1. Forum
  2. Usenet
  3. COMP.RISKS

  • Risks Digest 31.21 (2/2)

    From RISKS List Owner@21:1/5 to All on Mon Apr 29 20:34:19 2019
    [continued from previous message]

    companies and demand is soaring, but far from driving the price down, the
    cost has soared: from $0.92 a dose ten years ago up to $15.00 a dose. Why is this? Google "Opioid Crisis" for the answer.

    Drug companies in the US spend tens of billions a year advertising drugs:
    how does this help anyone's health? The USA has some of the highest levels
    of anxiety and depression in the world: not surprising when you consider
    that the purpose of advertising is to make people more anxious and unhappy. Naturally, the drug companies are ready with a handful of pills to relieve
    the anxiety: followed by another handful to alleviate the side-effects from
    the first lot! A happy, contented population would be terrible for the drug companies bottom line: so must be averted at all costs.

    Attempts to introduce competition into the NHS have been a disaster and, rightly, resisted by the public.

    How do you choose the people who are passionate about caring for others? Fortunately, they are largely self-selecting: you set up an organisation
    whose explicit purpose and top priority is caring for others. Pay enough
    for a comfortable living, but not so much that you attract those who are
    "just in it for the money". Beyond that, it is a case of trying to create a society as a whole in which caring for others is viewed as a noble passion,
    and not despised and excoriated as "Socialism".

    ------------------------------

    Date: Sat, 27 Apr 2019 10:31:07 +0100
    From: antonomasia <ant@notatla.org.uk>
    Subject: Re: Should AI be used to catch shoplifters? (cnn.com, R 31 20))

    Instead of mocking such efforts you could recognise that prior to
    the crime of leaving the shop with goods not paid for there could
    have been preparation (perhaps conspiracy but not actual theft).

    example video: https://www.youtube.com/watch%3Fv%3DOGcYFG7WzaY

    ------------------------------

    Date: Wed, 24 Apr 2019 00:01:42 -0400
    From: Dan Pritts <danno@dogcheese.net>
    Subject: Re: How *not* to kill a news cycle ... (Slade, RISKS-31.20)

    you might think it clever to release it in a difficult format, like an unsearchable PDF.

    It's possible this was the motivation. It's also possible that they wanted
    to be REALLY sure that they didn't fall prey to the well-known RISK of PDFs that aren't really redacted. RISKS-22.97 has an account of the DOJ
    themselves falling prey to this issue.

    ------------------------------

    Date: Fri, 26 Apr 2019 06:47:04 +0800
    From: Dan Jacobson <jidanni@jidanni.org>
    Subject: Re: Battle for .amazon Domain Pits Retailer Against South American
    Nations (E-Week)

    "MS" == Monty Solomon <monty@roscom.com> writes:
    https://www.eweek.com/security/oracle-patches-3-year-old-java-deserialization-flaw-in-april-update

    You mean https://www.nytimes.com/2019/04/18/world/americas/amazon-domain-name.html

    ------------------------------

    Date: Fri, 26 Apr 2019 09:45:41 +0800
    From: Richard Stein <rmstein@ieee.org>
    Subject: Re: A video showed a parked Tesla Model S exploding in Shanghai
    (RISKS-31.20)

    http://catless.ncl.ac.uk/Risks/31/20%23subj5

    Resubmitting original post. Visible text omitted comparison between Li-Air Battery and TNT energy density.

    The energy density of a Lithium storage battery, per https://en.wikipedia.org/wiki/Lithium_air_battery
    In the same table, TNT
    (https://en.wikipedia.org/wiki/Trinitrotoluene
    is 4.1 MJ/kg.

    More than 2X!

    ------------------------------

    Date: Thu, 25 Apr 2019 13:53:09 +0100
    From: Martin Ward <martin@gkc.org.uk>
    Subject: Re: Huawei's code is a steaming pile... (Shapir, RISKS-31.17)

    Juggling chainsaws is perfectly safe if you are a highly skilled juggler
    and you know exactly what you are doing and can control the surrounding environment.

    But wouldn't it be better if you could use a programming language
    which did *not* force you to juggle chainsaws?

    ------------------------------

    Date: Fri, 26 Apr 2019 11:39:37 +0300
    From: Amos Shapir <amos083@gmail.com>
    Subject: Re: Huawei's code is a steaming pile... (Ward, RISKS-31.21)

    C does not force anyone to use strcpy() etc., it had always provided also similar length-limiting functions strncpy() etc.

    Besides, C is a language which lets the programmer control every bit of the machine, while also demanding that the programmer knows exactly what s/he's doing (and providing a lot of opportunity for shooting oneself in the foot).

    So strcpy() is provided for instances where a programmer is sure that any possible string given as a source, would never overflow the one given as destination. Keep in mind that C was invented at a time when saving 2-3 assembly instructions on every iteration of the copy loop, was considered a significant improvement!

    ------------------------------

    Date: Fri, 26 Apr 2019 19:59:36 +0100
    From: Martin Ward <martin@gkc.org.uk>
    Subject: Re: EU Tells Internet Archive That Much Of Its Site Is 'Terrorist
    Content' (TechDirt)

    There is a simple fix to this particular problem: the "competent authority"
    has to be a named person who signs an affidavit under penalty of perjury
    that they have personally reviewed the request and that every web page that they demand to be taken down does indeed contain "terrorist" content. So
    if, as in this case, they demand the takedown of the entire Project
    Gutenberg archive, it would be sufficient to find a single file in the
    archive that is not "terrorist content" (perhaps ebook number 3651 which the one listing the square root of four to one million decimal places), and the "competent authority" will be on their way to jail.

    ------------------------------

    Date: Fri, 26 Apr 2019 15:39:39 +0100
    From: Wols Lists <antlists@youngman.org.uk>
    Subject: Re: An Interesting Juxtaposition (Wirchenko, RISKS-31.20)

    I use an expensive (allegedly) truck GPS at work. It allegedly knows my
    vehicle is 6'10" wide. So why does it seem to prefer width restrictions (typically 6'6") and country lanes?

    My guess is that while Google has a lot of live data and prefers roads it
    knows are flowing, the expensive sat-navs rely on national speed limits. So rather than picking a road where the traffic is flowing at 50mph, it would rather pick a country lane where there is no speed limit. The assumption is that the National Speed Limit is 60mph (it isn't, it's 50mph for a light van
    on a single-carriageway road), and that I can actually *do* that speed - I daren't, many of these roads are not merely single-carriageway but single track, sunken, with blind bends, and anything much over 20mph is foolhardy.

    I think Gene should be blaming the expensive GPS's, not the cheap ones!
    Many of my colleagues use Google Maps or Waze because they're so much
    better.

    ------------------------------

    Date: Mon, 14 Jan 2019 11:11:11 -0800
    From: RISKS-request@csl.sri.com
    Subject: Abridged info on RISKS (comp.risks)

    The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
    comp.risks, the feed for which is donated by panix.com as of June 2011.
    SUBSCRIPTIONS: The mailman Web interface can be used directly to
    subscribe and unsubscribe:
    http://mls.csl.sri.com/mailman/listinfo/risks

    SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that
    includes the string `notsp'. Otherwise your message may not be read.
    *** This attention-string has never changed, but might if spammers use it.
    SPAM challenge-responses will not be honored. Instead, use an alternative
    address from which you never send mail where the address becomes public!
    The complete INFO file (submissions, default disclaimers, archive sites,
    copyright policy, etc.) is online.
    <http://www.CSL.sri.com/risksinfo.html>
    *** Contributors are assumed to have read the full info file for guidelines!

    OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
    searchable html archive at newcastle:
    http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
    Also, ftp://ftp.sri.com/risks for the current volume
    or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
    If none of those work for you, the most recent issue is always at
    http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-31.00
    Lindsay has also added to the Newcastle catless site a palmtop version
    of the most recent RISKS issue and a WAP version that works for many but
    not all telephones: http://catless.ncl.ac.uk/w/r
    ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
    *** NOTE: If a cited URL fails, we do not try to update them. Try
    browsing on the keywords in the subject line or cited article leads.
    Apologies for what Office365 and SafeLinks may have done to URLs.
    Special Offer to Join ACM for readers of the ACM RISKS Forum:
    <http://www.acm.org/joinacm1>

    ------------------------------

    End of RISKS-FORUM Digest 31.21
    ************************

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)