RISKS-LIST: Risks-Forum Digest Sunday 13 November 2022 Volume 33 : Issue 52

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/33.52>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>

Contents:
Internal Documents Show How Close the FBI Came to Deploying Spyware
(NYTimes)
Taking down a ransomware hacker (CBC)
A Porcelain Sink, Then Chaos: Inside the Takeover of Twitter (NTYTimes-x2) Latest Laughs on on Twitter? (Lauren Weinstein collected by PGN)
FTX Bankruptcy (NYTimes)
He was hailed as crypto's saviour. Now he needs billions for a bailout (CBC) TrustCor Systems (David Lesher)
Asteroids, climate change, killer robots: A handy guide to doomsday
scenarios (*The Washington Post*)
AI computations want 250kW densities per rack (Henry Baker)
How to get better and more reliable telecommunications services
(Fibrecoookery)
Re: The Rise of Rust (Henry Baker)
Re: Scientists Increasingly Can't Explain How AI Works (Henry Baker)
Re: Same New York lottery numbers drawn twice in one day (Martin Ward)
*Dark Ships* Emerge From the Shadows of the Nord Streaam Mystery
(Gabe Goldberg)
Re: There's a good chance Meta has your contact info. Here's how to delete
it (Anthony Thorn, Dick Mills)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Sat, 12 Nov 2022 06:47:28 -0500
From: "Jan Wolitzky" <jan.wolitzky@gmail.com>
Subject: Internal Documents Show How Close the FBI Came to Deploying Spyware
(NYTimes)

Mark Mazzetti and Ronen Bergman, *The New York Times* front page,
National Edition, 13 Nov 2022 https://www.nytimes.com/2022/11/12/us/politics/fbi-pegasus-spyware-phones-nso.html

During a closed-door session with lawmakers last December, Christopher A.
Wray, the director of the FBI, was asked whether the bureau had ever
purchased and used Pegasus, the hacking tool that penetrates mobile phones
and extracts their contents.

Mr. Wray acknowledged that the FBI had bought a license for Pegasus, but
only for research and development. ``To be able to figure out how bad guys could use it, for example,'' he told Senator Ron Wyden, Democrat of Oregon, according to a transcript of the hearing that was recently declassified.

But dozens of internal FBI documents and court records tell a different
story. The documents, produced in response to a Freedom of Information Act lawsuit brought by *The New York Times* against the bureau, show the FBI officials made a push in late 2020 and the first half of 2021 to deploy the hacking tools -- made by the Israeli spyware firm NSO -- in its own criminal investigations. The officials developed advanced plans to brief the bureau's leadership, and drew up guidelines for federal prosecutors about how the
FBI's use of hacking tools would need to be disclosed during criminal proceedings. [...]

------------------------------

Date: Thu, 10 Nov 2022 06:51:02 -0700S
From: Matthew Kruk <mkrukg@gmail.com>
Subject: Taking down a ransomware hacker (CBC)

https://www.cbc.ca/newsinteractives/features/takedown-homegrown-ransomware-hacker

An FBI investigation into a criminal ransomware gang believed to be tied to Russia led to a Canadian government employee in Gatineau, the largest cryptocurrency seizure in Canadian history and hundreds of victims around
the world.

------------------------------

Date: Sat, 12 Nov 2022 16:18:09 PST
From: Peter G Neumann <neumann@csl.sri.com>
Subject: A Porcelain Sink, Then Chaos: Inside the Takeover of Twitter
(TWO ARTICLES)

Kate Conger, Mike Isaac, Ryan Mac and Diffany Hsu
For Staff, Two Weeks of Layoffs and Panic

Ryan Mac, Benjamin Mullin, Kate Conger and Mike Isaac
Users Make a Mockery of Musk's New Service

*The New York Times*, Business, 12 Nov 2022

------------------------------

Date: Thu, 10 Nov 2022 11:53:21 PST
From: Peter Neumann <neumann@csl.sri.com>
Subject: Lauren's Latest Laughs on on Twitter?

Fake LeBron, Schefter tweets expose flaw in new paid verification system https://www.audacy.com/wqam/sports/fake-lebron-schefter-tweets-expose-flaw-in-verification

Fake Twitter accounts flock to blue check chaos https://techcrunch.com/2022/11/09/fake-twitter-blue-check-lebron-musk/

Twitter chief information security officer Lea Kissner departs:

The resignation of Lea, one of the industry's most respected and experienced persons in our field, is yet another clear signal that Twitter is rapidly rotting from within, putting users and itself at risk. There are also not
yet confirmed reports that Twitter's chief compliance officer resigned. -L https://techcrunch.com/2022/11/10/twitter-lea-kissner-departs/

After fake Twitter claim that Northern Ireland secretary resigned,
Musk makes a joke https://www.theguardian.com/technology/2022/nov/10/twitter-elon-musk-tosh-northern-ireland-secretary

Twitter Lawyer Claims Elon Musk Has Put Company At Risk Of Billions In Fines https://www.thegamer.com/twitter-lawyer-claims-elon-musk-has-put-company-at-risk-of-billions-in-fines/

Twitter's Security And Privacy Leaders Quit Amidst Musk's Chaotic Takeover https://www.forbes.com/sites/thomasbrewster/2022/11/10/twitter-security-privacy-compliance-leads-quit-elon-musk-takeover/?sh=2b3e4b1c586f

Twitter's disaster for users:
We're all (including me) getting some laughs out of Musk's Twitter
situation, but I cannot possibly emphasize enough how incredibly
dangerous the situation has become for Twitter's users.
Infrastructure, privacy, security, are all affected by layoffs and resignations. Disastrous. -L

More on Musk's Twitter disaster:
Additionally, the verification nightmare that Musk has callously
imposed is putting users in intolerable positions and supercharging disinformation. Intolerable. -L

Elon Musk's Twitter Is a Scammer's Paradise https://www.wired.com/story/twitter-blue-check-verification-buy-scams/

Twitter puts a "may be unsafe link" interstitial on a one word article
called "What Elon Musk Is Doing Right at Twitter" -- the one word is
"Nothing."
https://twitter.com/laurenweinstein/status/1591264511247327233

Musk blames "media elite" for Twitter's troubles https://twitter.com/laurenweinstein/status/1591121628804440064

A Twitter manager says laid-off engineers he's rehired are 'weak, lazy, unmotivated' https://www.businessinsider.com/twitter-manager-says-engineers-he-rehired-are-weak-lazy-unmotivated-2022-11

After Sen. Markey raises concerns about Twitter, Musk replies that
Markey's account sounds like a parody. Markey is not amused, and Musk
is behaving like an idiot. Musk could bring everything down. -L

------------------------------

Date: Sat, 12 Nov 2022 16:18:09 PST
From: Peter Neumann <neumann@csl.sri.com>
Subject: FTX Bankruptcy (NYTimes)

David Yaffe Bellany, *The New York Times*, front page, 12 Nov 2022
FTX, a Crypto Linchpin, Files for Bankruptcy:
Chief Executive Exists, Ending Chaotic Weel

Added bonus noted on the front page:
Free Money -- Why did investors hand over so much to FTX?
with so little oversight, p. B1 in the National Edition:

Erin Griffith and David Yaffe-Bellany
Questions About Crash of FTX Rise for Investors

PREVIOUSLY:
Kevin Roose, https://www.nytimes.com/2022/11/12/us/politics/fbi-pegasus-spyware-phones-nso.html
*The New York Times*, 10 Nov 2022, Business
Crypto[currency] faces a reckoning in FTX collapse

... it is already being referred to as a "Lehman moment" -- a reference
to the 2008 collapse of Lehman Brothers.

[Earlier item from LaurenW:

Crypto giant Binance drops bid to save rival, stoking chaos in digital
assets
https://www.cnn.com/2022/11/09/business/bitcoin-crypto-prices-fall-ftx-binance-ctrp/index.html
PGN]

SUBSEQUENTLY:
David Yaffe-Bellany, *The New York Times*, p.27, National Ed., 13 Nov 2022 Crypto Giant FTX Investigating $515 Million in Transfers After Collapses https://www.nytimes.com/2022/11/12/business/ftx-cryptocurrency-hack.html

------------------------------

Date: Thu, 10 Nov 2022 21:15:15 -0700
From: Matthew Kruk <mkrukg@gmail.com>
Subject: He was hailed as crypto's saviour. Now he needs billions for a
bailout (CBC)

https://www.cbc.ca/news/canada/british-columbia/ftx-cryptocurrency-bailout-bankman-fried-1.6647478

Last week, California billionaire Sam Bankman-Fried was touted as a key
figure in cryptocurrency -- even a saviour. Today, amid a series of
apologetic tweets, he said "I f--ked up" after his cryptocurrency exchange
bled billions of dollars. His FTX exchange is now scrambling to raise $9.4 billion US from both investors and rivals, as customers rush to withdraw
their funds.

------------------------------

Date: Wed, 9 Nov 2022 23:42:33 -0500
From: David Lesher <wb8foz@panix.com>
Subject: TrustCor Systems

"Google's Chrome, Apple's Safari, nonprofit Firefox and others allow the company, TrustCor Systems, to act as what's known as a root certificate authority, a powerful spot in the Internet's infrastructure that guarantees websites are not fake, guiding users to them seamlessly.

The company's Panamanian registration records show that it has the identical slate of officers, agents and partners as a spyware maker identified this
year as an affiliate of Arizona-based Packet Forensics, which public contracting records and company documents show has sold communication interception services to U.S. government agencies for more than a decade."

<https://www.washingtonpost.com/technology/2022/11/08/trustcor-internet-addresses-government-connections/>

[David Rosenthal noted an earlier item on David Farber's IP distribution
via Dewayne Hendricks, excerpted here:

Mysterious company with government ties plays key internet role
TrustCor Systems vouches for the legitimacy of websites. But its physical
address is a UPS Store in Toronto.
Joseph Menn, WashPost, 8 Nov 2022 <https://www.washingtonpost.com/technology/2022/11/08/trustcor-internet-addresses-government-connections/>
PGN]

------------------------------

Date: Sun, 13 Nov 2022 15:46:04 -0500
From: "Gabe Goldberg" <gabe@gabegold.com>
Subject: Asteroids, climate change, killer robots: A handy guide to
doomsday scenarios (*The Washington Post*)

A guide to contemporary doomsday scenarios — from the threats you know about to the ones you never think of

Author: A few days before NASA tried to crash a spacecraft into an asteroid
as part of what it called the Double Asteroid Redirection Test, I talked to Lindley Johnson, the agency’s planetary defense officer. I think we can all agree that this sounds like an important job.

https://www.washingtonpost.com/magazine/2022/11/07/doomsday-scenarios-asteroids/

Should be enough risks here for any riskophile.

------------------------------

Date: Sat, 12 Nov 2022 15:51:13 +0000
From: Henry Baker <hbaker1@pipeline.com>
Subject: AI computations want 250kW densities per rack

250kW per rack ! The average home uses 29kWh per day, for an average of
1.2kW, so a single rack would consume the power of 200 homes.

A large data center can have 5,000 racks; hence might require *four* small nuclear reactors to power it !

These are terrifying numbers.

And we thought that cryptomining calculations were going to ruin the planet...

The average human brain requires perhaps 0.1kW, so a single rack consumes
the "brainpower" of 2500 people; a large datacenter consumes the
"brainpower" of 12.5 million people -- the population of greater Los
Angeles.

It's time we thought about moving these datacenters to remote places, e.g.,
in the middle of the Pacific Ocean, in outer space orbit, on the far side of the Moon.

Tobias Mann Tue 8 Nov 2022 // 00:30 UTC https://www.theregister.com/2022/11/08/colovore_liquidcooled_datacenter/
AI and HPC deployments means propping up 250kW densities per rack
The all liquid-cooled colo facility rush has begun.

[Long item PGN-truncated.]

------------------------------

Date: Sat, 12 Nov 2022 04:55:12 -0800
From: Rob Slade <rslade@gmail.com>
Subject: How to get better and more reliable telecommunications services
(Fibrecoookery)

[Unauthored blog:] https://fibrecookery.blogspot.com/2022/11/peoplenet-or-populistnet.html

I suppose that you can blame Telus for this, and, if they go out of
business, it's their own fault. I did tell them: Do not annoy grieving widowers. They have lots of time to create and detail new ideas that may
drive you out of business if you're not providing actual service to your customers.

Ever since I've thought of this, I have felt that it would be a really good idea to drive the telephone and telecommunications companies (generally
known as telcos) out of business. After all, they make tons of money, and
make huge profit margins on, what is currently, very little outlay.

The telecommunications companies have a near monopoly. They use this to
ensure that they have large profits, for relatively little effort and
expense. We do not need the telephone companies. Okay, there is the issue
of long distance, but there are ways around that. Or, we can simply set up
new long distance companies, and let them know that provision of service is
not actually necessary to most of our communications.

[Long but fascinating personal-experience-based Blog item PGN-truncated.]

------------------------------

Date: Thu, 10 Nov 2022 17:14:58 +0000
From: Henry Baker <hbaker1@pipeline.com>
Subject: Re: The Rise of Rust (R-33.51)

I love Rust, but my love is tough love.

The referenced Wired article focuses on Rust's guarantees of memory
safety. Memory safety has been a solved problem since the 1950's, with the invention of reference counting and tracing garbage collection. With the development of *real-time* garbage collection in 1976, it has been theoretically possible to do system programming in a garbage- collected language for nearly half a century. I leave it to others to explain why it
has taken so long for the CS industry to accept memory safety as a
fundamental requirement.

https://en.wikipedia.org/wiki/Garbage_collection_(computer_science)

The ubiquity of Javascript in every web page has now made memory
safety an absolute must, and Javascript's garbage collector has taught
new generations of software engineers about this solution to memory
safety.

However, Javascript (with the exception of WASM) is not a compiled
system programming language like C/C++, and therefore not a suitable replacement for C/C++. Enter a number of new "safe" systems
programming languages, including Rust.

Rust inherits a more modern and far more powerful *type system*
from so-called "functional" languages, which enables many of the
overheads for memory safety to be moved to compile time. In
particular, Rust's so-called "affine" types with their "move" and
"borrow" semantics enable *some* of the overheads of reference
counting to be moved to compile time.

The interaction of *memory safety* with *multiple threads* and *crash consistency* required in a systems programming language place very
severe requirements on the type system and runtime system of a system
remain open to significant criticism IMHO.

Rust's "affine types" abandon the fundamental "object identity" axiom of computer SW (HW since the 1950s) "address IS identity". All of the
datapaths, caches, speculations, etc., found in modern CPU architectures are dedicated to preserving this axiom. Rust's "everything is movable (its
address can change)" destroys this identity, and thus the fundamental mental models of millions of programmers and CPU designers.

[A technical note: as the developer of a "copying garbage collector", where everything can (and eventually will) move, my criticism of Rust's affine
types could be seen as hypocritical. Nevertheless, a copying garbage
collector still needs to rely on "address IS identity" for "forwarding pointers" *during* an epoch of the CGC; Rust makes the implementation of a copying GC *inside safe Rust* essentially impossible.]

An alternative (and more fundamental) typing model utilizes "linear" types
and objects, where "linear" essentially means "refcount = 1". It is
possible to implement "affine" types using "linear" types, but the reverse
is apparently impossible. For example, so long as its "refcount = 1",
*moving* a "small" object is safe, trivial, lockfree and inexpensive.

Rust's interactions of multiple threads, memory safety and crash consistency are still not very clean. The specification of what is an "atomic" action (*indivisible* w.r.t. thread switches, interrupts, and crashes) is still not particularly perspicuous in Rust.

We are not yet in an era where Rust is a result of ACID.

https://en.wikipedia.org/wiki/ACID

------------------------------

Date: Thu, 10 Nov 2022 15:11:02 +0000
From: Henry Baker <hbaker1@pipeline.com>
Subject: Re: Scientists Increasingly Can't Explain How AI Works (R-33.51)

Don't rain on the AI parade!

AI is currently an infinite source of CS theses: develop/train an AI model
to do X; then another student thesis pokes holes in that AI model in order
to 'hack' it.

The wonderful thing: the student/developer doesn't have to *think*; just
find a sufficiently large database and use multiple bitcoins' worth of
CPU/GPU cycles to do your thinking for you!

Re: "Most AI systems are black box models"

That's their *advantage*! You develop an AI model to determine who gets
bail, who gets parole, who gets 911 service, who gets a loan, who gets
admitted into your college, and *no person (or politician) is at fault*.

We love AI not because of its superior performance, but because it is the ultimate scapegoat (scAIpegoat ??).

My favorite AI example: train an AI to recognize a single 256-bit number
chosen `at random' (https://xkcd.com/221/). The chances of including that particular number in "randomly chosen" training samples is effectively zero,
so my AI model gives you a constant function *no*. It's correct for nearly
all universes, and therefore good enough for government work.

"... Computer scientists don't have to worry about the world. They don't
have to develop theories of the world and then build tools to test it.
Rather, they just build tools to satisfy their own worlds. Ask a computer
science graduate student what his or her thesis is and the best they can
answer is that the program or machine they are working on will be a good
thing to have..."

-- Chuck Thacker, in "Fumbling the Future: How Xerox Invented,
Then Ignored, the First Personal Computer"
https://amzn.to/3EmrlH4

------------------------------

Date: Thu, 10 Nov 2022 13:50:50 +0000
From: Martin Ward <martin@gkc.org.uk>
Subject: Re: Same New York lottery numbers drawn twice in one day (R-33.51)

Getting the same five numbers twice in one day is described as a 1 in 330 billion chance, but the odds of guessing the five numbers correctly are
given as 1 in 575,757.

To get the same five numbers twice in one day simply requires that the
machine doing the evening draw simply has to *win the lottery* for the
midday draw: so the actual chance of getting the same numbers twice for a particular lottery on a particular day is simply 1 in 575,757. Given the
number of city, state and national lotteries and the number of days in a
year, such an event is likely to happen in a few years. For example, if
there are 100 lotteries then there is around a 50% chance of duplicate
numbers occurring some time within 10 years.

Here's where it gets a bit more interesting: *The New York Post* article
says ``Thursday's drawing for the game amazingly yielded the numbers 18, 21, 30, 35, and 36 during both the midday and evening drawings --the odds of
which experts put at more than 1 in 330 billion.''

Now, technically, this is correct: the odds of getting *that particular sequence of numbers* twice on that particular day with that particular
lottery are indeed 330 billion to 1. But the first draw had to have *some*
set of numbers: so drawing the same set of numbers twice in the same day is
not the same as drawing a specified set of numbers twice in one day.

Did the journalist knowingly mislead their readers by writing something technically correct, knowing that it would be interpreted as saying
something about getting the same numbers twice in a row? Or did the
journalist mis-calculate and not notice their absurdly inaccurate result because humans have difficulty in comprehending really large numbers?

If there was a verified written prediction which read: ``On Thursday 27th October the New York Lottery numbers will be 18, 21, 30, 35, 36 on both the midday and evening draw'', then that prediction would have a 1 in 331
billion probability of being correct by chance.

But the chance of the evening drawing matching the midday drawing is the
same as the chance of your numbers matching the midday drawing, which is the same as the chance of winning the jackpot.

If the chance of winning the jackpot ($37,206 prize fund total for Thursday evening) was really 330 billion to 1, then it is extremely unlikely that
anyone would ever win and I think most people would give up playing!

So you don't need to know anything about how many numbers are drawn or what
the range of numbers are in order to deduce that the *1 in 330 billion
chance of duplicate numbers on the same day* just *cannot* be correct.

[Amos Shapir came up with similar reasoning. PGN]

------------------------------

Date: Sun, 13 Nov 2022 14:47:26 -0500
From: "Gabe Goldberg" <gabe@gabegold.com>
Subject: *Dark Ships* Emerge From the Shadows of the Nord Streaam Mystery
(WiReD, re: R-33.50)

Satellite monitors discovered two vessels with their trackers turned off in
the area of the pipeline prior to the suspected sabotage in September.

https://www.wired.com/story/nord-stream-pipeline-explosion-dark-ships/

------------------------------

Date: Sat, 12 Nov 2022 09:33:04 +0100
From: "Anthony Thorn" <anthony.thorn@atss.ch>
Subject: Re: There's a good chance Meta has your contact info. Here's how to
delete it. (R-33.51)

Read the small print!

I was delighted to read the Washable item, telling me that I can delete
Meta's contact information. (I am not a Meta user.)

Sure enough Meta has my information.

Well I *was* delighted *until* I read *Information for people who don't use Meta Products* -- https://www.facebook.com/help/637205020878504
-- where I learned that:
``We retain Non-User's personal information for as long as needed...
*including after you ask us to erase it.*
This includes for legal reasons ...''

and for those of us living in the EU, and who assume some level of privacy protection:

``*Non-Users'* information will be transferred or transmitted to, or stored
and processed in, the United States or other third countries outside of
where they live for the purposes described in this Data Notice.''

So there!

------------------------------

Date: Sun, 13 Nov 2022 09:31:32 -0500
From: Dick Mills <dickandlibbymills@gmail.com>
Subject: Re: There's a good chance Meta has your contact info. Here's how to
delete it. (R-33.51)

I tried that. I never gave Meta my contact info, but I'm suspicious that
they might have found it other ways.

But I did not use the Mashable link. I searched the help on FB. When I
got to the removal tool, it asked for a number or email to send a
confirmation code to verify my identity. I did that, but the code never arrived. No explanation or error appeared. Hmmm.

- Could Meta use this tool for phishing to collect your contact info if
it doesn't already have it?
- Might two-factor confirmation codes on other sites be used for
phishing?
- Could Meta be protecting us against bad guys who might trick Meta into
sending messages to my contacts?
- Might it be that the tool doesn't work if Meta never had your contact
info in the first place as a security measure? A code can't verify my
identity if Meta doesn't know my number or email.

So, now I fear that I have been phished. Worse; I have never used my real name on FB, but now I fear that I just revealed a way to link my identity
to my FB username.

Resistance is futile. :-(

------------------------------

Date: Mon, 1 Aug 2020 11:11:11 -0800
From: RISKS-request@csl.sri.com
Subject: Abridged info on RISKS (comp.risks)

The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
comp.risks, the feed for which is donated by panix.com as of June 2011.

SUBSCRIPTIONS: The mailman Web interface can be used directly to

subscribe and unsubscribe:
http://mls.csl.sri.com/mailman/listinfo/risks

SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that

includes the string `notsp'. Otherwise your message may not be read.
*** This attention-string has never changed, but might if spammers use it.

SPAM challenge-responses will not be honored. Instead, use an alternative

address from which you never send mail where the address becomes public!

The complete INFO file (submissions, default disclaimers, archive sites,

copyright policy, etc.) is online.
<http://www.CSL.sri.com/risksinfo.html>
*** Contributors are assumed to have read the full info file for guidelines!

OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's

searchable html archive at newcastle:
http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
Also, ftp://ftp.sri.com/risks for the current volume/previous directories
or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
If none of those work for you, the most recent issue is always at
http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-33.00
ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
*** NOTE: If a cited URL fails, we do not try to update them. Try
browsing on the keywords in the subject line or cited article leads.
Apologies for what Office365 and SafeLinks may have done to URLs.

Special Offer to Join ACM for readers of the ACM RISKS Forum:

<http://www.acm.org/joinacm1>

------------------------------

End of RISKS-FORUM Digest 33.52
************************

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)