Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
<https://www.wsj.com/articles/why-a-data-security-expert-fears-u-s-voting-will-be-hacked-11587747159>
In 2005, a concerned Florida election supervisor asked the Finnish data-security expert Harri Hursti to hack into one of the state's commonly used voting machines to test its vulnerability. The verdict wasn't reassuring. By modifying just a few lines of code on the machine's memory card, Mr. Hursti says, he could change the results of a mock election. That same model, he adds, will be among those used in the 2020 elections. (A spokesperson for the machine's vendor, Dominion Voting, says that these weaknesses were fixed in 2012, but Mr. Hursti says that he has tested the new version and found the updates insufficient.)
Mr. Hursti has spent the past 15 years trying to draw attention to the weaknesses in America's voting systems. Last month, he was featured in an HBO documentary called “Kill Chain: The Cyber War on America's Elections,” about far-reaching security breaches in multiple U.S. elections that he says have gone unfixed. He warns that both the American political establishment and the public are far too complacent. “Once you understand how everything works, you understand how fragile everything is and how easy it is to lose this all,” Mr. Hursti says in the film.
In 2017, the Department of Homeland Security notified 21 states that they had been targeted by Russian hackers in the previous year's voting. (Russia denies the allegations.) Mr. Hursti has worked with some of those states to stave off future attacks, he says, but past breaches are rarely investigated. DHS has said that it found no evidence that votes were changed during the 2016 voting. A 2017 U.S. intelligence assessment <https://www.dni.gov/files/documents/ICA_2017_01.pdf?mod”article_inline> — whose findings were unanimously reaffirmed <https://www.wsj.com/articles/senate-report-affirms-u-s-intelligence-findings-on-2016-russian-interference-11587483408?mod”article_inline> Tuesday by the Republican-led Senate Intelligence Committee—described a significant 2016 Russian “influence campaign” to “undermine public faith” in American democracy and “help President-elect Trump's election chances.”
Mr. Hursti focuses more on the hardware side of the voting process than information operations from hostile powers. He doesn't offer direct evidence of vote tampering in 2016, but he warns that, given the security flaws he has uncovered, it was certainly possible. For years, voting rights groups have been suing states, alleging problems with voting machines. Last August, a judge in Georgia ruled that the state needed new voting machines to replace unsecure, outdated ones that had malfunctioned during the 2018 governor's race. […]
After working in computer programming for most of his life, he is amused to hear critics calling him opposed to technology because of his calls for an old-school paper voting system. “I'm against the irresponsible use of technology,” he says, but “I'm the last person I would ever think people would be calling a Luddite.”
“Because of the different ways that our brains are wired, we all experience reality in different ways and any single way is essentially distorted. This is something that we need to acknowledge and deal with.”
“So if you want to know what is true and what to do about it, you must understand your own brain.”
https://twitter.com/RayDalio/status/1254134881472438275
Chaos in the oil sector could actually intensify climate change.
As the coronavirus cripples world economies, greenhouse gas emissions are plummeting: This year, they could drop by as much as 5.5 percent—the largest decrease ever recorded. On Monday, the price of oil went negative, meaning storing oil now costs more than the oil itself. Since we're burning less gas and fuel, air pollution has dropped 30 percent in northeastern cities, and Los Angeles's notorious smoggy skyline has cleared.
You might be thinking all this is great news for the environment. It's a nice idea ”- but the real story is more complicated. “You don't want companies collapsing like this,” says Andrew Logan, oil and gas director of Ceres, a think tank focused on sustainable investment. “Even the most ardent climate advocate shouldn't wish for a chaotic transition in this sector. A chaotic transition brings all sort of pain to workers and also the environment.”
Scientists examine whether this route enables infections at longer distances
Coronavirus has been detected on particles of air pollution by scientists investigating whether this could enable it to be carried over longer distances and increase the number of people infected.
The work is preliminary and it is not yet known if the virus remains viable on pollution particles and in sufficient quantity to cause disease.
The Italian scientists used standard techniques to collect outdoor air pollution samples at one urban and one industrial site in Bergamo province and identified a gene highly specific to Covid-19 in multiple samples. The detection was confirmed by blind testing at an independent laboratory.
Leonardo Setti at the University of Bologna in Italy, who led the work <https://www.medrxiv.org/content/10.1101/2020.04.15.20065995v1>, said it was important to investigate if the virus could be carried more widely by air pollution.
“I am a scientist and I am worried when I don't know,” he said. “If we know, we can find a solution. But if we don't know, we can only suffer the consequences.”
Two other research groups have suggested particles could help coronavirus travel further in the air, piggybacking on air pollution. <https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7151372/> <https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7156797/#CR6>
A statistical analysis by Setti's team suggests higher levels of particle pollution could explain higher rates of infection in parts of northern Italy before a lockdown was imposed, an idea supported by another preliminary analysis. The region is one of the most polluted in Europe. […]
<https://www.medrxiv.org/content/10.1101/2020.04.11.20061713v1> <https://www.medrxiv.org/content/10.1101/2020.04.06.20055657v1> <https://www.theguardian.com/environment/2020/apr/24/coronavirus-detected-particles-air-pollution>
Lauren's Blog: https://lauren.vortex.com/2020/04/27/recommendation-do-not-install-or-use-centralized-server-coronavirus-covid-19-contact-tracing-apps
The World Health Organization warned on Saturday that recovering from coronavirus may not protect people from reinfection as the death toll from the pandemic approached 200,000 around the globe.
Governments across the world are struggling to limit the economic devastation unleashed by the virus, which has infected nearly 2.8 million people and left half of humanity under some form of lockdown.
The United Nations has joined world leaders in a push to speed up development of a vaccine, but effective treatments for COVID-19 […] are still far off. <https://www.france24.com/en/tag/united-nations/> <https://www.france24.com/en/tag/coronavirus/>
But with signs the disease is peaking in the US and Europe, governments are starting to ease restrictions, weighing the need for economic recovery against cautions that lifting them too soon risks a second wave of infections.
The WHO <https://www.france24.com/en/tag/who/> warned on Saturday that there is still no evidence that people who test positive for the new coronavirus and recover are immunised and protected against reinfection.
>> Read more: ‘Grave concerns’ about Covid-19 immunity passports <https://www.france24.com/en/20200416-grave-concerns-about-covid-19-immunity-passports>
The warning came as some governments study measures such as “immunity passports” or documents for those who have recovered as one way to get people back to work after weeks of economic shutdown.
“There is currently no evidence that people who have recovered from #COVID19 and have antibodies are protected from a second infection,” WHO said in a statement. […] https://www.france24.com/en/20200425-no-evidence-that-recovering-from-covid-19-gives-people-immunity-who-says
[via Dave Farber]
About all those tests:
“There are three major problems with testing right now. One, we do not have the reagents. Our government is not working with private sector companies, as all the other governments of the world are now seeking testing to understand how to best ramp up these reagents that we do need. Number two is we have the wild, wild west for testing right now. The FDA has all but given up its oversight responsibility for the tests we have on the market. Many of them are nothing short of a disaster. And we got into that place because of the fact—once CDC had a problem, the FDA just opened the gate. And we have a lot of bad tests on the market right now. The third thing is these tests just do not perform well in low prevalent populations. Meaning that right now, if you were to test for antibody in most places in the United States, over half of the tests would be false positives. So what we need is a major, new initiative on testing that gets away from every day just saying how many people got tested. We're missing the mark in a big way right now.”
Dr. Michael Osterholm, the director of the Center for Infectious Disease Research and Policy at the University of Minnesota, 4/26/2020 on “Meet the Press”
Hopefully, even bad encryption can defeat bad spam filtering.
Yes, you are correct, the spam filter almost certainly looked at the entire message, which contained links, etc.
I didn't mention it, but it is true that the spam filter of this particular domain operates before looking at the “From:” whitelist, hence my sister can't receive this email by simply whitelisting me.
I wasn't kidding when I said censorship is in operation here: a number of email providers have unilaterally taken upon themselves the task of “protecting” their snowflakes from “bad” advice re certain pandemic viruses (I can't use the correct term else this email itself might get censored).
This problem is another variation on the “Scunthorpe problem” (Google it) [or dig up RISKS-18.07,08. PGN], wherein emails were censored for nasty words using simple character string searches which made certain perfectly good non-nasty words unusable.
Thanks John; that's a well-written white paper and lays out the arguments well. I agree with your conclusion that e-postage won't work across the board. If this example was interpreted as advocating for e-postage more broadly then that wasn't my intent!
For this particular company, the problem they were trying to solve was email overload of their staff. They worked out what they could control: the number of internal emails sent (especially given that a significant proportion of addresses included on emails sent were purely for arse-covering purposes).
I think the key differentiators between this specific example and that of broader e-postage are: the problem statement was well-defined and understood; the scope of the exercise was similarly well-defined and limited solely to the one company (admittedly with 100K+ employees and contractors); implementation was simple and capable of being rolled back quickly; and the charging was all internal. I guess the key outcome is that they were happy with the behavioural changes they got from the exercise.
Please report problems with the web pages to the maintainer