-russian-interference-report.html
------------------------------
Date: Tue, 18 Aug 2020 09:14:28 -0700
From: Lauren Weinstein <lau...@vortex.com>
Subject: Trump's 2016 campaign chair was a 'grave counterintelligence
threat' (WashPost)
Trump's 2016 campaign chair was a 'grave counterintelligence threat,' had
repeated contact with Russian intelligence, Senate panel finds
https://www.washingtonpost.com/national-security/senate-intelligence-trump-russia-report/2020/08/18/62a7573e-e093-11ea-b69b-64f7b0477ed4_story.html
------------------------------
Date: Tue, 18 Aug 2020 11:45:23 -0700
From: Lauren Weinstein <lau...@vortex.com>
Subject: Postal Service backs down on changes as at least 20 states sue over
potential mail delays ahead of election (CNN)
https://www.cnn.com/2020/08/18/politics/post-office-dejoy/index.html
------------------------------
Date: Wed, 19 Aug 2020 15:05:30 -0400
From: Gabe Goldberg <ga...@gabegold.com>
Subject: America Has Two Feet. It’s About to Lose One of Them. (NYTimes)
For decades, U.S. metrologists have juggled two conflicting measurements for
the foot. Henceforth, only one shall rule.
https://www.nytimes.com/2020/08/18/science/foot-surveying-metrology-dennis.html
[Who's going to foot the bill? Or, do we need a bill for the foot?
Could this become a partisan issue in the U.S. Congress? PGN]
------------------------------
Date: Tue, 18 Aug 2020 17:59:01 -0400
From: Monty Solomon <mo...@roscom.com>
Subject: U.S. Secret Service buys location data that would otherwise need a
warrant (Ars Technica)
Agencies' ability to purchase any data on the open market is a big loophole.
https://arstechnica.com/tech-policy/2020/08/secret-service-other-agencies-buy-access-to-mobile-phone-location-data/
------------------------------
Date: Tue, 18 Aug 2020 17:53:48 -0400
From: Monty Solomon <mo...@roscom.com>
Subject: Booze and cruise providers are the latest to be hit by ransomware
scourge (Ars Technica)
Jack Daniel's distiller and Carnival cruise operator both warn of personal
data theft.
https://arstechnica.com/information-technology/2020/08/booze-and-cruise-providers-are-the-latest-to-be-hit-by-ransomware-scourge/
------------------------------
Date: Wed, 19 Aug 2020 10:05:56 -0400
From: Tom Van Vleck <th...@multicians.org>
Subject: Researchers Can Duplicate Keys from the Sounds They Make (Kottke)
https://kottke.org/20/08/researchers-can-duplicate-keys-from-the-sounds-they-make-in-locks
------------------------------
Date: Wed, 19 Aug 2020 12:44:19 -0400
From: Monty Solomon <mo...@roscom.com>
Subject: Bluetooth update could turn wearables into COVID-19 trackers
(Engadget)
https://www.engadget.com/covid-bluetooth-sig-ens-wearables-plan-120555994.html
------------------------------
Date: Thu, 20 Aug 2020 9:03:54 PDT
From: "Peter G. Neumann" <neu...@csl.sri.com>
Subject: USPS filed a patent for Blockchain voting system (Decrypt)
https://decrypt.co/39162/usps-blockchain-voting-not-ready-primetime
[This keeps getting sillier. PGN]
------------------------------
Date: Thu, 20 Aug 2020 13:07:07 PDT
From: Lauren Weinstein <lau...@vortex.com>
Subject: Russian opposition leader Alexei Navalny 'poisoned' (BBC)
https://www.bbc.com/news/world-europe-53844958
Why is this relevant to RISKS? Because the truth is a precursor to
avoiding risks. Dissent into hell? PGN]
------------------------------
Date: Fri, 21 Aug 2020 14:26:57 -0400
From: Gabe Goldberg <ga...@gabegold.com>
Subject: Bottleneck for U.S. Coronavirus Response: The Fax Machine (NYTimes)
Before public health officials can manage the pandemic, they must deal with
a broken data system that sends incomplete results in formats they can't
easily use.
https://www.nytimes.com/2020/07/13/upshot/coronavirus-response-fax-machines.html
Doesn't mention eFax and similar services which at least eliminate paper
mountains. But they cost $ for these volumes. GG
------------------------------
Date: Tue, 18 Aug 2020 17:40:53 +0800
From: Richard Stein <rms...@ieee.org>
Subject: U.S. COVID-19 and World War 2 mortality rates, interim comparison
[Note: I undertook this historical comparison out of curiosity. I am not
an epidemiologist. The calculations yield average mortality rate measures
based on accumulated public epidemiological reports and historical US
government sources.]
COVID-19 represents a mortal threat, analogous to an enemy combatant in
battle.
nUS involvement in World War 2, per Congressional Research Service (see
https://fas.org/sgp/crs/natsec/RL32492.pdf), identifies 291,557 battle
deaths between 07DEC1941 and 14AUG1945 (192 weeks and 2 days). Total deaths
are much higher: 405,399 (which includes 113,842 "Other Deaths" arising from
accidents, disease, and infections).
The arithmetic yields: 291,557 battle deaths/192.29 weeks ~= 1516 battle
deaths per week.
Since 22JAN2020 until 18AUG2020 (29 weeks, 6 days), Johns Hopkins
(https://coronavirus.jhu.edu/data/new-cases active since 22JAN2020, see
US tracker) reports 170,584 deaths from COVID-19.
These casualty rate figures shock my senses.
Consider the reporting time interval ratio (COVID-19 29.86 weeks/WW2
192.29 weeks) ~= 0.16, or ~1/6th the total duration of World War 2.
The ratio of COVID-19 to WW2 battle deaths per week: 5712/1516 ~= 3.77.
The casualty rate ratio shatters my senses!
Without a viable and effective vaccine, the US COVID-19 casualty risk will
accumulate until effective disease prophylactic measures are adopted and
applied with civility.
------------------------------
Date: Tue, 18 Aug 2020 13:58:05 +0300
From: Henry Crun <mi...@rechtman.com>
Subject: Israeli gargle trial gives COVID results in 1 sec., 95% accuracy
Championing it as instant, cheap and reliable, innovators at Israel's
largest hospital say their invention could become the world's standard COVID
screening method.
[No source given. PGN]
------------------------------
Date: Mon, 1 Aug 2020 11:11:11 -0800
From: RISKS-...@csl.sri.com
Subject: Abridged info on RISKS (comp.risks)
The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
comp.risks, the feed for which is donated by panix.com as of June 2011.
=> SUBSCRIPTIONS: The mailman Web interface can be used directly to
subscribe and unsubscribe:
http://mls.csl.sri.com/mailman/listinfo/risks
=> SUBMISSIONS: to ri...@CSL.sri.com with meaningful SUBJECT: line that
includes the string `notsp'. Otherwise your message may not be read.
*** This attention-string has never changed, but might if spammers use it.
=> SPAM challenge-responses will not be honored. Instead, use an alternative
address from which you never send mail where the address becomes public!
=> The complete INFO file (submissions, default disclaimers, archive sites,
copyright policy, etc.) is online.
<http://www.CSL.sri.com/risksinfo.html>
*** Contributors are assumed to have read the full info file for guidelines!
=> OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
searchable html archive at newcastle:
http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
Also, ftp://ftp.sri.com/risks for the current volume/previous directories
or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
If none of those work for you, the most recent issue is always at
http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-32.00
ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
*** NOTE: If a cited URL fails, we do not try to update them. Try
browsing on the keywords in the subject line or cited article leads.
Apologies for what Office365 and SafeLinks may have done to URLs.
==> Special Offer to Join ACM for readers of the ACM RISKS Forum:
<http://www.acm.org/joinacm1>
------------------------------
End of RISKS-FORUM Digest 32.21
************************
0 new messages