RISKS-LIST: Risks-Forum Digest Sunday 21 June 2020 Volume 32 : Issue 02

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.02>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>

Contents:
TikTok Teens and K-Pop Fans Say They Sank Trump Rally (The New York Times) Widespread VSAP failures in California March 2020 primary (LA County)
China Reports Progress in Ultra-Secure Satellite Transmission (NYTimes)
U.S. blacklists 'China's MIT' as tech war enters new phase
(Nikkei Asian Review)
French Court Strikes Down Most of Online Hate Speech Law (NYTimes)
Who's a Bot? Who's Not? (NYTimes)
Microsoft 365 Security vulnerability (Forbers)
Russia to install Orwellian facial recognition ... (Moscow Times)
Apparent suicide by 20-year-old Robinhood trader who saw a negative
$730,000 balance prompts app to make changes (CNN)
Mild virus cases may bestow far lower immunity (AFP)
Contact Tracing (Lauren Weinstein)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Sun, 21 Jun 2020 08:21:23 -0400
From: Monty Solomon <monty@roscom.com>
Subject: TikTok Teens and K-Pop Fans Say They Sank Trump Rally (NYTimes)

Taylor Lorenz, Kellen Browning and Sheera Frenkel,
*The New York Times website*, 21 Jun 2020 [not yet in print]

Did a successful prank inflate attendance expectations for President Trump's
rally in Tulsa, Okla.? [...]

TikTok users and fans of Korean pop music groups claimed to have
registered potentially hundreds of thousands of tickets for Mr. Trump's
campaign rally as a prank. After the Trump campaign's official account
@TeamTrump posted a tweet asking supporters to register for free tickets
using their phones on June 11, K-pop fan accounts began sharing the
information with followers, encouraging them to register for the rally --
and then not show.

The trend quickly spread on TikTok, where videos with millions of views
instructed viewers to do the same, as CNN reported on Tuesday. ``Oh no, I
signed up for a Trump rally, and I can't go,'' one woman joked, along with
a fake cough, in a TikTok posted on June 15.

https://www.nytimes.com/2020/06/21/style/tiktok-trump-rally-tulsa.html

[The title Monty sent me is the one online, which says `Stans' instead of
`Fans'. Could be a ligature problem? I presume it might get corrected
later. I am ahead of the curve. PGN]

------------------------------

Date: Sat, 20 Jun 2020 16:23:51 PDT
From: "Peter G. Neumann" <neumann@csl.sri.com>
Subject: Widespread VSAP failures in California March 2020 primary (LA County)

[Sources: LA County Registrar's Office and a consultant's investigation. PGN]

``During the 2020 primary election, Los Angeles County launched its new
Voting Solutions for All People (VSAP), a highly ambitious project that
dramatically changed the experience of voting in the nation’s most
populous county. Although many voters welcomed the improvements, many
others experienced significant challenges, including excessive wait times
at Vote Centers.'' [...]

``Overarching quality control breakdowns and vendor management issues:
Inadequate vendor and timeline management resulted in a lack of quality
assurance for election processes and technology deployments. Poor
technology vendor management resulted in the lack of identification of
critical design issues. This led to long wait times and a poor voter
experience during the election.''

https://ceo.lacounty.gov/wp-content/uploads/2020/06/LAC-Voting-Assessment-Summa ry-of-Findings.pdf?utm_content=&utm_medium=email&utm_name=&utm_source=govdelive ry&utm_term= (5 Jun 2020)

A commissioned evaluation report is also relevant:
LAC-Voting-Assessment-Summary-of-Findings.pdf

[Both of these sources add fuel to the fires continuing to burst anew
relating to election integrity. The first one relates to the LA County
Registrar, extensive voter disenfranchisement, compliance issues, and
problems with the VSAP system -- including lack of adequate testing. The
prospects for clean elections in November are continuing to be highly
questionable. PGN]

------------------------------

Date: Tue, 16 Jun 2020 15:35:44 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: China Reports Progress in Ultra-Secure Satellite Transmission
(NYTimes)

Researchers enlisted quantum physics to send a secret key for encrypting and decrypting messages between two stations 700 miles apart.

https://www.nytimes.com/2020/06/15/science/quantum-satellites-china-spying.html

------------------------------

Date: Wed, 17 Jun 2020 19:56:44 +0900
From: Dave Farber <farber@gmail.com>
Subject: U.S. blacklists 'China's MIT' as tech war enters new phase
(Nikkei Asian Review)

https://asia.nikkei.com/Business/Technology/US-blacklists-China-s-MIT-as-tech-war-enters-new-phase

------------------------------

Date: Fri, 19 Jun 2020 20:28:24 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: French Court Strikes Down Most of Online Hate Speech Law
(The New York Times)

PARIS — A top French court on Thursday struck down critical provisions of a law passed by France's parliament last month to combat online hate speech, dealing a severe blow to the government's effort to police Internet content.

The court’s ruling comes as authorities around the world try to regulate
what can be shared on vast Internet platforms like Facebook, YouTube or Twitter, all American companies with attitudes toward free speech and government oversight that often differ from Europe's.

The flagship provision in France's new law, which was supported by President Emmanuel Macron's government and sponsored by his party, created an
obligation for online platforms to take down hateful content flagged by
users within 24 hours. If the platforms failed to do so, they risked fines
of up to 1.25 million euros, or about $1.4 million.

But the Constitutional Council, a French court that reviews legislation to ensure it complies with the French constitution, noted in its ruling on Thursday that the measure put the onus for analyzing content solely on tech platforms without the involvement of a judge, within a very short time
frame, and with the threat of hefty penalties.

https://www.nytimes.com/2020/06/18/world/europe/france-internet-hate-speech-regulation.html

------------------------------

Date: Sun, 21 Jun 2020 08:53:28 -0400
From: Monty Solomon <monty@roscom.com>
Subject: Who's a Bot? Who's Not? (NYTimes)

It sometimes seems that automated bots are taking over social media and
driving human discourse. But some (real) researchers aren't so sure.

https://www.nytimes.com/2020/06/16/science/social-media-bots-kazemi.html

------------------------------

Date: Thu, 18 Jun 2020 20:18:57 -0700
From: Peter G Neumann <Neumann@CSL.SRI.COM>
Subject: Microsoft 365 Security vulnerability

https://www.forbes.com/sites/zakdoffman/2020/06/18/genius-hackers-hijack-oxford-university-tech-for-masterpiece-attack-on-microsoft-users/

------------------------------

Date: Fri, 19 Jun 2020 19:19:05 +0900
From: Dave Farber <farber@gmail.com>
Subject: Russia to install Orwellian facial recognition ... (Moscow Times)

https://www.themoscowtimes.com/2020/06/16/russia-to-install-orwell-facial-recognition-tech-in-every-school-vedomosti-a70585

------------------------------

Date: Sat, 20 Jun 2020 09:50:45 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: Apparent suicide by 20-year-old Robinhood trader who saw a negative
$730,000 balance prompts app to make changes (CNN)

Poorly designed UIs can have devastating consequences. (LW)

https://www.cnn.com/2020/06/19/business/robinhood-suicide-alex-kearns/index.html

------------------------------

Date: Sat, 20 Jun 2020 16:57:09 -1000
From: geoff goodfellow <geoff@iconia.com>
Subject: Mild virus cases may bestow far lower immunity (AFP)

People who catch COVID-19 but don't show symptoms may have significantly
lower levels of immunity against the virus than those who become severely
ill, new research showed Thursday.

The majority of virus patients display relatively minor signs of infection,
and a small proportion show no symptoms at all.

Very little is known about this group, given that they are far less likely
to be tested than those who go on to develop severe symptoms including respiratory problems.

Researchers based in China compared two groups of individuals infected with COVID-19 in Chongqing's Wanzhou district: 37 who showed symptoms versus 37
who did not.

The researchers analysed blood samples from both groups taken a few weeks
after recovering and found that just 62.2 percent of the asymptomatic group
had short-term antibodies, compared with 78.4 percent of symptomatic
patients.

After eight weeks of convalescence, antibody presence had fallen in 81.1 percent of asymptomatic patients, compared with 62.2 percent of symptomatic patients.

What's more, asymptomatic patients were found to have lower levels of 18
pro- anti-inflammatory cell-signaling proteins than the symptomatic group, suggesting a weaker immune response to the novel coronavirus.

Authors of the study, which was published in Nature Medicine, said their findings called into question the idea that everyone who has had
coronavirus are immune to future infection. [...]

https://www.afp.com/en/news/826/mild-virus-cases-may-bestow-far-lower-immunity-study-doc-1to46y1

------------------------------

Date: Sun, 21 Jun 2020 12:40:16 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: Contact Tracing

As I predicted, contact tracing here in the U.S. is largely a failure. Most people don't trust any apps for this purpose, and refuse to give personal information to human tracers who contact them (no pun intended). This wasn't rocket science to predict.

------------------------------

Date: Mon, 1 Jun 2020 11:11:11 -0800
From: RISKS-request@csl.sri.com
Subject: Abridged info on RISKS (comp.risks)

The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
comp.risks, the feed for which is donated by panix.com as of June 2011.

SUBSCRIPTIONS: The mailman Web interface can be used directly to

subscribe and unsubscribe:
http://mls.csl.sri.com/mailman/listinfo/risks

SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that

includes the string `notsp'. Otherwise your message may not be read.
*** This attention-string has never changed, but might if spammers use it.

SPAM challenge-responses will not be honored. Instead, use an alternative

address from which you never send mail where the address becomes public!

The complete INFO file (submissions, default disclaimers, archive sites,

copyright policy, etc.) is online.
<http://www.CSL.sri.com/risksinfo.html>
*** Contributors are assumed to have read the full info file for guidelines!

OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's

searchable html archive at newcastle:
http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
Also, ftp://ftp.sri.com/risks for the current volume
or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
If none of those work for you, the most recent issue is always at
http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-32.00
ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
*** NOTE: If a cited URL fails, we do not try to update them. Try
browsing on the keywords in the subject line or cited article leads.
Apologies for what Office365 and SafeLinks may have done to URLs.

Special Offer to Join ACM for readers of the ACM RISKS Forum:

<http://www.acm.org/joinacm1>

------------------------------

End of RISKS-FORUM Digest 32.02
************************

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)