[32034] in RISKS Forum
Risks Digest 32.10
daemon@ATHENA.MIT.EDU (RISKS List Owner)
Wed Jul 15 04:20:41 2020
From: RISKS List Owner <risko@csl.sri.com>
Date: Tue, 14 Jul 2020 17:59:07 PDT
To: risks@mit.edu
RISKS-LIST: Risks-Forum Digest Tuesday 14 July 2020 Volume 32 : Issue 10
ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator
***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.10>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>
Contents:
Judge denies Harris County TX request to allow email voting for
those infected with COVID-19 (Zach Despart, Houston Chronicle)
Why Some Birds Are Likely To Hit Buildings (Scientific American)
Microsoft Warns of a 17-Year-Old 'Wormable' Bug (WiReD)
Risk Management (Rob Slade)
Re: How Universities Can Keep Foreign Governments from Stealing
Intellectual Capital (Amos Shapir)
Re: Can an Algorithm Predict the Pandemic's Next Moves?
(Jim Geissman)
Abridged info on RISKS (comp.risks)
----------------------------------------------------------------------
Date: Tue, 14 Jul 2020 15:56:07 -0400
From: Rebecca Mercuri <notable@mindspring.com>
Subject: Judge denies Harris County TX request to allow email voting
for those infected with COVID-19 (Zach Despart, Houston Chronicle)
<https://www.houstonchronicle.com/news/houston-texas/houston/article/Harris-County-seeks-email-voting-COVID-patients-15399796.php>
It seems as if the only recourse is to have all of the people infected with
COVID-19 get paper ballots on the basis of disability, make sure to sneeze
and cough thoroughly all over the the ballots and the envelopes (which they
should lick with their infected tongues), and then have their nurses mail
them in. Those who can't get paper ballots should demand to be wheeled into
the polling stations on their sickbeds (with ventilators in tow) where they
can sneeze and cough all over everyone there. Then, after tens of thousands
of people get sick and thousands of people die, they or their estates can
sue the State for damages.
Why aren't there any cartoonists depicting this nonsense? Have even the
cartoonists given up?
[Dan Wallach, Rebecca Mercuri, and I testified before the Houston City
Council on 9-10 July 2001, where we maintained that the intended voting
machines Harris County was about to acquire were nowhere near secure
enough. Not much has changed technologically since then, other than the
names of the purveyors. Overall, the voting machines are just rebranded
snake oil, and the non-technological problems (biased redistricting,
massive disenfranchisement, creative disinformation, etc.) are apparently
endless. PGN]
------------------------------
Date: Tue, 14 Jul 2020 10:12:41 +0800
From: Richard Stein <rmstein@ieee.org>
Subject: Why Some Birds Are Likely To Hit Buildings (Scientific American)
https://www.scientificamerican.com/podcast/episode/why-some-birds-are-likely-to-hit-buildings/
"By understanding which birds are more likely to collide with buildings,
researchers can perhaps determine the best way to modify buildings, or their
lighting, to help prevent such accidents. And by knowing risks along with
migration timing and behavior, building managers can better anticipate when
birds are at their greatest danger—and modify lighting strategies
accordingly."
Birds unfortunately strike moving targets. "The number of wildlife strikes
reported per year to the FAA increased steadily from about 1,800 in 1990 to
16,000 in 2018." https://wildlife.faa.gov/home operates database to report
wildlife strikes against air vehicles.
Do aircraft need a BCAS -- Bird Collision Avoidance System to supplement the
avionics suite?
https://www.faa.gov/air_traffic/by_the_numbers/ states ~44,000 daily tracked
flights (pre-pandemic): 44,000 flights/day * 365 days/year ~= 16.1M annual
flights/year.
16,000 strikes/year / 16,100,000 flights/year = .000996 * 100% ~= 0.1% (1
per 1000) strike probability per flight.
Several comp.risks contributions cite bird strikes, e.g.:
https://catless.ncl.ac.uk/Risks/12/2#subj9.1
https://catless.ncl.ac.uk/Risks/25/88#subj1.1
https://catless.ncl.ac.uk/Risks/29/19#subj6.1
https://catless.ncl.ac.uk/Risks/30/30#subj2.1
------------------------------
Date: Tue, 14 Jul 2020 19:05:39 -0400
From: Monty Solomon <monty@roscom.com>
Subject: Microsoft Warns of a 17-Year-Old 'Wormable' Bug (WiReD)
The SigRed vulnerability exists in Windows DNS, used by practically every
small and medium-sized organization in the world.
https://www.wired.com/story/sigred-windows-dns-flas-wormable/
------------------------------
Date: Tue, 14 Jul 2020 16:06:21 -0700
From: Rob Slade <rmslade@shaw.ca>
Subject: Risk management
So, people have lost jobs, friends, family members, life as they know it,
and lives.
And the authorities are telling people, *begging* people, to stay apart, and
stay inside, and stay away from crowds.
So, what does Krispy Kreme (in New South Wales, Australia) do to aid things
in this situation? They have a free donut giveaway, to celebrate their 83rd
birthday.
https://www.abc.net.au/news/2020-07-14/coronavirus-fears-over-krispy-kreme-
doughnut-promotion/12454862
And people came out and crowded the stores. For a dozen free donuts.
The promotion was a success.
If you think drawing big crowds, in this environment, is a success ...
------------------------------
Date: Tue, 14 Jul 2020 13:44:04 +0300
From: Amos Shapir <amos083@gmail.com>
Subject: Re: How Universities Can Keep Foreign Governments from
Stealing Intellectual Capital (RISKS-32.09)
Is there a lawyer in the audience? The presented text snippet out of an
EULA begs the questions, isn't causing damages by negligence a criminal
offense? And, can a contract contain a clause which exempts one side from
responsibility for criminal offenses it may commit?
------------------------------
Date: Mon, 13 Jul 2020 19:12:46 -0700
From: "Jim" <jgeissman@socal.rr.com>
Subject: Re: Can an Algorithm Predict the Pandemic's Next Moves?
(RISKS-32.09)
I was reminded of Gravity's Rainbow by Thomas Pynchon, 1973.
https://en.wikipedia.org/wiki/Gravity's_Rainbow
[This is a highly praised novel of potential interest to RISKS readers.
PGN]
------------------------------
Date: Mon, 1 Jun 2020 11:11:11 -0800
From: RISKS-request@csl.sri.com
Subject: Abridged info on RISKS (comp.risks)
The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
comp.risks, the feed for which is donated by panix.com as of June 2011.
=> SUBSCRIPTIONS: The mailman Web interface can be used directly to
subscribe and unsubscribe:
http://mls.csl.sri.com/mailman/listinfo/risks
=> SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that
includes the string `notsp'. Otherwise your message may not be read.
*** This attention-string has never changed, but might if spammers use it.
=> SPAM challenge-responses will not be honored. Instead, use an alternative
address from which you never send mail where the address becomes public!
=> The complete INFO file (submissions, default disclaimers, archive sites,
copyright policy, etc.) is online.
<http://www.CSL.sri.com/risksinfo.html>
*** Contributors are assumed to have read the full info file for guidelines!
=> OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
searchable html archive at newcastle:
http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
Also, ftp://ftp.sri.com/risks for the current volume
or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
If none of those work for you, the most recent issue is always at
http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-32.00
ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
*** NOTE: If a cited URL fails, we do not try to update them. Try
browsing on the keywords in the subject line or cited article leads.
Apologies for what Office365 and SafeLinks may have done to URLs.
==> Special Offer to Join ACM for readers of the ACM RISKS Forum:
<http://www.acm.org/joinacm1>
------------------------------
End of RISKS-FORUM Digest 32.10
************************
