Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
[For the RISKS truthiness department.]
Sunday 4 Dec 2022
[Man online:] Hi, You've reached Austin at MyFacts, offering bespoke realities since 2002? How may I enhance your bubble?
Yeah, my QAnon belief system needs a tune-up. The predictions keep failing.
I'm sorry, sir. But on advice of counsel, we no longer service violent conspiracy theories.
How about my Dominion voting machine fantasy? Can I get that updated?
Afraid not, sir. That line was also discontinued after the Fox News lawsuits. We now only carry theories that are legally bulletproof.
Like what?
Well, for instance, we still stock alien abductions.
Aliens can't sue?
No sir, they lack standing, … Oh, wow! I see we're offering new photographic evidence for only $29.95.
[Also for the RISKS truthiness department.]
The New York Times, 3 Dec 2022, front Business front page, graphic:
This graphic appears over two articles: The New York Times, 3 Dec 2022, Business front page:
This graphic covers two articles:
Elon, Twitter, advertisers, and Al Capone Elon's Hunter Biden #Twitter bombshell was about as revelatory as the opening of Al Capone's vault. (Google it.)
I'm sure advertisers will be oh so very reassured by Elon's behavior. Nothing they'd like better than wondering if one day he'll start publicly releasing emails between them and Twitter during one of his rants. Or maybe DMs? Uh huh. -L
- - - -
Elon (Twitter) has been recommending newly restored account of neo-Nazi (Anglin) to everyday users
Elon is now Twitter. So I think it's fair to consider every Twitter recommendation to be a recommendation from Elon. https://www.washingtonpost.com/technology/2022/12/03/twitter-antisemitism-violence-jan-6/
- - - -
Every business and project of Musk is now tainted by his toxic behaviors related to #Twitter. And any support of any of those projects or businesses is directly or indirectly helping Elon to continue those behaviors. -L
- - - -
Elon Musk's Twitter Antics Are Tarnishing Tesla - Just As Its EV Rivals Are Catching Up
Authorities say substation damage that has blacked out 40K in North Carolina in cold weather (possibly until late this upcoming week) was done by gunfire. The technical term for this is domestic terrorism. -L
https://www.theverge.com/2022/12/3/23491259/sirius-xm-hack-remotely-unlock-start-cars
[We don't care. We don't have to. We're a Smart Phone Company.] (with apologies to Lily Tomlin)
Ron Amadeo - 2 Dec 2022 Samsung's Android app-signing key has leaked, is being used to sign malware [since 2016!] https://arstechnica.com/gadgets/2022/12/samsungs-android-app-signing-key-has-leaked-is-being-used-to-sign-malware/
The cryptographic key proves an update is legit, assuming your OEM doesn't lose it.
The story gets even weirder, though. As APKMirror founder Artem Russakovskii points out, some of the samples of officially signed malware on VirusTotal are from 2016! So has this problem been going on for six years? […]
What OEMs really need to do is stop using the compromised keys to secure their apps. It's not clear why Samsung continues to use the key. Android's APK Signature Scheme V3 allows developers to change app keys with just an update—you authenticate an app with the new and old key and indicate that only the new key is supported for updates. This is a requirement for Play Store apps, but again, system apps from OEMs are not subject to any of the Play Store rules, so some OEMs are still using the old v2 signature scheme.
Thankfully, these leaked keys are only for apps and not the keys used to sign OS updates. So even if the v3 signature scheme is not in use, theoretically the affected companies could ship a still-secure OTA update that includes new system apps with new keys, and they could make new corresponding Play Store updates that are compatible with those new keys. That sounds like a lot of work, though.
Consumers are now left in the dark about how this happened and how it's being handled. We're going to be very generous and hope it's just because this is a newly developing situation right now. We'll update this post if Samsung or Google answers any of our myriad questions.
The probe by a congressional watchdog tasked to oversee roughly $5 trillion in federal covid aid contends there was rampant abuse among fintechs.
https://www.washingtonpost.com/business/2022/12/01/fintech-covid-relief-frau= d/
16 major domestic airports are testing facial-recognition tech to verify IDs — and it could go nationwide in 2023.
https://www.washingtonpost.com/technology/2022/12/02/tsa-security-face-recog= nition/
https://www.nytimes.com/2022/12/02/us/social-security-theft-dead-mother.html
Thank you for that article, and there is more.
In addition to the arguments in the article, there always was that other problem that has never been solved but always glossed over: its actual utility for real life transactions.
Due to the distributed nature of the beast, transactions take several factors longer than traditional financial transactions, which, given its oft stated aim to replace existing financial systems, has always struck me as a rather important issue given the daily volume thereof. Add to that the amount of resources and energy needed per transaction in the context of global warming (which can no longer be shoved under the carpet as someone else's problem), and the question indeed becomes “why on Earth would you use it?”
As an aside, for those that claimed blockchains to be shiny and new, an online search for Merkle Tree is sure to disappoint.
The popular press tends to brand any remotely-controlled device, especially when used by law enforcement bodies, as “a robot”.
This confusion between remote control and autonomy, might lead to approval of devices in which a robot may control more than just movement—including making the decision when to pull the trigger.
Please report problems with the web pages to the maintainer