RISKS-LIST: Risks-Forum Digest Friday 7 June 2019 Volume 31 : Issue 28

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/31.28>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>

Contents:
SpaceX's Starlink Could Change The Night Sky Forever, And Astronomers Are
Not Happy (Forbes.com)
Quest Diagnostics Says Up to 12 Million Patients May Have Had Financial,
Medical, Personal Information Breached (NBC-NY)
885 Million Records Exposed Online- Bank Transactions, Social Security
Numbers, and More (Topic Box)
Networking issues take down Google Cloud in parts of the U.S. and Europe,
YouTube and Snspchat also affected (GeekWire)
New RCE vulnerability impacts nearly half of the Internet's email servers
(Catalin Cimpanu)
Millions of machines affected by command execution flaw in Exim mail server
(Ars Technica)
With Technology, Institutions Have Made 'Most Effective Means of Social
Control in the History of Our Species' (Edward Snowden)
Schools Are Deploying Massive Digital Surveillance Systems. The Results Are
Alarming (EdWeek)
Warnings of world-wide worm attacks are the real deal, new exploit shows
(Ars Technica)
Microsoft deprecates passwords (Ars Technica)
US Army testing jam-resistant GPS in Europe (Joe Gould)
Flying Robotaxis Prepare for Takeoff (Bloomberg)
The richest 10% of households now represent 70% of all U.S. wealth
(Market Watch)
GitHub shocks top developer: Access to 5 years' work inexplicably blocked
(Liam Tung)
Former Head of Pentagon's Secret UFO Program Has Some Strange Stories to
Tell (Live Science)
Deaths on Mt. Everest; Is social media partly to blame? (The Atlantic)
U.S. Visa Applicants Required To Turn Over Social Media (The Hill)
One way to tackle the nuclear waste prob: redefine the labels
(danny burstein)
FCC Affirms Robocall Blocking By Default to Protect Consumers (FCC)
Privacy Fears Split German Government on Use of Alexa Data as Evidence
(Fortune)
Apple's 'Find My' Feature Uses Some Very Clever Cryptography (WiReD)
'Sign In With Apple' Protects You in Ways Google and Facebook Don't (WiReD)
NSA warns Microsoft Windows users to update systems to protect against
cyber-vulnerability (The Hill)
US visas now need five years of your social media ... (Rob Slade)
What He Learned Trying To Secure Congressional Campaigns (Idle Words)
Trump urges customers to drop AT&T to punish CNN over its coverage of him
(WashPost)
How Limbic Capitalism Preys on Our Addicted Brains (Quillette)
This ID Scanner Company is Collecting Sensitive Data on Millions of
Bar-goers (Medium)
VR Systems remotely accessed Durham county computer before 2016 election
(Kim Zetter)
Election Rules Are an Obstacle to Cybersecurity of Presidential Campaigns
(NYTimes)
More on Mueller and Interference (Time)
Phishing calls (Rob Slade)
Boeing Built Deadly Assumptions Into 737 Max, Blind to a Late (NYTimes)
Re: 737 MAX AoA Indications (Ladkin, Karish, Ladkin)
Re: 737 MAX: Boeing dodges responsibility, with help from the FAA (Karish)
Re: GM Gives All Its Vehicles a New Soul (Jared Gottlieb)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Mon, 3 Jun 2019 17:23:16 +0800
From: Richard Stein <rmstein@ieee.org>
Subject: SpaceX's Starlink Could Change The Night Sky Forever, And
Astronomers Are Not Happy (Forbes.com)

https://www.forbes.com/sites/jonathanocallaghan/2019/05/27/spacexs-starlink-could-change-the-night-sky-forever-and-astronomers-are-not-happy

A companion piece by Caleb A. Scharf can be found at https://blogs.scientificamerican.com/life-unbounded/the-death-of-astronomy/

Years ago, light pollution from ground sources (sodium or mercury halogen
lamps in street lights) pushed the world's best optical telescope
observatory sites into remote locations.

Astronomers now have to consider erasure of satellite-generated image
streaks from deep-space observations of multi-billion year old galactic structures. Estimates of 1 in 3 images may require touch-up from LEOS
radiation that enter and leave telescopic field of view.

Constellations of Low Earth Orbit Satellites (LEOS), possibly numbering
~12-15K LEOS, if Amazon.com's 3,000 Kuiper Project constellation flies with 12,000 Starlinks, can reflect sunlight at dawn/dust and microwave radiation into ground-based telescope observations. The 10.7-12.7 GHz band is particularly important for radio astronomy, and also for satellite communications.

"With Starlink, we are expecting at least 100 satellites to be visible at
any one time [at any location on Earth]," says Baskill. "Soon, even those fortunate to experience a truly dark site will find it filled with a haze of metal, slowly swarming across the night sky."

Probably low risk: LEO shrouds a NEO (near-Earth orbit) asteroid (NEA, actually) from detection. Difficult n-body problem to accurately simulate.

https://en.wikipedia.org/wiki/Near-Earth_object
documents detection statistics for asteroids and comets.

------------------------------

Date: Mon, 3 Jun 2019 18:20:43 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: Quest Diagnostics Says Up to 12 Million Patients May Have Had
Financial, Medical, Personal Information Breached (NBC-NY)

This includes credit-card numbers and bank-account information...

EXCERPT:

Quest Diagnostics, one of the biggest blood testing providers in the
country, warned Monday that nearly 12 million of its customers may have had personal, financial and medical information breached due to an issue with
one of its vendors.

In a filing with securities regulators, Quest said it was notified that
between Aug. 1, 2018, and March 30, 2019, that someone had unauthorized
access to the systems of AMCA, a billing collections vendor.

"(The) information on AMCA's affected system included financial
information (e.g., credit card numbers and bank account information),
medical information and other personal information (e.g., Social Security Numbers)," Quest said in the filing.

While customers' broad medical information might have been compromised,
Quest said AMCA did not have access to actual lab test results, and so therefore that data was not impacted...

[...] https://www.nbcnewyork.com/news/local/Quest-Diagnostics-12-Million-People-Data-Breach-510754611.html

https://www.bloomberg.com/news/articles/2019-06-03/quest-says-millions-of-patient-records-exposed-in-billing-hack

------------------------------

Date: Tue, 28 May 2019 17:55:03 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: 885 Million Records Exposed Online- Bank Transactions, Social
Security Numbers, and More (Topic Box)

EXCERPT:

Several million records said to include bank account details, Social
Security digits, wire transactions, and other mortgage paperwork, were
found publicly accessible on the server of a major U.S. financial service company.

More than 885 million records in total were reportedly exposed, according to Krebs on Security. The data was taken offline on Friday. Ben Shoval, a real-estate developer, reportedly discovered the files online and notified security reporter Brian Krebs. Krebs said that he contacted the server's
owner, First American Corporation, prior to reporting the incident.

A leading title insurance and settlement services provider, First American
is a large company headquartered in California with more than 18,000
employees. Its total assets in 2017 were reported at over $9.5 billion.

A company spokesperson told Gizmodo it learned about the issue on Friday and that the unauthorized access was caused by a design defect in one its production applications. It immediately blocked external access to the documents, they said, and began evaluating, with the help of an outside forensics firm, what effect, if any, the exposure had on the security of its customers' information...

https://ip.topicbox.com/groups/ip/T7c8fecd125a07f5c/885-million-records-exposed-online-bank-transactions-social-security-numbers-and-more

------------------------------

Date: Mon, 3 Jun 2019 13:46:09 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Networking issues take down Google Cloud in parts of the U.S. and
Europe, YouTube and Snspchat also affected (GeekWire)

Six weeks after Google dubiously claimed it ran the most reliable cloud computing service of the Big Three cloud providers, a widespread networking issue took out Google Cloud service on the East Coast of the U.S. and parts
of Europe Sunday, according to the company status page and frustrated users
on Twitter.

https://www.geekwire.com/2019/networking-issues-take-google-cloud-parts-u-s-europe-youtube-snapchat-also-affected/

------------------------------

Date: Thu, 06 Jun 2019 10:58:32 -0700
From: Gene Wirchenko <gene@shaw.ca>
Subject: New RCE vulnerability impacts nearly half of the Internet's email
servers (Catalin Cimpanu)

Catalin Cimpanu for Zero Day | 5 Jun 2019
New RCE vulnerability impacts nearly half of the Internet's email servers
Exim vulnerability lets attackers run commands as root on remote email servers. https://www.zdnet.com/article/new-rce-vulnerability-impacts-nearly-half-of-the-internets-email-servers/

opening text:

A critical remote command execution (RCE) security flaw impacts over half of the Internet's email servers, security researchers from Qualys have revealed today.

The vulnerability affects Exim, a mail transfer agent (MTA), which is
software that runs on email servers to relay emails from senders to
recipients.

------------------------------

Date: Fri, 7 Jun 2019 10:20:55 -0400
From: Monty Solomon <monty@roscom.com>
Subject: Millions of machines affected by command execution flaw in Exim
mail server (Ars Technica)

In some cases, it's trivial for remote attackers to execute commands with root privileges.

https://arstechnica.com/information-technology/2019/06/millions-of-machines-affected-by-command-execution-flaw-in-exim-mail-server/

------------------------------

Date: Wed, 5 Jun 2019 06:51:43 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: With Technology, Institutions Have Made 'Most Effective Means of
Social Control in the History of Our Species' (Edward Snowden)

NSA whistleblower says "new platforms and algorithms" can have direct
effect on human behavior.

EXCERPTS:

NSA whistleblower Edward Snowden said Thursday that people in systems of
power have exploited the human desire to connect in order to create systems
of mass surveillance. Snowden appeared at Dalhousie University in Halifax, Nova Scotia via livestream from Moscow to give a keynote address for the Canadian university's Open Dialogue Series. Right now, he said, humanity is
in a sort of "atomic moment" in the field of computer science. "We're in
the midst of the greatest redistribution of power since the Industrial Revolution, and this is happening because technology has provided a new capability," Snowden said. "It's related to influence that reaches everyone
in every place," he said. "It has no regard for borders. Its reach is unlimited, if you will, but its safeguards are not."

Without such defenses, technology is able to affect human behavior. Institutions can "monitor and record private activities of people on a scale that's broad enough that we can say it's close to all-powerful," said
Snowden. They do this through "new platforms and algorithms," through which "they're able to shift our behavior. In some cases they're able to predict
our decisions -- and also nudge them -- to different outcomes. And they do
this by exploiting the human need for belonging." "We don't sign up for
this," he added, dismissing the notion that people know exactly what they
are getting into with social media platforms like Facebook.

"How many of you who have a Facebook account actually read the terms of service?" Snowden asked. "Everything has hundreds and hundreds of pages of legal jargon that we're not qualified to read and assess --and yet they're considered to be binding upon us." "It is through this sort of unholy connection of technology and sort of an unusual interpretation of contract law," he continued, "that these institutions have been able to transform
this greatest virtue of humanity -- which is this desire to interact and to connect and to cooperate and to share -- to transform all of that into a weakness."

"And now," he added, "these institutions, which are both commercial and governmental, have built upon that and... have structuralized that and entrenched it to where it has become now the most effective means of social control in the history of our species." "Maybe you've heard about it,"
Snowden said. "This is mass surveillance." [...]

https://www.commondreams.org/news/2019/05/31/edward-snowden-technology-institutions-have-made-most-effective-means-social-control

------------------------------

Date: Fri, 7 Jun 2019 11:57:38 -0400
From: Monty Solomon <monty@roscom.com>
Subject: Schools Are Deploying Massive Digital Surveillance Systems. The
Results Are Alarming (EdWeek)

https://www.edweek.org/ew/articles/2019/05/30/schools-are-deploying-massive-digital-surveillance-systems.html

------------------------------

Date: Fri, 7 Jun 2019 10:26:59 -0400
From: Monty Solomon <monty@roscom.com>
Subject: Warnings of world-wide worm attacks are the real deal, new exploit
shows (Ars Technica)

Latest Metasploit module is being kept private, but time is running out.

https://arstechnica.com/information-technology/2019/06/new-bluekeep-exploit-shows-the-wormable-danger-is-very-very-real/

------------------------------

Date: Wed, 5 Jun 2019 00:25:19 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Microsoft deprecates passwords (Ars Technica)

Bucking a major trend, company speaks out against the age-old practice.

Microsoft is finally catching on to a maxim that security experts have
almost universally accepted for years: periodic password changes are likely
to do more harm than good.

In a largely overlooked post published late last month, Microsoft said it
was removing periodic password changes from the security baseline settings
it recommends for customers and auditors. After decades of Microsoft recommending passwords be changed regularly, Microsoft employee Aaron
Margosis said the requirement is an “ancient and obsolete mitigation of very low value.”

The change of heart is largely the result of research that shows passwords
are most prone to cracking when they're easy for end users to remember, such
as when they use a name or phrase from a favorite movie or book. Over the
past decade, hackers have mined real-world password breaches to assemble dictionaries of millions of words. Combined with super-fast graphics cards,
the hackers can make huge numbers of guesses in off-line attacks, which
occur when they steal the cryptographically scrambled hashes that represent
the plaintext user passwords.

https://arstechnica.com/information-technology/2019/06/microsoft-says-mandatory-password-changing-is-ancient-and-obsolete/

------------------------------

Date: Fri, 7 Jun 2019 07:50:42 -0700
From: Paul Saffo <paul@saffo.com>
Subject: US Army testing jam-resistant GPS in Europe (Joe Gould)

Eyeing Russia, Army fields jam-resistant GPS in Europe https://www.c4isrnet.com/show-reporter/c4isrnet-conference/2019/06/06/eyeing-russia-army-fields-jam-resistant-gps-in-europe/

WASHINGTON — With an eye on sophisticated Russian jamming and spoofing technology, the U.S. Army will field test jam-resistant position, navigation and timing gear with the 2nd Cavalry Regiment in Germany this September.

The decision comes amid a pattern of Russia jamming or disrupting all sorts
of communications vital to Western forces in recent years, from mobile phone networks during exercises to electronic warfare against U.S. operations on
the ground in Syria. NATO affirmed that Russia jammed GPS signals during its Trident Juncture exercise in November in Europe's High North region.

The Army will field a system called Mounted Assured Positioning, Navigation
and Timing, or MAPS, on some of the regiment's vehicles — news first
reported by Inside the Army. The system uses the Selective Availability Anti-Spoofing Module for GPS, a chip-scale atomic clock for timing an anti-jamming antenna to distribute position, navigation and timing
information across a unit's mission equipment.

Russia's electronic warfare capability fueled the fielding to the 2nd
Cavalry Regiment, Army Col. Nicholas Kioutas, the service's project manager
for positioning, navigation and timing, said on the sidelines of the
C4ISRNET Conference held in Arlington, Virginia, June 6.

“Right now what we can learn is how the equipment can hold up, because
unless we're being specifically jammed, we won't be able to tell what happened,” Kioutas said of the upcoming fielding. “We're constantly taking those systems and stress-testing them and trying to upgrade them, so it's
not like that's the static system and we're done.

The Army is using a flexible acquisitions vehicle called an Other
Transaction Authority with three vendors to develop the second generation of MAPS. Program office is asking vendors to provide it with their best technological developments, which is a reflection of the service's less prescriptive approach to capability development.

“We want industry to show us how to fight a different way,” Kioutas said, adding later, “We said, ‘bring us your best capabilities,' we didn't say what those should be.”

The Army plans to experiment with using assured PNT systems as sensors. One use would be for a group of linked systems to read the way a jamming signal strikes them to conclude where the jammer is located. “That'll be an additional capability down the road that we'll exploit,” Kioutas said.

The program office is also developing Dismounted Assured Positioning, Navigation and Timing, or DAPS, for the Army's version of a smartphone, the integrated dismounted leader situational awareness system Nett Warrior.

------------------------------

Date: Fri, 7 Jun 2019 05:53:58 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: Flying Robotaxis Prepare for Takeoff (Bloomberg)

More than a half-dozen companies have working prototypes of passenger
drones. ...

After decades playing supporting roles in sci-fi fantasies such as The
Jetsons or Blade Runner, robotaxis are poised to work their way into
everyday life. A host of companies has flown autonomous or semiautonomous electric aircraft that can take off vertically from almost anywhere, and the first commercial models are scheduled to hit the market next year. Here are
a half-dozen that might soon fly you from your home to the office, airport,
or a night on the town...

https://www.bloomberg.com/news/articles/2019-06-05/flying-robotaxis-prepare-for-takeoff

------------------------------

Date: Sat, 1 Jun 2019 16:30:23 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: The richest 10% of households now represent 70% of all U.S. wealth
(Market Watch)

Share of top 1% wealthiest increased to nearly 32% in 2018 from 23% in 1989

EXCERPT:

The rich are getting richer. It is a refrain that has certainly been uttered before, and likely will again, as Deutsche Bank Securities' chief economist points out that the gap between the haves and have-nots in the U.S. is,
indeed, widening.

Deutsche Bank's Torsten Sl=C3=B8k says that the distribution of household wealth in America has become even more disproportionate over the past
decade, with the richest 10% of U.S. households representing 70% of all
U.S. wealth in 2018, compared with 60% in 1989, according to a recent study
by researchers at the Federal Reserve.

The study finds that the share of wealth among the richest 1% increased to
32% from 23% over the same period.

To make a finer point, Fed researchers say the increase in wealth among the
top 10% is largely a result of that cohort obtaining a larger concentration
of assets: ``The share of assets held by the top 10% of the wealth
distribution rose from 55% to 64% since 1989, with asset shares increasing
the most for the top 1% of households. These increases were mirrored by decreases for households in the 50-90th percentiles of the wealth distribution,'' Fed researchers said.

Sl=C3=B8k said the financial crisis has played a significant part in this growing gap, which resulted in the Federal Reserve stepping in to stem a massive ripple of losses through the global financial system as the housing market imploded.

As a result, the Fed lowered interest rates, which had the knock-on effect
of pushing easy money into the hands of the already-wealthy...

[...] https://www.marketwatch.com/story/the-richest-10-of-households-now-represent-70-of-all-us-wealth-2019-05-24

------------------------------

Date: Thu, 06 Jun 2019 10:50:16 -0700
From: Gene Wirchenko <gene@shaw.ca>
Subject: GitHub shocks top developer: Access to 5 years' work inexplicably
blocked (Liam Tung)

Liam Tung, ZDNet, 6 Jun 2019
GitHub shocks top developer: Access to 5 years' work inexplicably blocked
Three incidents in the past week illustrate the sometimes unavoidable
risks involved in relying on cloud providers. https://www.zdnet.com/article/github-shocks-top-developer-access-to-5-years-work-inexplicably-blocked/

selected text:

Microsoft's code-sharing site GitHub has caused a scare for developer Jason Rohrer after the company, without explanation or warning, blocked him from
all his code repositories.

The developer yesterday posted a warning on Twitter about the potential risk
to developers of using GitHub ``for your life's work'' after he was abruptly locked out, apparently following a single complaint from another user.

Despite the apology from Friedman and after having received an email from GitHub support, Rohrer is still in the dark about why his account was
blocked, preventing him from accessing the 5,000 commits and the 23 repositories that he's created over the past five years.

``The biggest problem here was that I wasn't even emailed when my account was blocked. GitHub emails me notifications all the time. For such an active account with such a deep history, taking it down in a silent POOF with no notification? I was greeted with a 404,'' he wrote.

Cloud-hosting outfit DigitalOcean caused an uproar last week after blocking
the account of small AI firm called Raisup. DigitalOcean locked the account after detecting what it thought was malicious code from Raisup's account.

As Raisup CTO Nicolas Beauvais explained on Twitter, that supposedly
malicious code was a actually a legit Python script it periodically uses to manage its databases.

``We lost everything, our servers, and more importantly one year of database backups. We now have to explain to our clients, Fortune 500 companies why we can't restore their account,'' said Beauvais.

Finally, Google this week had some explaining to do regarding Sunday's extensive four-hour outage, which impacted Google services as well as firms that rely on Google Cloud.

A configuration change destined for a small group of servers in one region
was wrongly applied by a machine or human to a larger number of servers
across several neighboring regions. It resulted in regions having less than half their network capacity.

------------------------------

Date: Fri, 31 May 2019 17:23:50 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: Former Head of Pentagon's Secret UFO Program Has Some Strange
Stories to Tell (Live Science)

EXCERPT:

The former leader of the U.S. government's top-secret UFO program has
stories to tell, and he is sharing some of them for the first time in a new documentary.

Intelligence officer Luis Elizondo served as the former director of the Pentagon's Advanced Aerospace Threat Identification Program (AATIP), an initiative launched in 2007 to study reports of UFO encounters. Elizondo departed the agency in 2011; in 2017, he spoke with reporters at The New
York Times, confirming the existence of the shadowy agency and describing
its mission.

Now, Elizondo is pulling back the curtain on his tenure with the AATIP,
which he left because of a lackluster official response to the agency's findings, and their unwillingness to address potential risks from UFOs, according to the new show *Unidentified: Inside America's UFO
Investigation*, premiering May 31 on the History Channel at 10 p.m ET/9
p.m. CT. [UFO Watch: 8 Times the Government Looked for Flying Saucers]

No, there isn't a big reveal that UFOs were alien spacecraft all along. But delving into long-hidden accounts of UFO investigations will hopefully encourage people -- and authorities -- to overcome long-standing stigmas and talk more openly about these mysterious aircraft, some of which may pose a bigger threat than we realize, Elizondo told Live Science...

[...]
https://www.livescience.com/65596-ufo-pentagon-history-channel.html

------------------------------

Date: Wed, 5 Jun 2019 17:20:55 -0600
From: Jim Reisert AD1C <jjreisert@alum.mit.edu>
Subject: Deaths on Mt. Everest; Is social media partly to blame?
(The Atlantic)

Margret Grebowicz, Everest Is Over, *The Atlantic*, 5-June-2019

Today's `Everest selfie' gives a new dimension to this monomania, at
precisely the moment when successful climbers appear before the public
like addicts, or robots programmed to live out some mysterious inner
directive. Critics characterize the legions of privileged amateurs who now
ascend Everest as dilettantes who dishonor the mountain, endanger others,
and move this most solitary and personal experience to the realm least
appropriate for it: social media.

https://www.theatlantic.com/health/archive/2019/06/mount-everest-has-lost-its-magic/591025/

------------------------------

Date: Fri, 31 May 2019 17:39:13 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: U.S. Visa Applicants Required To Turn Over Social Media (The Hill)

EXCERPT:

The Trump administration will implement a new policy Friday asking most applicants for U.S. visas to provide information on their use of social
media, a U.S. Department of State official tells Hill.TV

Most visa applicants, including temporary visitors, will be required to
list their social media identifiers in a drop down menu along with other personal information.

Applicants will have the option to say that they do not use social media if that is the case. The official noted that if a visa applicant lies about
social media use that they could face ``serious immigration consequences''
as a result.

For now, the drop down menu only includes major social media websites, but
the official said applicants soon will be able to list all sites that they
use.

``This is a critical step forward in establishing enhanced vetting of
foreign nationals seeking entry into the United States. As we've seen
around the world in recent years, social media can be a major forum for terrorist sentiment and activity. This will be a vital tool to screen out terrorists, public safety threats, and other dangerous individuals from
gaining immigration benefits and setting foot on U.S. soil.'' ...

https://thehill.com/hilltv/rising/446336-trump-admin-to-ask-most-us-visa-applicants-for-social-media-information

------------------------------

Date: Wed, 5 Jun 2019 15:05:38 -0400
From: danny burstein <dannyb@panix.com>
Subject: One way to tackle the nuclear waste prob: redefine the labels

Kind of related to RISKS, namely in the politically influenced
redefinitioning.

Newsgroups: panix.chat.politics
Subject: one way to tackle the nuclear waste prob: redefine the labels

[Gov. of Washington State press release]

Inslee and Ferguson statement on Trump Administration actions to undercut nuclear cleanup at Hanford

Today, the Trump Administration unilaterally changed the definition of high-level waste stored at Hanford and other nuclear waste sites across the country, opening the door for the federal government to walk away from its obligation to clean up millions of gallons of toxic, radioactive waste at Hanford. Washington currently holds 60 percent of the nation's high-level
waste with 56 million gallons stored in 177 underground storage tanks at Hanford. [...]

<https://www.governor.wa.gov/news-media/inslee-and-ferguson-statement-trump-administration-actions-undercut-nuclear-cleanup>

------------------------------

Date: Thu, 6 Jun 2019 23:55:12 -0400
From: Monty Solomon <monty@roscom.com>
Subject: FCC Affirms Robocall Blocking By Default to Protect Consumers (FCC)

https://www.fcc.gov/document/fcc-affirms-robocall-blocking-default-protect-consumers

https://docs.fcc.gov/public/attachments/DOC-357852A1.txt https://docs.fcc.gov/public/attachments/DOC-357852A1.pdf

Media Contact:
Will Wiquist, (202) 418-0509
will.wiquist@fcc.gov

For Immediate Release

FCC AFFIRMS ROBOCALL BLOCKING BY DEFAULT TO HELP PROTECT CONSUMERS

Commission Also Seeks Comment on Requiring Caller ID Authentication Implementation and Use of Authentication Standards for Blocking

WASHINGTON, June 6, 2019—The Federal Communications Commission today
voted to make clear that voice service providers may aggressively block unwanted robocalls before they reach consumers.

Specifically, the Commission approved a Declaratory Ruling to affirm
that voice service providers may, as the default, block unwanted calls
based on reasonable call analytics, as long as their customers are
informed and have the opportunity to opt out of the blocking. This
action empowers providers to protect their customers from unwanted
robocalls before those calls even reach the customers' phones. While
many phone companies now offer their customers call blocking tools on an
opt-in basis, the Declaratory Ruling clarifies that they can provide
them as the default, thus allowing them to protect more consumers from
unwanted robocalls and making it more cost-effective to implement call
blocking programs.

The ruling also clarifies that providers may offer their customers the
choice to opt-in to tools that block calls from any number that does not
appear on a customer's contact list or other “white lists.” This option would allow consumers to decide directly whose calls they are willing to receive. Consumer white lists could be based on the customer's own
contact list, updated automatically as consumers add and remove contacts
from their smartphones.

The Commission also adopted a Notice of Proposed Rulemaking that
proposes requiring voice service providers to implement the SHAKEN/STIR
caller ID authentication framework, if major voice service providers
fail to do so by the end of this year. It also seeks comment on whether
the Commission should create a safe harbor for providers that block
calls that are maliciously spoofed so that caller ID cannot be
authenticated and that block calls that are “unsigned.”

With adoption of this item, the Commission continues its multi-pronged
strategy to combat unwanted and illegal robocalls. The Declaratory
Ruling will go into effect upon release of the item on FCC.gov. The
deadline for submitting comments in response to the Notice of Proposed Rulemaking will be established upon publication in the Federal Register.

Action by the Commission June 6, 2019 by Declaratory Ruling and Third
Further Notice of Proposed Rulemaking (FCC 19-51). Chairman Pai,
Commissioners Carr and Starks approving. Commissioners O'Rielly and Rosenworcel approving in part and dissenting in part. Chairman Pai, Commissioners O'Rielly, Carr, Rosenworcel, and Starks issuing separate statements.

[Oh Really? Yes. O'Reilly. PGN]

CG Docket No. 17-59; WC Docket 17-97


[continued in next message]

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)