RISKS-LIST: Risks-Forum Digest Sunday 26 May 2024 Volume 34 : Issue 26

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/34.26>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>

Contents:
Waymo Under Investigation for Autonomous Driving Technology
(Tom Krisher)
U.S. halted safety inspections of public housing for weeks after IT
failure (NBC News)
Microsoft outage took down Copilot, DuckDuckGo, and ChatGPT search
features (MSN)
Arup lost HK$25mn in Hong Kong deepfake video conference scam (FT)
Can we rid artificial intelligence of bias? (techxplore.com)
Electricity grids creak as AI demands soar (Matthew Kruk)
ChatGPT's evil cousin: Explaining WormGPT, Malicious Generative AI
(Presale1)
CEO of Google Says It Has No Solution for Its AI Providing
Wildly Incorrect Information CNN)
ChatGPT Answers Programming Questions Incorrectly 52% of the Time
(Lauren Weinstein)
Stark Industries Solutions: An Iron Hammer in the Cloud (Krebs on Security)
Composer Tan Dun spreads his wings as an audience unmutes their phones
(WashPost)
Los Angeles suburb to test drone that claims to 'revolutionize' 911 response
(Steve Bacher)
Spyware found on U.S. hotel check-in computers (TechCrunch)
Review and recommendations based on May/June 2023 Microsoft email
incidents (CSRB)
Why Your VPN May Not Be As Secure As It Claims (Krebs on Security)
CIA Twitter Files (Schellenberger)
I stumbled upon LLM Kryptonite and no one wants to fix it (The Register)
Explosive emails show top NIH adviser deleted records, used *secret* back
channels to help Fauci evade COVID transparency (Josh Christenson)
Doctors `bribed to use infected blood products' (Telegraph)
10,000 YouTube videos (Lauren Weinstein)
Sam Altman Is Full Of Sh*t (The Verge)
ASML, TSMC Can Disable Chip Machines If China Invades Taiwan (Bloomberg)
Re: Ex-CDC Director Says It's High Time To Admit *Significant Side
Effects* Of COVID-19 Vaccines (Steve Lamont)
Re: Deleted photos of former owners reappearing on sold iPads -- and
probably iPhones (Gabe Goldberg)
Re: Is the news media picking on Tesla? (Wol)
Re: A woman was dragged by a self-driving Cruise (Steve Lamont)
Re: Newspaper groups warn Apple over ad-blocking plans (Steve Bacher)
Re: Half of calls to gambling helpline were for help placing mobile
bets (Steve Bacher)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Mon, 20 May 2024 11:32:13 -0400 (EDT)
From: ACM TechNews <technews-editor@acm.org>
Subject: Waymo Under Investigation for Autonomous Driving Technology
(Tom Krisher)

Tom Krisher, Associated Press, 14 May 2024, via ACM TechNews

The National Highway Traffic Safety Administration (NHTSA) announced
it is investigating Waymo's automated driving system after receiving
17 crash reports involving the company's self-driving vehicles and
five reports of potential traffic law violations. NHTSA also is
investigating Amazon's Zoox self-driving vehicles, partially automated
driver-assist systems from Tesla and Ford, and General Motors' Cruise
autonomous vehicle unit.

------------------------------

Date: Tue, 21 May 2024 23:24:22 +0000 (UTC)
From: Steve Bacher <sebmb1@verizon.net>
Subject: U.S. halted safety inspections of public housing for weeks after IT
failure (NBC News)

The federal government's inspection system for public housing suffered a
major technical failure that forced inspections to be canceled for two
weeks, according to groups representing housing providers. [...] HUD
attributed the stoppage to *a failed update from our IT vendor. [...]

https://www.nbcnews.com/news/us-news/hud-housing-inspections-halted-failed-update-vendor-rcna153076

------------------------------

Date: Thu, 23 May 2024 19:33:15 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Microsoft outage took down Copilot, DuckDuckGo, and ChatGPT search
features (MSN)

Search capabilities for ChatGPT, Copilot, DuckDuckGo, and other platforms
stopped working on Thursday morning due to a Microsoft outage.

The issues -- which began around 3AM ET -- appeared to be linked to Bing’s
API and any service that relies upon it. While Microsoft's own web search
engine, Bing, was also seemingly affected, according to TechCrunch, it came
back online eventually.

By 11AM ET, OpenAI posted a note indicating the issue had been resolved,
saying, “Between around 10:10 PM PT yesterday and 6:50 AM PT today, we
experienced a partial outage affecting ChatGPT’s web-browsing capabilities
due to Bing being unavailable.”

DuckDuckGo posted that “we’re coming back up” at around 10:30AM ET, and so
did Ecosia, which is “the search engine that plants trees.” Just after noon,
Microsoft's 365 Status account on X posted a note saying, “We’re broadening
our mitigation efforts following signs of partial recovery for
http://copilot.microsoft.com and other features.”

https://www.msn.com/en-us/news/technology/microsoft-outage-took-down-copilot-duckduckgo-and-chatgpt-search-features/ar-BB1mUrrk

------------------------------

From: Jan Wolitzky <jan.wolitzky@gmail.com>
Date: Tue, 21 May 2024 11:38:51 -0400
Subject: Arup lost HK$25mn in Hong Kong deepfake video conference scam (FT)

UK engineering group Arup lost HK$200mn (more than US$25mn) after fraudsters
used a digitally cloned version of a senior manager to order financial
transfers during a video conference, the Financial Times has learned.

Hong Kong police previously revealed what is one of the world's biggest
known deepfake scams, but did not identify the company involved. The FT has
confirmed it was Arup, which employs about 18,000 people globally and has
annual revenues of more than 32bn (pounds?).

<https://www.ft.com/content/b977e8d4-664c-4ae4-8a8e-eb93bdf785ea>

------------------------------

Date: Wed, 22 May 2024 07:05:01 +0000
From: Richard Marlon Stein <rmstein@protonmail.com>
Subject: Can we rid artificial intelligence of bias? (techxplore.com)

https://techxplore.com/news/2024-05-artificial-intelligence-bias.html

"Artificial intelligence built on mountains of potentially biased
information has created a real risk of automating discrimination, but is
there any way to re-educate the machines?"

AI bias is endemic. Bias, like the common cold, is without vaccine.

------------------------------

Date: Tue, 21 May 2024 11:52:44 -0600
From: Matthew Kruk <mkrukg@gmail.com>
Subject: Electricity grids creak as AI demands soar

There's a big problem with generative AI, says Sasha Luccioni at Hugging
Face, a machine-learning company. Generative AI is an energy hog.

``Every time you query the model, the whole thing gets activated, so it's
wildly inefficient from a computational perspective,'' she says.

Take the Large Language Models (LLMs) at the heart of many Generative AI
systems. They have been trained on vast stores of written information,
which helps them to churn out text in response to practically any query.

``When you use Generative AI, it's generating content from scratch, it's
essentially making up answers,'' Dr Luccioni explains. That means the
computer has to work pretty hard.

------------------------------

Date: Thu, 23 May 2024 10:16:45 +0000
From: Presale1 <info@presale1.com>
Subject: ChatGPT's evil cousin: Explaining WormGPT, Malicious Generative
AI

23 May 2024
https://email.cloud2.secureclick.net/c/10688?id=1454129.3889.1.0409fdf10a6d18b9a8886ec2be4bebec

Did you know ChatGPT has some malicious cousins? Early this year, I
gave a short talk at an online event organized by Presale1 and
sponsored by Google Israel, where I introduced everyone to WormGPT,
the malicious alt. [...]

https://email.cloud2.secureclick.net/c/10688?id=1454129.3890.1.3bee9ad6c8b35a8a1538df3ed9e3147a

------------------------------

Date: Sun, 26 May 2024 07:13:56 +0900
From: =?utf-8?B?44OV44Kh44O844OQ44O844OH44Kk44OT44OD44OJIO+8qg==?= <farber@keio.jp>
Subject: CEO of Google Says It Has No Solution for Its AI Providing
Wildly Incorrect Information CNN)

https://www.cnn.com/2024/05/24/tech/google-search-ai-results-incorrect-fix/index.html

LATER-BREAKING ITEM from Dave.

Google just updated its algorithm. The Internet will never be the same

------------------------------

Date: Sat, 25 May 2024 11:02:38 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: ChatGPT Answers Programming Questions Incorrectly 52% of thee
Time

But they were still preferred 35% of the time, and misinformation in them
was overlooked 39% of the time. -L

https://gizmodo.com/chatgpt-answers-wrong-programming-openai-52-study-1851499417

------------------------------

Date: Sat, 25 May 2024 14:07:39 +0000
From: Victor Miller <victorsmiller@gmail.com>
Subject: Stark Industries Solutions: An Iron Hammer in the Cloud
(Krebs on Security)

Two weeks before Russia invaded Ukraine in February 2022, a large,
mysterious new Internet hosting firm called Stark Industries Solutions
materialized and quickly became the epicenter of massive distributed
denial-of-service (DDoS) attacks on government and commercial targets
in Ukraine and Europe. An investigation into Stark Industries reveals
it is being used as a global proxy network that conceals the true
source of cyberattacks and disinformation campaigns against enemies of
Russia.

At least a dozen patriotic Russian hacking groups have been launching
DDoS attacks since the start of the war at a variety of targets seen
as opposed to Moscow. But by all accounts, few attacks from those
gangs have come close to the amount of firepower wielded by a
pro-Russia group calling itself “NoName057(16).”

------------------------------

Date: Mon, 20 May 2024 01:02:01 -0400
From: Monty Solomon <monty@roscom.com>
Subject: Composer Tan Dun spreads his wings as an audience unmutes their
phones (The Washington Post)

For this program —- evenly split between Tan Dun’s own music and a pair of
companion works by Igor Stravinsky -- the composer/conductor provided a
leaflet with a QR code that, when scanned, opened an audio file on your
phone. (You can see where this is going.) That recording -- a simulation of
birdsong as produced by a sextet of ancient Chinese instruments -- was
intended to be deployed during an “interactive” passage of the evening’s
closing piece, Tan's “Passacaglia: Secret of Wind and Birds,” billed as a
composition “for cellphone and orchestra.”


Not to mangle a cliché, but the road to good intentions is paved with people
who have no idea how to use their phones.

From the evening’s beginning to its overextended end, it was as though
somebody smuggled in a sack of sparrows and forgot to cinch it
closed. Each piece on Saturday was interrupted by scattered squeeks,
warbles and chirps (and, at one point, someone’s very loud Instagram
Reels). At first these intrusions were annoyances that made my head
hot. But after awhile, the benign wildness of Tan’s artificial birds
started to resemble the atmospheric indifference of real birds, and the
lot of us seemed to settle upon a vibe of resigned amusement. [...]

https://www.washingtonpost.com/entertainment/music/2024/05/19/tan-dan-bso-review/

[This gives entirely new meaning to `Give 'em the bird'.
But it would certainly chirrup the audience. PGN

------------------------------

Date: Fri, 24 May 2024 13:52:49 +0000 (UTC)
From: Steve Bacher <sebmb1@verizon.net>
Subject: Los Angeles suburb to test drone that claims to 'revolutionize' 911
response

Will these drones 'revolutionize' 911 response? L.A. suburb will be
first to test.

[Are they expecting Pre-test Protests relating to potential
slippery-slope surveillance? Or should we assume there is none?
PGN]

Several Southern California law enforcement agencies use drones in a
variety of scenarios including hostage situ.

------------------------------

Date: Fri, 24 May 2024 02:20:25 +0000
From: Victor Miller <victorsmiller@gmail.com>
Subject: Spyware found on U.S. hotel check-in computers (TechCrunch)

https://techcrunch.com/2024/05/22/spyware-found-on-hotel-check-in-computers/

------------------------------

Date: Fri, 24 May 2024 17:03:14 -0700
From: "Peter G. Neumann" <peter.neumann@sri.com>
Subject: Review and recommendations based on May/June 2023 Microsoft email
incidents (CSRB)

Similar to the National Transportation Safety Board, the Cyber Safety Review
Board, of the May/June 2023 incident where a China-related organization was
https://www.cisa.gov/resources-tools/groups/cyber-safety-review-board-csrb
was established by DHS to review cybersecurity incidents. In March 2024,
CSRB released their review of the May/June 2023 incident where a
China-related organization was able to read email of US government and other
organizations and individuals.
https://www.cisa.gov/sites/default/files/2024-04/CSRB_Review_of_the_Summer_2023_MEO_Intrusion_Final_508c.pdf
The not-publicly-identified victim list included "three think
tanks", so attacks were not limited to government targets.

CSRB found plenty of fault with Microsoft and made recommendations to its
CEO, to its corporate culture, and its (lack of) transparency to the public
and its customers. The report indicated that other major Cloud Service
Providers had controls in place that Microsoft did not. The report
specifically calls out Microsoft for not correcting in a timely fashion
their misinformation to the public claiming that Microsoft understood and
corrected how the key was stolen. "The Board also concludes that
Microsoft’s security culture was inadequate and requires an overhaul"

The CSRB report indicates that multiple errors (the loss of a signing key,
the failure to rotate the keys, and a flaw that allowed keys to have more
access than intended) "allowed successful authentication to the Entra
system for certain applications, such as mail." The report indicates the
threat actor could "gain full access to essentially any Exchange Online
account." A third party concluded "that the compromised 2016 MSA key could
sign access tokens for many types of applications, far beyond Microsoft’s
initial reporting."

The report did not investigate the January 2024 access allegedly by a
Russian-associated actor of "highly-sensitive Microsoft corporate email
accounts", "unauthorized access to some of Microsoft’s source code
repositories and internal systems" But, the report indicated "This
additional intrusion highlights the Board’s concern that Microsoft has not
yet implemented the necessary governance or prioritization of security to
address the apparent security weaknesses and control failures within its
environment and to prevent similar incidents in the future."

[A company known to me is currently transitioning to Microsoft's Entra
system for Multi-Factor Authentication (from OKTA) and apparently for
other purposes as well. It seems to be going all-in for Microsoft's
security. This reminds me of when DHS was first formed, the new Director
instituted a no-more-Macs move to MS-only because it would resolve the
lurking interoperability problems in merging all the organizations into
one -- evidently without much concern for correctness, security, or
privacy. PGN]

------------------------------

Date: Wed, 8 May 2024 20:14:45 +0000
From: Victor Miller <victorsmiller@gmail.com>
Subject: Why Your VPN May Not Be As Secure As It Claims
(Krebs on Security)

https://krebsonsecurity.com/2024/05/why-your-vpn-may-not-be-as-secure-as-it-claims/

------------------------------

Date: Sat, 25 May 2024 08:04:32 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: CIA Twitter Files

The Central Intelligence Agency (CIA) is the most famous of the 18 US
government agencies that comprise the Intelligence Community (IC) of
the United States of America. Unlike the Federal Bureau of
Investigations (FBI), the law strictly prohibits CIA employees or
contractors from spying upon or running clandestine operations against
American citizens on US soil.

But now, a new Twitter Files investigation reveals that a member of
the Board of Trustees of the CIA’s mission-driven venture capital firm
and ostensibly “former” IC and CIA analysts were involved in a
2021-2022 effort to take over Twitter’s content management system.

The effort also involved:

— A long-time IC contractor and senior Department of Defense R&D official
who spent years developing technologies to detect whistleblowers (“insider
threats”) like Edward Snowden and Wikileaks' leakers;

— The proposed head of the DHS’ aborted Disinformation Governance Board,
Nina Jankowicz, who aided US military and NATO “hybrid war” operations in
Europe;

— Jim Baker, who, as FBI General Counsel, helped start the Russiagate
hoax, and, as Twitter’s Deputy General Counsel, urged Twitter
executives to censor The New York Post story about Hunter Biden.

https://x.com/shellenberger/status/1604902028852924416

These existing or former IC employees, contractors, or intermediaries
weren’t satisfied with simply controlling Twitter. They also wanted to
use PayPal, Amazon Web Services, and GoDaddy in a totalizing effort to
de-platform, de-monetize, and excommunicate from the Internet entirely
those individuals that the IC et al. deems to be a threat.

There is much that we still do not know about the effort. We do not
know if officials within the CIA or any other IC organization ran the
operation. It is possible that the only individuals involved in the
effort were the ones we discovered. And none of the individuals
involved responded to our request for information except for one.

But thousands of pages of Twitter Files and documents contained
therein paint a clear picture of an organized operation by existing or
former IC employees and contractors, using well-established IC
tradecraft, to take control of Twitter’s content moderation.

Our investigation comes at a moment when governments and intelligence
agencies around the world are stepping up their efforts to monitor and
censor their citizens. It thus has large implications for policymakers
and the public in Western nations that look to the US as a model for
free speech and citizen control of the military.

This is a joint Public-Racket investigation. The authors are
@Shellenberger @MTaibbi and @GalexyBrane. As always, the only
condition we agreed to in publishing this was to first publish on
X. At the end of this thread, we explain why and how this
investigation began.

Here we go. [...]
https://x.com/shellenberger/status/1793666016704356735

------------------------------

Date: Fri, 24 May 2024 07:34:26 -0400
From: Tom Van Vleck <thvv@multicians.org>
Subject: I stumbled upon LLM Kryptonite and no one wants to fix it
(The Register)

https://www.theregister.com/2024/05/23/ai_ untested_unstable/?td=rt-3a

Gosh, a secret prompt that breaks the brains of multiple LLMs.
This reminds me of Max Barry's thrilling book "Lexicon."

------------------------------

Date: Wed, 22 May 2024 18:40:43 PDT
From: Peter Neumann <neumann@csl.sri.com>
Subject: Explosive emails show top NIH adviser deleted records, used
*secret* back channels to help Fauci evade COVID transparency
(Josh Christenson)

Social Links for Josh Christenson, *The New York Post*, 22 May 2024

A top adviser at the National Institutes of Health (NIH) deleted
records critical to uncovering the origins of COVID-19 -- and used a
*secret back channel* to help Dr. Anthony Fauci and a federal grantee
that funded gain-of-function research in Wuhan, China, evade
transparency.

NIH senior adviser Dr. David Morens improperly conducted official
government business from his private email account and solicited help
from the NIH's Freedom of Information Act (FOIA) office to dodge
records requests, according to emails revealed in a memo by the House
Select Subcommittee on the Coronavirus Pandemic, which The Post
obtained Wednesday.

Morens wrote in a 24 Feb 2021 email:

``[I] learned from our FOIA lady here how to make emails disappear
after I am foia'd [sic] but before the search starts. Plus I
deleted most of those earlier emails after sending them to gmail.''

``I ask you both that NOTHING gets sent to me except to my gmail,'' he
emphasized again in a 18 Nov 2021 email to EcoHealth Alliance
president Dr. Peter Daszak, whose organization was suspended this
month from receiving federal funds for the next three years and who
was himself proposed for debarment on Wednesday.

------------------------------

Date: Mon, 20 May 2024 08:50:21 -0400
From: Tom Van Vleck <thvv@multicians.org>
Subject: Doctors `bribed to use infected blood products' (Telegraph)

https://www.telegraph.co.uk/news/2024/04/26/doctors-bribed-use-infected-blood-products/

The NHS in the UK is dealing with a scandal. In the 1980s, people needing
blood products were given infected medicine that gave them HIV and hepatitis
C. Where did this bad blood come from? The USA. Who sold it to the NHS?
Big pharmaceutical companies including Bayer, Baxter, Alpha, Armour (sold to
Sanofi). Several of these companies have said they are "truly sorry." Some
doctors in the UK were paid kickbacks by the pharma companies to use the
tainted products.

------------------------------

Date: Wed, 22 May 2024 14:00:53 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: 10,000 YouTube videos

I now have over 10,000 videos on my primary Favorites playlists on
YouTube. When you exceed 5000 videos on a playlist, YouTube
unhelpfully just says "Something went wrong." At which point a few
minutes ago I created 0-Favorites 3 (many of you will already know why
I have the "0-" on there). If you think 10,000 videos is a lot, keep
in mind those are just my main Favorites. My YouTube History of all
videos watched is, uh, somewhat longer. Yeah. -L

[Lauren, One of these days you will tell me how you have catalogued them.
I know you have no trouble remembering them all and finding then. PGN]

------------------------------

Date: Sat, 25 May 2024 08:23:04 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: Sam Altman Is Full Of Sh*t

Eight days ago, Sam Altman, CEO of OpenAI, giddy from the high of launching
the faster-responding model GPT-4o, tweeted the word "*her*
<https://x.com/sama/status/1790075827666796666?lang=en&ref=wheresyoured.at>."
Altman was referencing the fact that *OpenAI had just debuted a voice
assistant inspired -- or not, as the case may be -- by Scarlett Johansson in
the movie Her, where she voiced an AI*
<https://www.theverge.com/2024/5/13/24155652/chatgpt-voice-mode-gpt4o-upgrades?ref=wheresyoured.at>.

In an interview with The Verge, OpenAI CTO Mira Murati said that the voice
assistant *was not meant to sound like Johansson*
<https://www.theverge.com/2024/5/13/24155652/chatgpt-voice-mode-gpt4o-upgrades?ref=wheresyoured.at#:~:text=Murati%20said%20that%20the%20assistant%20is%20not%20actually%20designed%20to%20sound%20like%20Johansson>,
and on Monday morning, the company *abruptly chose to pull down the voice
from ChatGPT*
<https://www.theverge.com/2024/5/20/24160621/openai-chatgpt-gpt4o-sky-scarlett-johansson-voice-assistant-her?ref=wheresyoured.at>,
saying that it wasn't meant to sound like her, and that it belonged to a
completely different unnamed actress. Altman, in a separate blog post, said
that ChatGPT's new model "*feels like AI from the movies*."
<https://blog.samaltman.com/gpt-4o?ref=wheresyoured.at#:~:text=It%20feels%20like%20AI%20from%20the%20movies>

Later on Monday, The Verge also reported that OpenAI had been "*in
conversations*
<https://www.theverge.com/2024/5/20/24161108/openai-scarlett-johanson-chatgpt-her-sky?ref=wheresyoured.at>"
with Johansson's representatives. Yet a mere *half an hour later*,*Johansson
told NPR in a statement*
<https://x.com/BobbyAllyn/status/1792679435701014908?ref=wheresyoured.at>
that she'd been solicited twice -- once in September, and once two days
before the announcement -- to bring her voice to ChatGPT, *something she'd
declined to do*
<https://www.theverge.com/2024/5/20/24161253/scarlett-johansson-openai-altman-legal-action?ref=wheresyoured.at>,
and on hearing the demo, she chose to retain legal counsel and had forced
Altman and OpenAI to pull down the voice. In a statement released to the
press, Altman subsequently claimed *that the actress for Sky was cast before
the company reached out to Johansson*>.
<https://x.com/PranavDixit/status/1792722422715850777?ref=wheresyoured.at

------------------------------

Date: Tue, 21 May 2024 12:00:49 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: ASML, TSMC Can Disable Chip Machines If China Invades Taiwan
(Bloomberg)

* Firms can remotely shut off advanced EUV chip-making machines
* US officials concerned over risk of conflict to chip industry

ASML Holding NV and Taiwan Semiconductor Manufacturing Co. have ways to
disable the world's most sophisticated chipmaking machines in the event
that China invades Taiwan, according to people familiar with the matter.

Officials from the US government have privately expressed concerns to both
their Dutch and Taiwanese counterparts about what happens if Chinese
aggression escalates into an attack on the island responsible for producing
the vast majority of the world's advanced semiconductors, two of the
people said, speaking on condition of anonymity.

ASML reassured officials about its ability to remotely disable the machines
when the Dutch government met with the company on the threat, two others
said. The Netherlands has run simulations on a possible invasion in order
to better assess the risks, they added.

Spokespeople for ASML, TSMC and the Dutch trade ministry declined to
comment. Spokespeople for the White House National Security Council, US
Department of Defense and US Department of Commerce didn't respond to
emailed requests for comment.

The remote shut-off applies to Netherlands-based ASML's line of extreme
ultraviolet machines, known within the industry as EUVs, for which TSMC is
its single biggest client. EUVs harness high-frequency light waves to print
the smallest microchip transistors in existence creating chips that have
artificial-intelligence uses as well as more sensitive military
applications.

https://www.bloomberg.com/news/articles/2024-05-21/asml-tsmc-can-disable-chip-machines-if-china-invades-taiwan?accessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzb3VyY2UiOiJTdWJzY3JpYmVyR2lmdGVkQXJ0aWNsZSIsImlhdCI6MTcxNjMxNzk2NSwiZXhwIjoxNzE2OTIyNzY1LCJhcnRpY2xlSWQiOiJTQ0s1OVdUMEFGQjQwMCIsImJjb25uZWN0SWQiOiI0QTFGNDgwNzNCMjM0MEY1OEI1NDAxMDUzMjJFMjIxMyJ9.U14atSZ5mmzQg_xWeljvvwQJuzIAidOoDeKl91PFfEk

------------------------------

Date: Wed, 22 May 2024 08:23:17 -0700
From: Steve Lamont <spl@tirebiter.org>
Subject: Re: Ex-CDC Director Says It's High Time To Admit *Significant Side
Effects* Of COVID-19 Vaccines (zerohedge)

It's worth considering the source.

<https://en.wikipedia.org/wiki/Zero_Hedge>

Zero Hedge (or ZeroHedge) is a far-right libertarian financial blog
and news aggregator. Zero Hedge is bearish in its investment outlook
and analysis, often deriving from its adherence to the Austrian
School of economics and credit cycles. It has been described as a
financial "permabear".

[Steve, Thanks. I count on you and others to make sure our claims are
correct, even if the sources may be questionable. In this case, I
believe Redfield's statement is correct, based on the evidence thus far.
However, everything related to Covid apparently has to be vetted. This
often seems to be a situation in which both sides may be trying tone
mislead us. Remember, there are only a few yes-or-no questions that can
be definitively answered here. PGN]

[John Levine also jumped on the anti-wagon: This is reprinted by Zero
Hedge from Epoch Times which is a wacky far right wing web site
affiliated with Falun Gong. Zero Hedge, well, look at its Wikipedia
article. I would rate its credibility as rather low. JL]

------------------------------

Date: Mon, 20 May 2024 15:40:47 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Re: Deleted photos of former owners reappearing on sold
iPads -- and probably iPhones (RISKS-34.25)

Today, Apple released the following OS updates:

iOS 17.5.1 (About)
iPadOS 17.5.1 (About)

“This update provides important bug fixes and addresses a rare issue where
photos that experienced database corruption could reappear in the Photos
library even if they were deleted.”

------------------------------

Date: Tue, 21 May 2024 17:52:59 +0100
From: Wols Lists <antlists@youngman.org.uk>
Subject: Re: Is the news media picking on Tesla? (RISKS-34.25)

> [It seems to me no car with the ability for automated controls would
> allow the driver to turn off the automation completely on a road with
> red lights or drive at 200% over the speed limit. PGN]

I have a new VW (73 plate, UK), and its automation is severely lacking in
common sense.

It knows nothing about the 70mph National Speed Limit and will happily go
faster if it misreads a traffic sign; and only recently got an "over the
air" update to fix its illegal desire to drive at 70 with a caravan on the
back (that reduces the limit to 60).

The manufacturer says it is the "driver's responsibility to drive safely"
yet the car regularly accelerates with no regard to the conditions or the
driver's wishes (it has "predictive cruise control" which will set cruise to
the speed limit if it detects a change. The driver has absolutely no control
whatsoever over this! Apart from disabling cruise completely, of course).

Despite being able to detect traffic in front and slow down, it knows
nothing about traffic signals and cannot detect a red light.

Generally it has all the signs which seem common to much software - a lot of
good ideas, thrown together, with absolutely no attention paid to how they
will interact together.

------------------------------

Date: Tue, 21 May 2024 07:33:42 -0700
From: Steve Lamont <spl@tirebiter.org>
Subject: Re: A woman was dragged by a self-driving Cruise
taxi in San Francisco (RISKS-34.25)

> Autonomous taxi company Cruise agrees to pay millions to a woman who
> was dragged by one of its self-driving cars in San Francisco last
> year.

The still anonymous (vs autonomous) hit and run driver who actually caused
the incident in the first place, meanwhile, skips off scot free.

But, hey, that driver was probably poor and didn't even have insurance, so
there are no contingency fees to be extracted from that dry well.

And, the victim?

https://www.sfchronicle.com/bayarea/article/woman-run-autonomous-vehicle-san-francisco-18403044.php

The horrific crash occurred at 9:35 p.m. at Market and Fifth streets after
the traffic light turned green, giving the Cruise car and other car --
which had been waiting side-by-side for the light -- the right to enter
the intersection where a woman was walking, according to video of the
crash shown to The Chronicle by Cruise hours after the incident.

Comparitive negligence[1], anyone?

As always, it pays to go beyond the headline.

------------------------------

Date: Mon, 20 May 2024 09:19:40 -0700
From: Steve Bacher <sebmb1@verizon.net>
Subject: Re: Newspaper groups warn Apple over ad-blocking plans
(RISKS-34.25)

This is nothing really new. Third party ad blockers have been around for
ages now, and other web browsers offer ad filtering options.

If online ads weren't so intrusive, users wouldn't feel the need to block
them.

These news organizations should find alternate means to fund themselves
other than online advertising if they wish to thrive.

------------------------------

Date: Mon, 20 May 2024 09:00:58 -0700
From: Steve Bacher <sebmb1@verizon.net>
Subject: Re: Half of calls to gambling helpline were for help placing mobile
bets (RISKS-34.25)

This story reminds me of an old joke circulating around college campuses
when I was a student:

"There's no drug problem at [name of institution] ... we can get all we
want!"

Similarly, one could say "I don't have a gambling problem ...
I can gamble perfectly well."

------------------------------

Date: Sat, 28 Oct 2023 11:11:11 -0800
From: RISKS-request@csl.sri.com
Subject: Abridged info on RISKS (comp.risks)

The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
comp.risks, the feed for which is donated by panix.com as of June 2011.
=> SUBSCRIPTIONS: The mailman Web interface can be used directly to
subscribe and unsubscribe:
http://mls.csl.sri.com/mailman/listinfo/risks

=> SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that
includes the string `notsp'. Otherwise your message may not be read.
*** This attention-string has never changed, but might if spammers use it.
=> SPAM challenge-responses will not be honored. Instead, use an alternative
address from which you never send mail where the address becomes public!
=> The complete INFO file (submissions, default disclaimers, archive sites,
copyright policy, etc.) has moved to the ftp.sri.com site:
<risksinfo.html>.
*** Contributors are assumed to have read the full info file for guidelines!

=> OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
delightfully searchable html archive at newcastle:
http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
Also, ftp://ftp.sri.com/risks for the current volume/previous directories
or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
If none of those work for you, the most recent issue is always at
http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-34.00
ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
*** NOTE: If a cited URL fails, we do not try to update them. Try
browsing on the keywords in the subject line or cited article leads.
Apologies for what Office365 and SafeLinks may have done to URLs.
==> Special Offer to Join ACM for readers of the ACM RISKS Forum:
<http://www.acm.org/joinacm1>

------------------------------

End of RISKS-FORUM Digest 34.26
************************