The RISKS Digest
Volume 33 Issue 60

Sunday, 15th January 2023

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…

Contents

NASA just brought a spacecraft 23 billion kilometres away to LIFE and the results are Astonishing
ViralOnce
Remote Vulnerabilities in Automobiles
Bruce Schneier
Linux Malware Uses 30 Plugin Exploits to Backdoor WordPress Sites
Bill Toulas
Cops Hacked Thousands of Phones. Was It Legal?
WiReD
The next time scammers call your grandparents asking for money, it will be with your voice.
MPost
Ransomware group LockBit apologizes saying 'partner' was behind SickKids attack
CBC-CA
Matt Levine on Ransomware compliance
Joe Loughry
Programming Languages: Why This Old Favorite Is on the Rise Again
Liam Tung
3rd-party Twitter apps stop working without warning, leaks indicate Twitter did this intentionally
Engadget
How ChatGPT Hijacks Democracy
*The New York Times*
ChatGPT-Written Malware
Bruce Schneier
Microsoft to challenge Google by integrating ChatGPT with Bing Search
The Verge
A New Area of AI Booms, Even Amid the Tech Gloom
NYTimes
Re: Pretty Smart AI
Jurek Kirakowski
State of the cybersecurity art
NCSC UK via Gary Hinson
Artist Banned from reddit/Art Because Mods Thought They Used AI
Vice
Re: Calculations on Maryland college savings plans lead to account freeze)
Martin Ward
Southwest airline disruption
Martin Ward
Amazing Southwest story...
Paul Saffo
The oven won't talk to the fridge: 'smart' homes struggle
techxplore.com
Colorado ski town emergency dispatch centers fielding dozens of automated 911 calls from skier iPhones
Jason Blevins via Paul Saffo
Re: As Tesla stock tanks, videos of Teslas malfunctioning in below-freezing temps go viral
John Levine
Re: Cats disrupt satellite Internet service
Henry Baker
Re: I bought a $15 router at Goodwill, and found a millionaire's dirty secrets
Steve Bacher
Info on RISKS (comp.risks)

NASA just brought a spacecraft 23 billion kilometres away to LIFE and the results are Astonishing (ViralOnce)

Gabe Goldberg <gabe@gabegold.com>
Mon, 9 Jan 2023 01:44:56 -0500
Controllers assessing the probe's sent data have now declared that Voyager 1
is once again delivering accurate telemetry data to Earth.

From the very beginning, it was clear that the problem was connected to the
mechanism responsible for ensuring that the probeâs antenna was always
pointed towards Earth. If the antenna were to flip, we would lose
communication with the spaceship (and the history of space exploration knows
too many such cases).

The engineers discovered that this antenna control system had resumed
transmitting telemetry data via an on-board computer that had been
decommissioned for many years. This computer was responsible for distorting
the data, which ultimately arrived on Earth as a succession of nonsensical
facts.

Once this was determined, the engineers issued a command to the probe
instructing it to send the data via the appropriate computer. As he withdrew
his hand, the issue disappeared. Obviously, it takes time to determine if
the cure was effective.

In fact, Voyager 1 is already almost 23 billion kilometers from Earth, which
implies that the signal from Earth takes 22 hours to reach the probe. The
signal verifying the command's execution is also traveling towards the
Earth.

After the probe's health was fully restored, the issue emerged as to how it
could suddenly begin using a long-forgotten computer. In the next weeks,
experts will examine all computer logs from the spacecraft's onboard systems
to determine the source of the misunderstanding.

https://viralonce.xyz/nasa-just-brought-a-spacecraft-23-billion-kilometres-away-to-life-and-the-results-are-astonishing/

  The risks? Out-of-warranty equipment too remote for service calls,
  decommissioned computers suddenly awakening. The good news, of course—a
  valuable lesson—is system logs.


Remote Vulnerabilities in Automobiles (Bruce Schneier)

Gabe Goldberg <gabe@gabegold.com>
Sun, 15 Jan 2023 15:55:00 -0500
This group has found a ton of remote vulnerabilities in all sorts of
automobiles.

It' enough to make you want to buy a car that is not Internet-connected.
Unfortunately, that seems to be impossible.

https://www.schneier.com/blog/archives/2023/01/remote-vulnerabilities-in-automobiles.html

DC Auto Show is this week—it'll be interesting grilling executives and
boothsters about this.


Linux Malware Uses 30 Plugin Exploits to Backdoor WordPress Sites (Bill Toulas)

ACM TechNews <technews-editor@acm.org>
Wed, 4 Jan 2023 11:44:01 -0500 (EST)
Bill Toulas, BleepingComputer, 30 Dec 2022,
via ACM TechNews; Wednesday, January 4, 2023

Antivirus vendor Dr. Web disclosed a new Linux malware that exploits 30
flaws in multiple outdated WordPress plugins and themes to inject malicious
JavaScript and give attackers remote command capabilities. The vendor said
the trojan targets 32-bit and 64-bit Linux systems; it is mainly designed to
penetrate WordPress websites via a series of hardcoded exploits that run
successively until one breaks through. If the sites run outdated or
vulnerable plugins, the malware automatically injects malicious JavaScript
from its command-and-control server. The exploit is most effective on
abandoned sites, because infected pages can redirect visitors to a location
of the hacker's choosing. Dr. Web advised WordPress website admins to update
to the latest available version of the themes and plugins running on the
site, and to replace those that are no longer developed with alternatives
now being supported.


Cops Hacked Thousands of Phones. Was It Legal? (WiReD)

Gabe Goldberg <gabe@gabegold.com>
Thu, 5 Jan 2023 16:03:16 -0500
When police infiltrated the EncroChat phone system in 2020, they hit an
intelligence gold mine. But subsequent legal challenges have spread across
Europe.

https://www.wired.com/story/encrochat-phone-police-hacking-encryption-drugs


The next time scammers call your grandparents asking for money, it will be with your voice. (MPost)

Steve Klein <steven@klein.us>
Mon, 9 Jan 2023 10:47:43 -0500
Summary: VALL-E is a transformer-based TTS model that can generate speech in
any voice after hearing only a three-second sample of that voice.  This
could routinely enable participation in hearings & trials, bad actors might
replace an unfriendly witness with a live deepfake of that same person,
testifying against the interest of the person being faked.  [Garbled e-mail
PGN-ed]

Link: https://mpost.io/vall-e-microsofts-new-zero-shot-text-to-speech-model-can-duplicate-everyones-voice-in-three-seconds/

  It might be trite, but never more apt, to say “The risks are obvious.''


Ransomware group LockBit apologizes saying 'partner' was behind SickKids attack (CBC-CA)

Matthew Kruk <mkrukg@gmail.com>
Mon, 2 Jan 2023 22:25:45 -0700
A global ransomware operator has issued a rare apology after it claims one
of its "partners" was behind a cyberattack on Canada's largest pediatric
medical centre.

LockBit, a ransomware group the U.S. Federal Bureau of Investigation has
called one of the most active and destructive in the world, posted a brief
statement on what cybersecurity experts say is its data leak site claiming
it has blocked its partner responsible for the attack on Toronto's Hospital
for Sick Children and offering the code to restore the system.

https://www.cbc.ca/news/canada/toronto/ransomware-group-sickkids-cybersecurity-update-1.6701688


Matt Levine on Ransomware compliance

Joe Loughry <joe.loughry@gmail.com>
Fri, 6 Jan 2023 14:04:20 -0700
In Matt Levine's "Money Stuff" newsletter, 5 January 2023, he wrote about
cybercriminals' need to balance aggressiveness and risk:

  Ransomware compliance

  I continue to be fascinated by the role of chief compliance officer at a
  ransomware company. In general, the chief compliance officer at any
  company has a dial in front of her that she can turn to get More Crime or
  Less Crime, and at a normal company—a bank, for instance—her job
  consists of

    (1) turning it most of the way toward Less Crime, but (2) not all the
    way, and (3) acting very contrite when politicians and regulators yell
    at her about the residual crime.  “We have a zero-tolerance
    policy for crime,'' she will say, and almost mean.

  But the chief compliance officer at a ransomware company—I assume that
  this is not an actual job, but rather one of many hats worn by some senior
  executive at the ransomware company, though what do I know—will turn
  the dial most of the way toward More Crime, since after all a ransomware
  company's whole business is crime, but, again, not all the way. Sometimes
  she will say no to crime, or at least act very contrite after doing crime.
  She will have, like, a 98% tolerance policy for crime.

  We have talked about this before, and one category of crime that a
  ransomware compliance officer might reject is “hacks that are so big and
  disastrous that they could call down the wrath of the US government and
  shut down the whole business.''  But another category of off-limits crime
  appears to be hacks that are so morally reprehensible that they will lead
  to other criminals boycotting you business.''  Here is a wild story about
  a ransomware attack on Toronto's Hospital for Sick Children, which is
  really the sort of name that ought to make you immune from hacking:

  A global ransomware operator issued an apology and offered to unlock the
  data targeted in a ransomware attack on Toronto's Hospital for
  Sick Children, a move cybersecurity experts say is rare, if not
  unprecedented, for the infamous group.

  LockBit, a ransomware group the U.S. Federal Bureau of Investigation has
  called one of the world's most active and destructive, issued the
  brief apology on Dec. 31 to what cybersecurity experts say is the dark web
  page where it posts about its ransoms and data leaks.

  In the statement, reviewed directly by The Canadian Press, LockBit claimed
  to have blocked the partner responsible for the attack
  and offered SickKids a free decryptor to unlock its data.

  LockBit's apology, meanwhile, appears to be a way of managing its image,
  said [cybersecurity researcher Chester] Wisniewski.

  The group is competing with other high-profile malware operators who are
  also trying to court hackers to use their system to carry out lucrative
  cyberattacks, he said. Hackers appear to move between the operators
  frequently.

  He suggested the move could be directed at those partners who might see
  the attack on a children's hospital as a step too far.

  “My instinct would be this is more aimed at criminal affiliates
  themselves trying to not disgust them into switching into a different
  ransom group,'' said Wisniewski.

  The way the ransomware business is organized seems to be that there are a
  couple of, like, malware-as-a-service providers like LockBit and DarkSide
  that provide software and expertise to independent hacker customers who
  pick the targets and do the hacks; the providers and the hackers split the
  ransoms. If you are one of the providers, you have to choose your hacker
  partners carefully so that they do the right amount of crime: You don't
  want incompetent or unambitious hackers who can't make any money, but you
  also don't want overly ambitious hackers who hack, you know, the US
  Department of Defense, or the Hospital for Sick Children. Meanwhile you
  also have to market yourself to hacker partners so that they choose your
  services, which again requires that you have a reputation for being good
  and bold at crime, but not too bold. Your hacker partners want to do
  crime, but they have their limits, and if you get a reputation for
  murdering sick children that will cost you some criminal business.


Programming Languages: Why This Old Favorite Is on the Rise Again (Liam Tung)

ACM TechNews <technews-editor@acm.org>
Fri, 6 Jan 2023 11:36:47 -0500 (EST)
Liam Tung, ZDNet, 6 Jan 2023, via ACM Tech News, 6 Jan 2023

Software-testing firm Tiobe has selected C++ as its programming language of
2022. Reported Tiobe use rose faster than all other languages last year, up
by 4.26% compared with January 2022, yet in this year's first monthly index,
it was ranked at No. 3. C++ rose in popularity faster than other languages
last year, a result of "its excellent performance while being a high-level
object-oriented language," according to Tiobe CEO Paul Jensen. Added Jensen,
"Because of this, it is possible to develop fast and vast software systems
(over millions of lines of code) in C++ without necessarily ending up in a
maintenance nightmare."


3rd-party Twitter apps stop working without warning, leaks indicate Twitter did this intentionally (Engadget)

Lauren Weinstein <lauren@vortex.com>
Sun, 15 Jan 2023 15:03:47 -0800
3rd party Twitter apps stop working without warning, leaks indicate
Twitter did this intentionally

https://www.engadget.com/twitter-may-have-deliberately-cut-off-tweetbot-and-other-third-party-clients-165048001.html?src=rss

  [PGN-ed excerpt: Earlier LW item:
  In desperate attempt to increase Twitter revenue, Elon moves to expand
  political and cause-based ads (without taking his promised poll before
  such a change).  (5 Jan 2023)]


How ChatGPT Hijacks Democracy (*The New York Times*)

Gabe Goldberg <gabe@gabegold.com>
Sun, 15 Jan 2023 12:55:53 -0500
Launched just weeks ago, ChatGPT is already threatening to upend how we
draft everyday communications like emails, college essays and myriad other
forms of writing.

Created by the company OpenAI, ChatGPT is a chatbot that can automatically
respond to written prompts in a manner that is sometimes eerily close to
human.

But for all the consternation over the potential for humans to be replaced
by machines in formats like poetry and sitcom scripts, a far greater threat
looms: artificial intelligence replacing humans in the democratic processes
â not through voting, but through lobbying.

https://www.nytimes.com/2023/01/15/opinion/ai-chatgpt-lobbying-democracy.html


ChatGPT-Written Malware (Bruce Schneier)

Bruce Schneier <schneier@schneier.com>
Sun, 15 Jan 2023 14:29:07 PST
  PGN-excerpted From Bruce Schneier's CRYPTO-GRAM, 15 Jan 2023

[https://www.schneier.com/blog/archives/2023/01/chatgpt-written-malware.html]

I don't know how much of a thing this will end up being, but we are seeing
ChatGPT-written malware in the wild,
[https://arstechnica.com/information-technology/2023/01/chatgpt-is-enabling-script-kiddies-to-write-functional-malware/]

...within a few weeks of ChatGPT going live, participants in cybercrime
forums—some with little or no coding experience—were using it to write
software and emails that could be used for espionage, ransomware, malicious
spam, and other malicious tasks.

“It's still too early to decide whether or not ChatGPT capabilities will
become the new favorite tool for participants in the Dark Web company.
However, the cybercriminal community has already shown significant interest
and are jumping into this latest trend to generate malicious code.''

Last month one forum participant posted what they claimed was the first
script they had written, and credited the AI chatbot with providing a nice
[helping] hand to finish the script with a nice scope.

The Python code combined various cryptographic functions including code
signing encryption and decryption. One part of the script generated a key
using elliptic curve cryptography and the curve ed25519 for signing files.
Another part used a hard-coded password to encrypt system files using the
Blowfish and Twofish algorithms. A third used RSA keys and digital
signatures message signing and the blake2 hash function to compare various
files.


Microsoft to challenge Google by integrating ChatGPT with Bing Search (The Verge)

Gabe Goldberg <gabe@gabegold.com>
Thu, 5 Jan 2023 15:57:51 -0500
ChatGPT made conversational AI accessible, now Microsoft is rumored to be
integrating the machine learning techniques behind it into Bing search
queries.

Even OpenAI CEO Sam Altman has cautioned that "it's a mistake to be relying
on [ChatGPT] for anything important right now." Exactly how Microsoft plans
to integrate ChatGPT into Bing will be important, and it's likely the
company will start with beta tests and a limited amount of integration
before itâs ready for all Bing users to take advantage of.

https://www.theverge.com/2023/1/4/23538552/microsoft-bing-chatgpt-search-google-competition


A New Area of AI Booms, Even Amid the Tech Gloom (NYTimes)

Gabe Goldberg <gabe@gabegold.com>
Sat, 7 Jan 2023 23:14:28 -0500
An investment frenzy over *generative artificial intelligence* in response
to short prompts seize the imagination.  Now OpenAI is in the midst of a new
gold rush.

Five weeks ago, OpenAI, a San Francisco artificial intelligence lab,
released ChatGPT, a chatbot that answers questions in clear, concise
prose. The AI-powered tool immediately caused a sensation, with more than
a million people using it to create everything from poetry to high school
term papers to rewrites of Queen songs.

Now OpenAI is in the midst of a new gold rush.   [...]

Five weeks ago, OpenAI, a San Francisco artificial intelligence lab,
released ChatGPT, a chatbot that answers questions in clear, concise
prose. The AI-powered tool immediately caused a sensation, with more than
a million people using it to create everything from poetry to high school
term papers to rewrites of Queen songs.

Now OpenAI is in the midst of a new gold rush.   [...]

Five weeks ago, OpenAI, a San Francisco artificial intelligence lab,
released ChatGPT, a chatbot that answers questions in clear, concise
prose. The AI-powered tool immediately caused a sensation, with more than a
million people using it to create everything from poetry to high school term
papers to rewrites of Queen songs.

Now OpenAI is in the midst of a new gold rush.

More than 450 start-ups are now working on generative AI, by one venture
capital firm's count. And the frenzy has been compounded by investor
eagerness to find the next big thing in a gloomy environment.

https://www.nytimes.com/2023/01/07/technology/generative-ai-chatgpt-investments.html


Re: Pretty Smart AI (Bacher, RISKS-33.58)

Jurek Kirakowski <jzk@uxp.ie>
Wed, 4 Jan 2023 14:36:19 +0000
 > Those answers appear inconsistent with one another. Google demonstrates
 > that adagio is faster than either lento or largo, but GPT-3's response
 > seems to claim that adagio is slower than lento.  Maybe GPT-3 is going by
 > the principle that "slow" is slower than "slower," but that's not how one
 > reads it when the statements are adjacent to one another.

This discussion is terribly wrong. 'Lento', 'Largo' and 'Adagio' are
descriptions not only of the pulse of the music *as notated* but also the
mood: each word conjures up a different kind of sense in the mind of the
experienced musician of how the piece is to be performed. And what would
Google make of 'Andante Cantabile' or 'Largo Sostenuto'?

As Prof Newman would explain to his first-year music students at Edinburgh
University :)#

  Yes, regrettable that these subtle descriptive terms are reduced to
  metronome markings—but in a way characteristic of how technology can
  eliminate the subjective human dimension.

    [Beware of Artificial Oversimplification.  The real stuff is bad enough.
    PGN]


State of the cybersecurity art

Gary Hinson <gary@isect.com>
Wed, 4 Jan 2023 15:31:59 +1300
https://www.ncsc.gov.uk/blog-post/so-long-thanks-for-all-the-bits

"So long and thanks for all the bits" is a lengthy, well-written parting
blog by Ian Levy, [former] Technical Director of the UK's National Cyber
Security Centre, lamenting the sorry state of cybersecurity while holding
out some hope of progress through approaches currently being used and
developed.


Artist Banned from reddit/Art Because Mods Thought They Used AI (Vice)

Jim Reisert AD1C <jjreisert@alum.mit.edu>
Sat, 7 Jan 2023 03:31:42 -0700
Moderators for the 22 million member forum banned someone for making
an illustration that too closely resembled AI-generated art.

https://www.vice.com/en/article/y3p9yg/artist-banned-from-art-reddit


Re: Calculations on Maryland college savings plans lead to account freeze (RISKS-33.59)

Martin Ward <martin@gkc.org.uk>
Tue, 3 Jan 2023 14:55:26 +0000
> The calculations of account values seem to have been incorrect, and
> the state is having a hard time figuring out the correct values.
> The calculations for value must be pretty complex

Writing provably correct code for a complex financial calculation is one of
the simpler tasks for an expert in formal methods.

But it seems likely that the programmers of the Maryland state college
savings plan are not familiar with formal methods, or indeed, with
mathematics in general, given that they are having a hard time figuring out
the correct values.


Southwest airline disruption (Re: RISKS-33.59)

Martin Ward <martin@gkc.org.uk>
Tue, 3 Jan 2023 14:54:17 +0000
The most chilling line from this article:

> “The tools we use to recover from disruption serve us well, 99
> percent of the time,''

You are an *airline*! Working 99% of the time is not good enough!

I would not like to fly in an airplane that reaches its destination
in one piece only 99% of the time.


Amazing Southwest story...

"Paul Saffo" <paul@saffo.com>
Tue, 27 Dec 2022 18:22:22 -0800
  Might be risks-worthy, tho I expect others will have better sourcing for
  the same issue.  Anyway, this from a friend on FB. (I have no idea how
  many times it has been indirected, so take with a grain of salt!)  -p

This remarkable tale from a Southwest pilot: “My friend's husband is a
pilot with Southwest. He just posted this an hour ago. I'm not including his
name or the photos he shared of packed SWA employee rooms at the airports
over the past couple of days (in case his post comes back to bite him with
the company—even though he's stating facts).  He also posted a screenshot
of a fellow pilot on hold with SWA Scheduling for over 22 hours. Anyway,
here's some insight for those wondering if this massive round of SWA
cancellations is really all due to weather and staffing issues: “I don't
know what to say. Southwest Airlines has imploded. Their antiquated software
system has completely fried.  Planes are parked. Crews are stranded in the
airports with the passengers, volunteering to take the passengers in the
parked planes but the software won't accept it. Phone lines are overwhelmed
for both passenger and crews. I personally spent over two hours trying to
get hold of anyone in the company last night after midnight. A Captain and I
did manage to get the one flight put together on Christmas night and got
people home. Kudos to the ops agent and dispatcher for making it happen. We
had to manually input a lot of the data and it took over an hour to
coordinate with dispatch going back and forth running numbers.  We spent
hours trying to get the company to answer and get us a hotel when we landed
as they're all sold out.  We were put in a call queue for hours before
hanging up. I found one hotel with 4 rooms and we bought our own rooms at
2:30am. I even paid for a Flight Attendants room. We literally have crews
sleeping on the airport floors all over the country with nowhere to
go. Crews have been calling to fly anyone, anywhere, but the company says
the system needs a reset. They have effectively shut down the operations for
the rest of year, running 1/3 of the flights so that they can let the
computer find and locate the crews and aircraft. Gate agents are in
tears. They've been yelled at, cussed at, slapped and spit on. Flight
attendants have been taking a beating. The frontline employees have had
little support or communication. Terminals are standing room only with
people having been there for days. Pilot lounges are packed with pilots
ready to fly and nowhere to go.  Embarrassing is an understatement. I’m
going on my second of three days off, still stuck on the east coast and
still expected to show up in the morning with no schedule. And I’m willing
to fly all day if needed. Because that’s nothing compared to the passengers
needing meds in bags that are lost and mothers traveling with kids, having
been stuck for the same amount of days in the terminal.  In 24 years, I’ve
never seen anything like this. Heads need to roll! Rumors on media are
floating that there is a lack of crews and pilots are staging sick calls.
Absolutely not true at all. This is a computer system meltdown. Thousands of
crew members are sitting in hotels and airports with nowhere to go. This
airline has failed miserably.


The oven won't talk to the fridge: 'smart' homes struggle (techxplore.com)

Richard Marlon Stein <rmstein@protonmail.com>
Sun, 08 Jan 2023 02:39:57 +0000
https://techxplore.com/news/2023-01-oven-wont-fridge-smart-homes.html

The Matter protocol apparently solves the long-standing interoperability
issue preventing seamless home-appliance device integration through WiFi.

I wonder if this protocol will be deployed among hospital refrigerators that
store blood, plasma, vaccines, and other temperature sensitive health
products?

IoT device exploit perimeter expansion.


Colorado ski town emergency dispatch centers fielding dozens of automated 911 calls from skier iPhones (Jason Blevins in The Colorado Sun)

Paul Saffo <paul@saffo.com>
Tue, 27 Dec 2022 20:28:31 -0800
And another:

https://www.skyhinews.com/news/colorado-ski-town-emergency-dispatch-centers-fielding-dozens-of-automated-911-calls-from-skier-iphones/


Re: As Tesla stock tanks, videos of Teslas malfunctioning in below-freezing temps go viral (RISKS-33.59)

"John Levine" <johnl@iecc.com>
2 Jan 2023 21:52:06 -0500
Someone once commented that we are lucky that the car industry grew up in
Detroit.  If it were in Miami, cars would fail whenever it freezes.  If it
were in Los Angeles they'd fail whenever it rains.


Re: Cats disrupt satellite Internet service (RISKS-33.59)

Henry Baker <hbaker1@pipeline.com>
Tue, 03 Jan 2023 20:23:05 +0000
Apparently, some personnel assigned to the 'DEW Line' in Alaska &amp; other
arctic locations sometimes kept warm by standing in front of the radar
transmitters.

https://en.wikipedia.org/wiki/Distant_Early_Warning_Line

While this activity can result in *cooking* one's insides and producing eye
cataracts, it did eventually lead to the invention of *microwave ovens*.

Google "Hazard of Electromagnetic Radiation to Personnel", i.e., "HERP"

The Starlink uplink frequencies (14GHz) are higher than those used in
microwave ovens (2.4GHz), but the Starlink does require a 100-watt power
supply—and a significant fraction of this power ends up being converted
into microwave energy .

I'd be worried about cute cats with not-so-cute eye cataracts.

I've heard of 'cats on a hot tin roof', but ...


Re: I bought a $15 router at Goodwill, and found a millionaire's dirty secrets (RISKS 33.59)

Steve Bacher <sebmb1@verizon.net>
Thu, 5 Jan 2023 09:28:54 -0800
I found it hard to believe that the headline would refer to a backup device
as a router, but Wikipedia says it's true:

https://en.wikipedia.org/wiki/AirPort_Time_Capsule

"The *AirPort Time Capsule* (originally named *Time Capsule*) is a wireless
router <https://en.wikipedia.org/wiki/Wireless_router> which was sold by
Apple Inc. <https://en.wikipedia.org/wiki/Apple_Inc.>, featuring
network-attached storage
<https://en.wikipedia.org/wiki/Network-attached_storage> (NAS) and a
residential gateway router
<https://en.wikipedia.org/wiki/Residential_gateway>, and is one of Apple's
AirPort <https://en.wikipedia.org/wiki/AirPort> products. They are,
essentially, versions of the AirPort Extreme
<https://en.wikipedia.org/wiki/AirPort_Extreme> with an internal hard drive
<https://en.wikipedia.org/wiki/Hard_drive>. Apple describes it as a "Backup
Appliance", designed to work in tandem with the Time Machine
<https://en.wikipedia.org/wiki/Time_Machine_(macOS)> backup software utility
introduced in MacOS 10.5 <https://en.wikipedia.org/wiki/Mac_OS_X_10.5>.^"

  Seems there is an inherent privacy risk in having a device function as
  both a network router and a local backup drive.

Please report problems with the web pages to the maintainer

x
Top