RISKS-LIST: Risks-Forum Digest Sunday 7 August 2022 Volume 33 : Issue 37

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/33.37>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>

Contents:
U.S. Air Force To Test Single-Pilot C-130 Flight Crews (FLYING Magazine)
How a Trash-Talking Crypto Bro Caused a $40 Billion Crash (NYTimes)
Nuclear Fusion Is Already Facing a Fuel Crisis (WiReD)
Fighting Around Zaporizhzhia Nuclear Power Plant Is 'Out of Control'
(Matthew Gault via Henry Baker)
Nomad offers 10% bounty in $190M cryptocurrency hack (WashPost)
WashDC Metrorail Routinely Skipped Safety Protocols, Putting Workers At Risk
(DC Patch)
Former T-Mobile store owner netted $25 million from 5-year scheme, which
included tricking employees into resetting passwords (Fortune)
California Regulator Accuses Tesla of Falsely Advertising Autopilot (NYTimes) North Korea-Backed Hackers Have Clever Way to Read Gmail (Dan Goodin)
AI Does Not Have Thoughts, No Matter What You Think (Cade Metz)
Algorithm Aces University Math Course Questions (Adam Zewe)
Big Tech breakup legislation on hold (Lauren Weinstein)
Class-action suit filed against Equifax after millions of scores were
affected by glitch (NBC news)
'Horrible', 'Chaos': Former Oracle Employees Describe Recent Layoffs
(Slashdot)
Robinhood Lays Off 23 Percent of Its Staff, Blaming Crypto Meltdown
(NYTimes)
Bitcoin mining in the crypto crash -- mining companies' creative accounting
(Amy Castor)
Pearson says NFT textbooks will let it profit off secondhand sales
(The Verge)
The Bad Times Are Coming for Startups (WiReD)
The Microsoft Team Racing to Catch Bugs Before They Happen (WiReD)
French Scientist, distant star, and chorizo (People via Steve Greenwald)
Rats deserve equal presence with Squirrels in RISKS (T.M. Brown via PGN) Robotic Surgery (Dr. Bob Fenichel)
Re: Who is at fault when medical software gets it wrong?
(Richard Marlon Stein)
Re: Tech giants, including Meta, Google, and Amazon, want to put an end to
leap-seconds (John Levine)
Re: BMW's Heated as a Service Model Has Drivers Seeking Hacks
(San Steingold, Gabe Goldberg, Gabe Goldberg)
Re: Study finds Wikipedia influences judicial behavior (John Levine)
Kids Are Back in Classrooms and Laptops Are Still Spying on Them
(Gabe Goldberg)
Re: School Surveillance Will Never Protect Kids From Shootings
(Gabe Goldberg)
Re: Dr. Birx ADMITS She 'Knew' COVID-19 Vaccines 'Were Not Going to
Going to Protect Against Infection' (Lars-Henrik Eriksson, Steve Lamont)
Book Review: America's Biggest Lottery Scam by Bob Sand (Douglas W. Jones) Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Sun, 7 Aug 2022 15:02:38 -0400
To: Risks Digest <risks@csl.sri.com>
From: Gabe Goldberg <gabe@gabegold.com>
Subject: U.S. Air Force To Test Single-Pilot C-130 Flight Crews
(FLYING Magazine)o

USAF and Merlin Labs plan to flight test Lockheed Martinâs C-130J Hercules with autonomous software as a co-pilot.

Can a Lockheed Martin (NYSE: LMT) C-130J Hercules fly with just one pilot?
It' a scenario the U.S. Air Force is exploring through a new partnership
with Merlin Labs, a Boston-based autonomous flight company that's gearing up
to test autonomous operations in the Air Force' venerable cargo workhorse.

Under the collaboration, Merlin Labs will retrofit a C-130 with software and technology that will slim down the number of onboard crew, from two pilots
to one. The C-130, built at Lockheed Martin's factory in Marietta, Georgia, holds the record for the longest continuous production run of any military aircraft, according to the manufacturer. The Hercules first flew in 1954.

https://www.flyingmag.com/u-s-air-force-to-test-single-pilot-c-130-flight-crews/

------------------------------

Date: Wed, 18 May 2022 10:48:50 -0400
From: "Gabe Goldberg" <gabe@gabegold.com>
Subject: How a Trash-Talking Crypto Bro Caused a $40 Billion Crash (NYTimes)

Do Kwon, a South Korean entrepreneur, hyped the Luna and TerraUSD cryptocurrencies. Their failures have devastated some traders, though not
the investment firms that cashed out early.

https://www.nytimes.com/2022/05/18/technology/terra-luna-cryptocurrency-do-kwon.html

------------------------------

Date: Sat, 21 May 2022 00:16:57 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Nuclear Fusion Is Already Facing a Fuel Crisis (WiReD)

It doesn't even work yet, but nuclear fusion has encountered a shortage of tritium, the key fuel source for the most prominent experimental reactors.

In the south of France, ITER is inching towards completion. When it's
finally fully switched on in 2035, the International Thermonuclear
Experimental Reactor will be the largest device of its kind ever built, and
the flag-bearer for nuclear fusion.

Inside a donut-shaped reaction chamber called a tokamak, two types of
hydrogen, called deuterium and tritium, will be smashed together until they fuse in a roiling plasma hotter than the surface of the sun, releasing
enough clean energy to power tens of thousands of homes -- a limitless
source of electricity lifted straight from science fiction.

Or at least, that's the plan. The problem -- the white elephant in the room
-- is that by the time ITER is ready, there might not be enough fuel left to run it.

Like many of the most prominent experimental nuclear fusion reactors, ITER relies on a steady supply of both deuterium and tritium for its experiments. Deuterium can be extracted from seawater, but tritium—a radioactive isotope of hydrogen—is incredibly rare.

https://www.wired.com/story/nuclear-fusion-is-already-facing-a-fuel-crisis

------------------------------

Date: Thu, 04 Aug 2022 16:05:40 +0000
From: Henry Baker <hbaker1@pipeline.com>
Subject: Fighting Around Zaporizhzhia Nuclear Power Plant Is 'Out of Control'

Nuclear power plants were designed to defend against certain foreseeable
risks, but not wars!

I don't think we all want to be Zaporized...

https://www.vice.com/en/article/7k88mg/fighting-around-europes-largest-power-plant-is-out-of-control-uns-nuke-chief-warns

Fighting Around Europe's Largest Power Plant Is 'Out of Control,' UN's Nuke Chief WarnsRussia is using a Ukrainian power plant as a fortress to launch attacks.

by Matthew Gault August 3, 2022, 3:13pm

The head of the UN's nuclear regulatory watchdog is warning the world that Europe's largest nuclear power plant "is completely out of control," Rafael Grossi, the director general of the International Atomic Energy Agency
(IAEA), told the Associated Press about the risk in an interview.

The Zaporizhzhia nuclear power plant is in Southeast Ukraine along the
Dnipro river.

The plant has been a central part of the war since Russia invaded Ukraine at the end of February.

Russian troops besieged it in early March, firing artillery shells at it
before taking it over.

The firefight between Russian and Ukrainian soldiers was watched by 95,000 people online through the plant's live streamed CCTV cameras.

An administrative building caught fire during the fight but the plant didn't melt down.

------------------------------

Date: Sat, 6 Aug 2022 12:53:06 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Nomad offers 10% bounty in $190M cryptocurrency hack (WashPost)

More than $20 million has been recovered since the âfree-for-allâ.

Crypto Giant Froze Their Accounts. Now Customers Are Begging a Judge for
Their Money Back.

"My life savings were in Celsius," one depositor wrote last month. "I pray
and hope everyday you are doing everything in your power to rightfully
return deposits back to customers. I canât tell my wife and kids our retirement and dreams have been stolen from us. Life is stale, we need
updates and silence is not the answer."

https://www.motherjones.com/politics/2022/08/celsius-bankruptcy-crypto

------------------------------

Date: Wed, 18 May 2022 10:50:39 -0400
From: "Gabe Goldberg" <gabe@gabegold.com>
Subject: WashDC Metrorail Routinely Skipped Safety Protocols, Putting
Workers At Risk (DC Patch)

[Earlier items on this in RISKS-33.06 and 33.13. PGN]

Washington Metrorail Safety Commission says Metrorail routinely skipped
steps in restoring lethal electrical power to tracks in work zones.

WMSC determined the Power Desk assistant superintendent had skipped three safety protocols when directing that power be restored to the College Park Station work zone. In addition, the Power Desk controller restored power
even though they knew two safety confirmations had not been completed.

WMSC also investigated similar lapses in safety that occurred on April 3,
May 1, May 6 and May 14, across multiple departments.

"Fatigue modeling indicates that the Power Desk controller's performance effectiveness on April 26 was impaired due to sleep debt, short sleep
duration and the circadian effects of night work," WMSC's report says. "The Power Desk Controller also told investigators that they have difficulty sleeping."

Further investigation revealed that Metrorail was assigning 12-hours
shifts and not filling some shifts due to staffing shortages.

https://patch.com/district-columbia/washingtondc/metrorail-routinely-skipped-safety-protocols-putting-workers-risk

------------------------------

Date: Thu, 4 Aug 2022 11:02:16 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: Former T-Mobile store owner netted $25 million from 5-year scheme,
which included tricking employees into resetting passwords (Fortune)

A former T-Mobile store owner has been found guilty of using stolen
credentials to hack into “hundreds of thousands of cellphones” in a multiyear scheme that netted him roughly $25 million that he spent on cars:

Argishti Khudaverdyan, 44, who owned an Eagle Rock retail outlet in Los
Angeles, used several dishonest methods to acquire the credentials needed
to unlock phones or bypass carrier blocks, enabling customers to change
network providers before their contract ended. He used phishing emails
and social engineering, and tricked those working at the T-Mobile IT Help
Desk into resetting employee passwords, allowing him access to the
internal system.

The scheme, which he ran from August 2014 to June 2019, also involved
unlocking phones that had been reported lost or stolen, allowing them to
be sold on the black market. [...]

https://finance.yahoo.com/news/former-t-mobile-store-owner-110731584.html

------------------------------

Date: Sat, 6 Aug 2022 12:48:28 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: California Regulator Accuses Tesla of Falsely Advertising Autopilot
(NYTimes)

A state agency said the electric carmaker had misled the public in
describing its driver-assistance service as autonomous.

Its name is borrowed from aviation systems that allow planes to fly
themselves in ideal conditions with limited pilot input. With the current system, the car will disengage Autopilot if drivers do not consistently keep
a hand on the wheel.

For an additional fee, which may be as high as $12,000, car owners can buy
Full Self-Driving, a system that expands the abilities of Autopilot.

https://www.nytimes.com/2022/08/05/business/tesla-california-dmv-complaint.html

Believing marketing, then not even following instructions...

------------------------------

Date: Fri, 5 Aug 2022 13:12:37 -0400 (EDT)
From: ACM TechNews <technews-editor@acm.org>
Subject: North Korea-Backed Hackers Have Clever Way to Read Gmail
(Dan Goodin)

Dan Goodin, Ars Technica, 03 Aug 2022, via ACM TechNews, 5 Aug 2022

Researchers at security company Volexity have discovered malware dubbed SHARPEXT that the North Korea-sponsored SharpTongue hacker gang is using to read and download email and attachments from victims' Gmail and AOL
accounts. Volexity's Steven Adair said SHARPEXT installs an extension for Chrome and Edge browsers "by way of spear phishing and social engineering
where the victim is fooled into opening a malicious document." Email
services cannot detect the extension, and since the browser will already
have been authenticated, the compromise cannot be simply identified and neutralized. Volexity said SHARPEXT has been in use for "well over a year," allowing hackers to compile lists of email addresses to ignore, and to
monitor already compromised emails or attachments.

https://orange.hosting.lsoft.com/trk/click?ref=3Dznwrbbrs9_6-2f009x235171x069070&

------------------------------

Date: Sat, 6 Aug 2022 12:55:02 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject War Thunder fans leaked classified docs to get more realistic
tanks (WashPost)

Fans wanted a war game to be more real, so they leaked classified docs

Video games have long led to fights: controllers thrown, unsubstantiated accusations of cheating, insults hurled at mothers and even dogs. But no one has ever leaked classified documents related to national security in a
public forum to win an argument â until last year, twice. And then again
this year.

Beginning in 2021, players of "War Thunder," a popular, free-to-play
vehicular combat video game, have thrice posted classified documents related
to three tanks of British, French, and Chinese origin, in an online forum dedicated to the game. The posting of the documents was reported first by UK Defence Journal, which wrote that one poster, who uploaded the manual to a British Challenger 2 tank, said he was motivated by a desire to get a "War Thunder" developer to make the tank more accurate in the game. Another
poster, who claimed to be part of a French tank unit, uploaded a Leclerc S2 manual while engaged in an online debate about its turret rotation speed.
The motivations of the user who posted allegedly classified information
about Chinaâs DTC10-125 tank, and a piece of materiel, was not clear.

https://www.washingtonpost.com/video-games/2022/08/05/tank-plan-leaks-war-thunder/

------------------------------

Date: Sun, 7 Aug 2022 10:44:54 PDT
From: Peter Neumann <neumann@csl.sri.com>
Subject: AI Does Not Have Thoughts, No Matter What You Think (Cade Metz)

Some researchers believe there are sentient computers. Sorry, but there's
no evidence.

[Nice follow-up on this topic in RISKS-33.29 and RISKS-33.34. PGN]

Cade Metz, *The New York Times* National Edition Sunday Business centerfold
, 7 Aug 2022: two-page (6-7) spread, with Frank Rosenblatt and his
Perceptron, an inset of a conversation with Joe Weizenbaum's ELIZA, and
other more recent players. The alluring robot "Desdemona" is also on the
cover of the section.

[Gabe Goldberg saw this item online:
https://www.nytimes.com/2022/08/05/technology/ai-sentient-google.html
PGN]

------------------------------

Date: Fri, 5 Aug 2022 13:12:37 -0400 (EDT)
From: ACM TechNews <technews-editor@acm.org>
Subject: Algorithm Aces University Math Course Questions (Adam Zewe)

Adam Zewe, MIT News, 3 Aug 2022, via ACM TechNews, 5 Aug 2022

A multi-institutional team of researchers led by the Massachusetts
Institute of Technology's Iddo Drori utilized a neural network model to
solve university-level math problems in seconds. The researchers used
OpenAI's Codex model, which was pretrained on text and "fine-tuned" on
code, to learn how pieces of text and code relate to each other. The model
can render text questions into code, given a few question-code examples,
then run the code to solve the problem. The model also automatically
explains its solutions, and can produce new problems in university math subjects which university students were unable to distinguish from human-generated questions. "This work opens the field for people to start solving harder and harder questions with machine learning," Drori said.

https://orange.hosting.lsoft.com/trk/click?ref=znwrbbrs9_6-2f009x235172x069070&

[It also opens the field for open-source software for open-book exams.
PGN]

------------------------------

Date: Sun, 7 Aug 2022 08:56:43 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: Big Tech breakup legislation on hold

Big Tech breakup legislation on hold

It appears that the wholly misguided attempts to "break up" Big Tech are at least on hold until later in the year, if then. And consumers should be thankful, because the plans would only have made their tech lives more
complex and subject to even more fraud.

------------------------------

Date: Thu, 04 Aug 2022 22:35:16 +0000
From: "Richard Marlon Stein" <rmstein@protonmail.com>
Subject: Class-action suit filed against Equifax after millions of scores
were affected by glitch (NBC news)

https://www.nbcnews.com/business/consumer/equifax-credit-score-glitch-lawsuit-class-action-rcna41538

"The credit bureau said it had unintentionally sent faulty scores to lenders, resulting in higher interest rates and application denials for some consumers."

"*The Wall Street Journal* reported Tuesday that, as Equifax was
transitioning to a new technology system, it unintentionally provided inaccurate credit scores on millions of U.S. consumers seeking various types
of credit. In a statement on its website, Equifax acknowledged that as many
as 300,000 people experienced a score shift of 25 points or more, enough to swing a borrower's credit rating from good to fair, or fair to poor."

A glitch? It appears Equifax didn't apply UAT before go-live? Or did they
know about the credit score discrepancy -- should be evident in their qualification test reports for pass/fail on "legacy v. go-forward"
comparator output of credit scores. Perhaps the governance team was too
eager to go-live because of schedule commitments and didn't bother to read
the test results?

Very tiresome to watch reruns of the consumer crash test dummy show.

------------------------------

Date: Sun, 7 Aug 2022 10:57:31 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: 'Horrible', 'Chaos': Former Oracle Employees Describe Recent
Layoffs (Slashdot)

https://developers.slashdot.org/story/22/08/07/1537222/horrible-chaos-former-oracle-employees-describe-recent-layoffs

[Despite *the NYTimes* lead story yesterday about how employment is now
back to pre-COVID. PGN]

------------------------------

Date: Thu, 4 Aug 2022 00:50:06 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Robinhood Lays Off 23 Percent of Its Staff, Blaming Crypto Meltdown
(NYTimes)

The trading app that helped drive the meme stock frenzy announced staff cuts for the second time this year.

Robinhood declined to comment on the layoffs.

The announcement followed closely on the heels of cuts in April, when
Robinhood laid off 340 workers, or about 9 percent of its employees at the time. Since then, Mr. Tenev wrote, further worsening of the economy,
including inflation and the crash of the crypto market, has "reduced
customer trading activity and assets under custody." The price of Bitcoin
has fallen by more than half this year, to about $23,000 per coin. The cryptocurrency rose as high as $66,000 in late 2021.

------------------------------

Date: Thu, 4 Aug 2022 20:19:39 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Bitcoin mining in the crypto crash -- mining companies' creative
accounting (Amy Castor)

Bitcoin mining is a highly lucrative business as long as the price of
bitcoin keeps going up â and as long as investors believe it will keep going up.

When the price crashes â and the price of bitcoin has halved since the start of the year â crypto miners face margin calls, they have to dump their bitcoins, and reality comes knocking.

In this post, we outline some of the biggest problems facing North American bitcoin miners:

* Miners are nothing like as profitable as they report to the public stock
markets that they are.

* Miners don't want to sell their freshly mined bitcoins, as this is would
risk crashing the price of bitcoin -- so instead, they borrow against the
bitcoins, and against their rigs, too!

* This business model only works if number goes up forever.

* Number does go up forever.

https://amycastor.com/2022/08/04/bitcoin-mining-in-the-crypto-crash-the-mining-companies-creative-accounting/

------------------------------

Date: Thu, 4 Aug 2022 00:52:10 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Pearson says NFT textbooks will let it profit off secondhand
sales (The Verge)

But is there any reason to do it?

Textbook publisher Pearson suggests blockchain tech could let it take a cut
of secondary textbook sales, capturing a section of the book market thatâs
so far escaped it. As quoted by Bloomberg, Pearson CEO Andy Bird believes non-fungible tokens, or NFTs, could help publishers make money off textbook resales, although he stopped short of describing concrete plans. [...]

As with many mainstream crypto applications, NFTs don't bring an obvious
technical innovation to this question.

------------------------------

Date: Tue, 17 May 2022 16:27:40 -0400
From: "Gabe Goldberg" <gabe@gabegold.com>
Subject: The Bad Times Are Coming for Startups (WiReD)

A spate of layoffs is just the first sign of trouble for early-stage
companies facing an economic downturn.

"Right now, the startups that are in the trickiest situation are
growth-stage startups with unicorn-type valuations, a high burn rate, good
but not great metrics, and 12 months of cash," says Matt Turck, a partner at venture capital firm Firstmark. "You're going to see a lot of layoffs there, because companies need to urgently cut their burn if they don't want to run
out of cash."

https://www.wired.com/story/startups-layoffs-economy-bad-times/

------------------------------

Date: Thu, 4 Aug 2022 00:46:51 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: The Microsoft Team Racing to Catch Bugs Before They Happen
(WiReD)

What's it like to be responsible for a billion people's digital security?
Just ask the company's Morse researchers.

https://www.wired.com/story/microsoft-morse-team/

------------------------------

Date: Sat, 6 Aug 2022 00:00:15 -0400
From: "Steven J. Greenwald" <greenwald.steve@gmail.com>
Subject: French Scientist, distant star, and chorizo

Some extracts from the journal "People":

A French scientist is in hot water after he trolled his Twitter followers
with a picture of what he said was of a distant star taken by the James Webb Space Telescope. In reality, it was a piece of sausage.

On July 31, French scientist Etienne Klein tweeted an image of a glowing red circle with a caption saying it was Proxima Centauri, the closest star to
the Sun. "Well, when it's time for the aperitif, cognitive biases seem to
have a field day," he later tweeted. <https://twitter.com/EtienneKlein/status/1553765864553472003?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1553765864553472003%7Ctwgr%5E70a999974c25a56b3c583436dfbd4c8fc8aa0f75%7Ctwcon%5Es1_&ref_url=https%3A%2F%2Fwww.cbsnews.com%2Fnews%2Fscientist-
etienne-klein-posts-webb-telescope-image-star-actually-slice-chorizo-apology%2F>

https://people.com/human-interest/french-scientist-apologizes-says-space-telescope-image-of-distant-star-was-actually-just-chorizo/

------------------------------

Date: Sun, 7 Aug 2022 10:20:51 PDT
From: Peter Neumann <neumann@csl.sri.com>
Subject: Rats deserve equal presence with Squirrels in RISKS (T.M. Brown)

Engine Troubles? Check for Rats.
T. M. Brown, *The New York Times*, 7 Aug 2022

This article begins by resuscitating an old tale from early 2021 of a
Prius in NYCity's DUMBO area downtown: "The check engine kept flashing
.. despite the car driving just fine. They did a bunch of tests and
couldn't figure out what it was." Finally they discovered a rat had
chewed through a sensor wire. $700 bill. The usual RISKS story of
trying to spread the blame to bad city planning, the pandemic, more
food trucks in residential areas, overcrowding, etc.

T.M. Brown's last paragraph is worth quoting:

Two years ago, a looming fear among bureaucrats, business people, and
undying loyalists to the city's complexities was that New York [City]
would dangerously thin out, that enough people would make permanent their
exodus to Connecticut or Duchess County to destroy an already precarious
economic and social equilibrium. Instead the new story is simply a replay
of the old one -- a narrative of tensions among impassioned competing
interests that all feel entitled to lay their personal claims to public
space. It's maddening, perhaps impossible in the end and yet deeply
reassuring all at once.

Risks relevance? Many things seem to be changing underfoot with the
pandemic, but in many ways the problems remain more of the same -- only
perhaps intensified.

------------------------------

Date: Wed, 03 Aug 2022 16:46:31 -0700
From: "Robert R. Fenichel, MD" <bob@fenichel.net>
Subject: Robotic Surgery (RISKS 33.36)

More complete reporting of the rates of robotic and manual surgery wouldn't
be sufficient to make the comparative risks much less challenging to
interpret. The problem, as is always the case with nonrandomized medical
data, is selection bias. The patients who undergo robotic procedures are
not necessarily similar to those who get manual procedures, the nurses who attend them are not necessarily similar, and the surgeons are obviously dissimilar, in ways that may be pertinent. To make a reliable comparison of the two techniques, one would need to do a randomized trial.

Randomized trials to make this sort of comparison are not new. For example, see British Journal of Surgery 92(1): 44-49 (2005).

The less easily solved problems, apparently raised in the IEEE article cited
by Stein, and raised earlier when laparoscopic abdominal surgery became
popular ~20 years ago, are those faced by trainees:

* Learning how to do high-tech procedures is tricky, because trainees'
participation in them is even more passive than it is during most open
procedures.

* Open procedures may be getting rarer and rarer, but sometimes they are
needed. Sometimes (possibly more in abdominal procedures than in
prostate procedures; I don't know), procedures are begun as laparoscopic
or robotic procedures but then the surgeon finds anatomic variants, old
scars, or other surprises that force the surgeon to switch to an open
procedure. Nowadays a trainee surgeon may hardly ever have seen (let
alone performed) a conventional open cholecystectomy. This is not a
solved problem.

------------------------------

Date: Thu, 04 Aug 2022 22:22:08 +0000
From: "Richard Marlon Stein" <rmstein@protonmail.com>
Subject: Re: Who is at fault when medical software gets it wrong? (R 33 36)

https://medicalxpress.com/news/2022-08-fault-medical-software-wrong.html

"There is a lot of research showing that clinical decision support software
is generally beneficial. For instance, it reduces medication prescribing
errors and enhances the chance that doctors will follow guidelines for delivering high-quality healthcare. Yet there is also increasing awareness
that malfunctions in clinical decision support software are more common than
we think."

The FDA's regulatory approach to CDS software functions are published here: https://www.fda.gov/media/109618/download (retrieved on 05AUG2022).

The CDS must accurately determine if a prescription fits the condition, does not interact with a patient's current medicine schedule, the patient is not allergic to the new medicine, etc. If a dispenser fills the wrong medicine, though the prescription order is correct, how can one blame the physician? Physicians don't stock dispensers.

I tried to ferret out CDS software adverse device events from the FDA's TPLC platform, but did not discover a huge trove of records. In fact, I could not find ANY devices in the TPLC repository assigned to product codes by
searching for "clinical decision support".

I found a few devices assigned to the term "medication" and "dispenser": Consult https://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfTPLC/tplc.cfm
and apply product code "KYX" or "NXB" to view the MDR history on devices
that dispense liquid or solid medications.

------------------------------

Date: 3 Aug 2022 23:37:50 -0400
From: "John Levine" <johnl@iecc.com>
Subject: Re: Tech giants, including Meta, Google, and Amazon, want to put
an end to leap-seconds (Bacher, RISKS-33.36)

TAI is the time standard that doesn't use leap seconds, while UTC does. They currently are 37 seconds apart.

Unless you are an astronomer, it makes no practical difference whether you
use TAI or UTC so long as you and your friends use the same one. The UTC adjustment means that at noon UTC in Greenwich, England, the sun will be directly overhead, but since we all use time zones, for most of us the sun
has never been overhead at noon because we are not in the exact middle of
our zone.

Rather than moving the clocks forward or backward a second every few years, just let the UTC clocks keep ticking, and let the astronomers take care of themselves. (I gather they do that now, since astronomy needs way better
than one second resolution.)

Perhaps by 2200 the difference between TAI and UTC will be enough that
people care, so they will add a leap ten minutes, but by then we and our grandchildren will be long gone.

------------------------------

Date: Thu, 04 Aug 2022 10:39:26 -0400
From: "Sam Steingold" <sds@gnu.org>
Subject: Re: BMW's Heated as a Service Model Has Drivers Seeking Hacks
(Goldberg, RISKS-33.36)

I think you are missing the point. I think people are unhappy not because
the feature requires a paid activation _once_, but because they don't like
the "subscription" model where they _pay per use_.

Imagine you have to pay your fridge maker every time you want to open the fridge door.

------------------------------

Date: Thu, 4 Aug 2022 01:45:00 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Re: BMW's Heated as a Service Model Has Drivers Seeking Hacks
(John Levine, RISKS-33.36)

Yes (your first four paragraphs).

But, that's price discrimination for selling identical products rather
than offering different products at different price points.

...which next two paragraphs discuss.

Regarding "[IBM] could have sold them all without the delay relay and not
gone broke" -- sure, but why should they? And at what price? Why is what
they did worse for the market than having two actually different devices,
vs. one device offering different benefits for different prices?

Why would it be better -- and unremarkable -- for BMW to have used two seat models, vs. one model with different benefits at different price points?

Putting aside the objectionable rental model, why is charging more for
heated seats bad because it's implemented in software, vs. how it's been
done traditionally, with different seats?

------------------------------

Date: Thu, 4 Aug 2022 12:24:50 -0400
To: risks@csl.sri.com, Sam Steingold <sds@gnu.org>
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Re: BMW's Heated as a Service Model Has Drivers Seeking Hacks
(Steingold, RISKS-33.36)

My main objection is to charging subscription model for features, not to
having them software enabled. Features should be offered at one-time fair prices. (And not absurdly bundled so you must buy more than wanted to get
what IS wanted).

BUT -- it might be nice to have the option -- if a feature isn't purchased
-- to be able to pay per use/week/month. Imagine you travel from warm
climate where you live to someplace bitter cold -- you didn't buy heated
seats but want them temporarily. Or you need the refrigerator light just
once to clean back of shelves. ;-)

------------------------------

Date: 4 Aug 2022 13:51:18 -0400
From: "John Levine" <johnl@iecc.com>

[continued in next message]

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)