[continued from previous message]
election," Nakasone said in August in a set of written responses to
Washington Post questions. "The Department of Defense, and CyberCommand specifically, are supporting a broader 'whole-of-government' approach to
secure our elections."
Trickbot is malware that can steal financial data and drop other malicious software onto infected systems. Cyber-criminals have used it to install ransomware, a particularly nasty form of malware that encrypts users' data
and for which the criminals then demand payment - usually in cryptocurrency
- to unlock. [...]
https://www.washingtonpost.com/national-security/cyber-command-trickbot-disrupt/2020/10/09/19587aae-0a32-11eb-a166-dc429b380d10_story.html
-or-
https://www.chron.com/news/article/Cyber-Command-has-sought-to-disrupt-the-world-s-15635373.php
------------------------------
Date: Tue, 6 Oct 2020 15:33:33 -0400
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Pennsylvania voter services website crashes as 2020 election mail
ballot deadlines loom (Inquirer)
Pennsylvania's online system for registering to vote and applying for and tracking mail ballots crashed over the weekend, triggering an outage that stretched for more than 40 hours and prompted frustration from voters weeks before critical election deadlines.
State officials managed to restore the site Monday morning and blamed the problem on an equipment failure at a data center run by an outside
contractor. They did not believe any data had been lost or that malicious physical or cyber activity was behind the outage.
https://www.inquirer.com/politics/election/pennsylvania-voter-services-website-down-outage-mail-in-ballot-november-2020-election-20201004.html
------------------------------
Date: Mon, 5 Oct 2020 12:39:33 -0400 (EDT)
From: ACM TechNews <
technews-editor@acm.org>
Subject: Clinical Trials Hit by Ransomware Attack on Health Tech Firm
(Nicole Perlroth)
Nicole Perlroth, *The New York Times*, 3 Oct 2020,
via ACM TechNews, 5 Oct 2020
Philadelphia-based software provider eResearch Technology (ERT) was hit two weeks ago by a ransomware attack that has slowed clinical trials. The
exploit started when ERT workers learned that they were locked out of their data, and clients said this forced researchers to move certain clinical
trials to pen and paper. ERT's Drew Bustos on Friday verified that
ransomware had hijacked company systems on Sept. 20, when the firm took its systems offline, called in outside cybersecurity experts, and alerted the
U.S. Federal Bureau of Investigation. Affected customers included IQVIA, the contract research organization helping manage AstraZeneca's Covid-19 vaccine trial, and drug maker Bristol Myers Squibb, which is leading a consortium in developing a rapid test for coronavirus.
https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
------------------------------
Date: Mon, 5 Oct 2020 12:39:33 -0400 (EDT)
From: ACM TechNews <
technews-editor@acm.org>
Subject: Flawed Algorithm Used to Determine UK Welfare Payments Is 'Pushing
People Into Poverty' (Thomas Macaulay)
Thomas Macaulay, *The Next Web*, 29 Sep 2020
Human Rights Watch warns a flawed algorithm for calculating monthly social security benefits in Britain is causing hunger, debt, and psychological distress. The model measures changes in their earnings to dole out payments, but the non-governmental organization said the algorithm only analyzes wages people receive within a calendar month, and ignores frequency of
payment. This means people who get multiple monthly paychecks can have their earnings overestimated, with their welfare payments dramatically reduced as
a result. Human Rights Watch's Amos Toh said, "The government's bid to
automate the benefits system--no matter the human cost--is pushing people to the brink of poverty."
https://orange.hosting.lsoft.com/trk/click?ref=znwrbbrs9_6-27559x225466x065619&
------------------------------
Date: Tue, 6 Oct 2020 00:51:56 -0400
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: 'The Wire' inspired a fake turtle egg that spies on poachers (WiReD)
Scientists 3D-printed sea turtle eggs and stuffed transmitters inside. When poachers pulled them out of nests, the devices tracked their every move.
https://www.wired.com/story/the-wire-inspired-a-fake-turtle-egg-that-spies-on-poachers/
------------------------------
Date: Tue, 6 Oct 2020 13:05:05 +0800
From: Richard Stein <
rmstein@ieee.org>
Subject: The robot shop worker controlled by a faraway human (bbc.com)
https://www.bbc.com/news/business-54232563
"It's true that the list of jobs that were once manual but which are now
done by machines with just a small amount of human oversight, or none at
all, grows ever longer.
"'When these robots are good enough, you don't necessarily want them to be remote-controlled, you want them to be automatic,' he says. 'That's when
you cut out the workers.'"
Where staff shortages for certain roles are chronic and increasingly acute,
a robot substitute may be an optimal replacement choice. Robot life cycle economics, like all machine v. human business investment decisions (employment), augurs against people engaged to perform routine and
repetitive tasks.
I recall the *Scientific American* from Sep 1982 entitled, "The
Mechanization of Work", where robotic integration into manufacturing processing, and other industries, was described. This issue also raised economic dislocation prospects as a result of robotic substitution for human participation.
https://www.scientificamerican.com/magazine/sa/1982/09-01/
Risks: Malicious tele-hack (remote or insider), computer crash, mechanical malfunction, stock damage, economic disenfranchisement.
------------------------------
Date: Fri, 2 Oct 2020 10:03:45 -1000
From: geoff goodfellow <
geoff@iconia.com>
Subject: "A friend of a friend at Google interviewed at Facebook right as
the virus hit"
Accepted new job in March. Didn't quit old job. Apparently does both
jobs at home in 55 hours/week. Neither company knows yet. Might have
reversed the [companies], not sure. I have so many thoughts on this.
https://twitter.com/arrington/status/1311520168200163328
[This is certainly RISKS-worthy! However, there might be a problem if
both companies require 100% of your IP -- unless you are not generating
any. PGN]
------------------------------
Date: Sat, 3 Oct 2020 17:08:12 -0400
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Documents Show How The LAPD Was Trained To Use Palantir (BuzzFeed)
https://www.buzzfeednews.com/article/carolinehaskins1/training-documents-palantir-lapd
------------------------------
Date: Sat, 3 Oct 2020 17:08:50 -0400
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Meet the Customer Service Reps for Disney and Airbnb Who Have to
Pay to Talk to You (ProPublica)
https://www.propublica.org/article/meet-the-customer-service-reps-for-disney-and-airbnb-who-have-to-pay-to-talk-to-you
------------------------------
Date: Sun, 4 Oct 2020 05:46:58 -1000
From: geoff goodfellow <
geoff@iconia.com>
Subject: Digital pioneer Geoff Huston apologises for bringing the Internet
to Australia (ZDNet)
*Huston says the Internet is a 'gigantic vanity-reinforcing distorted TikTok selfie' and web security is 'the punchline to some demented sick joke'. But Australia's first Privacy Commissioner thinks he's being optimistic.* [...]
https://www.zdnet.com/article/digital-pioneer-geoff-huston-apologises-for-bringing-the-internet-to-australia/
------------------------------
Date: Mon, 5 Oct 2020 16:20:10 -0400
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Psychographic Profiling cartoon (Tom Fishburne -- Marketoonist)
Psychographics are back in the news as part of the US election cycle, four years after the Cambridge Analytica scandal made the term mainstream.
This week, CB Insights published a useful primer on psychographics, which
they describe as one of the *dark arts* of social media and Internet
marketing.
https://marketoonist.com/2020/10/psychographic-profiling-2.html
------------------------------
Date: Sun, 4 Oct 2020 18:50:13 +0300
From: Amos Shapir <
amos083@gmail.com>
Subject: Re: Maryland's web-delivered ballots must be hand-copied to be
counted (RISKS-32.30)
Let me get this straight: "The process takes about five minutes per ballot"
-- so it can be converted to a form that can be counted by a machine in
0.001 second? Hasn't it occurred to anyone there that the ballots could
just be counted manually?
Someone there must be nominated for the next Ig-Nobel Prize for political sciences...
------------------------------
Date: Thu, 8 Oct 2020 13:08:47 -0400
From: Steve Klein <
steven@klein.us>
Subject: Re: Apple marches to a different beat (Baker, RISKS-32.30)
Henry Baker reported that his Mac's clock was 2-3 minutes slow, and that he couldn't see how to change the time server.
I administer a fleet of Macs, and they all use Apple time servers. Most use time.apple.com; our Macs in China use time.asia.apple.com.
Three Macs chosen at random all have clocks matching the time displayed at
https://time.gov (to within 1 second).
That website, operated by the NIST (National Institute of Standards and Technology), displays the official US time. NIST also offers NTP (Network
Time Protocol) servers available at nist.time.gov
Apple has three default time servers depending on your location:
* Apple Americas/U.S. (time.apple.com.)
* Apple Asia (time.asia.apple.com)
* Apple Europe (time.euro.apple.com)
Changing the time server on a Mac is incredibly easy:
1. Open the Date & Time preference pane (in System Preferences)
2. Click the padlock icon to unlock settings
3. Delete time.apple.com, and type or paste the address of your preferred
NTP server
Hope this helps Henry, and anyone else facing similar issues.
------------------------------
Date: 2 Oct 2020 23:09:53 -0400
From: "John Levine" <
johnl@iecc.com>
Subject: Re: Apple marches to a different beat (Baker, RISKS-32.30)
Is it just me, or do other people find that MacOS keeps their clock 2-3 *minutes* early?
It's just you.
I'm typing this on a Macbook running MacOS Catalina, and its time agrees
with my NTP synced FreeBSD server to the second.
The MacOS date and time preferences menu has an option to NTP sync to one of Apple's servers. It's turned on by default but you might check to see if somehow you turned it off.
------------------------------
Date: Sat, 3 Oct 2020 15:07:47 +0100
From: Alan Ralph <
alan@alanralph.co.uk>
Subject: Re: Apple marches to a different beat (Baker, RISKS-32.30)
I've thankfully never had this issue, which is just as well since I do two weekly radio shows for an Internet radio station, as well as occasional
online DJ shows.
I'm based in the UK, so my iMac is set to take its time signal from Apple's European time server. I'm also still on macOS Mojave, as I've been put off
by the reports of issues with Catalina.
As for what might be causing the issue that Henry is seeing, I can think of
a few possible causes:
1. A problem with whichever Apple time server Henry's Mac defaults to.
2. A problem in the time synchronisation code in the version of macOS that Henry's Mac is running.
3. Henry's ISP perhaps intercepting NTP traffic and making it go to their
time server, which is running fast.
I'll admit, the last one seems unlikely, but it's not as if ISPs have much compunction against fiddling with their customer's traffic in the past. My
gut instinct, however, is that this is more likely to be a problem at
Apple's end.
------------------------------
Date: Fri, 2 Oct 2020 16:21:25 -0500
From: "Craig S. Cottingham" <
craig@cottingham.net>
Subject: Re: Apple marches to a different beat (Baker, RISKS-32.30)
I didn't see any easy way to change the time server that this machine consults, so it remains early.
System Preferences -> Date & Time -> Date & Time tab.
Unlock (using the icon in the bottom-left corner) if necessary.
The field labeled *Set date and time automatically* looks like a simple dropdown with a set selection of options, but you can actually type in any domain name you wish.
For what it's worth, my laptop syncs with time.apple.com and has the same
time as my cell phone (which receives its date and time from my carrier) and the master clock time reported by the US Naval Observatory at
https://www.usno.navy.mil/USNO.
------------------------------
Date: Mon, 1 Aug 2020 11:11:11 -0800
From:
RISKS-request@csl.sri.com
Subject: Abridged info on RISKS (comp.risks)
The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
comp.risks, the feed for which is donated by panix.com as of June 2011.
SUBSCRIPTIONS: The mailman Web interface can be used directly to
subscribe and unsubscribe:
http://mls.csl.sri.com/mailman/listinfo/risks
SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that
includes the string `notsp'. Otherwise your message may not be read.
*** This attention-string has never changed, but might if spammers use it.
SPAM challenge-responses will not be honored. Instead, use an alternative
address from which you never send mail where the address becomes public!
The complete INFO file (submissions, default disclaimers, archive sites,
copyright policy, etc.) is online.
<
http://www.CSL.sri.com/risksinfo.html>
*** Contributors are assumed to have read the full info file for guidelines!
OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
searchable html archive at newcastle:
http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
Also,
ftp://ftp.sri.com/risks for the current volume/previous directories
or
ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
If none of those work for you, the most recent issue is always at
http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-32.00
ALTERNATIVE ARCHIVES:
http://seclists.org/risks/ (only since mid-2001)
*** NOTE: If a cited URL fails, we do not try to update them. Try
browsing on the keywords in the subject line or cited article leads.
Apologies for what Office365 and SafeLinks may have done to URLs.
Special Offer to Join ACM for readers of the ACM RISKS Forum:
<
http://www.acm.org/joinacm1>
------------------------------
End of RISKS-FORUM Digest 32.31
************************
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)