RISKS-LIST: Risks-Forum Digest Saturday 17 September 2022 Volume 33 : Issue 45

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/33.45>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>

Contents:
Chinese and Russian ops (Two NYTimes items PGN-ed)
Chinese spy convicted with help from iCloud backup of his iPhone (9to5Mac)
Nuclear Power Still Doesn't Make Much Sense (NYTimes)
Say Hello to Crazy-Thin Deep-Insert ATM Skimmers (Krebs on Security)
Malware attack knocks out software for 6,000+ residential properties
George Mannes)
Patent troll attacks against open-source projects are up 100% since last
year. Here's why (ZDNET)
Alarms over healthcare cyberattacks are getting louder (The Verge)
Microsoft Teams has been storing authentication tokens in plaintext
(Engadget)
Trojanized versions of PuTTY utility being used to spread backdoor
(Ars Technica)
iPhone Lockdown Mode can be easily detected, could make you a target
(9to5Mac)
WatchOS 9 Breaks Spotify Streaming, Apple Watch Users Urged Not to Update
(MacRumors)
Text Messaging Is Cool. But Where Are Its Boundaries? (NYTimes)
Watch it! Legal issues arise with home security cameras (Hiawatha Bray)
DHS built huge database from cellphones/computers seized at border
(WashPost)
Appeals court upholds Texas law regulating social media moderation
(WashPost)
Biden is completely wrong about Section 230 as relates to hate speech
(Lauren Weinstein)
Uber wasn't using security keys (Vice)
Uber's hack shows the stubborn power of social engineering (The Verge)
Chess Grandmaster accused of using anal beads to cheat receives offer to
clear his name by playing nude (AVClub)
We're stuck with this white elephant: A Wisconsin town's big bet on
electronics maker Foxconn hasn't panned out as planned (Fortune)
NSA Software Supply Chain Guidance (The New Stack)
Re: Artemis I launch scrubbed again, new attempt may not come until October
(Martin Ward)
Re: How criminals are using jammers, deauthers to disrupt WiFi (Henry Baker)
Re: Major telecoms sign deal to keep some phone services running during
future outages (Steve Bacher)
Re: Apple and other vendors and eSIM (John levine)
Re: Groove.cm Breaks the Internet (Amos Shapir, Steve Bacher)
Re: The Search for info, not just Dirt, on the Twitter Whistle-Blower
(John Levine)
Re: Facebook has no idea where to find your data (Ssteve Bacher)
Re: 3D gun printing operation busted in Calgary (dmitri maziuk)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Fri, 16 Sep 2022 14:19:50 PDT
From: Peter Neumann <neumann@csl.sri.com>
Subject: Chinese and Russian ops (Two NYTimes items)

China Covert Operations May Overwhelm Us
Nigel Inkster, *The New York Times*, 16 Sep 2022
The West isn't sufficiently prepared for intelligence threats from Beijing

Russia Secretly Spent $300M to Sway Elections Around the World
Edward Wong, *The New York Times*, 14 Sep 2022
[At least. That what has been detected. PGN]

------------------------------

Date: Sat, 17 Sep 2022 01:19:12 -0400
From: Monty Solomon <monty@roscom.com>
Subject: Chinese spy convicted with help from iCloud backup of his iPhone
(9to5Mac)

https://9to5mac.com/2022/09/16/chinese-spy/

------------------------------

Date: Fri, 16 Sep 2022 15:15:18 +0000
From: Henry Baker <hbaker1@pipeline.com>
Subject: Nuclear Power Still Doesn't Make Much Sense (NYTimes)

I heard a Ukrainian reporter on the radio talking about the problems with
the Ukrainian "grid infrastructure" due to the Russian occupation of the
Zaporizhzhia nuclear plant. Except with her Ukrainian accent, she
pronounced it "greed infrastructure". I think that she summed up the
nuclear power industry precisely !!
Truly a Kinsley gaffe (Google it) moment !

Farhad Manjoo, *The New York Times*, 16 Sep 2022
Nuclear Power Still Doesn't Make Much Sense
https://www.nytimes.com/2022/09/16/opinion/nuclear-power-still-doesnt-make-much-sense.html

I landed in London at around the same time that international energy
regulators were making emergency plans for maintaining the safety of
Ukraine's Zaporizhzhia nuclear plant, which had come under shelling from
Russian troops. [...]

Tyson Slocum, the director of the energy program at the advocacy group
Public Citizen, summed up these problems neatly: ``Nuclear power has simply
been eclipsed. It was an incredible zero-emission resource for its day. But
for much of the energy system today, that day has long passed.'' [...]

------------------------------

Date: Fri, 16 Sep 2022 09:57:51 -0400
From: Monty Solomon <monty@roscom.com>
Subject: Say Hello to Crazy-Thin Deep-Insert ATM Skimmers
(Krebs on Security)

A number of financial institutions in and around New York City are dealing
with a rash of super-thin *deep-insert* skimming devices designed to fit
inside the mouth of an ATM's card acceptance slot. The card skimmers are
paired with tiny pinhole cameras that are cleverly disguised as part of the
cash machine. Here's a look at some of the more sophisticated deep insert
skimmer technology that fraud investigators have recently found in the wild.

https://krebsonsecurity.com/2022/09/say-hello-to-crazy-thin-deep-insert-atm-skimmers/

------------------------------

Date: Thu, 15 Sep 2022 21:26:13 -0400
From: George Mannes <gmannes@gmail.com>
Subject: Malware attack knocks out software for 6,000+ residential
properties

I live in a New York City co-op apartment building that contracts with the
firm BuildingLink for a package of administrative & security services, such
as tracking & notification of package deliveries, repair requests,
instructions for the front desk regarding items such as permissions to
enter, and storage and check-out of apartment keys at the front desk. The
system also includes a directory of building residents, including their
apartment numbers, their phone numbers & email addresses. BuildingLink's
software is used in more than 6,000 properties worldwide, according to the
company's website.

The system was down Monday, Tuesday, and much of Wednesday following a
malware attack. Apparently, it was a nationwide outage. Some excerpts from
BuildingLink's status report page (https://status.buildinglink.com/):

12 Sep Monday:

Users are currently unable to access BuildingLink.com and custom domains,
the resident app, and the valet app.

-Users are also unable to access ConciergeLink and the GEO app if not
already logged in....

-KeyLink can currently be used with the fingerprint reader, but not with
username and password.

14 Sep afternoon

On Sunday, 11 Sep, BuildingLink was the target of a malware incident, which
impacted certain network systems.

While we are still in the early stages of an investigation, here's what we
know so far: our team acted quickly and took certain systems offline as a
precautionary measure and continue to take steps to enhance security systems
already in place. We also immediately engaged outside specialists ... to
assist us in our response and conduct a full investigation so we can fully
understand what happened.

15 Sep (this afternoon):

We have a team investigating the malware incident to determine if any data
was impacted. We will share our findings as soon as we are able.

The service interruption had no ill effects on me or anyone I know of. But
I'll be interested to learn what, if any, data concerning those 6,000+
properties and their residents was "impacted."

------------------------------

Date: Wed, 14 Sep 2022 00:34:55 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Patent troll attacks against open-source projects are up 100%
since last year. Here's why (ZDNET)

In recent years, patent trolls have started attacking open-source developers
and companies. But, the open-source community is fighting back.

https://www.zdnet.com/article/patent-troll-attacks-against-open-source-projects-are-up-100-since-last-year-heres-why/

------------------------------

Date: Sat, 17 Sep 2022 00:50:09 -0400
From: Monty Solomon <monty@roscom.com>
Subject: Alarms over healthcare cyberattacks are getting louder (The Verge)

https://www.theverge.com/2022/9/16/23356974/health-cybersecurity-devices-fbi-ransomware

------------------------------

Date: Sat, 17 Sep 2022 00:54:19 -0400
From: Monty Solomon <monty@roscom.com>
Subject: Microsoft Teams has been storing authentication tokens in plaintext
(Engadget)

https://www.engadget.com/microsoft-teams-has-been-storing-auth-tokens-in-plaintext-093510463.html

------------------------------

Date: Sat, 17 Sep 2022 01:09:51 -0400
From: Monty Solomon <monty@roscom.com>
Subject: Trojanized versions of PuTTY utility being used to spread backdoor
(Ars Technica)