RISKS-LIST: Risks-Forum Digest Saturday 11 May 2024 Volume 34 : Issue 24

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/34.24>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>

Contents:
System outage affecting UniSuper services (via Colin Sutton)´˜´çoß∂Dubjrvy∂ßço
More than 200 people with diabetes injured after software issue drained
insulin pump batteries (Jamie Gubrecht and FDA)
New Spectre-Style 'Pathfinder' Attack Targets Intel CPU, Leak
Encryption Keys and Data (The Hacker News)
Solar Flares and Northern Lights (WashPost)
Wildfires causing widespread telecom outages in the NWT Yukon (CBC)
State actor blamed for cyberattack on B.C. government systems (CBC)
Interview With the Russian-Military-Linked Hackers Targeting U.S. Water
Utilities (WiReD)
AI Is Declared Ready to Make Decisions in War (APNews)
Microsoft Creates Top Secret Generative AI Service for U.S. Spies
(Katrina Manson)
AI Bots Are Taking Over the Job Application Process. Everyone Is Losing.
(WSJ)
Translation Tech Is Amazing, Except When It's Not (WiReD)
Hundreds of charges laid in OPP child sexual abuse investigation (CBC)
Did Rihanna and Katy Perry attend the Met Gala? No, but AI had fans
thinking otherwise (LATimes)
Ethereum's Cofounder Says SEC Is Gaslighting Everyone About Crypto (WiReD)
New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP
Manipulation (LevianthanSecurity)
UnitedHealth Top Executive Slammed Over Cyberattack (NYTimes)
Risks with websites providing data that is difficult to interpret
(Lars-Henrik Eriksson)
Fake photos, but make it fashion. Why the Met Gala
pics are just the beginning of AI deception (CBC)
Stack Overflow users sabotage their posts after OpenAI deal
(ArsTechnica)
No Country Should be Making Speech Rules for the World (EFF)
Apple faces celebrity backlash over piano crushing (BBC)
Robot dogs armed with AI-aimed rifles undergo U.S. Marines Special Ops
evaluation (ArsTechnica)
Parts supplied to Boeing had 'serious defects' (whistleblower via BBC)
How Google Became Evil (Dana F. Blankenhorn)
Google's new *Find My* device network is useful but a stalking risk
(WashPost)
Re: Could the Covid-19 Vaccines Have Caused Some People Harm?
(Joseph Gwinn, Jay Libove Alzina)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Thu, 9 May 2024 12:45:41 +1000
From: Colin Sutton <colin_sutton@ieee.org>
Subject: System outage affecting UniSuper services

A large Australian investment organisation, UniSuper, "had duplication in
two geographies as a protection against outages and loss. However, when the
deletion of UniSuper's Private Cloud subscription occurred, it caused
deletion across both of these geographies." All access was lost a week
ago. It seems everything is still being recreated from backups.
https://www.unisuper.com.au/contact-us/outage-update

------------------------------

Date: Fri, 10 May 2024 11:06:16 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: More than 200 people with diabetes injured after
software issue drained insulin pump batteries (FDA)

Jamie Gumbrecht, *CNN*, 8 May 2024, via ACM TechNews

More than 200 people with diabetes were injured when their insulin pumps
shut down unexpectedly due to a problem with a connected mobile app, the US
Food and Drug Administration said Wednesday.
<https://www.fda.gov/medical-devices/medical-device-recalls/tandem-diabetes-care-inc-recalls-version-27-apple-ios-tconnect-mobile-app-used-conjunction-tslim-x2?utm_medium=email&utm_source=govdelivery>

The FDA has identified this as a Class I recall, the most serious type of
recall. Use of these devices may cause serious injuries or death. Version
2.7 of the t:connect Apple iOS app -- used with the t:slim X2 insulin pump
with Control-IQ -- has been recalled due to a software = issue that causes
the app to crash and relaunch. This cycle drains the pump battery, causing
it to shut down sooner than expected and suspend insulin delivery.

The issue ``may result in hyperglycemia or even diabetic ketoacidosi= s,
which can be a life-threatening condition due to high blood sugars and lack
of insulin,'' the FDA said. The agency said there have been 224 reported
injuries as of April 15. No deaths have been reported. [...]

https://www.cnn.com/2024/05/08/health/tandem-insulin-pump-app-recall/index.=
html

[comment from the press release: Fortunately, this failure mode means the
pump stops dispensing insulin, which, while it can lead to ugly medical
problems, takes hours or days to get bad and can usually be noticed in time.
The reverse problem, namely dumping large amounts of insulin into the blood
stream, can cause immediate brain damage and other life threats (cf. Sunny
von Bullow).]

PRESS RELEASE:
https://www.fda.gov/medical-devices/medical-device-recalls/tandem-diabetes-care-inc-recalls-version-27-apple-ios-tconnect-mobile-app-used-conjunction-tslim-x2

------------------------------

Date: Wed, 8 May 2024 09:16:11 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: New Spectre-Style 'Pathfinder' Attack Targets Intel CPU, Leak
Encryption Keys and Data (The Hacker News)

Researchers have discovered two novel attack methods targeting
high-performance Intel CPUs that could be exploited to stage a key recovery
attack against the Advanced Encryption Standard (AES) algorithm.

The techniques have been collectively dubbed Pathfinder by a group of
academics from the University of California San Diego, Purdue University,
UNC Chapel Hill, Georgia Institute of Technology, and Google.

"Pathfinder allows attackers to read and manipulate key components of the
branch predictor, enabling two main types of attacks: reconstructing
program control flow history and launching high-resolution Spectre
attacks," Hosein Yavarzadeh, the lead author of the paper
<https://dl.acm.org/doi/10.1145/3620666.3651382>, said in a statement
shared with The Hacker News.

"This includes extracting secret images from libraries like libjpeg and
recovering encryption keys from AES through intermediate value extraction."

Spectre is the name given to a class of side-channel attacks
<https://thehackernews.com/2024/04/researchers-uncover-first-native.html>
that exploit branch prediction
<https://en.wikipedia.org/wiki/Branch_predictor> and speculative
execution <https://en.wikipedia.org/wiki/Speculative_execution> on
modern CPUs to read privileged data in the memory in a manner that
sidesteps isolation protections between applications.

The latest attack approach targets a feature in the branch predictor
called the Path History Register (PHR
<https://ieeexplore.ieee.org/document/955033>) -- which keeps a record
of the last taken branches -- to induce branch mispredictions and
cause a victim program to execute unintended code paths, thereby
inadvertently exposing its confidential data.

Specifically, it introduces new primitives that make it possible to
manipulate PHR as well as the prediction history tables (PHTs) within the
conditional branch predictor (CBR) to leak historical execution data and
ultimately trigger a Spectre-style exploit. [...]

------------------------------

Date: Sat, 11 May 2024 02:40:01 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Solar Flares and Northern Lights (WashPost)

One of the strongest geomagnetic storms in two decades hit Earth on Friday
afternoon. Scientists say the severe storm could disrupt communication
systems but also bring beautiful displays of the northern lights this
weekend. [...]

Geomagnetic storms occur when the sun sends a punch of charged particles and
parts of its magnetic field to Earth, often through eruptions from its
surface called coronal mass ejections. This severe geomagnetic storm — rated
a level four out of five — resulted from five coronal mass ejections earlier
this week, some of which are catching up with one another as they hurtle
through space.

“We’re a little concerned in that we haven’t seen this in a long time,”
Shawn Dahl, the service coordinator for the National Oceanic and Atmospheric
Administration’s Space Weather Prediction Center, said in a news conference
Friday. “We have notified all of our infrastructure operators that we
coordinate with, such as satellite operators, communication folks … and of
course, the power grid here in North America.”

A severe geomagnetic storm powered by five coronal ejections from the sun
will result in a vivid aurora borealis. Here are some tips for seeing it
this weekend

A severe geomagnetic storm can cause issues with power systems, spacecraft
operations, radio communications and even pipeline systems, if not
appropriately prepared for.

“Our role is to alert the operators of these different systems so that
they’re aware and can take actions to mitigate these kinds of impacts,” Rob
Steenburgh, a space scientist at NOAA’s Space Weather Prediction Center,
said at a news conference Friday.