Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
https://gizmodo.com/plane-crashes-almost-happen-a-lot-faa-records-1850760132
https://www.nytimes.com/2023/08/18/technology/cruise-crash-driverless-car-san-francisco.html
https://cyberscoop.com/mhackeroni-hackasat-space-def-con/
Fifty minutes to hack ChatGPT: Inside the DEF CON competition to break AI
More than 2,000 hackers attacked cutting-edge chatbots to discover vulnerabilities ” and demonstrated the challenges for red-teaming AI.
https://cyberscoop.com/def-con-ai-hacking-red-team/
https://techcrunch.com/2023/08/23/winrar-zero-day-funds-brokers/
https://techcrunch.com/2023/08/22/grieving-widow-sues-tesla-over-deadly-model-3-crash-and-explosion/
The Dream Was Universal Access to Knowledge. The Result Was a Fiasco.
In the pandemic emergency, Brewster Kahle’s Internet Archive freely lent out digital scans of its library. Publishers sued. Owning a book means something different now.
Information wants to be free. That observation, first made in 1984, anticipated the Internet and the world to come. It cost nothing to digitally reproduce data and words, and so we have them in numbing abundance.
Information also wants to be expensive. The right information at the right time can save a life, make a fortune, topple a government. Good information takes time and effort and money to produce.
https://www.nytimes.com/2023/08/13/business/media/internet-archive-emergency-len ding-library.html
https://arstechnica.com/?p=1961906
Google and YouTube are trying to have it both ways with AI and copyright https://www.theverge.com/2023/8/22/23841822/google-youtube-ai-copyright-umg-scraping-universal
https://www.theregister.com/2023/08/22/icann_un_digital_compact_warning/
Let's examine this conceit carefully.
The very definition of war is the existential struggle to flip the ‘power switch’ of your enemy into the ‘off’ position.
If it were so simple to just flip a power switch, the Ukraine war would have been long since over.
Those whose very survival is at stake won't hesitate to use every means at their disposal—including AI's—in order to win their wars.
Since preserving one's own power while attacking your enemy's power switch is essential, AI's will be deployed to protect our own (and hence the AI's own) power.
What did you think all of this research into using AI's for cyber activities is all about ?
What did you think all of this research into using AI's to ‘protect the grid’ is all about?
The highest priority in AI research today is already the task of keeping any enemies from turning off our AI's own power.
Let's stop being delusional!
Alex Scroxton, Computer Weekly, 17 Aug 2023
Jamf Threat Labs researchers demonstrated an exploit chain that allows attackers to use an artificial ‘airplane mode’ to remain connected to exposed devices that users believe are offline. The researchers created a fake airplane mode by identifying a specific string in the device's console log, “#N User airplane mode preference changing from kFalse to KTrue,” accessing the device's code, and replacing the function with an empty or ‘do nothing’ function. They also accessed the user interface to add a small piece of code to dim the mobile connectivity icon and highlight the airplane mode icon, then exploited the CommCentre to block mobile data access for certain apps so the user received a “turn off airplane mode” notification. The researchers believe the technique is most likely to be used in a targeted attack.
Nancy Luedke, Texas A&M Engineering News, 17 Aug 2023 via ACM TechNews, 23 Aug 2023
A multi-institutional team of researchers developed malware to extract caller information by screening vibration data from ear speakers recorded by a smartphone's accelerometers. The researchers used two newer Android phones whose motion-sensor data is retrievable without users' consent. The models' larger speakers also provided more caller information than older models, allowing a machine learning algorithm to infer 45% to 90% of the word regions from their accelerometer data. The researchers learned their EarSpy malware could identify repeat callers with 91.6% accuracy, determine the speaker's gender with 98.6% accuracy, and identify spoken numbers from zero to nine with 56% accuracy. Texas A&M University's Ahmed Tanvir Mahdad said.
Lily Hay Newman, WiReD, 18 Aug 2023 https://arstechnica.com/?p=1961745
The Advanced Research Projects Agency for Health (Arpa-H), a research support agency within the United States Department of Health and Human Services, said today that it is launching an initiative to find and help fund the development of cybersecurity technologies that can specifically improve defenses for digital infrastructure in US health care. Dubbed the Digital Health Security project, also known as Digiheals, the effort will allow researchers and technologists to submit proposals beginning today through September 7 for cybersecurity tools geared specifically to health care systems, hospitals and clinics, and health-related devices. […]
https://www.theverge.com/2023/8/21/23839940/tesla-data-leak-inside-job-handelsblatt
A glitch in the Wegmans system one day in August impacted both in-store and online orders, the company said.
Oh, a glitch. OK, then—that's nobody's fault.
https://arstechnica.com/?p=1961571
https://arstechnica.com/?p=1961867
The social media giant filed a lawsuit against a nonprofit that researches hate speech online. It’s the latest effort to cut off the data needed to expose online platforms’ failings.
“The Center for Countering Digital Hate’s research shows that hate and disinformation is spreading like wildfire on the platform under Musk’s ownership, and this lawsuit is a direct attempt to silence those efforts,” says Imran Ahmed, CEO of the CCDH.
Experts who spoke to WIRED see the legal action as the latest move by social media platforms to shrink access to their data by researchers and civil society organizations that seek to hold them accountable. “We're talking about access not just for researchers or academics, but it could also potentially be extended to advocates and journalists and even policymakers,” says Liz Woolery, digital policy lead at PEN America, a nonprofit that advocates for free expression. “Without that kind of access, it is really difficult for us to engage in the research necessary to better understand the scope and scale of the problem that we face, of how social media is affecting our daily life, and make it better.”
In 2021, Meta blocked researchers at New York University’s Ad Observatory from collecting data about political ads and Covid-19 misinformation. Last year, the company said it would wind down its monitoring tool CrowdTangle, which has been instrumental in allowing researchers and journalists to monitor Facebook. Both Meta and Twitter are suing Bright Data, an Israeli data collection firm, for scraping their sites. (Meta had previously contracted Bright Data to scrape other sites on its behalf.) Musk announced in March that the company would begin charging $42,000 per month for its API, pricing out the vast majority of researchers and academics who have used it to study issues like disinformation and hate speech in more than 17,000 academic studies.
https://www.wired.com/story/twitter-x-ccdh-lawsuit-data-crackdown/
> It could mean the end of its 46-year-old mission.
Not really. The command pointed the antenna slightly in the wrong direction, which, since it is so far away, made it lose contact. Fortunately, the people who designed the Voyager probes anticipated that people might make mistakes, and it automatically reorients itself twice a year, which would have put it back in contact in October.
A few days later they got a weak carrier signal, which told them that nothing else was wrong. Since the antenna was only slightly off center, they tried yelling at it, sending a command using very high power from one of the earth stations. After waiting 37 hours for the speed of light round trip, Voyager responded—it had worked and it's back in contact.
The Voyager probes were launched 45 years ago, are still operating, and will most likely keep working for a few more years until their radioactive power supplies run down. If you are very careful and have a large budget, you can make extremely reliable equipment.
> [The requirements specifiers, designers, and programmers forgot about > “undo”? or required confirmation of questionable inputs? Foresight, > forsooth farsight, when it is that FAR AWAY? PGN]
It is difficult to have an undo for something that breaks your communications. Anyway they DID have such foresight, as the probe has a failsafe function that will automatically attempt to restore communications if the probe has been out of touch long enough. (Which was mentioned in the article.) Fortunately, NASA managed to restore communication without waiting for the failsafe function.
> PGN wrote:> Or are they both right, in some quantum-theoretical sense? > PGN They could both be “right” in the sense that both results are > supported by the data, depending on the interpretation.
There is no known mechanism by which cellphone radiation can cause cancer, so researchers can look only for correlations between cellphone usage and increased occurrence of cancer. Some research projects find correlations and others do not.
But correlation does not imply causation: there are a number of other factors that might correlate with cellphone usage: e.g., wealth, lifestyle, diet, age and so on. Some of these factors might also correlate with cancer risk. So, depending on which factors are accounted for in the analysis, a correlation between cellphone use and cancer risk could appear or disappear.
Maui has a population about the same as Salinas CA. Most of its power comes from diesel generators, but it also has two substantial wind farms, three small solar farms, two old hydro plants, and two battery storage plants. It's a small island, there is no “larger grid.”
As is usually the case, better management of existing facilities would have made a great deal of difference. In particular, the power company had no plan to turn the power off when high winds caused arcing that started multiple fires. You'd hope that they'd have taken the hint when exactly the same thing started fires in California last year, but nope.
If they're going to spend money, burying the lines would be a lot better use of it than fooling around with microgrids.
John Levine raises the issue of so-called ‘undergrounding’ of electrical power lines.
I'm no apologist for the electrical monopolies, but as an electrical engineer, I can understand some of the problems that they point out with underground electrical power transmission installations.
[Levine: Good point. Some of the news reports say that they were planning to make the power poles stronger, which had they actually done it, would have provided many of the same benefits at much lower cost.]
Briefly, the issues are:
Bottom line: distributed generation, distributed storage, and microgridding are far superior to long (or short) distance power transmission. Whenever possible, use the shortest physical distance between generator (solar/wind/nuclear), storage (battery/pneumatic/water head), and the energy consumer ('load'). Position datacenters and bitcoin miners adjacent to the power source & transmit data over fiber rather than transmit power over expensive cables.
[Levine: Maui is an island 48 miles long and 26 wide at the widest point. All of the distances are short, all of the fuel is tanked in. While I can believe there are places that microgrids would make a difference, small islands aren't them since they're microgrids whether they want to be or not.]
Computer engineers have long known this: regulators and capacitors on every bay, every board, every chip. Distributed power systems win the day.
Here's a link to a good report:
“Undergrounding high voltage electricity transmission lines—The technical issues”
“Overhead lines are insulated by air, while underground cable conductors are wrapped in layers of insulating material. Air is the simplest and cheapest insulation and the heat produced by the electricity flowing through the bare overhead conductors is removed by the flow of air over the conductors. When conductors are buried underground, robust insulation is needed to withstand the very high voltage.”
“To compensate for this, underground cables are generally bigger to reduce their electrical resistance and heat produced.”
“For direct buried cables each cable needs to be well-spaced from others for good heat dissipation. To match overhead line thermal performance for a 400kV double circuit, as many as 12 separate cables in four separate trenches may be needed, resulting in a work area up to 65m wide. In addition, water cooling may be used (see section on Components of underground cable systems). For cables installed in deep bore tunnels, cable cooling is provided by forced air ventilation or water cooling.”
“If a fault occurs on a 400kV underground cable, it is on average out of service for a period ***25 times longer*** than 400kV overhead lines. This is due principally to the long time taken to locate, excavate and undertake technically involved repairs. These maintenance and repairs also cost significantly more.”
Underground transmission avoids much of the fire risks, but the per-mile cost is roughly 600% higher, and they bring other risks. In 1998, Auckland NZ was dark for 15 weeks because of underground power cables. https://en.wikipedia.org/wiki/1998_Auckland_power_crisis
If you want to study the reliability of independent microgrids, refer to archipelagos where each island makes its own power without connections to other islands. The experience in most cases is that they wish that they could be interconnected for reliability reasons.
Published recently:
S. Dominioni - G. Persi Paoli
Unpacking Cyber Capacity-Building Needs - Part I. Mapping the Foundational Cyber Capabilities
UNIDIR
https://unidir.org/publication/unpacking-cyber-capacity-building-needs-part-i-mapping-foundational-cyber-capabilities
S. Dominioni - G. Persi Paoli
Unpacking Cyber Capacity-Building Needs - Part II. Introducing a Threat-Based Approach
UNIDIR
Please report problems with the web pages to the maintainer