RISKS-LIST: Risks-Forum Digest Saturday 11 November 2023 Volume 33 : Issue 93

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/33.93>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>

Contents:
Man crushed to death by robot in South Korea (BBC News)
Risk of all your communication eggs in one basket (Sundry)
Recognizing Fake News Now a Required Subject in California Schools
(IJPR)
How Russian disinformation toppled multiple governments in Africa (WashPost)
Russia fines Google $100 million, and Facebook parent company $27
million, for content violations (The Washington Post)
Cloudflare Outage: There's Plenty Of Blame To Go Around
(Data Center Frontier)
Essays: Decoupling for Security (Schneier on Security)
U.S. Drones Are Flying Over Gaza to Aid in Hostage
Recovery, Officials Say (The New York Times)
Look, Up in the Sky! Amazon's Drones Are Delivering Cans
of Soup! (*The New York Times)
Five big carmakers beat lawsuits alleging infotainment
systems invade privacy (Ars Technica)
Multiple Python Obscuration Tools that are not trustable
(Ars Techica)
Data on 267,000 Sarnia patients going back 3 decades among cyberattack
thefts at 5 Ontario hospitals (CBC)
Brothel compromises (Sundry items from Monty Solomon)
Android 14's storage disaster gets patched, but your data might be gone
(Ars Technica)
Man vs. Musk: A Whistleblower Creates Headaches for Tesla (NYTimes)
Don't trust *Find my apps* or location trackers like AirTags (WashPost)
Why Banks Are Suddenly Closing Down Customer Accounts (NYTimes)
Virginia State Police Prepares Team To Monitor Voter Removals (DCist)
The impasse over who controls your car data (WashPost)
This smart garage door controller is no longer very smart (The Verge)
Critical vulnerability in Atlassian Confluence server is under *mass
exploitation* (Ars Technica)
Re: A $92,000 flying car can reach speeds of 63 miles
(John Levine)
Re: Toyota has built an EV with a fake transmission, and
we've driven it (Martin Ward)
Re: They Cracked the Code to a Locked USB Drive Worth
$235 Million in Bitcoin. Then It Got Weird. (Dick Mills)
Re: Comments on RISKS-33.92 (Jericho)
Hiring: One Jamaican Bobsled Team -- and Weird Job
Descriptions (Cliff Kilby)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Wed, 8 Nov 2023 18:19:37 -0500
From: Gabe Goldberg <gabe@gabegold.com>]
Subject: Man crushed to death by robot in South Korea
(BBC News)

A man has been crushed to death by a robot in South Korea after it failed to
differentiate him from the boxes of food it was handling, reports say.

https://www.bbc.com/news/world-asia-67354709

------------------------------

Date: Wed, 8 Nov 2023 16:55:45 +1100
From: Bruce Hunter <brucer.hunter@gmail.com>
Subject: Risk of all your communication eggs in one basket

Australia's second largest mobile and Internet service provider had a major
outage across Australia today.

https://www.smh.com.au/technology/what-caused-the-optus-outage-20231108-p5eiep.html?btis
https://www.abc.net.au/news/2023-11-08/optus-outage-mobile-phones-internet-what-happened/103077180

It was revealing how dependent our society is on the full functioning of our
communication services.

This outage affected public transport, `000' emergency calls (Australia's
911) for Ambulance-Police-Fire Brigades, Two-factor authentication of
websites, Uber, Taxis, Hospitals and the list goes on. People are
scrounging for other ways to connect as most of our digital life is
dependent on communication.

In a hint at reducing the risk impact of NO communication services, Optus
spokesperson said:

"We are aware of some mobile phones having issues connecting to
triple-0. *If Optus customers need to call emergency services, we suggest
finding a family member or neighbour with an alternative device"!* [emphasis
added]. To Optus' credit they have returned systems to operation in just 8
hours.

Diversity is one of the key measures to improve reliability and
resilience. I was lucky to continue on as my Internet was with a
different provider to my mobile. As IoT, Cloud and 5G become the norm to
"interconnectedness" we will experience more risks to our "normal" life. I
just got to get a list of neighbours with an *alternative device*, just in
case. ;-)

[John Colville noted this item:
More than 10 million customers were affected by the
Optus outage (ABC):
Service failed at 4am AEDT and took 14 hours to be close to completely
recovered. No explanation yet as to cause.
https://www.abc.net.au/news/2023-11-09/how-the-optus-outage-played-out/103079768
PGN]

------------------------------

Date: Sat, 11 Nov 2023 14:08:16 -0500
From: Monty Solomon <monty@roscom.com>
Subject: Recognizing Fake News Now a Required Subject in California
Schools (IJPR)

https://www.ijpr.org/media-society/2023-11-10/recognizing-fake-news-now-a-required-subject-in-california-schools

------------------------------

Date: Sun, 5 Nov 2023 13:48:29 -0500
From: Monty Solomon <monty@roscom.com>
Subject: How Russian disinformation toppled multiple
governments in Africa (WashPost)

In the two years since an Israeli company first tried to thwart a Russian
disinformation campaign in Burkina Faso, coups or rebels have removed the
governments of five former French colonies, replacing them with pro-Russia
leaders.

https://www.washingtonpost.com/technology/2023/10/21/percepto-africa-france-russia-disinformation/

------------------------------

Date: Sun, 26 Dec 2021 15:04:00 -0500
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Russia fines Google $100 million, and Facebook parent company $27
million, for content violations (The Washington Post)

MOSCOW — A Russian court fined Google nearly $100 million Friday for
“systematic failure to remove banned content” — the largest such penalty yet
in the country as Moscow attempts to rein in Western tech giants.

The fine was calculated based on Google’s annual revenue, the court
said. Roskomnadzor, Russia’s Internet regulator, told the court that
Google’s 2020 turnover in the country exceeded 85 billion rubles, or about
$1.15 billion.

Meta Platforms, the parent company of Facebook and Instagram, was fined
approximately $27 million, also for declining to remove banned content,
several hours after the Google decision. Meta’s fine, like the one levied on
Google, was tied to yearly revenue in Russia.

The fines represent an escalation in Russia’s push to pressure foreign tech
firms to comply with its increasingly strict rules on what it deems illegal
content — particularly apps, websites, posts and videos related to jailed
opposition leader Alexei Navalny’s network, which has been labeled as
extremist in the country.

https://www.washingtonpost.com/world/2021/12/24/google-russia-fine-banned-content/

------------------------------

Date: Wed, 8 Nov 2023 14:56:29 +0000
From: Victor Miller <victorsmiller@gmail.com>
Subject: Cloudflare Outage: There's Plenty Of Blame To Go Around
(Data Center Frontier)

https://www.datacenterfrontier.com/cloud/article/33014487/cloudflare-outage-theres-plenty-of-blame-to-go-around

------------------------------

Date: Wed, 8 Nov 2023 14:43:54 +0000
From: Victor Miller <victorsmiller@gmail.com>
Subject: Essays: Decoupling for Security (Schneier on Security)

https://www.schneier.com/essays/archives/2023/11/decoupling-for-security.html

------------------------------

Date: Sun, 5 Nov 2023 22:25:32 -0500
From: Gabe Goldberg <gabe@gabegold.com>
Subject: U.S. Drones Are Flying Over Gaza to Aid in Hostage
Recovery, Officials Say (The New York Times)

The military has been sending weapons and advisers to Israel, but the
flights suggest a more active American role.

Approximate paths of American military drone flights over the Gaza
Strip. Flights shown here are from Oct. 28 to Nov. 2, of which at least six
flights were over Gaza.

Source: Flight path data from FlightRadar24. Paths are approximate based on
each flight's reported position about every minute.

https://www.nytimes.com/2023/11/02/world/middleeast/israel-hamas-gaza-hostages-us.html?smid=nytcore-ios-share&referringSource=articleShare

[Military drones are tracked by FlightRadar24? That doesn't seem like a
good idea...]

------------------------------

Date: Sat, 4 Nov 2023 19:26:46 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Look, Up in the Sky! Amazon's Drones Aree
Delivering Cans of Soup! (*The New York Times)

Amazon’s much-hyped drone project is dropping small objects on
driveways. Some customers are not sure what it delivers beyond minestrone.

Only one item can be delivered at a time. It can’t weigh over five
pounds. It can’t be too big. It can’t be something breakable, since the
drone drops it from 12 feet. The drones can’t fly when it is too hot or too
windy or too rainy.