The RISKS Digest
Volume 32 Issue 15

Tuesday, 28th July 2020

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Contents

EncroChat
ZDNet
China's Huawei holds a 5G trump card
Reuters
Elon and Jeff are brilliant! Surely *they* can solve our broadband issues.
Amitel
Why Scientists Stored "The Wizard of Oz" in DNA
Popular Mechanics
Coronavirus misinformation goes wild again
NYTimes Tech
The dishonest reporting on the riots is breathtaking. The crisis in our media deepens...
Twitter
NIST study finds that masks defeat most facial recognition algorithms
????
Only those with plastic visors were infected: Swiss government warns against face shields
TheLocal.ch
Long-Lost Computation Dissertation of Unix Pioneer Dennis Ritchie
Rebecca Mercuri via PGN
PDF signatures *worse than* useless
Anthony Thorn
Re: Darwin's tautology?
Martin Ward
Re: The three worst things about email
Dmitri Maziuk
Re: Unsolicited Chinese seeds?
Devon McCormick
Info on RISKS (comp.risks)

EncroChat (ZDNet)

Peter Neumann <neumann@csl.sri.com>
Mon, 27 Jul 2020 16:54:54 -0700
Law enforcement in the United Kingdom has touted the takedown of encrypted
communications platform EncroChat as its "biggest ever" operation, so far
resulting in the arrest of 746 individuals, the seizing of 54 million pounds
in cash, 77 firearms, and over two tons of drugs.

EncroChat was one of the largest providers of encrypted communications and
offered a secure mobile-phone instant-messaging service. Its sole use was
for coordinating and planning the distribution of illicit commodities, money
laundering, and plotting to kill rival criminals, the UK's National Crime
Agency said.

https://zd.net/2WAPHGQ


China's Huawei holds a 5G trump card (Reuters)

geoff goodfellow <geoff@iconia.com>
July 28, 2020 at 08:16:44 GMT+9
Huawei is not so easy for Western countries to rip out. The Chinese
telecommunications-equipment giant founded by Ren Zhengfei owns a huge trove
of next-generation wireless patents. As a global standard for 5G emerges,
Huawei technology may become essential to carriers.

For years, the Shenzhen-based company has dominated the mobile
infrastructure market, outselling rivals Nokia and Ericsson by offering
cheaper alternatives. But U.S. concerns that Huawei equipment could be used
by Beijing for espionage has gained traction: officials in the UK and France
are purging their own networks of Chinese-made kit. A similar reaction
elsewhere will seriously dent a business that generated nearly $43 billion
in revenue for Huawei last year, roughly a third of the company's
total.

Replacing antennas and mast towers is one thing, though. Even if the likes
of Britain's Vodafone and BT remove all existing Huawei equipment—a move
the UK government conservatively estimates will cost 2 billion pounds --
global carriers will still be dependent on technology from Huawei to roll
out next generation networks. Research firm IPlytics has found that the
Chinese outfit owns the most 5G-related patents, and of that, roughly 15% of
the essential ones.

Simply put, these are technical specifications global carriers can build to
in order to ensure different networks are compatible with each other. Having
one unified standard will be vital for 5G, which is meant to seamlessly link
up billions of machines, cars, and gadgets around the world. [...]

https://www.reuters.com/article/us-huawei-tech-5g-security-breakingviews/breakingviews-chinas-huawei-holds-a-5g-trump-card-idUSKCN24S09Y


Elon and Jeff are brilliant! Surely *they* can solve our broadband issues. (Amitel)

geoff goodfellow <geoff@iconia.com>
Mon, 27 Jul 2020 13:14:51 -1000
Much has happened since we last visited the wacky world of low-earth orbit
(LEO) satellite constellations and their use in providing improved broadband
service to Canada's rural and remote users. This past Tuesday, July 21, all
of Iqaluit, the capital of the Territory of Nunavut was without
communication services; no Internet, no landline, no cell service, no cable
TV—simply because it was raining! In a first-world country like Canada
this is unacceptable. We need better broadband service in Canada's North
NOW.

There is a rash of breathless newspaper stories in the mainstream media
touting LEO service as arriving soon to resolve our remote and rural
broadband issues. I wrote about it before <https://www.amitel.com/elon/>,
that Elon Musk is not coming to save us any time soon. I also wrote about
the Chapter 11 bankruptcy of the early leader to provide LEO service to the
Arctic, OneWeb, here <https://www.amitel.com/oneweb/>.
<https://www.amitel.com/oneweb/> So where do we stand now on July 27, 2020?

Well on July 10, the U.S. bankruptcy court of the Southern District of New
York (SDNY) approved a joint $1 billion bid for OneWeb by Britain and Bharti
Airtel. The UK government and Bharti Global, an arm of Bharti Enterprises,
which part owns India's Airtel, will each have roughly 45 per cent of
OneWeb. The existing secured creditors, including SoftBank of Japan,
OneWeb's former biggest shareholder, will own the balance.

But the landscape has changed from before OneWeb's descent into Chapter 11
in the spring. OneWeb's original mission was to *connect the unconnected*;
ie it wanted to provide broadband service to the millions of people around
the world that do not have access to the Internet. The UK has invested $500M
into OneWeb for other strategic reasons, mainly to mitigate the effects of
Brexit on British industry. I sure hope they realize that it is going to
cost them more, much more and that $500M was just the table stakes to play
in the LEO game.  [...]

https://www.amitel.com/leo/


Why Scientists Stored "The Wizard of Oz" in DNA (Popular Mechanics)

geoff goodfellow <geoff@iconia.com>
Mon, 27 Jul 2020 13:13:51 -1000
*DNA Is Millions of Times More Efficient Than Your Computer's Hard Drive*

 - DNA can store far more data than a magnetic hard drive, but the
   technology is limited because the genetic material is prone to errors.
<https://www.popularmechanics.com/technology/gear/a31787710/best-external-hard-drive/>

 - Scientists at the University of Texas at Austin have come up with a
   way to store information in strands of DNA, while also correcting those
   errors.
   <https://cns.utexas.edu/news/power-of-dna-to-store-information-gets-an-upgrade>

 - To prove it, they've put the entirety of *The Wizard of Oz --
   translated into Esperant—into strands of DNA, with greater accuracy
   than prior methods.

When the Voyager spacecrafts launched in 1977, ready to study the outer
limits of our solar system, they brought with them two golden phonograph
records that each contained an assemblage of sounds and images meant to
represent life on Earth. But in the future, the perfect next-gen space
capsule could be found within our bodies.
<https://www.popularmechanics.com/space/deep-space/a29684597/voyager-2-interstellar-space-results/>

That's because DNA is millions of times more efficient at storing data than
your laptop's magnetic hard drive.  Since DNA can store data far more
densely than silicon, you could squeeze all of the data in the world inside
just a few grams of it.  "Because DNA has been chosen by all of life as the
information storage medium of choice...it turns out to be very robust," Ilya
Finkelstein, an associate professor of molecular biosciences at the
University of Texas at Austin, tells *Popular Mechanics. "*Long after our
magnetic storage becomes obsolete, nature will still be using DNA."
<https://blocksandfiles.com/2020/03/18/catalog-cdna-data-storage-economically-feasible/>
<https://www.popularmechanics.com/technology/gadgets/a29396384/how-to-wipe-computer/>

Finkelstein is part of a team at the University of Texas at Austin who are
pushing the limits on DNA-based storage methods. While this research area at
the intersection of molecular biology and computer science has been around
since the 1980s, scientists have struggled to find a way to correct the
errors that DNA can be so prone to making.

In a new paper published this week in the journal *Proceedings of the
National Academy of Sciences*, Finkelstein and company detail their new
error correction method, which they tested out on a classic novel. They were
able to store the entirety of *The* *Wizard of Oz*, translated into
Esperanto, with more accuracy than prior DNA storage methods ever could
have. We're on the yellow brick road toward the future of data storage.

A Brief History of DNA Storage.  [...]
https://www.popularmechanics.com/science/a33327626/scientists-encoded-wizard-of-oz-in-dna/


Coronavirus misinformation goes wild again (Shira Ovide)

Peter Neumann <neumann@csl.sri.com>
Tue, 28 Jul 2020 10:19:19 -0700
Shira Ovide [PGN-excerpted from a piece called `Amazon is Jeff Bezos', *The
  New York Times* online On Tech Newsletter, 28 Jul 2020.  Another timely
  item for our coverage of misinformation and truthiness.  PGN]]

https://www.nytimes.com/2020/07/28/technology/amazon-jeff-bezos.html

In just a few hours yesterday, another video with false information about
the coronavirus spread like wildfire on Facebook before the company started
to stamp it out.

The video—which I won't link to here, but you can find on Breitbart News
-- showed a group of purported doctors touting unproven treatments.

One of the videos racked up 14 million views in six hours, my colleague
Kevin Roose tweeted. A few months ago, another video filled with coronavirus
conspiracies, called *Plandemic* was watched more than eight million times
on YouTube, Facebook and other spots over multiple days.

Some of you may be wondering why it's so bad for people to watch a couple of
videos that go against the consensus of health experts. After all, there's a
lot about the virus we don't understand.

The problem is that it's not so easy to correct the record once someone sees
bogus ideas. We've seen that good information doesn't necessarily undo bad
information. Doses of falsehoods can make people doubt the recommendations
of proven health experts—or even, the validity of elections.

That's why Facebook, YouTube and other Internet companies, which have
highlighted coronavirus information from authoritative sources such as the
Centers for Disease Control and Prevention, have said they also would be
aggressive about deleting false information related to the virus. (On
Tuesday, Twitter temporarily limited some functions of the account of Donald
Trump Jr., one of the president's sons, as punishment for posting the video
with misleading information.)

And yet, this latest bogus video went wild, again making me wonder whether
Facebook and other popular Internet sites are so sprawling that the
companies can't control even the most high-profile kinds of false
information.


The dishonest reporting on the riots is breathtaking. The crisis in our media deepens... (Twitter)

geoff goodfellow <geoff@iconia.com>
Mon, 27 Jul 2020 13:11:57 -1000
https://twitter.com/brithume/status/1287725331198205953


NIST study finds that masks defeat most facial recognition algorithms (VentureBeat)

Lauren Weinstein <lauren@vortex.com>
Mon, 27 Jul 2020 10:26:12 -0700
https://venturebeat.com/2020/07/27/nist-study-finds-that-masks-defeat-most-facial-recognition-algorithms/

  [As kids in the 1940s, some of us learned that some masked men were good
 —e.g, The Lone Ranger!]


Only those with plastic visors were infected: Swiss government warns against face shields (TheLocal.ch)

<farber@keio.jp>
Mon, 27 Jul 2020 11:31:08 +0900
https://www.thelocal.ch/20200715/only-those-with-plastic-visors-were-infected-swiss-government-warns-against-face-shields


Long-Lost Computation Dissertation of Unix Pioneer Dennis Ritchie

Rebecca Mercuri <notable@mindspring.com>
Tue, 28 Jul 2020 14:19:52 -0400
Great article, especially for Ritchie fans—check it out!

https://thenewstack.io/the-long-lost-computation-dissertation-of-unix-pioneer-dennis-ritchie/

Poll: Should he have been awarded the Ph.D. posthumously? Yes / No

  [(Please to not submit your vote to RISKS.)
  Back-story: Dennis's thesis was never properly entered into the Harvard
  dissertation archives, because he did not submit a bound copy, although
  his PhD was indeed properly awarded.  Risks?  Having archaic rules that do
  not adapt to online submission, where today the bound copy would not have
  to be manually torn up in order to be scanned in—assuming it could
  instead now be submitted online as a pdf!  How does one submit a bound
  copy online?  Unless the rule has changed, we might presume an online
  might today be optional rather than mandatory?  PGN]


PDF signatures *worse than* useless (Re: RISKS-32.14)

Anthony Thorn <anthony.thorn@atss.ch>
Mon, 27 Jul 2020 07:53:50 +0200
Thanks to Mr Brodie-Tyrrell—and of course the researchers—for bring
this to our attention.

I just want to make a small correction ;-)

The title should be PDF signatures WORSE THAN useless, because they give the
appearance of security without providing it, whereas although an unsigned
PDF has the same "layers" vulnerability, it dose not claim to be authentic.


Re: Darwin's tautology? (Harper, RISKS-32.12)

Martin Ward <martin@gkc.org.uk>
Tue, 28 Jul 2020 10:56:37 +0100
> Tautologies often need to be pointed out.  Mathematics textbooks from
> Euclid's Elements onward are full of them, but millions still buy them
> because they are useful.

There are useful tautologies, such as mathematical theorems, and
content-free tautologies such as "Brexit means Brexit!".  An argument such
as the following is viciously circular and therefore fallacious: "God exists
because the Bible says so.  The Bible is true because it is the Word of
God".  A similar fallacious argument is: "Miracles don't happen.  Therefore,
any actual report of a miracle must be false.  Therefore, there are no true
reports of miracles.  Therefore, miracles don't happen".

On the other hand, an argument such as the Ontological Argument (for
example, as formalised by mathematician Kurt Gödel) is a valid argument and
tells us something useful about God: that if it is possible that God exists,
then God does in fact necessarily exist.  The argument is often criticised
by saying "The conclusion is implicit in the premises": but this is just a
property of every valid mathematical argument.

"Survival of the fittest" is often defined in a way that is viciously
circular: the "fittest" are defined as "those best fitted to survive" and
"those best fitted to survive" are determined by looking at survival
rates. The statement then becomes the content-free assertion "survival of
those that survived".  However, we can define "fittest" in terms of
heritable characteristics, then the statement becomes "survivors survive,
reproduce and therefore propagate any heritable characters which have
affected their survival and reproductive success" which is a meaningful
statement with a testable hypothesis: that such heritable characteristics
actually exist.

  ["A rose is a rose is a rose" is arisen.  PGN]


Re: The three worst things about email (RISKS-32.14)

dmaziuk <dmaziuk@bmrb.wisc.edu>
Sun, 26 Jul 2020 21:04:17 -0500
This is all very interesting I'm sure, but what does it have to do with
e-mail?

The article is using "issues" with 3 major web-based "e-mail providers":
Microsoft, Google, and Yahoo, as a promo for the new "e-mail provider"
startup who will get Everything Right(tm).

It's just a promo piece for something called "Hey", the only risk here is
someone might believe it has anything to do with RISKS.


Re: Unsolicited Chinese seeds? (RISKS-32.14)

Devon McCormick <devonmcc@gmail.com>
Sun, 26 Jul 2020 23:36:11 -0400
I received an email like this but in my case, I have actually ordered seeds
online that came to me from China.  Each delivery was in a squarish grey
non-rip plastic envelope with the contents listed as "stud earrings".  The
whole thing looked very amateurish, from the unlabeled enclosed tiny ziploc
bag to the return address which was something like "the south side of the
<something> gate, <some city>..."

I wonder if this alert is simply the result of mis-delivered seed packages
that were actually ordered by people.  Given the slap-dash appearance of
what I've received, that does not seem far-fetched.

Please report problems with the web pages to the maintainer

Top