1. Forum
  2. Usenet
  3. COMP.RISKS

  • Risks Digest 33.08 (2/2)

    From RISKS List Owner@21:1/5 to All on Sat Mar 5 21:55:10 2022
    [continued from previous message]

    sovereignty and democracy could alter the calculations of foreign ministers, bank directors, business executives, and thousands of ordinary people. Few imagined that the Russian president's sinister television appearances and brutal orders could alter, in just a few days, international perceptions of Russia.

    And yet all of that has happened. Volodymyr Zelensky's courage has moved people, even the hard-bitten CEOs of oil companies, even dull diplomats accustomed to rote pronouncements. Vladimir Putin's paranoid ranting, meanwhile, has frightened even people who were lauding his savvy just a few days ago. He is not, in fact, someone you can do business with, as so many
    in Berlin, Paris, London, and Washington falsely believed; he is a
    cold-blooded dictator happy to murder hundreds of thousands of neighbors and impoverish his nation, if that's what it takes to remain in power. However
    the war ends -- and many scenarios are still imaginable -- we already live
    in a world with fewer illusions.

    Look at Germany, a nation that has spent nearly 80 years defining its
    national self-interest in purely economic terms. If the government of some distant place where Germans buy and sell things was repressive, that was
    never the Germans' fault. If military aggression was reshaping the outer borders of Europe, that was peripheral to Germany, too. Former Chancellor Angela Merkel, although she talked a lot about liberal and democratic
    values, in practice worried far more about creating good conditions for
    German business, wherever it was operating. That economy-first attitude infected her nation. Not long after the Russian annexation of Crimea in
    2014, I joined a panel discussion in Germany about ``the greatest threats to Europe.'' Because of the timing, I talked about Russia and assumed the
    others would too. I was wrong. One of the other panelists called me a warmonger. Another argued vociferously that the greatest threat was a
    proposed trade agreement that would have allowed Americans to sell chicken washed in chlorine to German supermarkets.

    I remember that detail because I hadn't known about the great chlorinated-chicken discussion that was then engulfing Germany, and I had to
    go home and look it up. But I've had some version of that experience many
    times since. I was on a German television program two weeks ago, along with three German politicians who were, even then, arguing that -- despite the thousands of troops and armored vehicles gathering on the borders of Ukraine
    -- the only conceivable solution was dialog.

    On Saturday, in a 30-minute speech, the current German chancellor, Olaf
    Scholz, threw all of that out the window. Germany, he said, needs ``planes
    that fly, ships that sail, and soldiers who are optimally equipped for their missions.'' Germany's military should reflect its size and importance. The German government has done an about-face and will even send weapons to
    Ukraine: 1,000 anti-tank weapons and 500 Stinger missiles. More incredibly, this 180-degree turn has the support of an astonishing 78 percent of the
    German public, who now say they support much higher military spending and
    will gladly pay for it. This is a fundamental change in Germany's definition
    of itself, in its understanding of its past: Finally, Germans have
    understood that the lesson of their history is not that Germany must remain forever pacifist. The lesson is that Germany must defend democracy and fight the modern version of fascism in Europe when it emerges.

    But the Germans are not the only ones who have changed. Across Europe people are realizing that they live on a continent where war, in their own time, in their own countries, is no longer impossible. Platitudes about European
    *unity* and *solidarity* are beginning to have some meaning, along with
    *common foreign policy*, a phrase that, in the European Union, has until now been largely fiction. In theory the EU has a single spokesperson for foreign policy, but in practice European leaders have given that job to people who
    know little about Russia, and whose fallback position when Russia misbehaves
    is always the expression of *deep concern*. The previous European high representative for foreign policy, Federica Mogherini, was more interested
    in EU relations with Cuba than with Kyiv. The current holder of that office, Josep Borrell, stumbled through a meeting with his Russian counterpart last year, and seemed surprised to be treated with disdain.

    But now everything is suddenly different. *Deep concern* has been exchanged for real action. Less than a week into the invasion, the EU has not only announced harsh sanctions on Russian banks, companies, and individuals -- sanctions that will also affect Europeans -- but has also offered $500
    million of military aid to Ukraine. Individual European states, from France
    to Finland, are sending weapons as well, and applying their own
    sanctions. The French say they are drawing up a list of Russian oligarchs' assets, including luxury cars and yachts, in order to seize them.

    Europeans have also dropped, abruptly, some of their doubts about Ukraine's membership in their institutions. On Monday, the European Parliament not
    only asked Zelensky to speak, by video, but gave him a standing
    ovation. Earlier today the parliamentarians, from all across the continent, voted to accept his application for EU membership for Ukraine. Accession to
    the EU is a long process, and it won't happen immediately, even if Ukraine emerges intact from this conflict. But the idea has been broached. It is now part of the continent's collective imagination. From being a distant place, badly understood, it is now part of what people mean when they say Europe.

    Ukraine itself will never be the same again either. Events are happening so rapidly, with moods and emotions changing every hour of every day, that I
    can't guess what will happen next, or predict how people will feel about
    it. But I am certain that the events of this week have changed not only the world's perceptions of Ukraine, but Ukrainians' perceptions of
    themselves. In the long run-up to this war, the conversation in Washington
    and Berlin was always focused on Putin and Joe Biden, Sergei Lavrov and
    Antony Blinken, NATO and Russia. This was the kind of talk that academics
    and pundits liked: big topics, big countries. In this conversation Ukraine
    was, as the political scientist John Mearsheimer put it in 2014, nothing
    more than ``a buffer state of enormous strategic importance to Russia.''
    But the Ukrainians have now put themselves at the heart of the story, and
    they know it.

    As a result, thousands of people are making choices that they too could not have imagined two weeks ago. Ukrainian sociologists, baristas, rappers, and bakers are joining the territorial army. Villagers are standing in front of Russian tanks, shouting *occupiers* and *murderers* at Russian soldiers
    firing into the air. Construction workers on lucrative contracts in Poland
    are dropping their tools and taking the train back home to join the
    resistance. A decade's worth of experience fighting Russian propaganda is finally paying off, as Ukrainians create their own counternarrative on
    social media. They post videos telling Russian soldiers to go home to their mothers. They interview captured teenage Russian conscripts, and put the
    video clips online. Electronic highway signs leading into Kyiv have been reconfigured to tell the Russian army to f*ck off. Even if this ends badly, even if there is more bloodshed, every Ukrainian who lived through this
    moment will always remember what it felt like to resist -- and that too will matter, for decades to come.

    And what about Russia? Is Russia condemned always to be a revanchist state,
    a backward-looking former empire, forever scheming to regain its old role?
    Must this enormous, complicated, paradoxical nation always be ruled badly,
    with cruelty, by elites who want to steal its wealth or oppress its people? Will Russian rulers always dream of conquest instead of prosperity?

    Right now many Russians don't even realize what is happening in
    Ukraine. State television has not yet admitted that the Russian military has attacked Kyiv with rockets, bombed a Holocaust memorial, or destroyed parts
    of central Kharkiv and Mariupol. Instead, the official propagandists are telling Russians that they are carrying out a police action in Ukraine's far-eastern provinces. The audience gets no information about casualties, or war damage, or costs. The extent of the sanctions has not been
    reported. Pictures seen around the world -- the bombing of the Kyiv
    television tower today, for example -- can't be seen on the Russian evening news.

    ------------------------------

    Date: Fri, 4 Mar 2022 12:00:30 -0500 (EST)
    From: ACM TechNews <technews-editor@acm.org>
    Subject: Ukraine's Vital Tech Industry Carries on Amid Russian Invasion
    (Sam Schechner)

    Sam Schechner, *The Wall Street Journal*, 02 Mar 2022,
    via ACM TechNews; 4 Mar 2022

    Many software developers in Ukraine continue to produce code for overseas clients amid the Russian invasion. Many also are volunteering for the ad hoc hacking army launching cyberattacks against Russia. Some Ukrainian
    technology companies are relocating employees to the west, donating money to the war effort, or offering office space as refugee housing, among other things. Said Tufts University's Bhaskar Chakravorti, "There is a serious
    talent crunch in IT, especially at the higher end where Ukraine was increasingly going. It's hard to imagine there will be too many other places for clients to go." Stepan Veselovskyi of the Lviv IT Cluster trade group
    said most tech companies in the city are working. Veselovskyi explained,
    "It's important for businesses with international clients to be alive and
    pay taxes and pay salaries to people in a time of war." https://orange.hosting.lsoft.com/trk/click?ref=znwrbbrs9_6-2e294x232003x072994&

    ------------------------------

    Date: Tue, 1 Mar 2022 10:39:08 -0500
    From: "Jan Wolitzky" <jan.wolitzky@gmail.com>
    Subject: Google temporarily disables Google Maps live traffic data in
    Ukraine (Reuters)

    Feb 27 (Reuters) - Alphabet Inc's (GOOGL.O) Google confirmed on Sunday it
    has temporarily disabled for Ukraine some Google Maps tools which provide
    live information about traffic conditions and how busy different places are.

    The company said it had taken the action of globally disabling the Google
    Maps traffic layer and live information on how busy places like stores and restaurants are in Ukraine for the safety of local communities in the
    country, after consulting with sources including regional authorities.

    Ukraine is facing attacks from Russian forces who invaded the country on Thursday. As missiles fell on Ukrainian cities, nearly 400,000 civilians, mainly women and children, have fled into neighbouring countries.

    Russia calls its actions in Ukraine a "special operation".

    Big tech companies including Google have said they are taking new measures
    to protect users' security in the region.

    Online services and social media sites have also been tapped by researchers piecing together activity around the war.

    A professor at California's Middlebury Institute of International Studies
    said Google Maps helped him track a "traffic jam" that was actually Russian movement towards the border hours before Russian President Vladimir Putin announced the attack. <https://twitter.com/ArmsControlWonk/status/1496657816740036616?s=20&t=hC8JFkNUIhsbBo9ML48CbQ>

    Google said live traffic information remained available to drivers using
    its turn-by-turn navigation features in the area.

    ------------------------------

    Date: Fri, 4 Mar 2022 12:00:30 -0500 (EST)
    From: ACM TechNews <technews-editor@acm.org>
    Subject: Conti Ransomware Source Code Leaked by Ukrainian Researcher
    (Bleeping Computer)

    Lawrence Abrams, BleepingComputer (1 March 2022),
    via ACM TechNews; 4 Mar 2022

    A Ukrainian researcher has exposed a wealth of content on the Conti
    cybercrime gang, including their ransomware's source code, after they sided with Russia on the Ukraine incursion. Known on Twitter as @ContiLeaks, the researcher leaked 393 JavaScript Object Notation files containing roughly 60,000 internal messages from the Conti and Ryuk ransomware group's private Extensible Messaging and Presence Protocol chat server. ContiLeaks then released more damaging material: the most exciting disclosure was a password-protected archive featuring the source code for the Conti
    ransomware encryptor, decryptor, and builder. Another researcher cracked the password, making the ransomware source code accessible to everyone. https://orange.hosting.lsoft.com/trk/click?ref=znwrbbrs9_6-2e294x23200ax072994&

    ------------------------------

    Date: Thu, 3 Mar 2022 20:00:30 -0500
    From: Gabe Goldberg <gabe@gabegold.com>
    Subject: Russia's War in Ukraine Could Spur Another Global Chip Shortage
    (WiReD)

    Ukraine is home to half of the world's neon gas, which is critical for manufacturing semiconductor chips.

    https://www.wired.com/story/ukraine-chip-shortage-neon/

    ------------------------------

    Date: Fri, 4 Mar 2022 09:16:03 -0800
    From: Lauren Weinstein <lauren@vortex.com>
    Subject: The Internet and Putin's War

    It's impossible to overstate the importance of the Internet in Russia's war
    on Ukraine. Yes, it can be a source for lies and disinformation, but it also allows the world to monitor the conflict and organize against Putin in ways that never would be possible before. Putin can't hide.

    Mainstream media seems to suddenly realize that Big Tech is incredibly important to let the world know what is REALLY going on during events like Putin's war, and that the "All Big Tech is Evil" mantra is a bunch of hooey.

    [Two closely related messages combined into one RISKS item. PGN]

    ------------------------------

    Date: Sat, 26 Feb 2022 21:13:22 +0000
    From: Jay Libove <libove@felines.org>
    Subject: Re: New Bill Would Bring Mobile Voting To WashDC (RISKS-33.07)

    I wonder why I've never seen the following discussed:

    * Of course, for people for whom the anonymity of their vote is paramount
    (and there really are such people, and some of them have objectively
    provable reasons why), a secure-enough but not-anonymous system wouldn't
    work.

    * But, for anyone (like, say, me) for whom the anonymity of their vote isn't
    relevant (#1 anybody knowing my vote would have no blowback on me, and #2
    my votes are pretty predictable...) having a secure-enough and
    not-anonymous system would be a great convenience.

    So, we should do it, and/but we should NOT ONLY do it (that is, it shouldn't
    be forced on people, just made available).

    [What am I missing?]

    ------------------------------

    Date: Tue, 1 Mar 2022 15:25:23 +0000
    From: Martin Ward <martin@gkc.org.uk>
    Subject: Re: Some Mazda cars stuck on a Seattle Station (RISKS-33.06-07)

    The real problem is that programmers write printf("foo") to print the string "foo", and it works. So then they go on to write printf(str) to write the string str, which mostly works but fails when the string pointed at by str contains percent characters.

    The first argument to printf is *supposed* to be the format string. To
    print an arbitrary string the programmer is supposed to write printf("%s", str).

    ------------------------------

    Date: Mon, 1 Aug 2020 11:11:11 -0800
    From: RISKS-request@csl.sri.com
    Subject: Abridged info on RISKS (comp.risks)

    The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
    comp.risks, the feed for which is donated by panix.com as of June 2011.
    SUBSCRIPTIONS: The mailman Web interface can be used directly to
    subscribe and unsubscribe:
    http://mls.csl.sri.com/mailman/listinfo/risks

    SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that
    includes the string `notsp'. Otherwise your message may not be read.
    *** This attention-string has never changed, but might if spammers use it.
    SPAM challenge-responses will not be honored. Instead, use an alternative
    address from which you never send mail where the address becomes public!
    The complete INFO file (submissions, default disclaimers, archive sites,
    copyright policy, etc.) is online.
    <http://www.CSL.sri.com/risksinfo.html>
    *** Contributors are assumed to have read the full info file for guidelines!

    OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
    searchable html archive at newcastle:
    http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
    Also, ftp://ftp.sri.com/risks for the current volume/previous directories
    or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
    If none of those work for you, the most recent issue is always at
    http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-33.00
    ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
    *** NOTE: If a cited URL fails, we do not try to update them. Try
    browsing on the keywords in the subject line or cited article leads.
    Apologies for what Office365 and SafeLinks may have done to URLs.
    Special Offer to Join ACM for readers of the ACM RISKS Forum:
    <http://www.acm.org/joinacm1>

    ------------------------------

    End of RISKS-FORUM Digest 33.08
    ************************

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)