RISKS-LIST: Risks-Forum Digest Monday 15 January 2023 Volume 33 : Issue 60

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/33.60>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>

Contents:
NASA just brought a spacecraft 23 billion kilometres away to LIFE and the
results are Astonishing (ViralOnce)
Remote Vulnerabilities in Automobiles (Bruce Schneier)
Linux Malware Uses 30 Plugin Exploits to Backdoor WordPress Sites
(Bill Toulas)
Cops Hacked Thousands of Phones. Was It Legal? (WiReD)
The next time scammers call your grandparents asking for money, it will be
with your voice. (MPost)
Ransomware group LockBit apologizes saying 'partner' was behind SickKids
attack (CBC-CA)
Matt Levine on Ransomware compliance (Joe Loughry)
Programming Languages: Why This Old Favorite Is on the Rise Again
(Liam Tung)
3rd-party Twitter apps stop working without warning, leaks indicate Twitter
did this intentionally (Engadget)
How ChatGPT Hijacks Democracy (*The New York Times*)
ChatGPT-Written Malware (Bruce Schneier)
Microsoft to challenge Google by integrating ChatGPT with Bing Search
(The Verge)
A New Area of AI Booms, Even Amid the Tech Gloom (NYTimes)
Re: Pretty Smart AI (Jurek Kirakowski)
State of the cybersecurity art (NCSC UK via Gary Hinson)
Artist Banned from reddit/Art Because Mods Thought They Used AI (Vice)
Re: Calculations on Maryland college savings plans lead to account freeze)
(Martin Ward)
Southwest airline disruption (Martin Ward)
Amazing Southwest story... (Paul Saffo)
The oven won't talk to the fridge: 'smart' homes struggle (techxplore.com)
Colorado ski town emergency dispatch centers fielding dozens of automated
911 calls from skier iPhones (Jason Blevins via Paul Saffo)
Re: As Tesla stock tanks, videos of Teslas malfunctioning in below-freezing
temps go viral (John Levine)
Re: Cats disrupt satellite Internet service (Henry Baker)
Re: I bought a $15 router at Goodwill, and found a millionaire's dirty
secrets (Steve Bacher)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Mon, 9 Jan 2023 01:44:56 -0500
From: Gabe Goldberg <gabe@gabegold.com>
Subject: NASA just brought a spacecraft 23 billion kilometres away to LIFE
and the results are Astonishing (ViralOnce)

Controllers assessing the probe's sent data have now declared that Voyager 1
is once again delivering accurate telemetry data to Earth.

>From the very beginning, it was clear that the problem was connected to the
mechanism responsible for ensuring that the probeâs antenna was always
pointed towards Earth. If the antenna were to flip, we would lose
communication with the spaceship (and the history of space exploration knows
too many such cases).

The engineers discovered that this antenna control system had resumed
transmitting telemetry data via an on-board computer that had been
decommissioned for many years. This computer was responsible for distorting
the data, which ultimately arrived on Earth as a succession of nonsensical
facts.

Once this was determined, the engineers issued a command to the probe
instructing it to send the data via the appropriate computer. As he withdrew
his hand, the issue disappeared. Obviously, it takes time to determine if
the cure was effective.

In fact, Voyager 1 is already almost 23 billion kilometers from Earth, which
implies that the signal from Earth takes 22 hours to reach the probe. The
signal verifying the command's execution is also traveling towards the
Earth.

After the probe's health was fully restored, the issue emerged as to how it
could suddenly begin using a long-forgotten computer. In the next weeks,
experts will examine all computer logs from the spacecraft's onboard systems
to determine the source of the misunderstanding.

https://viralonce.xyz/nasa-just-brought-a-spacecraft-23-billion-kilometres-away-to-life-and-the-results-are-astonishing/

The risks? Out-of-warranty equipment too remote for service calls,
decommissioned computers suddenly awakening. The good news, of course -- a
valuable lesson -- is system logs.

------------------------------

Date: Sun, 15 Jan 2023 15:55:00 -0500
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Remote Vulnerabilities in Automobiles (Bruce Schneier)

This group has found a ton of remote vulnerabilities in all sorts of
automobiles.

It' enough to make you want to buy a car that is not Internet-connected.
Unfortunately, that seems to be impossible.

https://www.schneier.com/blog/archives/2023/01/remote-vulnerabilities-in-automobiles.html

DC Auto Show is this week -- it'll be interesting grilling executives and
boothsters about this.

------------------------------

Date: Wed, 4 Jan 2023 11:44:01 -0500 (EST)
From: ACM TechNews <technews-editor@acm.org>
Subject: Linux Malware Uses 30 Plugin Exploits to Backdoor WordPress Sites
(Bill Toulas)

Bill Toulas, BleepingComputer, 30 Dec 2022,
via ACM TechNews; Wednesday, January 4, 2023

Antivirus vendor Dr. Web disclosed a new Linux malware that exploits 30
flaws in multiple outdated WordPress plugins and themes to inject malicious
JavaScript and give attackers remote command capabilities. The vendor said
the trojan targets 32-bit and 64-bit Linux systems; it is mainly designed to
penetrate WordPress websites via a series of hardcoded exploits that run
successively until one breaks through. If the sites run outdated or
vulnerable plugins, the malware automatically injects malicious JavaScript
from its command-and-control server. The exploit is most effective on
abandoned sites, because infected pages can redirect visitors to a location
of the hacker's choosing. Dr. Web advised WordPress website admins to update
to the latest available version of the themes and plugins running on the
site, and to replace those that are no longer developed with alternatives
now being supported.

------------------------------

Date: Thu, 5 Jan 2023 16:03:16 -0500
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Cops Hacked Thousands of Phones. Was It Legal? (WiReD)

When police infiltrated the EncroChat phone system in 2020, they hit an
intelligence gold mine. But subsequent legal challenges have spread across
Europe.

https://www.wired.com/story/encrochat-phone-police-hacking-encryption-drugs

------------------------------

Date: Mon, 9 Jan 2023 10:47:43 -0500
From: Steve Klein <steven@klein.us>
Subject: The next time scammers call your grandparents asking for money,
it will be with your voice. (MPost)

Summary: VALL-E is a transformer-based TTS model that can generate speech in
any voice after hearing only a three-second sample of that voice. This
could routinely enable participation in hearings & trials, bad actors might
replace an unfriendly witness with a live deepfake of that same person,
testifying against the interest of the person being faked. [Garbled e-mail
PGN-ed]

Link: https://mpost.io/vall-e-microsofts-new-zero-shot-text-to-speech-model-can-duplicate-everyones-voice-in-three-seconds/

It might be trite, but never more apt, to say ``The risks are obvious.''

------------------------------

Date: Mon, 2 Jan 2023 22:25:45 -0700
From: Matthew Kruk <mkrukg@gmail.com>
Subject: Ransomware group LockBit apologizes saying 'partner' was behind
SickKids attack (CBC-CA)

A global ransomware operator has issued a rare apology after it claims one
of its "partners" was behind a cyberattack on Canada's largest pediatric
medical centre.

LockBit, a ransomware group the U.S. Federal Bureau of Investigation has
called one of the most active and destructive in the world, posted a brief
statement on what cybersecurity experts say is its data leak site claiming
it has blocked its partner responsible for the attack on Toronto's Hospital
for Sick Children and offering the code to restore the system.

https://www.cbc.ca/news/canada/toronto/ransomware-group-sickkids-cybersecurity-update-1.6701688

------------------------------

Date: Fri, 6 Jan 2023 14:04:20 -0700
From: Joe Loughry <joe.loughry@gmail.com>
Subject: Matt Levine on Ransomware compliance

In Matt Levine's "Money Stuff" newsletter, 5 January 2023, he wrote about
cybercriminals' need to balance aggressiveness and risk:

Ransomware compliance

I continue to be fascinated by the role of chief compliance officer at a
ransomware company. In general, the chief compliance officer at any
company has a dial in front of her that she can turn to get More Crime or
Less Crime, and at a normal company -- a bank, for instance -- her job
consists of

(1) turning it most of the way toward Less Crime, but (2) not all the
way, and (3) acting very contrite when politicians and regulators yell
at her about the residual crime. ``We have a zero-tolerance
policy for crime,'' she will say, and almost mean.