The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 27 Issue 94

Saturday 24 May 2014


Full Report on Estonian Internet voting
J. Alex Halderman
Voting in Australia
After you, my dear Alphonse: 2000 new French trains too large
Kim Willsher via Henry Baker
Faster, better, cheaper, redux: Federal Health IT safety?
Robert L Wears
Merits of effective disaster recovery—or, Emory Univ wipes all Windows systems by accident
Jon Kuroda via Al Stangenberger
In the future, the robots may control you, and Silicon Valley will control them
Dan Gillmor via Dave Farber
Where did all the risk takers go?
Tony Wasserman
Stanford Engineer Invents a Way to Beam Power to Medical Chips Deep Inside the Body
Tom Abate
Pre-Play Vulnerability Allows Chip-and-PIN Payment Card Cloning
David Farber
Sawing away on discrete logs
Henry Baker
TCAS Works as Intended; ATC not so much
Bob Gezelter
Inside the US government's war on tech support scammers
Ars Technica
Organic Cat Litter Chief Suspect In Nuclear Waste Accident
Doug Hosking
Out in the Open: Inside the Operating System Edward Snowden Used to Evade the NSA
Klint Finley
The Most Interesting Revelations From Frontline's Powerful Expose of NSA
Paul Szoldra
Airbnb Will Hand Over Host Data to New York
Monty Solomon
Four Words Going Bye-Bye
Thomas Friedman via Monty Solomon
Re: Forged SSL Certs
Jonathan S. Shapiro
Re: German Green Energy, also Car 'Dash Cams'
Chris Drewe
Re: Germany Sets New Record ...
Thomas Brooks
Larry Sheldon
Remember to Forget
Maureen Dowd via Monty Solomon
Re: The 'right to be forgotten'
Peter Bernard Ladkin
Lauren Weinstein
More on the 'right to be forgotten'
Peter Bernard Ladkin
Info on RISKS (comp.risks)

Full Report on Estonian Internet voting

"J. Alex Halderman" <>
Mon, 19 May 2014 14:32:30 +0300
Here's our full technical report on the Estonian system.  [The previous item
in RISKS had only the video and executive summary online.  PGN]

Comments and feedback welcome.

  [PGN adds the following:]

  This is a milestone report, probably the most detailed and in-depth
  investigation of any Internet voting system to date. The authors describe
  numerous operational security flaws discovered during their observation of
  an election in Tallinn last October.  They also discovered several
  architectural weaknesses in the system that they were able to exploit in a
  lab-created near-duplicate of the Estonian voting system. They conclude
  that a well-funded and determined attacker such as a criminal organization
  or a nation state would be able to compromise an Estonian election in
  multiple ways, bypassing the various protections in place, including the
  national ID card system and the smart phone vote verification
  system. These attacks would most likely go completely undetected.

  After the European Parliament elections going on now, the authors plan to
  release the code they used in their laboratory exploits.

Voting in Australia

<Peter Neumann on behalf of a contributor>
Fri, 23 May 2014 01:44:34 +0000

They have mentioned many issues (but many issues still remain).  So there is
nothing in there to reassure the person this system will work.  There is
still the belief of 'near enough be considered acceptable'.  And, what if
power goes down?!

  [Once again, see my CACM Inside Risks articles on the good (supposedly
  the best is its enemy) that is not good enough, while NOTHING should be
  expected to be perfect.

After you, my dear Alphonse: 2000 new French trains too large (Kim Willsher)

Henry Baker <>
Wed, 21 May 2014 05:46:55 -0700
FYI—I've heard of "fat-tail risks", but we now have "fat-train risks" ?
SNCF introduces their new "Widette" Train.

The new SNCF train passing protocol:

"After you, Alphonse.", "No, you first, my dear Gaston!"

Kim Willsher in Paris,, Wednesday 21 May 2014

French railway operator SNCF has ordered 2000 new trains that are too big
for many of the stations they are expected to serve.  SNCF's failure to
verify measurements is expected to result in cost of 50m euros to modify
1,300 platforms, as this affects one-sixth of the regional stations.
  [The text that Henry included is somewhat different from what is now at
  the above URL.  I have tried to adapt in what I include here. PGN-ed]

  [Also noted by Nico Chart: ]

Faster, better, cheaper, redux: Federal Health IT safety

"Robert L Wears, MD, MS, PhD" <>
Tue, 20 May 2014 17:31:51 -0400
After NASA's experience with a "Faster, Better, Cheaper" strategy ended in a
couple of celebrated failures, one would hope at the very least that no one
would use that slogan, much less that strategy again, especially with
respect to computer-related risks.

But no.  See the FBC hopes for the yet-to-be-created Federal Health IT
safety center:,26#.U3vBsShaZL0

While FBC, (which in its original form, included the idea that it's okay to
fail) might be a reasonable strategy for experimental systems, it seems a
bad one for production systems, raising the threat that our health IT
program is re-enacting the same problem that brought us Challenger --
mistaking an experimental technology for an operational one.

Robert L Wears, MD, MS, PhD, University of Florida Imperial College London 1-904-244-4405

Merits of effective disaster recovery—or, Emory Univ wipes all Windows systems by accident (Jon Kuroda)

Al Stangenberger <>
Fri, 16 May 2014 19:30:43 -0700
  Originally from: jon kuroda <>

Sometimes, the disaster in "disaster recovery scenario" is not some external
event like a hurricane or earthquake, but an "own goal", a disaster
perpetrated by one's own systems.

Short Version:

Windows 7 image deployed to all of Emory University's managed windows
systems—laptops, desktops and servers. Including the Microsoft System
Center Configuration Manager system that itself was used to deploy the

Recovery is now in its 2nd day.  I guess it could have been worse.

"A Windows 7 deployment image was accidentally sent to all Windows machines,
including laptops, desktops, and even servers. This image started with a
repartition / reformat set of tasks.

As soon as the accident was discovered, the SCCM server was powered off.
However, by that time, the SCCM server itself had been repartitioned and

Restoration of servers began immediately, but the process took far longer
than expected.  We have been using consultants to help validate the health
of the SCCM servers and that work only completed last night.

So, we were without our preferred methods for deploying images to
desktops/laptops all yesterday and relied on older methods—USB + Ghost,
LANDesk (we still had our old LANDesk server) + PXE.  These methods required
a lot of manual work plus our success was uneven with them.

Today we are pausing—briefly this morning—to see if we can now use our
preferred method, SCCM. This will allow us to have a one-touch method for
restoring desktops/laptops to a production ready state."

  [danny burstein commented:
     It's probably a good idea to chack that it shouldn't reimage and reboot
  Also noted by Drew Dean and Gabe Goldberg at Slashdot:

In the future, the robots may control you, and Silicon Valley will control them (Dan Gillmor)

"David Farber via ip" <>
Thu, 22 May 2014 10:59:43 PDT
Welcome to the horror show that is the 'Internet of things' --
hyper-intelligent software, vulnerable hardware ... and a whole new level of
privacy invasio Technology leaders loathe regulation, but now they're
practically begging for it.

Dan Gillmor, *The Guardian*, 13 May 2014

The "Internet of things" is turning into Silicon Valley's latest mania.  At
first glance, it is a trend with great appeal, enough to become something
more than a trend and a true revolution: a world in which everything we
touch and use has an embedded intelligence and memory of its own, and all of
it is connected by way of digital networks.

What's missing from this rosy scenario? Plenty—because security and
privacy seem to be mostly an afterthought as we embed and use technology in
our physical devices. Which means the Internet of things could easily turn
into a horror show.

Much of the coverage of the IoT (as some abbreviate it) has been of the
"gee-whiz, isn't this great?" variety, and why not? The possibilities are
truly dazzling. The IoT would encompass our homes, our cars, our offices,
our agricultural fields and more. Over time, most Internet traffic would
consist of one machine talking to another, handling micro-tasks that could
collectively add up to vast efficiencies and convenience for humans. ...

Where did all the risk takers go?

Tony Wasserman < <javascript:;>>
Sunday, March 23, 2014
  [Via Dave Farber. This seems very relevant to RISKS.  PGN]

It's my opinion that many of today's risk takers are seeking money from
private sources, and may well be outside the academic environment. Chris
Lee refers to a "major grant worth 200-500 thousand dollars".  While it's
nice to have such a grant, it doesn't go very far, and it pales next to the
funds available from corporate sponsors, foundations, angel investors, and
huge awards like the XPrizes.  In computer science, companies such as
Microsoft and Google (just to name two) have grant programs that can
support initial high-risk research. In all of these cases, the turnaround
time for a funding decision is much shorter than the time that it usually
takes to gain approval and funding from traditional government grant
sources.  That allows the scientist to spend more time focusing on the
problem and less on writing proposals that conform to a funding agency's

An important difference between this type of private funding and
traditional grant funding is the absence of peer review, which may or may
not be a good thing.  I've been on grant committees where there is only
enough funding to support a tiny percentage of the proposals.  In those
cases, the "winners" were established researchers from well-known
institutions who were taking the next step in a multi-year project.
 Innovative ideas tended to get mixed review scores, and ended up somewhere
in the middle of the heap, with no one willing to advocate strongly for
them. Thus, they were not funded.

In the private realm, the researcher may only have to convince a single
wealthy person of the merits of an idea.  That's an approach that goes back
centuries, where scientists had their sponsors and patrons.  Today, we also
have crowdfunding tools such as and where
researchers can request and assemble small donations to support their work.

Speaking personally, my family has donated [a small amount] to the UCSF
Foundation to help sponsor some research that is important to us.  We know
where the money is going, how it will be used, and can easily follow the
research progress. The professor/physician who received this money was able
to put it to use right away to fund a post-doc. So maybe more of us on the
IP list should consider donating $10-20K to a "young researcher" doing
"risky research" and thus create a workaround to avoid the challenges of
the current grant process.

> Where did all the risk takers go?
> Has the system driven risk takers out of scientific research?
> By Chris Lee
> Mar 23 2014
> <>

Stanford Engineer Invents a Way to Beam Power to Medical Chips Deep Inside the Body (Tom Abate)

"ACM TechNews" <>
Wed, 21 May 2014 13:01:32 -0400 (EDT)
Stanford Report (CA) (05/19/14) Tom Abate
via ACM TechNews, Wednesday, 21 May 2014

An interdisciplinary team of Stanford University researchers, led by
professor Ada Toon, has developed a wireless system that uses the same power
as a cell phone to safely transmit energy to chips the size of a grain of
rice, technology they say paves the way for new 'electroceutical' devices to
treat illness or alleviate pain.  The system can wirelessly transfer power
deep inside the body, and then use this power to run tiny electronic medical
devices such as pacemakers, nerve stimulators, or new sensors.  The
researchers say the technology could lead to a new type of medicine that
enables physicians to treat diseases with electronics rather than drugs.
"We need to make these devices as small as possible to more easily implant
them deep in the body and create new ways to treat illness and alleviate
pain," Poon says.  She says the research will result in a new generation of
programmable micro-implants, based on a new way to control electromagnetic
waves inside the body.  The researchers combined the safety of near-field
waves with the reach of far-field waves by taking advantage of the fact that
waves travel differently when they come into contact with different
materials such as air, water, or biological tissue.

Pre-Play Vulnerability Allows Chip-and-PIN Payment Card Cloning

"David Farber via ip" <>
Wed, 21 May 2014 20:47:46 -0400

  [Note the Anderson-Murdoch article I mentioned earlier on this subject
  is now online:

Sawing away on discrete logs

Henry Baker <>
Sat, 17 May 2014 17:20:24 -0700
FYI—Upon perusal of the referenced paper (link below), this new discrete
log algorithm appears more practical than the article below suggests.

It would be prudent to move smartly to replace these types of crypto

The biggest risk is for systems that can't be easily upgraded with software
updates--e.g., crypto hardwired into international standards, hardware-based
systems, implanted medical devices, etc.

Algorithmic improvements of this type are "black swan" events, which can
instantly wipe out entire crypto systems, much like the dinosaurs were wiped
out by a single asteroid hit.  As Dan Geer has pointed out numerous times,
the security ecosystem needs *diversity* to allow at least some systems to
remain standing after such a black swan event.  Software systems also need
to be flexible enough to quickly failover to backup crypto protocols.

"Perfect Forward Secrecy" is even more important, so that previously
compromised traffic doesn't threaten future traffic.

New algorithm shakes up cryptography, CNRS, 15 May 2014

"A quasi-polynomial algorithm for discrete logarithm in finite fields of
small characteristic"
461 KB (471,719 bytes)


Researchers have solved one aspect of the discrete logarithm problem.  This
is considered to be one of the 'holy grails' of algorithmic number theory,
on which the security of many cryptographic systems used today is based.
They have devised a new algorithm that calls into question the security of
one variant of this problem, which has been closely studied since 1976.

Researchers at the Laboratoire Lorrain de Recherches en Informatique et ses
Applications (CNRS/Université de Lorraine/Inria) and the Laboratoire
d'Informatique de Paris 6 (CNRS/UPMC) have solved one aspect of the discrete
logarithm problem.  This is considered to be one of the 'holy grails' of
algorithmic number theory, on which the security of many cryptographic
systems used today is based.  They have devised a new algorithm (1) that
calls into question the security of one variant of this problem, which has
been closely studied since 1976.

This result, published on the site of the International Association of
Cryptologic Research and on the HAL open access archive, was presented at
the international conference Eurocrypt 2014 held in Copenhagen on 11-15 May
2014 and published in Advances in cryptology.  It discredits several
cryptographic systems that until now were assumed to provide sufficient
security safeguards.  Although this work is still theoretical, it is likely
to have repercussions especially on the cryptographic applications of smart
cards, RFID chips (2), etc.

To protect confidentiality of information, cryptography seeks to use
mathematical problems that are difficult to solve, even for the most
powerful machines and the most sophisticated algorithms.

The security of a variant of the discrete logarithm, reputed to be very
complex, has been called into question by four researchers from CNRS and the
Laboratoire d'Informatique de Paris 6 (CNRS/UPMC), namely Pierrick Gaudry,
Razvan Barbulescu, Emmanuel Thomé and Antoine Joux (3).  The algorithm
they devised stands out from the best algorithms known to date for this
problem.  Not only is it significantly easier to explain, but its complexity
is also considerably improved.  This means that it is able to solve
increasingly large discrete logarithm problems, while its computing time
increases at a far slower rate than with previous algorithms.  The
computation of discrete logarithms associated with problems that are
deliberately made difficult for cryptographic applications is thus made
considerably easier.

Since solving this variant of the discrete logarithm is now within the
capacity of current computers, relying on its difficulty for cryptographic
applications is therefore no longer an option.  This work is still at a
theoretical stage and the algorithm still needs to be refined before it is
possible to provide a practical demonstration of the weakness of this
variant of the discrete logarithm.  Nonetheless, these results reveal a flaw
in cryptographic security and open the way to additional research.  For
instance, the algorithm could be adapted in order to test the robustness of
other cryptographic applications.

(1) A method consisting in a series of instructions that enables a computer
    to solve a complex problem.

(2) An RFID chip is a computer chip coupled with an antenna that enables it
    to be activated at a distance by a reader and to communicate with it.

(3) Antoine Joux, who was attached to the Laboratoire Parallélisme,
    Réseaux, Systèmes, Modélisation (PRISM) (CNRS/UVSQ) at the time
    of open access publication, is currently a researcher at the Laboratoire
    d'Informatique de Paris 6 (CNRS/UPMC) and has since obtained the Chair
    of Cryptology at the Fondation UPMC.

Story Source:

The above story is based on materials provided by CNRS.  Note: Materials may
be edited for content and length.

Journal Reference:

Razvan Barbulescu, Pierrick Gaudry, Antoine Joux, Emmanuel Thom.  A
Heuristic Quasi-Polynomial Algorithm for Discrete Logarithm in Finite Fields
of Small Characteristic.  Advances in Cryptology, EUROCRYPT 2014, Lecture
Notes in Computer Science, Volume 8441, 2014, pp 1-16 DOI:

TCAS Works as Intended; ATC not so much

"Bob Gezelter" <>
Sun, 18 May 2014 07:59:06 -0700
On April 25, United 1205 was at its cruising altitude of 33,000 feet, 200
miles east of Kona on a flight to Los Angeles when a TCAS warning
occurred. Reportedly, the other aircraft was a (presently unidentified) US
Airways 757. According to the CNN article, both flights had been routed at
the same flight level, though they were heading in opposite directions.
TCAS reportedly functioned as intended, and the operating pilot immediately
descended to eliminate the conflict. The more interesting question is: Why
were two airliners, on opposing courses, reportedly ordered to the same
flight level.  Mr. Townsend's essay recounting the first person experience,
and his research into the details can be found at: The CNN report can be found at: -
Bob Gezelter,

Inside the US government's war on tech support scammers

Lauren Weinstein <>
Sun, 18 May 2014 18:27:07 -0700
(Ars Technica via NNSquad):

  "The Defendants operate a massive scheme that tricks consumers into
  spending approximately $139-$360 to fix non-existent problems with their
  computers," the complaint alleged.  Those fees added up to serious revenue
  for PCCare247. In just one year, from October 2010 to September 2011, $4
  million had been deposited in the two main PCCare247 bank accounts-and
  that was just from US residents.

Organic Cat Litter Chief Suspect In Nuclear Waste Accident

"Doug Hosking" <>
Fri, 23 May 2014 15:13:53 -0700
We worry so much about the high tech side of things when sometimes it's the
little things that matter most.

Out in the Open: Inside the Operating System Edward Snowden Used to Evade the NSA (Klint Finley)

"Dewayne Hendricks" <>
May 17, 2014 4:02 PM
Klint Finley, *WiReD*, 14 Apr 2014

When NSA whistle-blower Edward Snowden first emailed Glenn Greenwald, he
insisted on using email encryption software called PGP for all
communications.  But this month, we learned that Snowden used another
technology to keep his communications out of the NSA's prying eyes.  It's
called Tails. And naturally, nobody knows exactly who created it.

Tails is a kind of computer-in-a-box. You install it on a DVD or USB drive,
boot up the computer from the drive and, voila, you're pretty close to
anonymous on the Internet. At its heart, Tails is a version of the Linux
operating system optimized for anonymity. It comes with several privacy and
encryption tools, most notably Tor, an application that anonymizes a user's
Internet traffic by routing it through a network of computers run by
volunteers around the world.

Snowden, Greenwald and their collaborator, documentary film maker Laura
Poitras, used it because, by design, Tails doesn't store any data locally.
This makes it virtually immune to malicious software, and prevents someone
from performing effective forensics on the computer after the fact. That
protects both the journalists, and often more importantly, their sources.

“The installation and verification has a learning curve to make sure it is
installed correctly, But once the set up is done, I think it is very easy to
use.''  Poitras told WIRED by e-mail.

An Operating System for Anonymity

Originally developed as a research project by the U.S. Naval Research
Laboratory, Tor has been used by a wide range of people who care about
online anonymity: everyone from Silk Road drug dealers, to activists,
whistleblowers, stalking victims and people who simply like their online

Tails makes it much easier to use Tor and other privacy tools. Once you boot
into Tails (which requires no special setup). Tor runs automatically.  When
you're done using it, you can boot back into your PC's normal operating
system, and no history from your Tails session will remain. ...

The Most Interesting Revelations From Frontline's Powerful Expose of NSA

Dewayne Hendricks <>
May 23, 2014 at 12:49:57 PM EDT
[Note: You can find the two part 'Frontline' documentary plus other
supplementary material online here:
<> Worth
watching and checking out the PBS 'Frontline' site.  DLH]

 The Most Interesting Revelations From Frontline's Powerful Exposé of The
National Security Agency
Paul Szoldra, *Business Insider*, 20 May 2014

If you want the complete picture surrounding Edward Snowden and the National
Security Agency, PBS' Frontline documentary "United States of Secrets" is
where you should start.

While journalist Glenn Greenwald has promised many more leaks to come from
the ex-NSA contractor, this two-part series reveals context, interviews with
many more whistleblowers in the national security state, and the back story
that brought us to the front page stories of mass surveillance with the aid
of Silicon Valley heavyweights.

"This is as close to the complete picture as anyone has yet put together,"
veteran Frontline filmmaker Michael Kirk said in a statement. "And it's
bigger and more pervasive than we thought."

Part one, which aired on May 13, detailed "the program" that emerged shortly
after Sept. 11, with whistleblowers describing a surveillance operation that
turned from foreign targets into a domestic dragnet.

In part two, which Business Insider screened prior to tonight's airing on
PBS, the series explores the secret relationship between the NSA and Silicon
Valley tech companies, and how they have often worked in tandem to gather
and warehouse personal data.

It's a thrilling and disturbing documentary, featuring interviews with a
remarkable amount of the key players. You should definitely watch it, as
these three anecdotes from part two of the series are just a small piece of
the overall picture:

In 2003, an AT&T technician discovered a secret room being used to copy all
Internet traffic coming through his building

In one interview, AT&T technician Mark Klein talks about the mysterious Room
641a he found in his workplace in San Francisco. "There's no door handle, so
it looks kind of odd," he said.

Inside the room, he found what appeared to be the government using a
splitter to copy all Internet traffic moving through the AT&T Internet

"One half is going to the secret room, and the other half is going to its
normal, assigned destination," Klein said. "But it's been copied in the

While he went public with his find after reading a *New York Times* report
on the NSA's warrantless wiretapping program in 2005, the existence of the
program has still never been confirmed nor denied. "It still remains an open
question," one woman says.

That open question leads to an interesting exchange between the filmmaker
and an agitated Robert Deitz, the general counsel for the NSA from 1998 to
2006, who refuses to comment. ...

Airbnb Will Hand Over Host Data to New York

Monty Solomon <>
Fri, 23 May 2014 01:55:17 -0400

Four Words Going Bye-Bye (Thomas Friedman)

Monty Solomon <>
Fri, 23 May 2014 04:10:44 -0400
Thomas L. Friedman, *The New York Times*, 20 May 2014

The more I read the news, the more it looks to me that four words are
becoming obsolete and destined to be dropped from our vocabulary. And those
words are "privacy," "local," "average" and "later." A lot of what drives
today's news derives from the fact that privacy is over, local is over,
average is over and later is over. ...

Re: Forged SSL Certs

Jonathan S. Shapiro <>
Fri, May 16, 2014 at 10:49 AM
  [Via Dave Farber's IP distribution]

It is a regrettable truth that SSL certificates are a very expensive thing
for a small website owner to obtain. I run ten or twelve websites at this
point, more or less as a public service. There's simply no way that I'm
going to spend hundreds of dollars a year for *each* of them in order to pay
for proper certificates. My solution—and the solution that many people
have adopted—is to use self-signed certificates. These aren't "forged",
but nowadays they generate an "invalid certificate" complaint from a lot of
browsers. A self-signed certificate doesn't ensure that you are talking to
the right machine, but it at least ensures that the traffic is encrypted.

Now that DNSSEC is finally getting deployed, it will become possible to
handle this by providing the certificates using DNS. This is a much better
solution than certificate authorities. Or at least, it *would* be, except
that three years after the DANE protocol was defined many browsers still
don't support it.

The point is: not all forgery is evil, and a great deal of the forgery that
is observed in the wild has to do with price gouging rather than hostile

Re: German Green Energy, also Car 'Dash Cams' (RISKS-27.93)

Chris Drewe <>
Sun, 18 May 2014 22:37:34 +0100
Item 1: RISKS 27.93 had this item:

       <#subj1.1>Germany Sets New Record, Generating 74 Percent Of Energy
       Needs from Renewable Energy (Kiley Kroh via Dave Farber)

 “In fact there are no technical and economic obstacles to go first to 20
 percent of annual electricity demand penetration rate from a combination of
 those two technologies, then 50 percent and beyond by combining them with
 other renewables and energy efficiency measures and some progressive
 storage solutions at a modest level.''  ]...]

Sounds wonderful, but appears to skate over some vital details.  As I
understand things:

(a) Wind and solar sources can provide significant power, but only in short
bursts and not necessarily when needed, so either conventional generating
plant will have to be retained with these sources feeding in as and when
available, or renewables will have to generate something like 500% of the
country's electricity, with the surplus stored (how?) for periods of calm
weather or when the sun don't shine (with a margin for the ineffiencies of
the storage system).

(b) Obviously the 'fuel' for renewable energy is free, but there's
the environmental impact of construction and maintenance of the
wind turbines and solar panels, and the transmission network
(cable lines, transformers, etc.); this can be especially
problematic as they are often located in remote regions or out at

For instance, if a solar array is to be constructed in the desert, this
means making the panels (China?) and supporting metalwork and transporting
them to site—lots of steel and concrete and truck journeys and maybe
building access roads—then running power lines to wherever the consumers
are.  How long does it take to recover the amount of energy needed for this,
and will the panels last that long?  And if surplus power is to be stored
somehow, there's the energy and raw materials for the storage system as

> Some readers will ask, Why is this computer-related?  The answer of course
> that our computer systems and especially Big Data systems tend to be power
> hungry.

Indeed, but if data centre operators attempt to overcome possible problems
of intermittent renewable power with UPS or back-up generators, this rather
defeats the object of the whole thing...  :o)

Item 2: There have been items in newspapers on these vehicle 'dash cams',
i.e., forward-viewing video cameras and solid-state recorders mounted inside
windshields which record a 30-minute (or whatever) loop on SD memory cards,
in case of insurance disputes.  Reportedly they are becoming routine for
commercial vehicles, and maybe they could become a de-facto requirement for
private drivers too—fit one or you don't get insurance.  This could raise
some interesting privacy concerns, such as: if you unknowingly drive past a
crime scene, can the police demand that you hand over your recording?  If
you drive through an urban area you will capture citizens going about their
business—can they claim breach of privacy, like Google Street View?  How
long do you have to keep a recording of an uneventful journey just in case
someone wants to see it?  Who is liable if a squashed bug on the windshield
blocks the camera's view at a critical moment?

Re: Germany Sets New Record ... (Kroh, RISKS-27.93)

"Brooks, Thomas M SGM RET" <>
Sat, 17 May 2014 15:31:41 -0500
It bothers me when people will go to an unrelated forum to use it as a soap
box for their own issues. It bothers me more when statistics are cooked to
support their positions. It bothers me most that people writing the drivel
think no one will check the facts.

"... renewable energy generation surging to a record portion—nearly 75
percent—of the country's overall electricity demand ...", versus,
"... renewable energy sources met a record 27 percent of the country's
electricity demand ..." Am I the only one who thinks there is a wide
difference between "nearly 75 percent" and "27 percent?" Wasn't the author
smart enough to recognize this disparity only a few sentences apart, or were
the stats carefully chosen or cooked to meet his preconceived thesis?

Further, "... Renewable generators produced 40.2 billion kilowatt-hours of
electricity ...", but what is the context? As of 2012, German annual energy
consumption was 3,626 TWh (terawatt-hours), which is 3,626 billion
kilowatt-hours or over 900 times the energy produced by renewables. Further
in 2012, Germany produced 1,444 TWh and imported 2,315 TWh, mostly from
France and Czech Republic. So while Germany may be going "Green" in terms of
its production, it's neighbors aren't so much. Can you really be considered
"Green" if you outsource your energy generation?

Money isn't everything, but factor in that the cost of electricity in Europe
is 4 times the cost in the United States. Germans pay 6 times as much. When
you vote for a Green candidate, you are also voting for sky-high energy

I am as concerned as anyone regarding air pollution and climate change.  But
I think it's dishonest to pretend to be green while outsourcing your energy
production to Czech Republic or your manufacturing and jobs to China. The
world is ROUND and air pollution does not stay in the borders of the country
which produced it. We need a unified policy, not self-serving politicians
marketing fear so they can collect power to themselves.

Re: Germany Sets New Record ... (Kroh, RISKS-27.93)

Larry Sheldon <>
Fri, 16 May 2014 20:24:40 -0500
We also have to PAY for the power!

Remember to Forget

Monty Solomon <>
Fri, 23 May 2014 04:12:35 -0400
Maureen Dowd, The Right to Be Forgotten, *The New York Times*, 20 May 2014

It sounds like the title of a classic novel about desire and memory, perhaps
Marcel Proust's sequel to "Remembrance of Things Past."

It is, in fact, based on a French legal phrase, le droit é l'oubli, the
"right of oblivion," which allows criminals who have paid their debt to
society to object to the publication of information about their conviction
and jail time.

That French concept was the underpinning of the European Court of Justice's
jolting ruling last week that Google and other search engines can be forced
to remove search results about ordinary citizens linking to news articles,
websites, court records and other documents if the information is deemed
"inadequate, irrelevant or no longer relevant"—even if it is truthful.

There goes the Internet.

Re: The 'right to be forgotten' (Weinstein, RISKS-27.92 and .93)

Peter Bernard Ladkin <>
Sat, 17 May 2014 09:02:07 +0200
RISKS readers may like a little more accurate information about the ECJ
decision, to uphold the right of a Spanish man to have certain incidents in
his past "forgotten", than provided by Lauren Weinstein.

Weinstein calls the decision bogus, inane and impractical; and in a later
article in RISKS-27.93 invokes Stalin. This is all highly misleading, and
needs to be refuted.

First, the decision is not bogus; it is genuine:

Second, reading the above document, it is apparent that the reasoning is
well-grounded in existing principles; indeed, quite the opposite of inane.

Third, it remains to be seen if the decision is impractical. It might well
be in some informal sense; many principles of law and due process are
impractical in such a sense. The requirement in English law that a case
shall be decided by a jury solely on the merits of the information and
arguments presented in the court used to be a matter of asking jurors to
stay away from newspapers and television news. Now, with ubiquitous Internet
information access, such a requirement has become hugely "impractical" and
is causing major problems, especially in the progress of high-profile
cases. Nevertheless, this principle is a cornerstone of the English legal
system and will remain so.  I anticipate that means will continually be
found to render it feasible in a continually-changing social-technological

Fourth, a reference to Stalin is silly. This is quite the opposite of
totalitarian politics. The European Union has a Data Protection Initiative
which is different from what exists in US law and which many of
us applaud, despite its faults, for the permanent freedom it guarantees us
from certain historically-totalitarian repressive measures. The court
appeared to consider carefully the implications of the DPI—which should
surprise no one, for they are distinguished jurists.

Having stuff "forgotten" is not a new principle of law. Some member
countries of the EU have long-standing legal principles enshrining a right
for convicted criminals to have their crimes erased from the record under
certain circumstances, after a number of years. This is known as "spent
conviction" and is found in common-law jurisdictions such as England and
Wales (see Rehabilitation of Offenders Act 1974). See for example .  It is also found in certain
US states, where it is known as "expungement"—the first page of a Google
search turns up Oklahoma, Illinois, Texas, Maryland, Louisiana,
Massachussetts, Indiana and Minnesota. I haven't looked at this carefully,
so I won't pretend to further expertise.

Citizens of EU countries have very different ideas of the relative value of
social principles and consequences of new Internet technology not only from
each other but also from, say, Angelenos. (I say that with some confidence,
having lived roughly two decades in each of England, California and
Germany.) For example, California law is not common law; one would not
necessarily expect Angelenos to understand common law (and there is evidence
before us that some of them don't). I and my Bielefeld group, as well as
local concerned citizens such as participants in digitalcourage (for those who read German), read and discuss
German Constitutional Court decisions in lectures and seminars, both inside
and outside the university. In my experience, Brits don't tend to do that
with English decisions unless they are legal scholars. German law is
Napoleonic, whereas England and Wales is common law. They are *really*
different, which is why the ECJ and ECHR are to my mind such important
institutions—they are the only ones who can determine which principles are
common to all these very different legal systems. The only other such
institution which comes to mind is the ICC. Also in an EU country. We in
Europe are pretty serious about getting rights right. Which I thought was
also of interest to Weinstein.

Peter Bernard Ladkin, University of Bielefeld and Causalis Limited

Re: The 'right to be forgotten' (Ladkin, RISKS-27.94)

Lauren Weinstein <>
Sat, 17 May 2014 08:25:19 -0700
The EU is free to legislate "the right to immortality" also if they wish.
Good luck enforcing it. This is an attempt to erase history by hiding
library index cards. It won't work. And I've had EU folks tell me off the
record that they understand it won't work and that it's purely a political
act (that plus creating a new revenue stream by going after deep-pocketed
search engines). Even more alarming, I've been told that they fully realize
that they may need to next legislate the removal of materials from any and
all sites—not just search engine links—in other words, primary
sources. And that, my friend, would certainly warm Stalin's
heart. Information censorship is at the heart of totalitarian thinking, and
it almost never appears suddenly in full bloom, but rather step by step, and
piece by piece. Luckily, the EU doesn't control the entire world, EU
citizens can be even more educated about how to use proxies to evade EU
censorship, and in general the EU entities pushing this come out looking
like panderers of the worst sort. Frankly, they'd be better off sticking to
their core competencies, like legislating the amount of cinnamon on cinnamon
buns. Just calling 'em as I see 'em.

More on the 'right to be forgotten'

Peter Bernard Ladkin <>
Mon, 19 May 2014 09:25:35 +0200
RISKS readers deafened by tub-thumping might like to consult *The
Economist*'s Schumpeter columnist at (there
are other articles, but The Economist has just implemented a restrictive
access policy that almost immediately requires "registration". Or one can
subscribe, as I do).

*The Guardian*, recent Pulitzer Prize winners for their reporting on the
Snowden revelations, has comment by Viktor Mayer-Schönberger , Professor of Internet Governance
and Regulation at the University of Oxford and author of a well-regarded
book on Big Data, as well as a recent book "Delete: The Virtue of Forgetting
in the Digital Age", at

*The Guardian* has a comment also by Mark Stevens at
, and by *The Observer*'s regular digital-technology columnist, John
Naughton, Professor of the public understanding of technology at the Open
University, at

In terms of reporting, Alan Travis and Charles Arthur reported on the ruling
as it came at
. Charles Arthur explained a day later what the ruling was and what it might
mean at
, and then a day after that on the hundreds of applications received
immediately upon the decision at
. There are lots more articles on The Guardian's WWW site, including a blog
post by James Ball noting that Senor Costeja Gonzalez's successful assertion
of his right to be forgotten resulted in some 800 mainstream-media articles
with all the details within a day. There is even a Guardian interview with
him at

  [I am omitting a series of prior and subsequent messages between Peter
  Ladkin and Lauren Weinstein.  I think the arguments are sufficiently well
  stated.  PGN]

Please report problems with the web pages to the maintainer