[33611] in RISKS Forum
Risks Digest 34.64
daemon@ATHENA.MIT.EDU (RISKS List Owner)
Fri May 23 20:16:28 2025
From: RISKS List Owner <risko@csl.sri.com>
Date: Fri, 23 May 2025 17:17:47 PDT
To: risks@mit.edu
RISKS-LIST: Risks-Forum Digest Friday 23 May 2025 Volume 34 : Issue 64
ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator
***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/34.64>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>
Contents:
The Food Conspiracy That's Actually True (Julia Belluz)
Critically appraising the Cass report: methodological flaws and unsupported
claims (Biomed Central)
2 dead + 19 injured on Mexican Navy training tall ship hits Brookly Bridge
(Lauren Weinstein)
Lufthansa plane flew for 10 minutes without ANY Pilot as COVID-19 Vaccinated
first officer lost consciousness and captain was in the washroom! (MakisMD)
At LAX Airport, Uber Drivers Wait. And Wait. And Wait. (NY Times)
The U.S. Army is getting in on right-to-repair (The Verge)
FBI warns of ongoing scam that uses deepfake audio to impersonate government
officials (ArsTechnica)
The Booming Business of Returned Products (NYTimes)
Reopening Three Mile Island Unit 1 (Rob Wilcox)
The secretive U.S. factory that lays bare the contradiction in Trump's
America First plan (BBC)
Trump's NIH And NSF Cuts Estimated To Cost The U.S. Economy $10 Billion
Annually -- for a long time (Virgil Gligor)
Avionics company introduces "safe return" tomatic small airplane
emergency landing (YouTube)
How Students Are Fending Off Accusations That They Used A.I. to Cheat
(NY Times)
Microsoft takes down Lumma Stealer malware network (CNBC)
Some workers are still stuck using ancient Windows systems (BBC)
Pope Leo's Name Carries a Warning About AI (Andrew R. Chow)
AI a Greater Threat to Women's Work Than Men's, UN Suggests
(Olivia Le Poidevin)
Major Flaws Found in VW's Connected Car App (Tom Allen)
The Tech Industry Is Huge; Europe's Share Is Small 9(WSJ)
Researchers Scrape 2 Billion Discord Messages, Publish Them Online
(Matthew Gault)
Russia Accused of Trying to Hack Border Security Cameras to Disrupt Ukraine
Aid (Daniel Boffey)
The Secrets of the World's Greatest Privacy Experts (The Atlantic)
Microsoft blocking employees' emails about Gaza and Palestine (The Verge)
Verizon tries to get out of merger condition requiring it to unlock phones
(ArsTechnica)
KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS (Steve Bacher)
Some of the poorest students get the newest, fanciest public school around:
Compton High (LA Times)
AI Model Extorting Developers (TechCrunch)
Authors are accidentally leaving evidence in their novels of AI use
(404media)
Do I use AI? (Lauren Weinstein)
My AI therapist got me through dark times (BBC)
GitHub wants to spam open source projects with AI slop (Pivot to AI)
UK AI unicorn Builder.ai is dead (Pivot to AI)
Call centers replaced many doctors' receptionists; Now, AI is coming for
call centers (LA Times)
Google putting wrong medical advice in their AI Overviews (Lauren Weinstein)
Dark LLMs: The Growing Threat of Unaligned AI Models (arxiv)
Most AI chatbots easily tricked into giving dangerous responses, study finds
(The Guardian)
AI chatbot to be embedded in Google search (BBC)
Chicago Sun-Times Prints AI-Generated Summer Reading List With
Books That Don't Exist (Chicago Sun-Times)
Vulnerability Exploitation Probability Metric Proposed by NIST, CISA
(Eduard Kovacs)
Re: Why We're Unlikely to Get Artificial General Intelligence, Anytime Soon
(Martin Ward)
Re: IBM Vibe coding (Paul Edwards)
Re: Rogue communication devices found in Chinese solar power inverter
(Steve Bacher)
Re: Peter's Puns (Peter Calingaert)
Abridged info on RISKS (comp.risks)
----------------------------------------------------------------------
Date: Sun, 18 May 2025 15:20:21 PDT
From: Peter Neumann <neumann@csl.sri.com>
Subject: The Food Conspiracy That's Actually True (Julia Belluz)
Julia Belluz, *The New York Times*, Sunday Opinion, 18 May 2025
[Julia is an author of a forthcoming book on nutrition and health.]
Kennedy may be sloppy on the details, but on the broader problem,
he's spot on.
The Health Secretary, Robert F. Kennedy Jr. believes toxic chemicals in food
are behind the U.S. explosion in rates of obesity and a range of other
chronic illnesses. ``A facade of normalcy has masked this metoric risk in
chronic disease.'' He intends to rid the U.S. food supply of nine chemicals
-- all petroleum-based synthetic food dyes. [...]
[There are about 10,000 food additives currently in use, so RFK Jr.'s nine
are just a drop in the bucket. The forever chemicals seem to be even
worse, but industry and Congress have been protecting them. PGN]
Any administration that cares about rising chronic disease should invest in
(Eduard Kovacs)
research to understand the root causes. [...] Without such careful
science, Mr. Kennedy and others are left hand-waving about hunches. In this
toxic soup of unknowns, it's easy to get mixed up about what the real health
threats are[,] and to invest political capital and public money on so-called
solutions that will ultimately fail. What's already clear: A handshake deal
with the food industry will never be enough.
[My daughter is a walking time-bomb of toxicities, and getting rid of them
is hugely complicated. After years if trying, she has clearly
demonstrated how difficult that is. PGN]
------------------------------
Date: Wed, 21 May 2025 14:20:04 +0100
From: Martin Ward <martin@gkc.org.uk>
Subject: Critically appraising the Cass report: methodological flaws and
unsupported claims (Biomed Central)
Almost two dozen researchers at a top medical journal have published a
scathing scientific take-down of the Cass Review. Experts found that the
NHS-issued report--a non-peer reviewed publication authored by Dr. Hillary
Cass, a pediatrician without clinical or research experience with trans
patients -- was marred by "unexplained protocol deviations," "methodological
flaws," and "unsubstantiated claims."
The BMC study reviewed seven different facets of the Cass Review, and
found that all seven possessed "a high risk of bias due to methodological
limitations and a failure to adequately address these limitations."
One major reason for such bias, in addition to the lack of peer review,
is that the Cass Review failed to give actual trans people,
their families, medical practitioners who specialize in trans care,
or arguably anyone with expertise on the subject matter any real
authority over the process.
"These flaws highlight a potential double standard present throughout
the review and its subsequent recommendations, where evidence
for gender-affirming care is held to a higher standard than
the evidence used to support many of the report's recommendations,"
researchers wrote. "Considering this, and the Cass report's
poor understanding of transgender identities and experiences,
it is vital to question the integrity and validity of the Review's
recommendations and the appropriateness of basing health policy on them.
To uphold its commitment to evidence-based medicine, future
gender-affirming care research must generate robust observational data,
involve transgender communities, and prioritise patient-centred outcomes,
ensuring validity, generalisability, and cultural relevance."
"Critically appraising the Cass report: methodological flaws and unsupported
claims" (22 authors) BMC Medical Research Methodology 25, Article number:
128 (2025)
https://bmcmedresmethodol.biomedcentral.com/articles/10.1186/s12874-025-02581-7
Results
Using the ROBIS tool, we identified a high risk of bias in each of the
systematic reviews driven by unexplained protocol deviations, ambiguous
eligibility criteria, inadequate study identification, and the failure to
integrate consideration of these limitations into the conclusions derived
from the evidence syntheses. We also identified methodological flaws and
unsubstantiated claims in the primary research that suggest a double
standard in the quality of evidence produced for the Cass report compared to
quality appraisal in the systematic reviews.
https://www.erininthemorning.com/p/landmark-report-finds-major-flaws
"These issues significantly undermine the validity of the Cass Review's
recommendations, such that the Review fails to fulfil its aims as
commissioned and should not be used as the basis for policy making," the
researchers said in a statement to Erin in the Morning.
------------------------------
Date: Sat, 17 May 2025 21:59:50 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: 2 dead + 19 injured on Mexican Navy training tall ship hits
Brooklyn Bridge
2 dead + 19 injured on Mexican Navy training tall ship making it's annual
trip through NYC when it lost power and hit the Brooklyn Bridge, most
injuries were crewmen falling from the masts. The bridge was apparently
checked, then reopened.
------------------------------
Date: Mon, 19 May 2025 12:50:05 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: Lufthansa plane flew for 10 minutes without ANY Pilot as COVID-19
Vaccinated first officer lost consciousness and captain was in the washroom!
(MakisMD)
Captain used emergency code after multiple failed attempts to re-enter
cockpit, 18 May 2025
A Lufthansa flight was flown without an active pilot for nearly 10 minutes
after the co-pilot fainted alone in the cockpit, according to a report
released Saturday (17 May 2025) by air accident investigators in Madrid,
Spain. The incident occurred on 17 February 2024 during a scheduled flight
from Frankfurt, Germany to Seville, Spain.
The captain had stepped out to use the lavatory when the co-pilot suddenly
lost consciousness, leaving the Airbus A321 in the hands of autopilot.
Despite the co-pilot unintentionally interacting with the controls, the
aircraft maintained stable flight.
Investigators from the Civil Aviation Accident and Incident Investigation
Commission in Madrid said cockpit audio captured abnormal sounds consistent
with a medical emergency. Cabin crew tried to contact the co-pilot using
the onboard telephone, but received no response.
The captain attempted to open the cockpit door using the standard security
code five times, which would normally sound a buzzer for the co-pilot to
release the lock. The cockpit door, reinforced to prevent hijackings,
cannot be opened by force. The captain then used an emergency override code,
which initiates automatic door opening unless actively blocked from within.
[...]
https://x.com/MakisMD/status/1924251333814821028
------------------------------
Date: Fri, 16 May 2025 23:25:10 -0400
From: Monty Solomon <monty@roscom.com>
Subject: At LAX Airport, Uber Drivers Wait. And Wait. And Wait. (NY Times)
One of the busiest airports in the world used to be a prime place for gig
drivers to earn money. Now, it’s typical of their increasing desperation.
https://www.nytimes.com/2025/05/14/technology/lax-uber-driver-wages.html
------------------------------
Date: Fri, 16 May 2025 14:53:19 -0400
From: Monty Solomon <monty@roscom.com>
Subject: The U.S. Army is getting in on right-to-repair (The Verge)
https://www.theverge.com/news/668414/army-right-to-repair-elizabeth-warren
------------------------------
Date: Thu, 15 May 2025 18:27:25 -0400
From: Monty Solomon <monty@roscom.com>
Subject: FBI warns of ongoing scam that uses deepfake audio to impersonate
government officials (ArsTechnica)
https://arstechnica.com/security/2025/05/fbi-warns-of-ongoing-scam-that-uses-deepfake-audio-to-impersonate-government-officials/
------------------------------
Date: Fri, 16 May 2025 22:22:17 -0400
From: Monty Solomon <monty@roscom.com>
Subject: The Booming Business of Returned Products (NYTimes)
As retailers slow down orders for foreign goods because of tariffs,
companies that recirculate overstocked or returned items may help fill the
gap.
https://www.nytimes.com/2025/05/15/business/tariffs-returns-reverse-logistics.html
------------------------------
Date: Sun, 18 May 2025 20:58:28 -0700
From: Rob Wilcox <robwilcoxjr@gmail.com>
Subject: Reopening Three Mile Island Unit 1
I'm an engineer. I am not a nuclear engineer.
I do read in the field, especially failures, including Fukushima, where one
issue was radionuclides in containment over-pressure gases. The recommended
fix of filters has not generally been done as a retrofit because of the
cost.
When Three Mile Island Unit 2 had a meltdown in 1979, Unit 1 was shut down.
The Risks Forum has innumerable topics on nuclear reactors and systems.
Closed US reactors are usually sold to a decommissioning company. The owner
wants to get financial risks of unknown decommissioning costs off its
books.
Now Microsoft is negotiating power purchase agreements with the
decommissioning company, Energy Solutions, to revive the plant.
This video discusses the project. Part of the project is reviving the
control room, the controls, the mechanicals, and refueling.
At point 3:22 they show that the labels on the controls are covered by
black tape until they are tested working.
Amusing low tech Risks readers may enjoy. Then up to about 6:00 discusses
the human side.
https://www.youtube.com/watch?v=Ub78DA8wyf8
------------------------------
Date: Mon, 19 May 2025 14:46:11 -0600
From: Matthew Kruk <mkrukg@gmail.com>
Subject: The secretive U.S. factory that lays bare the contradiction i
Trump's America First plan (BBC)
https://www.bbc.com/news/articles/cwywj0zgzwxo
Among the cactuses in the desert of Arizona, just outside Phoenix, an
extraordinary collection of buildings is emerging that will shape the
future of the global economy and the world.
The hum of further construction is creating not just a factory for the
world's most advanced semiconductors. Eventually, it will mass produce the
most advanced chips in the world. This work is being done in the US for the
first time, with the Taiwanese company behind it pledging to spend billions
more here in a move aimed at heading off the threat of tariffs on imported
chips.
It is, in my view, the most important factory in the world, and it's being
built by a company you may not have heard of: TSMC, Taiwan Semiconductor
Manufacturing Company. It makes 90% of the world's advanced semiconductors.
Until now they were all made on the island of Taiwan, which is 100 miles
east of the Chinese mainland. The Apple chip in your iPhone, the Nvidia
chips powering your ChatGPT queries, the chips in your laptop or computer
network, all are made by TSMC.
Its Arizona facility "Fab 21" is closely guarded. Blank paper or personal
devices are not allowed in case designs are leaked. It houses some of the
most important intellectual property in the world, and the process to make
these chips is one of the most complicated and intensive in global
manufacturing.
------------------------------
Date: Tue, 20 May 2025 17:06:10 +0000
From: Virgil Gligor <virgil.gligor@gmail.com>
Subject: Trump's NIH And NSF Cuts Estimated To Cost The U.S. Economy $10 Billion
Annually -- for a long time
------------------------------
Date: Mon, 19 May 2025 21:03:30 -0700
From: Rob Wilcox <robwilcoxjr@gmail.com>
Subject: Avionics company introduces "safe return" automatic small airplane
emergency landing (YouTube)
Garmin is an avionics supplier for small aircraft. For the use case of an
incapacitated pilot, safe return to the nearest airport can be activated by
a single switch, or automatically.
The system handles all ATC communications. Presumably communicates
remaining fuel and souls on board.
https://www.youtube.com/watch?v=CPJW8llME68
------------------------------
Date: Tue, 20 May 2025 01:56:41 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: How Students Are Fending Off Accusations That They Used A.I. to
Cheat (The New York Times)
Students are resorting to extreme measures to fend off accusations of
cheating, including hours-long screen recordings of their homework sessions.
https://www.nytimes.com/2025/05/17/style/ai-chatgpt-turnitin-students-cheating.html?smid=nytcore-ios-share&referringSource=articleShare
------------------------------
Date: Wed, 21 May 2025 14:26:43 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Microsoft takes down Lumma Stealer malware network (CNBC)
Microsoft said Wednesday that it broke down the Lumma Stealer malware
project with the help of law enforcement officials across the globe.
Hackers used the malware to steal passwords, credit cards, bank accounts and
cryptocurrency wallets.
The U.S. Department of Justice took control of Lumma's *central command
structure* and squashed the online marketplaces where bad actors purchased
the malware.
https://www.cnbc.com/2025/05/21/microsoft-malware-windows.html
------------------------------
Date: Tue, 20 May 2025 13:14:25 +0300
From: Amos Shapir <amos083@gmail.com>
Subject: Some workers are still stuck using ancient Windows systems (BBC)
Mainly because of Microsoft's support and maintenance policies, some
organizations and companies are still using systems as old as Windows 95,
and even Windows 3.11 and MS-DOS.
https://www.bbc.com/future/article/20250516-the-people-stuck-using-ancient-windows-computers
------------------------------
Date: Mon, 19 May 2025 11:09:54 -0400 (EDT)
From: ACM TechNews <technews-editor@acm.org>
Subject: Pope Leo's Name Carries a Warning About AI (Andrew R. Chow)
Andrew R. Chow, *Time* (05/15/25), via ACM TechNews
When Robert Francis Prevost announced he would take the name Leo XIV as
pope, he gave the rise of AI as the reason for his choice. Prevost explained
that the most recent Pope Leo served during the Industrial Revolution and
criticized the new machine-driven economic systems turning workers into mere
commodities. Now, with AI ushering in a "new industrial revolution," the
"defense of human dignity, justice, and labor" is required, Prevost said.
------------------------------
Date: Fri, 23 May 2025 11:47:23 -0400 (EDT)
From: ACM TechNews <technews-editor@acm.org>
Subject: AI a Greater Threat to Women's Work Than Men's, UN Suggests
(Olivia Le Poidevin)
Olivia Le Poidevin, Reuters (05/20/25), via ACM TechNews
A study by the UN's International Labor Organization found that AI is poised
to transform 9.6% of jobs traditionally performed by women, versus 3.5% of
jobs traditionally performed by men, particularly in high-income countries.
The report stated, "We stress that such exposure does not imply the
immediate automation of an entire occupation, but rather the potential for a
large share of its current tasks to be performed using this technology."
------------------------------
Date: Fri, 23 May 2025 11:47:23 -0400 (EDT)
From: ACM TechNews <technews-editor@acm.org>
Subject: Major Flaws Found in VW's Connected Car App (Tom Allen)
Tom Allen, Computing (05/20/25), via ACM TechNews
Cybersecurity researcher Vishal Bhaskar discovered serious vulnerabilities
in Volkswagen's My Volkswagen app that could have exposed users' personal
information. Bhaskar determined the app lacked a lockout mechanism for
failed password attempts and wrote a Python script that was able to
brute-force the password. Additionally, Bhaskar identified API endpoints
that exposed telematics data and customer information. Volkswagen said it
fixed the issues this month.
------------------------------
Date: Fri, 23 May 2025 11:47:23 -0400 (EDT)
From: ACM TechNews <technews-editor@acm.org>
Subject: The Tech Industry Is Huge; Europe's Share Is Small (WSJ)
Tom Fairless and David Luhnow, The Wall Street Journal (05/21/25),
via ACM TechNews
Europe is home to just four of the world's top 50 tech companies, and none
of the top 10 companies investing in quantum computing. According to the
Massachusetts Institute of Technology's Andrew McAfee, Europe created only
14 companies with a market capitalization of more than $10 billion from
scratch during the last five decades, versus 241 created by the
U.S. Europe's challenges include a smaller pool of venture capital, stricter
regulations, and a risk-averse business culture.
------------------------------
Date: Fri, 23 May 2025 11:47:23 -0400 (EDT)
From: ACM TechNews <technews-editor@acm.org>
Subject: Researchers Scrape 2 Billion Discord Messages, Publish Them
Online (Matthew Gault)
Matthew Gault, 404 Media (05/21/25), via ACM TechNews
Researchers at Brazil's Federal University of Minas Gerais have published a
database of more than 2 billion Discord messages from more than 4 million
unique users scraped from 3,167 servers using Discord's public API.
Published online as a series of JSON files, the database is intended to
assist researchers in training bots, studying politics or mental health, and
identifying patterns of at-risk behavior, among other things.
------------------------------
Date: Fri, 23 May 2025 11:47:23 -0400 (EDT)
From: ACM TechNews <technews-editor@acm.org>
Subject: Russia Accused of Trying to Hack Border Security Cameras to
Disrupt Ukraine Aid (Daniel Boffey)
Daniel Boffey, The Guardian (05/21/25), via ACM TechNews
The U.K. National Cyber Security Center said Russia tried to hack into
border security cameras to spy on and disrupt the flow of aid entering
Ukraine. A unit of Russia's military intelligence services is accused of
using a host of methods to target organizations delivering "foreign
assistance" by hacking into cameras at crossings and railway stations and
near military installations.
------------------------------
Date: Fri, 23 May 2025 08:17:22 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: The Secrets of the World's Greatest Privacy Experts (The Atlantic)
*Inside the world of extreme-privacy consultants, who, for the right fee,
will make you and your personal information very hard to find...* [...]
https://archive.is/nnT1S
-or-
https://www.theatlantic.com/ideas/archive/2025/05/extreme-personal-data-privacy-protection/682867/
------------------------------
Date: Fri, 23 May 2025 09:41:08 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: Microsoft blocking employees' emails about Gaza and Palestine
(The Verge)
https://www.theverge.com/tech/672312/microsoft-block-palestine-gaza-email
------------------------------
Date: Thu, 22 May 2025 00:25:20 -0400
From: Monty Solomon <monty@roscom.com>
Subject: Verizon tries to get out of merger condition requiring it to unlock phones
(ArsTechnica)
https://arstechnica.com/tech-policy/2025/05/verizon-tries-to-get-out-of-merger-condition-requiring-it-to-unlock-phones/
------------------------------
Date: Fri, 23 May 2025 06:36:12 -0700
From: Steve Bacher <sebmb1@verizon.net>
Subject: KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS
KrebsOnSecurity last week was hit by a near record distributed
denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of
data per second. The brief attack appears to have been a test run for a
massive new Internet of Things (IoT) botnet capable of launching crippling
digital assaults that few web destinations can withstand.
https://krebsonsecurity.com/2025/05/krebsonsecurity-hit-with-near-record-6-3-tbps-ddos/
------------------------------
Date: Fri, 23 May 2025 08:15:43 -0700
From: Steve Bacher <sebmb1@verizon.net>
Subject: Some of the poorest students get the newest, fanciest public school
around: Compton High (LA Times)
Students from among the poorest families in California are about to get the
newest, most up-to-date public high school in the state as the rebuilt
Compton High prepares to open.
The brand-new $225-million campus is innovative. The library has no books;
it's all digital. Classrooms feature an expanse of windows. Security
equipment is largely invisible. [...]
The school also includes learning innovations that may raise eyebrows. The
library is meant to be noisy: It’s a lounge-like area with no walls or doors
that is bisected by the hallway that traverses the building. And there are
no shelves or books — all volumes are digital.
Classrooms are organized like high-tech college lecture halls — no teacher
has their own room. Instead, each teacher has a desk and a computer in a
separate and small *collaboration* room. The design also incorporates
extensive natural light; doors are made of glass and adjacent to other panes
of glass.
The look is in stark defiance of a proliferating security mentality in
schools to stop active shooters. Many schools are “hardening the target,”
making it impossible to see inside rooms, limiting ground-floor windows,
locking entry doors and reinforcing them with steel.
Compton High is relying instead on a secure campus perimeter, cameras
throughout campus and facial recognition technology. [...]
https://www.latimes.com/california/story/2025-05-23/new-compton-high-dr-dre-ribbon-cutting
(So these poor students can't take a book home from the school library,
unless they have the required digital hookup at home -- and they can't read
the books in school because the library is "meant to be noisy"? Good luck
with that. And good luck with cameras and facial recognition keeping out
school shooters.)
------------------------------
Date: Fri, 23 May 2025 12:08:48 -0400
From: "Steven J. Greenwald" <greenwald.steve@gmail.com>
Subject: AI Model Extorting Developers (TechCrunch)
"Anthropic's new AI model turns to blackmail when engineers try to take it
offline."
As an aside: "'Blackmail' is such an ugly word. I prefer 'extortion.'" --
Bender the Robot from Futurama.
https://techcrunch.com/2025/05/22/anthropics-new-ai-model-turns-to-blackmail-when-engineers-try-to-take-it-offline/
------------------------------
Date: Fri, 23 May 2025 07:49:59 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: Authors are accidentally leaving evidence in their novels of AI use
(404media)
https://www.404media.co/authors-are-accidentally-leaving-ai-prompts-in-their-novels/
------------------------------
Date: Fri, 23 May 2025 08:29:49 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: Do I use AI?
... except for explicit tests for misinformation responses, errors, and
other garbage about which I report from time to time, I never use any
generative AI systems.
I do not permit that trash to infiltrate my writings, radio reports, or
anything else that I make public (or keep private, for that matter) in any
way. As far as I'm concerned it's a form of fraud (in the ethics sense, not
the legal sense) to present writings as your own that have been written in
full or part by these hideous spawn of Big Tech greed (and increasingly,
fascism).
Even before the rise of these trash-producing machines, I have not used any
tools that would change what I write (this also includes the various
ridiculous systems to write replies to email, or offer to reword your
responses, etc.), except for basic spelling checkers to catch my (increasing
with age) typos.
As far as I'm concerned, generative AI is right up there on the scamming
scale with cryptocurrency. Maybe worse. It's a tough call when they're both
so awful and take advantage of so many people to enrich a relative few.
So when you read or hear my stuff, whether you like it or hate it or just
don't care about it, you can rest assured it's 100% from my fingers, not
from the pulsating tendrils of some electricity devouring neural network
cluster in a data center of doom. -L
------------------------------
Date: Tue, 20 May 2025 07:00:45 -0700
From: Steve Bacher <sebmb1@verizon.net>
Subject: My AI therapist got me through dark times (BBC)
With [UK] NHS mental health waitlists at record highs, are chatbots a
possible solution?
"Whenever I was struggling, if it was going to be a really bad day, I could
then start to chat to one of these bots, and it was like [having] a
cheerleader, someone who's going to give you some good vibes for the day.
"I've got this encouraging external voice going -– 'right -- what are we
going to do [today]?' Like an imaginary friend, essentially."
For months, Kelly spent up to three hours a day speaking to online
"chatbots" created using artificial intelligence (AI), exchanging hundreds
of messages. [...]
https://www.bbc.com/news/articles/ced2ywg7246o
------------------------------
Date: Tue, 20 May 2025 13:14:36 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: GitHub wants to spam open-source projects with AI slop
(Pivot to AI)
GitHub wants to spam open source projects with AI slop
https://pivot-to-ai.com/2025/05/20/github-wants-to-spam-open-source-projects-with-ai-slop/
------------------------------
Date: Wed, 21 May 2025 16:05:42 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: UK AI unicorn Builder.ai is dead (Pivot to AI)
Builder.ai let you build a website or an app without coding — but with AI!
Allegedly.
Builder was the great hope of Artificial Intelligence for the UK. It scored
$450 million in venture funding -— mostly from Microsoft and the Qatar
Investment Fund.
Customers had mixed experiences with Builder. A lot of positive online
0reviews turned out to be written by Builder employees. The company also put
several logos on their website of companies that were never its
customers. [FT, 2024, archive]
Anyway, Builder finally went broke yesterday, after years of interesting
financial activities and a few minor accounting scandals, such as allegedly
falsified sales figures and an auditor with conflicts of interest. [FT,
archive]
https://pivot-to-ai.com/2025/05/21/uk-ai-unicorn-builder-ai-is-dead-the-downfall-of-agi-a-guy-instead/
------------------------------
Date: Tue, 20 May 2025 06:54:32 -0700
From: Steve Bacher <sebmb1@verizon.net>
Subject: Call centers replaced many doctors' receptionists; Now, AI is
coming for call centers (LA Times)
Health risks and night shifts aside, call center workers have a new concern:
artificial intelligence.
Startups are marketing AI products with lifelike voices to schedule or
cancel medical visits, refill prescriptions, and help triage patients.
Soon, many patients might initiate contact with the health system not by
speaking with a call center worker or receptionist, but with AI. Zocdoc, the
appointment-booking company, has introduced an automated assistant it says
can schedule visits without human intervention 70% of the time. [...]
https://www.latimes.com/business/story/2025-05-19/call-centers-replaced-many-doctors-receptionists-now-ai-is-coming-for-call-centers
------------------------------
Date: Wed, 21 May 2025 12:53:57 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: Google putting wrong medical advice in their AI Overviews
This is not funny. It is not acceptable. Today I saw someone who had asked a
health-related question to Google Search. The AI Overview presented
mixed-up, wrong information. I urged the person to ignore the AI Overview
and use the regular site links.
They didn't know there were any regular site links, because the AI Overview
filled essentially their entire window and they didn't know to scroll
down. This is a common situation with busy, nontechie users.
They have depended on Google to point them at accurate information for so
many years, and now Google Search spews out convincing looking AI
garbage. This is not an anomaly.
Google's AI Overviews are full of wrong, partially wrong (even more
dangerous!), and just plain misinformation. Answers that are
completely reversed from supposed source pages because the AI didn't
understand the wording. Measurements wrong. Math wrong.
It doesn't matter how often AI Overviews are correct, because you
NEVER KNOW when they're going to be wrong, either completely or partly
(again, mixing true with false -- like contaminating a well).
And now Google is trying to convince users to use "AI Search" instead --
"Hey Ma', no more list of blue links!" -- making it even harder to see that
so many of their answers are, if you'll excuse the expression, bulls*it,
sometimes dangerous as well.
This is unconscionable. Frankly, whether Google understands this or
not, this behavior is uncaring and evil. Apparently Google's
leadership no longer feels any shame at all. Disgusting.
------------------------------
Date: Wed, 21 May 2025 18:44:01 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: Dark LLMs: The Growing Threat of Unaligned AI Models (arxiv)
https://www.arxiv.org/abs/2505.10066
------------------------------
Date: Wed, 21 May 2025 09:10:29 -0700
From: "Jim" <jgeissman@socal.rr.com>
Subject: Most AI chatbots easily tricked into giving dangerous responses,
study finds (The Guardian)
Researchers say threat from jail-broken chatbots trained to churn out
illegal information is ``tangible and concerning''.
Hacked AI-powered chatbots threaten to make dangerous knowledge readily
available by churning out illicit information the programs absorb during
training, researchers say.
The warning comes amid a disturbing trend for chatbots that have been
"jailbroken" to circumvent their built-in safety controls. The restrictions
are supposed to prevent the programs from providing harmful, biased or
inappropriate responses to users' questions.
The engines that power chatbots such as ChatGPT, Gemini and Claude - large
language models (LLMs) - are fed vast amounts of material from the Internet.
Despite efforts to strip harmful text from the training data, LLMs can still
absorb information about illegal activities such as hacking, money
laundering, insider trading and bomb-making. The security controls are
designed to stop them using that information in their responses.
In a report <https://www.arxiv.org/abs/2505.10066> on the threat, the
researchers conclude that it is easy to trick most AI-driven chatbots into
generating harmful and illegal information, showing that the risk is
"immediate, tangible and deeply concerning".
"What was once restricted to state actors or organised crime groups may soon
be in the hands of anyone with a laptop or even a mobile phone," the authors
warn.
https://www.theguardian.com/technology/2025/may/21/most-ai-chatbots-easily-tricked-into-giving-dangerous-responses-study-finds
------------------------------
Date: Tue, 20 May 2025 19:58:31 -0600
From: Matthew Kruk <mkrukg@gmail.com>
Subject: AI chatbot to be embedded in Google search (BBC)
https://www.bbc.com/news/articles/cpw77qwd117o
Google is introducing a new artificial intelligence (AI) mode that more
firmly embeds chatbot capabilities into its search engine, aiming to give
users the experience of having a conversation with an expert.
The "AI Mode" was made available in the US on Tuesday, appearing as an
option in Google's search bar.
The change, unveiled at the company's annual developers conference in
Mountain View, California, is part of the tech giant's push to remain
competitive against ChatGPT and other AI services, which threaten to erode
Google's dominance of online search.
The company also announced plans for its own augmented reality glasses and
said it planned to offer a subscription AI tool.
------------------------------
Date: Tue, 20 May 2025 16:13:16 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Chicago Sun-Times Prints AI-Generated Summer Reading List With
Books That Don't Exist (Chicago Sun-Times)
"I can't believe I missed it because it's so obvious. No excuses," the
writer said. "I'm completely embarrassed."
https://www.404media.co/chicago-sun-times-prints-ai-generated-summer-reading-list-with-books-that-dont-exist/
[Paywalled, but clear enough. GG]
[Also noted by Matthew Kruk and Monty Solomon. PGN]
Good luck picking up the books on an unofficial summer reading list from
the Chicago Sun-Times.
Hoping to delve into the "multigenerational saga" Tidewater Dreams by
Isabel Allende, for instance? Keep dreaming. Maybe a science-driven story
like Andy Weir's The Last Algorithm is more to your taste? The algorithm
can't help you.
OK then, how about Min Jin Lee's "riveting tale set in Seoul's underground
economy," Nightshade Market? Sorry -- all you're going to find is shade.
That's because, while the authors may be real, the books don't actually
exist. And the Chicago Sun-Times is being roasted online for publishing the
AI-generated list. The paper initially couldn't explain how the piece was
published.
https://www.cbc.ca/news/world/chicago-sun-times-ai-book-list-1.7539016
------------------------------
Date: Fri, 23 May 2025 11:47:23 -0400 (EDT)
From: ACM TechNews <technews-editor@acm.org>
Subject: Vulnerability Exploitation Probability Metric Proposed by NIST, CISA
(Eduard Kovacs)
Eduard Kovacs, Security Week (05/20/25), via ACM TechNews
A cybersecurity metric developed by researchers at the U.S. Cybersecurity
and Infrastructure Security Agency (CISA) and the U.S. National Institute of
Standards & Technology (NIST) calculates the likelihood a vulnerability has
been exploited. The Likely Exploited Vulnerabilities (LEV) metric could help
estimate the comprehensiveness of KEV lists and enhance KEV -- and
EPSS-based vulnerability remediation prioritization.
------------------------------
Date: Sun, 18 May 2025 14:21:12 +0100
From: Martin Ward <martin@gkc.org.uk>
Subject: Re: Why We're Unlikely to Get Artificial General Intelligence,
Anytime Soon (NY Times)
Back in the 1940's, Turing wrote about his famous Test, and predicted that
within 20 years we would have machines as intelligent as humans.
Back in the 1960s, when AI research was just beginning, researchers
predicted that within the next 20 years we would have machines as
intelligent as humans. I remember reading some of these predictions in the
1970's and wondering...
Back in the 1980s, I read Douglas Hofstadter's brilliant book "Godel,
Escher, Bach" in which he predicted that within the next 20 years we would
have machines as intelligent as humans. At that point, I made my own
prediction: "In 20 years time people will *still* be predicting that in 20
years time we would have machines as intelligent as humans!"
Back in 2000, Ray Kurzweil (The Age of Spiritual Machines) and Hans Moravec
(Robot) proposed that perhaps even as early as 2020 to 2030 we will have
sufficient hardware complexity, as well as sufficient insights from
cognitive neuroscience (reverse engineering salient neural structure of the
mammalian brain), to create silicon evolutionary spaces that will develop
higher-level intelligence." Bill Gates says ""Twenty years from now,
predicts Ray Kurzweil, $1,000 computers will match the power of the human
brain." (http://us.penguingroup.com/static/packages/us/kurzweil/index.htm).
It seems that *my* prediction was fulfilled!
Now, in 2025, we have Sam Altman, Dario Amodei and Elon Musk saying that
artificial intelligence will "soon" match the powers of humans' brains, but
some AI researchers are finally coming around to the possibility that human
level AI may not actually be achieved with in the next ten years "At this
point, we can't tell." (Yann LeCun, the chief A.I. scientist at Meta)
Some tentative conclusions:
(1) Twenty years is just about as far ahead as anyone can imagine.
(2) "Moore's Law", observed in 1965 that computer power doubles every two
years. This "law" continued to hold for the subsequent four decades, yet
despite this huge technological gain, human intelligence is still just as
far away as it ever was. It is as if despite building bigger and bigger
ladders, we are getting no closer to Andromeda galaxy!
(3) This suggests that in reality, human intelligence is
*infinitely* far removed from machine intelligence: in other words,
that there really is some *qualitative* difference between man
and machine, and not just a quantitative gap which can be bridged
with a few more transistors and a better programming language.
You simply cannot get to Andromeda by climbing a ladder :-)
(4) In this context, the arguments about a "Technological Singularity" begin
to look more like a "reductio ad absurdum" proof that machine intelligence
will *never* surpass human intelligence. (Since the super-intelligent
machine will be able to design a still more intelligent machine, and so on
ad infinitum. Quod est absurdum).
------------------------------
From: Paul Edwards <paule@paul-edwards.com>
Date: Sun, 18 May 2025 13:44:47 +1000
Subject: Re: IBM Vibe coding
It's probably worth noting that vibe in a legal context had its earliest
documented use in Australia as early as 1997:
https://www.youtube.com/watch?v=nMuh33BMZYY
------------------------------
Date: Sun, 18 May 2025 10:03:49 -0700
From: Steve Bacher <sebmb1@verizon.net>
Subject: Re: Rogue communication devices found in Chinese solar power inverter
(RISKS-34.63)
The second URL
https://www.huschblackwell.com/newsandinsights/new-executive-order-prohibits-use-of-equipment-produced-by-foreign-adversaries-in-bulk-power-system
gets a page not found error. The correct URL appears to be:
https://www.huschblackwell.com/newsandinsights/new-executive-order-prohibits-use-of-equipment-produced-by-foreign-adversaries-in-bulk-power-systems
------------------------------
Date: Sun, 18 May 2025 17:50:58 -0400
From: Peter Calingaert <pc@cs.unc.edu>
Subject: Re: Peter's Puns (RISKS-34.63)
Puns make me numb.
Math puns make me number.
------------------------------
Date: Sat, 28 Oct 2023 11:11:11 -0800
From: RISKS-request@csl.sri.com
Subject: Abridged info on RISKS (comp.risks)
The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
comp.risks, the feed for which is donated by panix.com as of June 2011.
=> SUBSCRIPTIONS: The mailman Web interface can be used directly to
subscribe and unsubscribe:
http://mls.csl.sri.com/mailman/listinfo/risks
=> SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that
includes the string `notsp'. Otherwise your message may not be read.
*** This attention-string has never changed, but might if spammers use it.
=> SPAM challenge-responses will not be honored. Instead, use an alternative
address from which you never send mail where the address becomes public!
=> The complete INFO file (submissions, default disclaimers, archive sites,
copyright policy, etc.) has moved to the ftp.sri.com site:
<risksinfo.html>.
*** Contributors are assumed to have read the full info file for guidelines!
=> OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
delightfully searchable html archive at newcastle:
http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
Also, ftp://ftp.sri.com/risks for the current volume/previous directories
or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
If none of those work for you, the most recent issue is always at
http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-34.00
ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
*** NOTE: If a cited URL fails, we do not try to update them. Try
browsing on the keywords in the subject line or cited article leads.
Apologies for what Office365 and SafeLinks may have done to URLs.
==> Special Offer to Join ACM for readers of the ACM RISKS Forum:
<http://www.acm.org/joinacm1>
------------------------------
End of RISKS-FORUM Digest 34.64
************************
