Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
https://techxplore.com/news/2020-11-self-driving-cars.html "As long as self-driving features require the driver to be ready to take control, the driver will remain liable for any accidents. Car manufacturers are only liable if there's a fault in their vehicle. But what happens if an autonomous passenger car causes an accident? Is the manufacturer liable because it designed the system that's at fault? "Some states are trying to address the question. Florida passed a law saying that the person who initiates a trip in an autonomous vehicle is considered the operator, and while the law doesn't explicitly establish liability, it is laying a foundation for how liability may be addressed. But the process is piecemeal, and so far existing laws haven't faced serious challenges in court." Given the consumer appeal for app-hailing transport, why shouldn't Florida's taxpayers underwrite DV accident liability? Carl Hiassen, the noted author of numerous satirical adventures about the Sunshine State, anticipates eventual DV deployment: "The Florida in my novels is not as seedy as the real Florida. It's hard to stay ahead of the curve. Every time I write a scene that I think is the sickest thing I have ever dreamed up, it is surpassed by something that happens in real life." --Carl Hiassen (https://www.brainyquote.com/quotes/carl_hiaasen_437593
The European journal /New Scientist /has an article in its 7 Nov 2020 issue
("Code Red").
https://www.newscientist.com/article/mg24833070-800-how-covid-19-has-exposed-a-huge-computing-disaster-in-the-making/
It describes the pandemic driving new and unexpected loads on systems like
those managing state unemployment benefits distribution. Managers find
themselves with legacy COBOL code and no staff able to repair errors as they
crop up. It's a familiar tale for RISKS readers, with fresh examples.
https://www.nytimes.com/2020/11/02/world/europe/whale-sculpture-netherlands-train.html The immediate risk? Gravity...
https://www.theguardian.com/world/2020/nov/02/fault-in-nhs-covid-app-meant-thousands-at-risk-did-not-quarantine
A WIRED investigation finds dozens of districts have purchased thermal cameras to monitor fevers that can also identify students and staff. https://www.wired.com/story/schools-adopt-face-recognition-name-fighting-covid/
One of the security lessons from CoVID-19 that didn't make it into the book is in regard to security awareness training. I have long been an advocate of education in general, and security awareness training in particular. A number of people say that security awareness training doesn't work. I maintain that security awareness training doesn't *always* work, but, in most cases, those who say it doesn't work really haven't actually tried doing it. It's hard to win an argument like that, since there is so little evidence one way or another. Well, now we have evidence. Many jurisdictions have tried various ways of controlling the pandemic. Some have lockdowns, some have enforced lockdowns, some have nothing, some have red zones, some have various types of orders to do or not do certain things. In BC we do have various health orders. But our chief medical health officer, Dr. Bonnie Henry, has constantly stressed the utility of education and support over shutdown orders or mask mandates. "The Dr. Bonnie Show (co-starring Adrian Dix)" used to be daily, although now it's down to twice a week. But every briefing our journalists in BC (proving how resistant *they* are to learning) ask a variation on the same question: "why aren't you more vicious in cracking down on/forbidding house parties, beach parties, people who don't wear masks, school re-openings, and other people who do things I don't like?" And every briefing Dr. Bonnie says the same thing: education is more effective and is working better than bullying. And she's actually doing the "awareness training" in regard to the pandemic. In BC, we are doing OK. We aren't clear, by any means. We are undergoing a worrying surge in cases right now. (Two of my grandchildren are part of that surge, so, for me, it's very worrying. Although they do seem to be getting better.) We are doing better than Ontario and Quebec, even when adjusted by population. We are doing better than Alberta, which has a smaller population. We are doing better than the US. (Well, who isn't?) We aren't doing as well as New Zealand, but who is? We are doing better than Sweden, which seems to hurt my case, except that Martin seems to be indicating that Sweden's "education" seems to consist of "we are the government and know best, so do what we say." As Dr. Bonnie says (pretty much every briefing, in response to the daily "viciousness" question), most of those in BC are trying to do the right thing. At the mall yesterday I saw a woman who had been sitting at a table wipe down, with a disinfecting wipe, the whole thing as she was leaving. She told me she always does. She also *wasn't* wearing a mask, although she *was* trying to keep distanced from people. So, no, awareness isn't perfect. But it does do something, and it does seem to be keeping our numbers lower than in other places. Without imposing complete lockdowns. So, try some awareness training. And wash your hands.
https://techxplore.com/news/2020-11-algorithmic-fairness-case-humans-loop.html This article discusses healthcare service allocation versus cost optimization using machine-driven decisions to deny/approve delivery. The expenses incurred to deliver a product or service to a customer confronts all businesses. "Pfohl agrees: 'I would argue that if you're in a setting where making a prediction doesn't allow you to help people better, then you have to question the use of machine learning, period. You have to step back and solve a different problem or not solve the problem at all.'" Human labor comprises a significant business expense. Delegate decision approval/denial to a machine programmed to optimize service allocation given their cost and, voila, expenditures shrink. Profits can rise autonomously without humans-in-the-loop. In healthcare service allocation, using patient profile characteristics (body mass index, blood chemistry, gender, ethnicity, etc.) as key discriminators for treatment approval/denial can elevate unsatisfactory treatment outcome risk frequency. Unsatisfactory patient (or customer) outcomes, especially for large cohorts experiencing profile-driven discrimination, promotes lawsuits. Corporate bottom lines increasingly reveal that human v. machine competition favors algorithmic efficiency—machines—to enable profit pursuit. Weak regulations and selective enforcement encourages this corporate strategy. Businesses can generate profit by training an effective workforce: a resilient talent pool of fewer employees possessing interdisciplinary skills. Mechanized operations, with human oversight in the loop, can function profitably when professionally, responsibly, and ethically managed. Risk: Unsupervised machine-based profit capture
Justin Jouvenal and Spencer S. Hsu, 2 Nov 2020 The protester might never have been identified, but an officer found an image of the man on Twitter and investigators fed it into a facial recognition system, court documents state. They found a match and made an arrest. The court documents are believed to be the first public acknowledgment that authorities used the controversial technology in connection with the widely criticized sweep of largely peaceful protesters ahead of a photo op by President Trump. The case is one of a growing number nationwide in which authorities have turned to facial recognition software to help identify protesters accused of violence. The case also provides the first detailed look at a powerful new regional facial recognition system that officials said has been used more than 12,000 times since 2019 and contains a database of 1.4 million people but operates almost entirely outside the public view. Fourteen local and federal agencies have access. Public defenders, defense attorneys and facial recognition experts said they were unaware of the existence of the National Capital Region Facial Recognition Investigative Leads System (NCRFRILS). Several said the Lafayette Square case was the first time they had seen its use disclosed to a defendant despite thousands of searches in bank robberies, human trafficking and gang cases. [...] https://www.washingtonpost.com/local/legal-issues/facial-recognition-protests-lafayette-square/2020/11/02/64b03286-ec86-11ea-b4bc-3a2098fc73d4_story.html
I thought your readers might be interested in the 4 articles we have published on the Post Office Horizon scandal this year: Peter Bernard Ladkin, Bev Littlewood, Harold Thimbleby and Martyn Thomas CBE, The Law Commission presumption concerning the dependability of computer evidence, 17 Digital Evidence and Electronic Signature Law Review (2020) 1 14. https://journals.sas.ac.uk/deeslr/article/view/514320 Peter Bernard Ladkin, 'Robustness of software, 17 Digital Evidence and Electronic Signature Law Review (2020) 15 24 https://journals.sas.ac.uk/deeslr/article/view/517120 Paul Marshall, The harm that judges do—misunderstanding computer evidence: Mr Castleton's story, 17 Digital Evidence and Electronic Signature Law Review (2020) 25 48 https://journals.sas.ac.uk/deeslr/article/view/517220 James Christie, The Post Office Horizon IT scandal and the presumption of the dependability of computer evidence, 17 Digital Evidence and Electronic Signature Law Review (2020) 49 70. https://journals.sas.ac.uk/deeslr/article/view/5226 The prosecution: Name of case: PEN 17 16 DIP, Regionalgericht Emmental-Oberaargau, Strafabteilung (Regional Court Emmental-Oberaargau, Criminal Division), 30 May 2018 Switzerland; criminal law; traffic violation; Autobahn; Tesla motor vehicle Traffic-Aware Cruise Control, and Autosteer mode engaged; collision; driver failed to control vehicle; Convention on Road Traffic, Vienna; [?] value of report by Tesla Motors Switzerland GmbH URL: https://journals.sas.ac.uk/deeslr/article/view/5230
Power your digital transformation This month, we are announcing two new offerings to help power your transformation digital: Microsoft Productivity Score and Microsoft Cloud for Healthcare. Measure and improve how your organization leverages Microsoft 365 to get work done: It's essential that people have the tools they need to do their best work. But tools alone are not enough, you also need to help everyone in your organization build the habits that harness the true power of those tools. Up until now, it's been difficult for leaders to get insight into these habits, and to understand how to help people make the most of the technology they invest in. Productivity Score can help by giving you visibility into how your organization works, insights to identify where you can make improvements, and actions you can take to update skills and systems so that everyone can do their best work. To get started, open your Productivity Score in the Microsoft 365 Admin Center. https://www.microsoft.com/en-us/microsoft-365/blog/2020/10/29/productivity-score-and-personalized-experiences-heres-whats-new-to-microsoft-365-in-october/ The risks? Marketing blather and new/improved snoopware?
A hacker identified only as Individual X had been sitting on a cryptocurrency gold mine for seven years before the IRS came knocking. https://www.wired.com/story/feds-seize-billion-stolen-silk-road-bitcoin/
A worker of a small company in Israel received mail, supposedly from her boss, telling her to "click on this link to avoid your mail account being canceled". She did, and followed instructions to enter her username and password. Nothing happened, so she forgot about it. A few months later, the company's bank account received several fraudulent requests for payment to a firm in Malaysia, backed by invoices supposedly approved by this worker. She was fired, and charged with fraud. Neither the police nor the prosecution cared about her claims of phishing. She was acquitted, and won a false firing claim, when it was proven that other workers in the same company—including the manager—had received similar phishing mails, and that management had neglected to warn workers about it, change passwords, etc. Source (Hebrew): https://www.ynet.co.il/digital/technews/article/SkqhwJ1Fv
If this doesn't sound very German, you're right, and you've probably never lived in Berlin—which has a reputation in Germany for chaos and incompetence that BER only reinforced. Over the last eight years, the terminal's troubles have provided Germany's capital and its leaders with steady servings of humiliation, and its taxpayers with a new target for their already renowned black humor: What do BER and Mars have in common? It's possible people will first land on both of them 30 years from now. Wouldn't it be cheaper to tear down Berlin and rebuild it next to a functioning airport? https://www.atlasobscura.com/articles/berlin-airport-dress-rehearsal
A software engineer was able to register a UK company name which would expose XSS vulnerabilities if listed on improperly-secured sites. Companies House forced the company to change its name. It is now legally known as THAT COMPANY WHOSE NAME USED TO CONTAIN HTML SCRIPT TAGS LTD. https://www.theguardian.com/uk-news/2020/nov/06/companies-house-forces-business-name-change-to-prevent-security-risk The risk? You can never trust any input from an external source, even if that source should be highly trustworthy.
https://techxplore.com/news/2020-11-australia-giant-megawatt-battery.html "Victoria officials say consumers should expect to see a return of $2 for every dollar invested in the project. The state will pay Neoem $84 million for the power grid." Lithium battery storage that buffer electrical distribution systems directly dependent on renewable sources are cost-effective for small-scale deployment. Wholesale replacement of carbon-source energy generation with a renewable source using lithium battery storage is apparently too expensive: manufacturing and life cycle maintenance expense are prohibitive. Discussion of peak-power supplement to natural-gas generator facilities using lithium battery storage can be found here: https://www.technologyreview.com/2018/07/27/141282/the-25-trillion-reason-we-cant-rely-on-batteries-to-clean-up-the-grid/ (retrieved on 07NOV2020). The reference conveniently estimates the funding necessary to entirely replace California's carbon energy generation capacity with renewables that incorporates lithium battery storage infrastructure for excess power. The expense is staggering. A nationwide embrace of renewable (non-carbon) energy sources, per Japan's recent pledge to adopt ammonia (https://phys.org/news/2020-11-japan-carbon-pledge-boosts-ammonia.html, retrieved on 07NOV2020) is very bold. Ammonia leaks are hazardous. https://www.msn.com/en-us/news/world/japan-e2-80-99s-new-climate-pledge-faces-a-massive-hurdle/ar-BB1aqfEl shows that Japan will have to swap-out ~500 Terawatt-hours of carbon-energy generation capacity over the next 40 years to achieve a ~90% green energy grid. There are clean energy storage mechanisms (carbon footprint-wise) that are apparently less expensive to operate: potential energy (train payloads at high altitude rolling down hill), molten sodium, or liquefied air. Each has advantages and disadvantages. Scientific and engineering judgment can identify the most effective solutions. Persuading politicians to embrace these facts will challenge generations.
https://www.channelnewsasia.com/news/cnainsider/can-robots-save-ailing-f-b-industry-cocktail-kopitiam-coffee-13448146 "They can mix a cocktail as fast as a human bartender can, and make coffee that tastes almost as good as a master's brew, but can they address the declining footfall in F&B outlets?" What food and beverage establishment owner would turn down this innovation? The boozebot minimizes waste, doesn't earn a salary, no healthcare insurance to pay, ready-to-mix-and-pour out-of-the-box, etc. A little WD-40, and an occasional stepper-motor tuneup suffices to keep the liquor and soft drinks flowing. To rope in F&B foot traffic, an enterprising roboticist might equip their boozebot product with an ELIZA-like voice-chatterbot to engage customer banter. Loyal imbibers can opt-out of automatic digital psychological profile construction, voice-print capture, etc., the perfect nightcap after a night on the town. "Sometimes a man'll tell his bartender things he'll never tell his doctor." --Dr. Phil Boyce in "Star Trek, The Cage" Nevermore.
You might be interested in the following SIPRI report Responsible Military Use of Artificial Intelligence: Can the European Union Lead the Way in Developing Best Practice? [1] Vincent Boulanin, Netta Goussac , Laura Bruun and Luke Richards SIPRI [2] November 2020 Accessible also from the USPID (www.uspid.org [3] ) in the page on Computers: National Security, War, and Civil Rights (https://www.uspid.org/compwa.html ) [1] https://www.sipri.org/publications/2020/other-publications/responsible-military-use-artificial-intelligence-can-european-union-lead-way-developing-best [2] https://www.sipri.org/ [3] http://www.uspid.org [4] http://www.isti.cnr.it
> CDA230 created a 3rd option for communications providers: in addition to > "wire providers" (think ATT: no control over content, no responsibility > for it) and "information providers" (think CNN: full control over content, > full responsibility), we now have FB/Twitter/Google who have full control > and no responsibility. That is so wrong I do not know where to start. For one thing, the liability model in 230 is not new. It is the one that has applied to newsstands and bookstores forever. Nobody expects the owner of a bookstore to know what is in every book, and if it turns out some of the books have illegal content (historically meaning pornography) the store owner isn't liable. The newsstand rule was applied to Internet providers by a Federal court under Cubby vs. Compuserve in 1991. But then, a NY state court misread that decision in Stratton Oakmont vs. Prodigy in 1995, which led Prodigy's owner IBM to push for the protection in the CDA which allowed them to moderate their user discussions without subjecting themselves to impossible legal standards. (Ironically, the allegedly defamatory posts saying that Stratton Oakmont was a fraud were true, and its managers later went to jail.) This same protection from 230 applies to every discussion list, including this one, and every web site that has user comments. It is literally true that without 230, the Internet would be nothing like it is now with only a tiny fraction of the discussions, debates, and user comments we expect. For much more on this see Mike Godwin's recent article here: https://verfassungsblog.de/on-publishers-carriers-and-bookstores/ > How about applying CDA230 only to _small_ players? If you have more than > 10% of all US users, you cannot censor content. Ah, so Facebook has to deliver every phish, every bit of anti-science nonsense, and every bit of spam? That is surely just what their users need and want. [Sam Steingold responded: and right now FB stops "anti-science nonsense" that does not suit their political agenda, but keeps spreading "anti-science nonsense" that supports it. This would certainly be a dramatic improvement compared with the current state of affairs where all users see is the news approved by the Agitprop Committee (Google/FB/Twitter). We live in a world of media monopoly which will have disastrous consequences - "democracy dies in darkness". This reminds me of USSR ca. 1970-ies & 80-ies: you can say whatever you want to your friends in the kitchen, but all the media is centrally controlled. You cannot spread an unapproved message - either in the USSR (jail time if you try) or in today's USA (monopolies stop the message and cancel culture destroys your life). Even if I agreed with the monopolies' political agenda, I would have still opposed the current situation because it destroys free exchange of ideas.] [Combine the responses as interstitiation makes more sense rather than having to be repetitious in order to understand a reply to a replies. PGN]
Re: Mulilo Sonnedix Prieska solar farm panel failures I don't know about this particular failure, but some of the older solar panel systems utilize *direct current* at relatively high voltage—just the sort of current one might utilize for *arc lighting* or *arc welding*! Indeed, check out some of the YouTube videos about solar panel system failures with DC arc-ing. Many of the newer solar systems are based upon *alternating current* -- typically of the same sort that you're already using—e.g., 120VAC, 240VAC, etc. While AC systems require multiple *inverters*, these inverters pay for themselves through better optimization of the energy output from each panel separately, and through added resilience due to redundancy (think RAIP—Redundant Array of Independent Panels; parallel Xmas tree lights rather than the old serial Xmas tree lights). The good news is that Moore's Law makes the inverters and computer controls cheaper with time; eventually, I expect to see inverters integrated into every individual solar panel. So the age-old Tesla/Edison battle of the currents continues to rage. BTW, the efficiency of most solar panels is higher when they are kept cooler -- e.g., by enabling air to circulate underneath. I'm surprised that solar panels don't come with integrated solar powered *fans*—I think that the trivial energy to power the fan is more than repaid by the higher output from the cooler panel. I would guess that the panel lifetime is also improved through cooler operation.
Despite the name, AI is not really intelligent at all, and, in particular, it is missing the context that would prevent a human camera operator from making such a mistake.
Dick Mills says that he can easily imagine an even bigger outcry if other certain systems were found to be impossible to switch off by the actions of a single person. Without sight of those "other certain" systems I cannot be definite, but experience strongly suggests that *any* outcry would be either limited to specialist media or a small puff of wind in a demitasse. But it reminded me of a joke that went around the Atlas computer lab in Manchester University (UK) in the late 1960s: British computer-maker ICL had designed and built the world's most powerful computer [I did say it was a joke], and the Queen was invited to inaugurate it. She was offered the opportunity to ask it a question and after a moment's contemplation she asked, "Is there a God?" [a question of obvious interest to a lady with the title 'Fidei Defensor']. The console lights flashed, the tape decks whirled, Friden Flexowriters chattered, Creed tape punches spewed out ribbons of perforated paper, sprocket-fed stationary poured from the back of Analex printers and clouds of Freon gas gushed from vents in the many steel-grey cabinets. After some time it was clear that Her Majesty was becoming restless, but just as the MD of ICL leaned forward to explain, all the console lights went out and the room fell silent. Clearly the decisive moment was at hand [the young Douglas Adams would have drawn inspiration from the drama]. Suddenly the overhead lights went out as well, plunging the room and the royal party into Stygian blackness. Then, with a crack like a whip, from one of the still off-gassing cabinets there leapt a bolt of lightning, straight at the main circuit-breaker, welding it shut. The console teletype clattered into action, typing out the words: "THERE IS NOW".
This reminds me of Robert Heinlein's sci-fi novel "Stranger in a Strange Land", where the first person born on Mars is determined to be, by some legal quirk, the legal owner and king of Mars.
To my friends in the Unexplored Southern Area: I hope your election goes well today. However, I'm a bit more concerned that, regardless of what happens with the election, you guys are on track to hit 10 million CoVID cases, probably by Remembrance Day. (Which seems somehow rather hideously appropriate.) Take warning by us: our Thanksgiving Day is earlier than yours. About a week later, we had the beginnings of a surge that is still going on. Including two of my grandchildren. And your Thanksgiving is a bigger deal than ours is. This is *NOT* the year to go home for the holidays. Figure out some creative way to celebrate *without* getting different people from different households into close proximity. Anyway, given that Remembrance/Armistice Day is coming up, herewith a little early this year: Terry Kelly's "A Pittance of Time" https://youtu.be/2kX_3y3u5Uo http://www.youtube.com/watch?v=pJctzkxFd08 http://www.youtube.com/watch?v=2kX_3y3u5Uo http://www.youtube.com/watch?v=rd5_YZbhtl0 http://www.youtube.com/watch?v=S8gRx8tWJmI http://www.youtube.com/watch?v=WvwlVz8WPH0
Please report problems with the web pages to the maintainer