Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
https://www.washingtonpost.com/world/drone-attacks-on-saudi-oil-facilities-spark-explosions-and-fires/2019/09/14/b6fab6d0-d6b9-11e9-ab26-e6dbebac45d3_story.html
From the Cryptography Mailing List <cryptography@metzdowd.com> Too long to try to summarize. It looks as if the Russians, starting in roughly 2010, managed to crack the encryption used on FBI tactical radios. “A former senior counterintelligence official blamed the compromises on a `hodgepodge of systems' ineffective beyond the line of sight. The infrastructure that was supposed to be built, they never followed up, or gave us the money for it. The intelligence community has never gotten an integrated system.'' https://news.yahoo.com/exclusive-russia-carried-out-a-stunning-breach-of-fbi-communications-system-escalating-the-spy-game-on-us-soil-090024212.html
Google CEO Sundar Pichai warned on Tuesday that "detecting deepfakes is one of the most important challenges ahead of us," and announced the search giant had released a massive trove of such videos. The goal: to use those deepfakes as a dataset for researchers working on tools and techniques to detect these AI-altered, doctored clips. (Earlier this year, Google also released a dataset of synthetic speech <https://www.blog.google/outreach-initiatives/google-news-initiative/advancing-research-fake-audio-detection/> to help researchers working on detecting fake audio.) Google said a blog post that it has plans to add to the dataset—which is made up of both real and fake videos produced through deepfake generation methods available to the public—as the technology becomes more sophisticated. "We firmly believe in supporting a thriving research community around mitigating potential harms from misuses of synthetic media," the company said. Researchers have warned that the volume and sophistication of deepfakes will continue to climb as the 2020 election approaches, but some are wary that government regulation of deepfakes would raise First Amendment concerns. "I don't think [legislation's] a good way to go," Paul Barrett, deputy director of NYU's Stern Center for Business and Human Rights and the researcher behind a new report on 2020 disinformation, told your MT host. "The better alternative is for the companies themselves to devise technology that can flag potential deepfakes. ... It's incumbent on the companies to invest more and work harder to make the kind of distinctions that need to be made."
EXCERPT: The world of connected consumer electronics, IoT, and smart devices <https://thehackernews.com/2017/08/hacking-track-movements.html> is growing faster than ever with tens of billions of connected devices streaming and sharing data wirelessly over the Internet, but how secure is it? As we connect everything from coffee maker to front-door locks and cars to the Internet, we're creating more potential—and possibly more dangerous -- ways for hackers to wreak havoc. Believe me, there are over 100 ways a hacker can ruin your life just by compromising your wireless router—a device that controls the traffic between your local network and the Internet, threatening the security and privacy of a wide range of wireless devices, from computers and phones to IP Cameras, smart TVs and connected appliances. <https://thehackernews.com/2018/10/ghostdns-botnet-router-hacking.html> In its latest study titled SOHOpelessly Broken 2.0, <https://www.securityevaluators.com/whitepaper/sohopelessly-broken-2/> Independent Security Evaluators (ISE) discovered a total of 125 different security vulnerabilities across 13 small office/home office (SOHO) routers and Network Attached Storage <https://thehackernews.com/2019/07/ransomware-nas-devices.html> (NAS) devices, likely affecting millions. “Today, we show that security controls put in place by device manufacturers are insufficient against attacks carried out by remote adversaries. This research project aimed to uncover and leverage new techniques to circumvent these new security controls in embedded devices,'' the researchers said. List of Affected Router Vendors... https://thehackernews.com/2019/09/hacking-soho-routers.html
James Rundle, *The Wall Street Journal*, 12 Sep 2019 via ACM TechNews, 18 Sep 2019 The more connected a smart city is, the greater its vulnerability to cyberattack, with sensors collecting data from streetlights and buildings one likely attack vector. Connections to smart grids and water-supply systems also could be exploited and hijacked, as could connections to autonomous vehicles. Suggested prevention and mediation strategies include encrypting data being transmitted over smart city networks, and ensuring everything is not on the same network. Portland, OR, keeps its sensors separate from wider urban networks as much as possible; that city also anonymizes its data and deletes collected video footage immediately after analysis, under the aegis of the city's Smart City PDX program. Meanwhile, officials in New York have established a testing laboratory for Internet of Things devices, which has completed examinations of more than a dozen devices for performance and vulnerabilities. Said Cesar Cerrudo, founder of Securing Smart Cities, “If you don't cover security from the very beginning, then it becomes very difficult to protect it.''
https://www.nytimes.com/2019/09/13/travel/delta-skybonus-fraud.html Gennady Podolsky used his position as a travel agent to cheat Delta Air Lines out of $1.75 million worth of loyalty points, according to an indictment.
People will accept anything as true if it confirms their beliefs -- regardless of whether a video or image has obviously been manipulated EXCERPT: Lots of people—including Congress—are worried about fake videos and imagery distorting the truth, purporting to show people saying and doing things they never said or did. I'm part of a larger U.S. government project that is working on developing ways to detect images and videos that have been manipulated. My team's work, though, is to play the role of the bad guy. We develop increasingly devious, and convincing, ways to generate fakes—in hopes of giving other researchers a good challenge when they're testing their detection methods. For the past three years, we've been having a bit of fun dreaming up new ways to try to change the meaning of images and video. We've created some scenarios ourselves, but we've also had plenty of inspiration from current events and circumstances of actual bad guys trying to twist public opinion. I'm proud of the work we've done, and hope it will help people keep track of the truth in a media-flooded world. But we've found that a key element of the battle between truth and propaganda has nothing to do with technology. It has to do with how people are much more likely to accept something if it confirms their beliefs. FINDING, AND PUSHING, TECHNICAL BOUNDARIES When we make our fakes, we start by collecting original, undoctored images and videos. Those not only offer raw material for us to manipulate the images but also include the data stored in authentic media files—sort of like a technical fingerprint that accompanies every piece of media that describes how and when it was taken, and with what tools... https://www.fastcompany.com/90404007/i-create-fake-videos-heres-why-people-believe-even-the-obvious-ones
https://www.washingtonpost.com/national/health-science/the-fool-that-fentanyl-made-into-a-millionaire/2019/09/14/dcb696ec-d6f9-11e9-8924-1db7dac797fb_story.html
Rob Walker, TheNYTimes, 14 Sep 2019 https://www.nytimes.com/2019/09/14/opinion/tech-backlash.html It's fun, and increasingly fashionable, to complain about technology. Our own devices distract us, others' devices spy on us, social media companies poison public discourse, new wired objects violate our privacy, and all of this contributes to a general sense of runaway change careening beyond our control. No wonder there's a tech backlash. But, really, is there? There certainly has been talk of a backlash, for a couple of years now. Politicians have discussed regulating big tech companies more tightly. Fines have been issued, breakups called for. A tech press once dedicated almost exclusively to gadget lust and organizing conferences that trot out tech lords for the rest of us to worship has taken on a more critical tone; a drumbeat of exposes reveal ethically and legally dubious corporate behavior. Novels and movies paint a skeptical or even dystopian picture of where tech is taking us. We all know people who have theatrically quit this or that social media service, or announced digital sabbaticals. And, of course, everybody kvetches, all the time. However, there is the matter of our actual behavior in the real-world marketplace. The evidence there suggests that, in fact, we love our devices as much as ever. There is no tech backlash. Consider Facebook: It's hard to imagine a more backlashable company. Facebook is widely associated with data breaches, the spread of dubious information and a basic deterioration of interpersonal communication. It was recently fined nearly $5 billion by the Federal Trade Commission for mishandling its customers' data. And, given its ubiquity, it's also a handy stand-in for the corporatization of online life in general. If you're going to make a show of quitting a tech service, Facebook may be your best choice. But according to its most recent quarterly report, the number of Facebook accounts used daily (1.59 billion) and monthly (2.4 billion) each increased by 8 percent over the prior quarter. Despite all the anecdotes you've heard about people deleting their accounts, the company's flagship app added about a million new daily users in the United States alone. Revenue was up 28%. Even factoring in the F.T.C. fine, Facebook recorded a profit of $2.6B. Facebook is not the only demonized tech platform; social media companies in general are routinely criticized as toxic swamps full of trolls, liars and bots. But again, there's no evidence of any exodus. In the same quarter, Twitter addedfive million new daily users, and Snap reported that the daily user base of its flagship Snapchat app grew 7 percent, its best-ever performance as a public company. According to the Pew Research Center, 72 percent of Americans usesome form of social media, a percentage that has risen steadily for years and shows no sign of flagging. (The people I know who quit Facebook all use Facebook-owned Instagram, WhatsApp, or both.) Habits die hard. But even more remarkable than our apparent reluctance to ditch the technologies we love to dis is a fervent embrace of newer new things that seem, at the very least, worth approaching with caution. Take smart speakers — the kind that respond to vocal prompts and questions — as an example. It's exactly the sort of technology that gives people pause. Is this thing listening to me all the time? What about these weird stories of smart speakers laughing or cursing, or randomly recording a conversation and sending it to the owners' contacts? The tech press has gotten better and better at chronicling the latest troubling answers — for instance, people may in fact listen to your voice activations as part of the process of refining the device's functionality — and detailing what, if anything, you can do about it. Nevertheless: As of last year, a little more than a quarter of American households owned a smart speaker, according to one estimate. The category leader is the Amazon Echo, equipped with the Alexa voice-recognition software; Amazon says it has sold more than 100 million Alexa devices. Certain tech-use indicators have in fact leveled off in recent years, but that's mostly because they correspond with categories that are already thoroughly established and widespread: Around 95 percent of consumers in the United States say they have or use a cellphone, and 89 percent have or use the Internet, according to Pew. But dig a little deeper into that data, and it turns out that *new connected devices continue to emerge* and we continue to embrace them. In addition to voice assistants, smart TVs and wearable devices are growing in popularity. Perhaps most remarkable, if you think we're in the midst of tech backlash, is the traction of the aggressively hyped smart-home trend, encouraging you to link your locks and lights and other household infrastructure to the Internet. Amazon(which intuitively ought to be suffering in a tech-backlashed environment) recently announced that the record sales on its most recent Prime Day promotion included “millions of smart home devices.''
Your Car. Your Data. Your Choice. is an Auto Care Association education initiative created to engage car owners, policymakers and other stakeholders on car data“ What is it, why it matters, and its implications for consumer choice. https://yourcaryourdata.org/
Pennsylvania has recent infestations of an invasive insect species (the spotted lanternfly). It has given a grant to a state university to track sightings of them, and they're publicizing the tracking very aggressively. But they won't accept a sighting report unless you first give them your name and telephone number. There's no indication as to who will have access to that data, which is especially concerning as it's a government-affiliated university and possibly susceptible to FOIA requests. That data would be a major boon for certain vendors and fund-raisers. Who is paying attention to the environment? Where do they travel and when? Etc. So, by collecting data they don't need, they're missing the dozen or so reports I would have made, and there are probably other non-reports by other privacy-minded people.
Privacy-minded changes to smartphone operating systems which foreground the background activity of third party apps are helping to spotlight more of the surveillance infrastructure deployed by adtech giants to track and profile human eyeballs for profit. To wit: iOS 13, which will be generally released later this week, has already been spotted catching Facebook's app trying to use Bluetooth to track nearby users..... https://techcrunch.com/2019/09/16/get-popcorn-for-ios-13s-privacy-pop-ups-of-creepy-facebook-data-grabs/
At least a dozen children diagnosed with autism were conceived with sperm from the same donor. https://www.washingtonpost.com/health/the-children-of-donor-h898/2019/09/14/dcc191d8-86da-11e9-a491-25df61c78dc4_story.html
http://www.bbc.com/future/story/20190918-is-humanity-changing-the-night-sky-with-artificial-stars There is already around 8,400 tonnes of debris and junk currently racing around the Earth as speeds of up to 18,000mph (28,800km/h). This hail of debris can damage and even destroy satellites if they collide—in 2009, a defunct Russian satellite smashed into a functioning US commercial satellite, breaking both spacecraft into at least 2,000 pieces, dramatically increasing the amount of debris in orbit in the process. “Nasa currently tracks thousands of pieces of debris down to the size of a marble and regularly performs avoidance maneuvers to keep its satellites safe. The International Space Station has also had to make several maneuvers to avoid debris during its 20 years in orbit.'' With a deployed 'man-mad space shield' of this magnitude already operational, but not readily controllable, there's no need to build a dedicated space force to defend the planet against extraterrestrial invasion!
https://www.nytimes.com/2019/09/18/magazine/boeing-737-max-crashes.html
In our latest privacy experiment, we tracked how four of the most popular TV brands record everything we watch. https://www.washingtonpost.com/technology/2019/09/18/you-watch-tv-your-tv-watches-back/ I've had a *smart* TV for almost a year; it's not online and I watch cable TV, DVDs, Roku (channels, Netflix, Amazon prime) just fine. I ignore its occasional pleas to connect it to the outside world.
https://www.bostonglobe.com/metro/2019/09/11/single-drivers-are-taking-over-mass-carpool-lanes/a32bKhXxoZNygjnPPjgKvO/story.html
https://www.nbcnews.com/news/us-news/false-emergency-alarms-set-hawaii-again-n1056281
What does a worst case scenario look like in public health? If we went the Hollywood route, you could envision all sorts of disasters. A lone patient spreading a deadly bug via international travel; a contamination in the food supply; heck, maybe just the emergence of a superbug resistant to existing treatments (a potential $100 trillion risk <https://click.newsletters.fortune.com/?qs=01edd9ca5e91c9d2cacdcadafa419ed0a96e80a0929024416654b57725ebd5101975ad65d20cb5f9b2631e012684a701c448d5f090da8e07> by some accounts). The thing is, any sort of pandemic could be catastrophic “ and the world simply isn't prepared to deal with such an outbreak, according to a first-of-its-kind report <https://click.newsletters.fortune.com/?qs=04a8392c00f77920cdb333607274ba4cc389753f201ffb5a822ce09f3d46b8e9f458bab130eb0bab31838c7fec525c8775fa8fd2a5b83d64> from the Global Preparedness Monitoring Board (GPMB). In fact, as many as 80 million people could die in an outbreak within 36 hours, the authors say, if an airborne pathogen were to make its way around the globe. The GPMB was convened by the World Health Organization (WHO) and the World Bank to investigate these exact kinds of issues. And the initial prognosis is grim (the report itself is frighteningly titled, `A World At Risk'). Here's just a snippet of what the group had to say: "The central finding of the report is that the world needs to proactively establish the systems needed to detect and control potential disease outbreaks. These acts of preparedness are a global public good that must meaningfully engage communities, from the local to the international, in preparedness, detection, response and recovery." The report outlines the many failures of international governments, from lackluster public health systems to lapses in communication to a dearth of drug and vaccine development, to prepare for a major pandemic. (The issue is serious enough that the World Bank created the first-ever global insurance market <https://click.newsletters.fortune.com/?qs=116f9e6ffa6b24f0c4888644a1e6141dfd41b7deeee304c6c77370d904d6564557f54c276ee97bc36a76975bf4152c7e38097a3477c4428d> for pandemics back in 2016.) But GPMB also offers some practical solutions. "Investing in health emergency preparedness will improve health outcomes, build community trust and reduce poverty, thereby also contributing to efforts to achieve the United Nations Sustainable Development Goals," the authors wrote. /From the foreword by Co-Chairs H.E. Dr Gro Harlem Brundtland and Mr Elhadj As Sy/: "For its first report, the Global Preparedness Monitoring Board reviewed recommendations from previous high-level panels and commissions following the 2009 H1N1 influenza pandemic and the 2014-2016 Ebola outbreak, along with its own commissioned reports and other data. The result is a snapshot of where the world stands in its ability to prevent and contain a global health threat. Many of the recommendations reviewed were poorly implemented, or not implemented at all, and serious gaps persist. For too long, we have allowed a cycle of panic and neglect when it comes to pandemics: we ran. http://apps.who.int/gpmb/annual_report.html Plus: We Are All Pawns in a Mosquito's World https://www.sierraclub.org/sierra/we-are-all-pawns-mosquitos-world
https://arstechnica.com/tech-policy/2019/09/man-behind-deadly-kansas-swatting-sentenced-to-15-months-in-prison/
Danny Palmer, ZDNet, 10 Sep 2019 Researchers at Trend Micro have found that cyber criminals are increasingly focusing their attention on hacking Internet of Things (IoT) devices. While routers remain the top target for IoT-based attacks, Internet-connected gas pumps are becoming a focal point as well. The researchers came to this conclusion after examining Dark Web marketplaces in five different languages: Russian, Portuguese, English, Arabic, and Spanish. They found the Russian market is the most sophisticated of the underground communities, with cyber criminals there ready to make money from attacks and exploits. Trend Micro's Bharat Mistry said operators of Internet-connected gas pumps and similar devices should have their default passwords changed, and “should also think about using features such as VPNs to encrypt the traffic, and mutual authentication, whereby both the device and the user validate one other before continuing.'' https://orange.hosting.lsoft.com/trk/click?ref=3Dznwrbbrs9_6-219dax21dd15x069949&
https://fortune.com/2019/09/19/security-cameras-are-dry-powder-for-hackers-heres-why/
Your iPhone just got a major security upgrade. Here are all the ins and outs. If you own a relatively new iPhone <https://www.wired.com/review/apple-iphone-11/>, this week you should have received a notification that the latest iOS 13 update <https://www.wired.com/story/apple-ios-13-arrives/> is ready to download. Besides the more obvious additions—like the introduction of dark mode, and the unexpected joys of Apple Arcade <https://www.wired.com/story/apple-arcade-reshape-mobile-gaming/>—it also features a raft of security and privacy enhancements. The reputation of iOS security may have taken some dings <https://www.wired.com/story/ios-security-imessage-safari/> of late, but it's still one of the most secure consumer operating systems available. Here are all the ways the latest version keeps you even more protected. https://www.wired.com/story/ios-13-security-privacy-features-settings/ ...complicated, sigh.
Catalin Cimpanu for Zero Day | 19 Sep 2019 New 20,000 batch of payment card details found on the dark web and traced back to new Click2Gov hacks. https://www.zdnet.com/article/two-years-later-hackers-are-still-breaching-local-government-payment-portals/ opening text: Two years after hackers first started targeting local government payment portals, attacks are still going on, with eight cities having had their Click2Gov payment portals compromised in the last month alone, security researchers from Gemini Advisory have revealed in a report shared with ZDNet today. These new hacks have allowed hackers to get their hands on over 20,000 payment card details belonging to US citizens, which are now being traded on the dark web, the cyber-security firm said.
Charlie Osborne for Zero Day | 20 Sep 2019 Charges now include unregistered drone operation, meth use, and unlawfully owning firearms. https://www.zdnet.com/article/man-allegedly-used-drones-to-pelt-ex-girlfriends-home-with-bombs/ In the aftermath of a breakup, people can lose all reason and taking irresponsible action—whether it be cutting up an ex-partner's clothes, throwing out their possessions, or scratching their car. In extreme cases, drones, otherwise known as unmanned aerial vehicles (UAVs), may also allegedly become weaponized. According to US prosecutors, a 43-year-man used a DJI Phantom 3 drone to drop homemade bombs on a previous girlfriend's property.
Adrian Kingsley-Hughes for Hardware 2.0 | 23 Sep 2019 A Washington man credits the Apple Watch with helping to save his father's life following a biking accident that left him unconscious. https://www.zdnet.com/article/apple-watch-helps-save-motorcyclists-life/ The Apple Watch 4 and later contains a sensor that is continually looking out for the wearer suffering a hard fall that could render them unconscious and summon emergency help. This is exactly what happened to Gabe Burdett's father.
Last Saturday's newspaper featured an interview (couldn't find it on-line) with Margaret Atwood, author of `The Handmaid's Tale' and more recently `The Testaments'. This included her saying: “Like any human technology, there's a plus side, a minus side, and a stupid side that you didn't anticipate. Pick out any technology, it's true of them all.'' So it looks unlikely for RISKS to run short of source material any time soon...
[via Dave Farber] Greg Myre Facebook Twitter https://www.npr.org/sections/thetwo-way/2017/09/18/551792129/stanislav-petrov-the-man-who-saved-the-world-dies-at-77 Stanislav Petrov, a former Soviet military officer, poses at his home in 2015 near Moscow. In 1983, he was on duty when the Soviet Union's early warning satellite indicated the U.S. had fired nuclear weapons at his country. He suspected, correctly, it was a false alarm and did not immediately send the report up the chain of command. Petrov died at age 77. Stanislav Petrov was a lieutenant colonel in the Soviet Union's Air Defense Forces, and his job was to monitor his country's satellite system, which was looking for any possible nuclear weapons launches by the United States. He was on the overnight shift in the early morning hours of 26 Sep 1983, when the computers sounded an alarm, indicating that the U.S. had launched five nuclear-armed intercontinental ballistic missiles. “The siren howled, but I just sat there for a few seconds, staring at the big, back-lit, red screen with the word 'launch' on it,'' Petrov told the BBC in 2013. It was already a moment of extreme tension in the Cold War. On Sept. 1 of that year, the Soviet Union shot down a Korean Air Lines plane that had drifted into Soviet airspace, killing all 269 people on board, including a U.S. congressman. The episode led the U.S. and the Soviets to exchange warnings and threats. Petrov had to act quickly. U.S. missiles could reach the Soviet Union in just over 20 minutes. “There was no rule about how long we were allowed to think before we reported a strike,'' Petrov told the BBC. “But we knew that every second of procrastination took away valuable time, that the Soviet Union's military and political leadership needed to be informed without delay. All I had to do was to reach for the phone; to raise the direct line to our top commanders—but I couldn't move. I felt like I was sitting on a hot frying pan.'' Petrov sensed something wasn't adding up. He had been trained to expect an all-out nuclear assault from the U.S., so it seemed strange that the satellite system was detecting only a few missiles being launched. And the system itself was fairly new. He didn't completely trust it. Arms control expert Jeffrey Lewis recalled the episode in an interview last December on NPR: “[Petrov] just had this feeling in his gut that it wasn't right. It was five missiles. It didn't seem like enough. So even though by all of the protocols he had been trained to follow, he should absolutely have reported that up the chain of command and, you know, we should be talking about the great nuclear war of 1983 if any of us survived.'' After several nerve-jangling minutes, Petrov didn't send the computer warning to his superiors. He checked to see if there had been a computer malfunction. He had guessed correctly. “Twenty-three minutes later I realized that nothing had happened,'' he said in 2013. “If there had been a real strike, then I would already know about it. It was such a relief.'' That episode and the 1962 Cuban Missile Crisis are considered to be the closest the U.S. and the Soviets came to a nuclear exchange. And while the Cuban Missile Crisis has been widely examined, Petrov's actions have received much less attention. Petrov died on 19 May 2019, at age 77, in a suburb outside Moscow, according to news reports Monday. He had long since retired and was living alone. News of his death apparently went unrecognized at the time. Karl Schumacher, a German political activist who had highlighted Petrov's actions in recent years, tried to contact Petrov earlier this month to wish him a happy birthday. Instead, he reached Petrov's son, Dmitri, who said his father had died in May. Petrov said he received an official reprimand for making mistakes in his logbook on Sept. 26, 1983. His story was not publicized at the time, but it did emerge after the Soviet Union collapsed. He received a number of international awards during the final years of his life. In 2015, a docudrama about him featuring Kevin Costner was called The Man Who Saved The World. But he never considered himself a hero. “That was my job. But they were lucky it was me on shift that night.'' Greg Myre is a national security correspondent. Follow him @gregmyre1.
Virtual private networks: they help you sidestep geographical media restrictions, and they keep your web browsing private, right? Well, not always, because even if the best VPNs add a welcome layer of security to our web setups, cybersecurity experts are warning that there are just as many VPN applications that expose their trusting users to surveillance and cyberattacks. According to a broad range of specialists, many free and mobile VPNs on the market use unsafe protocols and log user activity, while even good virtual private networks can't always guarantee to protect their users from the prying eyes of a jealous government or its intelligence agencies. That's why it's vitally important that we not only choose the most reliable and robust VPNs available, but that we also learn how to configure and run them to their full potential. Otherwise, we may find ourselves in a similar situation to users of Fortigate and Pulse Secure, two VPNs which were targeted by cyberattackers last month. Normally, VPNs are very useful and dependable tools, with 30% of all Internet users employing a VPN at least once a month. “Generally speaking, a modern online VPN is a service that is designed to encrypt your entire computer's traffic and at the same time hide your identity by routing your (now encrypted) traffic through one or more anonymous routers,'' explains Yaniv Balmas, the head of cyber research at Check Point. “Assuming that the VPN provider uses up-to-date encryption methods and frequently changes its routing points, this service should provide a secure and robust service.'' However, Balmas adds that “the devil lies in the details,'' with poorly implemented virtual private networks causing “more harm than good for its users.'' In fact, the scale of the problem is actually more extensive than most people realise, because in many cases VPNs—and particularly free and/or mobile VPNs—not only don't work as advertised, but also leave users open to viruses and privacy violations. “We tested the top 150 free VPN Android apps and found that many had serious security flaws and performance issues,'' warns Callum Tennent, a VPN expert and the site editor at Top10VPN.com. Referring to a study his website conducted in February, Tennent alarmingly reveals that 18% of the tested VPNs contained potential malware or viruses, 85% featured excessive permissions or functions that could put a user's privacy at risk, and 25% exposed a user's traffic to DNS leaks and other leaks... https://www.forbes.com/sites/simonchandler/2019/09/23/too-many-vpns-put-our-privacy-and-security-at-risk/
https://www.nytimes.com/2019/09/25/opinion/huawei-internet-security.html https://edition.cnn.com/2019/09/21/opinions/chinese-spy-trains-are-not-a-credible-threat-schneier/index.html
The Washington Post's headline is seriously misleading. The story text says that students “earn 100 points for attending a home game and then get an additional 250 if they're still in attendance by the fourth quarter.'' To me, not rewarding someone is very different from penalizing them. The story (as opposed to the headline) implies that a student is always better off attending a game, even if the student leaves early.
> A new safety bulletin from the British government shows that an unplanned > landing in Ireland was caused by coffee that spilled on a control panel in > the cockpit. Life imitates fiction! This is exactly the cause identified for a plane crash in the movie *Fate is the Hunter*—in 1964. [There's no crying over spilled milk, but spilled coffee is different. The diverted aircraft resulted in a new form of diverticulitis for every passenger and crew member. PGN]
Please report problems with the web pages to the maintainer