RISKS Digest 30.86

Thursday 11 October 2018

Doctors are surprisingly bad at reading lab results. It's putting us all at risk.

WashPost <>

Date: Sun, 7 Oct 2018 12:08:25 +0800

Physicians make mistakes interpreting lab results, assessing diagnostic images, prescribing medicine, etc. These errors can portend either a fatal outcome or expensive mitigation based on the incorrect assessment of patient symptoms, history, and diagnostic evidence.

The Agency for Healthcare Research and Quality (AHRQ) of the US Health and Human Services estimated in 2014 that 5% of outpatients experience misdiagnosis, and 13% of emergency room patients are misdiagnosed for stroke (see

As AI-based assistance—robo-medicine—encroaches on medical specializations, a significant risk arises from the training reference input data used to construct these platforms. The risk materializes from the who/what that arbitrates between "correct" and "incorrect" or "pass" and "fail" machine-generated diagnostic conclusions and therapeutic recommendations. Physicians will be challenged to justify and pursue robo-medicine's diagnostic findings and therapeutic recommendations based on a "probably approximately correct learning" technique.

Robo-medicine viability depends on the input training data used to construct the core decision engine, the artificial life or neural network framework that is constructed to generate a presumably viable diagnosis based on patient symptoms, physiological data, and history. That physicians make mistakes assessing this information implies that the machine training stimulus input and output inherits and partially acquires human judgment, however imperfect.

Without physician intervention, an automatic patient diagnostic/treatment life cycle consisting of pre-existing and chronic conditions, blood/urine chemistry, diagnostic image analysis, surgical robots (robots with knives), and prescription generators comprises a future medical-industrial ecosystem that can amplify misdiagnosis frequency and severity. Without independent and continuous monitoring, reporting and correction, medical error cluster formation is a likely outcome. A proactive and concurrent maintenance and oversight life cycle is imperative to mitigate emergent risks.

Accountability and traceability must remain with the physician in charge of patient care. It would be irresponsible and dangerous, though possibly cost-effective, to allow robo-medicine dispensation without physician oversight. Publication of patient life cycle experience, including automated misdiagnosis and maltreatment incidents, is essential to enable independent analysis. How to achieve this reporting, and preserve patient confidentiality, privacy, and anonymity poses a significant and sustained challenge.

Procedures are required to govern robo-medicine's therapeutic analysis, findings and recommendations. A misdiagnosis or incorrect therapy schedule must be quickly reported to the FDA's MAUDE repository. An unrecognized and unchallenged diagnostic or therapeutic defect escape in a hospital emergency room may be catastrophic.

As technological risk multiples in the medical-industrial complex, elevated financial and legal penalties against suppliers are needed to deter irresponsible product deployment. Robo-medicine platforms must be indemnification-exempt should a physician initiate suspect, incorrect, or life-threatening therapeutic recommendations and procedures. Mandatory peer consultation is a requirement.

If the medical-industrial complex sustains caveat emptor (buyer beware) as their business model, independent and conflict-free reviewers of product viability and effectiveness becomes mandatory. Robo-medicine manufacturing and qualification processes for software and hardware must become transparent.

Consumer trust and confidence accrues from evidence that sponsors it, not marketing or propaganda. Compulsory reporting of unvarnished defect escape of misdiagnosis and questionable therapeutic recommendations are necessary to reveal robo-medicine's defects. Regulatory governance, enforcement, and vigilance must strengthen to improve patient outcome and suppress the accelerated misdiagnosis potential of robo-medicine.

FDA approves over-the-counter hearing aid from Bose

endgadget <>

Date: Sat, 6 Oct 2018 15:39:45 +0800

"Though they're not approved by the FDA as hearing aids, a number of companies have developed wireless earbuds that can manipulate and augment sound. Bose, Nuheara and the now defunct Doppler Labs have all released assistive hearing devices in the past."

A cellphone app and a little Bluetooth will do ya for this gizmo. Hopefully, the amplifier settings do not go to '11'.

[Bugs in your ear? Nice opportunity for Trojan ears? PGN]

Russian hackers were caught in the act -- and the results are devastating

WashPost <>

Date: Sat, 6 Oct 2018 21:45:01 -0400

The Dutch have decided to blow the spies' operation wide open.

Chinese chip spying report shows the supply chain remains the ultimate weakness

TechCrunch <>

Date: Thu, 4 Oct 2018 09:01:24 -0700

via NNSquad

Thursday's explosive story by Bloomberg reveals detailed allegations that the Chinese military embedded tiny chips into servers, which made their way into datacenters operated by dozens of major U.S. companies. We covered the story earlier, including denials by Apple, Amazon and Supermicro—the server maker that was reportedly targeted by the Chinese government. Amazon said in a blog post that it "employs stringent security standards across our supply chain." The FBI and the Office for the Director of National Intelligence did not comment, but denied comment to Bloomberg.

An interesting story, but aspects of it don't seem to ring quite true. I'll mention one odd aspect right now. Why would you build such capabilities into a separate chip that could ultimately be noticed as extraneous—even if camouflaged as another sort of chip—rather than build this capability into a chip that already was expected to be present and would never attract any attention at all? My hype detector is buzzing a bit on this saga.

[This may be just the beginning of a long saga. Discussions over the past few days have been very contentious, with many different possible outcomes. For example, Peter Houppermans noted these: Apple is clearly not happy with Bloomberg, and refutes the story: Also see: A recent bottom line may be don't believe Bloomberg: PGN]

Chipping away at the spy business ...

Rob Slade <>

Date: Thu, 4 Oct 2018 18:35:09 -0700

I started out, more than 30 years ago, researching malware and other forms of covert interference (including a number of instances involving hardware). While the possibility of a hardware attack similar to this is quite possible, the details of this story are quite suspect.

(First of all, I note that Faux News is interested. That *automatically* raises alarms :-)

There is the issue that this relates to a separate chip found on the circuit boards. If you are smart enough to make a chip that can do everything this superchip is supposed to do, you should be smart enough to put the functions into another chip on the the system (perhaps the system management controller that the superchip is supposed to control) so that an extraneous chip won't raise alarms.

Then there are all the functions this superchip is supposed to do. It is supposed to manage communications. It is supposed to subvert the operating system. (*Which* operating system? How would they know that would be the one used?) It is supposed to divert password checks.

Oh, right. It's supposed to subvert the system controller. I once reviewed a supposed antiviral system that Western Digital used as a demonstration of their new system controller chip. They made a total hash of it. Even system controllers don't have the kind of reference monitor function that this superchip would rely on.

Other parts of the story refer to other chips, some as small as a pencil tip, that could be layered into the circuit board itself. Yes, it could. But how would you make contacts with it? (And you'd need multiple contacts ...)

While the spy parts of the story sound reasonable, the tech parts don't. Now, it may be that there are similar types of hardware attacks mounted. It may even be that almost the whole story it true, but that the "sources" lied to Bloomberg about the tech for reasons of their own. But this smacks, to me, of the tale of the Desert Storm Virus of 1991. An April Fools joke that deceived the author of a book about the 1991 Desert Storm campaign—and also the Pentagon press office. (Because they'd read the book ...)

"The one serious MacBook Pro security flaw that nobody is talking about"

David Gewirtz <>

Date: Thu, 04 Oct 2018 20:43:44 -0700

David Gewirtz for ZDNet, 3 Oct 2018 The one serious MacBook Pro security flaw that nobody is talking about Every MacBook since 2015 and every MacBook Pro since 2016 is at risk. Here's how you can keep your machines safe.

selected text:

With my 2015 MacBook equipped with a MagSafe port, if I want to charge the machine, I just plug it in. There's no risk of a data connection. As long as I have networking off and nothing plugged into any of my ports, I'm safe. I'm air-gapped from the rest of the world.

MacBooks before 2015 and MacBook Pros before 2016 could charge without any risk, as long as everything else was off, empty, or disconnected. Prior to the USB C-only MacBook Pros, at least charging the device wasn't a possible hacking vector. But with the MacBook from 2015 on, and for the MacBook Pros from 2016 on, the only way you can charge the notebook is by connecting to a USB-C port.

That's right. In order to charge the machine, you must connect to a port capable of transferring data. You have no choice.

Microsoft Delays Latest Version of Windows 10 After Reports of Mass File Deletion

Gizmodo <>

Date: Sat, 6 Oct 2018 17:54:50 PDT


The update—a major revision to Windows 10 that includes tools like a cloud clipboard and a preliminary version of its phone mirroring software —was reported to have resulted in mass file deletion from user directories as well as less alarming issues like incorrect CPU usage in Task Manager or broken audio drivers, ZDNet reported. One user on the Microsoft support board claimed to have lost 220 gigabytes of files. As CNET noted, some users reported that even using hard drive software would not allow them to find more than a portion of the missing data.

[Chris J Brady noted other sources: PGN]

Noise about Quiet Skies program

The Boston Globe <>

Date: Fri, 5 Oct 2018 17:37:27 -0700

"Federal air marshals have begun following ordinary US citizens not suspected of a crime or on any terrorist watch list and collecting extensive information about their movements and behavior under a new domestic surveillance program that is drawing criticism from within the agency."

"The previously undisclosed program, called 'Quiet Skies,' specifically targets travelers who 'are not under investigation by any agency and are not in the Terrorist Screening Data Base,' according to a Transportation Security Administration bulletin in March."

Not doing anything suspicious makes you a suspect? These terrorists are far more clever than I thought!

If a Vizio TV spied on what you watch, you might be in line for a cash payout

The Los Angeles Times <>

Date: Fri, 5 Oct 2018 08:31:30 +0800

The most resonant message a for-profit business understands hits the bottom line. Vizio exploited customer data for profit. Now those profits, with a hefty fine, are being disgorged.

'The settlement values the data collected about each Vizio customer at 62 cents in the unlikely case that all of them apply for compensation. The lawyers described the per-person settlement figures as "highly favorable" based on estimates from a hired expert that "average damages for actual harm" from gathering and sharing viewing data is 78 cents to $4.76.'

Chump change compensation for the affected class-action members.

"Mission impossible: Can you regain access after Twitter lockout?"

Michael Krigsman <>

Date: Thu, 04 Oct 2018 21:03:10 -0700

Michael Krigsman for Beyond IT Failure, ZDNet, 30 Sep 2018

If your Twitter is hacked, it could be gone permanently and Twitter may not help. Here is one user's sad story and how you can protect yourself.

opening text:

If you rely on Twitter for business or recreation, it's time to worry. Although the days of frequent service outages have passed, users have a new cause for concern - getting locked out by Twitter itself, without explanation.

Unfortunately, when this happens, you have no recourse, and there is no one to call. It's bad news.

Lapses in IT systems, organisations must be fixed

P.M. Lee <>

Date: Wed, 3 Oct 2018 10:53:25 +0800

P.M. Lee, Straits Times

The public post-mortem following Singapore's largest data breach in its 53 year old history finds that certain IT governance and deployment practices require redress. This breach rattled the city-state.

Among the recommendations from the "four-member Committee of Inquiry" is adoption of the "Singapore Government Technology Stack" (SGTS) to enable "cheaper and faster" e-service roll-out. The SGTS contents is TBD.

If a stack's publication viability (fitness to release for deployment) possesses an attribute governing "Trust" qualification, it must be shown to be immune/hardened against surreptitious access, and generate non-repudiated results, etc. The "Trust" attribute needs to be applied across the full ecosystem (including the carbon components), not just the SGTS, as the weakest security link is the easiest to penetrate, and often requires the broadest mitigations/countermeasures to harden.

Metasploit cleanliness, compliance, and fuzz stimulus evaluation findings can contribute to trust qualification measurement by revealing vulnerabilities to prioritize for repair prior to deployment.

Since the NSA's TOA toolset was involuntarily published, perhaps it should be applied as a "kitchen sink" qualification tool for SGTS?

Fitbit data used to charge US man with murder

BBC <>

Date: Fri, 5 Oct 2018 07:55:30 +0000

Fitbit data has been used by US police investigating whether a 90-year-old murdered his stepdaughter. The victim, Karen Navarra, 67, was found with a kitchen knife in her hand, suggesting she killed herself. Anthony Aiello, who denies murder, told police he had visited her for 15 minutes to drop off pizza. But police say a fitness tracker she was wearing showed a significant spike in heart rate followed by a rapid slowdown at the time he was there. [...]

It is not the first time Fitbit data has been used in a murder case. Last year in the US, Richard Dabate was charged with murdering his wife after data from her Fitbit discredited his version of events, according to police. Mr Dabate had said he had seen his wife, Connie, shot by an intruder more than an hour before her fitness tracker had recorded her last movements, they said.

I've never seen or used one of these devices, but this makes me wonder: Must a user authenticate to one before it becomes active? How hard would it be to "borrow", say, a roommate's or significant other's Fitbit and use it as part of a scheme to frame him or her for a crime?

I remember a story from some time back about a woman who looked at her boyfriend's Fitbit (or some other similar device) data, and concluded that he had been unfaithful due to it having recorded him "in the act", having sex with someone else. So it may not be difficult to extract data from them. But what about changing the contents of its memory?

So I can imagine a plot for a story: Woman discovers, after examining Fitbit data, that husband has been cheating. She murders her rival, and uses the Fitbit to frame him for the crime. (Insert optional surprise ending: maybe someone framed him in the first place, or a friend had borrowed his Fitbit to try it out, and it was all a big mistake, but she learns this too late, or maybe she has to confess to the murder to save him, or ???)

[Monty Solomon noted another source: Police Use Fitbit Data to Charge 90-Year-Old Man in Stepdaughter's Killing PGN]

The Next Great Digital Extinction

WiReD <>

Date: Wed, 10 Oct 2018 08:07:02 +0900

Check out this great article I read on WIRED: "The Next Great (Digital) Extinction"

New Macbooks and Imacs will brick themselves if they think they're being repaired by an independent technician

BoingBoing <>

Date: Sun, 7 Oct 2018 20:59:25 -0400

But calmer:

Well, stop the presses. Turns out, “Apple makes your MacBook *inoperative* if you get it fixed at local repair shops'' isn't quite true—not yet, no matter what *The Sun* says.

Our lab testing has found that independent (and DIY) repair is alive and well. But it is under threat.

Weak passwords banned in California from 2020

BBC News <>

Date: Sun, 7 Oct 2018 21:53:33 -0400

Default passwords such as "admin" and "password" will be illegal for electronics firms to use in California from 2020.

The state has passed a law that sets higher security standards for net-connected devices made or sold in the region.

It demands that each gadget be given a unique password when it is made.

Before now, easy-to-guess passwords have helped some cyber-attacks spread more quickly and cause more harm.

The Information Privacy: Connected Devices bill demands that electronics manufacturers equip their products with "reasonable" security features.

More than 250 people worldwide have died taking selfies, study finds

WashPost <>

Date: Thu, 4 Oct 2018 17:31:46 +0800

“The selfie deaths have become a major public health problem,'' Agam Bansal, the study's lead author, told The Washington Post.

Not as severe a problem health problem as distracted automobile drivers concurrently accessing mobile devices, but of a similar order of magnitude.

[Monty Solomon quoted this in *The Washington Post* article: Researchers are calling for more `no selfie zones' near water bodies, mountain peaks, and over tall buildings. PGN]

See Dan Piraro's "Bizarro" comic on 04OCT2018

Facebook Hack Puts Thousands of Other Sites at Risk

NYTimes <>

Date: Tue, 2 Oct 2018 22:17:35 -0400

Facebook Hack Puts Thousands of Other Sites at Risk

Ten years ago, the social network introduced a password system that connected it to a broad swath of the Internet. Now we are seeing the downside.

System upgrade means more calls etc.

Donald Mackie <>

Date: Wed, 3 Oct 2018 20:50:18 +0930

I recently emailed my superannuation provider and received the following hopeful but disappointingly honest response.

"Please note: ###'s recent system upgrade has meant longer than usual processing times and higher call volumes, while our staff become more familiar with the new system.

We thank you for your patience and understanding during this time. Once we resolve these initial issues we are looking forward to a more efficient administration process which will provide greater service to our members. "

"What real people think about the iPhone XS"

ZDNet <>

Date: Sun, 07 Oct 2018 18:24:19 -0700

[High tech is so exciting except when it is not.]

Chris Matyszczyk for Technically Incorrect, ZDNet | October 7, 2018

The reviews are excitable, but how do Apple's new phones look to real people going about their daily lives?

selected text:

In reviewing the iPhone XS Max, he describes it as "the future of the iPhone."

What, though, do real people on the street think about this and its smaller sibling, the iPhone XS?

I've spent the last couple of weeks asking people on both coasts.

Now, when I say people, I mean real people: The 99 percenters who are taken advantage of every day.

[The upshot is that they are not impressed, and some did not even know about it. Hey, neither did I. I am not a computer nerd for the fame.]

Mortgage fraud is getting worse as more people lie about their income


Date: Wed, 3 Oct 2018 18:01:21 -0400

A casual search will result in any number of online services that will not only generate fake pay stubs, but will also answer phone calls and "confirm" income verbally, all for a fee.

"Sites will have a disclaimer, claiming it's for novelty purposes or similar qualifying statements," said Berg. "Some are out of the country and not traceable. There are sites where you can buy credit lines to increase your credit."

What could go wrong with that?

Dealing with spam callers

Lauren Weinstein <>

Date: Tue, 9 Oct 2018 12:19:22 -0700

[via NNSquad] Personally, I find the best filter for spam callers is simply to push ALL calls through to voicemail. 99% of spam callers will hang up without ever leaving a message, as demonstrated by missed call logs. Block the really persistent ones. Pretty easy, actually. No AI required.


Date: Fri, 5 Oct 2018 07:20:33 +0800

Elevated upper-atmospheric CO2 levels preserve longevity of orbiting space junk, elevating collision potential between orbiting satellites.

"In all, according to the ESA, there have been about 5,400 rocket launches since the space age began in 1957. They have placed about 8,650 satellites in orbit. Of these, about 4,700 are still in space, but only around 1,800 are still functioning. Space surveillance networks operated by the United States, Europe and other nations now estimate there are some 29,000 pieces of debris that are 10 centimeters in diameter or larger in orbit. Not all of them are being tracked."

Satellite operators often burn propellant to avoid collisions. Low-earth-orbit satellite operational life time constraint compelled by "dodgeball."

That sign telling you how fast

Richard Stein <>

Date: Wed, 3 Oct 2018 10:15:35 +0800

"The DEA launched its National License Plate Reader Program in 2008; it was publicly revealed for the first time during a congressional hearing four years after that. The DEA's most recent budget describes the program as 'a federation of independent federal, state, local, and tribal law enforcement license plate readers linked into a cooperative system, designed to enhance the ability of law enforcement agencies to interdict drug traffickers, money launderers or other criminal activities on high drug and money trafficking corridors and other public roadways throughout the U.S.,' primarily along the southwest border region, and the country's northeast and southeast corridors.

"There used to be an old police saying, 'If you robbed a bank, please drive carefully,' former NYPD Detective Sergeant and Bronx Cold Case Squad commander Joseph Giacalone told Quartz, explaining that if a getaway driver didn't do anything to attract the attention of police and get pulled over, they usually had a half-decent chance of fleeing. 'But that's no longer in effect because you can drive slow, you can stop at every red light, but these license plate readers and surveillance cameras track your every movement."

The Panopticon has been activated. Will the US Health and Human Services tap into this database to identify and penalize obese citizens who travel to '31 Flavors' and are reliant on Medicare or other government entitlement programs?

My Wed 30 Apr 2014 warning: back in the news!!

Yvo Desmedt <>

Date: Fri, 5 Oct 2018 13:45:40 -0500

There were a few new news articles on the topic:

More than 250 people have died while trying to take selfies, study finds

Our love for capturing the perfect selfie has introduced a new danger, selfie deaths, USA Today reports. The most common cause? Drowning. (CNBC, today

Selfie deaths: 259 people reported dead seeking the perfect picture

The quest for extreme selfies killed 259 people between 2011 and 2017, a 2018 global study has revealed. Researchers at the US National Library of Medicine ...

Molecule resonance and cellphone radiation

Alan Louis Scheinine <>

Date: Wed, 3 Oct 2018 14:47:49 -0500

Richard Stein wrote that cellphone frequencies are far too low to cause ionization. He notes that cellphone radiation in the microwave frequency could cause a small amount of warming. That cellphone EM radiation does not ionize is a red herring. He neglects the affect of resonance with biological molecules. As far as I know, no dangerous resonances have been identified, but the possibility cannot be entirely discounted.

Declaration of Internet Rights -- Italian Parliament

Karl Auerbach <>

Date: October 8, 2018 5:27:17 JST

[via dave farber]

I find the declaration intriguing, but I fear that it will be unable to launch, much less fly, because it is too heavily laden with contentious issues (such as the right to be forgotten - which, by-the-way, I support).

For more than a decade I have been advocating a rather shorter formulation that I believe is an initial step that can be more easily reached. This formulation is, of course, in need of interpretation in order to sharpen the distinctions that it makes.

First Law of the Internet

+ Every person shall be free to use the Internet in any way that is privately beneficial without being publicly detrimental.

- The burden of demonstrating public detriment shall be on those who wish to prevent the private use.

- Such a demonstration shall require clear and convincing evidence of public detriment.

- The public detriment must be of such degree and extent as to justify the suppression of the private activity.

(By-the-way, I got the ideas for this out of the old 1954 Hush-A-Phone decision and some of the subsequent cases, such as Carterphone and MIC, that tried to define the boundary between what was then a monolithic and intensely controlling "the telephone company" and users who wanted to do more than simply talk.)

Re: Don't go to New Zealand

Dan Jacobson <>

Date: Thu, 04 Oct 2018 18:51:06 +0800

HB> "It is a file-by-file [search] on your phone. We're not going into 'the HB> cloud'. We'll examine your phone while it's on flight mode," Customs HB> spokesperson Terry Brown said.

Do they even wash their hands first, or end up getting cupcake residue on the buttons? (Or a real (flu) virus.) And are their fingers sufficiently non-fat, to avoid hitting the delete key on my files?

And what if they burst out laughing when they find out what my password is and can't help repeating it many times all over the airport, whilst dropping my phone on the floor?

Re: How do you get people to trust autonomous vehicles?

Barry Gold <>

Date: Tue, 2 Oct 2018 23:41:06 -0700

On 10/2/2018 4:33 PM, RISKS List Owner wrote: > CB (Carbon-based) 100VMT for 2016: 1.2 (~270M registered vehicles)* > SB (Silicon-based) 100VMT for 2016: 3 (~100 registered vehicles)^ > > This hypothetical statistic demonstrates a safety disadvantage for AVs. Not > a likely selling point for consumers currently. Also, the AV sample size is > at least 4 orders of magnitude smaller than the CB population.

That's for all SB vehicles. What happens if we segregate the statistics by manufacturer? Are *any* of those fatalities due to Waymo vehicles? I haven't tried a full statistical analysis, but what I remember from newspaper reports is that at least 2 of those 3 are from Uber's SB Vehicles, not from Waymo. This would _tend to_ suggest that Waymo is more careful than Uber in designing their hardware/software systems to avoid accidents. And in testing their vehicles: Waymo had SB vehicles "driving" around with a human (CB) in the car to take over in case of emergency.

Unfortunately, given the numbers in Stein's posting, that would leave a sample size way too small. At least if we insist on measuring only fatalities.

I remember this arising a couple of years ago when I was reading analyses in the newspapers, that said that fatal accidents were so rare (1.2 per million VMT per the NHTSA figures Stein quotes) that it would take a long time to accumulate enough VMTs on SB vehicles to know if they were "safe enough". I was skeptical then, and I remain skeptical. You don't have to count only fatalities, because fatalities correlate positively* with (1) non-fatal injuries, and (2) non-injury collisions.

So if we look at injury accidents per 1E8 VMT for SB  vs. CB "drivers", we should get a pretty good idea of whether SB "drivers" are better or worse than CB drivers.

* Not necessarily proportionally, although I suspect that fatalities are proportional to non-fatal injuries.