Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
In this essay at the Guardian, Tim Harford suggests that reliance on automation is setting us up for disaster as, like airline pilots, we become more used to manipulating computer systems than directly running the systems they control. Harford draws lessons from aviation, where this "mode confusion" causes plane crashes such as, to apply to council decisions and self-driving cars. Harford concludes by examining the work of Dutch traffic engineer Hans Monderman, who solved such conundrums by removing cues such as street signs and forcing drivers, pedestrians, and cyclists to engage with each other in navigating messy terrain, an approach that sounds risky but that in practice proved to be safer for all concerned. https://www.theguardian.com/technology/2016/oct/11/crash-how-computers-are-setting-us-up-disaster Wendy M. Grossman www.pelicancrossing.net Twitter: @wendyg
British data specialist spends 11 hours trying to get his wifi kettle to
make a cup of tea. Wars have been fought for less...
https://www.theguardian.com/technology/2016/oct/12/english-man-spends-11-hours-trying-to-make-cup-of-tea-with-wi-fi-kettle
[Of course, the original Internet of Things was the Cambridge Computer Lab
coffee pot. WMG]
[However, that was a camera-only hookup, and one could not remotely
adjust the coffee-pot controls. By the way, The Internet of Things has
the potential of being a collossal fiasco in the making. In any event,
it will have plenty of fodder for RISKS as Things Begin to Unfold (a
nonaccidental pun). PGN
http://boingboing.net/2016/10/12/english-man-spends-11-hours-tr.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+boingboing%2FiBag+%28Boing+Boing%29 A key problem seemed to be that Rittman's kettle didn't come with software that would easily allow integration with other devices in his home, including Amazon Echo, which, like Apple's Siri, allows users to tell connected smart devices what to do. So Rittman was trying to build the integration functionality himself. I love the "Attention! You must connect to the kettle network before proceeding!" error message.
Dan Goodin, Ars Technica, Oct 11 2016 Technique allows attackers to passively decrypt Diffie-Hellman protected data. <http://arstechnica.com/security/2016/10/how-the-nsa-could-put-undetectable-trapdoors-in-millions-of-crypto-keys/> Researchers have devised a way to place undetectable backdoors in the cryptographic keys that protect websites, virtual private networks, and Internet servers. The feat allows hackers to passively decrypt hundreds of millions of encrypted communications as well as cryptographically impersonate key owners. The technique is notable because it puts a backdoor—or in the parlance of cryptographers, a "trapdoor"—in 1,024-bit keys used in the Diffie-Hellman key exchange. Diffie-Hellman significantly raises the burden on eavesdroppers because it regularly changes the encryption key protecting an ongoing communication. Attackers who are aware of the trapdoor have everything they need to decrypt Diffie-Hellman-protected communications over extended periods of time, often measured in years. Knowledgeable attackers can also forge cryptographic signatures that are based on the widely used digital signature algorithm. As with all public key encryption, the security of the Diffie-Hellman protocol is based on number-theoretic computations involving prime numbers so large that the problems are prohibitively hard for attackers to solve. The parties are able to conceal secrets within the results of these computations. A special prime devised by the researchers, however, contains certain invisible properties that make the secret parameters unusually susceptible to discovery. The researchers were able to break one of these weakened 1,024-bit primes in slightly more than two months using an academic computing cluster of 2,000 to 3,000 CPUs. Backdooring crypto standards—completely feasible" To the holder, a key with a trapdoored prime looks like any other 1,024-bit key. To attackers with knowledge of the weakness, however, the discrete logarithm problem that underpins its security is about 10,000 times easier to solve. This efficiency makes keys with a trapdoored prime ideal for the type of campaign former National Security Agency contractor Edward Snowden exposed in 2013, which aims to decode vast swaths of the encrypted Internet. "The Snowden documents have raised some serious questions about backdoors in public key cryptography standards," Nadia Heninger, one of the University of Pennsylvania researchers who participated in the project, told Ars. "We are showing that trapdoored primes that would allow an adversary to efficiently break 1,024-bit keys are completely feasible." While NIST—short for the National Institute for Standards and Technology -- has recommended minimum key sizes of 2,048 bits since 2010, keys of half that size remain abundant on the Internet. As of last month, a survey performed by the SSL Pulse service found that 22 percent of the top 200,000 HTTPS-protected websites performed key exchanges with 1,024-bit keys. A belief that 1,024-bit keys can only be broken at great cost by nation-sponsored adversaries is one reason for the wide use. Other reasons include implementation and compatibility difficulties. Java version 8 released in 2014, for instance, didn't support Diffie-Hellman or DSA keys larger than 1,024 bits. And, to this day, the DNSSEC specification for securing the Internet's domain name system limits keys to a maximum of 1,024 bits. Poisoning the well Solving a key's discrete logarithm problem is significant in the Diffie-Hellman arena. Why? Because a handful of primes are frequently standardized and used by a large number of applications. If the NSA or another adversary succeeded in getting one or more trapdoored primes adopted as a mainstream specification, the agency would have a way to eavesdrop on the encrypted communications of millions, possibly hundreds of millions or billions, of end users over the life of the primes. So far, the researchers have found no evidence of trapdoored primes in widely used applications. But that doesn't mean such primes haven't managed to slip by unnoticed. [...]
http://www.nytimes.com/2016/10/11/business/samsung-galaxy-note-fires.html The move is a major setback for the world's largest producer of smartphones, which had been gaining ground against Apple in the high-end market.
Put this one under the risks of getting computer hardware wrong. An article I read several years ago about battery problems—yes, this has been an issue that long—stated roughly that the high concentration of energy in a battery makes it a bomb. Unfortunately, we are seeing cases where this most definitely is correct. I suggest that this problem is going to continue because of the lack of an effective countercheck against users' desire for as-long-as-possible battery life. Maybe, it will end when a safe battery is found (next to the leprechaun's gold at the other end of the rainbow)? John Ribeiro, InfoWorld, 11 Oct 2016 Samsung discontinues Galaxy Note 7 after battery debacle Problems worsened for Samsung after reports that even replacement Note 7 phones were catching fire http://www.infoworld.com/article/3130127/smartphones/samsung-discontinues-galaxy-note-7-after-battery-debacle.html [...]
[French sue Apple over 'imposing unbalanced contracts' and 'the sorry state' of their Software Support and Maintenance. Hmmm... the ToS of most websites and software, online and offline, appear so abominably 'unbalanced' today, to appear 'sittenwidrig' <https://de.wikipedia.org/wiki/Sittenwidrig> to any fair-minded person I know (see also <https://en.wikipedia.org/wiki/Unconscionability>) so, without any further ado.] Catalin Cimpanu, 9 Oct 2016 French Company Sues Apple Because of Improper HTML5 Support in iOS <http://news.softpedia.com/news/french-company-is-suing-apple-because-of-improper-html5-support-in-ios-509095.shtml> Company wants Apple to open iOS for other browsers Nexedi, a French software development company, is suing Apple in a French court because of the sorry state of HTML5 support on iOS, and because Apple actively prevents third-party browser engines from running on iOS. The company filed a civil lawsuit in France because a local law gives it the best chances of succeeding in its effort. A local French law passed a few years back prevents large companies from imposing unbalanced contracts on smaller businesses. Nexedi says that Apple forces software developers to sign an unfair contract when submitting an app to the iOS App Store that states that all web content should be handled by a WebKit-based browser engine. The French company's problem is that the WebKit engine is seriously lagging behind when it comes to supporting modern HTML5 features. Because Apple forces iOS app developers to use WebKit-based browsers, developers must invest serious time and effort into porting modern apps to work with the limited version of HTML5 supported in iOS, indirectly cutting down their profits. [Very long item pruned for RISKS. PGN]
Catalin Cimpanu, *The Washington Post*, 11 Oct 2016 People Are Suing Nonexistent Persons to Trick Google in Censoring Search Results http://news.softpedia.com/news/people-are-suing-nonexistent-persons-to-trick-google-in-censoring-search-results-509174.shtml Companies and individuals have filed dozens of defamation lawsuits against nonexisting persons, which after a complicated legal procedure lead judges into issuing court orders that force online platforms such as Google, Yelp, and others to remove bad reviews or negative articles. This new legal trick to censor bad press on the Internet came to light following an investigation by The Washington Post, which uncovered 25 suspicious cases. <https://www.washingtonpost.com/news/volokh-conspiracy/wp/2016/10/10/dozens-of-suspicious-court-cases-with-missing-defendants-aim-at-getting-web-pages-taken-down-or-deindexed/ The common theme in all cases was that the lawsuit's defendant was not a real person, which WP validated with the help of a private investigator. Lawyers find clever (probably illegal) trick to censor Google, Yelp. Plaintiffs had filed lawsuits for defamatory comments and defamation claims against nonexistent persons, who then "mysteriously" agreed for an injunction on their comments or articles. Faced with a quick resolution to the case, judges would approve the self-agreed injunction and put out a court order to have the web page taken down. The plaintiff would then take this court order and pass it on to Google or Yelp, who acted on it and removed the content from their search results and site. Internet companies furiously fight against illegal takedown notices, but when the takedown notice is accompanied by an "official" court order, they trust that the judge had taken the right decision. SEO reputation management company tied to many lawsuits. [...] [Long item pruned for RISKS. PGN]
Catalin Cimpanu, Softpedia, 26 Sept 2016 New Open Source Linux Ransomware Shows Infosec Community Divide http://news.softpedia.com/news/new-open-source-linux-ransomware-shows-infosec-community-divide-508669.shtml *UPDATE:* Following our investigation into this matter, and seeing the vitriol-filled reaction from some people in the infosec community, Zaitsev has told Softpedia that he decided to remove the project from GitHub, shortly after this article's publication. The original, unedited article is below. Security researchers can't decide if publishing open-source ransomware on GitHub is a bad or a good idea CryptoTrooper, an open source kit for building Linux ransomware, has divided the infosec community right down the middle. The hot potato at the heart of the debate is the same issue that surrounded Utku Sen's EDA2 and Hidden Tear ransomware building kits for Windows. Should security researchers create "ransomware for educational purposes" and should they release them on GitHub? While you may think the clear-cut answer is "Hell NO!!!," surprisingly, the reality is quite different. A recent Twitter poll has asked users "Is open source ransomware helping improve ransomware detection/prevention, or making it worse?" The final result was extremely close, with 54 percent for "No, it's not helping," and 46 percent for "Yes, it's helping." Twitter poll reignites the "open source ransomware" debate. [...] [Long item pruned for RISKS. PGN]
Can Brian Krebs use the 9-11 victims law to sue device manufacturers involved in the attack upon him, or the nations where they were built? Anyone can say they were terrorized by an attack - that is a subjective claim. A quick recap what the US 911 victims law is: Congress passed it, Pres Obama vetoed it, Congress overwhelmingly over-ruled the veto. It grants to victims of terrorism, the right to sue governments they think are responsible. It was intended to allow 9-11 victims to sue Saudi Arabia for what bin Laden orchestrated, but the 911 commission showed that Saudi Arabia was not responsible . claims that they were, are political rhetoric posturing, which does not work in a court of law. The Saudis kicked bin Laden out of their nation, and the Sudan, long before 9-11. He selected many Saudi confederates to try to drive a wedge between USA and the Saudi gov. It was Afghanistan Taliban (gov wiped out by USA & NATO) gave him sanctuary. Locating those Taliban today, and getting them into court, may be a lost cause, thanks to the US assassination program. It is easier to seize their assets via Panama Papers discoveries. US 911 victims law may have opened the door for residents of Afghanistan, Iraq, Iran, Libya, Pakistan, Somalia, Syria, Yemen, etc. to sue the US government for acts of war against people of those nations, which have terrorized them.
The links in the Cyberwar article do not work. The more detailed project description is at https://www.politie.nl/themas/live-view.html and is in Dutch, but Google translate does a reasonable job here (the English language brochure is a bit short on detail). The project has apparently been live for a few years. The project states in the "privacy" section that the police only gets a feed on request (after an incident), but the list of other uses seems hard work without some direct access ability. That doesn't mean the facility is actually there, but the temptation certainly is..
Sorry, I wasn't clear about the suggestion. I'll be more specific. >> Why can't we have a new standard, designed to work with the major browsers >> and e-mail vendors—maybe built on PGP—that would take the encryption >> responsibility out of the hands of the e-mail providers, > > For one thing, because encryption is downright illegal in Chernarus and > requires a separate government license in Freedom. > [...] I was not suggesting that Google, Yahoo, or Mozilla be involved. My suggestion to take the responsibility out of their hands was fundamental to the idea. Again, I'm not a UI programmer, and specifically not a Javascript programmer, so I may be misunderstanding completely the context of the problem. However, I can install third-party plugins in my personal copy of Firefox which will change the appearance and function of the display. For example, I can install a plug-in which adds a button to download YouTube videos. (That specific one crashed my browser, but presumably they can be made to work correctly.) So, if there is some text entry widget on my display—maybe there so that I can type in an e-mail—why can't I add a plugin which encrypts what I type? I can imagine that the access to the text entry widget would have other uses, as well: maybe it would help the disabled, or allow specialized kinds of data entry, so there are other plausible reasons to modify the widget. Maybe some standardization of e-mail text entry widgets would make this easier, maybe not. That's beyond my knowledge at this time. By putting an externally developed façade on the widget, no involvement by the browser developer or the e-mail provider is required. They can, indeed, claim honestly that they can't help the spooks. Now, I was proposing a technical solution. The points made by Mr Maziuk regarding the legalities and uses of such an encrypting plugin, while relevant in some instances, aren't relevant in all instances, and don't make the technical solution infeasible at any rate. If a resident of some jurisdiction which has a dim view of encryption wants to go ahead, then who am I to stop him? Regarding some of Mr Maziuk's musings, I don't have to open a potentially incriminating e-mail if I don't want, encrypted or not. At least with an encrypting plugin, I can check the digital signature before so doing. And I rather like the non-Latin-script domain names. Why should everyone be required to write the same way? I'd like to solve the world's political and human rights problems, but don't know how. At least I can take a stab at some software challenges. ;-)
"The only way to ensure that your vote is not counted, is to not vote." is is a belief that's been voiced widely during the recent vogue on "hacking elections" and "the Russian hackers", by many colleagues of mine at the Open Source Election Technology Institute and within the election tech and election integrity communities. In RISKS 29.83, Mark Smith was accurate is listing several of the most important ways in which one's vote *might* not count, or be counted accurately (two separate things BTW). But I have to respectfully disagree on the conclusion. Despite all the risks Mark enumerated, and many others, many peoples votes are counted, and it still remains true that if you don't try to vote, you have 0% chance of being counted; while if you do vote you do have a chance of being counted. I understand how many people feel bad that there is no way for any one person to be certain that their cast ballot would be counted, and correctly. We can wish for a perfect system, but in fact it is a structural principle of this unique transaction—authenticated, access controlled, anonymous, and non-reversible—that such certainty is impossible. This is actually by design, from the principle of anonymity to avoid bribery and coercion. I understand Mark's sentiment that one tends to not use a critical system when it is not trustworthy. I would not call our election process untrustworthy as a whole, but it is clear that the certainty Mark seeks is not part of it. I understand the impulse to not have faith in a system that lacks guarantees that one might wish for, and I don't want to try to convince Mark or anyone else to have faith in such a system. AND YET, I believe that voting is such an essential and vital part of democracy, that I urge Mark and anyone else with his doubts, to put in the small effort vote *notwithstanding* the concerns we all have about the complex election system that we inherited. If everyone who had the same type of doubts that Mark has (and/or others that I and other election folks have) were to not vote, then we would not have an effective democracy. We are already teetering on the brink, with participation so low. Sometimes we have a moral imperative to act despite a lack of faith in the act or its effectiveness—and for me, voting is included. So please vote! The effort involved is not great. The result is important -- another ballot that has a chance to be counted accurately, as part of an election with just that one person's participation's increment in legitimacy. We have *already* bet the whole country on the chance of an election with legitimacy—and each of use can act to further that goal, preventing the nightmare of a broken election. John Sebes, CTO, OSET Institute "If I learn that a system vital to my survival cannot be trusted, I tend to stop using it until or unless it has been fixed. Therefore, once I understood that there was no way I could be certain that my vote would be counted, I stopped voting. Nobody, no matter how highly credentialed and respected, is going to convince me to have faith in an untrustworthy system. If you want to gamble, risk your own money, but please don't bet the whole country on it."
"Mark E. Smith" <mymark@gmail.com> writes:
> In reality there are at least three other ways that your vote for sure
> doesn't get counted:
> 1. The Electoral College vote does not follow the popular vote, as
happened in 1876 and 1888, or if, as in 1824, neither candidate gets an
Electoral College majority and the House of Representatives elects the
President.
Despite appearances to the contrary, there is NO "popular vote" for the US
president and vice president. The electoral college system has been in place
for centuries at this point, and it should have been taught to every child
when they had civics class in grade school. It should not be a surprise to
any US voter.
The votes were, indeed, counted IN THE STATES THEY WERE CAST, according to
the Constitutionally mandated system, and the meaningless "popular vote
total" was quite properly ignored.
The votes were counted in 1824 as well, but since there was no majority in
the electoral college the Constitutionally mandated process for resolving
that issue was used. This, too, is part of the civics education that all
school children should be getting.
> 2. The Supreme Court steps in as it did in Bush v. Gore 2000 and stops the
vote count.
SCOTUS did NOT "stop the vote count". The votes had been counted. The votes
had been recounted. SCOTUS ruled that the authority for determining the vote
counting process in the state of Florida rested with the legislature of the
state of Florida and the Secretary of State of the state of
Florida. Further, SCOTUS found that the legislature had acted properly in
creating the process. The plaintiff's request for yet another recount,
which would have prevented the certification of the electors to the
electoral college in time for the electoral college balloting, was denied.
The effect of delaying the certification of the result would be that every
voter in the state of Florida would have had their vote counted BUT IGNORED
in determining the final result. The state of Florida would have lost their
votes in the electoral college, with the effective disenfranchisement of
every voter in that state.
> 3. One candidate concedes before all the votes have been counted, as then
Presidential candidate John Kerry did in 2004.
If your candidate concedes prior to the votes being counted, that's the
fault of your candidate and not the system.
> Therefore, once I understood that there was no way I could be certain that
my vote would be counted, I stopped voting.
The effect of changing the rules after the ballots have been counted because
your preferred candidate did not win is not how you "be certain that [my]
vote would be counted." In fact, it is trying to make certain that the votes
of other people, who exercised their right to vote for the other person,
would not be counted.
You know, this is probably the worst POSSIBLE response to a broken electoral system. And I won't argue the point that our electoral system has problems - you are correct that it does. But moaning that it's broken while you sit at home on election day doesn't get it fixed. Staying home just gives anyone monkeying around with the system that much more leverage to work with. I can certainly respect that you believe the system is much more broken than I believe. I could certainly be wrong. But I can't respect just sitting there whining without even trying to vote, let alone FIX it. And no, 'protesting' by not voting isn't fixing anything. It's a cop-out. It accomplishes NOTHING. You want to actually FIX things, then start harassing your government. Be annoying enough that they fix things just so you'll go away.
> "You want to actually FIX things, then start harassing your government. > Be annoying enough that they fix things just so you'll go away." If by "your government," you mean "elected" officials, they cannot be harassed. Only their biggest donors can actually get face time with them. Those who attempt to harass their paid staffers, interns, and volunteers, are dealt with according to time-tested bureaucratic methods that protect plutocrats from the mob and rabble. Those who persist to the point of becoming annoying can be arrested if they don't go away. Once you vote, you have delegated your power to the plutocracy. You have consented to allow them to make your decisions for you. You no longer have a voice. When you voted, you signed a contract to leave things up to whoever happens to win. Attempts to renege on, or even seriously protest that contract, can be prosecuted as criminal acts. To vote is to declare yourself incompetent to manage your own affairs, and to appoint whoever takes office as your guardian with a full power of attorney to spend your money and dictate your choices. If that's your intention, go right ahead and vote. It isn't difficult to know who'll win an election. Just look online to see how much money was donated to them by the big banks and multinational corporations. If one candidate got more money than the other, that's who will win. If both got almost equal amounts, it doesn't matter who wins, as their policies will be the same.
Please report problems with the web pages to the maintainer