Rocksolid Light

News from da outaworlds

mail  files  register  groups  login

Message-ID:  

You never hesitate to tackle the most difficult problems.

comp / comp.risks / Risks Digest 33.54

SubjectAuthor
o Risks Digest 33.54RISKS List Owner

1
Subject: Risks Digest 33.54
From: RISKS List Owner
Newsgroups: comp.risks
Organization: PANIX Public Access Internet and UNIX, NYC
Date: Mon, 28 Nov 2022 04:35 UTC
Path: eternal-september.org!news.eternal-september.org!reader01.eternal-september.org!panix!.POSTED.panix2.panix.com!not-for-mail
From: risko@csl.sri.com (RISKS List Owner)
Newsgroups: comp.risks
Subject: Risks Digest 33.54
Date: 28 Nov 2022 04:35:16 -0000
Organization: PANIX Public Access Internet and UNIX, NYC
Lines: 532
Sender: RISKS List Owner <risko@csl.sri.com>
Approved: risks@csl.sri.com
Message-ID: <CMM.0.90.4.1669609569.risko@chiron.csl.sri.com655>
Injection-Info: reader2.panix.com; posting-host="panix2.panix.com:166.84.1.2";
logging-data="27360"; mail-complaints-to="abuse@panix.com"
To: risko@csl.sri.com
View all headers

RISKS-LIST: Risks-Forum Digest Sunday 27 November 2022 Volume 33 : Issue 54

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/33.54>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>

Contents:
Why artificial intelligence is now a primary concern for Henry Kissinger
(David Ignatius)
Alphabet installed software on user devices without their knowledge,
permission, or even data enabled. (Mark E Jeftovic via Peter Houppermans)
Major tax-filing websites secretly share income data with Meta
(Ars Technica)
Thinking about taking your computer to the repair shop? Be very afraid
(Ars Technica)
The airport of the future is the airport of today -- and that's not good.
(PapersPlease)
What Riding in a Self-Driving Tesla Tells Us About the Future of Autonomy
(NYTimes)
ID.me made baseless pandemic fraud claims to win contracts, Congress says
(Ars Technica)
Redacted Documents Are Not as Secure as You Think (WiReD)
The World Generates So Much Data, New Unit Measurements Were Created to Keep
Up (NPR)
Massive Twitter data breach was far worse than reported, reveal security
researchers (9to5mac)
Twitter, Mastodon Handle, and App (Paul Roberts)
Idle Crypto Is the Devil's Workshop (The New York Times)
What Happens When Crypto Meets Ted Lasso (NYTimes)
U.S. authorities seize iSpoof, a call spoofing site that stole millions
(Tech Crunch)
How Amazon shopping ads are disguised as real results (WashPost)
RansomExx joins the ranks of ransomware gangs switching to Rust (Cybernews)
How a Jewish Group's Online Surveillance Uncovered a Synagogue Plot
(NYTimes)
Sundry twitter items (Lauren Weinstein PGN-culled)
Elon's phone confusion (Lauren Weinstein)
They Weren't Rich But They Wanted to invest. Then They Lost Everything on
FTX (Mother Jones)
Re: NordStream (Nicolas Flamant Yotti)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Sat, 26 Nov 2022 16:06:27 -0500
From: Monty Solomon <monty@roscom.com>
Subject: hy artificial intelligence is now a primary concern for Henry
Kissinger (David Ignatius)

David Ignatius, The Washington Pst, 24 Nov 2022
If leading powers don't find ways to limit AI's reach,
Henry Kissinger warns, ``it is simply a mad race for some catastrophe.''`

https://www.washingtonpost.com/opinions/2022/11/24/artificial-intelligence-risk-kissinger-warning-weapons/

------------------------------

Date: Wed, 23 Nov 2022 07:04:27 +0100
From: Peter Houppermans <peter@houppermans.net>
Subject: Alphabet installed software on user devices without their
knowledge, permission, or even data enabled.

I picked this up via Mark E Jeftovic's Axis of Easy, and it's worth paying
attention to:

https://www.zerohedge.com/political/lawsuit-claims-massachusetts-installed-covid-19-spyware-1-million-devices

I merely summarize:

1. Software was installed by Google, sorry, Alphabet on behalf of a
government without the user's involvement or knowledge;
2. This installation was explicitly hidden from the user;
3 Alphabet appears to have means to enable data downloads explicitly
against the wishes of the user.

------------------------------

Date: Tue, 22 Nov 2022 16:29:53 -0500
From: Monty Solomon <monty@roscom.com>
Subject: Major tax-filing websites secretly share income data with Meta
(Ars Technica)

Financial data was sent to Meta by TaxAct, H&R Block, and TaxSlayer.

https://arstechnica.com/tech-policy/2022/11/major-tax-filing-websites-secretly-share-income-data-with-meta/

------------------------------

Date: Tue, 22 Nov 2022 16:31:38 -0500
From: Monty Solomon <monty@roscom.com>
Subject: Thinking about taking your computer to the repair shop?
Be very afraid (Ars Technica)

Not surprisingly, female customers bear the brunt of the privacy violations.

https://arstechnica.com/information-technology/2022/11/half-of-computer-repairs-result-in-snooping-of-sensitive-data-study-finds/

------------------------------

Date: November 24, 2022 11:39:33 JST
From: "Edward Hasbrouck" <edward@hasbrouck.org>
Subject: The airport of the future is the airport of today -- and that's not
good. (PapersPlease)

A case study and post-pandemic holday travel horror story:
https://papersplease.org/wp/2022/11/23/the-airport-of-the-future-is-the-airport-of-today-and-thats-not-good/

Today, the day before Thanksgiving, will probably be the busiest day for air
travel in the USA since the outbreak of the COVID-19 pandemic in early 2020.
If you are flying this week for the first time in three years, what will you
see that has changed? Unfortunately, many of the most significant changes
made during the pandemic are deliberately invisible -- which is part of that
makes them so evil.

During the pandemic, largely unnoticed, the dystopian surveillance-by design
airport of the future that we've been worried and warning about for many
years has become, in many places, the airport of today.

While travelers were sheltering in place during the COVID-19 pandemic,
airports have taken advantage of the opportunity to move ahead with
expansion and renovation projects. While passenger traffic was reduced,
and terminals and other airport facilities were operating well below
capacity, disruptions due to construction could be minimized.

A characteristic feature of almost all new or newly-renovated major airports
in the U.S. and around the world is that they are designed and built on the
assumption that all passengers' movements within the airport will be tracked
at all times, and that all phases of passenger processing will be carried
out automatically using facial recognition.

In the airport of the future, or in a growing number of present-day
airports, there's no need for a government agency or airline that wants to
use facial recognition to install cameras or data links for that purpose.
As in the new International Arrivals Facility at Sea-Tac Airport, which
opened this year, the cameras and connectivity are built into the facility
as common-use public-private infrastructure shared by airlines, government
agencies, and the operator of the airport -- whether that's a public agency
(as with almost all U.S. airports) or a private company (as with many
foreign airports).

This integrated and as-invisible-as-possible surveillance infrastructure
exemplifies the malign convergence of interests between government agencies
that want to identify and track travelers for pre-crime predictive profiling
and control, and airlines and airports (motivated by business efficiency
even when they are operated by instrumentalities of state and local
governments) that want to use the same hardware, and data from government ID
databases, for business process automation and revenue maximization.

That malign convergence of interests extends to an interest in making
surveillance tech inconspicuous and, if it is visible at all, making it
appear normal and unavoidable. Neither government agencies nor travel
companies nor airports want travelers to notice or question what is
happening, or want to take responsibility for it. If travelers ask
questions, airlines want to be able to answer, ``the Federal government made
us do it'', even if that isn't true (as it unquestionably isn't for
U.S. citizens or any domestic flyers within the U.S.).

The integration of facial recognition into the airport structure makes these
surveillance systems and practices much less visible -- by design -- than
retrofitted or standalone surveillance cameras. Their positioning along the
flow of passengers from airport entrance to aircraft door makes it almost
impossible to pass through the airport and board a plane without being
photographed, identified, and tracked.

Opting out is, in these new airports and terminals, a purely theoretical
option for travelers who already know their rights (without being given
notice of them), figure out how to assert them (again without notice) and
who are willing to put up with additional questioning, search, and/or delay.

More:
https://papersplease.org/wp/2022/11/23/the-airport-of-the-future-is-the-airport-of-today-and-thats-not-good/

------------------------------

Date: Sun, 27 Nov 2022 13:51:14 -0500
From: Monty Solomon <monty@roscom.com>
Subject: What Riding in a Self-Driving Tesla Tells Us About the Future of
Autonomy (NYTimes)

https://www.nytimes.com/interactive/2022/11/14/technology/tesla-self-driving-flaws.html

------------------------------

Date: Tue, 22 Nov 2022 16:40:38 -0500
From: Monty Solomon <monty@roscom.com>
Subject: ID.me made baseless pandemic fraud claims to win contracts,
Congress says (Ars Technica)

https://arstechnica.com/tech-policy/2022/11/id-me-made-baseless-pandemic-fraud-claims-to-win-contracts-congress-says/

------------------------------

Date: Fri, 25 Nov 2022 21:52:50 -0500
From: Monty Solomon <monty@roscom.com>
Subject: Redacted Documents Are Not as Secure as You Think (WiReD)


Click here to read the complete article
1

rocksolid light 0.9.8
clearnet tor