Rocksolid Light

News from da outaworlds

mail  files  register  groups  login

Message-ID:  

BOFH excuse #350: paradigm shift...without a clutch

comp / comp.risks / Risks Digest 33.46

SubjectAuthor
o Risks Digest 33.46RISKS List Owner

1
Subject: Risks Digest 33.46
From: RISKS List Owner
Newsgroups: comp.risks
Organization: PANIX Public Access Internet and UNIX, NYC
Date: Fri, 30 Sep 2022 00:13 UTC
Path: eternal-september.org!news.eternal-september.org!reader01.eternal-september.org!panix!.POSTED.panix3.panix.com!not-for-mail
From: risko@csl.sri.com (RISKS List Owner)
Newsgroups: comp.risks
Subject: Risks Digest 33.46
Date: 30 Sep 2022 00:13:35 -0000
Organization: PANIX Public Access Internet and UNIX, NYC
Lines: 641
Sender: RISKS List Owner <risko@csl.sri.com>
Approved: risks@csl.sri.com
Message-ID: <CMM.0.90.4.1664496358.risko@chiron.csl.sri.com15975>
Injection-Info: reader2.panix.com; posting-host="panix3.panix.com:166.84.1.3";
logging-data="4258"; mail-complaints-to="abuse@panix.com"
To: risko@csl.sri.com
View all headers

RISKS-LIST: Risks-Forum Digest Thursday 29 September 2022 Volume 33 : Issue 46

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/33.46>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>

Contents:
`Our world is in peril,' UN secretary general warns general assembly (CBC)
The UN Wants to Curb Anti-Satellite Missile Tests (WiReD)
Vulnerability of insulin pumps (Healio via Judith Hemenway)
Optus' breach exposes 9.8M customers' data (ABC-AU)
Tesla Megapack battery fire spurs shelter-in-place warning in California
(The Verge)
Multiple driverless Cruise cars block traffic in San Francisco
(SanFranChron)
Automakers are ignoring the simple solution to the rise of traffic deaths
(The Verge)
Egypt's submarine cable stranglehold (Sebastian Moss)
'Protestware' is on the rise, with programmers self-sabotaging their own
code. Should we be worried? (Techxplore.com)
Morgan Stanley Smith Barney to Pay $35 Million for Extensive Failures to
Safeguard Personal Information of Millions of Customers (SEC)
NY Suffolk Co. "911" system crippled by cyberattack, other gov't functions
also (WNBC)
American Airlines says hackers obtained some customer/employee data
(Engadget)
LastPass says hackers had internal access for four dayso (Bleeping Computer)
15-Year-Old Python Bug Allows Code Execution in 350k Projects (Ionut Ilascu)
Artist finds private medical record photos in popular AI training data set
(ArsTechnica)
Uber blames contractor for hack (Lauren Weinstein)
Luxury cars seized from 23-year-old 'Crypto King' as investors try to recoup
millions (CBC)
33% of U.S. TikTok users say they regularly get their news on the app, up
from 22% in 2020 (TechCrunch)
TikTok's search engine repeatedly delivers misinformation to its
majority-young user base, report says (CNN)
A common phishing attack sources from Gmail (Lauren Weinstein)
Wegmans Discontinues Self-Checkout App, Citing Losses (NYTimes)
Health apps share your concerns with advertisers. HIPAA can't stop it.
(WashPost)
NTSB wants all new vehicles to check drivers for alcohol use (NPR)
How vigilante *predator catchers* are infiltrating the criminal justice
system (WashPost)
Senators introduce a bill to protect open-source software (WashPost)
Open-Source Software That Lasts a Thousand Years? (Liam Tung)
The ITU's Secretary-General Election Could Shape the Internet's Future
(WiReD)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Tue, 20 Sep 2022 09:58:10 -0600
From: Matthew Kruk <mkrukg@gmail.com>
Subject: `Our world is in peril,' UN secretary general warns general assembly
(CBC)

https://www.cbc.ca/news/world/antonio-guterres-1.6588574

He also warned of what he called "a forest of red flags" around new
technologies despite promising advances to heal diseases and connect people.
Guterres said social media platforms are based on a model "that monetizes
outrage, anger, and negativity." Artificial intelligence, he said, "is
compromising the integrity of information systems, the media, and indeed
democracy itself."

------------------------------

Date: Mon, 19 Sep 2022 01:00:13 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: The UN Wants to Curb Anti-Satellite Missile Tests (WiReD)

At a high-profile meeting in Geneva, international negotiators are moving
closer toward developing rules for space actors in low Earth orbit and
beyond.

https://www.wired.com/story/the-un-wants-to-curb-anti-satellite-missile-tests/

------------------------------

Date: Wed, 21 Sep 2022 18:35:13 +0000
From: Judith Hemenway <Judith@divingturtle.com>
Subject: Vulnerability of insulin pumps (Healio)

Although the insulin pumps are not accessible via the Internet, they are
vulnerable via pairing from near-by devices. Causing the pump to deliver
either too much or too little insulin can be life-threatening.

https://www.healio.com/news/endocrinology/20220920/fda-warns-of-possible-cybersecurity-risk-with-medtronic-minimed-600-series-insulin-pumps

------------------------------

Date: Mon, 26 Sep 2022 21:00:04 +0000
From: John Colville <John.Colville@uts.edu.au>
Subject: Optus' breach exposes 9.8M customers' data (ABC-AU)

Optus is Australia's second largest Telco.

https://www.abc.net.au/news/2022-09-23/optus-rejects-claim-hack-likely-result-of-human-error/101468846
https://www.abc.net.au/news/2022-09-25/new-security-measures-to-be-unveiled-following-optus-data-breach/101472364

------------------------------

Date: Tue, 20 Sep 2022 22:08:28 -0400
From: Monty Solomon <monty@roscom.com>
Subject: Tesla Megapack battery fire spurs shelter-in-place warning in
California (The Verge)

https://www.theverge.com/2022/9/20/23363345/tesla-megapack-battery-fire-california-monterey-pg-and-e

------------------------------

Date: Tue, 27 Sep 2022 15:32:08 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: Multiple driverless Cruise cars block traffic in San Francisco
(SanFranChron)

At least three driverless Cruise cars were responsible for holding up
traffic and reportedly blocking a bus lane in San Francisco last week, the
latest in a string of incidents involving the locally headquartered
self-driving car company.

A video shared on Reddit showed two of Cruise's vehicles at a standstill
Thursday evening, near the intersection of Sacramento and Leavenworth
streets, with their hazard lights flashing. A Muni bus appeared to be
stalled about a block behind them.

``Come on, we've got to get the f*** going,'' one person could be heard
yelling in the background of the video. ``There's no driver!'' another
responded.

https://www.sfgate.com/local/article/driverless-cruise-cars-block-SF-traffic-17467985.php

------------------------------

Date: Mon, 19 Sep 2022 19:34:14 -0400
From: Monty Solomon <monty@roscom.com>
Subject: Automakers are ignoring the simple solution to the rise of traffic
deaths (The Verge)

Automakers are ignoring the simple solution to the rise of traffic deaths
https://www.theverge.com/23360839/cars-speed-safety-traffic-deaths-technology-usdot

------------------------------

Date: September 20, 2022 21:17:26 JST
From: Dewayne Hendricks <dewayne@warpspeed.com>
Subject: Egypt's submarine cable stranglehold (Sebastian Moss)

Sebastian Moss, Datacenter Dynamics, 15 Sep 2022
Understanding the Middle East bottleneck, and how things could be set to
change
https://www.datacenterdynamics.com/en/analysis/egypts-submarine-cable-stranglehold/

The world's digital infrastructure has been built by the paranoid. At every
turn, equipment is duplicated, routes are triplicated, fuel reserves are
over-filled. Astronomical sums are spent on building layers and layers of
safety into the system, as suspicious minds game out various scenarios that
could put the precious flow of data at risk. And yet, there remains one
giant bottleneck, a quirk of geography and geopolitics, that is anything but
redundant.

If you take a map of the world's submarine cable infrastructure, responsible
for shuttling data between nations and entire continents, and zoom in on the
Middle East, you will notice something striking: Everything goes through
Egypt.

Data traveling to and from Europe and Asia, as well as Northern Africa and
the Middle East itself, has just one route.

Coming from the Gulf of Aden, cables snake up along the Red Sea, and into
the Gulf of Suez. There, they make landfall in Egypt, traversing little more
than a hundred miles, before breaking out into the Mediterranean Sea.

"There's no way a network operator would design their network like this
under ideal conditions, right?" said Paul Brodsky, senior analyst at
Telegeography, best known for its maps of cable routes. "They don't like
having everything funneled through one place."

This route concentration is a concern for reliability, putting an estimated
17 percent of the world's Internet traffic in the hands of one country, and
in one shallow and narrow sea. But it is also a concern for businesses,
which have to contend with a monopoly.

To get through Egypt, companies have to pay exorbitant fees to state-owned
Telecom Egypt. Prices have risen dramatically, amid claims of corruption,
but operators have had little choice but to pay. At least until now.

The only route

The story of Egypt's submarine stranglehold is hard to tell. Several
analysts declined to talk on the record due to business relationships with
Telecom Egypt. Cable providers either declined to talk, or did not respond
to requests for comment. ``I am afraid I won't be open to discuss the
Egyptian submarine cable bottleneck due to certain concerns,'' another
industry figure said, declining to elaborate.


Click here to read the complete article
1

rocksolid light 0.9.8
clearnet tor