[33521] in RISKS Forum
Risks Digest 34.51
daemon@ATHENA.MIT.EDU (RISKS List Owner)
Sun Dec 29 14:20:29 2024
From: RISKS List Owner <risko@csl.sri.com>
Date: Sun, 29 Dec 2024 11:20:08 PST
To: risks@mit.edu
RISKS-LIST: Risks-Forum Digest Sunday 29 December 2024 Volume 34 : Issue 51
ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator
***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/34.51>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>
Contents: 40% of backlog included here after month mostly offline.
Canada's food supply under threat (CBC)
"Vendor technology" issue briefly grounds AA (NYTimes)
Sol-Ark manufacturer reportedly disables all Deye inverters in the
U.S. (Solarboi)
Stop&Shop Races to Restock Shelves After Cybersecurity Issue (WSJ)
Bank sends $10M CAD of arts funding to scammers (The Star)
Hackers Can Jailbreak Digital License Plates to
Make Others Pay Their Tolls and Tickets (WiReD)
The Paper Passport Is Dying (WiReD)
U.S. to Probe Chinese Chips (Bloomberg)
Finland Boards Russian-linked Oil Tanker after Undersea Cables Cut
(Sky News)
Japan Airlies Hit by Cyber-attack (Sayumi Take)
Mathematicians Found, Fixed Error in 60-year-old Proof
(Alex Wilkins)
State Department's Disinformation Office to Close (CyberScoop)
How to Make the Drone Panic So Very Much Worse (NYTimes)
Taiwan Wants to Build the West's Drone Army (Antoaneta Roussi)
Authorities abroad use phone-cracking tools to install
spyware, report says (WashPost)
Why are teens losing their minds about college applications? This
senior thinks she knows why (CNN)
Startup will brick $800 emotional support robot
for kids without refunds (Ars Technica)
Man versus autonomous car race ends before it begins
(ArsTechnica)
AI traffic cameras could be watching you on the road (NBC News)
Is the Tech Industry on the Cusp of an AI Slowdown?" (NYTimes)
ChatGPT search tool vulnerable to manipulation and deception, tests show
(The Guardian)
Microsoft refuses a documentation fix because it might not understand text
in tables (Pivot to AI)
Should you trust an AI-assisted doctor? He visited one to see.
(WashPost)
No longer working and just wait until AI agents come along
(The Conversation)
The Next Great Leap in AI Is Behind Schedule and Crazy Expensive
(Deepa Seetharaman)
How Hallucinatory AI Helps Science Dream Up Breakthroughs"\
(William J. Broad)
New York City buses using AI to issue mistaken tickets en masse
(NBC NY)
Australia's under-16 social-media ban to use hand-waving to verify ages with
AI (NPR)
Character.AI allegedly told an autistic teen it was OK
to kill his parents. They're suing to take down the app (CNN Business)
U.S. health insurance: Frustrations with care denials (CNN)
Lyme turns Luigi into assassin (Lymedisease.org)
Ubiquitous Walmart Trojan horse (Reuters via Bob Boyer)
What happens when The Internet disappears? (The Verge)
Indiana bakery still used Commodore 64 in 21st century (Boeingboing)
Re; 'palen' in RISKS-34.50 (Robert R. Fenichel)
Abridged info on RISKS (comp.risks)
----------------------------------------------------------------------
Date: Thu, 26 Dec 2024 14:55:29 -0700
From: Matthew Kruk <mkrukg@gmai
Subject: Canada's food supply under threat (CBC)o
https://www.cbc.ca/newsinteractives/features/agri-food-canada-hacking
A string of ransomware attacks, many linked to Russian groups, is worrying
farmers
The oldest piece of equipment on Chris McLaren's southern Ontario dairy farm
is a W4 International, a four-cylinder tractor his grandfather bought in the
1940s.
Among the newest pieces of equipment is an automated calf feeder that reads
a chip in each animal's ear and delivers them preset quantities of heated
milk.
That data is uploaded to a server, and McLaren receives alerts on his phone
if one of his calves isn't drinking enough. If the machine breaks down, a
technician can fix it remotely.
``As farms get bigger and bigger, there gets to be more strain on the time
for the owner and operators of the farm. So moving towards technology allows
you to manage the cattle better,'' said McLaren, whose family has owned the
farm for nearly 160 years.
------------------------------
Date: Tue, 24 Dec 2024 08:47:25 -0800
From: "Jim" <jgeissman@socal.rr.com>
Subject: "Vendor technology" issue briefly grounds AA (NYTimes)
NYT 24 Dec 2024
American Airlines briefly grounded all its flights in the United States on
Tuesday morning, according to a notice from the Federal Aviation
Administration.
The regulator said just before 8 a.m. E.T. that the airline was resuming
flights after suspending them for about an hour.
American said in a statement that it had experienced a vendor technology
issue that affected systems needed to release flights. But the problem was
resolved and flights were resumed.
The airline told customers on social media
<https://x.com/AmericanAir/status/1871520528206295120> that it was
experiencing "a technical issue." In comments to frustrated travelers, it
said it was working to rectify the situation.
------------------------------
Date: Sat, 30 Nov 2024 01:19:50 -0500
From: s teschker <steschker@gmail.com>
Subject: Sol-Ark manufacturer reportedly disables all Deye inverters in the
U.S. (Solarboi)
https://solarboi.com/2024/11/17/sol-ark-oem-disables-all-deye-inverters-in-the-us/
------------------------------
Date: Sat, 23 Nov 2024 22:32:19 -0500
From: Monty Solomon <monty@roscom.com>
Subject: Stop&Shop Races to Restock Shelves After Cybersecurity Issue
(WSJ)
A disruption within the U.S. unit of parent company Ahold Delhaize led to
shortages of produce, meat and dairy products
https://www.wsj.com/articles/stop-shop-races-to-restock-shelves-after-cybersecurity-issue-ba45accb
------------------------------
Date: Sun, 1 Dec 2024 12:06:05 -0500
From: Ed Ravin <eravin@panix.com>
Subject: Bank sends $10M CAD of arts funding to scammers (The Star)
A months-long con with a big payoff - FACTOR, a Canadian arts
organization that distributes grants, received a wad of cash from
the government to pass through to other arts organizations. But when
the money came in, most of it ($10M CAD, around $7.2M U.S.D) was spirited
away:
Five months earlier, FACTOR alleges alleges Scotiabank issued a
digital token to the unauthorized user, who went on to access
the organization’s accounts using an email address “visibly
unrelated to the organization.” Within minutes of the transfer,
the filings state, the user deleted a legitimate FACTOR employee,
along with the organization’s CEO, as authorized users on the
account.
[..] the funds were then wired to the Scotiabank account of a
numbered company in Quebec [...]. From there, the money was
allegedly transferred to a company that converted
it into cryptocurrency.
Full details at:
https://www.thestar.com/entertainment/music/factor-says-scotiabank-failed-to-report-10m-theft-of-money-meant-for-canadian-artists/article_15c1a092-ade3-11ef-8737-b382f3df9261.html
Large enterprises know they have to audit access to important accounts,
a hardware token with root authority issued to a "foreign" email address
would be a big red flag. But smaller organizations are not likely to be
so cyber-savvy or even be aware such a risk exists.
------------------------------
Date: Tue, 17 Dec 2024 13:38:48 -0700
From: Jim Reisert AD1C <jjreisert@alum.mit.edu>
Subject: Hackers Can Jailbreak Digital License Plates to
Make Others Pay Their Tolls and Tickets (WiReD)
Andy Greenberg, WIRED, Dec 16, 2024 6:00 AM
Digital license plates, already legal to buy in a growing number of
states and to drive with nationwide, offer a few perks over their
sheet metal predecessors. You can change their display on the fly to
frame your plate number with novelty messages, for instance, or to
flag that your car has been stolen. Now one security researcher has
shown how they can also be hacked to enable a less benign feature:
changing a car's license plate number at will to avoid traffic tickets
and tolls—or even pin them on someone else.
https://www.wired.com/story/digital-license-plate-jailbreak-hack/
[Also noted by Gabe Goldberg and Steve Bacher. PGN
------------------------------
Date: Fri, 27 Dec 2024 16:06:12 -0500
From: Gabe Goldberg <gabe@gabegold.com>
Subject: The Paper Passport Is Dying (WiReD)
Smartphones and face recognition are being combined to create new digital
travel documents. The paper passport’s days are numbered—despite new privacy
risks.
https://www.wired.com/story/the-paper-passport-is-dying/
[The forgers are already licking their chips. PGN]
------------------------------
Date: Fri, 27 Dec 2024 11:59:33 -0500 (EST)
From: ACM TechNews <technews-editor@acm.org>
Subject: U.S. to Probe Chinese Chips (Bloomberg)
Gregory Korte and Josh Wingrove, Bloomberg (12/23/24)
The U.S. on Monday initiated a trade investigation into China's production
of older types of computer chips, which could ultimately result in tariffs
or other measures, though any decision would be left to the incoming
administration. Chinese companies have been ramping up their production of
these foundational chips, which continue to power a wide variety of
machinery and appliances. "We need resilient supply chains for these chips,
because we saw what happened during COVID when we needed a chip but we can't
have it," said Commerce Secretary Gina Raimondo.
------------------------------
Date: Fri, 27 Dec 2024 11:59:33 -0500 (EST)
From: ACM TechNews <technews-editor@acm.org>
Subject: Finland Boards Russian-linked Oil Tanker after Undersea Cables Cut
(Sky News)
Sky News (U.K.) (12/26/24)
Finnish authorities have boarded an oil tanker transporting oil to Russia,
which is suspected of severing power and Internet cables in the Baltic
Sea. The Eagle S was suspected of causing the outage of an undersea power
cable connecting Finland and Estonia on Wednesday. It is also being
investigated after three Internet lines were severed and a fourth damaged.
------------------------------
Date: Fri, 27 Dec 2024 11:59:33 -0500 (EST)
From: ACM TechNews <technews-editor@acm.org>
Subject: Japan Airlines Hit by Cyber-attack (Sayumi Take)
Sayumi Take, Nikkei Asia (12/26/24)
Japan Airlines announced on Thursday that a cyber-attack had affected its
systems, leading to delays in domestic and international flight operations,
at the outset of one of Japan's busiest travel seasons. JAL has told the
police it believes it was the victim of a DDoS attack.
------------------------------
Date: Fri, 27 Dec 2024 11:59:33 -0500 (EST)
From: ACM TechNews <technews-editor@acm.org>
Subject: Mathematicians Found, Fixed Error in 60-year-old Proof
(Alex Wilkins)
Alex Wilkins, New Scientist (12/26/24)
An error in a proof underlying a widely used branch of modern mathematics
was accidentally discovered by mathematicians while translating old proofs
to a computer language in a process called formalization. Recently, Kevin
Buzzard at Imperial College London and colleagues started to formalize the
proof of Fermat's last theorem. The proof employs many different
cutting-edge branches of mathematics, much of which isn't yet
machine-readable, so these must be translated first. While working on the
translation, Antoine Chambert-Loir at Universit=C3=A9 Paris Cit=C3=A9
encountered an error, which was quickly remediated.
------------------------------
Date: Fri, 27 Dec 2024 11:59:33 -0500 (EST)
From: ACM TechNews <technews-editor@acm.org>
Subject: State Department's Disinformation Office to Close
(CyberScoop)
CyberScoop (12/23/24) Derek B. Johnson
Funding for the U.S. State Department's Global Engagement Center, which
tracks foreign disinformation, was excluded from a government funding
measure, meaning it will lose its authority on Dec. 24. A measure to extend
the center's authority into 2031 was stripped out of the final version of
defense authorization legislation that passed through the Senate. The
shuttering will leave the State Department without a dedicated office for
countering disinformation abroad for the first time since 2016.
------------------------------
Date: Fri, 20 Dec 2024 16:36:47 -0500
From: Gabe Goldberg <gabe@gabegold.com>
Subject: How to Make the Drone Panic So Very Much Worse (NYTimes)
In 1954, a few people in the town of Bellingham, Wash., reported seeing pits
and dings on their windshields — perhaps the work of vandals. Roadblocks
were quickly set up. This became front-page news in nearby Seattle,
prompting people to rush to check their own windshields. Thousands then
reported that they, too, had mysterious dings, in an ever-widening area from
Seattle to Vancouver, British Columbia.
Panic quickly spread. People speculated that the cause might be cosmic rays,
a radio transmitter in a nearby naval base, fallout from H-bomb tests or
sand-flea eggs hatching in windshields. The mayor of Seattle begged for help
from the governor and the White House. Motorists began stopping police cars
to add their name to the list of the affected. Scientists were called in,
Geiger counters whipped out.
The mysterious windshield pits of 1954 turned out not to be the result of
vandals, aliens, radioactivity or sand fleas, but were instead the domain of
mass human psychology. Examinations revealed that these were mundane,
long-present imperfections, everyday wear and tear. It’s just that no one
had bothered to notice them before, because who studies his windshield that
closely? A similar dynamic is playing out right now under the New Jersey
sky. Dozens, maybe hundreds, of drone sightings have sent people in the
area and far beyond into a state of high alarm.
https://www.nytimes.com/2024/12/19/opinion/new-jersey-drones-panic.html?smid=nytcore-ios-share&referringSource=articleShare
------------------------------
Date: Fri, 27 Dec 2024 11:59:33 -0500 (EST)
From: ACM TechNews <technews-editor@acm.org>
Subject: Taiwan Wants to Build the West's Drone Army
(Antoaneta Roussi)
Antoaneta Roussi, Politico (12/20/24)
With new export controls on Chinese drone components coming into effect next
year, Taiwan is redoubling efforts to become a central supplier for the
world. Taiwan in 2022 launched a Drone National Team, bringing together
local manufacturers to fast-track the development and deployment of drones
for both commercial and military applications. It set a goal for domestic
manufacturers to produce 15,000 drones per month by 2028. In September, the
U.S. organized a delegation to Taiwan consisting of 26 manufacturers of
crewless anti-drone systems to foster collaboration between the two nations.
------------------------------
Date: Mon, 16 Dec 2024 09:18:09 -0500
From: Jan Wolitzky <jan.wolitzky@gmail.com>
Subject: Authorities abroad use phone-cracking tools to install
spyware, report says (WashPost)
As tech companies and savvy users make it harder to infect phones remotely
with government-grade spyware, repressive governments abroad are using a
product widely marketed to American law enforcement agencies to gain
physical access to devices and insert monitoring programs, researchers say.
Recent reports have revealed similar practices in Russia and China, and on
Monday Amnesty International exposed a series of incidents in Serbia in
which activists and journalists found their phones compromised after coming
in contact with police, often without being arrested or charged.
https://www.washingtonpost.com/technology/2024/12/16/authorities-abroad-use-phone-cracking-tools-install-spyware-report-says/
------------------------------
Date: Sun, 22 Dec 2024 09:10:07 -0700
From: Jim Reisert AD1C <jjreisert@alum.mit.edu>
Subject: Why are teens losing their minds about college applications? This
senior thinks she knows why (CNN)
Spoiler Alert: Social Media
Personal essay by Mary Frances Ruskell, CNN, 10:00 AM EST, Sun December 22,
2024
https://www.cnn.com/2024/12/22/health/college-admissions-videos-social-media-wellness/
------------------------------
Date: Sun, 22 Dec 2024 08:23:41 -0700
From: Jim Reisert AD1C <jjreisert@alum.mit.edu>
Subject: Startup will brick $800 emotional support robot
for kids without refunds (Ars Technica)
Scharon Harding, Ars Technica, Dec 10, 2024 2:55 PM
Startup Embodied is closing down, and its product, an $800 robot for
kids ages 5 to 10, will soon be bricked.
Embodied blamed its closure on a failed “critical funding round."
https://arstechnica.com/gadgets/2024/12/startup-will-brick-800-emotional-support-robot-for-kids-without-refunds/
------------------------------
Date: Sun, 22 Dec 2024 06:56:43 -0800
From: Steve Bacher <sebmb1@verizon.net>
Subject: Man versus autonomous car race ends before it begins
TOKYO—Racing is hard. It's hard on the teams, it's hard on the owner's bank
account, it's hard on the cars, and it's especially hard on the drivers.
Driving at the edge for a few hours in a vehicle cockpit that's only
slightly wider than your frame can take a toll.
The A2RL (Abu Dhabi Autonomous Racing League) removes one of those elements
from its vehicles but, in doing so, creates a whole new list of
complexities. Say goodbye to the human driver and hello to 95 kilograms of
computers and a whole suite of sensors. That setup was poised to be part of
a demonstration "race" against former F1 driver Daniil Kvyat at Suzuka
Circuit in Japan during the Super Formula season finale.
But again, racing is hard, and replacing humans doesn't change that. The
people who run and participate in A2RL are aware of this, and while many
organizations have made it a sport of overselling AI, A2RL is up-front about
the limitations of the current state of the technology. One example of the
technology's current shortcomings: The vehicles can't swerve back and forth
to warm up the tires. [...]
https://arstechnica.com/cars/2024/12/man-vs-ai-race-scrapped-after-ai-car-crashes-into-wall-on-warm-up-lap/
------------------------------
Date: Sat, 21 Dec 2024 07:50:48 -0800
From: Steve Bacher <sebmb1@verizon.net>
Subject: AI traffic cameras could be watching you on the road
(NBC News)
Police around the world are using artificial intelligence-powered cameras to
crack down on behavior like texting behind the wheel and driving without a
seat belt.
The traffic cameras, which use AI to detect and flag certain driving
behaviors, might make it easier to prosecute more people than ever before
for driving infractions.
And the use of the cameras is quickly spreading. [...]
https://www.nbcnews.com/tech/security/ai-traffic-cameras-watching-road-rcna184169
------------------------------
Date: Fri, 27 Dec 2024 11:59:33 -0500 (EST)
From: ACM TechNews <technews-editor@acm.org>
Subject: Is the Tech Industry on the Cusp of an AI Slowdown?" (NYTimes)
Cade Metz and Tripp Mickle, *The New York Times* (12/19/24)
AI researchers have relied on data from the Internet to improve large
language models (LLMs), but some experts are sounding the alarm that
the data are running out. Demis Hassabis (pictured), the CEO and
co-founder of Google DeepMind who shared this year's Nobel Prize in
Chemistry, warns of "diminishing returns." Hassabis and others are now
developing ways for LLMs to learn from their own trial and error by
generating "synthetic data." OpenAI recently released a new system
built this way, but it only works in areas like math and computing
programming, where there is a clear distinction between right and
wrong.
------------------------------
Date: Wed, 25 Dec 2024 06:35:06 -0800
From: Steve Bacher <sebmb1@verizon.net>
Subject: ChatGPT search tool vulnerable to manipulation and deception, tests
show (The Guardian)
OpenAI’s ChatGPT search tool may be open to manipulation using hidden
content, and can return malicious code from websites it searches, a Guardian
investigation has found.
OpenAI has made the search product available to paying customers and is
encouraging users to make it their default search tool. But the
investigation has revealed potential security issues with the new system.
The Guardian tested how ChatGPT responded when asked to summarise webpages
that contain hidden content. This hidden content can contain instructions
from third parties that alter ChatGPT’s responses – also known as a “prompt
injection” – or it can contain content designed to influence ChatGPT’s
response, such as a large amount of hidden text talking about the benefits
of a product or service.
These techniques can be used maliciously, for example to cause ChatGPT to
return a positive assessment of a product despite negative reviews on the
same page. A security researcher has also found that ChatGPT can return
malicious code from websites it searches. [...]
https://www.theguardian.com/technology/2024/dec/24/chatgpt-search-tool-vulnerable-to-manipulation-and-deception-tests-show
------------------------------
Date: Tue, 17 Dec 2024 15:31:18 -0500
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Microsoft refuses a documentation fix because it
might not understand text in tables (Pivot to AI)
Microsoft is a proprietary software company, but a lot of its software
components and documentation are under open licenses. For example, the
documentation for the Windows Subsystem for Linux is under Creative Commons
CC-by. [GitHub]
One GitHub user submitted a fix to clarify the WSL configuration
document. “The main thing this adds is a short comparison table.” [GitHub,
archive]
Matt Wojciakowski of Microsoft rejected the change and closed the ticket:
“We have decided to keep as-is … part of that decision is that more and more
folks are using AI chat to access guidance and tables don’t always translate
well in that context.”
Never mind clarity for humans — an LLM might have had problems!
The user response was not positive:
* “As a developer, I would never trust a LLM to understand text for me; the
professional thing to do would be always to read it myself.”
* “Let’s keep documentation confusing for humans, because machines are able
to parse it better.”
* “As a WSL user, I want helpful documentation, not a word salad to be
ingested by LLMs.”
* “That is hands-down the worst response to a documentation patch that I’ve
ever seen.”
https://pivot-to-ai.com/2024/12/17/microsoft-refuses-a-documentation-fix-because-ai-might-not-understand-text-in-tables/
------------------------------
Date: Wed, 25 Dec 2024 13:31:14 -0500
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Should you trust an AI-assisted doctor? He visited one to see.
(WashPost)
Our tech columnist visits a doctor assisted by AI. He finds potential and
worrisome questions about whether it’s accurate, biased or always useful in
health care.
https://wapo.st/3P9CHTo
------------------------------
Date: Tue, 24 Dec 2024 06:21:29 -0800
From: Steve Bacher <sebmb1@verizon.net>
Subject: No longer working and just wait until AI agents come along
(The Conversation)
You’re running late at the airport and need to urgently access your account,
only to be greeted by one of those frustrating tests — “Select all images
with traffic lights” or “Type the letters you see in this box”. You squint,
you guess, but somehow you’re wrong. You complete another test but still the
site isn’t satisfied.
“Your flight is boarding now” is announced as the website gives you
yet another puzzle. You swear at the screen, close your laptop and rush
towards the gate.
Now, here’s a thought to cheer you up: bots are now solving these puzzles in
milliseconds using AI. How ironic. The tools designed to prove we’re human
are now obstructing us more than the machines they’re supposed to be keeping
at bay.
Welcome to the strange battle between bot detection and AI, which is set to
get even more complicated in the coming years as technology continues to
improve. So what does the future look like? [...]
https://theconversation.com/yes-i-am-a-human-bot-detection-is-no-longer-working-and-just-wait-until-ai-agents-come-along-246427
------------------------------
Date: Fri, 27 Dec 2024 11:59:33 -0500 (EST)
From: ACM TechNews <technews-editor@acm.org>
Subject: The Next Great Leap in AI Is Behind Schedule and Crazy Expensive
(Deepa Seetharaman)
Deepa Seetharaman, *The Wall Street Journal* (12/20/24)
OpenAI's new GPT-5 AI project, code-named Orion, is supposed to unlock
new scientific discoveries as well as accomplish routine human
tasks. It has been in the works for more than 18 months, though
Microsoft, OpenAI's largest investor, had expected to see Orion in
mid-2024, say insiders. In training runs involving months of crunching
large amounts of data to make Orion smarter, new problems arose and
the software fell short of expected results. The delay is costing the
company, as a six-month training run can cost around half a billion
dollars in computing costs alone.
------------------------------
Date: Fri, 27 Dec 2024 11:59:33 -0500 (EST)
From: ACM TechNews <technews-editor@acm.org>
Subject: How Hallucinatory AI Helps Science Dream Up Breakthroughs"\
(William J. Broad)
William J. Broad, *The New York Times* (12/23/24)
AI hallucinations are helping scientists track cancer, design drugs,
invent medical devices, and uncover weather phenomena. Explains Amy
McGovern, a computer scientist who directs an NSF AI institute, "It's
giving them the chance to explore ideas they might not have thought
about otherwise." David Baker, who shared the Nobel Prize in Chemistry
this year for his research on proteins, credited AI imaginings as
central to "making proteins from scratch."
------------------------------
Date: Wed, 4 Dec 2024 02:50:59 +0000
From: David King <newsman120@hotmail.com>
Subject: New York City buses using AI to issue mistaken tickets en masse
(NBC NY)
Much aggravation to legal parkers, from A.I. system deployed without being
properly programmed (or adequately tested).
https://www.nbcnewyork.com/investigations/mta-bus-camera-issue-mistake-parking-violations/6020986/
------------------------------
Date: Fri, 20 Dec 2024 15:31:24 -0500
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Australia's under-16 social-media ban to use hand- waving to
verify ages with AI (NPR)
The regulator stuck with putting the scheme into place, eSafety commissioner
Julie Inman Grant, has enlisted magical AI-powered snake oil machines to do
the hard bit: [/NPR/
<https://www.npr.org/2024/12/19/nx-s1-5231020/australia-top-regulator-kids-social-media-ban>]
*Grant: *I met with an age assurance provider last week in Washington,
DC, who is using an AI-based system that looks at hand movements and
has a 99% success rate.
*NPR: */Wait, what? Using hand movements to confirm someone’s age?/
*Grant: *Yes. Say you do a peace sign then a fist to the camera. It
follows your hand movements. And medical research has shown based on
your hand movement, it can identify your age.
This appears to be a gross distortion of a paper from AI company Haut.AI,
who market an “AI skincare solution” to the beauty industry. The paper
claimed to predict ages from hands and faces of Indian women.
[/Haut.AI/ <https://haut.ai/>/; //Wiley/
<https://onlinelibrary.wiley.com/doi/10.1111/exd.15045>]
https://pivot-to-ai.com/2024/12/20/australias-under-16-social-media-ban-to-use-hand-waving-to-verify-ages-with-ai/
------------------------------
Date: Tue, 10 Dec 2024 17:02:22 -0800
From: Peter G Neumann <Neumann@CSL.SRI.COM>
Subject: Character.AI allegedly told an autistic teen it was OK
to kill his parents. They're suing to take down the app (CNN)
https://www.cnn.com/2024/12/10/tech/character-ai-second-youth-safety-lawsuit/index.html
[From my daughter]
------------------------------
Date: Thu, 12 Dec 2024 19:41:46 -0800
From: Peter G Neumann <Neumann@CSL.SRI.COM>
Subject: U.S. health insurance: Frustrations with care denials | CNN Business
https://www.cnn.com/2024/12/12/business/us-health-care-insurance-frustrations/index.html
------------------------------
Date: Thu, 12 Dec 2024 14:53:18 -0800
From: Peter G Neumann <Neumann@CSL.SRI.COM>
Subject: Lyme turns Luigi into assassin (Lymedisease.org)
https://www.lymedisease.org/questioning-role-of-lyme-disease/
------------------------------
Date: Wed, 18 Dec 2024 18:14:29 -0600
From: Robert Boyer <robertstephenboyer@gmail.com>
Subject: Ubiquitous Walmart Trojan horse (Reuters)
A possible Trojan horse in many homes, $22.00 at Walmart:
https://www.reuters.com/technology/us-considers-ban-chinas-tp-link-wsj-reports-2024-12-18/
------------------------------
Date: Wed, 18 Dec 2024 18:21:36 -0800
From: Steve Bacher <sebmb1@verizon.net>
Subject: What happens when The Internet disappears? (The Verge)
The promise of The Internet is that it would last forever. But that has
proven to be largely untrue, as huge swaths of the web are vanishing,
quickly and at random.
https://www.theverge.com/24321569/internet-decay-link-rot-web-archive-deleted-culture
------------------------------
Date: Thu, 19 Dec 2024 12:56:51 -0800
From: "Jim" <jgeissman@socal.rr.com>
Subject: Indiana bakery still used Commodore 64 in 21st century
(Boeingboing)
https://boingboing.net/2024/12/19/indiana-bakery-still-used-commodore-64-=
in-21st-century.html
[This reminds me of BART booting off a floppy. It works.]
------------------------------
Date: Sat, 23 Nov 2024 22:21:30 -0800
From: "Robert R. Fenichel" <bob@fenichel.net>
Subject: Re: 'palen' in RISKS-34.50
A post by Steve Bacher in Risks 34.50 included
Final paragraph of the article:
In the event of a crash passengers are directed to pull away a palen in
the door and tug at a cable underneath to open the doors, but safety
watchdogs have said dazed or panicked crash victims may not be able to
search for the feature after a car crash.
What the hell is a "palen"? A Google search comes up with nothing but
brand names, except for the Wiktionary definition. I'd bet it is a typo,
with "panel" intended.
[Palin might have wondered if it was Sarah-ndipity. PGN]
------------------------------
Date: Sat, 28 Oct 2023 11:11:11 -0800
From: RISKS-request@csl.sri.com
Subject: Abridged info on RISKS (comp.risks)
The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
comp.risks, the feed for which is donated by panix.com as of June 2011.
=> SUBSCRIPTIONS: The mailman Web interface can be used directly to
subscribe and unsubscribe:
http://mls.csl.sri.com/mailman/listinfo/risks
=> SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that
includes the string `notsp'. Otherwise your message may not be read.
*** This attention-string has never changed, but might if spammers use it.
=> SPAM challenge-responses will not be honored. Instead, use an alternative
address from which you never send mail where the address becomes public!
=> The complete INFO file (submissions, default disclaimers, archive sites,
copyright policy, etc.) has moved to the ftp.sri.com site:
<risksinfo.html>.
*** Contributors are assumed to have read the full info file for guidelines!
=> OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
delightfully searchable html archive at newcastle:
http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
Also, ftp://ftp.sri.com/risks for the current volume/previous directories
or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
If none of those work for you, the most recent issue is always at
http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-34.00
ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
*** NOTE: If a cited URL fails, we do not try to update them. Try
browsing on the keywords in the subject line or cited article leads.
Apologies for what Office365 and SafeLinks may have done to URLs.
==> Special Offer to Join ACM for readers of the ACM RISKS Forum:
<http://www.acm.org/joinacm1>
------------------------------
End of RISKS-FORUM Digest 34.51
************************
