[32040] in RISKS Forum
Risks Digest 32.15
daemon@ATHENA.MIT.EDU (RISKS List Owner)
Wed Jul 29 07:50:06 2020
From: RISKS List Owner <risko@csl.sri.com>
Date: Tue, 28 Jul 2020 12:34:09 PDT
To: risks@mit.edu
RISKS-LIST: Risks-Forum Digest Tuesday 28 July 2020 Volume 32 : Issue 15
ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator
***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.15>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>
Contents:
EncroChat (ZDNet)
China's Huawei holds a 5G trump card (Reuters)
Elon and Jeff are brilliant! Surely *they* can solve our broadband issues.
(Amitel)
Why Scientists Stored "The Wizard of Oz" in DNA (Popular Mechanics)
Coronavirus misinformation goes wild again (NYTimes Tech)
The dishonest reporting on the riots is breathtaking. The crisis in our
media deepens... (Twitter)
NIST study finds that masks defeat most facial recognition algorithms
Only those with plastic visors were infected: Swiss government warns
against face shields (TheLocal.ch)
Long-Lost Computation Dissertation of Unix Pioneer Dennis Ritchie
(Rebecca Mercuri via PGN)
PDF signatures *worse than* useless (Anthony Thorn)
Re: Darwin's tautology? (Martin Ward)
Re: The three worst things about email (Dmitri Maziuk)
Re: Unsolicited Chinese seeds? (Devon McCormick)
Abridged info on RISKS (comp.risks)
----------------------------------------------------------------------
Date: Mon, 27 Jul 2020 16:54:54 -0700
From: Peter Neumann <neumann@csl.sri.com>
Subject: EncroChat (ZDNet)
Law enforcement in the United Kingdom has touted the takedown of encrypted
communications platform EncroChat as its "biggest ever" operation, so far
resulting in the arrest of 746 individuals, the seizing of 54 million pounds
in cash, 77 firearms, and over two tons of drugs.
EncroChat was one of the largest providers of encrypted communications and
offered a secure mobile-phone instant-messaging service. Its sole use was
for coordinating and planning the distribution of illicit commodities, money
laundering, and plotting to kill rival criminals, the UK's National Crime
Agency said.
https://zd.net/2WAPHGQ
------------------------------
Date: July 28, 2020 at 08:16:44 GMT+9
From: geoff goodfellow <geoff@iconia.com>
Subject: China's Huawei holds a 5G trump card (Reuters)
Huawei is not so easy for Western countries to rip out. The Chinese
telecommunications-equipment giant founded by Ren Zhengfei owns a huge trove
of next-generation wireless patents. As a global standard for 5G emerges,
Huawei technology may become essential to carriers.
For years, the Shenzhen-based company has dominated the mobile
infrastructure market, outselling rivals Nokia and Ericsson by offering
cheaper alternatives. But U.S. concerns that Huawei equipment could be used
by Beijing for espionage has gained traction: officials in the UK and France
are purging their own networks of Chinese-made kit. A similar reaction
elsewhere will seriously dent a business that generated nearly $43 billion
in revenue for Huawei last year, roughly a third of the company's
total.
Replacing antennas and mast towers is one thing, though. Even if the likes
of Britain's Vodafone and BT remove all existing Huawei equipment -- a move
the UK government conservatively estimates will cost 2 billion pounds --
global carriers will still be dependent on technology from Huawei to roll
out next generation networks. Research firm IPlytics has found that the
Chinese outfit owns the most 5G-related patents, and of that, roughly 15% of
the essential ones.
Simply put, these are technical specifications global carriers can build to
in order to ensure different networks are compatible with each other. Having
one unified standard will be vital for 5G, which is meant to seamlessly link
up billions of machines, cars, and gadgets around the world. [...]
https://www.reuters.com/article/us-huawei-tech-5g-security-breakingviews/breakingviews-chinas-huawei-holds-a-5g-trump-card-idUSKCN24S09Y
------------------------------
Date: Mon, 27 Jul 2020 13:14:51 -1000
From: geoff goodfellow <geoff@iconia.com>
Subject: Elon and Jeff are brilliant! Surely *they* can solve our broadband
issues. (Amitel)
Much has happened since we last visited the wacky world of low-earth orbit
(LEO) satellite constellations and their use in providing improved broadband
service to Canada's rural and remote users. This past Tuesday, July 21, all
of Iqaluit, the capital of the Territory of Nunavut was without
communication services; no Internet, no landline, no cell service, no cable
TV -- simply because it was raining! In a first-world country like Canada
this is unacceptable. We need better broadband service in Canada's North
NOW.
There is a rash of breathless newspaper stories in the mainstream media
touting LEO service as arriving soon to resolve our remote and rural
broadband issues. I wrote about it before <https://www.amitel.com/elon/>,
that Elon Musk is not coming to save us any time soon. I also wrote about
the Chapter 11 bankruptcy of the early leader to provide LEO service to the
Arctic, OneWeb, here <https://www.amitel.com/oneweb/>.
<https://www.amitel.com/oneweb/> So where do we stand now on July 27, 2020?
Well on July 10, the U.S. bankruptcy court of the Southern District of New
York (SDNY) approved a joint $1 billion bid for OneWeb by Britain and Bharti
Airtel. The UK government and Bharti Global, an arm of Bharti Enterprises,
which part owns India's Airtel, will each have roughly 45 per cent of
OneWeb. The existing secured creditors, including SoftBank of Japan,
OneWeb's former biggest shareholder, will own the balance.
But the landscape has changed from before OneWeb's descent into Chapter 11
in the spring. OneWeb's original mission was to *connect the unconnected*;
ie it wanted to provide broadband service to the millions of people around
the world that do not have access to the Internet. The UK has invested $500M
into OneWeb for other strategic reasons, mainly to mitigate the effects of
Brexit on British industry. I sure hope they realize that it is going to
cost them more, much more and that $500M was just the table stakes to play
in the LEO game. [...]
https://www.amitel.com/leo/
------------------------------
Date: Mon, 27 Jul 2020 13:13:51 -1000
From: geoff goodfellow <geoff@iconia.com>
Subject: Why Scientists Stored "The Wizard of Oz" in DNA (Popular Mechanics)
*DNA Is Millions of Times More Efficient Than Your Computer's Hard Drive*
- DNA can store far more data than a magnetic hard drive, but the
technology is limited because the genetic material is prone to errors.
<https://www.popularmechanics.com/technology/gear/a31787710/best-external-hard-drive/>
- Scientists at the University of Texas at Austin have come up with a
way to store information in strands of DNA, while also correcting those
errors.
<https://cns.utexas.edu/news/power-of-dna-to-store-information-gets-an-upgrade>
- To prove it, they've put the entirety of *The Wizard of Oz --
translated into Esperant -- into strands of DNA, with greater accuracy
than prior methods.
When the Voyager spacecrafts launched in 1977, ready to study the outer
limits of our solar system, they brought with them two golden phonograph
records that each contained an assemblage of sounds and images meant to
represent life on Earth. But in the future, the perfect next-gen space
capsule could be found within our bodies.
<https://www.popularmechanics.com/space/deep-space/a29684597/voyager-2-interstellar-space-results/>
That's because DNA is millions of times more efficient at storing data than
your laptop's magnetic hard drive. Since DNA can store data far more
densely than silicon, you could squeeze all of the data in the world inside
just a few grams of it. "Because DNA has been chosen by all of life as the
information storage medium of choice...it turns out to be very robust," Ilya
Finkelstein, an associate professor of molecular biosciences at the
University of Texas at Austin, tells *Popular Mechanics. "*Long after our
magnetic storage becomes obsolete, nature will still be using DNA."
<https://blocksandfiles.com/2020/03/18/catalog-cdna-data-storage-economically-feasible/>
<https://www.popularmechanics.com/technology/gadgets/a29396384/how-to-wipe-computer/>
Finkelstein is part of a team at the University of Texas at Austin who are
pushing the limits on DNA-based storage methods. While this research area at
the intersection of molecular biology and computer science has been around
since the 1980s, scientists have struggled to find a way to correct the
errors that DNA can be so prone to making.
In a new paper published this week in the journal *Proceedings of the
National Academy of Sciences*, Finkelstein and company detail their new
error correction method, which they tested out on a classic novel. They were
able to store the entirety of *The* *Wizard of Oz*, translated into
Esperanto, with more accuracy than prior DNA storage methods ever could
have. We're on the yellow brick road toward the future of data storage.
A Brief History of DNA Storage. [...]
https://www.popularmechanics.com/science/a33327626/scientists-encoded-wizard-of-oz-in-dna/
------------------------------
Date: Tue, 28 Jul 2020 10:19:19 -0700
From: Peter Neumann <neumann@csl.sri.com>
Subject: Coronavirus misinformation goes wild again (Shira Ovide)
Shira Ovide [PGN-excerpted from a piece called `Amazon is Jeff Bezos', *The
New York Times* online On Tech Newsletter, 28 Jul 2020. Another timely
item for our coverage of misinformation and truthiness. PGN]]
https://www.nytimes.com/2020/07/28/technology/amazon-jeff-bezos.html
In just a few hours yesterday, another video with false information about
the coronavirus spread like wildfire on Facebook before the company started
to stamp it out.
The video -- which I won't link to here, but you can find on Breitbart News
-- showed a group of purported doctors touting unproven treatments.
One of the videos racked up 14 million views in six hours, my colleague
Kevin Roose tweeted. A few months ago, another video filled with coronavirus
conspiracies, called *Plandemic* was watched more than eight million times
on YouTube, Facebook and other spots over multiple days.
Some of you may be wondering why it's so bad for people to watch a couple of
videos that go against the consensus of health experts. After all, there's a
lot about the virus we don't understand.
The problem is that it's not so easy to correct the record once someone sees
bogus ideas. We've seen that good information doesn't necessarily undo bad
information. Doses of falsehoods can make people doubt the recommendations
of proven health experts -- or even, the validity of elections.
That's why Facebook, YouTube and other Internet companies, which have
highlighted coronavirus information from authoritative sources such as the
Centers for Disease Control and Prevention, have said they also would be
aggressive about deleting false information related to the virus. (On
Tuesday, Twitter temporarily limited some functions of the account of Donald
Trump Jr., one of the president's sons, as punishment for posting the video
with misleading information.)
And yet, this latest bogus video went wild, again making me wonder whether
Facebook and other popular Internet sites are so sprawling that the
companies can't control even the most high-profile kinds of false
information.
------------------------------
Date: Mon, 27 Jul 2020 13:11:57 -1000
From: geoff goodfellow <geoff@iconia.com>
Subject: The dishonest reporting on the riots is breathtaking. The crisis in
our media deepens... (Twitter)
https://twitter.com/brithume/status/1287725331198205953
------------------------------
Date: Mon, 27 Jul 2020 10:26:12 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: NIST study finds that masks defeat most facial recognition algorithms
(VentureBeat)
https://venturebeat.com/2020/07/27/nist-study-finds-that-masks-defeat-most-facial-recognition-algorithms/
[As kids in the 1940s, some of us learned that some masked men were good
-- e.g, The Lone Ranger!]
------------------------------
Date: Mon, 27 Jul 2020 11:31:08 +0900
From: farber@keio.jp
Subject: Only those with plastic visors were infected: Swiss government
warns against face shields (TheLocal.ch)
https://www.thelocal.ch/20200715/only-those-with-plastic-visors-were-infected-swiss-government-warns-against-face-shields
------------------------------
Date: Tue, 28 Jul 2020 14:19:52 -0400
From: Rebecca Mercuri <notable@mindspring.com>
Subject: Long-Lost Computation Dissertation of Unix Pioneer Dennis Ritchie
Great article, especially for Ritchie fans -- check it out!
https://thenewstack.io/the-long-lost-computation-dissertation-of-unix-pioneer-dennis-ritchie/
Poll: Should he have been awarded the Ph.D. posthumously? Yes / No
[(Please to not submit your vote to RISKS.)
Back-story: Dennis's thesis was never properly entered into the Harvard
dissertation archives, because he did not submit a bound copy, although
his PhD was indeed properly awarded. Risks? Having archaic rules that do
not adapt to online submission, where today the bound copy would not have
to be manually torn up in order to be scanned in -- assuming it could
instead now be submitted online as a pdf! How does one submit a bound
copy online? Unless the rule has changed, we might presume an online
might today be optional rather than mandatory? PGN]
------------------------------
Date: Mon, 27 Jul 2020 07:53:50 +0200
From: Anthony Thorn <anthony.thorn@atss.ch>
Subject: PDF signatures *worse than* useless (Re: RISKS-32.14)
Thanks to Mr Brodie-Tyrrell -- and of course the researchers -- for bring
this to our attention.
I just want to make a small correction ;-)
The title should be PDF signatures WORSE THAN useless, because they give the
appearance of security without providing it, whereas although an unsigned
PDF has the same "layers" vulnerability, it dose not claim to be authentic.
------------------------------
From: Martin Ward <martin@gkc.org.uk>
Date: Tue, 28 Jul 2020 10:56:37 +0100
Subject: Re: Darwin's tautology? (Harper, RISKS-32.12)
> Tautologies often need to be pointed out. Mathematics textbooks from
> Euclid's Elements onward are full of them, but millions still buy them
> because they are useful.
There are useful tautologies, such as mathematical theorems, and
content-free tautologies such as "Brexit means Brexit!". An argument such
as the following is viciously circular and therefore fallacious: "God exists
because the Bible says so. The Bible is true because it is the Word of
God". A similar fallacious argument is: "Miracles don't happen. Therefore,
any actual report of a miracle must be false. Therefore, there are no true
reports of miracles. Therefore, miracles don't happen".
On the other hand, an argument such as the Ontological Argument (for
example, as formalised by mathematician Kurt Gödel) is a valid argument and
tells us something useful about God: that if it is possible that God exists,
then God does in fact necessarily exist. The argument is often criticised
by saying "The conclusion is implicit in the premises": but this is just a
property of every valid mathematical argument.
"Survival of the fittest" is often defined in a way that is viciously
circular: the "fittest" are defined as "those best fitted to survive" and
"those best fitted to survive" are determined by looking at survival
rates. The statement then becomes the content-free assertion "survival of
those that survived". However, we can define "fittest" in terms of
heritable characteristics, then the statement becomes "survivors survive,
reproduce and therefore propagate any heritable characters which have
affected their survival and reproductive success" which is a meaningful
statement with a testable hypothesis: that such heritable characteristics
actually exist.
["A rose is a rose is a rose" is arisen. PGN]
------------------------------
Date: Sun, 26 Jul 2020 21:04:17 -0500
From: dmaziuk <dmaziuk@bmrb.wisc.edu>
Subject: Re: The three worst things about email (RISKS-32.14)
This is all very interesting I'm sure, but what does it have to do with
e-mail?
The article is using "issues" with 3 major web-based "e-mail providers":
Microsoft, Google, and Yahoo, as a promo for the new "e-mail provider"
startup who will get Everything Right(tm).
It's just a promo piece for something called "Hey", the only risk here is
someone might believe it has anything to do with RISKS.
------------------------------
Date: Sun, 26 Jul 2020 23:36:11 -0400
From: Devon McCormick <devonmcc@gmail.com>
Subject: Re: Unsolicited Chinese seeds? (RISKS-32.14)
I received an email like this but in my case, I have actually ordered seeds
online that came to me from China. Each delivery was in a squarish grey
non-rip plastic envelope with the contents listed as "stud earrings". The
whole thing looked very amateurish, from the unlabeled enclosed tiny ziploc
bag to the return address which was something like "the south side of the
<something> gate, <some city>..."
I wonder if this alert is simply the result of mis-delivered seed packages
that were actually ordered by people. Given the slap-dash appearance of
what I've received, that does not seem far-fetched.
------------------------------
Date: Mon, 1 Jun 2020 11:11:11 -0800
From: RISKS-request@csl.sri.com
Subject: Abridged info on RISKS (comp.risks)
The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
comp.risks, the feed for which is donated by panix.com as of June 2011.
=> SUBSCRIPTIONS: The mailman Web interface can be used directly to
subscribe and unsubscribe:
http://mls.csl.sri.com/mailman/listinfo/risks
=> SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that
includes the string `notsp'. Otherwise your message may not be read.
*** This attention-string has never changed, but might if spammers use it.
=> SPAM challenge-responses will not be honored. Instead, use an alternative
address from which you never send mail where the address becomes public!
=> The complete INFO file (submissions, default disclaimers, archive sites,
copyright policy, etc.) is online.
<http://www.CSL.sri.com/risksinfo.html>
*** Contributors are assumed to have read the full info file for guidelines!
=> OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
searchable html archive at newcastle:
http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
Also, ftp://ftp.sri.com/risks for the current volume
or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
If none of those work for you, the most recent issue is always at
http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-32.00
ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
*** NOTE: If a cited URL fails, we do not try to update them. Try
browsing on the keywords in the subject line or cited article leads.
Apologies for what Office365 and SafeLinks may have done to URLs.
==> Special Offer to Join ACM for readers of the ACM RISKS Forum:
<http://www.acm.org/joinacm1>
------------------------------
End of RISKS-FORUM Digest 32.15
************************
