Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
Alex Wilkins, New Scientist, 6 June 2021, via ACM TechNews 8 Jun 2022 Google's Yuhuai Wu and colleagues used the Codex neural network of artificial intelligence (AI) research company OpenAI to translate mathematical problems from plain English into formal code. Codex correctly translated 25% of 12,500 secondary-school math competition problems into a format compatible with a formal proof-solver program called Isabelle. Wu said the system's inability to understand certain mathematical concepts was responsible for many of the unsuccessful translations. The team then tested the process by applying Codex to problems pre-formalized by humans. The network produced its own formal versions, and the researchers used the MiniF2F AI to solve both versions; the auto-formalized versions raised MiniF2F's success rate from 29% to 35%, suggesting Codex's formalization was superior to that of humans. https://orange.hosting.lsoft.com/trk/click?ref=znwrbbrs9_6-2ec22x23445dx070666& [Perhaps this is a case in which formal methods might be used to prove -- or disprove—that nondeterministic AI generates code that is both deterministic and correct (or not)! PGN]
John Timmer, *Ars Technica*, 5 Jun 2022, via ACM TechNews 8 Jun 2022 A group of researchers from China's Shanghai Jiao Tong and Tsinghua universities identified an optimization calculation that could make blockchain systems more energy-efficient. The researchers concentrated on the energy supply other blockchains consume, noting optimization is needed in instances like matching supply with demand, and formulating the most economic mix of generating sources. They also proposed small sub-grids could self-manage through proof-of-solution (PoSo)-based optimizations, and used energy systems at the U.K.'s University of Manchester and the city of Suzhou, China, to test the concept. In both cases, the system quickly produced optimal solutions for resource distribution, which competed with centralized management. Although the system still demands multiple computers to execute calculations and verification, the researchers contend the PoSo blockchain solution is tougher to manipulate. https://orange.hosting.lsoft.com/trk/click?ref=znwrbbrs9_6-2ec22x234456x070666&
https://twitter.com/WorldAndScience/status/1534688766455173121 [This one is ominous. It ruins the meaning of the expression "Take this with a grain of salt. PGN
[However, please read this one with a grain of salt on its tale. PGN] STARBASE, TX—After some employee outcry against Elon Musk's announcement that remote workers must return to the office, Musk was reported to have sent a follow-up memo. Sources forwarded the internal email detailing a software update that will override employee Teslas and deliver its driver to the office for working hours. At midnight on June 8, your vehicle will automatically install a mandatory software update. Expect bug fixes, stability improvements, and your vehicle driving you to your workspace to begin your 8-14 hour work day, the email reportedly stated. Tesla executive Jared Fields took to Twitter around 11am on Tuesday from the produce section of his local Whole Foods to share his response: This is ridiculous—the power has gone to his head. I'm just as productive working from home as I am working in the office! Other Tesla employees were reported to have been shocked at the notice, as was the case with Shelby Burkhead, an HR manager who explained over brunch with her boyfriend during work hours that she needed an additional "Employee Mental Health Day" this week to recover from the news. At publishing time, Elon sent a follow-up internal email explaining measures that would be taken to make the transition back to office life easier on his employees. The new and improved office space will now have rotating "Home Sounds" audio playing overhead—crying babies, landscaping equipment, fire truck sirens, and the soft lull of a neighborhood chihuahua in heat. https://babylonbee.com/news/tesla-employees-cars-will-now-drive-them-to-wor= k-against-their-will
Meta, the parent company of Facebook and Instagram, is facing a slew of lawsuits alleging the company hasn't done enough to prevent psychological harm to its young users and is exploiting them for profit. The lawsuits filed this week allege that the social media sites deliberately design and use addictive psychological tactics to hook young and vulnerable users, despite "extensive insider knowledge" that their products are causing serious damage to young people's mental health. https://www.cnet.com/news/social-media/meta-facing-8-lawsuits-that-allege-its-addictive-algorithms-harm-young-users/
Automakers and technology companies say they are making driving safer, but verifying these claims is difficult. https://www.nytimes.com/2022/06/08/technology/tesla-autopilot-safety-data.html
A woman is accused of downloading data of more than 100 million Capital One customers. Her lawyers argue a conviction would criminalize legitimate research practices. https://www.nytimes.com/2022/06/08/technology/capital-one-hacker-trial.html
Department of Justice, U.S. Attorney's Office, Middle District of Florida Tuesday, June 7, 2022 Tampa, Florida—United States Attorney Roger B. Handberg, along with Special Agent in Charge Darrell Waldon for the IRS—Criminal Investigation Washington D.C. Field Office, and Special Agent in Charge David Walker for the FBI—Tampa Division, today announced the seizure of the SSNDOB Marketplace, a series of websites that operated for years and were used to sell personal information, including the names, dates of birth, and Social Security numbers belonging to individuals in the United States. The SSNDOB Marketplace has listed the personal information for approximately 24 million individuals in the United States, generating more than $19 million USD in sales revenue. https://www.justice.gov/usao-mdfl/pr/ssndob-marketplace-series-websites-listed-more-20-million-social-security-numbers-sale
Martin Luther King III is a global human rights activist and chairman of the Drum Major Institute. Everything my father, the Rev. Martin Luther King Jr., fought for is under attack. By some counts, things have gotten worse since my daughter was born than they were when Dad was alive. Rights that Americans hold dear are under assault across the country. Reproductive rights, the ability to be our full selves and the very pillars of our democracy are growing weaker every single day. It's no accident that the erosion of our civil liberties has coincided with the rolling back of voting rights in states across the country. When my father marched for equality decades ago, he understood that voting rights were a necessary part of the struggle for freedom and equality. Those on the other side know it, too, which is why they've systematically made it harder for Americans to vote. Eligibility requirements, polling locations and open hours at the polls have all been manipulated to keep too many Americans from being able to vote. In my home state of Georgia, they've even made it a crime to give water to people standing in line to vote. Our democracy is in crisis. That's why we mobilized this year to press for new federal voting rights legislation to ensure that the right to vote is not merely an aspiration but a reality, and to guarantee that every eligible voter, regardless of race, ethnicity or location, can access and cast a ballot knowing that it counts. But we don’t need to wait on Congress to take action. There are efforts across the country to expand access to the ballot, including in our nation's capital. The D.C. Council is considering legislation to make voting easier and more accessible by adding a mobile voting option for all voters. This bill would tear down barriers to access and make it dramatically easier for everyone to participate fully in our democratic process by allowing voting from smartphones, tablets or computers. https://www.washingtonpost.com/opinions/2022/06/03/next-step-long-march-expanding-mobile-voting-dc/ [Well, RISKS readers should know this violates the Einstein Principle. This is TOO SIMPLE, because all of the computer systems and networks involved can be hacked externally or manipulated by untrustworthy insiders, or perhaps both at the same time—concurrent rigging and counterrigging. That's another intesting twist on which side can counterrig the other side's riggings, and then do its own rigging. I don't think you can Wriggle out of that one, but I regret that I have to keep bringing it up. PGN]
https://twitter.com/internetofshit/status/1533517593637662720
[Not computer risks-related, but a notable story on plastic recycling.] https://www.scientificamerican.com/article/superworms-eat-and-survive-on-polystyrene/ These worms consume polystrene with microbiomes tuned for purpose. That's great news for those with a need to breakdown and dispose of a normally non-recycled modern packaging material. What to do with the worms after their buffet? Feed them to farmed fish? An unenviable destiny awaits these beneficial lifeforms.
I realize that this item is not RISKS material, but I couldn't help reacting as the story appeared within a day after my RISKS comment showed up in the digest. It illustrates so remarkably the point I was making. https://www.latimes.com/california/story/2022-06-08/cancer-groups-raise-alarm-about-losing-funds-to-track-california-cases Cancer researchers fear that**shrinking**funding for a program that tracks cancer cases across California could threaten its future. [...] The program has relied in part on state tax revenue from cigarette sales under Proposition 99, a 1988 ballot measure that boosted taxes by 25 cents per pack. As that revenue has fallen, the cancer registry program is expected to see a budget decrease of $1.6 million, driven largely by the decline in tobacco sales, according to figures provided by the California Department of Finance.
With Rostin Behnam, Dante Disparte, Sens. Kirsten Gillibrand (D-N.Y.), Cynthia Lummis (R-Wyo.) & Tomicah Tillemann https://www.washingtonpost.com/washington-post-live/2022/06/08/evolution-money-cryptocurrency-regulation/ This was MUCH more interesting than I expected—and longer, too. About 90 minutes, with Grayscale commercial blather in the middle. Random notes I took: Suggestion FDIC insure accounts. 19,000 coins exist. Web 3 is wonderful. SEC/CFTC disagree on who should regulate what. I learned about this: https://www.investopedia.com/terms/h/howey-test.asp KYC and AML were used without being defined (bad practice in presentations/interviews); I knew KYC but looked up AML and then remembered. U.S. sent big bucks to Ukraine via cryptocurrency. Sen. Lummis is BIG Bitcoin fan, called it "solid value store"; she's a HODLER. Surprise, crypto correlates with stock market—but might decouple someday. Grayscale calls crypto "investable asset class". Crypto needs new regulation. Crypto has intrinsic value. There's now a "Cambrian explosion" of coins—and that's wonderful. Not represented was the viewpoint that there's nothing there there. [hear hear! PGN]
Cipher Newsletter: IEEE CIPHER, Issue 167, June 9, 2022
Book Review By Sven Dietrich
8 June 2022
"A Vulnerable System: The History of Information Security in the Computer Age"
by Andrew J. Stewart
Cornell University Press 2022, ISBN 978-1-5017-589-42 303 pages
Haven't you always wondered about the backstories and the anecdotes in the
history of information security? What were the early motivations of computer
security? How did all those concepts come about?
If that is what you are wondering about, you are in luck: Andrew J. Stewart
acts as a historian and digs into the history of information security in
this new book. While other writers have provided insights into the history
of cryptography, in this work we learn about the Orange Book, the early
attacks on computer systems, and how it all evolved to current times.
Andrew J. Stewart's book "A Vulnerable System: The History of Information
Security Age" takes a stab at shining light into the far and dark corners of
computer security. It mentions some names of early-day computer security
researchers that I had the honor of meeting in the Claremont Tower Suite
("606") at the Security and Privacy conference in the late 1990s. It
includes stories about the creation of the Internet as well.
The book is divided into several chapters and contains an extensive
bibliography from popular science sources and research articles in
supplement to the many contextual and chapter-related notes at the end of
the book. The introduction mentioning the "Three Stigmata" is followed by a
chapter on 'A "New Dimension" for the Security of Information', 'The
Promise, Success, and Failure of the Early Researchers', 'The Creation of
the Internet and the Web, and a Dark Portent', 'The Dot-Com Boom and the
Genesis of a Lucrative Feedback Loop', 'Software Security and the "Hamster
Wheel of Pain", 'Usable Security, Economics, and Psychology', 'Vulnerability
Disclosure, Bounties, and Markets', 'Data Breaches, Nation-State Hacking,
and Epistemic Closure', and 'The Wicked Nature of Information Security'.
The author writes in an easily accessible style, allowing the reader to gain
a good overview of computer security at various stages of development, from
the mid-20th-century events to the late 2010s, and to delve deeper either by
following the notes at the back of the book (there are over 70 pages of
them!), or even by reading the relevant research articles that are
referenced in the select (and somewhat short) bibliography. Most topics are
covered this way and this lends a curious reader to complement their
scientific knowledge with amusing or eye-opening anecdotes.
Some topics, such as vulnerability disclosure, are approached in a
controversial manner, but then again those topics are controversial in real
life. Also there are surprising shortcomings: while the book takes note of
cyberattacks, including general and nation-state ones, there is no mention
of distributed denial-of-service (DDoS) attacks for example, even though he
mentions the Morris worm attack from 1988.
I enjoyed reading this book: some of the anecdotes brought back fond (or not
so fond, depending on how you look at computer security events) memories for
me, spanning the last three decades or so. Perhaps it will intrigue you as
well.
Please report problems with the web pages to the maintainer