Rocksolid Light

News from da outaworlds

mail  files  register  groups  login

Message-ID:  

Caution: breathing may be hazardous to your health.

comp / comp.risks / Risks Digest 34.31

SubjectAuthor
o Risks Digest 34.31RISKS List Owner

1
Subject: Risks Digest 34.31
From: RISKS List Owner
Newsgroups: comp.risks
Organization: PANIX Public Access Internet and UNIX, NYC
Date: Sun, 16 Jun 2024 20:33 UTC
Path: eternal-september.org!news.eternal-september.org!feeder3.eternal-september.org!panix!.POSTED.panix3.panix.com!not-for-mail
From: risko@csl.sri.com (RISKS List Owner)
Newsgroups: comp.risks
Subject: Risks Digest 34.31
Date: 16 Jun 2024 20:33:56 -0000
Organization: PANIX Public Access Internet and UNIX, NYC
Lines: 676
Sender: RISKS List Owner <risko@csl.sri.com>
Approved: risks@csl.sri.com
Message-ID: <CMM.0.90.4.1718569871.risko@chiron.csl.sri.com19316>
Injection-Info: reader1.panix.com; posting-host="panix3.panix.com:166.84.1.3";
logging-data="13633"; mail-complaints-to="abuse@panix.com"
To: risko@csl.sri.com
View all headers

RISKS-LIST: Risks-Forum Digest Sunday 16 Jun 2024 Volume 34 : Issue 31

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/34.31>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>

Contents:
Waymo issues software and mapping recall after robotaxi crashes
into a telephone pole (The Verge)
Driver using FSD, staring at phone ... (LATimes)
Voting machine contract under scrutiny following discrepancies in Puerto
Rico's primaries (AP)
Phishing attack hits L.A. County public health agency, jeopardizing
200,000-plus residents' personal info (LATimes)
Leaked documents reveal patient safety issue at Amazon's One Medical
(The Washington Post)
Crooks plant backdoor in software used by courtrooms around the world
(Dan Goodin)
How a New Jersey man was wrongly arrested through facial
recognition tech now in use in Ontario (CBC)
Clearview AI Used Your Face. Now You May Get a Stake in the Company.
(NYTimes)
Microsoft Refused to Fix Flaw Years Before SolarWinds Hack (ProPublica)
iOS 18 cracks down on apps asking for full address book access
(TechCrunch)
A reportedly fake group recruited a real candidate for Congress
(Poliico)
After sustained attacks by the GOP, Stanford Internet Observatory is being
shut down (Casey Newton and Zoë Schiffer)
Tile/Life360 Breach: Millions of Users' Data at Risk (Security Boulevard)
Generative AI and the law (Lauren Weinstein)
New Wi-Fi Takeover Attack -- All Windows Users Warned To Update Now (Forbes)
Japan Runs on Vending Machines. It’s About to Break Millions of Them.
(NYTimes)
The surprisingly not so doomed effort to force U.S. drivers to
stop speeding (The Verge)
Vax (Jim Geissman)
The Age of the Drone Police Is Here (WiReD)
MXThunder and FBL (Cliff Kilby)
Retired engineer discovers 55-year-old bug in Lunar Lander
computer game code (Ars Technica)
Google, Cloudflare & Cisco Will Poison DNS to Stop Piracy Block
Circumvention (TorrentFreak)
Wells Fargo Fires Over a Dozen for 'mouse jiggling' (Henry Baker)
Why Microsoft, Google, and others screw up (Lauren Weinstein)
Re: Microsoft and Recall (Lauren Weinstein)
Re: Tom Van Vleck (Cliff Kilby)
Quote of The Day (Edward Snowden)
Re: Quote of The Day (James Joyce)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Thu, 13 Jun 2024 09:45:44 -0400
From: Monty Solomon <monty@roscom.com>
Subject: Waymo issues software and mapping recall after robotaxi crashes
into a telephone pole (The Verge)

https://www.theverge.com/2024/6/12/24175489/waymo-recall-telephone-poll-crash-phoenix-software-map

[Indeed, in this complex mathematical world in which we live, stability
requires all the poles being in the left-half plane. (Wikipedia notes
that 75 countries drive on the left.) In the U.S., where driving is on the
right side of the road, there are many poles on the right side. Somehow,
that sounds much less safe! PGN]

------------------------------

Date: Fri, 14 Jun 2024 09:53:20 +0100
From: Julia Segal <julia@flydiem.com>
Subject: Driver using FSD, staring at phone ... (LATimes)

https://www.latimes.com/california/story/2024-06-13/self-driving-tesla-narrowly-misses-police-officer-before-slamming-into-patrol-car-in-orange-county

------------------------------

Date: Sat, 15 Jun 2024 09:31:26 -0700
From: the keyboard of geoff goodfellow <geoff@iconia.com>
Subject: Voting machine contract under scrutiny following
discrepancies in Puerto Rico's primaries (AP)

Puerto Rico's elections commission said Tuesday that it's reviewing its
contract with a U.S. electronic voting company after hundreds of
discrepancies were discovered following the island's heated primaries.
<https://apnews.com/article/puerto-rico-primaries-pierluisi-gonzalez-zaragoza-ortiz-62343cc879f4c5c73a9c0eec39325086>

The problem stemmed from a software issue that caused machines supplied by
Dominion Voting Systems to incorrectly calculate vote totals, said Jessika
Padilla Rivera, the commission's interim president.

While no one is contesting the results from the June 2 primary that
correctly identify the winners, machine-reported vote counts were lower
than the paper ones in some cases, and some machines reversed certain
totals or reported zero votes for some candidates.

``The concern is that we obviously have elections in November, and we must
provide the (island) not only with the assurance that the machine produces a
correct result, but also that the result it produces is the same one that is
reported,'' Padilla said.

More than 6,000 Dominion voting machines were used in Puerto Rico's
primaries, with the company stating that software issues stemmed from the
digital files used to export results from the machines.

------------------------------

Date: Sun, 16 Jun 2024 06:54:26 -0700
From: Steve Bacher <sebmb1@verizon.net>
Subject: Phishing attack hits L.A. County public health agency, jeopardizing
200,000-plus residents' personal info (LATimes)

Here we go again...

Phishing attack hits L.A. County public health agency, jeopardizing
200,000-plus residents' personal info.

The personal information of more than 200,000 people in Los Angeles County
was potentially exposed after a hacker used a phishing email to steal login
credentials.

https://www.latimes.com/california/story/2024-06-14/la-county-public-health-data-breach-possibly-affects-200-000-are-you-one-of-them

------------------------------

Date: Sun, 16 Jun 2024 01:26:40 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Leaked documents reveal patient safety issue at Amazon's
One Medical (The Washington Post)

Patient safety issues have increased since One Medical shifted care to a
call center staffed by contractors, employees say.

Since Amazon acquired the primary-care service One Medical, elderly patients
have been routed to a call center -— staffed partly by contractors with
limited training — that failed on more than a dozen occasions to seek
immediate attention for callers with urgent symptoms, according to internal
documents seen by The Washington Post.

When one patient reported a “blood clot, pain and swelling,” call center
staff scheduled an appointment rather than escalating the matter for medical
evaluation, according to a note in an internal incident tracking spreadsheet
dated Feb. 19.

Over the following two days, clinical staffers flagged four more call-center
errors involving elderly patients with urgent complaints, including stomach
pain and blood in stool, a spike in blood pressure, an insect bite and
sudden rib pain, according to the internal spreadsheet.

The call-center incidents were among dozens flagged by doctors, nurses and
assistants at One Medical Seniors between Feb. 19 and March 18 in the
documents, a year after Amazon acquired the primary-care service. One
Medical began routing elderly patients to the call center in Tempe, Ariz.,
staffed partly by newly hired contractors with limited training and little
to no medical experience, according internal documents seen by The Post and
interviews with four current and former One Medical workers.

https://www.washingtonpost.com/technology/2024/06/15/amazon-one-medical-patient-safety

------------------------------

Date: Sun, 16 Jun 2024 06:19:07 -0700
From: Brian Berg <brianberg@gmail.com>
Subject: Crooks plant backdoor in software used by courtrooms around
the world (Dan Goodin)

Dan Goodin, *ArsTechnica*, 23 May 2024

It's unclear how the malicious version of JAVS Viewer came to be.

https://arstechnica.com/security/2024/05/crooks-plant-backdoor-in-software-used-by-courtrooms-around-the-world/

------------------------------

Date: Thu, 13 Jun 2024 06:14:43 -0600
From: Matthew Kruk <mkrukg@gmail.com>
Subject: How a New Jersey man was wrongly arrested through facial
recognition tech now in use in Ontario (CBC)

https://www.cbc.ca/news/canada/facial-recognition-technology-police-1.7228253

A New Jersey man who was wrongly jailed after being misidentified through
facial recognition software has a message for two Ontario police agencies
now using the same technology.

"There's clear evidence that it doesn't work," Nijeer Parks said.

Parks, now 36, spent 10 days behind bars for a January 2019 theft and
assault on a police officer that he didn't commit. He said he was released
after he provided evidence he was in another city, making a money transfer
at the time of the offence. Prosecutors dropped the case the following
November, according to an internal police report.

------------------------------

Date: Thu, 13 Jun 2024 22:28:35 -0400
From: Monty Solomon <monty@roscom.com>
Subject: Clearview AI Used Your Face. Now You May Get a Stake in
the Company.

The facial recognition start-up doesn't have the funds to settle a
class-action lawsuit, so lawyers are proposing equity for those whose faces
were scraped from the Internet.


Click here to read the complete article
1

rocksolid light 0.9.8
clearnet tor