RISKS-LIST: Risks-Forum Digest Saturday 13 March 2021 Volume 32 : Issue 54

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/32.54>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>

Contents:
Faulty Software Snarls Sign-Ups for Vaccinations (Kellen Browning)
Security startup Verkada hack exposes 150,000 security cameras in Tesla
factories, jails, hospitals, hospitals, etc. (Bloomberg)
Kia Recalls 380,000 Vehicles Over Fire Risk (NYIimes)
Coors long outage due to ransomware (ZDNet via Tom Van Vleck)
CRA to lock over 800,000 taxpayers out of online accounts tomorrow (CBC)
Linus Torvalds fixes 'double ungood' Linux kernel bug (ZDNet)
The Accellion breach keeps getting worse and more expensive (WiReD)
T-Mobile to Step Up Ad Targeting of Cellphone Customers (WSJ)
Experts brace for wave of hacks tied to Microsoft email vulnerabilities
(Trust.org)
Microsoft took nearly two months to issue a patch after hearing of Exchange
Server's flaws, even as a mass-hack unfolded; some of the flaws were 10+
years old (Krebs on Security)
Man Sues Hertz Over Lost Receipt That Was His Murder Alibi (NYTimes)
Four new hacking groups have joined an ongoing offensive against Microsoft's
email servers (Technology Review)
Study of auto recalls shows carmakers delay announcements until they 'hide
in the herd' (Techxplore)
How to poison the data that Big Tech uses to surveil you (Technology Review) Pandemic Forces FDA to Sharply Curtail Drug Company Inspections (NYTimes) Russian Disinformation Campaign Aims to Undermine Confidence in Pfizer,
Other Covid-19 Vaccines, U.S. Officials Say (WSJ)
Some turned away from Danvers mass vaccination site because of glitch
(The Boston Globe)
Introducing Deep Nostalgia: Animate the Faces in Your Family Photos
(MyHeritage)
Re: Software Bug Keeping Hundreds Of Inmates In Arizona Prisons Beyond
Release Dates (Amos Shapir)
Re: Israel adopts law allowing names of unvaccinated to be shared
(Amos Shapir)
Re: Computers get Sundays off? (Amos Shapir)
Re: His Lights Stayed on During Texas's Storm. Now He Owes $16,752
(Amos Shapir)
Re: Vintage technology: 'It sounds so much cleaner' (David Damerell,
Martin Ward, A Micael W Bacon)
Re: Incorrect train simulator a factor in train crash (Clive Page)
Re: Spy agencies have big hopes for AI (Henry Baker)
Re: Farms are going to need different kinds of robots (Martyn Thomas,
Henry Baker, Richard Stein)
Re: Google will remove *facts* if they think they're harmful (Henry Baker)
Re: Too much choice is hurting America (henry Baker, Richard Stein)
Re: Boeing 777 PW4000 engine problems (Peter Bernard Ladkin)
Allan McDonald Dies at 83; Tried to Stop the Challenger Launch (NYTimes) Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Sat, 13 Mar 2021 10:21:54 PST
From: Peter Neumann <neumann@csl.sri.com>
Subject: Faulty Software Snarls Sign-Ups for Vaccinations (Kellen Browning)

The New York Times, 13 Mar 2021

Large software systems have often been problematic for companies and
governments. HealthCare.gov ... crashed early on. ... Virginia's VAMS
system was too confusing for older adults. ... PrepMod had problems
too. ... Many state officials have switched software providers, only to
see little or no improvements. In California, tech mishaps have allowed
ineligible people to snatch up appointments. Massachusetts ... crashing
websites. Some North Carolina residents are eschewing online sign-ups
entirely, instead engaging in a vaccine free-for-all.

``You're basically building and testing data systems on the fly as
millions of people are trying to find vaccines.'' [Claire Hannan,
executive director of the Association of Immunization Managers]

Everyone else mentioned in this roughly half-page article gets dinged for
one problem or another, including Microsoft, Deloitte, Salesforce, MyTurn (which offered more appointments than available vaccines), and more.
Perhaps the past 12 months could have been used to anticipate some of these problems, but then that is only 20-20 hindsight. [PGN]

------------------------------

Date: Tue, 9 Mar 2021 15:33:15 -0800
From: Lauren Weinstein <lauren@vortex.com>
Subject: Security startup Verkada hack exposes 150,000 security cameras in
Tesla factories, jails, hospitals, etc. (Bloomberg)

Verkada, a Silicon Valley security startup that provides cloud-based
security camera services, has suffered a major security breach. Hackers
gained access to over 150,000 of the company's cameras, including cameras
in Tesla factories and warehouses, Cloudflare offices, Equinox gyms,
hospitals, jails, schools, police stations, and Verkada's own offices,
Bloomberg reports.

https://www.bloomberg.com/news/articles/2021-03-09/hackers-expose-tesla-jails-in-breach-of-150-000-security-cams
https://www.theverge.com/2021/3/9/22322122/verkada-hack-150000-security-cameras-tesla-factory-cloudflare-jails-hospitals

------------------------------

Date: Wed, 10 Mar 2021 18:34:05 -0500
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Kia Recalls 380,000 Vehicles Over Fire Risk (NYIimes)

A concern over fire risk for nearly 380,000 Kia Sportage and Cadenza
vehicles is underscored by the National Highway Traffic Safety
Administration.

On its website, Kia describes the Sportage, which has a starting price
around $24,000, as having a 'coupe-like profile and athletic stance'. The Cadenza, a full-size sedan, is 'a step toward luxury', Kia says on its site, with a starting cost of around $38,000.

Affected car owners can bring their vehicles to a Kia dealer to have the problem fixed, federal officials said. In affected Sportage vehicles,
dealers can replace certain fuses in the electrical junction box, and update the hydraulic electronic control unit software, the agency said. In
affected Cadenza vehicles, it said, a new fuse kit containing a 25A fuse can
be installed, replacing a kit containing a 40A fuse.

In addition to seeing warning lights, drivers of affected vehicles may
detect a 'burning/melting odor' or see 'smoke from engine compartment' the agency said in a safety recall report.

https://www.nytimes.com/2021/03/09/business/kia-recall-sportage-cadenza.html

------------------------------

Date: Fri, 12 Mar 2021 17:23:40 -0800
From: Tom Van Vleck <thvv@multicians.org>
Subject: Coors long outage due to ransomware

https://www.zdnet.com/article/molson-coors-discloses-cyberattack-disrupting-its-brewery-operations/

------------------------------

Date: Fri, 12 Mar 2021 16:18:17 -0700
From: "Matthew Kruk" <mkrukg@gmail.com>
Subject: CRA to lock over 800,000 taxpayers out of online accounts tomorrow

The Canada Revenue Agency says it will lock more than 800,000 taxpayers out
of its online platform tomorrow after an investigation revealed that some usernames and passwords may have been obtained by "unauthorized third
parties."

The agency said the move is a precautionary cybersecurity measure and is
being taken after a similar action in February, when over 100,000 accounts accounts were locked.

"Like the accounts that were locked in February, these user IDs and
passwords were not compromised as a result of a breach of CRA's online
systems. Rather, they may have been obtained by unauthorized third parties
and through a variety of means by sources external to the CRA," said CRA in
a news release.

https://www.cbc.ca/news/politics/cra-accounts-locked-1.5947714

------------------------------

Date: Fri, 12 Mar 2021 14:41:25 -0500
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Linus Torvalds fixes 'double ungood' Linux kernel bug (ZDNet)

Well, that was embarrassing. Linus Torvalds' first release candidate for the Linux kernel 5.12 included a show-stopping bug. After shutting down that release, Torvalds has launched a new version of 5.12, which doesn't include
the mistake.

https://www.zdnet.com/article/linus-torvalds-fixes-double-ungood-linux-kernel-bug/

------------------------------

Date: Wed, 10 Mar 2021 18:32:01 -0500
From: Gabe Goldberg <gabe@gabegold.com>
Subject: The Accellion breach keeps getting worse and more expensive (WiReD)

What started as a few vulnerabilities in firewall equipment has snowballed
into a global extortion spree.

https://www.wired.com/story/accellion-breach-victims-extortion/

------------------------------

Date: Tue, 9 Mar 2021 16:02:56 -0500
From: Gabe Goldberg <gabe@gabegold.com>
Subject: T-Mobile to Step Up Ad Targeting of Cellphone Customers (WSJ)

Wireless carrier tells subscribers it could share their masked browsing, app data and online activity with advertisers unless they opt out

A T-Mobile spokeswoman said the changes give subscribers advertising that aligns with their interests. ``We've heard many say they prefer more
relevant ads so we're defaulting to this setting,''

https://www.wsj.com/articles/t-mobile-to-step-up-ad-targeting-of-cellphone-customers-11615285803

How thoughtful, allowing opting out. I wonder how many clicks are required.

[Also noted by Monty Solomon. PGN]

------------------------------

Date: Sun, 7 Mar 2021 14:20:10 -1000
From: geoff goodfellow <geoff@iconia.com>
Subject: Experts brace for wave of hacks tied to Microsoft email
vulnerabilities (Trust.org)

The White House and cybersecurity experts are bracing for a wave of
intrusions tied to the Microsoft software vulnerabilities exposed this week, with some warning that other hackers may already have found the flaws used
by alleged Chinese spies to penetrate networks across the Internet.

On Friday, White House press secretary Jen Psaki warned that the vulnerabilities found in Microsoft Corp's widely used Exchange servers were "significant," and "could have far-reaching impacts."

"We're concerned that there are a large number of victims," Psaki said.

The China-linked hacking activity appears to have been discovered in
January. Wielding tools that exploited four previously unknown
vulnerabilities, a group that Microsoft dubs "Hafnium" broke in to email servers, remotely and silently siphoning information from users' inboxes without having to send a single malicious email or rogue attachment.

Sean Koessel, of Virginia-based cybersecurity firm Volexity, said his firm
has caught the hackers using the technique to steal emails from three
different U.S. think tanks, which he declined to identify. But while that
was consistent with classic digital spy work - it seemed restrained and deliberate - a sudden and dramatic upswing in activity during the final two days of February led him to conclude that other hackers have piled in behind them. [...]
https://news.trust.org/item/20210305212636-z0z65

------------------------------

Date: Mon, 8 Mar 2021 10:30:04 -1000
From: geoff goodfellow <geoff@iconia.com>
Subject: Microsoft took nearly two months to issue a patch after hearing of
Exchange Server's flaws, even as a mass-hack unfolded; some of the flaws
were 10+ years old (Krebs on Security)

*A Basic Timeline of the Exchange Mass-Hack*

Sometimes when a complex story takes us by surprise or knocks us back on our heels, it pays to revisit the events in a somewhat linear fashion. Here's a brief timeline of what we know leading up to last week's mass-hack, when hundreds of thousands of *Microsoft Exchange Server* systems got compromised and seeded with a powerful backdoor Trojan horse program <https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/>
.
*When did Microsoft find out about attacks on previously unknown vulnerabilities in Exchange?*. [...] https://krebsonsecurity.com/2021/03/a-basic-timeline-of-the-exchange-mass-hack/

------------------------------

Date: Thu, 11 Mar 2021 21:45:39 -0500
From: Monty Solomon <monty@roscom.com>
Subject: Man Sues Hertz Over Lost Receipt That Was His Murder Alibi
(NYTimes)

He spent four years imprisoned on a murder conviction before the car rental company finally located a receipt showing he was nowhere near the scene of
the 2011 killing in Michigan.

https://www.nytimes.com/2021/03/11/us/herbert-alford-hertz-lawsuit-receipt.html

------------------------------

Date: Sun, 7 Mar 2021 14:28:13 -1000
From: geoff goodfellow <geoff@iconia.com>
Subject: Four new hacking groups have joined an ongoing offensive against
Microsoft's email servers (Technology Review)

*Chinese hackers targeting Microsoft Exchange servers were joined by a
feeding frenzy of other adversaries this week.*

A Chinese government-linked hacking campaign revealed by Microsoft this week has ramped up rapidly. At least four other distinct hacking groups are now attacking critical flaws in Microsoft's email software in a cyber-campaign
the US government describes as ``widespread domestic and international exploitation'' with the potential to impact hundreds of thousands of victims worldwide.

Beginning in January 2021, Chinese hackers known as Hafnium began exploiting vulnerabilities in Microsoft Exchange servers. But since the company
publicly revealed the campaign on Tuesday, four more groups have joined in
and the original Chinese hackers have dropped the pretense of stealth and increased the number of attacks they're carrying out. The growing list of victims includes tens of thousands of US businesses and government offices targeted by the new groups.

``There are at least five different clusters of activity that appear to be exploiting the vulnerabilities,'' says Katie Nickels, who leads an
intelligence team at the cybersecurity firm Red Canary that is
investigating the hacks. When tracking cyberthreats, intelligence analysts group clusters of hacking activity by the specific techniques, tactics, procedures, machines, people, and other characteristics they observe. It's
a way to track the hacking threats they face.

Hafnium is a sophisticated Chinese hacking group that has long run cyber-espionage campaigns against the United States, according to Microsoft. They are an apex predator -- exactly the sort that is always followed
closely by opportunistic and smart scavengers.

Activity quickly kicked into higher gear once Microsoft made their
announcement on Tuesday. But exactly who these hacking groups are, what
they want, and how they're accessing these servers remain unclear. It's possible that the original Hafnium group sold or shared their exploit code
or that other hackers reverse engineered the exploits based on the fixes
that Microsoft released, Nickels explains. [...] https://www.technologyreview.com/2021/03/06/1020442/four-new-hacking-groups-microsoft-email-servers/

------------------------------

Date: Sun, 7 Mar 2021 14:22:03 -1000
From: geoff goodfellow <geoff@iconia.com>
Subject: Study of auto recalls shows carmakers delay announcements until
they 'hide in the herd' (Techxplore)

Automotive recalls are occurring at record levels, but seem to be announced after inexplicable delays. A research study of 48 years of auto recalls announced in the United States finds carmakers frequently wait to make their announcements until after a competitor issues a recall -- even if it is unrelated to similar defects.

This suggests that recall announcements may not be triggered solely by individual firms' product quality defect
<https://techxplore.com/tags/defect/> awareness or concern for the public interest, but may also be influenced by competitor recalls, a phenomenon
that no prior research had investigated.

Researchers analyzed 3,117 auto recalls over a 48-year period -- from 1966
to 2013 -- using a model to investigate recall clustering and categorized recalls as leading or following within a cluster. They found that 73 percent
of recalls occurred in clusters that lasted 34 days and had 7.6 following recalls on average.

On average, a cluster formed after a 16-day gap in which no recalls were announced. They found 266 such clusters over the period studied.

"The implication is that auto firms are either consciously or unconsciously delaying recall announcements until they are able to hide in the herd,"
said George Ball, assistant professor of operations and decision
technologies and Weimer Faculty Fellow at the Indiana University Kelley
School of Business. "By doing this, they experience a significantly reduced stock penalty from their recall."

Ball is co-author of the study, "Hiding in the Herd: The Product Recall Clustering Phenomenon," recently published online in *Manufacturing and
Service Operations Management*, along with faculty at the University of Illinois, the University of Notre Dame, the University of Minnesota and Michigan State University. [...] https://techxplore.com/news/2021-02-auto-recalls-carmakers-herd.html

------------------------------

Date: Sun, 7 Mar 2021 14:30:25 -1000
From: geoff goodfellow <geoff@iconia.com>
Subject: How to poison the data that Big Tech uses to surveil you

*Algorithms are meaningless without good data. The public can exploit that
to demand change.*

Every day, your life leaves a trail of digital breadcrumbs that tech giants
use to track you. You send an email, order some food, stream a show. They
get back valuable packets of data to build up their understanding of your preferences. That data is fed into machine-learning algorithms to target you with ads and recommendations. Google cashes your data in for over $120
billion a year of ad revenue.

Increasingly, we can no longer opt out of this arrangement. In 2019 Kashmir Hill, then a reporter for Gizmodo, famously tried to cut five major tech
giants out of her life. <https://gizmodo.com/i-cut-the-big-five-tech-giants-from-my-life-it-was-hel-1831304194>
She spent six weeks being miserable, struggling to perform basic digital functions. The tech giants, meanwhile, didn't even feel an itch.

Now researchers at Northwestern University are suggesting new ways to
redress this power imbalance by treating our *collective* data as a
bargaining chip. Tech giants may have fancy algorithms at their disposal,
but they are meaningless without enough of the right data to train on.

In a new paper <https://arxiv.org/pdf/2012.09995.pdf> being presented at the Association for Computing Machinery's Fairness, Accountability, and Transparency conference <https://2021.facctconference.org/> next week, researchers including PhD students Nicholas Vincent and Hanlin Li propose
three ways the public can exploit this to their advantage: https://www.technologyreview.com/2021/03/05/1020376/resist-big-tech-surveillance-data/

------------------------------

Date: Sat, 13 Mar 2021 10:42:52 +0800
From: Richard Stein <rmstein@ieee.org>
Subject: Pandemic Forces FDA to Sharply Curtail Drug Company Inspections
(NYTimes)

https://www.nytimes.com/2021/03/09/health/covid-fda-drug-inspections.html

"The steep decline in oversight has stalled a number of new drug
applications. The agency says it is trying to protect its employees but
critics say inspectors should be considered essential workers and do their jobs."

To prove manufacturing fitness, rigorous inspection -- trust but verify --
is essential. This implies skilled and independent boots, and keen eyes, to confidently assess and approve acceptance. A pandemic environment, and
certain federal industry initiatives (e.g. delegation of self-certification
to industry), are known to weaken compliance vigilance.

With fake video and image manipulation techniques widely available, virtual inspections are a dubious substitute.

Adjusting an FDA inspector's employment classification to "essential worker" elevates their health and safety exposure risks during the pandemic. Where's the incentive to motivate their conscientious engagement?

RISKS-31.62 from 11MAR2020 notes suspensions of foreign manufacturer inspections (http://catless.ncl.ac.uk/Risks/31/62#subj12.1).

The FDA inspector corps FTE, per regulatory jurisdiction for 2008-2019 were acquired via FOIA request are shown in CSV format below. I'll need to submit another FOIA request to acquire inspector FTE for fiscal year 2020.

ORA Investigative FTE by Center (Domestic/Foreign and Import Operations)

From Work Plan YEAR,CBER Center for Biologics Evaluation and Research,CDER (Center for Drug Evaluation and Research),CDRH (Center for Devices and Radiological Health),CFSAN (Center for Food Safety and Applied

Nutrition),CTP (Center for Tobacco Products),CVM (Center for Veterinary Medicine)

2008,110.1,259.3,204.9,591.8,,85.2
2009,115.1,248.8,214.4,642.8,,91.3 2010,121.0,252.1,231.4,681.9,,89.8 2011,131.0,293.1,243.5,842.1,,91.4 2012,131.1,292.2,243.4,842.6,13.2,91.6 2013,140.1,333.6,246.5,903.9,13.2,105.1
2014,140.0,343.9,247.9,902.0,8.5,105.1
2015,127.5,367.2,270.7,911.2,7.8,106.2
2016,142.9,365.4,253.2,925.9,6.5,106.2
2017,143.2,354.9,253.8,963.0,6.5,106.3
2018,137.0,353.8,245.1,916.1,10.0,99.4
2019,122.6,323.6,219.6,875.9,11.6,98.9

------------------------------

Date: Tue, 9 Mar 2021 09:38:24 +0900
From: Dave Farber <farber@gmail.com>
Subject: Russian Disinformation Campaign Aims to Undermine Confidence in
Pfizer, Other Covid-19 Vaccines, U.S. Officials Say (WSJ)

https://www.wsj.com/articles/russian-disinformation-campaign-aims-to-undermine-confidence-in-pfizer-other-covid-19-vaccines-u-s-officials-say-11615129200

Russia Fights Skepticism of Its Covid-19 Vaccine With Global Campaign
7 Mar 2021

To counter skepticism over its Covid-19 vaccine, Russia has built a big public-relations effort at home and abroad. WSJ's Georgi Kantchev
explains why the success of Sputnik V is so important for the
Kremlin. Photo: Juan Mabromata/Agence France-Presse/Getty Images

WASHINGTON -- Russian intelligence agencies have mounted a campaign to undermine confidence in Pfizer Inc.'s and other Western vaccines, using
online publications that in recent months have questioned the vaccines' development and safety, U.S. officials said.

An official with the State Department's Global Engagement Center, which monitors foreign disinformation efforts, identified four publications that
he said have served as fronts for Russian intelligence.

The websites played up the vaccines' risk of side effects, questioned
their efficacy, and said the U.S. had rushed the Pfizer vaccine through the approval process, among other false or misleading claims.

Though the outlets' readership is small, U.S. officials say they inject
false narratives that can be amplified by other Russian and international media.

``We can say these outlets are directly linked to Russian intelligence services,'' the Global Engagement Center official said of the sites behind
the disinformation campaign. ``They're all foreign-owned, based outside of
the United States. They vary a lot in their reach, their tone, their
audience, but they're all part of the Russian propaganda and disinformation ecosystem.''

------------------------------

Date: Mon, 8 Mar 2021 10:17:08 -0500
From: Monty Solomon <monty@roscom.com>
Subject: Some turned away from Danvers mass vaccination site because of
glitch (The Boston Globe)

https://www.boston.com/news/coronavirus/2021/03/07/danvers-mass-vaccination-site-turned-away

------------------------------

Date: Wed, 10 Mar 2021 20:27:20 -0500
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Introducing Deep Nostalgia: Animate the Faces in Your Family Photos
(MyHeritage)

Do you sometimes wonder how your ancestors moved, smiled and looked in real life? You can now see your ancestors from generations past like never
before!

We're happy to introduce Deep Nostalgia, a groundbreaking new photo feature
on MyHeritage that allows you to animate the faces of your loved ones in
still photos. This new addition to our suite of photo tools produces a realistic depiction of how a person from an old photo could have moved and looked if they were captured on video.

https://blog.myheritage.com/2021/02/new-animate-the-faces-in-your-family-photos/

I can't decide what the risk might be but it seems a bit creepy.

New version of uncanny valley?

------------------------------

Date: Mon, 8 Mar 2021 10:06:31 +0200
From: Amos Shapir <amos083@gmail.com>
Subject: Re: Software Bug Keeping Hundreds Of Inmates In Arizona Prisons
Beyond Release Dates (RISKS-32.52)

I assume it didn't occur to anyone at the Arizona Department of Corrections
to employ a human being to check who is eligible for an early release; if
the computer can't do it, it's much simpler to just ignore it and keep them
in prison...

I wonder if these inmates can sue for false imprisonment?

------------------------------

Date: Mon, 8 Mar 2021 10:45:04 +0200
From: Amos Shapir <amos083@gmail.com>
Subject: Re: Israel adopts law allowing names of unvaccinated to be shared
(RISKS-32.52)

Such a law became necessary because the implementation of the "Green Tag" handed to vaccinated and recuperating people, is so lame.

The "Green Tag" is supposed to distinguish who can participate in public gatherings like concert halls and stadiums, and be presented as proof of eligibility at the entrance of such venues.

It can be acquired from a site of the Ministry of Health, a week after receiving the 2nd shot, in either of two forms: One is a PDF file,
containing just an ID (not even a name) and expiration date, along with a
big QR square which contains all necessary info (unlike previous versions,
it seems to be digitally signed). It can be printed, or kept on the owner's phone. This assumes that whoever this tag is presented to, has the capacity
to scan and decipher the code -- which may be true for airports, but not for other venues.

The other (recommended) form, is a phone app which connects to a MOH site
and displays information about the current status of COVID19 infection in
the area, and when supplied with an ID, checks for Green Tag eligibility.
If the answer is positive, it displays only a GIF image of green people
walking -- and nothing else.

Bouncers at the gates are supposed to let through only those who can present the GIF. Unvaccinated people do not need to hire a hacker to create a copy, the MOH had already done this for you: https://govextra.gov.il/media/32575/green-label-he.mp4

------------------------------

Date: Mon, 8 Mar 2021 11:07:09 +0200
From: Amos Shapir <amos083@gmail.com>
Subject: Re: Computers get Sundays off? (RISKS-32.52)

Back in the Good Old Days, you could deposit a check at any branch of your bank; they'd send it to they payer's bank, who'd send it on their internal
mail system to his branch, where they'd look up the balance and debit the amount, and then transfer it to your bank, who would credit your account.
The process could take up to 5 business days -- not including weekends, of course.

Nowadays, you can deposit checks directly from your phone, anywhere, any
time. It takes only a few seconds -- and then you still have to wait for up
to 5 business days, until the check is "cleared".

------------------------------

Date: Mon, 8 Mar 2021 11:23:25 +0200
From: Amos Shapir <amos083@gmail.com>
Subject: Re: His Lights Stayed on During Texas's Storm. Now He Owes $16,752
(RISKS-32.52)

The risk here is applying the Capitalist algorithm, which may be adequate
for businesses, to individual consumers, where it is not. It may well be
that Mr. Willoughby had saved over the years on his bill much more than
these $16,752, but the trouble is, he doesn't have them available
immediately for paying this bill.

Businesses borrow money regularly in the course of their normal operations; they know who could lend to them, and have all the procedures in place to do
it whenever they need to. Individual consumers usually do not, which means that even if they can get a loan, it might cost much more.

Businesses may swing freely back and forth through the "zero net worth"
point on their balance, but for individuals, it's rock bottom.

------------------------------

Date: Tue, 9 Mar 2021 14:39:07 +0000
From: David Damerell <damerell@chiark.greenend.org.uk>
Subject: Re: Vintage technology: 'It sounds so much cleaner' (BBC News)

Funny, backup isn't mentioned. I guess that hadn't been invented yet.

The Psion came with backup software for Windows; these days there are Linux tools to just enable you to mount it as (very slow; 9600 baud serial)
external storage.

The real Achilles Heel of the Psion is that the screen cable breaks
eventually from folding and unfolding; AFAIK the last company that would retrofit them with more robust ones stopped a few years ago. If Air Vice Marshal Maddison has had his for 23 years, I presume he's had it
retrofitted, but lack of availability of parts and spares is the long-term
risk for ancient hardware.

I am not looking forward to the day when I have to replace my Series
5mx with a device with a built-in battery which will have a definitely
finite lifespan.

------------------------------

Date: Sat, 13 Mar 2021 16:08:16 +0000
From: Martin Ward <martin@gkc.org.uk>
Subject: Re: Vintage technology: 'It sounds so much cleaner' (BBC News)

The Kermit file transfer protocol and software tools were developed
in 1981 and Kermit been described as the "most widely ported computer
program": it has been used in the International Space Station.

https://en.wikipedia.org/wiki/Kermit_(protocol)

The Psion 5 has a serial port and, naturally, Kermit has been ported to it:

https://comp.sys.acorn.misc.narkive.com/KQcbZiyk/alternatives-to-psion-5-for-use-with-riscos

------------------------------

Date: Tue, 9 Mar 2021 10:26:22 +0000
From: A Michael W Bacon <amichaelwbacon@gmail.com>
Subject: Re: (Page, RISKS-32.52)

Clive Page (RISKS-32.52) will not need to trouble his physician this year or
in the future. Since May 2013, no Yellow Fever booster is necessary after
10 years, the vaccine is recognised by the WHO and internationally as
providing immunity for life.

However, in considering vaccination certificates, there are major
differences between the booklet which he, and I and others hold, and certification of vaccination against Covid-19 (in the current global situation). In no particular order:

1. Yellow Fever is not person-to-person transmissible; as with malaria, the
vector is the mosquito.

Covid is highly transmissible between people, airborne in droplets and
aerosols and via surfaces.

2. Possession of a Yellow Fever vaccination certificate benefits the holder
in enabling travel from a country where the disease is endemic to another
country requiring evidence of vaccination - and there are relatively few
of these. It is a requirement for entry (albeit, it might be checked by
the carrier at the port of embarkation). Further, it is a requirement at
country level.

Covid vaccination certificates are being touted as a facilitation for exit
from a country, with holiday companies such as Saga (specialising in cruises and package holidays for older people) insisting on evidence of full vaccination before boarding (when foreign holidays are allowed from the UK). Many airlines are reportedly pressuring governments to make possession of a certificate a condition for boarding (which would relieve them of making it
a contractual matter, open to challenge in the courts). Israel's "Green
Pass" - a Covid vaccination certificate - is fast becoming a requirement for entry to establishments such a gyms. Such a requirement is being actively promoted by commercial interests in other countries as a way of re-opening businesses that are currently "locked-down". A (potential) requirement at a building level.

3. The Yellow Fever vaccination certificate is essentially valueless, there
is relatively little point in forging one. Certainly in the "First
World" (and under normal circumstances) aspiring travelers can arrange

[continued in next message]

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)