The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 31 Issue 57

Monday 10 February 2020


Backhoes, squirrels, and woodpeckers as DoS vectors
Richard Forno
Benjamin Netanyahu's election app potentially exposed data for every Israeli voter
The app that broke the Iowa caucus, an inside look
Tesla Remotely Removes Autopilot Features From Customer's Used Tesla Without Any Notice
Clean Technica
Recent Car Thefts May Be Related To Carsharing App Getaround, Warns D.C. Attorney General
SSL Certificates are expiring…
Nasty Linux, macOS sudo bug found and fixed
Cisco Flaws Put Millions of Workplace Devices at Risk
Data leakage from portable versions of Open Office and Libre Office
Arthur T.
Facebook's Bug Bounty Caught a Data-Stealing Spree
The ‘manosphere’ is getting more toxic as angry men join the incels
MIT Tech Review
Explainable AI
Chris Els=C3=A4sser
Read the FBI's Damning Case Against the Recently Arrested Nintendo Hacker
Who owns your feelings? Short doc shows how big tech uses AI to track emotions
Photo Roulette on the App Store
Gabe Goldberg
The 'race to 5G' is a myth
Not all fun and memes: What's the trouble with TikTok?
The Night Sky Will Never Be the Same
The Atlantic
Boeing's Starliner space capsule suffered a second software glitch during December test flight
Boeing Refuses to Cooperate With New Inquiry into Deadly Crash
NASA Shares Initial Findings from Boeing Starliner Orbital Flight Test Investigation
Re: Boeing 737s can't land facing west
Terje Mathisen
Re: 99 smartphones …
3daygoaty JC Cantrell
Re: Artificial intelligence-created medicine to be used on humans for first time
Mark Thorson
Re: AI-created medicine to be used on humans
Henry Baker
Re: Election Security At The Chip Level
John R. Levine
Re: Should Automakers Be Responsible for Accidents?
Gabe Goldberg
Info on RISKS (comp.risks)

Backhoes, squirrels, and woodpeckers as DoS vectors

Richard Forno <>
Mon, 10 Feb 2020 08:53:28 -0500

[The video shows] a wireless antenna in California. Network coverage was disrupted by an Acorn woodpecker, a 3-ounce bird stashing an estimated 35-50 gallons/300lbs of acorns.

Social media have been attributing this to squirrels for a long time. I of course try to correct people anytime I see this. It just proves that attribution can be really difficult. RF

Benjamin Netanyahu's election app potentially exposed data for every Israeli voter (WashPost)

Lauren Weinstein <>
Mon, 10 Feb 2020 08:36:47 -0800

The app that broke the Iowa caucus, an inside look (CNET)

geoff goodfellow <>
Thu, 6 Feb 2020 16:45:00 -0700

A cybersecurity company got hold of the code for Shadow, the app used in the Iowa caucus, and spoke to CNET about what it found


Results from Monday's Iowa caucus were delayed for days because of problems with a smartphone app used to tabulate and report results, causing chaos and frustration among campaigns and voters. A reported coding issue caused the app to only report out partial data, Iowa Democratic Chairman Troy Price said in a statement.




Cybersecurity company Blue Hexagon obtained a copy of the app, created by a company called Shadow, Inc. Blue Hexagon's head of cyberthreat intelligence and operations, Irfan Asrar, spoke with CNET's Dan Patterson about what went wrong and the overarching cybersecurity concerns this presents for the rest of the 2020 election.



Blue Hexagon is still diagnosing exactly why the app failed. But the final version of the app has several problems within the code, including links to people's personal websites, Asrar said. “What we believe is, this is an oversight, and an example of the app being rushed into production,” he added. The larger concern is that the app was so easy to obtain, which means anyone could access the infrastructure supporting it and potentially cause damage, Asrar said.

Watch the video for the full interview

<> and more insight into the Shadow, Inc. app. […]

Tesla Remotely Removes Autopilot Features From Customer's Used Tesla Without Any Notice (Clean Technica)

geoff goodfellow <>
Mon, 10 Feb 2020 08:54:45 -0700


One of the less-considered side effects of car features moving from hardware to software is that important features and abilities of a car can now be removed without any actual contact with a given car. Where once de-contenting involved at least a screwdriver (or, if you were in a hurry, a hammer), now thousands of dollars of options can vanish with the click of a mouse somewhere. And that's exactly what happened to one Tesla owner, and, it seems many others.

Alec (I'll withhold his last name for privacy reasons) bought a 2017 Tesla Model S on December 20 of last year, from a third-party dealer who bought the car directly from Tesla via auction on November 15, 2019. The car was sold at auction as a result of a California Lemon Law buyback, as the car suffered from a well-known issue where the center-stack screen developed a noticeable yellow border.


When the dealer bought the car at auction from Tesla on November 15, it was optioned with both Enhanced Autopilot and Tesla's confusingly-named Full Self Driving Capability together, these options totaled $8,000. You can see them right on the Monroney sticker for the car:…


Recent Car Thefts May Be Related To Carsharing App Getaround, Warns D.C. Attorney General (DCist)

Gabe Goldberg <>
Wed, 5 Feb 2020 18:05:36 -0500

“Vehicles listed on Getaround could be at increased risk of theft because keys are left inside of the car and the car's location is visible to anyone searching the platform,” according to a release from the OAG.

Ya think?

SSL Certificates are expiring… (Cryptography)

Henry Baker <>
February 1, 2020 at 9:08:55 AM GMT+9

“Forget the Y2K bug, “things” are starting to break as SSL Certificates start expiring.”

Several authority certificates are expiring:

5/30/2020 6/21/2020 9/22/2020 12/31/2020

IoT—Internet of Expired Certificates.

Perfectly good HW, but with firmware that can't be updated.

I just hope that implantable medical devices can have their builtin certificates updated!

I wonder how many “smart” cars will stop running when their builtin SSL certificates expire?

Problems: bad hash functions (MDx,SHA1) are also causing certificate problems even though the RSA algorithm—even at 1024 bits—still seems to be holding.

Nasty Linux, macOS sudo bug found and fixed (ZDNet)

Gabe Goldberg <>
Wed, 5 Feb 2020 01:02:54 -0500

Sudo is a very popular, very simple Unix-system sysadmin application. It enables users to switch identities for the purpose of running a single command. Usually, but not always, it lets you run a command as the root, system administrator, user. Sudo's easy to abuse, but it's so darn useful, until it's not. A recently discovered sudo bug once more spells out why you should be wary of this command.

In this latest security hole, CVE-2019-18634, Apple Information Security researcher Joe Vennix discovered that if the “pwfeedback” option is enabled in your sudoers configuration file, any user, even one who can't run sudo or is listed in the sudoers file, can crack a system.

Cisco Flaws Put Millions of Workplace Devices at Risk (WiReD)

Gabe Goldberg <>
Fri, 7 Feb 2020 10:32:15 -0500

To exploit the bugs, attackers would first need a foothold inside a target's network, but from there they could fan out quickly, compromising one vulnerable Cisco device after another to bore deeper into a system. And once attackers controlled a switch or router they could start to intercept unencrypted network data, like files and some communications, or access a company's active directory, which manages authentication for users and devices.

“It's still hop by hop. As a hacker, you still need an initial attack vector into the network,” says Ang Cui, founder of the IoT security firm Red Balloon, who has disclosed numerous Cisco bugs. “But once you're there, at each hop you have the same vulnerability present—all the switches, firewalls, and routers in a network could be affected by this. So you're going to have to own a lot of devices, but once you own all of them you've literally taken over every single piece of the network.”

Data leakage from portable versions of Open Office and Libre Office

“Arthur T.” <>
Fri, 07 Feb 2020 01:06:34 -0500

Note: this post is Windows-centric. I'm not sure if a similar problem occurs on other platforms.

Many people run the portable version of Office (Open or Libre) from a specific location (such as a thumb drive) in order to keep all data off of other locations (such as the C: drive). This might not be working as expected.

One of the first things one does in such a case is verify the locations of default files, temp files, etc. The temp files location is a few directories down from %temp% (or maybe %tmp%) and probably on C:. So one changes it to a directory on the same drive where Office resides. Unfortunately, that doesn't work. More unfortunately, Office doesn't tell you that it didn't work.

My first indication was that when I restarted the program, its temp directory had reverted to within %temp%. I thought that, even though it remembered other changes, it somehow wasn't remembering that one.

In fact, it's more sinister. Not only is it not remembering it, it's not using the updated location. When it starts, it immediately creates files in its temp directory, and it keeps using that same directory until Office is closed, regardless of what you type in as an override once the program is running. Really, it shouldn't let you type an override in for that directory, so you'd know it can't be overridden.

I use Open Office, but web searches suggest: that Libre Office has the same problem, that it has existed for a long time, and that it has not been fixed.

For myself, I created a .bat file to reset temp and tmp before starting Open Office, and that appears to fix the problem. My .bat file to run Office from drive E: is:

setlocal set tmp=e:\temp set temp=e:\temp start “Open Office on E” “e:\Program Files\OpenOffice\OpenOfficePortable.exe” endlocal

Facebook's Bug Bounty Caught a Data-Stealing Spree (WiReD)

Gabe Goldberg <>
Sun, 9 Feb 2020 21:29:23 -0500

A few months ago, the company disclosed that apps were siphoning data from up to 9.5 million of its users. It only found out thanks to a bug bounty submission.

The ‘manosphere’ is getting more toxic as angry men join the incels (MIT Tech Review)

Monty Solomon <>
Sat, 8 Feb 2020 11:42:35 -0500

Men from the less extreme end of the misogynistic spectrum are drifting toward groups that espouse violence against women, a new study suggests.

Explainable AI

Chris Els=C3=A4sser <>
Thu, Feb 6, 2020 at 11:55 AM

Geoff, Looking over your recent posts on IS & RISKS, I noticed this at the end (probably from MIT Tech Review):

Ehsan is part of a small but growing group of researchers trying to make AIs better at explaining themselves, to help us look inside the black box. The aim of so-called interpretable or explainable AI (XAI) is to help people understand what features in the data a neural network is actually learning — and thus whether the resulting model is accurate and unbiased. [=A6]

Once again, AI is reinvented!

But first, it would be nice if the Tech Review writer (Douglas Heaven) knew that interpretable and explainable are not the same thing.

Second, it would be nice if the writer looked at the extensive literature on explanation in AI systems; goes back to the great-grandparent of AI systems, MYCIN, and its explanation subsystem. [note: MYCIN's ‘certainty factors’ were soon supplanted at Stanford by Bayes networks]

Per Geoff Hinton, Deep learning NNs are approximations of (full) Bayesian classifiers. Explanation of Bayesian inference has long been seen to be in need of ‘explanation’ (or perhaps ‘convincing’ :-)) because human reason under uncertainty has often been found to deviate from Bayesian inference (which is provably optimal).

The earliest reference to explanation of Bayesian inference I've found is the following (and it should be obvious why I looked no further ;-)):

Elsaesser, Christopher (1987) Explanation of Probabilistic Inference for Decision Support Systems Proceedings of the Third Conference on Uncertainty in Artificial Intelligence (UAI-87), Morgan Kaufmann, San Francisco, CA.

That paper reported work I did for my PhD thesis at Carnegie Mellon. My techniques were substantially improved and extended by Merek Druzdzel. For example:

Henrion, M. and M. J. Druzdzel (1990). Qualitative and linguistic explanations of probabilistic reasoning in belief networks. Proceedings of the Sixth Conference on Uncertainty in Artificial Intelligence, pages 10-20 Cambridge, MA, Association for Uncertainty in AI.

NOT that re-invention is not worthwhile. Just that at least in this case its nothing new. :-)

Read the FBI's Damning Case Against the Recently Arrested Nintendo Hacker (Vice)

Monty Solomon <>
Tue, 4 Feb 2020 18:03:22 -0500

The hacker who stole from Nintendo for years bragged about it online, and didn't even try to hide his real name or activities.

Who owns your feelings? Short doc shows how big tech uses AI to track emotions (CBC)

“Matthew Kruk” <>
Thu, 6 Feb 2020 18:55:58 -0700

Watching Noah Levenson's short documentary Stealing Ur Feelings is undoubtedly intended to be an uncomfortable experience.

The short film, which premiered in Montreal as part of the International Documentary Festival this week, explains how big business has the capacity to use artificial intelligence programs and facial recognition software to track and monitor the emotions of its users.

But he does this by using the same technology against the viewers of the film. “It uses facial emotion recognition AI to watch you back. So it analyzes your face as you react to content it shows you,” explained Levenson.

“So, the film uses the camera in your device to make you the star of the film.”

Photo Roulette on the App Store

Gabe Goldberg <>
Wed, 5 Feb 2020 00:58:38 -0500

In Photo Roulette you compete with your friends to quickly guess whose photo is shown! Play with random photos from you (sic) and your friends' phones in this social and exciting Photo Roulette game! Feel the thrill before each picture and share the hilarious moments that occur with the pictures of your friends and family!

Nevermind someone hacking your phone for pictures, play the game and see what's distributed.

The 'race to 5G' is a myth (WEForum)

geoff goodfellow <>
Fri, 7 Feb 2020 12:26:13 -0700


Telecommunications providers relentlessly extol the power of fifth-generation (5G) wireless technology. Government officials and policy advocates fret that the winner of the “5G race” will dominate the Internet of the future, so America cannot afford to lose out. Pundits declare that 5G will revolutionize the digital world.

<> <> <>

It all sounds very thrilling. Unfortunately, the hype has gone too far. 5G systems will, over time, replace today's 4G, just as next year's iPhone 12 will improve on this year's 11. 5G networks offer significantly greater transmission capacity. However, despite all the hype, they won't represent a radical break from the current mobile experience. First of all, the “race to 5G” is a myth. 5G is a marketing term for a family of technologies, which carriers can stretch to cover a variety of networks. The technical standards are still under development <>, so what counts as “true” 5G is arguable. As with 4G, the 5G rollout will take years, as carriers upgrade their networks with new gear and users buy new phones. Just as they do today, connections will fall back to slower speeds when users aren't near enough to a tower, or if the network is overloaded. There's no magic moment when a carrier, or a nation, “has” 5G.

Even if there was a race, it's over: South Korea and China have already built <> much more extensive 5G networks than the United States. But that shouldn't be cause for panic. Customers in those countries may have a leg up on faster connections, but that doesn't necessarily create a sustainable strategic advantage. Romania is one of 10 countries with significantly faster <> average fixed broadband connections than America today, yet no one in Washington seems concerned that will give Romanian firms a dominant advantage. The major tech platforms delivering innovative digital services to the world are still based in the United States and China. There are important concerns <> about the Chinese networking firm Huawei creating backdoors for surveillance or tilting the carrier equipment market toward Chinese-defined standards. Your 5G user experience, however, won't depend on who makes the gear in the guts of the network. The overheated rhetoric is based on the misconception that 5G heralds a new era of services for end-users. In reality, the claimed performance—hundreds of megabits or even gigabits per second — is misleading. Averages and ideal numbers mask huge variations depending <> on distance to an antenna, obstructions, weather and other factors. The fastest speeds require “millimeter wave” spectrum, which doesn't penetrate walls or foliage well, and is generally less reliable than the lower frequencies used today. Millimeter wave requires a much denser network of antennas, which could be cost-prohibitive outside dense urban areas. Even if that hurdle is overcome, a gigabit per second to millions of phones requires a network able to move traffic at that speed end-to-end, which doesn't exist today. […]

Not all fun and memes: What's the trouble with TikTok? (CBC)

“Matthew Kruk” <>
Thu, 6 Feb 2020 18:57:47 -0700 It's been a bad week for TikTok.

The Chinese-owned video-sharing app, wildly popular with teens, was forced to issue a rare public statement about its data security practices and whether it censors content on behalf of Beijing.

In short, TikTok said it can be trusted with its users' data and that it doesn't delete videos just because of “sensitivities related to China.” But that's done little to quiet the app's increasingly vocal critics who worry the platform, with its short lip-sync and comedy videos, is the latest example of Beijing's overseas intelligence-gathering operation.

Toronto-based privacy advocate Ann Cavoukian told CBC News she is skeptical of TikTok's defence, because “surveillance among the Chinese is non-stop.”

The Night Sky Will Never Be the Same (The Atlantic)

geoff goodfellow <>
Fri, 7 Feb 2020 12:25:16 -0700

If Elon Musk has his way, thousands of bright artificial lights will streak through the dark


Last year, Krzysztof Stanek got a letter from one of his neighbors. The neighbor wanted to build a shed two feet taller than local regulations allowed, and the city required him to notify nearby residents. Neighbors, the notice said, could object to the construction. No one did, and the shed went up.

Stanek, an astronomer at Ohio State University, told me this story not because he thinks other people will care about the specific construction codes of Columbus, Ohio, but rather because it reminds him of the network of satellites SpaceX is building in the space around Earth. “Somebody puts up a shed that might obstruct my view by a foot, I can protest. But somebody can launch thousands of satellites in the sky and there's nothing I can do? As a citizen of Earth, I was like,Wait a minute.”

Since last spring, SpaceX has launched into orbit dozens of small satellites—the beginnings of Starlink, a floating scaffold that the company's founder, Elon Musk, hopes will someday provide high-speed Internet to every part of the world. <>

SpaceX sent a letter too, in a way. After filing for permission to build its constellation in space, federal regulators held the required comment period, open to the public, before the first satellites could launch.

These satellites have turned out to be far more reflective than anyone, even SpaceX engineers, expected. Before Starlink, there were about 200 objects in orbit around Earth that could be seen with the unaided eye. In less than a year, SpaceX has added another 240. “These are brighter than probably 99 percent of existing objects in Earth orbit right now,” says Pat Seitzer, a professor emeritus at the University of Michigan who studies orbital debris. For months, astronomers have shared images online of their telescopes' fields of view with diagonal white streaks cutting across the darkness, the distinct appearance of Starlink satellites. More satellites are now on the way, both from SpaceX and other companies. If, as Musk hopes, these satellites number in the tens of thousands, ignoring them will be difficult, whether you're an astronomer or not.

In some ways, these satellites pose a familiar problem, a matter of managing the competing interests that scientists, commercial companies, and the public might have in a limited natural resource. But the use of outer space — particularly the part in close vicinity to our planet—has never been tested quite like this before. For most of history, scientists, particularly those who observe the cosmos on visible wavelengths, have had relatively little competition for access to the sky. Passing satellites were considered nuisances and sometimes wrecked data, but they were rare. Some astronomers are now calling for legal action but even those who wouldn't push that far describe Starlink's satellites as a wake-up call: What happens when new and powerful neighbors have a distinct—and potentially disruptive—plan for a place you value?… <>,


Boeing's Starliner space capsule suffered a second software glitch during December test flight (WashPost)

Monty Solomon <>
Fri, 7 Feb 2020 11:14:15 -0500

Boeing's Starliner space capsule suffered a second software glitch during December test flight

Boeing Refuses to Cooperate With New Inquiry into Deadly Crash (NYTimes)

Monty Solomon <>
Thu, 6 Feb 2020 14:33:07 -0500

In both the Max accidents and the 2009 crash, which involved a 737 NG, Boeing's design decisions allowed a single malfunctioning sensor to trigger a powerful computer command, even though the plane was equipped with two sensors. For both models, the company had determined that if a sensor failed, pilots would recognize the problem and recover the plane. But Boeing did not provide pilots with key information that could have helped them counteract the automation error.

After the 2009 crash, regulators required airlines to install a software update for the NG that allowed comparison of data from the two available sensors ” much the same fix that Boeing has now proposed for the Max. In the case of the NG, Boeing had developed a software update before the 2009 accident, but it wasn't compatible with all existing models, including the jet that crashed near Amsterdam.

NASA Shares Initial Findings from Boeing Starliner Orbital Flight Test Investigation (NASA)

Jan Wolitzky <>
Mon, 10 Feb 2020 08:17:07 -0500

Re: Boeing 737s can't land facing west (RISKS-31.54)

Terje Mathisen <>
Wed, 5 Feb 2020 11:04:31 +0100

I think this data item, along with the very limited number of identified problematic runways provide a strong clue:

The flight software splits the circle into quadrants, then for at least one quadrant boundary the logic to determine which one is broken, i.e. something like

if (angle < 270.0) quadrant = 3; else if (angle > 270.0) quadrant = 4;

For these particular runways, the planners had enough freedom to be allowed to place each runway exactly where they wanted and decided to draw a perfectly straight line <E-W> using RTK GPS surveying so that the actual direction is 270 degrees exactly, while on all the other “Runway 27”s (approx) in the world which have been certified for 737 landings, there is a small but sufficient angular offset.

I would have expected such an error to also happen in the opposite direction though, that's why I'm guessing at individual code for each boundary.

Re: 99 smartphones … (RISKS-31.56)

“3daygoaty” <>
Wed, 5 Feb 2020 11:11:12 +1100

This involved 99 real smart phones running the Google maps app. Can the same effect be achieved by simulating the phones on fewer- or one- physical device(s)? How easy is it then to tell Google Maps you are somewhere you actually aren't?

The hack looks like it could be used to flock self-driving cars away from some route or alternatively, funnel them into some sort of trap. Self-driving cars likely being rather posh cars might be desirable for car jacking, say.

The service that allows the authorities to get all green lights driving across the city for the movement of sensitive freight, high profile people or prisoners - I would presume their route is fixed and not subject to traffic? Gerry Adams came to Melbourne. They organised 5 routes from the airport to a certain Irish pub. At the last minute they picked one of them. Can I use the above hack to route Gerry where I want him?

Re: 99 smartphones ,,, (RISKS-31.56)

JC Cantrell <>
Wed, 05 Feb 2020 23:18:06 -0500

I smell a small business opportunity here.

Got too much traffic on your street? Waze leading others to contribute to your traffic headaches?

Hire me! I have the wagon, can get the old phones and, for the right price, will walk your streets at rush hour! Guaranteed to reduce traffic by 10, 20, or even 30 percent!

Now I just have to subcontract this, but being in California with recent independent contractor classification troubles, let's just call the whole thing off.

Another one of my grand schemes shot down.

Re: Artificial intelligence-created medicine to be used on humans for first time (RISKS-31.56)

Mark Thorson <>
Thu, 6 Feb 2020 11:40:31 -0800

AI assisted with a small part of drug discovery, not quite the breakthrough suggested by the press.

Re: AI-created medicine to be used on humans (Stein, R 31.56)

Henry Baker <>
Tue, 04 Feb 2020 16:07:52 -0800

Perhaps they should run the first tests on another AI.

“Typically, drug development takes about five years to get to trial”; here “trial” means the first class action suit.

Remember the principle: “An AI for an AI”.

[Richard Stein replied:

Henry—A good aphorism. Nothing like algorithmic retribution — recursive payback. I favor “Dog Fooding” in this case. Would the pharmaceutical company's investors or employees subject their children to the clinical trial if they qualified as candidates? RS]

Re: Election Security At The Chip Level (SemiEngineering, RISKS-31.56)

“John R. Levine” <>
4 Feb 2020 17:43:54 -0500

Where I live, they have the info you provided when you registered which includes your signature and usually height and eye color which the election officials check. (I used to be one.) The officials are mostly retired local folks, and often know who you are anyway. Very low tech but pretty effective.

Despite endless disinformation to the contrary, in-person voter fraud is not a problem and never has been. If you think about it for two minutes, it's about the worst possible way to steal an election, one vote at a time with each vote subject to challenge. Sensible people steal an election by bribing the officials so when the polls close they stuff the box full of enough ballots to ensure that the correct candidate wins.

For an excellent discussion of this technique, read Robert Caro's “Means of Ascent” which is mostly about how Lyndon Johnson won the 1948 primary that put him in the Senate. It includes a long interview with the guy who had the ballot box.

Re: Should Automakers Be Responsible for Accidents? (Levine, RISKS-31.56)

Gabe Goldberg <>
Tue, 4 Feb 2020 22:22:53 -0500

And parking tickets imposing automaker liability:

Sorry sir, we've remotely disabled your car, now that it's legally parked in your garage. Please complete the attached agreement committing to better behavior, so that we may restore your driving privileges at the end of next month.

On 2/4/2020 5:07 PM, John Levine wrote:

> In article <16.CMM.> you write: >> What a strange scheme: >> >> Automaker enterprise liability would have useful incentives that driver >> liability law misses. >> > I can hardly wait: > > “Sorry, sir, you've had three moving violations so we'll have to ask > you to leave the showroom now.”

Please report problems with the web pages to the maintainer