The RISKS Digest
Volume 29 Issue 75

Tuesday, 6th September 2016

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…


Big, make that BIG, military secrets leak in Austrialis/France
The Australian via danny burstein
Defense Science Board Summer Study on Autonomy
Diego Latella
How Spy Tech Firms Let Governments See Everything on a Smartphone
The DNC Hack Shows How We’ve Dropped the Ball on Cyberdefense
Facebook Engineers Crash Data Centers in Real-World Stress Test
Tekla S. Perry
You're How Old? We'll Be in Touch
Feds Spend Nearly $500K To 'Combat Online Trolling'
Elizabeth Harrington
Another NSF study: Group Communication in High-Stakes Settings
Elizabeth Harrington
Re: How to shut down a 911 center? Hit the off button
"Google patches critical bug on Android Nexus 5X devices"
Fahmida Y. Rashid
"Samsung announces exchange program for Galaxy Note 7 after defective batteries halt sales"
Ian Paul
What is your phone telling your rental car?
Lisa Weintraub Schifferle
Is WhattsApp sharing phone numbers with Facebook or not?
Martyn Thomas
Re: Half of people click anything sent to them
Adam Shostack
Re: Kawasaki developing AI motorcycles that can talk with, learn from their riders
Jeff Jonas
Re: Voice Pitch and Voting Patterns
Barry Gold
Re: How One GMO Nearly Took Down the Planet
John Levine
Eli the Bearded
Re: You Can Now Chat With Your Hotel Room, and It's Only Going to Get Better
Henry Baker
Re: New hacking technique stealthily changes memory of virtual servers
Anthony Thorn
The Boebert/Blossom book on Deepwater Horizon
Info on RISKS (comp.risks)

Big, make that BIG, military secrets leak in Australia/France

danny burstein <>
Sat, 3 Sep 2016 13:52:37 -0400 (EDT)
[Australian news]

It's in the mail: how submarine secrets surfaced in Australia

In late April 2013 a Sydney postman reached into his satchel and pulled out
a small envelope containing the secrets of India's new submarine fleet. ...
This week the contents of that disk have become front-page news in
Australia, India and France as each country grapples with the ramifications
of an Edward Snowden-style leak of confidential documents disclosing the
entire secret combat capability of India's new Scorpene-class submarine


Defense Science Board Summer Study on Autonomy

Diego Latella <>
Mon, 05 Sep 2016 09:40:34 +0200
Last June the Defense Science Board released a study on the application of
autonomy to DoD missions.  The report is available at:

The abstract reads as follows:

  At the request of the Under Secretary of Defense for Acquisition,
  Technology, and Logistics (USD(AT&L)), the Defense Science Board (DSB)
  conducted a study on the applicability of autonomy to Department of
  Defense (DoD) missions. The study concluded that there are both
  substantial operational benefits and potential perils associated with the
  use of autonomy. Autonomy delivers significant military value, including
  opportunities to reduce the number of warfighters in harm's way, increase
  the quality and speed of decisions in time-critical operations, and enable
  new missions that would otherwise be impossible.  Autonomy is by no means
  new to the DoD. Fielded capabilities demonstrate ongoing progress in
  embedding autonomous functionality into systems, and many development
  programs already underway include an increasingly sophisticated use of
  autonomy. Autonomy also delivers significant value a diverse array of
  global markets. Both enabling technologies and commercial applications are
  advancing rapidly in response to market opportunities. Autonomy is
  becoming a ubiquitous enabling capability for products spanning a spectrum
  from expert advisory systems to autonomous vehicles. Commercial market
  forces are accelerating progress, providing opportunities for DoD to
  leverage the investments of others, while also providing substantial
  capabilities to potential adversaries. This study concluded that DoD must
  accelerate its exploitation of autonomy--both to realize the potential
  military value and to remain ahead of adversaries who also will exploit
  its operational benefits.

How Spy Tech Firms Let Governments See Everything on a Smartphone (The New York Times)

Monty Solomon <>
Sat, 3 Sep 2016 08:47:18 -0400

The NSO Group sells expensive surveillance tools for criminal and terrorism
inquiries, but critics say they are also used to track journalists and
rights activists.

  [Sunday's edition of *60 Minutes* rebroadcast the 17 Apr 2016 segment
  showing Karsten Nohl in Germany hacking a Congressman's cellphone as part
  of a long video segment showing how easy it was to hack almost everything.
  It's still timely, even if just one more reminder.  PGN]

The DNC Hack Shows How We've Dropped the Ball on Cyberdefense

Monty Solomon <>
Sat, 3 Sep 2016 20:01:42 -0400

Facebook Engineers Crash Data Centers in Real-World Stress Test (Tekla S. Perry)

Jim Reisert AD1C <>
Sat, 3 Sep 2016 12:32:11 -0600
Tekla S. Perry, *IEEE Spectrum*, 2 Sep 2016

  In 2014, [Jay] Parikh decided Project Storm was ready for a real-world
  test: The team would take down an actual data center during a normal
  working day and see if they could orchestrate the traffic shift smoothly.

  Other Facebook leaders didn't think he'd actually do it, Parikh
  recalls. “I was having coffee with a colleague just before the first
  drill.  He said, "You're not going to go through with it; you've done all
  the prep work, so you're done, right?"  I told him, "There's only one way
  to find out—if it works." ''

You're How Old? We'll Be in Touch

"Peter G. Neumann" <>
Mon, 5 Sep 2016 11:02:25 PDT

  This weekend's New York Times op-ed about the ageism people over 50 face
  in the workplace includes a charming anecdote via JK Scheinberg, the
  esteemed Apple engineer who got Mac OS running on Intel processors. A
  little restless after retiring in 2008, at 54, he figured he'd be a great
  fit for a position at an Apple store Genius Bar, despite being twice as
  old as anyone else at the group interview.  "On the way out, all three of
  the interviewers singled me out and said, 'We'll be in touch,' " he
  said. "I never heard back."

Feds Spend Nearly $500K To 'Combat Online Trolling' (Elizabeth Harrington)

Werner U <>
Tue, 6 Sep 2016 14:38:56 +0200
Elizabeth Harrington, *FreeBeacon* via SlashDot, 2 Sep 2016

*Washington Free Beacon* reports:"The National Science Foundation is
spending roughly half a million dollars to combat 'online trolling

A joint project by Northwestern and Northeastern universities is examining
how to create 'trolling-free environments' on The Internet.  The researchers
define online trolls as those who try to influence public opinion by
boosting 'misleading' and 'inauthentic comments.'" Just how can the
"misleading" and "inauthentic" speech be eliminated by the government
without violating the First Amendment?*  [...]

Another NSF study: Group Communication in High-Stakes Settings (Elizabeth Harrington)

Werner U <>
Tue, 6 Sep 2016 17:31:28 +0200
  [NSF-studies are not obvious topics to call attention to in RISKS, but
  when reading "to improve voice-command software" (Apple's Siri) and
  "high-stakes settings" (road/air/space travel?) I thought of failures

Elizabeth Harrington, *FreeBeacon*, 2 Sep 2016
Feds Spend $333,989 Studying Conversations>

The National Science Foundation is spending over $300,000 studying
conversations, saying that little is known about how people communicate with
each other.  Research by Vanderbilt University began last month into the
conversations of high school students and the elderly.

How to shut down a 911 center? Hit the off button (burstein, R.29-73)

Fri, 2 Sep 2016 11:52:19 -0700 (PDT)
The solution (from the article):

  "D.C. emergency officials plan to add more security and signage to limit
  access to the button involved in the outage."

What could possibly go wrong with that?

"Google patches critical bug on Android Nexus 5X devices"

Gene Wirchenko <>
Tue, 06 Sep 2016 10:53:22 -0700
Fahmida Y. Rashid, *InfoWorld* 2 Sep 2016
The vulnerability, which Google has patched, could let attackers obtain the
password for locked Nexus 5X devices and easily access device contents

opening text:

Google's Android security team patched a critical vulnerability in the
company's Nexus 5X devices which would have let attackers bypass the
lockscreen. An attacker who successfully triggered the vulnerability would
be able to obtain data stored on the device via a forced memory dump,
according to researchers from the IBM's X-Force team.

"Samsung announces exchange program for Galaxy Note 7 after defective batteries halt sales" (Ian Paul)

Gene Wirchenko <>
Tue, 06 Sep 2016 13:38:23 -0700
Ian Paul, PC World, 2 Sep 2016
After reports of the Galaxy Note 7 "exploding,"
Samsung halted shipments of the device in the company's home country.

In response to concerns over defective batteries prone to explosion, Samsung
has offered to exchange current Note 7 phones with a new Note 7—as early
as next week.  Current Note 7 owners can also immediately opt to exchange
their phones for a Galaxy S7 or S7 Edge and pocket the price difference.
Note 7 owners can also receive a $25 gift card or bill credit within the
exchange program. Go here for more details on Note 7 exchanges.

Later: Samsung issued an official statement on Friday regarding the Galaxy
Note 7. The company says it has halted sales of the phablet worldwide, and
that previously sold devices will be replaced *in the coming weeks.* The
company says that a battery cell issue resulted in 35 reported problems
worldwide with the Galaxy Note 7. Samsung's statement does not explain what
those issues were ...  [See article for the details.]

What is your phone telling your rental car? (RISKS-29.74)

Jim Reisert AD1C <>
Sun, 4 Sep 2016 10:29:49 -0600

  August 30, 2016
  Lisa Weintraub Schifferle
  Attorney, FTC, Division of Consumer & Business Education

  When I rent a car, it's fun to get all the bells and whistles like
  navigation, hands-free calls and texts, streaming music and even web
  browsing. But did you know that cars with these features might keep your
  personal information, long after you've returned your rental car? Here are
  some things to keep in mind when renting a connected car.

  What happens when you rent a connected car? When you use the car's
  infotainment system, it may store personal information.  It may keep
  locations you entered in GPS or visited when travelling [sic] in the
  rental car—like where you work or live.

  If you connect a mobile device, the car may also keep your mobile phone
  number, call and message logs, or even contacts and text messages. Unless
  you delete that data before you return the car, other people may view it,
  including future renters and rental car employees or even hackers.

    [Also noted by Gabe Goldberg.  PGN]

Is WhattsApp sharing phone numbers with Facebook or not?

Martyn Thomas <>
Sat, 3 Sep 2016 15:12:23 +0100
My son sent me a screenshot from a WhatsApp popup.  It clearly says that
they won't share phone numbers, even if he agrees to share account
information. So are they sharing (and lying) or not?

  [Attachment omitted for RISKS.  Check with Martyn if you want a copy.  PGN]

Re: Half of people click anything sent to them (RISKS-29.74)

Adam Shostack <>
Sat, 3 Sep 2016 13:02:40 -0400
I'd like to suggest that this is evidence that counter-phishing training is
working astoundingly well.  We have constructed computer systems in which
clicking on things is how you get things done, in which clicking on things
is essential to both doing your job, watching cute cats, and becoming
outraged by the latest outrage.  (The wisdom of this design is subject to
debate, that we have designed things this way is not.)

The broad world trains people to click, and rewards them for doing so.
Cormac Herley, in "So Long, And No Thanks for the Externalities: The
Rational Rejection of Security Advice by Users" points out that "if users
spent even a minute a day reading URLs to avoid phishing, the cost (in terms
of user time) would be two orders of magnitude greater than all phishing

That counter-phishing training created a situation in which people didn't
click is an astounding achievement.  Of course, we could design technical
systems which detect that you that you've never before heard from this
correspondent, that you have never received email from their domain, that
the link goes to a domain you have never visited, and so reduce the need for
such training and the effort involved in evaluation.

Re: Kawasaki developing AI motorcycles that can talk with, learn from their riders (RISKS-29.74)

Jeff Jonas <>
Sat, 3 Sep 2016 11:08:41 -0400 (EDT)
Perhaps there are separate keys as on the Segway (which I think were just
speed limits / expertise level).  Or some menu to "choose driver profile" so
even the profiled driver can choose NOT to use auto-preferences when it's
raining, snowing, etc.  But what of the "right to be forgotten" erase
button?  Will the data stay local, or be shared with the ever-helpful IoT?

Considering the popularity of insurance-company motor-vehicle spy-modules,
what of privacy such as "pops wheelies on highway", speed profiles, etc.
Will it auto-determine aggressive or jackass drivers?

Re: Voice Pitch and Voting Patterns (Casey Klofstad et al., RISKS-29.74)

Barry Gold <>
Fri, 2 Sep 2016 17:52:55 -0700
Recent research shows that dogs process meaning in the left brain and
intonation in the right brain.

So you can bet that humans do as well.

Re: How One GMO Nearly Took Down the Planet (Goldberg, Risks-29.74)

"John Levine" <>
2 Sep 2016 20:01:08 -0000
>Extreme? Exaggerated? Valid? Can't tell.

A few minutes of googlage suggests that it's nonsense.  The article claims
that the alcohol made by the bacterium would kill all the plants on whose
roots it grew, because plants can't tolerate more than one 1 ppm of alcohol.
In fact the tolerance is all over the place and many plants including food
crops like maize (corn in the US) produce enzymes that can metabolize

We can certainly talk about the biological and legal issues that GMOs can
cause, but the anti-GMO crowd totally ignores the fact that GMOs have
concrete and well-documented benefits, notably less use of pesticides and
low-till farming to reduce soil erosion.  It's a trade-off, like most other
technical changes, and extremists on each side are utterly unhelpful.

  [Trade-offs are fine—necessary to get anything done.  But pro-GMO crowd
  totally ignores arguments [*] in favor of labeling.  Sugar/fat/etc.
  content is shown on labels, why not GMOs, even given they're so far deemed
  benign?  I think resistance to labeling hinders acceptance.  Foods are
  labeled kosher, people don't resist them; try it for GMOs too.  Gabe

    [* They aren't arguments, they're assertions.  A lot of us think that
    the goal of GMO labeling is to scare people, not to inform them.  If
    there are indeed dangers to GMOs, they are better dealt with at the farm
    where issues like jumping to weeds can be addressed, not at the grocery
    store where they can't.

    How about if they said this: "this product contains genetically modified
    ingredients, which decades of research have shown to be safe to eat"

    That is at least true.  John Levine

    PS: I see a lot of potato chips and such that say in smallish type on
    the back that they contain GMOs, so you might be right that most people
    don't care.]

      [Argument is for right to know, regardless of safety—separate from
      any assertions about non-safety. Realistically, resisting labeling
      supports conspiracy theories: if GMOs are so safe, why are they so
      militant about NOT labeling them; what are they hiding?

      I'm not arguing against GMOs; I don't know enough to have a position
      except that apparently they're currently deemed safe by most credible
      experts.  But I believe in label disclosures *and* that resisting
      labeling is counter-productive for acceptance.  Gabe Goldberg]

        [This topic was marginally relevant to begin with, but now I'm
        blowing the whistle.  PGN]

Re: How One GMO Nearly Took Down the Planet (Goldberg, Risks-29.74)

Eli the Bearded <*>
Fri, 2 Sep 2016 16:34:10 -0400 (EDT) (April 2001)

  On March 6, an Oregon State University researcher Elaine Ingham and the
  New Zealand Green Party apologized to the New Zealand government for
  submitting false claims about the ecological impact of genetically
  modified organisms (GMOs)—a mistake that seriously undermines the green
  lobby's call for a moratorium on field trials of all GMOs in New Zealand.

It seems clear that the microbe in question does kill wheat, under some
circumstances. This is bad, but not enough for it to "take down the planet".
How close it was to actually being used outside of a lab seems to have been

The risk? Corrections to articles don't get as widely distributed.

  [This one evidently does.  PGN]

     [Indeed. Truth loses the race to rumors and lies.  Gabe Goldberg]

Re: You Can Now Chat With Your Hotel Room, and It's Only Going to Get Better (RISKS-29.74)

DJC <>
Fri, 2 Sep 2016 22:50:25 +0200
Something that really caught my attention was when my car's voice-activated
GPS unit began responding to (what it deemed) voice commands in
conversations within the car.

I turned off voice commands.

Yes, I SIRIously turned them off.

Re: You Can Now Chat With Your Hotel Room, and It's Only Going to Get Better (RISKS-29.74)

Henry Baker <>
Fri, 02 Sep 2016 17:18:24 -0700
Move along; nothing new here...

In the bad old days, *all* of the "Western" hotel rooms in Moscow were
bugged, so *every* visitor could assume that they were being listened to
and/or watched.

There's even a one-character play (American? British?) about someone staying
in such a bugged Moscow hotel room, and who spends the entire play talking
to the assumed, but unseen, spies.  At the very end of the play, one of the
listening spies becomes so involved with the main character and his/her
story that spy starts talking back!

Perhaps someone on this list will know the name of this play; I've been
trying to recall it for decades.

If you're too young to understand what was going on in the bad ol' days, I
simply refer you to the [then] incredibly sophisticated and thorough bugging
of the newly constructed U.S. Embassy building in Moscow [*]:

  [* Non-electronic acoustically resonating and transmitting Russian-built
  wall panels, if I recall correctly.  PGN]

Re: New hacking technique stealthily changes memory of virtual servers (RISKS-29.74)

Anthony Thorn <>
Sat, 3 Sep 2016 11:28:37 +0200
Flip Feng Shui (FSS) technique
Cool !  The middle (Feng) character has been flipped to an S :-)

The Boebert/Blossom book on Deepwater Horizon (Re: RISKS-29.49)

"Peter G. Neumann" <>
Fri, 2 Sep 2016 15:25:06 PDT
  [This book is finally available, in hardcopy, Kindle, and UK editions.  As
  noted in my foreword reproduced here, it is highly RISKS-relevant.
  Publication was apparently held up because a Hollywood movie is due to be
  released at the end of September—even though I don't think the book
  played a role (!) in the film.  Two relatively minor corrections are
  posted online:  PGN]

Earl Boebert and James Blossom
Deepwater Horizon: A Systems Analysis of the Macondo Disaster
Harvard University Press
Cambridge, Massachusetts and London, England
September 2016
ISBN 978-0-674-54523-6

Book Foreword by PGN

This is an extraordinary book that digs deeply into the demise of the
Deepwater Horizon.  Readers are likely to be On Edge in every chapter.
Although this book is a factual account, it reads somewhat like a novel in
being such an unusually detailed, thorough, and authoritative analysis of a
disaster.  It also enumerates many realistic precautions, each of which
could have helped prevent the Macondo disaster.  In reality there was no one
weakest link; instead there were many weak links, and attention to them
could have avoided what happened.

The book is also unusual in the ways it explores the depth and breadth of
the causal factors that can be identified throughout—involving many
layers of corporate and operational personnel, and multiple factors relating
to technology, management, standard practices that do not adequately cover
contingencies, and much more.  In this analysis of the Macondo case, these
factors are clearly multidimensional, multifaceted, widely distributed, and
crying out for the retrospective analysis that this book achieves.

Many lessons are here for everyone involved in the exploration and
production of oil and gas.  But much deeper, this book is an incisive
parable for almost everyone involved in risky endeavors, even in completely
different areas.  It stresses the importance of planning for disasters,
establishing detailed monitoring practices, carefully documenting
instructions for seemingly routine operations, and even more important,
carefully documenting changes in what must be done to anticipate and respond
to possible effects—especially whenever the risks happen to be greatly
increasing in real time.  Even though it can be very difficult to
realistically assess dynamic changes in risks in real time, it is absolutely

The book's notion of the need to establish a pervasive and properly enforced
"safety culture" is very timely in a world that emphasizes cost reductions
and short-term optimization, to the deprecation of safety measures.  Many
organizations depending on life-critical systems might claim that they
already have a safety culture, but it requires much more than lip service --
it requires deep awareness of issues such as those considered here.

Furthermore, a similar observation also applies more generally to the need
for a culture of predictable dependability and trustworthiness, whether or
not human safety is a primary issue.  Many computer-related endeavors
require much greater reliability, resilience, security, privacy, and other
mission-critical desiderata.  In almost all disciplines, holistic thinking
that encompasses concerns such as those considered in this book—and many
more—is becoming a lost art.  The need for ubiquitous risk awareness and
risk avoidance (not just "risk management"), rigorous system practices,
preventive maintenance, and many other factors is increasingly being widely
ignored or given a much lower priority, typically in the quest for greater
profits.  As a consequence, the lessons of this book are enormously
important in most technologically based enterprises, and are vitally

Please report problems with the web pages to the maintainer