1. Forum
  2. Usenet
  3. COMP.RISKS

  • Risks Digest 31.30 (2/2)

    From RISKS List Owner@21:1/5 to All on Fri Jun 21 16:58:29 2019
    [continued from previous message]

    Subject: Patients frustrated over computer system outage at Abrazo Health Hospitals.
    (AZFamily)

    https://www.azfamily.com/news/patients-frustrated-over-computer-system-outage-at-abrazo-health-hospitals/article_099c9d74-8f23-11e9-8030-2b5b391b080a.html

    ------------------------------

    Date: Sat, 15 Jun 2019 20:17:30 -0400
    From: Monty Solomon <monty@roscom.com>
    Subject: Power outage at Greensboro apartments has unintended consequence,
    reveals alleged Medicaid scheme

    https://www.greensboro.com/power-outage-at-greensboro-apartments-has-unintended-consequence-reveals-alleged/article_5f215b6e-3713-567d-908a-7873cfea3a6b.html

    ------------------------------

    Date: Sat, 15 Jun 2019 20:10:14 -0400
    From: Monty Solomon <monty@roscom.com>
    Subject: Is Target still down? Chain says registers working now after outage.
    (USA Today)

    https://www.usatoday.com/story/money/2019/06/15/target-registers-down-shoppers-reporting-outage-saturday/1465476001/

    ------------------------------

    Date: Sat, 15 Jun 2019 20:15:25 -0400
    From: Monty Solomon <monty@roscom.com>
    Subject: Spotify outage not related to today's update, company is
    working on a fix. (TechCrunch)

    https://techcrunch.com/2019/06/13/spotify-outage-not-related-to-todays-update-company-is-working-on-a-fix/

    ------------------------------

    Date: Sat, 15 Jun 2019 20:13:40 -0400
    From: Monty Solomon <monty@roscom.com>
    Subject: Instagram Outage Follows Disruption To PlayStation Network (Deadline)

    https://deadline.com/2019/06/instagram-outage-follows-disruption-to-playstation-network-1202632448/

    ------------------------------

    Date: Sat, 15 Jun 2019 20:16:45 -0400
    From: Monty Solomon <monty@roscom.com>
    Subject: The PlayStation Network Is Back Up. Here's the Latest on the PSN
    Outage (Digital Trends)

    https://www.digitaltrends.com/gaming/playstation-network-psn-down-outage-updates/

    ------------------------------

    Date: Mon, 17 Jun 2019 16:43:01 -0700
    From: Richard Stein <rmstein@ieee.org>
    Subject: In the Wiggle of an Ear, a Surprising Insight into Bat Sonar
    (Scientific American)

    https://www.scientificamerican.com/article/in-the-wiggle-of-an-ear-a-surprising-insight-into-bat-sonar/

    "...the two researchers developed an artificial horseshoe bat ear out of silicon, with devices called 'fast actuators' that move different parts of
    the ear in the same way bats do. These movements also added Doppler shifts
    to incoming sounds."

    Bats apply Doppler shift detection from echolocation stimulus to locate
    meals, navigate, and dodge flying or static obstacles.

    The research suggests that delivery drones might someday be equipped with artificial bat ears to assist drone navigation of the sky. The sky is "complicated and unpredictable": trees, telephone poles, aircraft, birds,
    bugs -- all kinds of obstacles that can interfere with drone delivery.

    Delivery zones with buried power lines, and sparse foliage or tree cover
    might only require GPS navigation to complete their route. But a heavy population center or a suburban landscape with telephone poles, or
    tree-lined streets might require echolocation and GPS to reach their destination.

    Correlating GPS and echolocation signals to reach fixed coordinates presents
    a complicated, challenging problem.

    Cruise missiles (CMs) can achieve payload delivery using nap-of-the-earth navigation and RADAR, though CMs are unlikely concerned with telephone
    poles, foliage, road signs, bill boards, etc.

    Risk: Ultrasonic sensor overload, sensor image correlation failure.

    ------------------------------

    Date: Wed, 12 Jun 2019 09:43:20 -0700
    From: Gene Wirchenko <gene@shaw.ca>
    Subject: 'RAMBleed' Rowhammer attack can now steal data, not just alter it
    (ZDNet)

    https://www.zdnet.com/article/rambleed-rowhammer-attack-can-now-steal-data-not-just-alter-it/
    'RAMBleed' Rowhammer attack can now steal data, not just alter it
    Academics detail new Rowhammer attack named RAMBleed.
    By Catalin Cimpanu for Zero Day | June 11, 2019 -- 17:00 GMT (10:00 PDT) |

    opening text:

    A team of academics from the US, Austria, and Australia, has published new research today detailing yet another variation of the Rowhammer attack.

    The novelty in this new Rowhammer variety -- which the research team has
    named RAMBleed -- is that it can be used to steal information from a
    targeted device, as opposed to altering existing data or to elevate an attacker's privileges, like all previous Rowhammer attacks, have done in the past.

    ------------------------------

    Date: Fri, 14 Jun 2019 10:05:38 -0700
    From: Gene Wirchenko <gene@shaw.ca>
    Subject: "Ransomware halts production for days at major airplane parts
    manufacturer" (Catalin Cimpanu)

    Catalin Cimpanu for Zero Day | June 12, 2019

    https://www.zdnet.com/article/ransomware-halts-production-for-days-at-major-airplane-parts-manufacturer/
    Ransomware halts production for days at major airplane parts manufacturer Nearly 1,000 employees sent home for the entire week, on paid leave.

    opening text:

    ASCO, one of the world's largest suppliers of airplane parts, has ceased production in factories across four countries due to a ransomware infection reported at its plant in Zaventem, Belgium.

    ------------------------------

    Date: Sun, 16 Jun 2019 01:51:40 -0400
    From: Monty Solomon <monty@roscom.com>
    Subject: Study finds that a GPS outage would cost $1 billion per day
    (Ars Technica)

    https://arstechnica.com/science/2019/06/study-finds-that-a-gps-outage-would-cost-1-billion-per-day/

    ------------------------------

    Date: Sun, 16 Jun 2019 19:06:52 -0600
    From: jared gottlieb <jared@netspace.net.au>
    Subject: Re: GPS Degraded Across Much of U.S (RISKS-31.29)

    This event seems to be a software bug in a system processing GPS data. A bulletin from one manufacturer discussing one model of a commercial aviation GPS receiver, (https://www.duncanaviation.aero/files/intellegence/GPS_CustomerComm_FINAL.pdf

    Our team has been actively working to determine a root cause. We found that
    a software design error resulted in the system misinterpreting GPS time
    updates due to a leap-second event, which typically occurs once every 2.5
    years within the U.S. Government GPS satellite almanac update. Our GPS-4000S-100 version software's timing calculations have reacted to this
    leap second by not tracking satellites upon power-up and subsequently
    failing. The U.S. Government distributed a regularly scheduled almanac
    update with this leap second on 0:00GMT, Sunday, June 9, 2019, and the
    failures began to occur soon after. The next scheduled update by the
    U.S. Government to the GPS constellation is set for next Sunday, June 16 at 00:00Z. At this time, we do not believe this update will have the time

    failures began to occur soon after. The next scheduled update by the
    U.S. Government to the GPS constellation is set for next Sunday, June 16 at 00:00Z. At this time, we do not believe this update will have the time information that triggers this error. We are testing additional impact of
    this next almanac update. ...>>

    Handling leap seconds is a software risk which has affected many systems
    beyond GPS receivers (a few of which have appeared in comp.risks). GPS receivers have had other time concerns, perhaps most recently the 6 April
    2019 week number rollover if a receiver used the legacy 10bit value and firmware updates were not available or applied.

    What the almanac update issue was nor why it would be experienced using the
    one update is not clear. There has not been a leap second for more than two years and none is currently planned (IERS Bulletin C ...announcements of the leap seconds… https://datacenter.iers.org/data/latestVersion/16_BULLETIN_C16.txt

    Testing of this receiver's software is extended by the 'power-up’ pre-condition mentioned in the bulletin; an aircraft manufacturer's notice illustrates the complexity of this unit's initiation https://support.cessna.com/custsupt/contacts/pubs/ourpdf.pdf%3Fas_id%3D50304

    ------------------------------

    Date: Sat, 15 Jun 2019 10:22:39 -0700
    From: Rob Slade <rmslade@shaw.ca>
    Subject: Did I Tweet that?

    A researcher has noted that Twitter reference URLs can be manipulated to
    make it appear someone said/tweeted something when they actually didn't.

    https://www.bleepingcomputer.com/news/security/twitter-urls-can-be-manipulated-to-spread-fake-news-and-scams/

    So, I tweeted a warning: https://www.twitter.com/rslade/status/1087839317534363648

    Well, of course, actually, no I didn't. If you look closely at the
    resulting page, you'll see it isn't my account at all. Twitter doesn't care what account you put in the URL: it just cares about the tweet status ID.

    Donald Trump is so concerned that he retweeted my warning: https://www.twitter.com/realDonaldTrump/status/1087839317534363648

    So did the Queen: https://www.twitter.com/RoyalFamily/status/1087839317534363648

    ------------------------------

    Date: Fri, 14 Jun 2019 09:34:06 -0700
    From: Rob Slade <rmsladeshaw.ca>
    Subject: Bull and backdoors

    We're binge-watching a TV show called "Bull." (For years I've had to be careful about watching movies and TV with a high tech or security theme,
    since they make so many mistakes. Apparently, having spent a couple of
    decades teaching American law to Americans, I now have to avoid legal TV
    shows and movies as well.)

    In one episode (s3e4) they have a computer expert (someone who can program) giving testimony. He is to explain a "backdoor."

    Now, as everyone here knows, a backdoor (aka trapdoor) is a technical means of circumventing a technical control or safeguard, usually to do with access control. There are some legitimate uses for backdoors, generally in development, but they are generally considered a "bad thing" in production. The
    "expert" explains that a backdoor is a means of evading a control, but it's a (presumably technical, because he programmed it) means of evading a policy or regulatory control.

    This piece of dialogue is a really interesting mix of fact and serious misunderstanding. Yes, a backdoor is a means of evading a control. But
    the backdoor and the control are of different types. Generally a technical evasion cannot evade a policy or regulatory control (although it might obfuscate
    the issue). To someone who only partially understands the situation, it might seem reasonable, but, in fact, in reality it makes no sense at all.

    (Oh, come on. I wrote a *dictionary*, and you expect me to put up with this?)

    (Yes, I know. This is why you don't want to watch technically themed
    movies and TV shows with me. Gloria has to put up with these kinds of interruptions and explanations *a lot*.)

    ------------------------------

    Date: Sat, 15 Jun 2019 10:57:26 -0700
    From: Rob Slade <rmslade@shaw.ca>
    Subject: Ross Anderson's non-visa

    Ross Anderson (yes, *that* Ross Anderson, the one who wrote "Security Engineering," the best single volume for security and the one I recommend to anyone taking the exam, and he even put it online for everyone) was to
    receive an award at a ceremony in Washington, DC (richly deserved, whatever
    it was).

    And the U.S. wouldn't give him a visa to come get it.

    (By the way, *anything* Anderson writes is worth reading. Even if it's not your immediate field.)

    [The visa situation is actually a bit more complicated, in that Ross did
    not need a visa if he had only been receiving the award -- the desired
    trip had another purpose as well. Nevertheless, the rejection seems
    utterly ridiculous. PGN]

    ------------------------------

    Date: Mon, 14 Jan 2019 11:11:11 -0800
    From: RISKS-request@csl.sri.com
    Subject: Abridged info on RISKS (comp.risks)

    The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
    comp.risks, the feed for which is donated by panix.com as of June 2011.
    SUBSCRIPTIONS: The mailman Web interface can be used directly to
    subscribe and unsubscribe:
    http://mls.csl.sri.com/mailman/listinfo/risks

    SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that
    includes the string `notsp'. Otherwise your message may not be read.
    *** This attention-string has never changed, but might if spammers use it.
    SPAM challenge-responses will not be honored. Instead, use an alternative
    address from which you never send mail where the address becomes public!
    The complete INFO file (submissions, default disclaimers, archive sites,
    copyright policy, etc.) is online.
    <http://www.CSL.sri.com/risksinfo.html>
    *** Contributors are assumed to have read the full info file for guidelines!

    OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
    searchable html archive at newcastle:
    http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
    Also, ftp://ftp.sri.com/risks for the current volume
    or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
    If none of those work for you, the most recent issue is always at
    http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-31.00
    Lindsay has also added to the Newcastle catless site a palmtop version
    of the most recent RISKS issue and a WAP version that works for many but
    not all telephones: http://catless.ncl.ac.uk/w/r
    ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
    *** NOTE: If a cited URL fails, we do not try to update them. Try
    browsing on the keywords in the subject line or cited article leads.
    Apologies for what Office365 and SafeLinks may have done to URLs.
    Special Offer to Join ACM for readers of the ACM RISKS Forum:
    <http://www.acm.org/joinacm1>

    ------------------------------

    End of RISKS-FORUM Digest 31.30
    ************************

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)