RISKS-LIST: Risks-Forum Digest Tuesday 7 June 2022 Volume 33 : Issue 26

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/33.26>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>

Contents:
A New Kind of Genome Editing Is Here to Fine-Tune DNA (WiReD)
California Regulators Approve First Driverless Taxi Fleet (AP)
Google and Russia's delicate dance (CNN)
Advancing security across Central and Eastern Europe (Google)
Politicians and ulterior motives (Lauren Weinstein)
The Theater of Bitcoin and Data Privacy (Siobhan Roberts)
How Anonymous Is Bitcoin, Really? (NYTimes)
Security News: Google May Owe You a Chunk of $100 Million Over Google Photos
Privacy Violation (WiReD)
Big Tech realities (Lauren Weinstein)
Bolt Loaned Employees Thousands to Buy Stock -- Then Laid Them Off (WiReD)
Actively Exploited Microsoft Zero-Day Flaw Still Has No Patch (WiReD)
Reno Trusting the Blockchain with Building Records (Gizmodo)
Cryptocurrency (The Washington Post)
It's still 2014 in crypto payments, and buying a burrito is now a taxable
event (Davidger)
Banning Lethal Autonomous Weapons (Stuart Russell)
The Coming AI Hackers (Bruce Schneier)
How Axon's plans for Taser drones blindsided its AI ethics board (Protocol)
Axon Halts Plans to Sell Flying Taser Drones to Schools (Vice)
Internal Documents Show Amazon's Dystopian System for Tracking Workers Every
Minute of Their Shifts (Vice)
The Race to Hide Your Voice (WiReD)
Parameter Expansion Considered Dangerous (Cliff Kilby redux)
How the Internet Turned Us Into Content Machines (Mony Solomon0
Re: WashDC stop-sign camera brought in $1.3 million in tickets in 2 years
(Steve Bacher)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Mon, 6 Jun 2022 18:54:48 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: A New Kind of Genome Editing Is Here to Fine-Tune DNA (WiReD)

Instead of deleting genes, epigenetic editing modulates their activity. A
new paper tests if it's able to undo a genetic effect of early alcohol
exposure.

Yet, as with directly editing genes, there could be unintended consequences
of tweaking their expression. Because Arc is a regulator gene involved in
brain plasticity, modifying its expression could have effects beyond alcohol
addiction. "We don't know what other behaviors are altered by this change,"
says Betsy Ferguson, a professor of genetics at Oregon Health and Science
University who studies epigenetic mechanisms in addiction and other
psychiatric disorders. "It's a balance between finding something that's
effective and something that's not disruptive to everyday life."

Another complicating factor is that the expression of dozens, perhaps
hundreds, of genes are altered by alcohol use over time. In people, it may
not be as simple as turning up the expression of Arc, which is only one of
them. While it may seem like the solution would be to tweak all of those
genes, manipulating the expression of many at once could cause problems.
"Knowing that behaviors, including alcohol use behaviors, are regulated by a
number of genes, it's really a challenging problem to solve," Ferguson says.

https://www.wired.com/story/a-new-kind-of-genome-editing-is-here-to-fine-tune-dna

------------------------------

Date: Mon, 6 Jun 2022 12:06:34 -0400 (EDT)
From: ACM TechNews <technews-editor@acm.org>
Subject: California Regulators Approve First Driverless Taxi Fleet (AP)

Michael Liedtke, Associated Press, 3 Jun 2022, via ACM TechNews, 6 Jun 2022

The California Public Utilities Commission unanimously approved General
Motors' Cruise's bid to offer a driverless ride-hailing service in San
Francisco. The robotic taxi service will begin with a fleet of 30 electric
vehicles accepting passengers from 10 p.m. to 6 a.m. in less-congested areas
of the city, giving regulators the opportunity to assess the technology
before allowing expanded service. The driverless service will not operate in
heavy rain or fog, restrictions imposed to reduce the potential for property
damage, injuries, or deaths. Cruise's Gil West said the approval is "a giant
leap for our mission here at Cruise to save lives, help save the planet, and
save people time and money."

https://orange.hosting.lsoft.com/trk/click?ref=znwrbbrs9_6-2ebdfx234351x069235&

------------------------------

Date: Fri, 3 Jun 2022 09:41:47 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: Google and Russia's delicate dance (CNN)

This is an important article, because it helps to crystalize the complexity
of these policy decisions. I think that this part is particularly
noteworthy, and I agree with it 100%:

But some Internet governance experts argue Google's choice to keep
services running in the country may have more of a moral imperative than
a business one. "I think the moral side is a bigger deal," said Daphne
Keller, director of the program on platform regulation at Stanford
University's Cyber Policy Center. "Keeping information flowing to
dissidents in Russia, or people who want information from a source other
than state media, is incredibly important."

https://www.cnn.com/2022/06/03/tech/google-russia-youtube/index.html

------------------------------

Date: Fri, 3 Jun 2022 12:40:30 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: Advancing security across Central and Eastern Europe (Google)

https://blog.google/technology/safety-security/advancing-security-across-central-and-eastern-europe/

------------------------------

Date: Tue, 7 Jun 2022 08:47:37 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: Politicians and ulterior motives

It's ironic, sad, and scary that after Google has spent so many years
building world class systems to protect the security of users,
politicians are so anxious to throw it all away and put users at
massive risk, mostly for their own ulterior political motives.

------------------------------

Date: Tue, 7 Jun 2022 11:25:34 PDT
From: Peter Neumann <neumann@csl.sri.com>
Subject: The Theater of Bitcoin and Data Privacy (Siobhan Roberts)

In myth, the cryptocurrency is decentralized and anonymous. Data scientists
find a different reality.

*The New York Times* Science Times National Edition front page, continued on
the entire page D5. In my printed hardcopy, the black ink on the front page
is imprinted on a mysteriously dark green background with extremely dark
borders. This makes it *really hard to read*. BTW, The "and Data Privacy"
appears only as the title of the continuation page D5, not on the front
page. There is a self-standing quote from Alyssa Blackburn (Rice
University): "Drip by drip. information leakage erodes the once-impenetrable
blocks." The caption of a photo of Alyssa and Erez Lieberman Aiden says
they tested Bitcoin's identity protections and claims of decentralization.
[and found to the contrary]... PGN

------------------------------

Date: Mon, 6 Jun 2022 21:44:27 -0400
From: Monty Solomon <monty@roscom.com>
Subject: How Anonymous Is Bitcoin, Really?

In myth, the cryptocurrency is egalitarian, decentralized and all but
anonymous. The reality is very different, scientists have found.

https://www.nytimes.com/2022/06/06/science/bitcoin-nakamoto-blackburn-crypto.html

------------------------------

Date: Sun, 5 Jun 2022 21:35:25 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Security News: Google May Owe You a Chunk of $100 Million Over
Google Photos Privacy Violation (WiReD)

Plus: The U.S. admits to cyber operations supporting Ukraine, SCOTUS
investigates its own, and a Michael Flynn surveillance mystery is solved.

https://www.wired.com/story/google-photos-settlement-us-ukraine-hacks-michael-flynn-unmasking

------------------------------

Date: Fri, 3 Jun 2022 12:32:39 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: Big Tech realities

I feel that much of the increasing animosity against Big Tech, fueling the
ulterior motives of some notable critics, is that social media and other Big
Tech firms have been deficient for many years, even decades, at educating
the public about the realities of these systems.

------------------------------

Date: Mon, 6 Jun 2022 18:50:08 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Bolt Loaned Employees Thousands to Buy Stock -- Then Laid Them Off
(WiReD)

Even before May's layoffs, industry veterans warned that taking out loans to
buy company stock was a mistake. "It's a significant risk that I don't think
most employees can afford," says Oren Barzilai, the cofounder and CEO of
Equity Bee, a platform that helps startup employees exercise their stock
options. "If the company fails -- and obviously, many startups fail -- they
would need to pay out of pocket to pay back that loan."