The RISKS Digest
Volume 32 Issue 15

Tuesday, 28th July 2020

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…


China's Huawei holds a 5G trump card
Elon and Jeff are brilliant! Surely they can solve our broadband issues.
Why Scientists Stored “The Wizard of Oz” in DNA
Popular Mechanics
Coronavirus misinformation goes wild again
NYTimes Tech
The dishonest reporting on the riots is breathtaking. The crisis in our media deepens…
NIST study finds that masks defeat most facial recognition algorithms
Only those with plastic visors were infected: Swiss government warns against face shields
Long-Lost Computation Dissertation of Unix Pioneer Dennis Ritchie
Rebecca Mercuri via PGN
PDF signatures worse than useless
Anthony Thorn
Re: Darwin's tautology?
Martin Ward
Re: The three worst things about email
Dmitri Maziuk
Re: Unsolicited Chinese seeds?
Devon McCormick
Info on RISKS (comp.risks)

EncroChat (ZDNet)

Peter Neumann <>
Mon, 27 Jul 2020 16:54:54 -0700

Law enforcement in the United Kingdom has touted the takedown of encrypted communications platform EncroChat as its “biggest ever” operation, so far resulting in the arrest of 746 individuals, the seizing of 54 million pounds in cash, 77 firearms, and over two tons of drugs.

EncroChat was one of the largest providers of encrypted communications and offered a secure mobile-phone instant-messaging service. Its sole use was for coordinating and planning the distribution of illicit commodities, money laundering, and plotting to kill rival criminals, the UK's National Crime Agency said.

China's Huawei holds a 5G trump card (Reuters)

geoff goodfellow <>
July 28, 2020 at 08:16:44 GMT+9

Huawei is not so easy for Western countries to rip out. The Chinese telecommunications-equipment giant founded by Ren Zhengfei owns a huge trove of next-generation wireless patents. As a global standard for 5G emerges, Huawei technology may become essential to carriers.

For years, the Shenzhen-based company has dominated the mobile infrastructure market, outselling rivals Nokia and Ericsson by offering cheaper alternatives. But U.S. concerns that Huawei equipment could be used by Beijing for espionage has gained traction: officials in the UK and France are purging their own networks of Chinese-made kit. A similar reaction elsewhere will seriously dent a business that generated nearly $43 billion in revenue for Huawei last year, roughly a third of the company's total.

Replacing antennas and mast towers is one thing, though. Even if the likes of Britain's Vodafone and BT remove all existing Huawei equipment—a move the UK government conservatively estimates will cost 2 billion pounds — global carriers will still be dependent on technology from Huawei to roll out next generation networks. Research firm IPlytics has found that the Chinese outfit owns the most 5G-related patents, and of that, roughly 15% of the essential ones.

Simply put, these are technical specifications global carriers can build to in order to ensure different networks are compatible with each other. Having one unified standard will be vital for 5G, which is meant to seamlessly link up billions of machines, cars, and gadgets around the world. […]

Elon and Jeff are brilliant! Surely they can solve our broadband issues. (Amitel)

geoff goodfellow <>
Mon, 27 Jul 2020 13:14:51 -1000

Much has happened since we last visited the wacky world of low-earth orbit (LEO) satellite constellations and their use in providing improved broadband service to Canada's rural and remote users. This past Tuesday, July 21, all of Iqaluit, the capital of the Territory of Nunavut was without communication services; no Internet, no landline, no cell service, no cable TV—simply because it was raining! In a first-world country like Canada this is unacceptable. We need better broadband service in Canada's North NOW.

There is a rash of breathless newspaper stories in the mainstream media touting LEO service as arriving soon to resolve our remote and rural broadband issues. I wrote about it before <>, that Elon Musk is not coming to save us any time soon. I also wrote about the Chapter 11 bankruptcy of the early leader to provide LEO service to the Arctic, OneWeb, here <>. <> So where do we stand now on July 27, 2020?

Well on July 10, the U.S. bankruptcy court of the Southern District of New York (SDNY) approved a joint $1 billion bid for OneWeb by Britain and Bharti Airtel. The UK government and Bharti Global, an arm of Bharti Enterprises, which part owns India's Airtel, will each have roughly 45 per cent of OneWeb. The existing secured creditors, including SoftBank of Japan, OneWeb's former biggest shareholder, will own the balance.

But the landscape has changed from before OneWeb's descent into Chapter 11 in the spring. OneWeb's original mission was to connect the unconnected; ie it wanted to provide broadband service to the millions of people around the world that do not have access to the Internet. The UK has invested $500M into OneWeb for other strategic reasons, mainly to mitigate the effects of Brexit on British industry. I sure hope they realize that it is going to cost them more, much more and that $500M was just the table stakes to play in the LEO game. […]

Why Scientists Stored “The Wizard of Oz” in DNA (Popular Mechanics)

geoff goodfellow <>
Mon, 27 Jul 2020 13:13:51 -1000

DNA Is Millions of Times More Efficient Than Your Computer's Hard Drive

When the Voyager spacecrafts launched in 1977, ready to study the outer limits of our solar system, they brought with them two golden phonograph records that each contained an assemblage of sounds and images meant to represent life on Earth. But in the future, the perfect next-gen space capsule could be found within our bodies. <>

That's because DNA is millions of times more efficient at storing data than your laptop's magnetic hard drive. Since DNA can store data far more densely than silicon, you could squeeze all of the data in the world inside just a few grams of it. “Because DNA has been chosen by all of life as the information storage medium of choice…it turns out to be very robust,” Ilya Finkelstein, an associate professor of molecular biosciences at the University of Texas at Austin, tells Popular Mechanics. “Long after our magnetic storage becomes obsolete, nature will still be using DNA.” <> <>

Finkelstein is part of a team at the University of Texas at Austin who are pushing the limits on DNA-based storage methods. While this research area at the intersection of molecular biology and computer science has been around since the 1980s, scientists have struggled to find a way to correct the errors that DNA can be so prone to making.

In a new paper published this week in the journal Proceedings of the National Academy of Sciences, Finkelstein and company detail their new error correction method, which they tested out on a classic novel. They were able to store the entirety of The Wizard of Oz, translated into Esperanto, with more accuracy than prior DNA storage methods ever could have. We're on the yellow brick road toward the future of data storage.

A Brief History of DNA Storage. […]

Coronavirus misinformation goes wild again (Shira Ovide)

Peter Neumann <>
Tue, 28 Jul 2020 10:19:19 -0700

Shira Ovide [PGN-excerpted from a piece called ‘Amazon is Jeff Bezos’, The New York Times online On Tech Newsletter, 28 Jul 2020. Another timely item for our coverage of misinformation and truthiness. PGN]

In just a few hours yesterday, another video with false information about the coronavirus spread like wildfire on Facebook before the company started to stamp it out.

The video—which I won't link to here, but you can find on Breitbart News — showed a group of purported doctors touting unproven treatments.

One of the videos racked up 14 million views in six hours, my colleague Kevin Roose tweeted. A few months ago, another video filled with coronavirus conspiracies, called Plandemic was watched more than eight million times on YouTube, Facebook and other spots over multiple days.

Some of you may be wondering why it's so bad for people to watch a couple of videos that go against the consensus of health experts. After all, there's a lot about the virus we don't understand.

The problem is that it's not so easy to correct the record once someone sees bogus ideas. We've seen that good information doesn't necessarily undo bad information. Doses of falsehoods can make people doubt the recommendations of proven health experts—or even, the validity of elections.

That's why Facebook, YouTube and other Internet companies, which have highlighted coronavirus information from authoritative sources such as the Centers for Disease Control and Prevention, have said they also would be aggressive about deleting false information related to the virus. (On Tuesday, Twitter temporarily limited some functions of the account of Donald Trump Jr., one of the president's sons, as punishment for posting the video with misleading information.)

And yet, this latest bogus video went wild, again making me wonder whether Facebook and other popular Internet sites are so sprawling that the companies can't control even the most high-profile kinds of false information.

The dishonest reporting on the riots is breathtaking. The crisis in our media deepens… (Twitter)

geoff goodfellow <>
Mon, 27 Jul 2020 13:11:57 -1000

NIST study finds that masks defeat most facial recognition algorithms (VentureBeat)

Lauren Weinstein <>
Mon, 27 Jul 2020 10:26:12 -0700

[As kids in the 1940s, some of us learned that some masked men were good —e.g, The Lone Ranger!]

Only those with plastic visors were infected: Swiss government warns against face shields (

Mon, 27 Jul 2020 11:31:08 +0900

Long-Lost Computation Dissertation of Unix Pioneer Dennis Ritchie

Rebecca Mercuri <>
Tue, 28 Jul 2020 14:19:52 -0400

Great article, especially for Ritchie fans—check it out!

Poll: Should he have been awarded the Ph.D. posthumously? Yes / No

PDF signatures worse than useless (Re: RISKS-32.14)

Anthony Thorn <>
Mon, 27 Jul 2020 07:53:50 +0200

Thanks to Mr Brodie-Tyrrell—and of course the researchers—for bring this to our attention.

I just want to make a small correction ;-)

The title should be PDF signatures WORSE THAN useless, because they give the appearance of security without providing it, whereas although an unsigned PDF has the same “layers” vulnerability, it dose not claim to be authentic.

Re: Darwin's tautology? (Harper, RISKS-32.12)

Martin Ward <>
Tue, 28 Jul 2020 10:56:37 +0100
> Tautologies often need to be pointed out.  Mathematics textbooks from
> Euclid's Elements onward are full of them, but millions still buy them
> because they are useful.

There are useful tautologies, such as mathematical theorems, and content-free tautologies such as “Brexit means Brexit!”. An argument such as the following is viciously circular and therefore fallacious: “God exists because the Bible says so. The Bible is true because it is the Word of God”. A similar fallacious argument is: “Miracles don't happen. Therefore, any actual report of a miracle must be false. Therefore, there are no true reports of miracles. Therefore, miracles don't happen”.

On the other hand, an argument such as the Ontological Argument (for example, as formalised by mathematician Kurt Gödel) is a valid argument and tells us something useful about God: that if it is possible that God exists, then God does in fact necessarily exist. The argument is often criticised by saying “The conclusion is implicit in the premises”: but this is just a property of every valid mathematical argument.

“Survival of the fittest” is often defined in a way that is viciously circular: the “fittest” are defined as “those best fitted to survive” and “those best fitted to survive” are determined by looking at survival rates. The statement then becomes the content-free assertion “survival of those that survived”. However, we can define “fittest” in terms of heritable characteristics, then the statement becomes “survivors survive, reproduce and therefore propagate any heritable characters which have affected their survival and reproductive success” which is a meaningful statement with a testable hypothesis: that such heritable characteristics actually exist.

Re: The three worst things about email (RISKS-32.14)

dmaziuk <>
Sun, 26 Jul 2020 21:04:17 -0500

This is all very interesting I'm sure, but what does it have to do with e-mail?

The article is using “issues” with 3 major web-based “e-mail providers”: Microsoft, Google, and Yahoo, as a promo for the new “e-mail provider” startup who will get Everything Right(tm).

It's just a promo piece for something called “Hey”, the only risk here is someone might believe it has anything to do with RISKS.

Re: Unsolicited Chinese seeds? (RISKS-32.14)

Devon McCormick <>
Sun, 26 Jul 2020 23:36:11 -0400

I received an email like this but in my case, I have actually ordered seeds online that came to me from China. Each delivery was in a squarish grey non-rip plastic envelope with the contents listed as “stud earrings”. The whole thing looked very amateurish, from the unlabeled enclosed tiny ziploc bag to the return address which was something like “the south side of the <something> gate, <some city>…”

I wonder if this alert is simply the result of mis-delivered seed packages that were actually ordered by people. Given the slap-dash appearance of what I've received, that does not seem far-fetched.

Please report problems with the web pages to the maintainer