The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 30 Issue 10

Sunday 22 January 2017


Verizon remotely disables remaining Galaxy Note 7 phones
The cloud ate your homework! via Jim Reisert
Nim Language Draws From Best of Python, Rust, Go, and Lisp
Serdar Yegulalp
Will Blockchain-Based Election Systems Make E-Voting Possible?
Adam Stone
Dutch Developer Added Backdoor to Websites He Built, Phished Over 20,000 Users
Bleeping Computer
CIA unveils new rules for collecting information on Americans
Tesla's Self-Driving System Cleared in Deadly Crash
Neal E. Boudette
Re: How the Chinese Government Fabricates Social Media Posts for Strategic Distraction, not Engaged Argument
GKing 50c
The first-ever close analysis of leaked astroturf comments from China's "50c party" reveal Beijing's cybercontrol strategy
Cary Doctorow
Japan testing USB phone charging in public buses
TheNextWeb via Henry Baker
The Fine Art of Sniffing Out Crappy Science
Chronicle of Higher Education
Facebook and Falsehood
Chronicle of Higher Education
Re: Fake News
Peter Houppermans
Subject: Re: Nissan's Path to Self-Driving Cars? Humans in Call Centers
Michael Bacon
Re: Leap-seconds
Kurt Seifried
Bob Frankston
Kurt Seifried
Bob Frankston
Info on RISKS (comp.risks)

Verizon remotely disables remaining Galaxy Note 7 phones

"Peter G. Neumann" <>
Sat, 21 Jan 2017 10:16:58 PST
  [Thanks to Dan Geer citing this item, in a different venue.]

  Verizon Now Also Decides To Kill Remaining Note 7 Phones
  *Fortune*, 15 Dec 2016

  Verizon reversed course on Thursday and decided to allow Samsung to send a
  software update to customers that will automatically disable their Galaxy
  Note 7 phones. [...]

I think the implications of this are quite severe, and ominous for cloud
storage and the Internet of Things, as well as mobile devices.  The mere
existence of such a disabling mechanism is likely to be exploited by the
controlling entities, but also by others with illegitimate motives.

See also an interesting precursor: A rather spectacular defense-vs-offense
battle along these lines is recaptured in this 31 May 2008 article:

“Revisiting the Black Sundau Hack'', in which DirectTV was able to execute
a carefully engineered wipe-out of hacked Direct TV access, resulting in all
hacked access cards being rewritten to "GAME OVER"—a week before the 2001

The cloud ate your homework! (

Jim Reisert AD1C <>
Sun, 22 Jan 2017 15:28:05 -0700
"Code Studio had some technical difficulties and any student progress from
9:19 - 10:33 am PST on Friday, January 20th was not saved. The site is back
up and student progress is being saved again."

  [I suppose would-be coders might might learned that their own programs
  are not the only thing that can go wrong.  PGN]

Nim Language Draws From Best of Python, Rust, Go, and Lisp (Serdar Yegulalp)

"ACM TechNews" <>
Wed, 18 Jan 2017 12:11:40 -0500 (EST)
Serdar Yegulalp, InfoWorld, 16 Jan 2017 via
ACM TechNews, Wednesday, January 18, 2017

The under-development Nim programming language is advertised as blending the
compilation speed and cross-platform targeting of Google's Go language,
Rust's safe-by-default behaviors, the readability and ease of development of
Python, and the metaprogramming capabilities of Lisp.  Nim's syntax bears a
strong resemblance to Python's, as it employs indented code blocks and some
of the same syntax, while Go- and Rust-like features include first-class
functions, distinct types, and object-oriented programming with composition
favored over inheritance.  Nim permits templates and generics, and expresses
C code as a default setting, while it also is capable of generating C++,
Objective-C, or JavaScript.  Compile code caching means big projects with
small changes to one module will recompile solely in that module.  Nim's
memory management uses a deferred reference counting system for default
garbage-collecting, which can be completely disabled in favor of manual
management when necessary.  Nim intends to provide both a strong standard
library and a solid assortment of third-party modules, while its biggest
current drawback is the relatively small user-developer community for the
language.  Nevertheless, Nim helps create software that eventually must be
swift and robust, with a less precipitous learning curve or cognitive
overhead typically related to existing languages.

Will Blockchain-Based Election Systems Make E-Voting Possible? (Adam Stone)

"ACM TechNews" <>
Wed, 18 Jan 2017 12:11:40 -0500 (EST)
Adam Stone, *Government Technology*, 11 Jan 2017

Determining whether blockchain technology can accurately count votes and
ensure the integrity of an electronic voting system was the purpose of a
competition among university teams held by Kaspersky Lab.  Kaspersky's Juan
Guerrero says the blockchain's model has different peers in different
systems vet each other's transactions.  "If one of them gets hacked or one
of them gets altered, all the others would be able to notice that change,"
he notes.  Three submissions out of 19 were winners of the Kaspersky
contest, including a "permissioned blockchain" model in which a central
authority admits voting machines to the network and produces a distributed
ledger of votes.  The other winning submissions included a model founded on
global public keys that encrypt ballots and provide voter receipts, and a
solution based on the Open Vote Network and DRE-i and DRE-ip encryptions.
To balance vote auditability and privacy, one solution would match voters
with random identity numbers so those numbers could be exposed by an audit
without compromising individual voters.  To address the threat of voting
under duress, most teams chose to stay with traditional voting places
instead of remote voting.  Guerrero says the results of the contest should
help spark discussions among stakeholders—and U.S. voters—on finding
proof-of-concept e-voting systems.

  [We should remind Adam and Kaspersky that the concept of unhackable
  elections leads to Fake News items.  In this case, even if the voting
  technology were perfect (which today depends on systems and networks that
  are not secure), there are too many weak links elsewhere in the process.
  In addition, there seem to be quite a few cryptographers in the voting
  integrity community who think that block chains would be gross overkill in
  this context.  PGN]

Dutch Developer Added Backdoor to Websites He Built, Phished Over 20,000 Users (Bleeping Computer)

Lauren Weinstein <>
Wed, 18 Jan 2017 08:21:45 -0800

  A Dutch developer illegally accessed the accounts of over 20,000 users
  after he allegedly collected their login information via backdoors
  installed on websites he built.  According to an official statement, Dutch
  police officials are now in the process of notifying these victims about
  the crook's actions.  The hacker, yet to be named by Dutch authorities,
  was arrested on July 11, 2016, at a hotel in Zwolle, the Netherlands, and
  police proceeded to raid two houses the crook owned, in Leeuwarden and

CIA unveils new rules for collecting information on Americans

Monty Solomon <>
Wed, 18 Jan 2017 20:56:30 -0500

Tesla's Self-Driving System Cleared in Deadly Crash (Neal E. Boudette)

Monty Solomon <>
Fri, 20 Jan 2017 00:18:04 -0500
Neal E. Boudette, *The New York Times*, 19 Jan 2017

The highway agency found that while Tesla’s Autopilot feature didn’t prevent
a crash in Florida, the system performed as it was intended.

Re: How the Chinese Government Fabricates Social Media Posts for Strategic Distraction, not Engaged Argument (GKing, RISKS-30.09)

Lauren Weinstein <>
Tue, 17 Jan 2017 21:05:52 -0800
More on GKing's previous item via NNSquad
again from

  The Chinese government has long been suspected of hiring as many as
  2,000,000 people to surreptitiously insert huge numbers of pseudonymous
  and other deceptive writings into the stream of real social media posts,
  as if they were the genuine opinions of ordinary people. Many academics,
  and most journalists and activists, claim that these so-called "50c party"
  posts vociferously argue for the government's side in political and policy
  debates. As we show, this is also true of the vast majority of posts
  openly accused on social media of being 50c. Yet, almost no systematic
  empirical evidence exists for this claim, or, more importantly, for the
  Chinese regime's strategic objective in pursuing this activity. In the
  first large-scale empirical analysis of this operation, we show how to
  identify the secretive authors of these posts, the posts written by them,
  and their content. We estimate that the government fabricates and posts
  about 448 million social-media comments a year.

The first-ever close analysis of leaked astroturf comments from China's "50c party" reveal Beijing's cybercontrol strategy

Dewayne Hendricks <>
January 19, 2017 at 11:20:11 AM EST
[Note:  This item comes from friend David Rosenthal.  DLH]

Cory Doctorow, Boing Boing, 18 Jan 2017

The Harvard Institute for Quantitative Science team that published 2016's
analysis of the Chinese government's '50c Party', who flood social media
with government-approved comments has published a new paper, How the Chinese
Government Fabricates Social Media Posts for Strategic Distraction, not
Engaged Argument, in which they reveal their painstaking analysis of a huge
trove of leaked emails between 50c Party members and their government

The research refutes the widely held view that the 50c Party is a group of
paid piece-workers who pile on to people who post negative comments about
the government; rather, the 50c Party is a closely coordinated group of
government workers whose messages are part of their normal, salaried duties,
and consist largely of upbeat talk about upcoming government initiatives --
or issues that distract from scandals.

The analysis also reveals semantic features of 50c Party posts, making it
possible to use relatively simple language classifiers to make guesses about
which posts come from 50c Party members, and validates this hypothesis with
a sly way of getting 50c Party members to reveal themselves through
deceptive private messages.

One implication: if we assume that the Chinese government is very good at
controlling public opinion, and if we want to adopt their tactics to counter
Trump, this suggests that we should: a) coordinate to make a lot of noise
about the Trump-denying activities over the next four years (e.g.,
California expanding public healthcare); b) coordinate to make a lot of
noise about arbitrary upbeat subjects ("this new music is just great") on
days when Trump is trying to draw everyone's attention to himself. But of
course, the 50c Party is able to issue talking points to hundreds of
thousands of people and make them work in lockstep.

One way to parsimoniously summarize existing empirical results about
information control in China is with a theory of the strategy of the
regime. This theory, which as with all theories is a simplification of the
complex realities on the ground, involves two complementary principles the
Chinese regime appears to follow, one passive and one active. The passive
principle is do not engage on controversial issues: do not insert 50c posts
supporting, and do not censor posts criticizing, the regime, its leaders, or
their policies. The second, active, principle is stop discussions with
collective action potential, by active distraction and active censorship.
Cheerleading in directed 50c bursts is one way the government distracts the
public, although this activity can be also be used to distract from general
negativity, government related meetings and events with protest potential,
etc. (Citizens criticize the regime without collective action on the ground
in many ways, including even via unsubstantiated threats of protest and
viral bursts of online-only activity—which, by this definition, do not
have collective action potential and so are ignored by the government.)

These twin strategies appear to derive from the fact that the main threat
perceived by the Chinese regime in the modern era is not military attacks
from foreign enemies but rather uprisings from their own people. Staying in
power involves managing their government and party agents in China's 32
provincial-level regions, 334 prefecture-level divisions, 2,862 county-level
divisions, 41,034 township-level administrations, and 704,382 village-level
subdivisions, and somehow keeping in check collective action organized by
those outside of government. The balance of supportive and critical
commentary on social media about specific issues, in specific jurisdictions,
is useful to the government in judging the performance of (as well as
keeping or replacing) local leaders and ameliorating other information
problems faced by central authorities (Dimitrov, 2014a,b,c; Wintrobe,
1998). As such, avoiding any artificial change in that balance—such as
from 50c posts or censorship—can be valuable. Distraction is a clever and
useful strategy in information control in that an argument

Japan testing USB phone charging in public buses

Henry Baker <>
Fri, 20 Jan 2017 12:55:55 -0800
FYI—What could possibly go wrong?  It is well known that the NSA—as
well as other nation-state actors—place malicious USB chargers in public
places that can infect computers and phones that are attached.

Mix ­ in Mobile
You need a *USB condom* (but from a *trusted vendor* !!) to protect your phone.

As someone who's been walking around with a beat-up iPhone 5 and a battery
ready to die on me any moment, having access to more public phone charging
stations is something I can absolutely get behind.  It seems Japan is
sympathetic to this need.

According to Japanese news outlet IT Media, a public transport bus in the
Tokyo area has introduced, and is currently testing, USB charging stations
for commuter phones and tablets.

While the local Bureau of Transportation hasn't formally announced or
confirmed the trials, numerous passengers so far have reported seeing the
charging ports.  The service runs free of charge, with at least five of
these wall-mounted charging hotspots placed inside the bus.

According to reports, the service is currently available solely in a single
bus. It remains unclear how long testing will continue or whether it will
eventually roll out to more buses.

Japan isn't the only country to have offered phone charging stations in
public transport vehicles. Last September, London also equipped a limited
number of buses with USB chargers. Similarly, Singapore ran trials with
wall-mounted phone chargers on at least 10 buses in September last year.

So don;t be surprised if you see the service available on one of the buses
in your local area sometime soon. But until then: Better make sure you keep
your portable battery pack in your backpack.

The Fine Art of Sniffing Out Crappy Science (Chronicle of Higher Education)

Lauren Weinstein <>
Thu, 19 Jan 2017 07:45:51 -0800

  Carl T. Bergstrom and Jevin West, a pair of scientists at the University
  of Washington, think it's time to arm students with boots and shovels.
  They have published the outline of a course, titled "Calling Bullsh*t,"
  which would try to teach how to spot bad data and misleading graphs at a
  time when bending statistics has become a popular art form.

Facebook and Falsehood (Chronicle of Higher Education)

Lauren Weinstein <>
Thu, 19 Jan 2017 07:56:28 -0800
via NNSquad

  If businesses, public intellectuals, and academics want to start
  addressing the problem, they are going to have to start thinking in
  political terms, just as climate scientists have had to get politicized to
  engage in the debates over global warming. If Facebook and other companies
  are going to act effectively against fake news, they need to take a
  directly political stance, explicitly acknowledging that they have a
  responsibility to prevent the spread of obvious falsehoods, while
  continuing to allow the sites' users to express and argue for a variety of
  different understandings of the truth that are not obviously incompatible
  with empirical facts.

Re: Fake News (RISKS-30.09)

Peter Houppermans <>
Wed, 18 Jan 2017 15:33:25 +0100
I find it interesting that in all the reporting and arguing about fake news
and the effects it has there has been one thing left untouched: the fact
that the very label "fake news" is, in itself, manipulative.

Any attempt to address "fake news" should start with the consideration that
it may be better to replace the term with what it really is: lies.

  [Peter H, Yes.  See RISKS-29.95,96, and RISKS-30.03.
  But a lie lies in the eyes of the beholder and the beheld.
  How about Fox's use of *faux news*?.
  The now-common use of *Falsehood* seems less onerous than "Lies".
  *Prevarication* might be a suitable alternative,
  while later pretending you had not prevaricated
  might be a *postvarication*?  PGN]

Re: Nissan's Path to Self-Driving Cars? Humans in Call Centers (RISKS-30.09)

Michael Bacon - Grimbaldus <>
Wed, 18 Jan 2017 11:52:25 +0000
Seamless Autonomous Mobility?

I can hardly wait for them to outsource the call centre!

Re: Leap-seconds (Frankston, RISKS-30.09)

Kurt Seifried <>
Tue, 17 Jan 2017 18:46:15 -0700
> Why is the millisecond precise position of the sun more important than all
> other uses of time?

Because satellites and other things that actually care.

So what's your suggestion to deal with leap years and the undefining of the

It's so weird to me that people **** all over leap seconds, but are fine
with leap years and arbitrary timezone changes.

To be fair my plan to deal with leap seconds for CVE entries is to ideally
say they are optional and round down if needed (to 59), we're lucky in that
being off by a second is ok.

Re: Leap-seconds (Seifried, RISKS-30.09)

"Bob Frankston" <>
17 Jan 2017 22:16:20 -0500
Satellites can't use UTC because it's too imprecise.  They need the more
precise times such as UT2. These are computed from TAI plus a correction
factor. They don't use wall clock notation (HH::MM)—minutes don't exist
in UT2 nor UTC, so why do we even care about minutes?

Leap years are a red-herring here since we don't assume any interval beyond
weeks are constant. You cannot say minutes are not 60 seconds. Period. It is
a definition. They are not about 60 second—it is a definition. Time zones
are about presentation and not about keeping as such.

If you want sun-minutes for your sundial, fine—but no need to make the
rest of us use it.

I have a longer paper for Springer about this but didn't want to get into
all the issues on my essay.

Re: Leap-seconds (Frankston, RISKS-30.10)

Kurt Seifried <>
Wed, 18 Jan 2017 08:18:03 -0700
Ah, I stand corrected: we have

Units of time, speed and acceleration

* second <> (symbol s): "*duration
  of 9 192 631 770 periods of the radiation corresponding to the transition
  between the two hyperfine <> levels
  of the ground state of the caesium 133
  <> atom*"

Other units of time defined by the standard include
<> (1 min = 60 s)
<> (1 h = 60 min)
<> (1 d = 24 h)
The year is defined in an informative annex:
<> (1 a = 365 d or 366 d)

So you are correct, the minute is defined as 60 seconds and years are
defined as normal or leap.

However we still have the problem of time/the earth getting out of sync
(great page: So then the problem
becomes how do we reconcile various time keeping standards? leap seconds?
stretch the leap second over a week like Amazon Web Services and Google?
Simply ignore it and let GPS devices wander about a bit? ;)

Re: Leap-seconds (Seifried, RISKS-30.10)

"Bob Frankston" <>
18 Jan 2017 10:23:39 -0500
Easy to resolve because HH:MM is just a naming convention like time zones.
So we just do a daylight-like adjustment in 5000 year in case anyone then
cares about what happens back on the old planet.

  [I hope that resolves this exchange.  PGN]

Please report problems with the web pages to the maintainer