The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 30 Index

Forum on Risks to the Public in Computers and Related Systems

Volume 30 Issue 01 (Wednesday 14 December 2016)

• More on the LaMia crash involving the Brazilian soccer team
• PwC SAP fatal flaw in security software (Iain Thomson via Al Mac)
• Netgear R7000 and R6400 vulnerability (Bob Gezelter)
• Automated Assistants Will Soon Make a Bid for Your Finances (Nathaniel Popper)
• Cars Talking to One Another? They Could Under Proposed Safety Rules (Cecilia Kang)
• ACLU sues Rhode Island over computer benefits system delays (AP item via The Boston Globe)
• Designing a Safer Battery for Smartphones—That Won't Catch Fire (John Markoff)
• Fake News Expert On How False Stories Spread And Why People Believe Them (NPR)
• SHAME ON YOU, GOOGLE! - Holocaust Deniers as the top search result (Gizmodo via Lauren Weinstein)
• Europe braces for Russian hacking in upcoming elections (Politico)
• Russia hacking the DNC (The New York Times)
• On the CIA assessment: Russia intervened in the 2016 election (Peter Houppermans)
• The Perfect Weapon: How Russian Cyberpower Invaded the U.S. (The New York Times)
• Don't like a political blog? Go after their advertising revenue (Thomas Koenig)
• Trump's F-35 tweet sends Lockheed Martin stock into tailspin (Steve Bittenbender)
• Ashley Madison settles cheaply for $1.6 million (FTC)
• Re: Boeing Dreamliner 787 should be reboot every 21 days (Michael Kohne)
• Re: Ball-bearing and crypto policy analogy (Serguei Patchkovskii, Ron Rivest)

Volume 30 Issue 02 (Thursday 15 December 2016)

• Thunderbird Felled by Sticky Button (AirForceMag)
• Yahoo Says 1 Billion User Accounts Were Hacked (NYT)
• More details on massive new Yahoo hack—it only gets worse (Business Insider via LW)
• Stolen Yahoo Data Includes Government Employee Information (DataCenterKnowldge)
• Interview with Charles Delavan on Podesta's e-mail (Slate)
• Colorado election omits more than 20,000 ballots (The DenverChannel)
• Uber said it protects you from spying. Security sources say otherwise (RevealNews)
• Bruce Schneier's latest CryptoGram (PGN)
• Value of having a computer at home is mixed (WashPo item via Ridgely C. Evers)
• Re: SHAME ON YOU, GOOGLE! (Craig Burton)

Volume 30 Issue 03 (Monday 19 December 2016)

• Patient data encapsulated inside .exe file (Henry Baker)
• The EAC was itself hacked! (Elliott Hannon)
• US feds cyberattack US states (Al Mac)
• How France's TV5 was almost destroyed by 'Russian hackers' (Herb Lin, Richard OBrien)
• Evernote to read customer notes (Al Mac)
• Home routers under attack in ongoing malvertisement blitz (Ars Technica)
• Millions exposed to malvertising that hid attack code in banner pixels (Ars)
• Stop using Netgear routers with unpatched security bug, experts warn (Ars)
• Tech in Cars: What Happens When the Wheels Outlast the Wireless (WSJ)
• The FCC Just Approved a Landmark New Way For Deaf People to Communicate (Motherboard)
• Re: Audi Cars Now Talk To Stop Lights In Vegas (Richard Bos)
• Re: Yahoo Says 1 Billion User Accounts Were Hacked (Arthur Flatau)
• Re: Interview with Charles Delavan ... (Larry Sheldon)
• Re: SHAME ON YOU, GOOGLE! (Michael Marking, LW, Craig Burton, LW, CB, LW)

Volume 30 Issue 04 (Tuesday 20 December 2016)

• U.S. House Encryption Working Group report (PGN)
• Project Wycheproof—Crypto Check Libraries (Google)
• Russian Hackers Stole Millions a Day With Bots and Fake Sites (Vindu Goel)
• UK Police must be given power to shut websites (The Standard via Chris Drewe)
• Rail Crossing Warnings Are Sought for Mapping Apps (The New York Times)
• California DMV Calls Uber's San Francisco Self-Driving Cars Illegal (Bloomberg)
• The states of texting and driving in the U.S. (Ars Technica)
• Inside LeakedSource and Its Database of Hacked Accounts (WiReD)
• Integrity and correctness of Internet information (sur-behoffski)
• Re: SHAME ON YOU, GOOGLE! (Martin Ward)
• Re: U.S. feds cyberattack U.S. states (Dick Mills)
• Re: Audi Cars Now Talk To Stop Lights In Vegas (Anthony Youngman)

Volume 30 Issue 05 (Monday 26 December 2016)

• BART new extension two years behind (PGN)
• Uber Booboo SNAFU, not FUBAR? (PGN)
• Who's Liable for George Hotz's Self-Driving Software? (Gabe Goldberg)
• Security risk on in-flight entertainment systems (BBC via Duncan Gibson)
• Recounts or no, U.S. elections still vulnerable to rigging, disruption (Rubinkam/Bajak)
• For Fact-Checking Website Snopes, a Bigger Role Brings More Attacks (David Streitfeld)
• Fake News Story Sets Off Israel-Pakistan Twitter Feud (AP)
• German government wants to fight "fake news" (Thomas Koenig)
• 'Special' Powers Corrupt Especially!! (Werner U)
• U.S. NSA insider may be behind Russian FSB leak? (BankInfoSecurity via Al Mac)
• Biz Cams into Madison MS (Al Mac)
• Patch Linux (Ars Technica via zdnet)
• Android phones by Lenovo and others may be running spyware (Michael Simon)
• Facebook banned a social justice activist for commenting on racism (TechCrunch)
• Online profile pictures leave lasting impressions, researchers say (CBC)
• Before Trump's Presidency, US Privacy Board in Disarray (ABC)
• MSFT $927M tech support contract (geek wire)
• Re: US feds cyberattack US states (Steve Lamont)
• Re: Audi Cars Now Talk To Stop Lights In Vegas (Chris Drewe)
• Re: Project Wycheproof—Crypto Check Libraries (Craig Burton)
• "Walking Wounded: Inside the U.S. Cyberwar Machine" (Michael VanPutte)

Volume 30 Issue 06 (Friday 30 December 2016)

• FBI/DHS Unclassified Summary Technical Report re Russian Hacking Attacks on U.S. (Documentcloud)
• How Russia Recruited Elite Hackers for Its Cyberwar (The NYTimes)
• Obama Strikes Back at Russia for Election Hacking (The NYTimes)
• It's Incredibly Easy to Tamper with Someone's Flight Plan, Anywhere on the Globe (Motherboard)
• Pixel Security: Better, Faster, Stronger (GoogleBlog)
• Advertising's Moral Struggle: Is Online Reach Worth the Hurt? (The NYTimes)
• White House: Robots may take half of our jobs (Henry Baker)
• "14 eyebrow-raising things Google knows about you" (JR Raphael)
• German Fake News debate: "False Opinion" destabilizes (Thomas Koenig)
• Facebook's Safety Check, Now Automated, Turns a Firecracker Into an Explosion (The NYTimes)
• Britney Spears reminds fans she's very much alive after death hoax (USAToday)
• Fake Academe, Looking Much Like the Real Thing (The NYTimes)
• OSCE security monitors targeted by hackers (BBC)
• Bid for Access to Amazon Echo Audio in Murder Case Raises Privacy Concerns (The NYTimes)
• For Millions of Immigrants, a Common Language: WhatsApp (The NYTimes)
• Why Some of Your Holiday Gifts Might Not Fly (The NYTimes)
• Re: MSFT $927M tech support contract (John Levine)
• Re: SHAME ON YOU, GOOGLE! (Bob Wilson)
• Re: Is no place sacred from surveillance? (on Jenna Wortham via HB)
• Scholarships for Women Studying Information Security (Jeremy Epstein)

Volume 30 Issue 07 (Sunday 8 January 2017)

• Russia meddled in 2016 election through hacking and spreading of propaganda (Ellen Nakashima and Karoun Demirjian and Philip Rucker)
• Evidence for Russian Hacks (DNI)
• Putin Ordered `Influence Campaign' Aimed at U.S. Election (David E. Sanger)
• WikiLeaks opposes leaking of CIA report (The Hill)
• WikiLeaks threatens to publish Twitter users' personal info (USA Today)
• Gee whiz, elections are part of our critical infrastructures! (PGN)
• Donald Trump's Twitter Account Is A Security Disaster Waiting To Happen (Buzzfeed)
• Intel Chiefs Say Trump's Twitter Account Was Hacked by Four-Year-Old (Andy Borowitz in *The New Yorker*)
• The Lauded Russian Hacker Whose Company Landed on the U.S. Blacklist (Andrew E. Kramer)
• India's Call-Center Talents Put to a Criminal Use: Swindling Americans (Ellen Barry)
• Fake Academe, Looking Much Like the Real Thing (Kevin Carey)
• KillDisk Ransomware Now Targets Linux, Prevents Boot-Up, Has Faulty Encryption (Bleeping Computer)
• TV anchor says live on-air 'Alexa, order me a dollhouse'—guess what
• happens next (Shaun Nichols via geoff goodfellow)
• Fridges and washing machines could be vital witnesses in murder plots (The Telegraph)
• Feds Accuse D-Link Of Failing To Properly Secure Routers & Webcams (Consumerist)
• The Health Data Conundrum (Kathryn Haun and Eric J. Topoljan)
• 2017: Search and Social Media (Lauren Weinstein)
• Psychiatric patient accesses confidential social service data (HIPAA via Mark Trumpler)
• "Information Warfare" (Labs.rs via Jim Forster)
• Singapore to ban Internet-connected government computers (Straits Times via Mark Thorson)
• Smart meters: Frauds, Explosions & Fires, Oh No! (The Guardian via Henry Baker)
• The Binge Breaker (The Atlantic)
• Cloudflare explains the leap second bug (Debora Weber-Wulff)
• Toshiba expands recall of laptop battery packs due to burn/fire risk (Bob Brown)
• "The Real Name Fallacy" (Lauren Weinstein)
• Re: Name-collision risks—again! (Burt Kaliski)
• Re: 'Special' Powers Corrupt Especially!! (Chris Drewe)

Volume 30 Issue 08 (Tuesday 10 January 2017)

• Russian Hackers Find Ready Bullhorns in the Media (Max Fischer)
• France blocks 24,000 cyberattacks amid fears that Russia may try to influence French presidential election (David Chazan)
• Russia's RT: The Network Implicated in U.S. Election Meddling (Russell Goldman)
• How to Starve Online Hate (Pagan Kennedy)
• Disrupting The Business Model of the Fake News Industry (Katherine Haenschen and Paul Ellenbogen)
• A Chilling PBS Documentary Shows How Mistakes Are Made (Neil Genzlinger)
• FDA Offers Advice for Hacking Risks With St Jude Cardiac Devices (Arthur Flatau)
• Vulnerability Disclosure Attitudes and Actions (NTIA)
• Perhaps a laptop can be too thin? (Henry Baker)
• Iran's p*rn censorship broke browsers as far away as Hong Kong (The Verge)
• "Windows security patches crash Active Directory Admin Center" (Woody Leonhard)
• "More than 10,000 exposed MongoDB databases deleted by ransomware groups" (Lucian Constantin)
• Re: Cloudflare explains the leap second bug (David E. Ross)
• Re: "The Real Name Fallacy" (Identity Withheld)
• Re: Russian Hacking (Dick Mills)
• Re: "TV anchor says live on-air 'Alexa ...'," (Adam Shostack, Jeremy Epstein, Mark Thorson)
• IoT Home Inspector Challenge (FTC via Alister Wm Macintyre)

Volume 30 Issue 09 (Tuesday 17 January 2017)

• Tesla driver stranded because outside of cellphone coverage (Mark Thorson)
• Nissan's Path to Self-Driving Cars? Humans in Call Centers (Alex Davies via Gabe Goldberg)
• Automation is already here, and it's taking jobs and annoying customers (QZ)
• India gov banks compromised (Economic Times via Alister Wm Macintyre)
• Finally Revealed: Cloudflare Has Been Fighting NSL for Years (EFF)
• In the UK, Silent Emergency Assistance Can Come to the Rescue (Jonathan B Spira)
• "Pay the ransom? You won't get your data back" (Fahmida Y. Rashid)
• "Professionally designed ransomware Spora might be the next big thing" (Lucian Constantin)
• Google and the Misinformed Public (Chronicle of Higher Education)
• Why Google must start labeling highly ranked fake news results (Lauren Weinstein)
• Facebook to roll out fake news tools in Germany (BBC)
• "Families of ISIS victims sue Twitter for being 'weapon for terrorism'" (Sharon Gaudin)
• How Netflix Is Deepening Our Cultural Echo Chambers (The New York Times)
• Adobe Acrobat Reader DC Update Installs Chrome Browser Extension (Gabe Goldberg)
• Unacceptable Adobe Behavior: Adobe Acrobat Reader DC Update Installs Chrome Browser Extension (Lauren Weinstein)
• Surprising results on Chinese government manipulation of social media (GKing)
• "Forced to watch child porn for their job, Microsoft employees developed PTSD, they say" (Greg Hadley)
• Secret WWI telegram holds lessons for today, historians say (CBC)
• Browser autofill used to steal personal details in new phishing attack (The Guardian)
• Rudy Giuliani's Glass House (The Register)
• New Systems Security Engineering Web Site (Ronald S. Ross)
• FBI allegedly paid Geek Squad for evidence (Engadget)
• Congress is stupid because... (WiReD)
• Trump just said he's firing the people in charge of securing America's nukes (Yahoo!)
• Re: Command and Control (David Lesher)
• Re: Russian Hacking (Sam Steingold)
• Re: A Chilling PBS Documentary Shows How Mistakes Are Made (David Wittenberg)
• Re: The leap-second is a bug (Bob Frankston)
• Bruce Schneier's latest CRYPTO-GRAM (PGN)
• Garry Kasparov (PGN)
• Book: Jennifer Granick, American Spies (PGN)

Volume 30 Issue 10 (Sunday 22 January 2017)

• Verizon remotely disables remaining Galaxy Note 7 phones (PGN)
• The cloud ate your homework! (code.org via Jim Reisert)
• Nim Language Draws From Best of Python, Rust, Go, and Lisp (Serdar Yegulalp)
• Will Blockchain-Based Election Systems Make E-Voting Possible? (Adam Stone)
• Dutch Developer Added Backdoor to Websites He Built, Phished Over 20,000 Users (Bleeping Computer)
• CIA unveils new rules for collecting information on Americans (Reuters)
• Tesla's Self-Driving System Cleared in Deadly Crash (Neal E. Boudette)
• Re: How the Chinese Government Fabricates Social Media Posts for Strategic Distraction, not Engaged Argument (GKing 50c)
• The first-ever close analysis of leaked astroturf comments from China's "50c party" reveal Beijing's cybercontrol strategy (Cary Doctorow)
• Japan testing USB phone charging in public buses (TheNextWeb via Henry Baker)
• The Fine Art of Sniffing Out Crappy Science (Chronicle of Higher Education)
• Facebook and Falsehood (Chronicle of Higher Education)
• Re: Fake News (Peter Houppermans)
• Subject: Re: Nissan's Path to Self-Driving Cars? Humans in Call Centers (Michael Bacon)
• Re: Leap-seconds (Kurt Seifried, Bob Frankston, Kurt Seifried, Bob Frankston)

Volume 30 Issue 11 (Saturday 28 January 2017)

• "The missile may have veered ... towards the United States" (AFP via danny burstein)
• Clip from Schlosser's Command and Control (Ken Knowlton)
• Russians Charged With Treason Worked in Office Linked to Election Hacking (The NYTimes)
• United Airlines resumes flights after temporary ground order (CNN via Monty Solomon)
• Galaxy Note 7 investigation concludes, pair of issues will cost Samsung $5 billion (geoff goodfellow)
• Galaxy Note 7 Fires Caused by Battery and Design Flaws, Samsung Says (The NYTimes)
• Verizon remotely disables remaining Galaxy Note 7 phones (Kelly Bert Manning)
• "HP recalls over 100,000 more laptop batteries for fire hazard" (Agam Shah)
• "Cisco scrambling to fix a remote code execution problem in Webex" (Tim Greene)
• TOR servers misused for spam (Gerrit Muller)
• "OpenSSL issues new patches as Heartbleed still lurks" (Fahmida Y. Rashid)
• White House kills their comment phone line, but a new one appears (Lauren Weinstein)
• Facebook is changing its Trending section to fight the spread of fake news (Lauren Weinstein)
• Massive networks of fake accounts found on Twitter (BBC)
• U.S. Park Service tweets were result of old Twitter passwords (Martyn Williams)
• Fake news costing advertisers reputation, ad dollars (enterpriseinnovation)
• Report fake news at alt-facts.net (alt-facts)
• Finding credibility clues on Twitter (Science Daily)
• The real reason why Trump using an old Android phone should freak you out (BGR)
• Donald Trump is using a private gmail account to secure the most powerful Twitter account in the world (Sam Biddle)
• Republican voter fraud? (PGN)
• Cellphone dependency (Neil Youngman)
• Re: CIA unveils new rules for collecting information on Americans (Mark F)
• Re: Nim Language Draws From Best of Python, Rust, Go, and Lisp (Amos Shapir)
• Re: Leap-seconds (John Levine)
• Re: Japan testing USB phone charging in public buses (Andrew Duane)

Volume 30 Issue 12 (Wednesday 1 February 2017)

• Network-enabled ICBMs for the USAF? (John Dallman)
• Quantum Computers Versus Hackers, Round One (WiReD via Werner U)
• Hackers Use New Tactic at Austrian Hotel: Locking the Doors (Dan Bilefsky)
• Hotels and electronics (Benoit Goas)
• Hackers hit DC CCTV's Jan. 12-15, 2017 (Clarence Williams via Henry Baker)
• Everything I Need to Know about Russia's Internet Interference I Learned Through College Pranks (Sean Havey)
• "FBI request for Twitter account data may have overstepped legal guidelines" (Dustin Volz)
• Severe vulnerability in Cisco's WebEx extension for Chrome leaves PCs open to easy attack (PC World)
• Voter fraud? (PGN)
• The future of fake news is real-time video manipulation (Nick Bilton)
• Intentionally or not, big brands help fund fake news (Star Tribune)
• alt-facts.net site (Arthur T.)
• Re: "The missile may have veered ... towards the US" (Chris Drewe)
• Re: United Airlines resumes flights after temporary ground order (Mark)
• Re: Nim Language Draws From Best of Python, Rust, Go, and Lisp (Wols, John Levine)
• Data Privacy Day: know the risks of Amazon Alexa and Google Home (Naked Security)

Volume 30 Issue 13 (Tuesday 7 February 2017)

• Russians Engineer A Brilliant Slot Machine Cheat - And Casinos Have No Fix (WiReD)
• TLS vulnerability in popular iOS apps allows user data to be intercepted in man-in-the-middle attack (Malcolm Owen)
• Popular apps with 18 million combined downloads in the Apple App Store found vulnerable to silent data interception (Greg Barbosa)
• "Dozens of iOS apps fail to secure users' data, researcher says" (Michael Kan)
• Security flaws in Pentagon systems "easily" exploited by hackers (Zack Whittaker)
• Data from man's pacemaker led to arson charges (Lauren Pack)
• Vizio to Pay $2.2M to Settle Charges it Illegally Collected Data from TV Owners (Gabe Goldberg)
• The Truth about Unix—my version, anyway—for comic relief (Don Norman)
• "Vulnerability in Microsoft SMBv3 protocol crashes Windows PCs" (Woody Leonhard)
• "GitLab database goes out after spam attack" (Paul Krill)
• Cisco: Spam is making a big-time comeback (Tom Greene)
• How WhatsApp is fighting spam after its encryption rollout (Techcrunch)
• Trump's Vote Fraud Guru is Registered in Three States (AP)
• Re: Hackers Use New Tactic at Austrian Hotel: Locking the Doors (Amos Shapir)
• Re: Network-enabled ICBMs for the USAF? (Amos Shapir)
• Re: alt-facts.net site (AT, LW)
• Re: Nim Language Draws From Best of Python, Rust, Go, and Lisp (Dimitri Maziuk, Arthur Flatau, Alexander Klimov)
• Re: Quantum Computers Versus Hackers, Round One (Rob Slade, Werner U)

Volume 30 Issue 14 (Friday 17 February 2017)

• To Lure Moviegoers, 20th Century Fox Dangles Fake News (Liam Stack and Sapna Maheshwari)
• Fake news is killing people's minds, says Apple boss Tim Cook (The Telegraph)
• Dutch election will be counted by hand (The Guardian)
• Forged Racist Emails Cause Stir at University of Michigan (ABC)
• New Mac malware from Iran targets US defense industry, human rights advocates with fake Flash updates (Apple)
• Can Foreign Governments Launch Malware Attacks on Americans Without Consequences? (EFF)
• Cooperative Bank sends a text with a dyn.co link (Martin Ward)
• Toyota recalls all the Mirais for software bug (Andrew Krok)
• Majority of Android VPNs can't be trusted to make users more secure (Ars Technica)
• "Flaw in Intel Atom chip could crash servers, networking gear" (Agam Shah)
• "S. Korea plans to tighten battery regulations after Note 7 crisis" (John Ribeiro)
• 'Xagent' malware arrives on Mac, steals passwords, screenshots, (Ars Technica)
• Yahoo sends new security warning to users (Chicago Tribune)
• "Microsoft re-releases snooping patches KB 2952664, KB 2976978" (Woody Leonhard)
• "Microsoft Explains Why Windows Drivers Are Dated 21 June 2006" (Matthew Humphries)
• Why you can't depend on antivirus software anymore (Slate)
• The Internet of Evil Things (Tim Johnson)
• Security and the Internet of Things (Bruce Schneier)
• Supporters of Mexico's Soda Tax Targeted With NSO Exploit Links (Citizen Lab)
• How do destroy a web form and the risks (Paul Robinson)
• Spanner, the Google Database That Mastered Time, Is Now Open to Everyone (WiReD)
• The AI Threat Isn't Skynet. It's the End of the Middle Class (WiReD)
• Google is spying on my photos (Geoff Kuenning, Lauren Weinstein)
• Re: D-Wave and quantum computer architecture (Rodney Van Meter)
• Re: quantum communications via plane and satellite (Rodney Van Meter)
• Re: Rob Slade on quantum computing (Rodney Van Meter)
• Re: Quantum Cryptography (Paul E. Black)
• Re: "The missile may have veered ... towards the United States" (Michael Black)
• Re: Nim Language Draws From Best of Python, Rust, Go, and Lisp (Amos Shapir)
• Re: The Truth About UNIX... (Paul Robinson))
• *WiReD* in RISKS-30.13 (Dave Horsfall)
• The 'March for Science' is gaining mainstream momentum (Joel Achenbach via Dewayne Hendricks)
• Stein Schjolberg: The History of Cybercrime (PGN)

Volume 30 Issue 15 (Tuesday 21 February 2017)

• German parents told to destroy Cayla dolls over hacking fears (BBC News)
• The previous owners of used smart cars can still control them via the cars' apps (BoingBoing)
• "Safety, Security, and Privacy Threats Posed by Accelerating Trends (Helen Wright and Ben Zorn)
• "Why Humans Distrust Algorithms--and How That Can Change" (Cade Massey and Joseph Simmons)
• Serious Computer Glitches Can Be Caused By Cosmic Rays (Science)
• Re: Dutch election will be counted by hand (Erling Kristiansen)
• Re: Old Intel chips (Martin Ward)
• Re: Facebook Trending (Wols)
• Re: Google and Evil (Charles Cazabon)
• Re: WiReD (John Bechtel)
• Re: The AI Threat Isn't Skynet. It's the End of the Middle Class (Michael Marking)

Volume 30 Issue 16 (Sunday 26 February 2017)

• That "Russian" DoS against Deutsche Telekom? They just arrested... a Brit (RT via danny burstein)
• Swift-based ransomware targets macOS pirates with false decryption promise (AppleInsider via geoff goodfellow)
• Study reveals bot-on-bot editing wars raging on Wikipedia's pages (The Guardian)
• SHA-1 collision (PGN)
• Cloudflare bug (Brooks Davis)
• IoT problems (Joe Durusau)
• Prominent medical quackery website removed from Google search results (Mark Thorson)
• Prominent cartoonist shadowbanned by Twitter (Mark Thorson)
• Re: German parents told to destroy Cayla (Peter Bernard Ladkin)
• Science societies have long shunned politics. But now they're ready to march. (The Washington Post via Lauren Weinstein)
• Response to Michael Marking (Ken Knowlton)
• Re: The AI Threat Isn't Skynet (Chris Drewe)
• Re: Dutch election will be counted by hand (Richard Bos)
• Re: Old Intel Chips (Andrew Duane)
• Re: Cooperative Bank sends a text with a dyn.co link (Richard Bos, Andrew Duane)
• Re: Facebook Trending (Michael Bacon)
• Re: "The missile may have veered ... towards the United States" (Richard Bos)
• Re: Nim Language Draws From Best of Python, Rust, Go, and Lisp (OK)
• Re: WiReD—Product is Mis-Identified (tanner andrews)
• Re: WiReD (Michael Kohne, John Bechtel, Michael Kohne)

Volume 30 Issue 17 (Saturday 4 March 2017)

• Michelin Star Mix-Up Throws a Working-Class Bistro Into a Media Storm (The NYTimes)
• Hard Drive LED Allows Data Theft From Air-Gapped PCs (Eduard Kovacs)
• California Law Enforcement Union Sues To Block Police Accountability (TechDirt)
• How the Secret Service Protects the President Against New Cyber-threats (Fortune)
• The Internet is already dead (Michael Grant)
• Shhh! That Helpful Robot May Pose a Security Risk (John Markoff)
• Driverless cars have trouble seeing humans on bicycles (IEEE Spectrum)
• Oscars screwup and Asiana 214 crash (Phil Smith III)
• Use of the Red Cross in a video game (Paul Robinson)
• "Physical data is inherently less secure than digital" (The Register via Neil Youngman)
• Hacked texts from family of former Trump campaign manager surface on the dark web (TechCrunch)
• What if tomorrow it's the Church of Scientology? (Kelly Bert Manning)
• Software Engineer detained by U.S. Customs (CNBC)
• Google's anti-trolling AI can be defeated by typos, researchers find (Ars Technica)
• FCC chair wants carriers to block robocalls from spoofed numbers (Ars Technica)
• Human error caused Amazon Web Services outage, Apple iCloud service issues (Malcolm Owen)
• Full statement by Amazon regarding AWS S3 outage and actions (via LW)
• Radiolab podcast: CRISPR assassinations (Austin Burt via Henry Baker)
• A warning from Bill Gates, Elon Musk, and Stephen Hawking (Quincy Larson)
• Uber's data-sucking app is dangerously close to malware (Mike Isaac and Buster Hein via Henry Baker)
• Re: Science (Wols)
• Re: WiReD—Product is Mis-Identified (westhawk)
• Re: WiReD (Mike Spencer)
• Re: Oscars screwup and Asiana 214 crash (Dan Skwire)
• Re: overloaded parentheses (Tony Finch)
• Re: The AI Threat Isn't Skynet (David Brodbeck)
• Re: Prominent medical quackery website removed from Google search results (David Damerell)

Volume 30 Issue 18 (Wednesday 15 March 2017)

• Hacking Our Nuclear Weapons (Bruce G. Blair)
• Caveat Emptor Redux: vibrations are remotely tracked! (PGN)
• Malware found preinstalled on 38 Android phones used by 2 companies (Gabe Goldberg)
• Why is it so hard to trace an anonymous bomb threat? (The Verge)
• Secrecy surrounds White House cybersecurity staff shakeup (ZDNet)
• Scamville visit (WiReD via Gabe Goldberg)
• The night Zombie Smartphones Took Down 911 (Ryan Knutson)
• Police typo in IP address led to an innocent father's arrest for pedophilia (Matthew Champion)
• There's always a [mis]use case for data (Jeremy Epstein)
• FBI Director James Comey: "Americans have no right to expect absolute privacy" (CNN)
• Aging voting machines: an old risk (jared gottlieb)
• The World Wide Web's inventor warns it's in peril on 28th anniversary (Jon Swartz)
• 92% of Federal Sites Fail to Meet Security, Performance Standards (ITIF via Gabe Goldberg)
• Dangerous industrial robots (Nancy Leveson)
• AI's PR Problem (MIT Tech Review)
• These Adorable Robots are Roaming DC Streets with Food Inside (Patch via Gabe Goldberg)
• Consumer Reports Launches Digital Standard to Measure Privacy, Security (via Gabe Goldberg)
• Avast Cybercapture of personal files (Benoit Goas)
• Prominent English-language newspaper removed from Wikipedia (Mark Thorson)
• Re: Hinckley and Pres. Reagan, was: How the Secret Service Protects the President ... (danny burstein)
• Re: Science (Sue Willis, Gerrit Muller)
• Re: Google's anti-trolling AI can be defeated by typos (Dave Horsfall)
• Re: CRISPR assassinations (Robert R. Fenichel)
• Re: Hard Drive LED Allows Data Theft From Air-Gapped PCs (Kelly Bert Manning)
• Re: California Law Enforcement Union Sues To Block Police Accountability (Sam Steingold)
• Re: Software Engineer detained by U.S. Customs (Kelly Bert Manning)
• Non-detachable "What-is-this" metadata should be included in information (David A Wheeler)
• Re: A warning from Bill Gates, Elon Musk, and Stephen Hawking (Arthur Flatau)
• Risks of automated fast-food service (Paul Robinson)
• Re: The AI Threat Isn't Skynet (Chris Drewe)
• Re: Wired (John Alexander Stewart)
• GOP senators to let ISPs sell, without opt-out opportunity: your PII; geo travels; Web browsing data (Ars Tech)

Volume 30 Issue 19 (Tuesday 21 March 2017)

• Britain's surveillance agency slaps down claim it was involved in Trump 'wiretap' (The WashPo)
• Justice Department charges Russian spies and criminal hackers in Yahoo intrusion (The WashPo)
• Inside the Russian hack of Yahoo: How they did it (CSO Online)
• Facebook just made it harder for you to share fake news (The Telegraph)
• A Small Table Maker Takes On Alibaba's Flood of Fakes (The NYTimes)
• "How to Counterfeit Quantum Money" (CORDIS News)
• Two Dead After T-Mobile 'Ghost Calls' Flood 911 Center in Texas (Gizmodo)
• "Security breach fears over 26 million NHS patients" (Laura Donnelly)
• Install this FREE android application and go to jail (tk)
• Court Orders ISP To Hand Over Identities Behind 5,300 IP Addresses To Copyright Trolls (torrentfreak/slashdot)
• Man in Trouble Due to Police IP Address Error (*Metro* via Chris Drewe)
• USAF had their own dataloss going on, recently... (ZDNet)
• Govt. Cybersecurity Contractor Hit in W-2 Phishing Scam (Krebs)
• Expert: Apple may have deployed unauthorized patch by mistake (CSO Online)
• Re: Avast Cybercapture of personal files (Barry Gold)
• Re: A warning from Bill Gates, Elon Musk, and Stephen Hawking (Notatla, Arthur Flatau)
• Re: self-checkout at grocery stores (David Lamkin)
• Re: automation, restaurants, and industrial robots (Kelly Bert Manning)
• CRISPR assassinations (Gene Spafford)
• Re: Science (Wendy M. Grossman)

Volume 30 Issue 20 (Thursday 30 March 2017)

• Aging resident dies after Eden Prairie caregiver forgot to plug in heart pump (Gabe Goldberg)
• Self-driving Uber gets in accident in Tempe, Arizona (Business Insider)
• NASA fireworks (Alister Wm Macintyre)
• Evidence That Robots Are Winning the Race for American Jobs (Claire Cain Miller)
• Ransomware scammers exploited Safari bug to extort porn-viewing iOS users (Ars Technica)
• Senate votes to let ISPs sell your Web browsing history to advertisers (Ars Technica)
• For sale: Your private browsing history (Ars Technica)
• UK government says Apple “cannot get away with unbreakable encryption'' following terrorist attack (Ben Lovejoy)
• Fake Sleuths: Web Gets It Wrong on London Attacker (Mark Scott)
• How police unmasked suspect accused of sending seizure-inducing tweet (Ars Technica)
• DJI Proposes Electronic Identification Framework For Small Drones (Slashdot)
• Win10 Class Action ... (The Register via Alister Wm Macintyre)
• Risks from falsified Data (BBC via John Murrell)
• US Supreme Court Case on Toner Cartridges (Alister Wm Macintyre)
• Re: self-checkout at grocery stores (Barry Gold, Mark Jackson)

Volume 30 Issue 21 (Saturday 1 April 2017)

• News break (PGN)
• US Congress rapes privacy, they are next (Misha Collins via Alister Wm Macintyre)
• Internet Noise, on purpose (Dan Schultz via Al Mac)
• Volkswagen's Emissions Fraud May Affect Mortality Rate in Europe (The New York Times)
• NASA fireworks a damp squib? (David Damerell)
• Re: NASA Fireworks (Kurt Seifried, Harlan Rosenthal)
• Re: Risks from falsified Data (Robert P. Schaefer)

Volume 30 Issue 22 (Monday 3 April 2017)

• Automated Weather Observation failure closes airport (Tri-City Herald via Clay Jackson)
• Galaxy S8 face recognition already defeated with a simple picture (Ars Technica)
• FAKE NEWS!! The best and worst April Fools' Day stories (The Guardian)
• April Fools' Day pranks 2017—a complete list of all of the day's Internet hoaxes (The Washington Post)
• Lawmakers confuse 'oversight' and 'overlook' (EFF's EFFector)
• The Future of Free Speech, Trolls, Anonymity and Fake News Online (Pew)
• Why Tug on ATMs (Krebs)
• Re: Risks from falsified Data (A Michael W Bacon, David Alexander)
• Re: Fake Sleuths: Web Gets It Wrong (Kelly Bert Manning)
• Re: NASA Fireworks (Wols, Bruce Hunter)
• Re: Self-checkout at grocery stores and elsewhere (Kelly Bert Manning)
• Re: US Congress rapes privacy, they are next (Joseph Brennan)

Volume 30 Issue 23 (Thursday 6 April 2017)

• The future of the open Internet—and our way of life—is in your hands (Quincy Larson)
• Tim Berners Lee plots radical overhaul (PGN)
• Encryption and the Press Clause (D. Victoria Baranetsky)
• Trust vs Trustworthy? (Stef Aupers)
• Russia Is Trying to Copy China's Approach to Internet Censorship (Slate)
• 20-year-old command & control server for Russian hackers (WiReD via Badi Irshid)
• Inside the Hunt for Russia's Most Notorious Hacker (WiReD)
• A scramble at Cisco exposes uncomfortable truths about U.S. cyberdefense (WiReD)
• Huge repository of documents obtained under FOIA (Governmentattic via Don Gilman)
• How Hackers Hijacked a Bank's Entire Online Operation (WiReD)
• Hackers Are Emptying ATMs With a Single Drilled Hole and $15 Worth of Gear (WiReD)
• Microsoft says it's blocking Windows 7, 8 patches on latest AMD, Intel chips (PC World)
• How Garadget Avenged a One-Star Review With Digital Sabotage (The Atlantic)
• Another sex toy trivially hacked (Pentestpartners)
• $14M Initiative to Fight Fake News Includes Facebook, Mozilla (PCMag)
• Hate speech and fake news—follow the money! (Lauren Weinstein)
• Fake News Publishers Are Still Earning Money From Major Ad Networks (Buzzfeed)
• Re: UK government says Apple cannot get away with encryption (Chris Drewe)
• Re: Risks from falsified Data (Robert P. Schaefer)

Volume 30 Issue 24 (Saturday 15 April 2017)

• Someone hacked every tornado siren in Dallas. It was loud. (Avi Selk)
• Brexit vote site may have been hacked, MPs say in report (BBC)
• Prison inmates built working PCs out of e-waste, networked them, and hid them in a closet ceiling (BoingBoing)
• Is Your Fingerprint-Locked Cell Phone Really Secure? (Patch)
• FBI Arrests Hacker Who Hacked No One (The Daily Beast)
• "Dishwasher has directory traversal bug" (The Register)
• "BrickerBot" disables vulnerable IoT devices (Radware)
• Securing driverless taxis is going to be really really hard (BoingBoing)
• Uber's 'Hell' program tracked and targeted Lyft drivers (Engadget)
• Autonomous Electric Vehicle impact on Economy (Evans & Shedlock)
• Google's Sheriffbot: presto, no more bugs! (Dan Jacobson)
• IPv6 attacks bypass network intrusion-detection systems (IT News)
• How Scammers Were Able to Game Google Maps (Fortune via Gabe Goldberg)
• Security firms sometimes wreck FBI investigations. Here's how. (CyberScoop)
• Anova Ticks Off Customers By Requiring Accounts To Cook Food Using The App (Consumerist)
• Interesting interview with Ed Felten on his FTC and WH experience (PGN)
• Re: Follow the Money (Peter Houppermans)
• Re: How Garadget Avenged a One-Star Review With Digital Sabotage (Amos Shapir)
• Re: The future of the open Internet (Chris Drewe)

Volume 30 Issue 25 (Tuesday 18 April 2017)

• How fake news and hoaxes have tried to derail Jakarta's election (BBC)
• Critics See Signs of Interference in French Vote (Andrew Higgins)
• Voters Cite Turkish Leader's Record as He Claims a Slim Victory (Patrick Kingsley)
• Biased Bots: Human Prejudices Sneak Into Artificial Intelligence Systems (Princeton)
• The tiny changes that can cause AI to fail (BBC)
• Shadow Brokers: a mysterious hacker or group of hackers released the Microsoft apocalypsed that wasn't (Robert Hackett)
• Hackers have just dumped a treasure trove of NSA data. Here's what it means. (Henry Farrell)
• Car parking app shares 2000 customers' private details after company suffers glitch (The Telegraph)
• California Secession Bid Fails: Leader Is Living in Russia (KABC)
• Inside the Tech Support Scam Ecosystem (OnTheWire)
• Why one Republican voted to kill privacy rules: Nobody has to use the Internet (Ars Technica)
• Re: Autonomous Electric Vehicle impact on Economy (Amos Shapir)

Volume 30 Issue 26 (Sunday 30 April 2017)

• Auditors: panel exposed voter records to potential hacking (Baltimore Sun)
• Russia's alleged election interference - suspects & investigators (BBW)
• Russian-controlled telecom hijacks financial services' Internet traffic (Ars Technica)
• Denmark: Russia has been hacking us for two years (The Copenhagen Post)
• Cyber Attack in Israel reportedly used NSA tool (Edwin Slonim)
• How to Detect Fake News in Real-Time (Medium)
• Tectonic plate movement and driverless cars (David Horsfall)
• Flawed electronic prescription system too entrenched to disable? (Times Colonist)
• The wrong way to remove clutter in EHRs (Robert L Wears)
• Senate staffers have picture of security chip on their IDs. (Ars Technica via Tom Russ)
• HSBC introduces voice passwords, all the same (Gabe Goldberg)
• Two-factor authentication (Dmitri Maziuk)
• Antivirus provider Webroot is causing trouble for customers (Ars Technica)
• Man gets fined for discovering a flaw (Motheroard)
• Turkey blocks Wikipedia under law designed to protect national security (The Guardian)
• EPA website removes climate science site from public view after two decades (The Washington Post)
• Amazon Wants to Put a Camera and Microphone in Your Bedroom (Motherboard)
• Brickerbot (Techcrunch and Gizmodo)
• Ankle Bracelet glitches (BBW)
• Hacker holds Netflix to ransom over new season of Orange Is The New Black (The Guardian)
• "Bash Bunny: Big hacks come in tiny packages" (InfoWorld)
• Homographic URLs (The Guardian via PGN)
• How A False Story About A Husband And Wife Being Twins
• Ended Up On Major News Websites (Buzzfeed)
• Princeton researchers discover why AI become racist and sexist (Ars Technica)
• "Don't get bit by zombie cloud data" (Fahmida Y. Rashid)
• "DDoS attacks abusing exposed LDAP servers on the rise" (Fahmida Y. Rashid)
• Bose headphones have been spying on customers, lawsuit claims (The Washington Post)
• For 18 years, she thought someone was stealing her identity. Until she found her. (The Guardian via Gabe Goldberg)
• Re: Autonomous Electric Vehicle impact on Economy (Kelly Bert Manning, Charles Jackson)
• Re: Prison inmates built working PCs out of e-waste (Richard Bos)

Volume 30 Issue 27 (Friday 5 May 2017)

• Bobby Tables and electoral fraud (Dave Horsfall)
• Using AI-Enhanced Malware, Researchers Disrupt Algorithms Used in Antimalware (Michael Kassner)
• Artificial Intelligence Prevails at Predicting Supreme Court Decisions (Matthew Hutson)
• Critical Level Firmware-level Security Vulnerability in Intel server chips (Bob Gezelter)
• "Cybercrime group abuses Windows app compatibility feature" (Lucian Constantin)
• Facebook and Google Were Victims of $100M Payment Scam (Fortune)
• Russian hackers use OAuth, fake Google apps to phish users (PC World)
• The Lost Picture Show: Hollywood Archivists Can't Outpace Obsolescence (IEEE Spectrum)
• FBI allays some critics with first use of new mass-hacking warrant (Ars Technica)
• Fitbit Disputes Woman's Claim That Her Flex 2 Tracker Exploded on Its Own (Fortune)
• The default sharing of you—a data privacy nightmare (Ageinplacetech)
• Senseless Government Rules Could Cripple the Robo-Car Revolution
• Re: Autonomous vehicle... (Martin Ward,
• Re: Homographic URLs (John Levine)
• Re: Antivirus provider Webroot is causing trouble for customers (Amos Shapir)
• Re: Man gets fined for discovering a flaw (Amos Shapir)
• Re: For 18 years, she thought someone was stealing her identity. (Martin Ward, Amos Shapir)
• Re: Two-factor authentication (John Levine)
• "Lessons from a flight gone wrong" (Bart Perkins)

Volume 30 Issue 28 (Tuesday 9 May 2017)

• Macron condemns 'massive' hacking attack (BBC)
• Twitter bots are being weaponized to spread information on the French presidential campaign hack (Recode)
• How One Major Internet Company Helps Serve Up Hate on the Web (ProPublica)
• The hijacking flaw that lurked in Intel chips is worse than anyone thought (Ars Technica)
• Fingerprint Authentication (Anthony Thorn)
• How Online Shopping Makes Suckers of Us All (The Atlantic)
• Draft Law Would Require Egyptian Social Media Users to Register With Government (Global Voices)
• Wanna Share News on Social Media? With China's New Rules, You'll Need a Permit For That. (Global Voices)
• Inside VW's Campaign of Trickery (The New York Times)
• Sextortion suspect must unlock her seized iPhone, judge rules (Ars Technica)
• Re: Man gets fined for discovering a flaw (Dave Parnas channeled via PGN)
• Re: Bobby Tables and electoral fraud (Jeremy Epstein)
• Re: Autonomous vehicle... (John Levine, John Levine)
• Re: Senseless Government Rules Could Cripple the Robo-Car Revolution (Anthony Youngman)
• Re: Artificial Intelligence Prevails at Predicting Supreme Court Decisions (Henry Baker)
• Re: The Lost Picture Show: Hollywood Archivists Can't Outpace Obsolescence (Richard A. DeMattia)
• Re: For 18 years... stealing her identity. (Chris Drewe)

Volume 30 Issue 29 (Saturday 13 May 2017)

• Fiat Chrysler Recalls 1.2 Million Ram Pickups Over Faulty Software (Bill Vlasic and Neal E. Boudette)
• Today's Massive Ransomware Attack Was Mostly Preventable—Here's How To Avoid It (Gizmodo)
• Dozens of countries hit by huge cyberextortion attack (McClatchy)
• A British researcher says he found a kill switch for the malware crippling computers worldwide (The Washington Post)
• Hackers Use Tool Taken from NSA in Global Attack (Nicole Perlroth and Davide E. Sanger)
• Indicators Associated With WannaCry Ransomware (US-CERT)
• WARNING: Antivirus sites may be helping to SPREAD the current global malware ransomware WannaCry attack! (Lauren Weinstein)
• Global 'Wana' Ransomware Outbreak Earned Perpetrators $26,000 So Far (Krebs)
• The Joy of Tech comic: The Internet of ransomware things! (GeekCulture)
• Vehicle lien recorded in name of cartoon characters (Mark Brader)
• Cochrane Report on IHealth EHR: Lessons for engaging users to provide QA feedback (Island Health via Kelly Bert Manning)
• Microsoft patches Windows XP to fight 'WannaCrypt' attacks (Engadget via LW)
• Malware and The Cloud (Lauren Weinstein)
• "How the Macron campaign slowed cyberattackers" (Fahmida Y. Rashid)
• Counter intelligence in the French elections - this changes cybersecurity forever. (Gadi Evron)
• Facebook takes to newspapers to teach UK users how to spot "fake news" (Ars Technica)
• "HP computer owners: Check for the MicTray Conexant keylogger" (Woody Leonhard via Gene Wirchenko)
• MUST READ "Open MIC" report: Corporate responsibility in an age of alternative facts—with emphasis on Facebook and Google (Lauren Weinstein)
• China Is on Track to Fully Phase Out Cash (Motherboard)
• Sony PlayStation leads to the arrest of 15 member gang (Diomidis Spinellis)
• UK Telecomms Service Stopped by Bureaucracy (Chris Drewe)
• Crash with Impact (The New York Times)
• NYU Accidentally Exposed Military Code-Breaking Computer Project to Entire Internet (Sam Biddle)
• Confidential patient data breach at NYC's Bronx Leb Hospital (Data Breaches via danny burstein)
• Security Alert from Intel concerning Business-grade Processors with detection tool— followup (Bob Gezelter)
• "Supply chain attack on HandBrake video converter app hits Mac users" (Lucian Constantin)
• The FCC says an attack—not John Oliver—hampered its website (The Washington Post)
• U.S. military cyber operation to attack ISIS last year sparked heated debate over alerting allies (The Washington Post)
• Re: Someone hacked every tornado siren in Dallas. It was loud. (Jim Reisert)
• Progress To Date on Deepwater Horizon (Earl Boebert)
• Re: The Lost Picture Show (Dimitri Maziuk, Gabe Goldberg, Brian Inglis, Jeff Jonas)
• Re: Man gets fined for discovering an engineering flaw (John Levine)
• Re: Senseless Government Rules Could Cripple the Robo-Car Revolution (Mike Spencer)
• Re: Bobby Tables and electoral fraud (Dave Horsfall, Kelly Bert Manning)

Volume 30 Issue 30 (Monday 5 June 2017)

• Remote Air Traffic Control (BBC News via Steve Lamont)
• Robot Copilot Lands 737 (Mary Grady via Gabe Goldberg)
• "Catastrophic" IT failure grounds British Airways (Wendy M. Grossman)
• Untold story of QF72: What happens when 'psycho' automation leaves pilots powerless? (SMH via Gabe Goldberg)
• Berkeley duo's plan to solve traffic jams: hyper-fast lanes for self-driving cars (The Guardian via Dave Crocker)
• Starbucks store registers down in widespread outage (Fortune)
• Pacemaker device security audit finds 8,600 flaws, some potentially deadly (Gabe Goldberg)
• Red Light Cameras May Issue Some Tickets Using the Wrong Formula (WiReD)
• Chipotle Credit-Card Hack (Don Gilman)
• MasterCard Serbia asked ladies to share FB photos of, among other things, their credit card (Svedic via Gabe Goldberg)
• This 11-Year-Old Just Schooled Cybersecurity Experts By `Weaponizing' a Teddy Bear (Fortune)
• "Digital signature service DocuSign hacked and email addresses stolen" (John Ribeiro)
• Russian Hackers Are Using Google's Own Infrastructure to Hack Gmail Users (Motherboard)
• How Twitter Is Being Gamed to Feed Misinformation (The New York Times)
• Is China Outsmarting America in A.I.? (The New York Times)
• Internet of Things: Status and implications of an increasingly connected world (GAO-17-75 via Diego Latella)
• "Yahoobleed" flaw that festered for years leaked private Yahoo Mail data (Ars Technica)
• OneLogin admits recent breach is pretty dang serious (TechCrunch)
• Software is forever..., Re: WannaCry (Wendy M. Grossman
• What Happens When Your Car Gets Hacked? (The New York Times)
• Linguistic Analysis of WannaCry Ransomware Messages Suggests Chinese-Speaking Authors (Michael Marking)
• Ransomware: FBI says pay up! (Alister Wm Macintyre)
• Alister William Macintyre, 8 Feb 1944—17 May 17 (V.)
• Re: Bobby Tables ... SQL injection (Gene Wirchenko)
• Re: Malware and The Cloud (Peter Houppermans)
• Re: UK Telecomms Service Stopped by Bureaucracy (Wols)
• Re: The Lost Picture Show: Hollywood Archivists Can't Outpace Obsolescence (Gabe Goldberg)

Volume 30 Issue 31 (Thursday 8 June 2017)

• Russian malware communicates by leaving comments in Britney Spears's Instagram account (BoingBoing)
• Russian Gang Hacked Slot Machines and Plotted Over Stolen Sweets (The New York Times)
• How the Trump-Russia Data Machine Games Google to Fool Americans (Paste)
• An Ad Network That Helps Fake News Sites Earn Money Is Now Asking Users To Report Fake News (BuzzFeed)
• How The Intercept Outed Reality Winner (ErrataSec)
• The Internet Is Where We Share—and Steal—the Best Ideas (The New York Times)
• Why We Lie: The Science Behind Our Deceptive Ways (National Geographic)
• While EU Copyright Protests Mount, the Proposals Get Even Worse (EFF)
• Re: Alleged engineer says red light cameras may misissue tickets (John Levine, Joseph Brennan)
• Re: Untold story of QF72: What happens when 'psycho' automation leaves pilots powerless? (Kelly Bert Manning)
• Re: Software is forever... Re: WannaCry (Geoffrey Keating)
• Re: Robot Copilot Lands 737 (Roderick A Rees)
• Re: What Happens When Your Car Gets Hacked? (David E. Ross)

Volume 30 Issue 32 (Saturday 10 June 2017)

• How Russian Propaganda Spread from a Parody Website to Fox News (Neil MacFarquahar and Andrew Rossback)
• Securing our election systems? (Slate)
• Stolen Roambee property reports itself to owner (Mark Brader)
• Voice synthesis (Mark Brader)
• Internet cameras have hard-coded password that can't be changed (Ars Technica)
• UK police arrest man via automatic face-recognition tech (Ars Technica)
• Task force tells Congress health IT security is in critical condition (Ars Technica)
• Cyberattack on Britain's National Health Service—A Wake-up Call for Modern Medicine (Monty Solmon)
• Ponzi Scheme Meets Ransomware for a Doubly Malicious Attack (NYTimes)
• Sneaky hackers use Intel management tools to bypass Windows firewall (Ars Technica)
• Self-driving cars (Multiple items from Monty)
• Re: Robot Copilot Lands 737 (Andrew Duane)
• Re: Software is forever... Re: WannaCry (Paul Edwards)
• Re: What Happens When Your Car Gets Hacked? (Dimitri Maziuk, Lothar Kimmeringer)
• Re: Untold story of QF72: What happens when 'psycho' automation leaves pilots powerless? (John Levine, William Brodie-Tyrrell)

Volume 30 Issue 33 (Wednesday 14 June 2017)

• Russian cyberhacks on the U.S. electoral system far wider than previously known (Michael Riley on Bloomberg)
• "Supreme Court to look at mobile privacy. Uh-oh." (Evan Schuman)
• Microsoft warns of 'destructive cyberattacks, issues new Windows XP patches (ZDNet)
• Four Ways Your Location Is Being Tracked Everywhere You Go (MakeUseOf)
• Hackers Hijacking Verified Accounts to Spread Fake News (Gizmodo)
• Algo stock trading on "fake news"? (John Carney via Henry Baker)
• WSJ ends Google users' free ride, then falls 44% in search results (Columbian)
• Turks Click Away, but Wikipedia Is Gone (The New York Times)
• The tech world is rallying around a young developer who made a huge embarrassing mistake (QZ)
• Healthcare ransomware and how we can climb out of this mess (Kevin Fu)
• Re: Software is forever (Arthur T.)
• Precise Documentation (David Parnas via PGN)

Volume 30 Issue 34 (Saturday 24 June 2017)

• U.S., Russia, and Kaspersky (The Washington Post)
• Researcher finds Georgia voter records exposed on the Internet (Seattle Times)
• European Parliament Committee Recommends End-To-End Encryption For All Electronic Communications (TomsHardware)
• FCC makes net neutrality commenters' e-mail addresses public (Ars Technica)
• News Corp CEO attacks Google and more (Fox News)
• Hong Kong privacy watchdog blasts electoral office for massive data breach (SCMP)
• How hackers can steal your 2FA email account by getting you to sign up for another website (BoingBoing)
• Espionage suspect totally thought messages to Chinese intel were deleted (Ars Technica)
• Risks of Overflow Department (Slashdot via Chuck Weinstock)
• Y2K problem causes earthquake aftershock 92 years later (Henry Baker)
• Sundry items (Monty Solomon)
• Re: The tech world is rallying around a young developer who made a huge embarrassing mistake (Amos Shapir)
• Re: Voice synthesis (Richard Bos)
• David Owen: Air Accident Investigation: How science is making flying safer (Robert Dorsett)

Volume 30 Issue 35 (Wednesday 28 June 2017)

• HMS Queen Elizabeth is 'running outdated Windows XP', raising cyberattack fears (The Telegraph)
• 32TB of Windows 10 internal builds, core source-code leak online (The Register)
• AES-256 keys sniffed in seconds using E200 of kit a few inches away (The Register)
• Google's Elite Hacker SWAT Team vs. Everyone (Fortune)
• Easiest Path to Riches on the Web? An Initial Coin Offering (NYTimes)
• FCC investigating unlawful transactions after contractor takes ownership of 40-plus towers (WirelessEstimator)
• Europe has been working to expose Russian meddling for years (The Washington Post)
• Trump's Lies (NYTimes)
• Complex Petya-Like Ransomware Outbreak Worse than WannaCry (ThreatPost)
• Skylake, Kaby Lake chips have a crash bug with hyperthreading enabled (Ars Technica)
• Transition problem for mailservice cutover (Steven Barryte)
• Re: Y2K problem causes earthquake aftershock 92 years later (Amos Shapir)

Volume 30 Issue 36 (Friday 7 July 2017)

• U.S. lottery rigged, then payout used for offshore tax scam (Jose Maria Mateos)
• "In touching tribute to Samsung Note 7, fidget spinners burst in flames" (Shaun Nichols)
• Security of US nukes now an official secret (Robert Burns)
• IoT goes nuclear: creating a ZigBee chain reaction (Ronen)
• Volvo admits its self-driving cars are confused by kangaroos (The Guardian)
• Data glitch sets tech company stock prices at $123.47 (The Verge)
• Cyberattackers Find Fertile Proving Grounds (Sheera Frenkel)
• Researchers Found They Could Hack Entire Wind Farms (WiReD)
• Skylake, Kaby Lake chips have a crash bug with hyperthreading enabled (Ars Technica)
• CopyCat malware infected 14 million outdated Android devices (CNET)
• Ukraine Cyberattack Was Meant to Paralyze, not Profit, Evidence Shows (The New York Times)
• NHS doctors use Snapchat to send patients' scans (The Telegraph via Chris Drewe)
• Happy 4th of July! Show Us Your Papers: Comm. on Election Integrity (The New York Times)
• Staying humble is key to staying safe, says Israel's cyber chief; electoral system is secure! (Times of Israel)
• CCC Russia-Proofing Germany's Elections (Bloomberg via PGN)
• Re: Government meddling, election hacks and sundry items (EyeOnCanada)
• Trump's attempt to obtain and make public California voter records (Lauren Weinstein)
• Science division of White House office no longer staffed: report (Brandon Carter)
• Republicans want to open U.S. roads for testing self-driving cars (Recode)
• "This Burger King Ad Forces Your Google Home Device To Tell You About Whoppers" (Mary Beth Quirk)
• AT&T is reinstating their plan to spy on you unless you pay extra (PrivateInternetAccess)
• Vindicated: I am not the memory hog (Dan Jacobson)
• Re: Western tech firms bow to Russian demands to share cyber secrets (Martin Ward)
• Re: Y2K problem causes earthquake aftershock 92 years later (Lothar Kimmeringer)

Volume 30 Issue 37 (Friday 14 July 2017)

• DIY devices let car owners add autonomous features to vehicles (Carolyn Said via PGN)
• Kaspersky in the crosshairs (Engadget)
• Requested voter details may be gold for cybercriminals (John Wildermuth)
• On the request for states to provide all personal info on voters (The Washington Post)
• FTC Halts Operation That Unlawfully Shared and Sold Consumers' Sensitive Data (FTC)
• Two Former Employees of House Member Indicted On Federal Charges in Cyberstalking Case (DoJ)
• The White House just posted the emails of critics without censoring sensitive personal information (Vox via Lauren Weinstein)
• Beware of a new scam involving "relatives" and gift cards (CBS)
• Computerization and overnight train service (Mark Brader)
• Why fact-checking 'fake news' stories is a waste of time (WeForum)
• Web gets built-in copy protection hooks with a few key flaws (Engadget)
• "Charging Phone Kills 14-Year-Old Girl in Bathtub" (Harriet Sinclair)
• Funny how these articles are all the same... (Gabe Goldberg)
• Woman's selfie causes $200,000 of damage to LA art exhibit (Pamela Ng)
• FDA Deal Would Relax Rules on Reporting Medical Device Problems (The New York Times)
• Judges refuse to order fix for court software that put people in jail by mistake (Ars Technica)
• Cloud Leak: How A Verizon Partner Exposed Millions of Customer Accounts (UpGuard)
• Backdoor built in to widely used tax app seeded last week's NotPetya outbreak (Ars Technica)
• Hackers have been stealing credit card numbers from Trump's hotels for months (The Washington Post)
• Everybody lies: how Google search reveals our darkest secrets (The Guardian)
• Re: Volvo admits its self-driving cars are confused by kangaroos (Dave Horsfall)
• Re: Western tech firms bow to Russian demands to share cybersecrets (Anthony Youngman)
• Press kits or other publications on thumb drives? (Gabe Goldberg)

Volume 30 Issue 38 (Monday 17 July 2017)

• A Solar Eclipse Could Wipe Out 9,000 Megawatts of Power Supplies (Bloomberg)
• Massachusetts tax system blocks payments, sends refunds in error (MassLive)
• The AlphaBay Takedown Sends Dark Web Markets Reeling (WiReD)
• Cloud Leak: How A Verizon Partner Exposed Millions of Customer Accounts (UpGuard)
• How Fake News Goes Viral—Here's the Math (Scientific American)
• While Some Cry 'Fake,' Spotify Sees No Need to Apologize (The New York Times)
• Nearly 90,000 Sex Bots Invaded Twitter in 'One of the Largest Malicious Campaigns Ever Recorded on a Social Network' (Gizmodo)
• Elon Musk says preventing a 'fleet-wide hack' is Tesla's top security priority (Electrek)
• Weekend Video Extra: A Prescient Warning re: AI and Robotics, from 1956! (Lauren Weinstein)
• Your pacemaker is spying on you (Mark Thorson)
• Leaping Kangaroos (Anthony Thorn)
• Paper ballots (Tom Donilon)
• To avoid cyberattacks, Israel urged to manually count election results (Haaretz)
• UAE orchestrated hacking of Qatari government sites, sparking regional upheaval, according to U.S. intelligence officials (The Washington Post)
• Re: Western tech firms bow to Russian demands to share cybersecrets (Martyn Thomas)
• Re: DIY devices let car owners add autonomous features to vehicles (Simon Wright)
• Re: Funny how these articles are all the same (Jonathan Levine)
• Re: Press kits or other publications on thumb drives? (Kelly Bert Manning)
• Review: "Twitter and Tear Gas," by Zeynep Tufekci (Bruce Schneier)

Volume 30 Issue 39 (Saturday 22 July 2017)

• Authorities shut down two black markets on the Darknet (NYTimes)
• On Reddit, Intimate Glimpses of Addicts in Thrall to Opioids (NYTimes)
• To tackle online crime, Israel approves web censorship law (Times of Israel)
• Uber and Airbnb Want To Tap Into India's Massive and Controversial Biometric Database (Gizmodo)
• FBI To Parents: Watch Out For Kids' Privacy With Internet-Connected Toys (Consumerist)
• Wifi Webcam TENVIS sends all it knows to dvripc.cn (turgut kalfaglu)
• PSA: Update iPhones/iPads to iOS 10.3.3 now to fix serious wifi vulnerability allowing attacker complete control (geoff goodfellow)
• Watch a Homemade Robot Crack a Safe in Just 15 Minutes (WiReD)
• TV computer weather animation proves global warming (YouTube)
• Risks of hoarding vulnerabilies (Belfer Center et al.)
• 9-year standoff between Ireland's DP Commissioner & Statistics Office (Bernard Lyons)
• Mixed standard output and error streams (Diomidis Spinellis)
• Connected cars—where to attack first? (FPF)
• Ransomware attack puts KQED in low-tech mode (San Francisco Chronicle)
• Facebook fights fake news spread via modified link previews (TechCrunch)
• Re: Charging Phone Kills 14-Year-Old Girl in Bathtub" (Paul Fenimore)
• Re: Your pacemaker is spying on you (Rich Wales)
• Re: Western tech firms bow to Russian demands to share cybersecrets (Anthony Youngman, Martin Ward, Anthony Youngman)
• Re: Press kits or other publications on thumb drives? (Geoffrey Keating, Ivan Jager, Kelly Bert Manning)
• Re: Leaping Kangaroos (Dave Horsfall, Amos Shapir)
• Power outages caused by squirrels vs. kangaroos to date (PGN)

Volume 30 Issue 40 (Friday 28 July 2017)

• Keen Lab hackers managed to take control of Tesla vehicles again (Electrek)
• Russian parliament bans use of proxy Internet services, VPNs (SacBee)
• Hackers undermine Russia's attempts to control the Internet (Alex Luhn roundabout via Geoff Goodfellow)
• Hackers plan to break into 30 voting machines to put election meddling to the test (USA Today)
• Facebook helped blunt Russian meddling in French elections (Engadget)
• World's most hi-tech voting system raises cyber-defences (Irish Examiner)
• China WhatsApp crackdown only scratches surface of worsening Internet censorship (CNN)
• A smart fish tank left a casino vulnerable to hackers (CNN)
• Beijing Wants AI to Be Made in China by 2030 (The New York Times)
• Chinese Mind-Reading Computer Moves Closer to Reality (Patrick Nelson)
• Myopic CEO perspective, I think (Gabe Goldberg on Fortune item)
• 45,000 Facebook Users Leave One-Star Ratings After Hacker's Unjust Arrest (Bleeping Computer)
• Wisconsin Company to Implant Microchips In Employees (KSTP via Gabe Goldberg)
• Chicago festival to mark Pokemon Go anniversary goes awry (San Francisco Chronicle)
• Massive Privacy Breach: Wells Fargo Accidentally Releases Trove of Data on Wealthy Clients (NYTimes)
• Roomba's Next Big Step Is Selling Maps of Your Home to the Highest Bidder (Gizmodo)
• Student denied loan due to namesake (Amos Shapir on BBC item)
• Bugs in popular hacker tools open the door to striking back (WiReD)
• Three Square Market microchips its employees (prlog via Steve Lamont)
• Pile driver vs. underground high-voltage cable. Oops (News Observer via danny burstein)
• Sweden drenched by "The Cloud" (Rick Falkvinge)
• Re: Leaping Kangaroos (3daygoaty)
• Re: 'Energy firms can switch off your freezer for a few minutes at night' (Chris Drewe)
• Re: Bloomberg: A Solar Eclipse Could Wipe Out 9,000 Megawatts of Power Supplies (Kelly Bert Manning)
• Re: Wifi Webcam TENVIS sends all it knows to dvripc.cn (David Alexander, Rob Slade)
• Re: Western tech firms bow to Russian demands to share cybersecrets (Martin Ward)
• NEC updates are like software updates (Re: Charging Phone Kills 14-Year-Old Girl in Bathtub, Burton Strauss III)

Volume 30 Issue 41 (Tuesday 1 August 2017)

• Watch: Hackers Demonstrate How to Crack Into Electronic Voting Machines in Minutes (Luly Friesdat)
• Security This Week: The Very Best Hacks From Black Hat and DEF CON (WiReD)
• The Hacking Wars Will Get Worse (Adam Segal)
• UK home secretary Amber Rudd says 'real people' don't need end-to-end encryption (Business Insider)
• Putin passes law that will ban VPNs in Russia (TechCrunch)
• Queensland Police want to listen through your fridge (Brisbane Times via Henry Baker)
• Amazon suspends sales of Blu phones due to privacy concerns (CNET)
• These cheap phones come at a price—your privacy (CNET)
• HBO is hacked, and Game of Thrones episodes may have leaked out (The Washington Post)
• Senate launches bill to remove immunity for websites hosting illegal content, spurred by Backpage.com (The Washington Post)
• Illegal and undocumented instructions (Koehntopp)
• Iranians Use 'Cute Photographer' Profile To Hack Targets In Middle East (Slashdot)
• Amazon Echo as a spy device—with significant limitations (Android Guys)
• AI defeats anti-virus (The Register)
• Killer Car Wash: Hackers Can Trap and Attack Vehicles (Fortune via Gabe Goldberg)
• Google's new program to track shoppers sparks a federal privacy complaint (The Washington Post)
• "Google, Personal Information, and Star Trek" (Lauren Weinstein)
• Apple Removes Apps From China Store That Help Internet Users Evade Censorship (The New York Times)
• Cars Suck Up Data About You. Where Does It All Go? (The New York Times)
• Re: Keen Lab hackers ... take control of a Tesla ... (Gary Hinson)
• Re: Myopic CEO perspective, I think (Gene Wirchenko)
• Re: NEC Updates like software updates (R. G. Newbury)
• Re: Mass. maker of Roomba isn't going to sell your data, after all (Monty Solomon)

Volume 30 Issue 42 (Monday 7 August 2017)

• Siemens, DHS warn of "low skill" exploits against CT and PET Scanners (Ars Technica)
• U.S. Senate is going to help improve security of the IoT (Don Gilman)
• U.S. Army reportedly asks units to stop using DJI drones, citing cybersecurity concerns (The Verge)
• 200-Terabyte Proof Demonstrates the Potential of Brute-Force Math (Michael Byrne)
• Amazon Echo vulnerability allows hackers to eavesdrop with always-on microphone (Apple Insider via geoff goodfellow)
• 'Anonymous' browsing data can be easily exposed, researchers reveal (The Guardian)
• 21 Technologies Transforming Software Development (Peter Wayner)
• "The Death of Ruby? Developers Should Learn These Languages Instead" (Alison DeNisco)
• China holds drill to shut down 'harmful' websites (Reuters via Suzanne Johnson)
• HBO Security Contractor: Hackers Stole 'Thousands of Internal Documents' (Variety)
• Stolen nude photos and hacked defibrillators: is this the future of ransomware? (The Guardian)
• Uber drivers gang up to cause surge pricing, research says (The Telegraph)
• Wells Fargo faces lawsuits, angry lawmakers over car lending (WashPost)
• "How can we stop algorithms telling lies?" (Cathy O'Neil via PGN)
• Grandpa Had a Pension. This Generation Has Cryptocurrency. (NYTimes)
• Cybersecurity Researcher Hailed as Hero Is Accused of Creating Malware (NYTimes)
• Have Smartphones Destroyed a Generation? (The Atlantic)
• More than 1 in 5 travelers knowingly or unknowingly carried prohibited items onto aircraft, survey finds (WashPost)
• "Beware the Browser Extensions Privacy Trap!" (Lauren Weinstein)
• Site tracks Russian Propaganda on Social Media (Dashboard)
• Hacker who stopped WannaCry charged for writing banking malware (WiReD)
• To Protect Voting, Use Open-Source Software (Woolsey and Fox)
• Fishy circumstances cause power outage in Seattle (Dyer Oxley)
• Re: Leaping Kangaroos (Paul Edwards)
• Re: somebody else's computer, in another country (Kelly Bert Manning)
• Re: NEC Updates like software updates (William Brodie-Tyrrell)
• Re: Iranians Use 'Cute Photographer' Profile To Hack Targets in Middle East (Amos Shapir)

Volume 30 Issue 43 (Monday 14 August 2017)

• Scientists Fear Trump Will Dismiss Blunt Climate Report (Rich Kulawiec)
• How the Indiana GOP Used Uneven Early Voting Rules to Tamp Down Democratic Votes (Ed Kilgore)
• Russian Cyberattack Targeted Elections Vendor Tied To Voting-Day Disruptions (NPR)
• Former MI5 chief warns against cracking dowm on encryption (The Guardian)
• UK Law Proposal to Criminalize Re-Identification of Anonymized User Data (Bleeping Computer)
• VPN Provider Accused of Sharing Customer Traffic With Online Advertisers (Bleeping Computer)
• Internet Archive blocked by government of India (Medianama)
• Apple's troubles in China have just started, after it removed more than 400 VPN apps (Sundry)
• Botched Firmware Update Bricks Hundreds of Smart Door Locks (Catalin Cimpanu)
• "Driverless" van in Virginia (Mark Thorson)
• HPE's future for us (Insights)
• Is LIBOR, Benchmark for Trillions of Dollars in Transactions, a Lie (Matt Taibbi)
• Malicious code written into DNA infects the computer that reads it (Devin Coldewey)
• The Guy Who Invented Those Annoying Password Rules Now Regrets (Gizmodo)
• AWS EBS SNAPSHOTS (nvteh)
• UK Airlines and rail companies face huge fines for IT meltdowns (The Telegraph)
• Cyberattack on UCLA server potentially accesses student information (Daily Bruin)
• Bruce Springsteen Is Bringing His Music and His Memories to Broadway (The New York Times)
• Secrets of Silicon Valley - the Persuasion Machine (Brian Randell)
• Re: The Death of Ruby? Developers Should Learn These Languages (Kelly Bert Manning)
• Re: Mozilla launches new effort to counter fake news (Jonathan M. Smith)
• Re: Fishy circumstances cause power outage in Seattle (Michael Bacon)

Volume 30 Issue 44 (Thursday 31 August 2017)

• U.S. National Infrastructures (Henry Petroski via PGN)
• Taiwan Grid Outage Caused By Human Error (Rob Wilcox)
• Pacemaker firmware updates (Peter Gregory)
• Donald Trump's cybersecurity advisers resign, warning of 'insufficient attention to the growing threats' (Chris Baynes)
• FBI pushes private sector to cut ties with Kaspersky (CyberScoop)
• WikiLeaks Turned Down Leaks on Russian Government During U.S. Presidential Campaign (Foreign Policy)
• The Crisis of Connected Cars: When Vulnerabilities Affect the CAN
• Standard (Trend Micro)
• Quebec man fights back after dealer remotely disables car over $200 fee (CBC)
• Yu Pingan arrested for involvement in hacking OPM (Gizmodo)
• US Voting Machine Supplier Leaks 1.8 Million Chicago Voter Records (Gizmodo)
• DreamHostStatus.com forgot to use separate nameservers (Dan Jacobson)
• Cracked screen => cracked security? (Dan Goodin)
• Identity Thieves Hijack Cellphone Accounts to Go After Virtual Currency (The NYTimes)
• Google Accidentally broke the Internet throughout Japan (Engadget)
• Apple, Facebook, Google and others sign brief concerned about warrantless location tracking (Roger Fingas)
• "Even Artificial Neural Networks Can Have Exploitable 'Backdoors'" (WiReD)
• `Devil's Ivy' Is Another Wake-Up Call for IoT Security (Threatpost)
• US Army backing off a bit from its decision regarding sUAS usage (Gary Mortimer)
• Aero-ease (Aeon)
• 98.5% of unique net neutrality comments oppose Ajit Pai's anti-Title II plan (Ars Techica)
• Risks of IBAN checksums (Paul van Keep)
• Ethereum Hack (Bruce Schneier)
• I knew what you were going to do next: AI learns from pro gamers, then crushes them (The Washington Post)
• How Peter Thiel's Secretive Data Company Pushed Into Policing (WiReD)
• From Isaac Asimov to Aimee Mann, 'robophobia' plagues humans (WashPo)
• Carl Sagan in 1995 (Rich Kulawiec)
• UK Today's Roads Aren't Good Enough for Driverless Cars (Chris Drewe)
• Uh oh—too easy to confuse self-driving cars (IEEE Spectrum via Gabe Goldberg)
• Re: "Driverless" van in Virginia (Don Norman)
• Re: Is LIBOR, Benchmark for Trillions of Dollars in Transactions, a Lie? (Amos Shapir)
• Re: The Death of Ruby? Developers Should Learn These Languages Instead (Amos Shapir)
• Re: Botched Firmware Update Bricks Hundreds of Smart Door Locks (Michael Bacon)
• Re: Microchipping employees (David Randolph)
• Lindsay Marshall named UK National Teaching Fellow (PGN)

Volume 30 Issue 45 (Tuesday 5 September 2017)

• West Air CRJ accident involved two different causes (PGN)
• Kaspersky: The Cyber Insecurity Company (Jeanne Shaheen)
• Russian Election Hacking Efforts, Wider Than Previously Known, Draw Little Scrutiny (Nicole Perlroth et al.)
• How Russian & Alt-Right Twitter Accounts Worked Together to Skew the Narrative About Berkeley (Caroline O.)
• Ice-cold Kaspersky shows the industry how to handle patent trolls (The Register)
• Open-source voting in San Francisco? (Dominic Fracassa)
• Millions of Time Warner Cable Customer Records Exposed in Third-Party Data Leak (Gizmodo)
• Internet Censorship Bill Would Spell Disaster for Speech and Innovation (EFF)
• Hacking Retail Gift Cards Remains Scarily Easy (WiReD)
• Radio Hacker Interrupts Police Chase in Australia (Bleeping Computer)
• US government: We can jail you indefinitely for not decrypting your data (The Register)
• Risks of biometrics: man with no arms refused by bank demanding fingerprints (NBC News)
• Re: Wisconsin Company to Implant Microchips In Employees (Richard A. O'Keefe)
• Re: Microchipping employees (John Levine)
• Re: Cracked screen => cracked security? (Richard Bos)
• Re: Is LIBOR, Benchmark for Trillions of Dollars in Transactions, a Lie? (Michael Bacon)
• Password: hint: birthday (Dan Jacobson)

Volume 30 Issue 46 (Monday 11 September 2017)

• Equifax Hack May Expose Data of 143 Million Users (Polly Mosendz)
• More info on Equifax breach (Lauren Weinstein)
• PSA: no matter what you write, Equifax may tell you you've been impacted by the hack (TechCrunch)
• Hurricane Harvey Knocked Out Cell Service. Now Calls for Backup Wireless Power Are Rising (Fortune)
• Fake Russian Facebook Accounts Planted $100,000 in Political Ads (Vindu Goel and Scott Shane)
• Fake Facebook 'like' networks exploited code flaw to create millions of bogus 'likes' (Elizabeth Weise)
• Facebook Wins, Democracy Loses (NYTimes)
• Virginia scraps touchscreen voting machines (Morgan Chalfant)
• A huge solar flare temporarily knocked out GPS communications (Engadget)
• Apple and Google Fix Browser Bug. Microsoft Does Not. (Bleeping Computer)
• Dogwhistle ultrasound returns in a new guise (The Verge)
• India's Supreme Court ruled that privacy is a constitutional right (Menaka Guruswamy)
• 'Game of Thrones' was pirated more than a billion times—far more than it was watched legally (The Washington Post)
• 10 minutes of silence storms iTunes charts thanks to awful Apple UI (The Register)

Volume 30 Issue 47 (Friday 29 September 2017)

• NTSB: Tesla's Autopilot UX a "major role" in fatal Model S crash (Ars Technica)
• Deloitte joins the club of the massively hacked (The Guardian)
• In spectacular fail, Adobe security team posts private PGP key on blog (Ars Technica)
• Distrustful U.S. Allies Force NSA to Back Down in Encryption Fight (Joseph Menn)
• Propaganda flowed heavily into battleground states around election, study says (WashPo)
• PC-Wahl in the German elections (Chaos Computing Club via PGN)
• Yet another trove of sensitive US voter records has leaked (ZDNet)
• See The Fake End-Of-World Broadcast That Panicked Southern Cal (Patch)
• RT, Sputnik and Russia's New Theory of War (NYTimes)
• U.S. bans use of Kaspersky software in federal agencies amid concerns of Russian espionage (WashPo)
• Facebook and Russian Ads (The Guardian)
• 4-10% of encrypted web connections are man-in-the-middled and intercepted (BoingBoing)
• Forget Your Password, Go to Jail (ITKE via Gabe Goldberg)
• Failure to patch two-month-old bug led to massive Equifax breach (Ars Technica)
• Equifax's Maddening Response (Zeynep Tufekci)
• Equifax hacked well before it was disclosed (TechCrunch)
• Equifax Says CIO, Chief Security Officer to Leave After Breach )Blookberg)
• Equifax victims may face another hassle in buying an iPhone (StarTribune)
• A new website lets you automatically sue Equifax with a click (Chuck Petras)
• Stay away from Equifax sites! (Lauren Weinstein)
• Billions of devices imperiled by new clickless Bluetooth attack (Ars Technica)
• BEWARE/HEADS UP vis-a-vis Bluetooth & Wi-Fi can't be fully disabled via iOS 11 Control Center (Apple Insider)
• Blockchains Technology in Finance (IEEE)
• Risks of geolocation (paul wallich)
• Re: UK Banks, etc. to check account-holders' residence eligibility (Chris Drewe)
• Re: Hurricane Harvey Knocked Out Cell Service... (Wols)
• Judge dismisses libel lawsuit filed by self-proclaimed e-mail inventor (ArsTechnica)
• An open letter to the W3C Director, CEO, team and membership (EFF)
• Letter from indigenous Mexican man who was denied a US visa to receive an award for Internet development (BoingBoing)

Volume 30 Issue 48 (Thursday 19 October 2017)

• Drone collides with passenger jet (Digital Trends)
• Airports Worldwide Are Hit by Delays After Software Outage (NYTimes)
• Medical IoT device woes (Business Insights)
• DHS and vendor warn on automotive cyberflaws (FCW)
• WPA2 KRACK: Key Re-installation attACK (PGN)
• Millions of high-security crypto keys crippled by newly discovered Infineon flaw (Ars Technica)
• Russia Tried to Use Pokemon Go to Destabilize U.S. Election (Variety)
• Politico's Morning Cybersecurity on voting machines (PGN)
• Hacker study: Russia could get into U.S. voting machines (Politico)
• Yet Another Russian Hack of the NSA, with Kaspersky's Help (Bruce Schneier)
• Russia Turned Kaspersky Software Into Global Spying Tool (WSJ)
• Israel hacked Kaspersky, tipped off NSA (WashPo)
• Russia's Use of Antivirus Software to Spy on the U.S. Shows Why We Need Strong Encryption (Slate)
• RT, Sputnik, and Russia's New Theory of War (NYTimes)
• North Korea hacking Sony (NYTimes)
• HP Enterprise let Russia scrutinize cyberdefense system used by Pentagon (Reuters)
• More on the Deloitte hack (The Guardian)
• Wireless Emergency Alert System Nationwide No-Op (WashPo)
• "The Coming Software Apocalypse" (James Somers)
• Accenture exposes data to public (SMH)
• Amazon's Echo Spot is a sneaky way to get a camera into your bedroom (The Verge)
• Ads don't work so websites are using your electricity to pay the bills (The Guardian)
• Stolen phones unlocked through a phishing attack (Diomidis Spinellis)
• Dubai airport's new virtual aquarium tunnel scans your face as you walk through it (The National)
• Microsoft's Nadella Wants to Help Coders Take a Quantum Leap (WiReD)
• Informed delivery is stalker's dream (Brian Krebs via Paul Fenimore)
• Internet Regulator Delays Key Security Feature Update Because of Lazy ISPs (Bleeping Computer via Gabe Goldberg)
• Use This USB Drive Trick to Secure Your Laptop in Public—or Anywhere Else (MakeUseOf)
• Google and Facebook Failed Us (The Atlantic)
• Facebook is introducing new protections for profile pictures for users in India (The Verge via Dan Jacobson)
• Google builds the Babelfish (QZ via Mark Thorson)
• How a Fire Alarm Caused a Glitch for Microsoft's Azure Cloud (Fortune)
• Faulty data center takes out Sourceforge (The Register)
• Wikipedia deletions: make my day (Dan Jacobson)
• Google changes the target when you click down (Chromium)
• Re: Propaganda flowed heavily into battleground states around election (Mark Kramer)
• Re: Yet another trove of sensitive US voter records leaked (Michael Kohne)
• Re: UK Banks, etc. to check account-holders' residence eligibility (Michael Bacon, Anthony Youngman)
• Re: Forget Your Password, Go to Jail (Amos Shapir)
• Re: 'Game of Thrones' was pirated ... (Kelly Bert Manning)

Volume 30 Issue 49 (Tuesday 7 November 2017)

• Airports Worldwide Are Hit by Delays After Software Outage (NYTimes)
• NYPD claims to have incompetent sysadmins (Ed Ravin)
• AirBnB monopolizing and forcing incorrect currency conversions (Toby Douglass)
• To Survive the Streets, Robocars Must Learn to Think Like Humans (WiReD)
• Palestinian Man Arrested After Facebook Auto-Translates 'Good Morning' as 'Attack Them' (Gizmodo)
• Fixing cities' data privacy potholes (Insights)
• Apple's Machine Learning Engine Could Surface Your iPhone's Secrets (WiReD)
• A Bug in a Popular Maritime Platform Left Ships Exposed (WiReD)
• Corrected monitor resolution, pinup model no longer slim (Dan Jacobson)
• Risks of being interrupted while using Siri to comment online (NYTimes via David Tarabar)
• Denver Art Museum warns donors, members, employees after sensitive data breach (John Wenzel)
• Even lower chances of winning the lottery (Jeremy Epstein)
• Researchers Devise 2FA System That Relies on Taking Photos of Ordinary Objects (Bleeping Computer)
• Technology seeks to preserve fading skill: Braille literacy (WashPo)
• Fundamental problems with the Infineon crypto library (Ars via PGN)
• Taser Company Ignored SEC Emails Because They Were In a Spam Folder (Bloomberg via Gabe Goldberg, Lauren Weinstein)
• USS John S McCain (Dick Mills)
• Stuxnet-style code signing is more widespread than anyone thought (Ars Technica)
• Medical device security (Mark Thorson)
• Inside story: How Russians hacked the Democrats emails (WashPo)
• Estonia freezes resident ID cards due to security flaw (Engadget)
• The 2020 census is in big trouble. Here's how we got here (ThinkProgress)
• Hackers prey on home buyers, with hundreds of millions of dollars at stake (WashPo)
• Re: North Korea hacking Sony (Michael Bacon)
• Re: Wikipedia deletions: make my day (Denis Bloodnok)
• Re: UK Banks, etc. to check account-holders' residence eligibility (Peter Houppermans, Tom Gardner)
• Google exec: Our society is in real jeopardy (Gerhard Eschelbeck)
• Susan Landau: Listening In: Cybersecurity in an Insecure Age (PGN)

Volume 30 Issue 50 (Wednesday 22 October 2017)

• Warning to Humanity (The Sun)
• Singapore MRT signaling fault injures 29 (Straits Times via Richard M Stein)
• How Level 3's Tiny Error Shut Off the Internet Parts of the US (HighTechForum)
• A major vulnerability has frozen Ethereum $ hundreds of millions (FlipBoard)
• $300M cryptocurrency "accidentally killed" after bad software patch (ParityTech)
• One Bitcoin Transaction Now Uses as Much Energy as Your House in a Week (Christopher Malmo)
• Cops raid German bloke's house after his Alexa music device held a party on its own—while he was out (Amazon Grace)
• Russia used 150,000 Twitter accounts to meddle in Brexit (BoingBoing)
• Facebook admits that Ruskies interfered with UK Brexit vote (Buzzfeed)
• Russian 'Proof' That the US Is Helping ISIS Is Actually From a Video Game (Gizmodo)
• Homeland Security team remotely hacked a Boeing 757 (CSO)
• Facebook is asking users to upload nudes to stop revenge porn online (TechWorm)
• MINIX: Intel's in-chip operating system (ZDnet)
• USB Exploit Affects Nine Years of Intel Processors (ITProToday)
• Hacker Erases 30 Million Files From CA Transit System... Took Over Computers, Demanded Ransom (CBS)
• Eavesdropper Flaw Exposes Millions of Call Texts and Recordings (Hackread)
• Following Equifax breach, CEO doesn't know if data is encrypted (SearchSecurity)
• On the Equifax Breach (Bruce Schneier)
• Senators push to ditch Social Security numbers in light of Equifax hack (TechCrunch)
• Stuxnet-style code signing is more widespread than anyone thought (Dan Goodin)
• Pentagon's hacker disclosure program defangs 2,800 security flaws (Joe Uchill)
• Security Breach and Spilled Secrets Have Shaken the NSA to its Core (The New York Times)
• Uber drivers in Lagos are using a fake GPS app to inflate rider fares (QZ)
• Uber Paid Hackers to Delete Stolen Data on 57 Million People (Eric Newcomer)
• Jailbreaking your connected coffee machine: The idiocy of things (ZDnet)
• How Are ATMs Exploited? An Update on ATM Malware Methods (Security Intelligence)
• Remote Unauthenticated DoS in Debut embedded httpd server used by Brother printers (TrustWave)
• Verizon Asks the Federal Communications Commission to Prohibit States from Protecting User Privacy (EFF)
• CAST Research on the State of Software Security Reveals Riskiest Applications (GlobeNewsWire)
• Asus Zenfone 3 botched update (Dan Jacobson)
• Strings embedded in the web page (Dan Jacobson)
• Epson is Using its eBay "Trusted Status" to Make Competing Ink Sellers Vanish (EFF)
• Logitech to shut down service and support for Harmony Link devices in 2018 (Ars Technica)
• Twitter officially expands its character count to 280 starting (Techcrunch via Gabe Goldberg)
• Re: Even lower chances of winning the lottery (Amos Shapir)
• Re: Taser Company Ignored SEC Emails ... In a Spam Folder (Mark Kramer)
• Re: Tasers, Preying on home buyers (Chris Drewe)

Volume 30 Issue 51 (Wednesday 19 December 2017)

• ATL Hartsfield-Jackson Airport loses all power (CNN)
• A more mundane air travel risk (Jeremy Epstein)
• Claims container ship's navigation system "hacked" (danny burstein)
• Commentary on the risks of technology and climate change (Rob Slade)
• When is Big Automation Too Big for Comfort? (DevOps.com)
• Apparent Google update glitch disconnects student Chromebooks in schools across the U.S. (Geekwire)
• Former Facebook exec says social media is ripping apart society (The Verge)
• Hackers halt plant operations in watershed cyber-attack (Jim Finkle)
• Searchable database of 1.4 billion stolen credentials found on dark (Steven Cheung)
• World's biggest botnet sends 12.5 MILLION emails containing ransomware... (Daily Mail via Geoff Goodfellow)
• Department of Homeland Security finds government mobile apps lack (Rob Wilcox)
• Fun with blockchain (MakeUseOf)
• Initial Coin Offerings Horrify a Former SEC Regulator (The NYTimes via Gabe Goldberg)
• Bitcoin Exchange Youbit to Declare Bankruptcy After Hack (Coindesk)
• Bitcoin Investors Resort to Hypnotherapy to Recover Passwords (Fortune)
• Ethereum cryptocurrency choking on purchases of virtual cats (Taipei Times)
• Many Consumers Lack Understanding of Basic Cyber-Hygiene (Tenable)
• McLean-Based Hilton to Begin Rolling Out High-Tech "Connected Rooms" (Gabe Goldberg)
• Crooks Cash in Stolen Rewards Points for Flights and Hotels (Fortune)
• Microsoft Researcher Details Real-World Dangers of Algorithm Bias (Gizmodo)
• Experts Warn: Terrorists Could Kill Millions by Remotely Hacking (Gabe Goldberg)
• Dangers of dynamic road trip mapping applications (danny burstein)
• Large wildfires vs. navigation apps for drivers (David Tarabar)
• iOS 11 leaves iOS devices more vulnerable to edge-case attacks, says phone-cracking company ElcomSoft (9to6mac via Geoff Goodfellow)
• Want to break into a house? Just type in its address... (Dave Horsfall)
• Improving election integrity/security/??? (Politico)
• The Germans have no word for "Entscheidungsproblem" (Catalin Cimpanu via Henry Baker)
• Have You Ever Felt Sorry for the IRS? Now Might Be the time (The NYTimes)
• Car theft "relay crime" (Sky)
• More Than a Third of Federal Websites Just Failed a Major Security (Fortune)
• NSF-funded research on vehicular social networking (Ross Stapleton-Gray)
• Researchers craft Android app that reveals to find horrific menagerie of hidden spyware; legally barred from doing the same with iOS (Cory Doctorow)
• Overseas customers left behind in clearXchange to Zelle conversion (Dan Jacobson)
• Wrong number: Are Israel's phone companies systematically overcharging (Gabe Goldberg)
• Warn that results are not necessarily in order (Dan Jacobson)
• Upside of multiple-choice security questions (Ed Ravin)
• You can log into macOS High Sierra as root with no password (The Register)
• Feds in Two Minds About Artificial Intelligence Defense (Meritalk)
• Australian man uses snack bags as Faraday cage to block tracking by employer (Sean Gallagher)
• White House Weighs Personal Mobile Phone Ban for Staff (Bloomberg)
• Re: Singapore MRT signaling fault injures 29 (Richard M Stein)
• Re: Web Browser JavaScript Woes (Chris Drewe)
• Re: Taser Company Ignored SEC Emails ... In a Spam Folder (John Levine, Mark Kramer)
• Re: Are you aware that Comcast is injecting 400+ lines of JavaScript (geoff goodfellow)

Volume 30 Issue 52 (Tuesday 26 December 2017)

• Calif fires? Electrical utility "reclosers" may have contributed (IEEE Spectrum via danny burstein)
• The Unstoppable Momentum of Self-Driving Cars ("Laurie" via Gabe Goldberg)
• "Google Home is Leaving Elderly and Disabled Users Behind" (Lauren Weinstein)
• Section 230 of the Communications Decency Act (David Magda)
• Quantum Computing Is the Next Big Security Risk (WiReD)
• Navigation Apps Are Turning Quiet Neighborhoods Into Traffic Nightmares (Lisa Foderaro)
• Re: Large wildfires vs. navigation apps for drivers (Amos Shapir)
• Uber offers bug bounty
• College Students Come up With Plug-In to Combat Fake News (USNews via (Lauren Weinstein)
• Privacy Complaints Mount Over Phone Searches at U.S. Border Since 2011 (The New York Times)
• Claims container ship's navigation system "hacked" (John C. Bauer)
• Re: When is Big Automation Too Big for Comfort? (Martin Ward, Terje Mathisen)
• Re: The hotel of the future, High-Tech "Connected Rooms" (John Levine, Gabe Goldberg)

Volume 30 Issue 53 (Thursday 18 January 2018)

• Are Implanted Medical Devices Creating A 'Danger Within Us'? (NPR via Richard M Stein)
• Russia admits $45m satellite launch failed because programmers put in co-ordinates for the WRONG launch site (Daily Mail)
• Phoenix Pay System Disaster Continues (John C. Bauer)
• Ernst & Young report on Vancouver Island iHealth project mismanagment (Kelly Bert Manning)
• Erie, PA household electric bill for US$ 284B (WashPo)
• Programming error results in too many winning lottery tickets (The State via Steve Golson)
• 500 rupees, 10 minutes, and you have access to billion Aadhaar details (The Tribune India via Prashanth Mundkur)
• Massive security breach in India (Mark Thorson)
• Who's liable in driverless train accident? (The Straits Times)
• "LA-Tokyo flight turns back after passenger 'boards with wrong ticket'" (BBC)
• Rise of the Robo-Judge (Dan Jacobson)
• Hawaiian False Missile Alert Command Confirmation Bias Strikes Again (NYTimes et al.)
• War Risk 2018 with North Korea (Rob Wilcox)
• Drones keep entering no-fly zones over Washington, raising security concerns (WashPo)
• What Happens If Russia Attacks Undersea Internet Cables (WiReD)
• New Rules Announced for Border Inspection of Electronic Devices (Gabe Goldberg)
• Is the Answer to Phone Addiction a Worse Phone? (NYTimes)
• Apple said a software problem caused its heating system to break, which caused icicles to form on the roof of its Chicago store (Gabe Goldberg)
• Meltdown/Spectre/GoogleZero (The Verge)
• Microsoft's patches brick AMD PCs (Money via Barry Gold)
• Antivirus: the perfect spying tool!! (Nicole Perlroth)
• Infected USB sticks handed out at security conference (Taipei Times)
• Cybersecurity in self-driving cars: University of Michigan releases threat identification tool (Mike Chinni)
• BlackBerry Jarvis Checks Autonomous Car Software for Security Flaws (EWeek)
• Firms buy insurance 'in mad panic' as cyber-attacks soar (BBC)
• Health Care Is Hemorrhaging Data. AI Is Here to Help (WiReD)
• Romanian Hackers Compromised DC Security Cameras Prior to Inauguration (TRK)
• Indiana Hospital Hacked for Ransom: An Argument for Decentralized Data Dan Jacobson)
• Chanticleer to use blockchain for its rewards program (Gabe Goldberg)
• How to lose $8k worth of bitcoin in 15 minutes with Verizon and Coinbase.com (Dan Jacobson)
• Egypt's grand mufti says bitcoin 'forbidden' by Islam (The Times of Israel)
• How The Banks Bought Bitcoin (Lightning Network)
• Your Mother's Maiden Name Is Not a Secret (NYTimes)
• Risks of not using a bookstore? (Newsweek)
• Why you'll fire Siri and do the job yourself (ComputerWorld)
• Always allow removing comments (Dan Jacobson)
• Five copyright claims against youtube video of white noise (BBC via Mark Thorson)
• The Geography of Risks (Spencer Cheng)
• How Adding Accelerometers to Keys Will Thwart Car Thieves (IEEE Spectrum)
• Re: The Unstoppable Momentum of Self-Driving Cars (Amos Shapir)
• Re: Vehicle Satellite Navigation (Chris Drewe)

Volume 30 Issue 54 (Saturday 10 February 2018)

• Dutch agencies provide crucial intel about Russia's interference in US-elections (volkskrant)
• DHS exec: Russians penetrated US voter registrations in 2016 (NBC)
• German shock at car exhaust tests on humans and monkeys (bbc.com)
• "Ten Monkeys and a Bettle: Inside Rigged Diesel Test" (NYTimes)
• How a single line of computer code put 75,000 innocent Turks in jail (Kelly Bert Manning)
• Triton Malware Details Show the Dangers of Industrial System Sabotage (WiReD)
• FBI vs crypto-sanity? (PGN)
• Waze navigation app sends US driver into lake (The Times of Israel)
• Eyesight Technologies Will Watch You Drive, and That's a Good Thing (IEEE Spectrum)
• Self-Driving Cars Have a Secret Weapon: Remote Control (WiReD)
• Facebook AI spam detector lacks autoreview (Dan Jacobson)
• Why cops won't need a warrant to pull the data off your autonomous car (Gabe Goldberg)
• WHATIS Going to Happen With WHOIS? (Motherboard)
• "How Strava's "anonymized" fitness tracking data spilled government secrets" (Jack Whittaker via Gabe Goldberg)
• Personal Trackers expose Aggregated Personal and Group Data (Bob Gezelter)
• "Disney faces privacy complaint over children's apps" (Corinne Reichert)
• IoT fun—Don't Rely on Your Smart Speaker as Your Only Alarm Clock (Lifehacker)
• More Than Half of Adult Americans Were Victims of Cybercrime in 2017 (TRK via Gabe Goldberg)
• ICE can now track anyone's car in almost real-time (Think Progress)
• Terrorists Could Use Teslas to Kill Us (The Weekly Standard)
• A motorcyclist is suing GM after crashing into its self-driving car (PopSci)
• robots.txt vs. noindex (Google via Dan Jacobson)
• "3 leaked NSA exploits work on all Windows versions since Windows 2000" (CSO Online)
• 'Jackpotting' hackers steal over $1 million from ATMs across U.S. (Amos Shapir)
• Feds drop hammer on massive "carder" ring that caused $530 million in losses (Ars Technica)
• Blockchain Stocks Collapse by 40% to 90% (Wolfstreet)
• Bitcoin price manipulation (Charley Kline)
• Coincheck Says It Lost Crypto Coins Valued at About $400M (Bloomberg)
• Bitcoin payments used to unmask dark web users (Naked Security)
• Bitcoin: Dumb Crypto Criminal Botches Kidnapping (Fortune)
• As Bitcoin Bubble Loses Air, Frauds and Flaws Rise to Surface (NYTimes)
• Russian nuclear scientists arrested for 'Bitcoin mining plot' (BBC)
• Crooks Created 28 Fake Ad Agencies to Disguise Massive Malvertising Campaign (Catalin Cimpanu)
• The Fake-Follower Factory (NYTimes)
• British Teen Accessed U.S. Middle East Intelligence Ops by Pretending to be CIA Director (Newsweek)
• Bug Bounty Programs Are Paying Off for Hackers, HackerOne Finds (EWeek)
• Want to see all data Windows 10 sends Microsoft? There's an app for that (Ars Technica)
• "Can AI predict when that new hire will quit?" (Terena Bell)
• First, We Kill All the Lawsuits (Henry Baker)
• "In spite of military assurances, autonomous weapon research speeds ahead" (Greg Nichols)
• Ford Patents Autonomous Robocop Police Car That Can Give Out Tickets (Tech Times)
• British 15-year-old gained intelligence info (The Telegraph)
• Majority of employees in US unaware of GDPR mandate (DXC)
• Enter all identifying numbers as single text string without formatting (Dan Jacobson)
• Exclusive: Mattis seeking to ban cell phones from Pentagon (CNNPolitics)
• Re: Vehicle Satellite Navigation (Drewe, RISKS-30.53)
• Not knowing Twitter credentials delayed Hawai'i "all clear" (Lauren Weinstein)
• HI-EMA 'button pusher' refusing to cooperate with FCC (Star Advertiser)
• Re: Hawaiian False Missile Alert Command Confirmation Bias Strikes Again (Henry Baker)
• Re: "LA-Tokyo flight turns back after passenger 'boards with wrong (John Levine)
• Re: Five copyright claims against youtube video of white noise (John Levine)

Volume 30 Issue 55 (Saturday 17 February 2018)

• Aerospace Eyes Pilotless Cargo Planes (Richard M Stein via Straits Times)
• White Paper Points Out Just How Irresponsible 'Responsible Encryption' Is (TechDirt via Richard Forno)
• Ghost in the DCL shell: OpenVMS, touted as ultra reliable, had a local root hole for 30 years (The Register)
• Hackers Find, Fix 106 Security Flaws in Air Force Bug Bounty Challenge (TRK)
• "Skype can't fix a nasty security bug without a massive code rewrite" (Zack Whittaker)
• That mega-vulnerability Cisco dropped is now under exploit (Ars Technica)
• Understanding the Attack Vectors of CVE-2018-0101—Cisco ASA Remote Code Execution and Denial of Service Vulnerability (Cisco)
• How a Low-Level Apple Employee Leaked Some of the iPhone's Most Sensitive Code (Motherboard)
• Pirates Crack Microsoft's UWP Protection, Five Layers of DRM Defeated (TorrentFreak)
• Cyberattack Caused Olympic Opening Ceremony Disruption (Nicole Perlroth)
• Samsung and Roku Smart TVs Vulnerable to Hacking (Consumer Reports)
• FinTech Revolut sends PINs via email (Toby Douglass)
• "The House That Spied on Me" (Kashmir Hill and Surya Mattu)
• House Committee votes to terminate the Election Assistance Commission (The Nation)
• Spelling corrector busy changing words many pages back (Dan Jacobson)
• "Biggest Brazilian newspaper quits Facebook" (Angelica Mari)
• "Facebook's Very Revealing Text Messaging Privacy Fail" (Lauren Weinstein0
• Australian Cabinet Files (Bruce Schneier via PGN)
• With Closed-Circuit TV, Satellites And Phones, Millions Of Cameras Are Watching (NPR.org via Richard M Stein)
• Someone Is Sending Amazon Sex Toys to Strangers. Amazon Has No Idea How to Stop It (The Daily Beast)
• One Cause of Market Turbulence: Computer-Driven Index Funds (NYTimes via Richard M Stein)
• Most People Prefer Buying Wireless Devices Through Their Smartphones (TRK)
• Re: The unstoppable momentum of self-driving cars (Michael Bacon)
• Re: The Fake-Follower Factory (Jose Maria Mateos)
• Re: WHATIS Going to Happen With WHOIS? (Michael Bacon, John Beattie)
• Denver Airport AGTS marble stairs: Fall risk due to lack of contrast (Shawn Merdinger)
• Contra Ovadya on post-truth (John Ohno)

Volume 30 Issue 56 (Tuesday 27 February 2018)

• To Stir Discord in 2016, Russians Turned Most Often to Facebook (NYT)
• Russian election interference (PGN)
• Russia hacked the Olympics and tried to make it look like North Korea did it (Vox)
• Are Bots a Danger for Political Election Campaigns? (PGN)
• The Myth of the Hacker-Proof Voting Machine (Kim Zetter)
• Your Bitcoin or Your Life (Nathaniel Popper)
• All but Banned in the U.S., Chinese Giant Huawei Is Welcomed in Britain (WSJ)
• Drone collisions, close calls underscore growing risks for aircraft (WashPo)
• BB&T Restores ATM Service, Online Banking Problem Persists (WSJ)
• "Lawsuits threaten infosec research just when we need it most" (Zack Whittaker)
• "Security firm Keeper sues news reporter over vulnerability story" (Zack Whittaker)
• "Microsoft is distributing security patches through insecure HTTP links" (Woody Leonhard)
• That terrifying 'unfixable' Microsoft Skype security flaw: THE TRUTH. (The Register)
• Facebook's Mandatory Anti-Malware Scan Is Invasive and Lacks Transparency (WiReD)
• An old tax scam—with a troubling new twist (WashPo)
• "Maker of sneaky Mac adware sends security researcher cease-and-desist letters" (Zack Whittaker)
• Tesla cloud resources are hacked to run cryptocurrency-mining malware (Ars Technica)
• One-stop counterfeit certificate shops for all your malware-signing (Ars Technica)
• US Border Patrol Hasn't Validated E-Passport Data For Years (Lily Hay Newman)
• Facebook Shows Why SMS Isn't Ideal for Two-Factor Authentication (Tidbits)
• Google Chrome Now Blocks Irksome Ads. That's a Good Thing, Right? (NYTimes)
• Federal Judge Says Embedding a Tweet Can Be Copyright Infringement (EFF)
• How a fight over Star Wars download codes could reshape copyright law (Ars Technica)
• How Samsung moved beyond its exploding phones (Ars Technica)
• "Fail-slow at scale: When the cloud stops working" (Robin Harris)
• Apple Repair Center Barrages Sacramento's 911 Operators (CBS)
• Convention registration leaks information (Medium via Arthur T)
• Banking Nightmare: Chase Glitch Gives Online Access to Random People (Fly&Dine)
• "iPhone explodes at Vietnamese hair salon, thankfully only injures Apple fans' pride" (RocketNews)
• Cyberstalking via unsolicited anonymous Amazon deliveries (The Boston Globe)
• The Car of the Future Will Sell Your Data (Bloomberg)
• Don't blindly follow your GPS—Sylvan Lake State Park staff offers winter route advice (Pam Boyd)
• Before Hitting the Road, Self-Driving Cars Should Have to Pass a Driving Test (Scientific American)
• Re: mystery deliveries from Amazon (Kelly Manning)

Volume 30 Issue 57 (Thursday 1 March 2018)

• Using a Laser to Wirelessly Charge a Smartphone Safely Across a Room (James Orton)
• Bill Gates: Cryptocurrency is super-risky over the long-term (Emmie Martin)
• "Wine lovers cannot buy Burgundy as Google cracks down on 'gun' searches" (The Telegraph via Chris Drewe)
• "SAML protocol bug let hackers log in as other users" (Zack Whittaker via Gene Wirchenko)
• 23,000 HTTPS certificates axed after CEO emails private keys (Ars Technica)
• New Orleans alleged to have secretly used Palantir predictive policing (CSO)
• Voice Assistants Are Being Built Into New Smart Home Products at CES 2018 (Consumer Reports via Gabe Goldberg)
• I Wanna Go Fast: Why Searching Through 500M Pwned Passwords Is So Quick (TroyHunt)
• Weird attachment on ATM (Dave Horsfall)
• Artificial intelligence and national security (Allen/Chan via Diego Latella)
• Chrome Lets Hackers Phish Even 'Unphishable' Yubikey Users (WiReD)
• Re: The Myth of the Hacker-Proof Voting Machine (Mark E. Smith)
• Re: US Border Patrol Hasn't Validated E-Passport Data For Years (John Levine)
• Re: mystery deliveries from Amazon (John Levine)

Volume 30 Issue 58 (Thursday 15 March 2018)

• Root Cause Behind Downtown Line Glitch Still Unknown (Straits Times)
• GPS Isn't Very Secure. Here's Why We Need A Backup (WiReD)
• Hedge Funds That Use AI Just Had Their Worst Month Ever (Bloomberg)
• AI-Aided Cameras Mean No More Car Mirrors, No More Blind Spots (Spectrum)
• "Researchers find security flaws in popular smart cameras" (ZDNet)
• "IT beware: University finds new 4G security holes" (Evan Schuman via Gene Wirchenko)
• Spooks' Superposition Principle (Henry Baker)
• GitHub Survived the Biggest DDoS Attack Ever Recorded (Lily Hay Newman)
• Memcached-fueled 1.3 Tbps attacks (Drew Dean)
• Major data breach at Marine Forces Reserve impacts thousands (Gabe Goldberg)
• Report highlights how deep packet inspection could be subverted by cybercriminals (Tara Seals via geoff goodfellow)
• "More privacy-busting bugs found in popular VPN services" (Zack Whittaker)
• More on Google and Military Drones (Lauren Weinstein)
• Egyptian jamming of Sinai cell phones affects Israel, Gaza (Dan Williams)
• All of Oculus's Rift headsets have stopped working due to an expired certificate (TechCrunch)
• Officer sent to wrong address by 911 system—and dies (Paul Saffo)
• Years After Sept. 11, Critical Incidents Still Overload Emergency Radios (via NPR.org)
• The European electrical grid is having time problems (danny burstein)
• In reported breakthrough, Israeli tech can now unlock any phone (Times of Israel)
• Israeli AI software whips expert lawyers in contract analysis (ditto)
• Egyptian Military Activity Affecting Israeli Cell Networks (Hamodia via Mike Rechtman)
• Cryptocurrency Thief Stole 7 Bitcoins from Steve Wozniak (Fortune)
• "Australians used bitcoin to pay AU$50k-worth of fake ATO tax debts in 2017" (ZDNet)
• Clocks in telephones at higher altitudes don't actually run faster (Dan Jacobson)
• Bug in HP Remote Management Tool Leaves Servers Open to Attack (Threatpost)
• Cisco's Talos Intelligence Group Blog: Vulnerability Spotlight: Adobe Acrobat Reader DC Document ID Remote Code Execution Vulnerability (Talos)
• Apple acknowledges serious iOS bug linked to Telugu character (The Hindu)
• Adversarial patches: colorful circles that convince machine-learning vision system to ignore everything else (BoingBoing)
• Left-right mouse mapping programs and permanent effects (Dan Jacobson)
• In the US v. Microsoft Supreme Court Case, an Old Law Leaves Few Good Options (WiReD)
• Chinese mom 'locked out' of phone for incredible 47 years (ECNS)
• Usual infile-outfile clobber accident (Dan Jacobson)
• MoviePass CEO proudly says the app tracks your location before and after movies (TechCrunch)
• A first look at browser-based Cryptojacking ( Eskandari et al. via Jose Maria Mateos)
• "After Oracle WebLogic miner attack, critical Apache Solr bug is now targeted" (ZDNet)
• "Has Alexa snapped? Why your Echo sometimes does creepy things" (David Gewirtz)
• "Ransomware for robots is the next big security nightmare" (Danny Palmer)
• Most Americans See Artificial Intelligence as a Threat to Jobs —Just Not Theirs (Niraj Chokshi)
• New tracking technology could make lost belongings a thing of the past (The Washington Post via Gabe Goldberg)
• Apple: Former Engineer Will Unlock iPhone For $15.000 (Fortune)
• "Google's DoubleClick outage should force marketers to ask some hard questions" (Larry Dignan)
• Alexa briefly lost its voice on Friday (The Verge)
• Malicious software hits Connecticut court system's computers (The Boston Globe)
• Regulation of Internet Companies?!? (Chris Drewe)

Volume 30 Issue 59 (Saturday 17 March 2018)

• Hacking critical infrastructures (Nicole Perlroth et al. via PGN)
• Lessons for RISKS from the Florida bridge collapse (PGN)
• The Controversial CLOUD Act: Privacy Plus or Minus? (Lauren Weinstein)
• Cybercriminals spotted hiding cryptocurrency mining malware in forked projects on GitHub (Danny Palmer)
• Linus Torvalds slams CTS Labs over AMD vulnerability report (Steven J. Vaughan-Nichols)
• FCC Accuses Stealthy Startup of Launching Rogue Satellites (Gabe Goldberg)
• FCC Accuses Stealthy Startup of Launching Rogue Satellites (danny burstein)
• How social media spread a historical lie (WashPo)
• How Trump Consultants Exploited the Facebook Data of Millions (NYTimes)
• Microsoft still doesn't get it (Phil Smith III)
• Meet the Scarlett Johansson PostgreSQL malware attack (Steven J. Vaughan-Nichols)
• New system to help commuters avoid crowds at MRT stations (Richard M. Stein)
• Australia warns South-east Asia of high-tech terror threat (Straits Times)
• Vancouver BC Transit system says tap your card, not your wallet (Kelly Bert Manning)
• Re: Usual infile-outfile clobber accident (B. Elijah Griffin)
• Re: British Teen Accessed U.S. Middle East Intelligence Ops (Nick Sizemore)
• Re: AI-Aided Cameras Mean No More Car Mirrors, No More Blind Spots (Michael Bacon)

Volume 30 Issue 60 (Tuesday 20 March 2018)

• Reverse-Engineers Cuban Sonic Weapon (Fu/Xu/Yan)
• "IBM's fraud-fighter is so tiny, it's almost invisible" (ZDNet)
• Uber car in autonomous mode kills pedestrian (WashPo)
• More info re: the Uber car fatality (Lauren Weinstein)
• "Self-driving Uber kills Arizona woman, autonomous tests halted" (Gene Wirchenko)
• When Self-Driving Cars Can't Help Themselves, Who Takes the Wheel? (NYTimes)
• U.S. Government Launches Investigation Into Hyundai And Kia Airbags (NPR.ORG)
• Revealed: 50 million Facebook profiles harvested for Cambridge Analytica in major data breach (The Guardian)
• Facebook apologises for search suggestions of child abuse videos (The Guardian)
• Cambridge Analytica Suspends C.E.O. Amid Facebook Data Scandal (NYTimes)
• 3 Simple Ways We Give Up A Ton Of Very Personal Information To Facebook And Random Apps (buzzfeed)
• "Seriously, It's Time to Ditch Facebook and Give Google+ a Try" (Lauren Weinstein)
• Unsecured AWS S3 bucket managed by Walmart jewelry partner exposes data of 1.3M customers (SecurityAffairs)
• Look-Alike Domains and Visual Confusion (Krebs on Security)
• Re: Lessons for RISKS ... (Chris Samuel)
• Re: AI-Aided Cameras (Dmitri Maziuk)
• Re: Microsoft still doesn't get it (Michael Schmitt)
• Re: New system to help commuters avoid crowds at MRT stations (Geoffrey Keating)

Volume 30 Issue 61 (Tuesday 27 March 2018)

• Self-Driving Car Had a Fatal Accident: Now What? (Don Norman)
• Re: Uber car in autonomous mode kills pedestrian (WashPo)
• Re: The Unstoppable Momentum of Self-Driving Cars (Shapir, R 30.53)
• "Why Big Tech Needs Big Ethics—Right Now!" (Lauren's Blog)
• Even Without Cambridge Analytica, the Trump Campaign Already Had Everyone's Data (Emily Taylor via Diego Latella)
• Yet another security vulnerability afflicts India's citizen database (Prashanth Mundkur)
• Schools Are Using AI to Check Students' Social Media for Warning Signs of Violence (Gizmodo)
• Bad science puts innocent people in jail—and keeps them there (WashPo)
• GrayKey iPhone unlocker poses serious security concerns (Malwarebytes Labs)
• History Shows DDoS Volumes to Keep Rising Despite Mitigation Efforts (EWeek)
• "The new social media imperative: Distance yourself" (Mike Elgan)
• $1 million worth of Iron Dome missiles fired at nothing due to 'oversensitivity' (The Times of Israel)
• "Cryptocurrency mining malware uses five-year old vulnerability to mine Monero on Linux servers" (Danny Palmer)
• Tamper-proof currency wallet backdoored by a 15-year-old (Ars Technica)
• Cybersecurity key to S'pore's survival: CSA chief (Straits Times)
• Electronic footrest traps customer, who later dies (Jennifer Hassan)
• Theranos fraud duped billionaires, but Silicon Valley culture blamed (Tom Foremski)
• "Google Assistant now lets you send and request money from your contacts" (Stephanie Condon)
• Electric chairs in England? (Yahoo!)
• Sex Trafficking Bill Heads to Trump, Over Silicon Valley Concerns (NYTimes)
• Re: Look-Alike Domains and Visual Confusion (Kurt Seifried)
• Re: Lessons for RISKS from the Florida bridge collapse (Dick Mills)

Volume 30 Issue 62 (Friday 30 March 2018)

• A Cyberattack Hobbles Atlanta, and Security Experts Shudder (Alan Blinder and Nicole Perlroth)
• Baltimore's 9-1-1 System Hacked in Ransomware Attack (Baltimore Sun)
• Under Armour announces data breach, affecting 150 million MyFitnessPal app accounts (WashPo)
• Facebook's Cambridge Analytica problems are nothing compared to what's coming for all of online publishing (Harvard)
• Growth At Any Cost: Top Facebook Executive Defended Data Collection In 2016 Memo—And Warned That Facebook Could Get People Killed (buzzfeed)
• Facebook deathwatch: a decade ago, it was impossible to imagine the fall of Myspace (BoingBoing)
• “Maybe someone dies'': Facebook VP justified bullying, terrorism as costs of network's `growth' (Avi Selk)
• Ecuador cutting off WikiLeaks founder's communications (Chicago Sun Times)
• Self-driving car passenger slapped with ticket in San Francisco (Fox News)
• Uber Disabled Volvo's Safety System Before Fatality, Aptiv Says (TTNews)
• Uber reportedly reduced the number of sensors on its autonomous cars (Engadget)
• Re: "Why Big Tech Needs Big Ethics—Right Now!" (Martin Ward)
• Re: Self-Driving Car Had a Fatal Accident: Now What? (Ian Jackson, Paul Fenimore)
• Re: Self-Driving Car Had a Fatal Accident CORRECTION (Don Norman)
• Re: The Unstoppable Momentum of Self-Driving Cars (3daygoaty)
• Government wants to know the Risks of IoT (Arthur T.)

Volume 30 Issue 63 (Sunday 1 April 2018)

• Google launches GoogleCoin cryptocurrency (Mark Thorson)
• GoogleExchange hacked, GoogleCoins worth USD$104B stolen (Mark Thorson)
• By 2020, More Than 30% of World's Electricity Consumption Will Be Spent Explaining Bitcoin (EFF)
• Celebrate The Calendar That Saved Us From Disaster (Mark Thorson)
• Cloudflare launches 1.1.1.1 consumer DNS service with a focus on privacy
• Georgia Passes Anti-Infosec Legislation (EFF)
• Hacking voting machine vendors (CSO Online)
• Despite privacy concerns, Israel to put nation's medical database online (The Times of Israel)
• Driverless vehicles and aircraft (Michael Bacon)
• Virtual reality shopping is here (Gabe Goldberg)

Volume 30 Issue 64 (Monday 2 April 2018)

• Software Bug Behind Biggest Telephony Outage In US History (Slashdot via Gabe Goldberg)
• Card Data Stolen From 5 Million Saks and Lord & Taylor Customers (NYTimes)
• WannaCry my ground Boeing? (Dominic Gates)
• The MyFitnessPal Hack May Affect 150 Million People. It Could've Been Even Worse. (Slate)
• This Is So Much Bigger Than Facebook Data misuse is a feature, not a bug -- and it's plaguing our entire culture (Ethan Zuckermann)
• Yonatan Zunger: "Ethics Crisis" (PGN)
• New malware aimed at Linux servers (Mike Rechtman)
• Re: Lessons for RISKS from the Florida bridge collapse (Chris Drewe)
• Re: Tamper-proof currency wallet backdoored by a 15-year-old (Mark Jackson)

Volume 30 Issue 65 (Saturday 14 April 2018)

• Half of European flights delayed due to system failure (BBC)
• Atlanta Airport Shuts Down Wi-Fi Following Cyber Attack on City (Conde-Nast)
• Bridges and privacy (Gizmodo)
• Chinese man caught by facial recognition at pop concert (BBC)
• Is Science Hitting a Wall? (Scientific American)
• Prescribing error in EHR results in death of man (Healthcare IT)
• Elon Musk: Do you trust this computer? (Ed DeWath, Grady Booch)
• "Flaw exposes cities' emergency alert sirens to hackers" (ZDNet)
• "How safe is your air-gapped PC? Attackers can now suck data out via power lines" (Liam Tung)
• DHS finds suspected phone spying in Washington (ABC News)
• "Windows security: Microsoft patch for Outlook password leak bug 'not a full fix'" (Liam Tung)
• The biggest Black Lives Matter page on Facebook is fake (CNN)
• Fox News accidentally puts up a poll graphic that shows how they are the least trusted network (BoingBoing)
• "On Facebook, Zuckerberg gets privacy and you get nothing" (Zack Whittaker)
• Facebook exec: If you want privacy, expect to pay for it (NYPost)
• Facebook Suspends Another Data Analytics Firm As Scandal Widens (NPR)
• Cambridge Analytica Could Also Access Private Facebook Messages (WiReD)
• Protecting Democracy Using Firewalls (Mark Rockman)
• A New AI "Journalist" Is Rewriting the News to Remove Bias (Kristin Houser)
• People must retain control of autonomous vehicles (Nature)
• Waze's crazy routing over a 32% grade road (Gabe Goldberg)
• Relevant Comic? (Freefall)
• "LG's 'Software Upgrade Center' feels slightly too familiar" (J.R. Raphael)
• Richest 1% on target to own two-thirds of all wealth by 2030 (Michael Savage)
• The dots do matter: how to scam a Gmail user (James H Fisher)
• "A bad day with mobile 2FA" (Evan Schuman)

Volume 30 Issue 66 (Sunday 22 April 2018)

• Don't Blame Me for Facebook's Privacy Crisis (Ross Anderson)
• Facebook and Cambridge Analytica (CRYPTO-GRAM)
• Cambridge Analytica and the Coming Data Bust (NY Times)
• Palantir Knows Everything About You (Bloomberg)
• American elections are too easy to hack. We must take action now (Bruce Schenier)
• Instant Runoff Voting (Stephen H. Unger)
• Time for airplane engine diversity? (Christine Negroni)
• Deutsche Bank Inadvertently Made a $35 Billion Payment in a Single Transaction (Bloomberg)
• Blockchain Kiddy Porn (Rebecca Mercuri)
• Browser Standard WebAuthn Could Usher in a Password-Free Future (WiReD)
• Teen charged in Nova Scotia government breach says he had 'no malicious intent' (CBC News)
• Two vendors now sell iPhone cracking technology and police are buying (Lucas Mearian)
• "12+ things you can do with a locked iPhone" (Jonny Evans)
• France builds WhatsApp rival due to surveillance risk (Reuters)
• "Android security: Your phone's patch level says you're up to date, but that may be a lie" (Liam Tung)
• In a Leaked Memo, Apple Warns Employees to Stop Leaking Information (Mark Gurman)
• "Fake Android apps used for targeted surveillance found in Google Play" (Zack Whittaker)
• "Swim at your own risk: How botched IoT can sink your precious first-world life" (Jason Perlow)
• Police use Experian Marketing Data for AI Custody Decisions (Big Brother Watch)
• A call to regulate the use of AI (Nature)
• Yahoo and AOL just gave themselves the right to read your emails *again* (CNET)
• FCC dings T-Mobile $40M for faking rings on calls that never connected (TechCrunch)
• The EU's horrific and tyrannical "Right To Be Forgotten" -- as described in 1944 George Orwell (Lauren Weinstein)
• China's Xi says Internet control key to stability (Reuters)
• Moscow State University Team Wins Gold in ACM ICPC Programming Contest (ACM Bulletins)
• Re: "A bad day with mobile 2FA" (Dmitri Maziuk)
• Re: Fox News accidentally puts up a poll graphic that shows how they are the least-trusted network (Bob Rahe)
• Re: Windows security: Microsoft patch for Outlook password leak bug 'not a full fix' (Kelly Bert Manning)

Volume 30 Issue 67 (Sunday 29 April 2018)

• Lightning Hazards Prompt Boeing to Fix 787 Jets (WSJ)
• Facebook's dark-ads problem is systemic (Techcrunch)
• Facebook's Ties With Kogan and Cambridge Were Even Cozier Than We Thought (Slate)
• How merchants use Facebook to flood Amazon with fake reviews (WashPo)
• How Looming Privacy Regulations May Strengthen Facebook and Google (NYTimes)
• How Fake Mark Zuckerbergs Scam Facebook Users Out of Their Cash (NYTimes)
• Malicious Amazon Alexa Skills Can Record Everything a User Says (EWeek)
• The Golden State Killer Is Tracked Through a Thicket of DNA, and Experts Shudder (NYTimes)
• TSB fiasco (Charles Mann on Naked Capitalism)
• TSB week-long disruption (The Guardian)
• Brain-Computer Interfaces: 'The Last Frontier of Human Privacy' (WSJ)
• Viewpoint: The pitfalls of India's biometric ID scheme (BBC)
• Zelle, the Banks' Answer to Venmo, Proves Vulnerable to Fraud (NYTimes)
• Blockchains for journalism (CJR via Prashanth Mundkur)
• ISO blocks NSA's latest IoT encryption systems amid murky tales of backdoors and bullying (The Register)
• Cyberwarfare may be less dangerous than we think (WashPo)
• Defending Hospitals against Life-Threatening Cyber-attacks (Scientific American)
• 'Operation GhostSecret': North Korea Is Suspected in Intensifying Global Cyberattack (WSJ)
• "Mysterious cyber-worm targets medical systems, is found on X-ray machines and MRI scanners" (ZDNet)
• Comcast partners with Independence Health to create digital health company (Healthcare IT News)
• Medical transcription service leaves patient records open (Krebs)
• Suspicious event hijacks Amazon traffic for 2 hours, steals cryptocurrency (Ars Technica)
• Amazon Launches In-Car Delivery (Business Wire)
• A One-Minute Attack Let Hackers Spoof Hotel Master Keys (WiReD)
• Hackers have found a way to jailbreak the Nintendo Switch (WashPo)
• The state of patch management (HPE)
• Backlash prompts Eventbrite to drop demand to crash events, record them (Ars Technica)
• Re: Regulate AI? (Craig Burton)
• Re: ACM ICPC Programming Contest (Martyn Thomas)
• Re: Instant Runoff Voting (Wols)
• Re: American elections are too easy to hack. We must take action now (Mark E. Smith)
• Re: "A bad day with mobile 2FA" (John Levine, Dimitri Maziuk)

Volume 30 Issue 68 (Saturday 5 May 2018)

• Iowa Lottery fraud resolved (PGN on NYTimes item)
• "Online voting is impossible to secure. So why are some governments using it?" (Porup)
• Lightning Struck Her Home. Then Her Brain Implant Stopped Working (NY Times)
• KRACK Wi-Fi vulnerability can expose medical devices, patient records (Charlie Osborne)
• "A critical security flaw in popular industrial software put power plants at risk" (Zack Whittaker)
• "Oracle Access Manager security bug so serious it let anyone access protected data" (Lian Tung)
• How not to announce a loss of secure information (SMH)
• Why Silicon Valley can't fix itself (The Guardian)
• "Google Maps user? Beware attackers using URL-sharing to send you to shady sites" (Lian Tung)
• China's bungled drone display breaks world record (via BBC.com)
• When a stranger takes your face, Facebook failed crackdown on fake accounts (WashPo)
• The Era of Fake Video Begins (Franklin Foer)
• Souped-up smartphones, robots to help police fight crime more effectively (Straits Times)
• "GitHub says bug exposed some plaintext passwords" (ZDNet)
• "Gaming: The System" (NY Times)
• France seizes France.com from man who's had it since 1994, so he sues (Ars Technica)
• Transparent Eel-Like Soft Robot Can Swim Silently Underwater (ACM Technews)
• He Drove a Tesla on Autopilot From the Passenger Seat. The Court Was Not Amused. (NYTimes)
• Is My Not-So-Smart House Watching Me? (NYTimes)
• Following the Trail of Online Ads, Wherever It Leads (NYTimes)
• Criminals Used Flying Robots to Disrupt FBI Hostage Operation (Fortune)
• Facebook's dating service is a chance to meet the catfisher, advertiser, or scammer of your dreams (WashPo)
• Blockchain Will Be Theirs, Russian Spy Boasted at Conference (Nathaniel Popper)
• Blockchain is not only crappy technology but a bad vision for the future (Kai Stinchcombe, John Levine)
• Keeping your *Twitter* account secure (Gabe Goldberg)
• Against Trendism: how to defang the social media disinformation complex (Medium via John Ohno)
• Letter to *Consumer Reports* responding to June article about connected cars (Gabe Goldberg)

Volume 30 Issue 69 (Wednesday 16 May 2018)

• America continues to ignore the risks of election hacking (The New Yorker)
• Russia Tried to Undermine Confidence in Voting Systems, Senators Say (NYTimes)
• Virginia election officials assigned 26 voters to the wrong district (WashPo)
• Securing Elections (Bruce Schneier)
• Australian Emergency Calls Fail due to lightning strike (ABC AU)
• Self-driving cars' shortcomings revealed in DMV reports (Merc)
• VW bugs: "Unpatchable" remote code pwnage (TechBeacon)
• Software bug led to death in Uber's self-driving crash (Ars Technica)
• Deadly Convenience: Keyless Cars and Their Carbon Monoxide Toll (NYT)
• The risk from robot weapons (via The Statesman/Asia News Network, published in The Straits Times)
• Is technology bringing history to life or distorting it? (WashPo)
• 2,000 wrongly matched with possible criminals at Champions League (BBC AU)
• KRACK Wi-Fi vulnerability can expose medical devices, patient records (Osborne, R 30 68)
• Nigerian Email Scammers Are More Effective Than Ever (WiReD)
• Dark code (DW)
• Postmortem of Fortnite Service Outage (Epic Games)
• Collateral damage (538)
• Dozens of security cameras hacked in Japan (Mainichi)
• Technology turns our cities into spies for ICE, whether we like it or not (LATimes)
• The Digital Vigilantes Who Hack Back (The New Yorker)
• Bring in the Nerds: EFF Introduces Actual Encryption Experts to U.S. Senate Staff (EFF)
• Email Encryption Tools Are No Longer Safe, Researchers Say (Fortune)
• Not So Pretty: What You Need to Know About E-Fail and the PGP Flaw (EFF)
• Once Again, Activists Must Beg the Government to Preserve the Right to Repair (Motherboard)
• Widespread Misunderstanding of x86-64 Privileged Instruction Leads to Widespread Escalation Hazard (MITRE CVE 2018-8897)
• Alexa and Siri Can Hear This Hidden Command Audio Attacks (NYTimes)
• Buckle Up, Prime Members: Amazon Launches In-Car Delivery (Business Wire)
• Meant to Monitor Inmates' Calls Could Track You Too (NYTimes)
• Cell Phone Location data reportedly available to law enforcement without verification/process (Ars Technica)
• During disasters, active Twitter users likely to spread falsehoods: Study examines Boston Marathon bombing, Hurricane Sandy; also finds most users fail to correct misinformation (Science Daily)
• Face recognition police tools 'staggeringly inaccurate' (BBC.com)
• Intel Documentation Blamed for Multiple Operating System Security Flaws (IT Pro)
• The Problem with Chinese GPS (Now I Know)
• U.S. identifies suspect in major leak of CIA hacking tools (WashPo)

Volume 30 Issue 70 (Saturday 26 May 2018)

• Boy, 9, dies in accident involving motorized room partition at his Fairfax school (WashPo)
• Don't Put That in My Heart Until You're Sure It Really Works (NYT)
• "Ex-Intel security expert: This new Spectre attack can even reveal firmware secrets" (Liam Tung)
• "This malware is harvesting saved credentials in Chrome, Firefox browsers" (ZDNet)
• Student awarded $36,000 for remote execution flaw in Google App Engine (Charlie Osborne)
• "This cryptocurrency phishing attack uses new trick to drain wallets" (Danny Palmer)
• Ex-JPMorgan Chase Blockchain Duo Unveil New Startup Clovyr (Fortune)
• ICE abandons its dream of ‘extreme vetting’ software that could predict whether a foreign visitor would become a terrorist (WashPo)
• E-Mail Clients are Insecure, PGP and S/MIME 100% secure (Keith Medcalf)
• E-mail Encryption Tools Are No Longer Safe, Researchers Say (Fortune)
• Not So Pretty: What You Need to Know About E-Fail and the PGP Flaw (EFF)
• "T-Mobile bug let anyone see any customer's account details" (Zack Whittaker)
• "Senator wants to know how police can locate any phone in seconds without a warrant" (Zach Whittaker)
• US cell carriers are selling access to your real-time phone location data (Zach Whittaker)
• Hundreds of Apps Can Empower Stalkers to Track Their Victims (NYTimes)
• "Voice squatting attacks: Hacks turn Amazon Alexa, Google Home into secret eavesdroppers" (CSO Online)
• So, Umm, Google Duplex's Chatter Is Not Quite Human (Scientific American)
• Henry Kissinger Is Scared of 'Unstable' Artificial Intelligence (The Wrap)
• Service Meant to Monitor Inmates' Calls Could Track You, Too (NYT)
• Gunshot Sensors Pinpoint Destructive Fish Bombs (SciAm)
• Most GDPR emails unnecessary and some illegal, say experts (The Guardian)
• The Pentagon Has a Big Plan to Solve Identity Verification in Two Years (Defense One)
• Unplug Your Echo! (Ars Technica)
• FBI dramatically overstates how many phones they can't get into (WaPo)
• "Google to remove "secure" indicator from HTTPS pages on Chrome" (ZDNet)
• Google's Selfish Ledger is an unsettling vision of Silicon Valley social engineering (The Verge)
• "A flaw in a connected alarm system exposed vehicles to remote hacking" (ZDNet)
• Syrian hackers who tricked reporters indicted (WashPo)
• Cisco critical flaw warning: These 10/10 severity bugs need patching now (ZDNet)
• Is technology bringing history to life or distorting it? (WashPo)
• Massachusetts ponders hiring a computer to grade MCAS essays. What could go wrong? (The Boston Globe)
• Grocery store censors cake with request for 'summa cum laude' (The Boston Globe)
• The surprising return of the repo man (WashPo)
• Trump feels presidential smartphone security is too inconvenient (Ars Technica)
• Trump Jr. and Other Aides Met With Gulf Emissary Offering Help to Win Election (NY Times)
• Re: Securing Elections (Mark E. Smith)
• Re: Dark code (Kelly Bert Manning, Richard O'Keefe)
• Fitness App Leads To Arrest For Attack On McLean Cyclist (McLean VA Patch)
• Man Is Charged With Hacking West Point and Government Websites (NYT)
• Fake Facebook accounts and online lies multiply in hours after Santa Fe school shooting (WashPo)
• Re: "Warning: Dangerous Fake Emails About Google Privacy Changes" (Wol)
• Re: Not So Pretty: What You Need to Know About E-Fail and the PGP Flaw (Yooly)
• Re: Deadly Convenience: Keyless Cars and Their Carbon Monoxide Toll (NYT)
• Re: Chinese GPS (Dimitri Maziuk)
• Re: The risk from robot weapons (Amos Shapir)
• Will You Be My Emergency Contact Takes On a Whole New Meaning (NYT)
• This fertility doctor is pushing the boundaries of human reproduction —with little regulation (WashPo)
• As DIY Gene Editing Gains Popularity, `Someone Is Going to Get Hurt'

Volume 30 Issue 71 (Tuesday 5 May 2018)

• Microsoft to acquire GitHub for $7.5 billion (Lauren Weinstein)
• Bitcoin backlash as 'miners' suck up electricity, stress power grids in Central Washington (Seattle Times)
• Every cryptocurrency's nightmare scenario is happening to Bitcoin Gold (Joon Ian Wong)
• Google to remove "secure" indicator from HTTPS pages on Chrome (Keith Medcalf, (Gene Wirchenko, John Levine)
• "How your web browser tells you when it's safe" (Gregg Keizer)
• "Smart lock user? Z-wave pairing flaw lets attackers open your doors from yards away" (Liam Tung)
• FBI tells router users to reboot now to kill malware infecting 500k devices (Dan Goodin)
• Banks Adopt Military-Style Tactics to Fight Cybercrime (NYTimes)
• How One Company Scammed Silicon Valley. And How It Got Caught. (John Carreyrou)
• Jaron Lanier: How Can We Repair The Mistakes Of The Digital Era? (NPR)
• YouTube stars' fury over algorithm tests (BBC.com)
• Amazon Toilet Paper Order of Over $7,000 Refunded 2 Months Later (Fortune)
• Amazon's Echo privacy flub has big implications for IT (Evan Schuman)
• "Bank of Montreal, CIBC's Simplii Financial report customer data breaches" (Asha McLean)
• "CBA sent over 650 emails holding data on 10k customers in error" (Asha McLean)
• License Plate Risks (Jeremy Ardley)
• "Jira bug exposed private server keys at major companies, researcher finds" (Zack Whittaker)
• Google Started a Political Sh*tstorm Because of Its Over-Reliance on Wikipedia (Motherboard)
• Signs of sophisticated cellphone spying found near White House, U.S. officials say (WaPo)
• Massive Visa Outage Shows the Fragility of Global Payments (WiReD)
• How can criminals manipulate cryptocurrency markets? (The Conversation)
• Ad Blocker Ghostery Celebrates GDPR Day by Revealing Hundreds of User Email Addresses (Gizmodo)
• Commentary: GDPR Misses the Point (Fortune)
• GDPR, Privacy, and CISSPforum vs "Community" (Rob Slade)
• German spy agency can keep tabs on Internet hubs: court (Phys)
• Trendism and cognitive stagnation (John Ohno)
• Re: Securing Elections (Amos Shapir)

Volume 30 Issue 72 (Tuesday 12 June 2018)

• Another risk of driverless cars (PGN)
• Emirates looks to windowless planes (bbc.com)
• 180,000 Voters accidentally left off LA County polling place rosters (Irfan Khan)
• Ontario election results Not a Number (Tony Marmic)
• Florida skips gun background checks for a year after employee forgets login (Naked Security)
• All accredited journalists at the #KimTrumpSummit get a free USB fan (YCombinator)
• Israelis nabbed in Philippines are tip of iceberg in alleged fraud gone global (The Times of Israel)
• Sweden Tries to Halt Its March to Total Cashlessness (Bloomberg)
• Cryptocurrencies Lose Billions In Value After An Exchange Is Hacked (NPR)
• "Cryptocurrency theft malware is now an economy worth millions" (NPR)
• Quebec Halts Bitcoin Mining Power Requests Amid Booming Demand (Charlie Osborne)
• The Spanish Liga uses the phone microphone of millions of fans to spy on bars (El Diario)
• Navy Contractor Hacked: Reams of Secret Documents Taken (WashPo)
• G Suite leaks in 10,000+ orgs: Google UX blamed, fury at no-bug defense (TechBeacon)
• "Password reset flaw at Internet giant Frontier allowed account takeovers" (Zack Whittaker)
• Why a DNA data breach is much worse than a credit card leak (The Verge)
• "Facebook gave some companies extended access to user data" (Stephanie Condon)
• Facebook bug made up to 14 million users' posts public for days (WiReD)
• "Cisco fixes critical bug that exposed networks to hackers" (Zack Whittaker)
• "Meet Norman, the world's first 'psychopathic' AI" (Charlie Osborne)
• Should We Always Trust What We See in Satellite Images? (Scientific American)
• The NSA Just Released 136 Historical Propaganda Posters (Motherboard)
• Unproven facial-recognition companies target schools, promising an end to shootings (WashPo)
• The Zip Slip vulnerability: what you need to know (Naked Security)
• All the people Apple just pissed off to better protect your privacy (Fast Company)
• Recounting 'Horror Stories' Over Guitar Center's Warranties (NYT)
• Add Bryan Colangelo to the long list who have been burned by social media (ESPN)
• Microsoft, Github, & distributed revision control (Medium)
• How the body could power pacemakers and other implantable devices (Charles Q. Choi)
• Having better risk-based analysis for your banks and credit cards (David Strom, Phil Smith III)
• Re: Securing Elections (Chris Drewe)

Please report problems with the web pages to the maintainer