RISKS-LIST: Risks-Forum Digest Tuesday 25 October 2022 Volume 33 : Issue 49

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/33.49>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>

Contents:
Nuclear War Simulator Creator Says Public Must Know Potential Destruction
(Aristos Georgiou)
Climate Change Threatens Supercomputers (Jacklin Kwan)
The computer errors from outer space (bbc.com)
NYC's Emerg. Med. Svc ("911") system was crippled 'cuz ... (danny burstein)
AI Language Models Show Bias Against People with Disabilities, Study Finds
(Penn State)
A new AI model can accurately predict human response to novel drug compounds
(phys.org)
We Should Try to Prevent Another Alex Jones (Zeynep Tufekci)
Alternatives to Twitter (Lauren Weinstein)
A prudent approach to Musk and Twitter (Lauren Weinstein)
Twitter reportedly has a user retention problem (Lauren Weinstein)
TikTok and Facebook fail to detect election disinformation in the U.S.,
while YouTube succeeds (Global Witness)
Behind TikTok's Boom: A legion of traumatised, $10-a-day content moderators
(The Bureau Investigates)
ACM Highlights Underuse of Risk-Limiting Audits in Confirming Accuracy of
Election Results (ACM)
Iran Hackers Behind Attempt on US Election Are Still Active
(GovInfoSecurity)
Internet Of Dangerous Things (Henry Baker)
In the ultimate Amazon smart home, each device collects your data (WashPost)
GPS interference caused the FAA to reroute Texas air traffic.
Experts stumped (Ars Technica)
Cuban Defector Flies Stolen An-2 To Florida (AVweb)
How to miss potentially important Google Chat notifications (LW)
Police Are Using DNA to Generate 3D Images of Suspects They've Never Seen
(Vice)
Even After $100 Billion, Self-Driving Cars Are Going Nowhere (Bloomberg)
Eleven more crash deaths are linked to automated-tech vehicles
(The Center for Auto Safety)
High-Tech Cars Are Killing the Auto Repair Shop (WiReD)
Heat from fingertips can be used to crack passwords, researchers find
(Yahoo! News)
Zillow bug (Jan Woliltzky)
Real Estate Phish Swallows 1,000s of Microsoft 365 Credentials
(Dark Reading)
Google drops Chrome support for Windows 7 (Lauren Weinstein)
Too Many Drivers with Advanced Tech Expect Cars to Drive for Them
(Car and Driver)
Planned cuts at Twitter likely to hurt content moderation, user security
(WashPost)
Devastating Report: Twitter may fire 75% of workers, gut content moderation
and decimate infrastructure (WashPost)
The vulnerability of transformers-based malware detectors to adversarial
attacks (techxplore.com)
Thousands of GitHub Repositories Deliver Fake PoC Exploits with Malware
(Bill Toulas)
How a Microsoft blunder opened millions of PCs to potent malware attacks
(Ars Technica)
Microsoft Office 365 email encryption could expose message content
(Bleeping Computer)
Google's "passkey" effort (Twitter)
How Your Shadow Credit Score Could Decide Whether You Get an Apartment
(ProPublica)
U.S. Chip Sanctions Kneecap China's Tech Industry (WiReD)
The danger of advanced artificial intelligence controlling its own feedback
(techxplore.com)
Toyota exposed 300,000 customer email addresses for 5 years (Techcrunch)
Parler leaked email addresses for Ivanka Trump, other 'VIPs' in Kanye West
announcement (Mashable)
Humans Beat DeepMind AI in Creating Algorithm to Multiply Numbers
(Matthew Sparkes)
Deception Detection (RAND)
Re: AI-driven 'thermal attack' system reveals computer and smartphone
passwords in seconds (Steve Bacher)
Re: Lufthansa Says Apple AirTags Are Once Again Allowed in Checked Bags
(Jan Wolitzky)
Re: Not a physical DDoS attack on the Australian Postal system (John Levine)
Re: Automatic emergency braking is not great at preventing crashes. at
normal speeds (Martin Ward)
Article about CHERI (Rik Farrow)
U.S. National Security Strategy report (The White House)
Book on Digital Ethics (Christian Fuchs)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Mon, 24 Oct 2022 11:59:06 -0400 (EDT)
From: ACM TechNews <technews-editor@acm.org>
Subject: Nuclear War Simulator Creator Says Public Must Know Potential
Destruction (Aristos Georgiou)

Aristos Georgiou, *Newsweek*, 19 0ct 2022, via ACM TechNews, 24 Oct 2022

A computer scientist created a nuclear war simulator to demonstrate atomic
weapons' destructive potential to the public. Christopher Minson said
Russia's war in Ukraine has elevated traffic to his website, which hosts a
map tool for modeling an attack on the U.S. involving approximately 1,200
nuclear warheads. Minson based the tool on databases of warhead yields and
targets derived from declassified information; he then compiled a database
of census data, and mapped populations to target sites. Minson said the
system correlates this data and executes a two-hour attack, calculating
casualties from known impact and population size, and modeling the spread of
fallout. "It is critical that the public understands this threat," he said.
"They need to see, clearly and viscerally, just how universal and
destructive a nuclear war would be."

https://orange.hosting.lsoft.com/trk/click?ref=znwrbbrs9_6-2f78bx23708fx072432&

------------------------------

Date: Wed, 12 Oct 2022 15:16:14 -0400 (EDT)
From: ACM TechNews <technews-editor@acm.org>
Subject: Climate Change Threatens Supercomputers (Jacklin Kwan)

Jacklin Kwan, *Science*, 11 Oct 2022, via ACM TechNews, 12 Oct 2022

Climate change is jeopardizing the operation of high-performance computing
(HPC) facilities. Natalie Bates at the U.S. Department of Energy's Lawrence
Livermore National Laboratory (LLNL) said such facilities, which include
supercomputers and data centers, are vulnerable due to their high cooling
demands and massive energy use. Increased humidity driven by climate change
can reduce the efficiency of the evaporative coolers many HPC centers depend
on, and also can threaten the systems with blowouts. Hewlett Packard
Enterprise's Nicolas Dub=C8 said the high cost of upgrades to adapt to such
changes has driven some HPC centers to cooler and drier locations like
Canada and Finland. LLNL's Anna-Maria Bailey said the cost of relocation may
be unaffordable, so the California facility is considering moving its
computers underground.

https://orange.hosting.lsoft.com/trk/click?ref=znwrbbrs9_6-2f638x236c48x071990&

------------------------------

Date: Thu, 13 Oct 2022 00:26:49 +0000
From: Richard Marlon Stein <rmstein@protonmail.com>
Subject: The computer errors from outer space (bbc.com)

https://www.bbc.com/future/article/20221011-how-space-weather-causes-computer-errors

"When computers go wrong, we tend to assume it's just some software hiccup,
a bit of bad programming. But ionising radiation, including rays of protons
blasted towards us by the sun, can also be the cause. These incidents,
called single-event upsets, are rare and it can be impossible to be sure
that cosmic rays were involved in a specific malfunction because they leave
no trace behind them."

As silicon features reduce to near atomic dimensions (approaching 1
nanometer == 10), these events are likely increase their frequency. The
biggest supercomputers contain very high-density physical memory pools.
Administrators and reliability engineers battle with row-level memory
failures constantly.

See https://catless.ncl.ac.uk/Risks/30/15#subj6.1. There are at least 10
prior comp.risks posts containing the term "cosmic ray."

------------------------------

Date: Sat, 15 Oct 2022 23:25:02 +0000 ()
From: danny burstein <dannyb@panix.com>
Subject: NYC's Emerg. Med. Svc ("911") system was crippled 'cuz ...

In NYC, the "911" calls come into a central "public safety answering
position" ("psap"). If the emergency required EMS or fire response, it's
transferred to the fire dep't center and then dispatched from there.

The FDNY dispatch and control system was crippled for half a day earlier
this week because...

... a contractor, thinking he was pushing an "open the door, Hal", button,
lifted the cover on a button labeled "EPO"...

Which stood for... "emergency power off".

Ok, everyone, start cringing... Including asking why, in addition to not
having a secondary "hot standby" system, it took *hours* to bring this back
up.

[NY Post]

Oops! FDNY contractor presses wrong button, shuts down NYC's emergency
dispatch system

An outside contractor making repairs at the FDNY's emergency dispatch
center in downtown Brooklyn pressed the wrong button to open a door -- and
shut down the agency's communications system, triggering an hours-long
citywide crisis.

Wednesday's snafu at the FDNY's MetroTech Center facility forced staffers
to rely on ancient methods - pens, paper and telephones rather than
digital systems -- to gather facts and get word to first responders as 911
calls came in, officials for unions representing the agency's dispatchers
and medics told The Post.