RISKS-LIST: Risks-Forum Digest Sunday 5 February 2023 Volume 33 : Issue 61

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/33.61>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>

Contents: Working on huge backlog
Historic Arctic outbreak crushes records in New England (WashPost)
'It had just vanished' -- the shock when tech fails (BBC News)
Welcome to the Era of Internet Blackouts (WiReD)
Ford recalls 462,000 SUVs over rearview camera issue (Engadget)
The lights have been on at a Massachusetts school for over a year because
no one can turn them off (Corky Siemaszko)
FAA says unintentionally deleted files are to blame for nationwide
ground stop (CNN)
Wi-Fi Routers Can Detect Human Locations, Poses Within a Room (Mark Tyson)
Hackers Can Make Computers Destroy Their Own Chips with Electricity
(Matthew Sparkes)
Decoding Brainwaves to Identify What Music Is Being Listened To (U.Essex)
Remember Zoom-bombing? This is how Zoom tamed meeting intrusions. (WashPost)
Google Fi warns customers that their data has been compromised (Engadget)
Options trading desks 'flying blind' after derivatives platform hit by
ransomware attack (MarketWatch)
Mathematical Trick Lets Hackers Shame People into Fixing Software Bugs
(Matthew Sparkes)
Can You Trust Your Quantum Simulator? (Jennifer Chu)
Widespread Logic Controller Flaw Raises the Specter of Stuxnet
(Lily Hay Newman)
Man Paid $20,000 in Bitcoin in Failed Attempt to Have 14-Year-Old Killed,
U.S. Says (NYTimes)
Developer pleads guilty to hacking his own company after pretending to
to investigate himself (The Verge)
to Know. (NYTimes)
investigate himself (The Verge)
Retirees Are Losing Their Life Savings to Romance Scams. Here's What to
Know. (NYTimes)
Cryptocurrency Founder Gamed Markets, FTX Rivals Say (NYTimes)
How Charlie Javice Got JPMorgan to Pay $175 Million for What Exactly?
(NYTimes)
Massive nursing degree scheme leads to hunt for 2,800 fraudulent nurses
(Ars Technica)
Based on a True Story -- Except the Parts That Aren't (NYTimes)
Citing Accessibility, State Department Ditches Times New Roman for Calibri
(NYTimes via Jan Wolitzky)
DNS Attack enabled by well-know passwords; An issue that should be
long-resolved (Ars Technica and precursor note)
U.S. No-Fly List Leaks After Being Left in an Unsecured Airline Server
(Vice)
Yet *another* T-Mobile data breach affects 37M accounts (CNET)
Coming soon, Congress screws with the clock with permanent DST?
(Lauren Weinstein)
NET pushed reporters to be more favorable to advertisers, staffers say
(The Verge)
Twitter employees status -- and Musk on trial (Lauren Weinstein)
Musk oversaw staged Tesla self-driving video, emails show (Ars Technica)
How Smart Are the Robots Getting? (Cade Metz)
Robot Cars Are Causing 911 False Alarms in San Francisco (WiReD)
A news site used AI to write articles, and it was a journalistic disaster
(WashPost)
CNET Is Reviewing the Accuracy of All Its AI-Written Articles After Multiple
Major Corrections (gizmodo)
My Printer Is Extorting Me (The Atlantic via Steve Bacher)
ChatGPT on a blog: huMansplaining on parade (Rob Lemos)
ChatGPT Accuracy in the Movies! (Lauren Weinstein)
Google and the rest of "Big Tech" need to step up and speak to the public,
*now*! (Lauren Weinstein)
Google laying off 12K workers (Google)
Jan 6 committee suppressed information about how social media firms --
especially Twitter -- enabled the violent insurrection (WashPost)
Meta, Twitter, Microsoft and others urge Supreme Court not to allow lawsuits
against tech algorithms (CNN)
Twitter's utter violation of Trust & Safety (Lauren Weinstein)
Elon's Sick Twitter officially bans third-party clients, a foundational
aspect of Twitter for many years (TechCrunch)
Why the TikTok ban needs university exemptions (Statesman)
Twitter admits it's breaking third-party apps, cites 'long-standing API
rules' (Engadget)
Tesla engineer testifies that 2016 video promoting self-driving was faked
(TechCrunch)
U.S. states blocking overseas taxpayer traffic (Dan Jacobson)
As Deepfakes Flourish, Countries Struggle with Response (Tiffany Hsu)
In the age of AI, major in being human (David Brooks)
Race is on as Microsoft puts billions into OpenAI (Metz/Weise)
Google is freaking out about ChatGPT (The Verge)
ChatGPT user acquisition rate (Dan Geer)
Artificial Intelligence and National Security (Reza Montasari book
reviewed by Sven Dietrich)
Cybersecurity Myths and Misperceptions: Avoiding the Hazards and Pitfalls
that Derail Us (Gene Spafford)
Re: Remote Vulnerabilities in Automobiles (Bernie Cosell)
Re: Cats disrupt satellite Internet service (John Levine, Wol)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Sat, 4 Feb 2023 12:39:19 -0500
From: Monty Solomon <monty@roscom.com>
Subject: Historic Arctic outbreak crushes records in New England WashPost)

The Weather Service office serving the area tweeted the wind chill was so
low that its software for logging such data ``refuses to include it!''

https://www.washingtonpost.com/weather/2023/02/04/northeast-record-cold-boston-arctic/

[With the record colds all over the U.S. -- including Texas -- this item
seems worthy of the lead story. PGN]

------------------------------

Date: Tue, 17 Jan 2023 09:39:56 +0000
From: "Chris Leeson" <risks@inishail.org>
Subject: 'It had just vanished' -- the shock when tech fails (BBC News)

https://www.bbc.co.uk/news/business-64051121

Cloud has many advantages, but if the cloud provider disappears, then so
does your infrastructure. This article looks at a couple of businesses that
have been hit by outages and disappearance of provider.

``Using cloud services, by definition, makes a business reliant on a third
party,'' says Vili Lehdonvirta of the Oxford Internet Institute and author
of Cloud Empires. ``What is the cloud? Well, the cloud is somebody else's
computer.''

It is complex, setting up highly available systems is even more complex
(I'm sure, not news to anyone here...). Cloud is not a panacea, especially
for small businesses. At least we are starting to get mainstream articles
that acknowledge this, rather than pushing cloud as the solution for all
ills.

------------------------------

Date: Fri, 20 Jan 2023 19:34:41 -0500
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Welcome to the Era of Internet Blackouts (WiReD)

New research from Cloudflare shows that connectivity disruptions are a
problem around the globe, pointing toward a troubling new normal.

https://www.wired.com/story/cloudflare-internet-blackouts-report

------------------------------

Date: Tue, 31 Jan 2023 01:33:01 -0500
From: Monty Solomon <monty@roscom.com>
Subject: Ford recalls 462,000 SUVs over rearview camera issue (Engadget)

https://www.engadget.com/ford-recalls-462000-suv-rearview-camera-issue-160153194.html

------------------------------

Date: Thu, 19 Jan 2023 07:25:34 -0800
From: Steve Bacher <sebmb1@verizon.net>
Subject: The lights have been on at a Massachusetts school for over a year
because no one can turn them off (Corky Siemaszko)

(NBC News)

https://www.nbcnews.com/news/us-news/lights-massachusetts-school-year-no-one-can-turn-rcna65611

Wilbraham Massachusetts: For nearly a year and a half, the roughly 7,000
lights in a sprawling Massachusetts high school have been on continuously,
because the district canât turn them off. While district leaders blame the
pandemic and supply chain issues for being unable to fix the failed lighting
system, taxpayers have been stuck paying for the costly energy bills.

The lights have been on at a Massachusetts school for over a year because no
one can turn them off the roughly 7,000 lights in the sprawling building.

The lighting system was installed at Minnechaug Regional High School when
it was built over a decade ago and was intended to save money and energy.
But ever since the software that runs it failed on Aug. 24, 2021, the
lights in the Springfield suburbs school have been on continuously, costing
taxpayers a small fortune....

The system was designed to save energy -- and thus save money by
automatically adjusting the lights as needed.

[Also noted by Mike Smith and Victor Miller. PGN]

------------------------------

Date: Thu, 19 Jan 2023 20:02:18 -0800
From: Lauren Weinstein <lauren@vortex.com>
Subject: FAA says unintentionally deleted files are to blame for nationwide
ground stop (CNN)

[ rm -rf * .tmp ] -L

https://www.cnn.com/2023/01/19/business/faa-notam-outage/index.html

------------------------------

Date: Mon, 23 Jan 2023 11:37:44 -0500 (EST)
From: ACM TechNews <technews-editor@acm.org>
Subject: Wi-Fi Routers Can Detect Human Locations, Poses Within a Room
(Mark Tyson)