RISKS-LIST: Risks-Forum Digest Friday 13 November 2020 Volume 32 : Issue 37
ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, founder and still moderator
***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <
http://www.risks.org> as
<
http://catless.ncl.ac.uk/Risks/32.37>
The current issue can also be found at
<
http://www.csl.sri.com/users/risko/risks.txt>
Contents:
Moscow's facial recognition system can be hijacked for just $200 (The Verge) Facial-Recognition Technology Needs More Regulation (Scientific American) Dominion Voting Machines Glitches (Markotime via Geoff Goodfellow)
Zoom lied to users about end-to-end encryption for years, FTC says
(Ars Technica)
Europe is adopting stricter rules on surveillance tech (MIT Tech Review) Millions of Hotel Guests Worldwide Caught Up in Mass Data Leak (ThreatPost) Elon Musk Defends Neuralink Against Neuroscientist's Concerns of Chips
Overheating (TechTimes)
Apps Are Now Putting the Parole Agent in Your Pocket (WiReD)
DNS Cache Poisoning Ready for Comeback (Holly Ober)
The day the icons vanished! (Lindsay Marshall)
Artificial intelligence model detects asymptomatic Covid-19 infections
through cellphone-recorded coughs (MIT News)
CPU-Heat Sink Thermal Paste Effectiveness (Richard Stein)
Re: Algorithmic or Human fairness? (Anthony Thorn)
Re: UK national police computer down for 10 hours after engineer pulled the
plug (John Hall)
Re: Whale Sculpture Stops Train From Plunge in the Netherlands
(Jan Wolitzky)
Re: Using AI to control a camera at a sports event -- oops
(Erling Kristiansen)
Re: Facial recognition used to identify Lafayette Square protester accused
of assault (John Levine)
Re: What It's Like to Stress-Test Berlin's Brand New, Much Maligned Airport
(3daygoaty)
Re: Australian 300 MW battery (3daygoaty)
Risk assessment: still high (Rob Slade)
Working Group on Infodemics Policy Framework, Nov. 2020 (Rob Slade)
Abridged info on RISKS (comp.risks)
----------------------------------------------------------------------
Date: Thu, 12 Nov 2020 09:34:05 -0500
From: Monty Solomon <
monty@roscom.com>
Subject: Moscow's facial recognition system can be hijacked for just $200
(The Verge)
https://www.theverge.com/2020/11/11/21561018/moscows-facial-recognition-system-crime-bribe-stalking
------------------------------
Date: Tue, 10 Nov 2020 12:47:31 +0800
From: Richard Stein <
rmstein@ieee.org>
Subject: Facial-Recognition Technology Needs More Regulation
(Scientific American)
https://www.scientificamerican.com/article/facial-recognition-technology-needs-more-regulation/
"State and local authorities from New Hampshire to San Francisco have
begun banning the use of facial-recognition technology. Their suspicion is
well founded: these algorithms make lots of mistakes, particularly when it
comes to identifying women and people of color. Even if the tech gets more
accurate, facial recognition will unleash an invasion of privacy that
could make anonymity impossible. Unfortunately, bans on its use by local
governments have done little to curb adoption by businesses from start-ups
to large corporations. That expanding reach is why this technology
requires federal regulations -- and it needs them now."
https://catless.ncl.ac.uk/Risks/search?query=facial+recognition reveals 34 prior submissions.
Business ventures will often fold, or fail to launch, if they can't find commercial legal advantage (especially for product liability limitations,
etc.) to operate. Legislation that criminalizes biometric match inaccuracies (high false-negative/positive) may be appropriate, but challenging to pass Congressional hurdles with an infuriated business lobby. That legislative action is pursued suggests there's considerable profit at risk.
A business that sells biometric matching products without disclosing false negative/positive outcomes for their training data set either: (a) is
fortunate to find incurious purchasers; or (b), are unconcerned about deployment outcomes because the product purchase agreement contract asserts manufacturer liability indemnification rights.
Public safety organizations risk wrongful apprehension and incarceration if they fail to crosscheck biometric matches against multiple, non-repudiated identification systems of record before they act.
https://www.cnn.com/2020/06/24/tech/aclu-mistaken-facial-recognition/index.html exemplifies this necessity.
https://www.blankrome.com/publications/biometric-privacy-2020-current-legal-landscape
discusses Illinois' Biometric Privacy Act (BIPA), a class action that established biometric matching liability for privacy violations.
A uniform federal standard that governs public safety organizations and commercial deployments via mandatory enforcement penalties for violations.
https://en.wikipedia.org/wiki/Classes_of_offenses_under_United_States_federal_law
would establish a firm foundation that deters biometric match abuses
including privacy invasive use.
------------------------------
Date: Mon, 9 Nov 2020 14:30:05 -1000
From: geoff goodfellow <
geoff@iconia.com>
Subject: Dominion Voting Machines Glitches
Date: Mon, Nov 9, 2020 at 4:50 AM
From: markotime <markotime@gmail.com>
Think about this: DMCA (Digital Millennium Copyright Act) is likely to
prove an insurmountable barrier to examination of these machines and their software, in search of most any aspect of the "glitch". Among
illegalities is "reverse engineering", which may even put statistical analysis of tallied votes into verboten territory. Taken to extremes, the Act would seem to allow the SAME machines to be used in future elections, without scrutiny. Scary.
------------------------------
Date: Mon, 9 Nov 2020 15:03:27 -0500
From: Monty Solomon <
monty@roscom.com>
Subject: Zoom lied to users about end-to-end encryption for years, FTC says
(Ars Technica)
https://arstechnica.com/tech-policy/2020/11/zoom-lied-to-users-about-end-to-end-encryption-for-years-ftc-says/
------------------------------
Date: Mon, 9 Nov 2020 14:43:58 -1000
From: geoff goodfellow <
geoff@iconia.com>
Subject: Europe is adopting stricter rules on surveillance tech
(MIT Tech Review)
*The goal is to make sales of technologies like spyware and facial
recognition more transparent in Europe first, and then worldwide.*
The European Union has agreed to stricter rules on the sale and export of cyber-surveillance technologies like facial recognition and spyware. After years of negotiations, the new regulation will be announced today in
Brussels. Details of the plan were *reported in Politico last month. <
https://www.politico.eu/article/europe-to-curtail-spyware-exports-to-authoritarian-countries/>*
The regulation requires companies to get a government license to sell technology with military applications; calls for more due diligence on such sales to assess the possible human rights risks; and requires governments to publicly share details of the licenses they grant. These sales are typically cloaked in secrecy, meaning that multibillion-dollar technology is bought
and sold with little public scrutiny.
``Today is a win for human rights globally, and we set an important
precedent for other democracies to follow suit,'' said Mark=C3=A9ta Gregorov=C3=A1, a member of the European Parliament who was one of the lead negotiators on the new rules, in a statement. ``The world's authoritarian regimes will not be able to secretly get their hands on European cyber-surveillance anymore.''
Human rights groups have long urged Europe to reform and strengthen the
rules on surveillance technology. European-made surveillance tools were
used by authoritarian regimes during the 2011 Arab Spring and *continue* <
https://www.bbc.com/news/world-middle-east-40276568> to be sold to dictatorships and democracies around the world today; news headlines and political pressure have had little noticeable impact.
The main thing the new regulation achieves, according to its backers, is
more transparency. Governments must either disclose the destination, items, value, and licensing decisions for cyber-surveillance exports or make
public the decision not to disclose those details. The goal is to make it easier to publicly shame governments that sell surveillance tools to dictatorships.
The regulation also includes guidance to member states to ``consider the
risk of use in connection with internal repression or the commission of
serious violations of international human rights and international
humanitarian law," but that is nonbinding. [...]
https://www.technologyreview.com/2020/11/09/1011837/europe-is-adopting-stricter-rules-on-surveillance-tech/
------------------------------
Date: Wed, 11 Nov 2020 14:09:41 -0500
From: Monty Solomon <
monty@roscom.com>
Subject: Millions of Hotel Guests Worldwide Caught Up in Mass Data Leak
(ThreatPost)
A widely used hotel reservation platform has exposed 10 million files
related to guests at various hotels around the world, thanks to a
misconfigured Amazon Web Services S3 bucket. The records include sensitive data, including credit-card details.
Prestige Software's Cloud Hospitality is used by hotels to integrate their reservation systems with online booking websites like Expedia and
Booking.com.
The incident has affected 24.4GB worth of data in total, according to the security team at Website Planet, which uncovered the bucket. Many of the records contain data for multiple hotel guests that were grouped together on
a single reservation; thus, the number of people exposed is likely well over the 10 million, researchers said. [...]
https://threatpost.com/millions-hotel-guests-worldwide-data-leak/161044/
------------------------------
Date: Mon, 9 Nov 2020 14:36:59 -1000
From: geoff goodfellow <
geoff@iconia.com>
Subject: Elon Musk Defends Neuralink Against Neuroscientist's Concerns of
Chips Overheating (TechTimes)
Elon Musk was recently approached on Twitter by a neuroscientist with a
couple of concerns about Neuralink brain chip <
https://neuralink.com/>. Temperature plays an important role in technology as overheating can signify the machines being overworked. What could happen if the Neuralink chips
would be overclocked?
One particular Amy Eskridge <
https://twitter.com/amyceskridge> on Twitter,
an engineer turned chemist who then became a neuroscientist and is now
working as a theoretical physicist asked Elon Musk if he had considered the possible heat transfer problem that could result from the overclocking happening in the brain. She then stated that most likely, this has already
been thought of and continued to share her thoughts.
Amy believed that the depositing of the amyloid plaques could be used to counter CNS heating through letting the amyloid protein absorb the heat.
She however stated that this was a "suboptimal strategy" due to the denature protein that was accumulated as the plaques. Plaques were said to have unintended harmful consequences directly to diseases meaning heat generated from the multithreading brain processing will most likely produce unexpected plaques. Neuralink concerns over potential CSF leak
It was then stated that another problem would be a Cerebrospinal Fluid Link (CSF) leak. <
https://www.hopkinsmedicine.org/neurology_neurosurgery/centers_clinics/brain_tumor/center/skull-base/types/csf-leak.html#:~:text=A%20CSF%20leak%20is%20a,and%20brain%20or%20sinus%20surgery>
This would mean that increased electrical activity would lead to the CSF production increase to absorb heat into the fluid. Amy then stated that the sustained electrical activity working over the baseline could result in sustained pressure.
The sustained increase in intracranial hypertension coming from the nontranscient increase in the electrical activity was also said to
eventually require the actual fluids to be drained in order to remove the pressure from the brain's stem. Amy then stated that these are the two
examples of the very current default mechanisms by which the actual human
brain is able to dissipate certain undesirable heat spikes from the
increased CNS electric activity. It was also stated that despite the
increase of electrical conduction being desirable, it will still provoke
some undesirable reactions that are said to still need mitigation.
*Elon Musk addresses these concerns: the chip is already designed to
maintain a safe temperature*. [...]
https://www.techtimes.com/articles/253970/20201108/elon-musk-defends-neuralink-against-neuroscientists-concerns-of-chips-overheating.htm
------------------------------
Date: Thu, 12 Nov 2020 01:36:47 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Apps Are Now Putting the Parole Agent in Your Pocket (WiReD)
The pandemic has stirred interest in smartphone software for remotely monitoring parolees and people on probation. But the approach has raised alarms.
https://www.wired.com/story/apps-putting-parole-agent-your-pocket/
------------------------------
Date: Wed, 11 Nov 2020 12:33:41 -0500 (EST)
From: ACM TechNews <
technews-editor@acm.org>
Subject: DNS Cache Poisoning Ready for Comeback (Holly Ober)
Holly Ober, UC Riverside News, 11 Nov 2020
via ACM TechNews, Wednesday, November 11, 2020
Computer security researchers at the University of California, Riverside (UC Riverside) and China's Tsinghua University found critical security flaws
that could lead to a resurgence of Domain Name System (DNS) cache poisoning attacks. The exploit de-randomizes the source port and works on all cache layers in the DNS infrastructure, including forwarders and resolvers. The research team confirmed this finding by using a device that spoofs Internet Protocol (IP) addresses and a computer that can trigger a request out of a
DNS forwarder or resolver; it exploited a novel network side channel to
execute the attack. The team, which has demonstrated the exploit against popular public DNS servers, recommended the use of additional randomness and cryptographic solutions to combat it.
https://orange.hosting.lsoft.com/trk/click?ref=znwrbbrs9_6-27f30x2265dax066003&
------------------------------
Date: Mon, 9 Nov 2020 16:31:25 +0000
From: Lindsay Marshall <
Lindsay.Marshall@newcastle.ac.uk>
Subject: The day the icons vanished!
Users of the RISKS.org website [at Newcastle] may have noticed that at some point this weekend all the icons vanished. This turns out to be a classic distributed systems risks. The website (and several other sites of mine) get their icons from Font Awesome and were using their kit system which is just generally convenient. The RISKS website issues a Content Security Policy headers as a security measure. During the weekend there must have been an update to the code used in the Font Awesome kit and it started trying to do things that were forbidden by the CSP directives. Result, no icons. I got
them back by including an *unsafe-inline* directive, but I really don't want
to have to do that.
I contacted Font Awesome and they tell me that they are not going to support CSP or SRI in their kits as it it would be too complex for most users. I
have to use the desktop subsetter to make a local copy of the icons I
need. But what if they get updated?
Ugh.
------------------------------
Date: November 9, 2020 at 1:53:28 PM GMT+9
From: Shannon McElyea <
shannonm@gmail.com>
Subject: Artificial intelligence model detects asymptomatic Covid-19
infections through cellphone-recorded coughs (MIT News)
[Via Dewayne Hendricks <
dewayne@warpspeed.com> and
"David J. Farber" <
farber@gmail.com>]
Jennifer Chu, MIT News Office, 29 Oct 2020
"The team is working on incorporating the model into a user-friendly app,
which if FDA-approved and adopted on a large scale could potentially be a
free, convenient, noninvasive prescreening tool to identify people who are likely to be asymptomatic for Covid-19. A user could log in daily, cough
into their phone, and instantly get information on whether they might be infected and therefore should confirm with a formal test."
https://news.mit.edu/2020/covid-19-cough-cellphone-detection-1029
Artificial intelligence model detects asymptomatic Covid-19 infections
through cellphone-recorded coughs
Asymptomatic people who are infected with Covid-19 exhibit, by definition,
no discernible physical symptoms of the disease. They are thus less likely
to seek out testing for the virus, and could unknowingly spread the
infection to others.
But it seems those who are asymptomatic may not be entirely free of changes wrought by the virus. MIT researchers have now found that people who are asymptomatic may differ from healthy individuals in the way that they
cough. These differences are not decipherable to the human ear. But it turns out that they can be picked up by artificial intelligence.
In a paper published recently in the IEEE Journal of Engineering in Medicine and Biology, the team reports on an AI model that distinguishes asymptomatic people from healthy individuals through forced-cough recordings, which
people voluntarily submitted through web browsers and devices such as cellphones and laptops.
The researchers trained the model on tens of thousands of samples of coughs,
as well as spoken words. When they fed the model new cough recordings, it accurately identified 98.5 percent of coughs from people who were confirmed
to have Covid-19, including 100 percent of coughs from asymptomatics -- who reported they did not have symptoms but had tested positive for the virus.
The team is working on incorporating the model into a user-friendly app,
which if FDA-approved and adopted on a large scale could potentially be a
free, convenient, noninvasive prescreening tool to identify people who are likely to be asymptomatic for Covid-19. A user could log in daily, cough
into their phone, and instantly get information on whether they might be infected and therefore should confirm with a formal test.
``The effective implementation of this group diagnostic tool could diminish
the spread of the pandemic if everyone uses it before going to a classroom,
a factory, or a restaurant,'' says co-author Brian Subirana, a research scientist in MIT's Auto-ID Laboratory. Subirana's co-authors are Jordi Laguarta and Ferran Hueto, of MIT's Auto-ID Laboratory.
New AI model detects asymptomatic Covid-19 infections through
device-recorded coughs Vocal sentiments
Prior to the pandemic's onset, research groups already had been training algorithms on cellphone recordings of coughs to accurately diagnose
conditions such as pneumonia and asthma. In similar fashion, the MIT team
was developing AI models to analyze forced-cough recordings to see if they could detect signs of Alzheimer's, a disease associated with not only memory decline but also neuromuscular degradation such as weakened vocal cords.
They first trained a general machine-learning algorithm, or neural network, known as ResNet50, to discriminate sounds associated with different degrees
of vocal cord strength. Studies have shown that the quality of the sound
*mmmm* can be an indication of how weak or strong a person's vocal cords
are. Subirana trained the neural network on an audiobook dataset with more
than 1,000 hours of speech, to pick out the word *them* from other words
like *the* and *then*.
The team trained a second neural network to distinguish emotional states evident in speech, because Alzheimer's patients -- and people with
neurological decline more generally -- have been shown to display certain sentiments such as frustration, or having a flat affect, more frequently
than they express happiness or calm. The researchers developed a sentiment speech classifier model by training it on a large dataset of actors
intonating emotional states, such as neutral, calm, happy, and sad.
The researchers then trained a third neural network on a database of coughs in order to discern changes in lung and respiratory performance.
Finally, the team combined all three models, and overlaid an algorithm to detect muscular degradation. The algorithm does so by essentially simulating
an audio mask, or layer of noise, and distinguishing strong coughs -- those that can be heard over the noise -- over weaker ones.
With their new AI framework, the team fed in audio recordings, including of Alzheimer's patients, and found it could identify the Alzheimer's samples better than existing models. The results showed that, together, vocal cord strength, sentiment, lung and respiratory performance, and muscular
degradation were effective biomarkers for diagnosing the disease.
When the coronavirus pandemic began to unfold, Subirana wondered whether
their AI framework for Alzheimer's might also work for diagnosing Covid-19,
as there was growing evidence that infected patients experienced some
similar neurological symptoms such as temporary neuromuscular impairment.
``The sounds of talking and coughing are both influenced by the vocal cords
and surrounding organs. This means that when you talk, part of your talking
is like coughing, and vice versa. It also means that things we easily derive from fluent speech, AI can pick up simply from coughs, including things like the person's gender, mother tongue, or even emotional state. There's in fact sentiment embedded in how you cough,'' Subirana says. ``So we thought, why don't we try these Alzheimer's biomarkers [to see if they're relevant] for Covid.''
A striking similarity
In April, the team set out to collect as many recordings of coughs as they could, including those from Covid-19 patients. They established a website
where people can record a series of coughs, through a cellphone or other web-enabled device. Participants also fill out a survey of symptoms they are experiencing, whether or not they have Covid-19, and whether they were diagnosed through an official test, by a doctor's assessment of their
symptoms, or if they self-diagnosed. They also can note their gender, geographical location, and native language.
To date, the researchers have collected more than 70,000 recordings, each containing several coughs, amounting to some 200,000 forced-cough audio samples, which Subirana says is ``the largest research cough dataset that we know of.'' Around 2,500 recordings were submitted by people who were
confirmed to have Covid-19, including those who were asymptomatic.
The team used the 2,500 Covid-associated recordings, along with 2,500 more recordings that they randomly selected from the collection to balance the dataset. They used 4,000 of these samples to train the AI model. The
remaining 1,000 recordings were then fed into the model to see if it could accurately discern coughs from Covid patients versus healthy individuals.
Surprisingly, as the researchers write in their paper, their efforts have revealed ``a striking similarity between Alzheimer's and Covid discrimination.''
Without much tweaking within the AI framework originally meant for
Alzheimer's, they found it was able to pick up patterns in the four
biomarkers -- vocal cord strength, sentiment, lung and respiratory
performance, and muscular degradation -- that are specific to Covid-19. The model identified 98.5 percent of coughs from people confirmed with Covid-19, and of those, it accurately detected all of the asymptomatic coughs.
``We think this shows that the way you produce sound, changes when you have Covid, even if you're asymptomatic,'' Subirana says.
Asymptomatic symptoms
The AI model, Subirana stresses, is not meant to diagnose symptomatic
people, as far as whether their symptoms are due to Covid-19 or other conditions like flu or asthma. The tool's strength lies in its ability to discern asymptomatic coughs from healthy coughs.
The team is working with a company to develop a free pre-screening app based
on their AI model. They are also partnering with several hospitals around
the world to collect a larger, more diverse set of cough recordings, which
will help to train and strengthen the model's accuracy.
As they propose in their paper, ``Pandemics could be a thing of the past if pre-screening tools are always on in the background and constantly
improved.''
Ultimately, they envision that audio AI models like the one they've
developed may be incorporated into smart speakers and other listening
devices so that people can conveniently get an initial assessment of their disease risk, perhaps on a daily basis.
This research was supported, in part, by Takeda Pharmaceutical Company
Limited.
------------------------------
Date: Thu, 12 Nov 2020 21:39:52 +0800
From: Richard Stein <
rmstein@ieee.org>
Subject: CPU-Heat Sink Thermal Paste Effectiveness
CPU manufacturers integrate self-preservation features to reduce meltdown potential. Throttling -- dynamic clock frequency scaling, and forced power-shutdown are common techniques to prevent overheating or worse.
To dissipate CPU heat, the CPU package bonds to a heat sink to transfer
thermal energy into a cooling reservoir. Often, a set of fans roar to
dissipate heat. Some CPUs require liquid cooling (e.g., AMD Ryzen 7) for compute-intensive applications (ray tracing, etc.).
An effective CPU-heat sink interface must be gap-free. Thermal paste (
https://en.wikipedia.org/wiki/Thermal_paste, retrieved on 12NOV2020) is applied to create this bond. The paste conducts heat from the chip package
into the heat sink body, and consists of a colloidal metallic (silver) suspension based on an epoxy or silicone-like gel.
There are several vendors of thermal paste products. Each is characterized
by distinct material properties: thermal conductivity, viscosity, dielectric constant (lifetime), etc.
https://www.arctic.ac/en/MX-4/ACTCP00007B
(retrieved on 12NOV2020) references a specification for one thermal paste product.
However unlikely, heat sink thermal paste "leakage" (heat transfer and dissipation failure) would appear to rise with CPU power consumption
growth. Leakage at the wrong time in the wrong place may prove disastrous
for hosted applications.
Does a thermal paste leakage sensor exist? Would this sensor be
cost-effective to integrate into printed circuit boards and chassis
management?
With a very speedy clock and certain CPU power consumption profiles, thermal paste leakage might comprise a significant barrier for computer system manufacturers that prevents thermal qualification test completion.
------------------------------
Date: Mon, 9 Nov 2020 12:04:00 +0100
From: Anthony Thorn <
anthony.thorn@atss.ch>
Subject: Re: Algorithmic or Human fairness?
I find Richard Stein's argument in RISKS-32.36 for "keeping humans in the
loop" to be one-sided.
Humans can also be unfair!
;-) perhaps you had not noticed...
The commonly recommended mitigation of unfair algorithms is transparency,
which seems sensible.
"4 eyes" is a well established practice and should be implemented for
critical decisions (human or algorithmic).
------------------------------
Date: Mon, 9 Nov 2020 10:52:58 +0000
From: John Hall <
john@jhall.co.uk>
Subject: Re: UK national police computer down for 10 hours after engineer
pulled the plug (RISKS-32.36)
But it reminded me of a joke that went around the Atlas computer lab in Manchester University (UK) in the late 1960s.
This joke originated in a famous SF short story by Fredric Brown called "Answer", first published in 1954. The complete -- very short -- story can
be found online at
http://www.roma1.infn.it/~anzel/answer.html
[Also noted by Lars-Henrik Eriksson <
lhe@it.uu.se> and
Mark Brader <
msb@Vex.Net>. PGN]
------------------------------
Date: Mon, 9 Nov 2020 05:25:22 -0500
From: Jan Wolitzky <
jan.wolitzky@gmail.com>
Subject: Re: Whale Sculpture Stops Train From Plunge in the Netherlands
(NYTimes)
It was only a fluke that the driver wasn't killed.
[But "a fluke" is also a fish, which the whale is not. PGN]
------------------------------
Date: Mon, 9 Nov 2020 17:59:34 +0100
From: Erling Kristiansen <
erling.kristiansen@xs4all.nl>
Subject: Re: Using AI to control a camera at a sports event -- oops
(RISKS-32.35)
[I nested two "oops" and accidentally deleted the first part of Erling's message. Here is the full message from RISKS-32.36. PGN]
This emphasizes an aspect that is often neglected in the AI hype: If
presented with an input it was not programmed/trained to deal with, the
result is unpredictable. In this particular case, no real harm was done,
and we can laugh about it. But in other scenarios, the consequences can be
grave. Despite the name, AI is not really intelligent at all, and, in
particular, it is missing the context that would prevent a human camera
operator from making such a mistake.
------------------------------
Date: 9 Nov 2020 17:35:18 -0500
From: "John Levine" <
johnl@iecc.com>
Subject: Re: Facial recognition used to identify Lafayette Square
protester accused of assault (RISKS-32.36)
The protester might never have been identified, but an officer found an
image of the man on Twitter and investigators fed it into a facial recognition system, court documents state. They found a match and made an arrest.
I have my doubts about the reliability of facial recognition, but it's worth keeping in mind that there are two, arguably three, ways to use it.
One is the way they used it here -- they have a single picture or a set of pictures of one person, and they match it against a database to find out who
it is. I expect that once the system provided a match they they used other means to see if that was the right person, e.g., does he live in the
area. This is analogous to flipping through books of mug shots.
A slightly different version of this is that you have two pictures and the question is whether they are of the same person. I believe that Heathrow airport does this. They take a picture of you and your ticket when you go through security, and another picture as you get on the plane, to deter some ticket switching scams.
A very different approach is that you have a big database of pictures of
people of interest, and you're constantly matching them against images from cameras to see of any of them are in the area.
It seems to me that the first two are a lot less problematic and more
reliable than the third.
------------------------------
Date: Tue, 10 Nov 2020 16:30:44 +1100
From: 3daygoaty <
threedaygoaty@gmail.com>
Subject: Re: What It's Like to Stress-Test Berlin's Brand New, Much Maligned
Airport (RISKS-32.36)
*cough cough* at CS school we had this paraded in front of us:
Why do projects fail:
http://calleam.com/WTPF/?page_id=2086
------------------------------
Date: Tue, 10 Nov 2020 16:38:13 +1100
From: 3daygoaty <
threedaygoaty@gmail.com>
Subject: Re: Australian 300 MW battery (RISKS-32.36)
The Big Tesla Battery (100MWh, soon to be 150MWh) in South Australia made
all of its surprise money (AUD37m/y) addressing FCAS (Frequency correction) issues. The South Australia Big Battery can address FCAS issues in Port Douglas, 2500kms away and further. The efficacy of another big battery expected to make money on FCAS is limited in Australia. A 300MWh (450MWh) battery made with Lithium has a large carbon debt to pay down before anyone says it is sustainable. Australia needs to bite the bullet and realise
(like COVID response), demand-side *behaviour change* is the way, not supply side white elephantiasis.
------------------------------
Date: Thu, 12 Nov 2020 09:39:59 -0800
From: Rob Slade <
rmslade@shaw.ca>
Subject: Risk assessment: still high
The *very first* Caribbean cruise following the declaration of the pandemic
has a CoVID scare. Despite testing in advance and just before boarding, one passenger has had a preliminary positive test during one of the regularly scheduled tests while cruising. Apparently this preliminary positive hasn't yet been confirmed.
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)