Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
https://spectrum.ieee.org/view-from-the-valley/sensors/remote-sensing/cops-smart-street-lights
San Diego was the first city to fully embrace the CityIQ technology, though Atlanta and Portland did run pilot tests of the technology. San Diego financed the smart lights—and 14,000 other basic LED lights—with a plan that spread the payments out over 13 years, in such a way that the energy savings from replacing incandescent lighting would cover the cost and then some.
The CityIQ streetlights are packed with technology. Inside is an Intel Atom processor, half a terabyte of storage, Bluetooth and Wi-Fi radios, two 1080p video cameras, two acoustical sensors, and environmental sensors that monitor temperature, pressure, humidity, vibration, and magnetic fields. Much of the data is processed on the node—a textbook example of “edge processing.” That typically includes the processing of the digital video: machine-vision algorithms running on the streetlight itself count cars or bicycles, say, or extract the average speed of vehicles, and then transmit that information to the cloud. This data is managed under contract, initially by GE Current, and the data manager owns any analytics or algorithms derived from processed data.
Initially, at least, the data was expected to be used exclusively for civic analysis and planning and public convenience.
But in August 2018, everything changed. That's when, while investigating a murder in San Diego's Gaslamp Quarter, a police officer looked up and saw one of the new smart streetlights. He realized the streetlight's video cameras had a perfect view of the crime scene—one unavailable from the various security cameras in the area.
“We had never seen a video from any of these cameras before. But we realized the camera was exactly where the crime scene was.” says Jeffrey Jordon, a captain with the San Diego Police Department.
The police department reached out to San Diego's environmental services department, the organization responsible for the lights, and asked if video were available. It turned out that the video was still stored on the light -” it is deleted after five days—and Current was able to pull it up from the light to its cloud servers, and then forward it to the police department.
Christopher Bing, Reuters, 13 Aug 2020 via ACM TechNews, 17 Aug 2020
The U.S. National Security Agency (NSA) and Federal Bureau of Investigation (FBI) have publicly exposed a Russian hacking tool. Russia's Main Intelligence Directorate apparently used the “Drovorub” malware to penetrate Linux-based computers, which Keppel Wood at NSA's Cybersecurity Directorate said are pervasively employed by National Security Systems, the U.S. Department of Defense, the defense industrial base, and the at-large cybersecurity community. Steve Grobman at cybersecurity company McAfee said, “Drovorub is a ‘Swiss Army knife’ of capabilities that allows the attacker to perform many different functions, such as stealing files and remote-controlling the victim's computer.“ The report on Drovorub is the latest in a series of public disclosures by the U.S government targeting Russian hacking operations ahead of the 2020 presidential election.
https://orange.hosting.lsoft.com/trk/click?ref=3Dznwrbbrs9_6-2685fx22425dx065377&
Researchers—who previously made the headlines earlier this year for uncovering severe security issues in the 4G LTE and 5G networks—today presented a new attack called ‘ReVoLTE,’ that could let remote attackers break the encryption used by VoLTE voice calls and spy on targeted phone calls.
The attack doesn't exploit any flaw in the Voice over LTE (VoLTE) protocol; instead, it leverages weak implementation of the LTE mobile network by most telecommunication providers in practice, allowing an attacker to eavesdrop on the encrypted phone calls made by targeted victims.
VoLTE or Voice over Long Term Evolution protocol is a standard high-speed wireless communication for mobile phones and data terminals, including Internet of things (IoT) devices and wearables, deploying 4G LTE radio access technology.
The crux of the problem is that most mobile operators often use the same keystream for two subsequent calls within one radio connection to encrypt the voice data between the phone and the same base station, i.e., mobile phone tower.
Thus, the new ReVoLTE attack exploits the reuse of the same keystream by vulnerable base stations, allowing attackers to decrypt the contents of VoLTE powered voice calls in the following scenario.
https://thehackernews.com/2020/08/a-team-of-academic-researcherswho.html
Can police demand you unlock your phone if they want to examine it for evidence? Courts in different states have given different answers to this question, but New Jersey's Supreme Court has ruled that the answer is yes. The court decided that a suspect can be forced to use his passcode to unlock his phone. Read in 9to5Mac: https://apple.news/Ai9VM8hKhRbG9h0Wsbv43uw
This submission is a follow up to https://catless.ncl.ac.uk/Risks/31/62#subj12.1. Diminished import inspections likely elevates non-compliant product introduction and public health risk.
On 26 MAR 2020, I initiated a freedom of information act (FOIA) request to the US Health and Human Services (HHS) seeking historical FDA inspector full-time equivalent allocation. The FDA's Office of Regulatory Affairs (ORA) returned a response on 14AUG2020.
The FDA inspector corps assess product regulatory compliance from imports, domestic and foreign manufacturers. They are field-deployed personnel. The inspector corps align to FDA product lines.
Investigations trace to one of six FDA centers with jurisdiction over the product lines:
CBER—Center for Biologics Evaluation and Research CDER—Center for Drug Evaluation and Research CDRH—Center for Devices and Radiological Health CFSAN—Center for Food Safety and Applied Nutrition CTP—Center for Tobacco Products CVM—Center for Veterinary Medicine
Investigative FTE by Center (Domestic/Foreign and Import Operations)
FY,CBER,CDER,CDRH,CFSAN,CTP,CVM 2008,110.1,259.3,204.9,591.8,,85.2 2009,115.1,248.8,214.4,642.8,,91.3 2010,121.0,252.1,231.4,681.9,,89.8 2011,131.0,293.1,243.5,842.1,,91.4 2012,131.1,292.2,243.4,842.6,13.2,91.6 2013,140.1,333.6,246.5,903.9,13.2,105.1 2014,140.0,343.9,247.9,902.0,8.5,105.1 2015,127.5,367.2,270.7,911.2,7.8,106.2 2016,142.9,365.4,253.2,925.9,6.5,106.2 2017,143.2,354.9,253.8,963.0,6.5,106.3 2018,137.0,353.8,245.1,916.1,10.0,99.4 2019,122.6,323.6,219.6,875.9,11.6,98.9
One can observe from this table that 2019 inspector FTE ranges from ~80% to 90% that of the “peak” FTE (~2016)., confirmation of fewer “cops on the beat“ overseeing FDA-regulated product lines.
One can explore the FDA “enforcement reports” space using this URL: https://www.accessdata.fda.gov/scripts/ires/index.cfm. Note: This tool reports on enforcement action from 2012 to current. The FDA publishes an API to access the full recall database.
The enforcement report reveals many more voluntary manufacturer/supplier-initiated recalls than mandatory recalls initiated by the FDA.
POST-RELEASE product line defect escape detection surveillance is clearly operative. A further investigation to assess inspector FTE allocation and voluntary/involuntary product recall frequency might prove instructive.
Given recall density, public health and safety would measurably improve if manufacturer/supplier PRE-RELEASE product defect escape suppression was more effective.
The group says it's not involved in hacking
New Hampshire is touting itself as the first state in the country to authorize flying cars, which is a bit of an overstatement.
Why it matters: The bill signed by Gov. Chris Sununu, dubbed “the Jetson law,” makes it legal for “roadable aircraft” to drive on the state's roads.
Yes, but: It's still an interesting development on the road to future mobility.
How it works: […] https://www.axios.com/new-hampshire-jetson-law-flying-cars-47d8e13a-d6de-40b3-a1b3-28eff68a500a.html
Greenland's ice sheet has melted to a point of no return, and efforts to slow global warming will not stop it from disintegrating. That's according to a new study by researchers at Ohio State University. “The ice sheet is now in this new dynamic state, where even if we went back to a climate that was more like what we had 20 or 30 years ago, we would still be pretty quickly losing mass,” Ian Howat, co-author of the study <https://www.nature.com/articles/s43247-020-0001-2.pdf> and a professor at Ohio State University, said.
Greenland's ice sheet dumps more than 280 billion metric tons of melting ice into the ocean each year, making it the greatest single contributor to global sea level rise, according to Michalea King, the lead author of the study and researcher at Ohio State University. The ice loss has been so massive in recent years, she said, that it has caused a measurable change in the gravitational field over Greenland. Ice melting in Greenland contributes more than a millimeter rise to sea level every year, and that's likely to get worse. Sea levels are projected to rise by more than 3 feet by the end of the century, wiping away beaches and coastal properties.
Coastal states like Florida, and low-lying island nations are particularly vulnerable. Just 3 feet of sea level rise could put large areas of coastline underwater. Forty percent of the US population resides in coastal areas that are vulnerable to sea level rise. “There's a lot of places, like in Florida especially, where one meter alone would cover a lot of existing land areas,” King said. “And that's exacerbated when you get storms and hurricanes and things like that, that then cause extra surge on top of a higher baseline.”
The study also found that the ice sheet is retreating in rapid bursts, leading to a sudden and unpredictable rise in sea levels, making it difficult to prepare for the effects. The study used four decades of satellite data to measure changes in Greenland's ice sheet. The authors found that after 2000, the ice sheet shrank so rapidly that replenishing snowfall would not keep up with the rate of melting from parts of the glacier newly exposed to warmer ocean water, even if climate change were reversed. […] https://www.ctvnews.ca/sci-tech/greenland-s-ice-sheet-has-melted-to-a-point-of-no-return-according-to-new-study-1.5065393
[Just] My opinion
Trump's war against the Postal Service could have another casualty: tens of thousands of military veterans with disabilities https://www.businessinsider.com/trumps-war-against-postal-service-military-veterans-2020-4
Social Security checks being delayed along with prescriptions, due to Trump's attack on Postal Service https://twitter.com/TheAltarOfAndy/status/1294692146973351938
A Tel Aviv engineering college is working on an AI/machine learning system that they hope will be able to detect “vocal biomarkers” of a COVID-19 infection in a person's voice.
On one hand, it's a great idea if it actually works. But we all know that machine learning systems are approximations. They guess right most of the time if the samples you're testing are consistent with the data that you used to train the model. Like the face recognition systems that misidentify people of color as criminals, this system if put into use as proposed in the article (at the entrances of schools to decide who is allowed into the building) has the potential to ruin a lot of people's lives with false positives and maybe even kill a few people with false negatives.
https://www.bbc.com/news/world-53755289
“According to the Swiss-based monitoring agency Small Arms Survey, between 1979 and August last year almost 30,000 people across 101 countries were killed or injured by unplanned explosions at munitions sites (UEMS).“
http://www.smallarmssurvey.org/fileadmin/docs/V-Fact-sheets/SAS-Fact-Sheet-UEMS.pdf
The identifying causes of UEMS (excluding “undetermined”):
A supplemental table shows that “Purpose-built Storage” accounts for the majority of UEMS incidents over the tracked interval (1984-2019).
It seems that handling of nuclear weapons instills a certain measure of sanity and logical thinking among operators. It's precisely the realization that errors can and do happen, that caused operators to prefer the “don't shoot“ option in every case.
Epic [*] CEO Tim Sweeney says Apple fight is about ‘basic freedoms of all consumers and developers’. https://www.theverge.com/2020/8/14/21369622/epic-ceo-tim-sweeney-apple-fortnite-lawsuit-ban-basic-freedoms-developers
Apple has finally met its Fortnite match https://www.theverge.com/2020/8/14/21368651/apple-fortnite-ios-app-store-ban-lawsuit-epic-games-payments
Fortnite vs Apple vs Google: a brief and very incomplete timeline https://www.theverge.com/2020/8/14/21368504/fortnite-apple-google-app-store-brief-incomplete-timeline
Epic is suing Google over Fortnite's removal from the Google Play Store https://www.theverge.com/2020/8/13/21368363/epic-google-fortnite-lawsuit-antitrust-app-play-store-apple-removal
Fortnite for Android has also been kicked off the Google Play Store https://www.theverge.com/2020/8/13/21368079/fortnite-epic-android-banned-google-play-app-store-rule-violation
Watch Epic’s Nineteen Eighty-Fortnite short mocking Apple right here https://www.theverge.com/2020/8/13/21367924/watch-epic-nineteen-eighty-fortnite-short-apple-app-store-ban
It seems that no matter how sophisticated the AI may be, it's only as good as the people who had compiled its training set. The old principle still holds: Garbage in, garbage out.
Mark Thorson <eee@dialup4less.com> expresses concern about the common mismatches between sound and picture.
This is mostly likely an implementation issue in codecs. Digital video codecs, to minimise bandwidth, mostly transmit differences between frames. Sometimes the scene changes abruptly, and has to be re-sent in full, and demolition briefly, the stream falls behind.
There are effectively two channels in a stream, video and audio. The obvious thing to do is to try to catch up the video as soon as possible, and let the audio stutter. Video is where most of the information is, surely?
It turns out humans notice glitches in audio, especially speech, far more readily than in video. Audio is basically continuous, whereas video relies on the human visual system interpreting a series of still images as motion. We cope with dropped frames in video without noticing, unless there are a lot of them, but we notice audio problems.
Various companies have had to discover this for themselves over the years; it doesn't seem to be specified in the digital video standards. I suspect the feeds Mark has been watching have some contributors with equipment that still prioritises video over audio.
Synchronizing audio and video has been a problem since the advent of talking motion pictures.
The audio and video in digital TV are encoded and decoded separately. The video codes are a lot more complex and decoding can fall behind. There are supposed to be sync codes to adjust the audio to match but that doesn't always work.
https://en.wikipedia.org/wiki/Audio-to-video_synchronization
I'd think a deep fake would have if anything better sync than normal video since both streams are completely under the control of the fake maker.
> Furthermore, those 10 million are disproportionately likely to be wealthy
Or self-employed. At which point they should be employing an accountant anyway, for whom tax-prep will be a pretty mundane job.
And any decent accountancy firm will be like where my mum worked - “we should be able to save you more in tax than we charge in fees”.
(Over here, tax prep isn't the problem, it's HMRC continually changing the rules. Like claiming that people who converted from self-employed status to limited companies “did it as a tax dodge”. To which those people replied “no, we did it because HMRC twisted our arm!”)
… site refusing to work without JavaScript off …
That's been the web's “new normal“ for a while now, here's one I ran into recently:
Before complaining to the organizers I changed my mail client to html view and checked the link there: lo and behold, it took me to the correct poll for the next meting.
So look on the bright side: at least the “noscript” version of the website is telling you it's defunct. The “no html” MIME part of an e-mail message does not.
Perhaps you all need to “plant your flag” on Alpha Centauri, too?
“There's no point in acting surprised about it. All the planning charts and demolition orders have been on display at your local planning department in Alpha Centauri for 50 of your Earth years, so you've had plenty of time to lodge any formal complaint and it's far too late to start making a fuss about it now. … What do you mean, you've never been to Alpha Centauri? Oh, for heaven's sake, mankind, it's only four light years away, you know. I'm sorry, but if you can't be bothered to take an interest in local affairs, that's your own lookout. Energize the demolition beams.”
— Douglas Adams, The Hitchhiker's Guide to the Galaxy
”My way of joking is to tell the truth”
https://www.penguinrandomhouse.com/books/294039/plays-by-george-bernard-shaw-by-george-bernard-shaw/
Please report problems with the web pages to the maintainer