RISKS-LIST: Risks-Forum Digest Wednesday 25 Sept 2019 Volume 31 : Issue 43
ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy
***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <
http://www.risks.org> as
<
http://catless.ncl.ac.uk/Risks/31.43>
The current issue can also be found at
<
http://www.csl.sri.com/users/risko/risks.txt>
Contents:
Saudi Arabia oil output takes major hit after apparent drone attacks
claimed by Yemen rebels (The WashPost)
Exclusive: Russia carried out a 'stunning' breach of FBI
communications system, escalating the spy game on U.S. soil (Cryptography) Google CEO Warns of Deepfakes Detection Challenges Ahead (Politico)
125 New Flaws Found in Routers and NAS Devices from Popular Brands
(TheHackerNews)
How Hackers Could Break Into the Smart City (James Rundle)
Chicago Man Fraudulently Accrued 42 Million Delta SkyBonus Points
(The NYTimes)
I create fake videos. Here's why people believe even the obvious ones
(Fast Company)
I am awesome': How a millennial built a fentanyl empire (WashPost)
There Is No Tech Backlash; Worse, we think there is one. (Rob Walker)
Your Car. Your Data. (via Gabe Goldberg)
When `collect all the data' misses the important data (Arthur T.)
Get popcorn for iOS 13's privacy pop-ups of creepy Facebook data grabs
(TechCrunch)
The children of Donor H898 (WashPost)
The man-made 'stars' changing the night sky (bbc.com)
What Really Brought Down the Boeing 737 Max? (The NYTimes)
You watch TV. Your TV watches back. (The Washington Post)
Single drivers are taking over Massachusetts carpool lanes
False emergency alarms set off in Hawaii, again. (NBC News)
Global Preparedness Monitoring Board (Fortune)
Instigator of fatal Kansas swatting receives prison sentence (Ars Technica)
IoT Security: Now Dark Web Hackers are Targeting Internet-Connected Gas
Pumps (Danny Palmer)
'Security' Cameras Are Dry Powder for Hackers. Here's Why (Fortune)
The iOS 13 Privacy and Security Features You Should Know (WiReD)
Two years later, hackers are still breaching local government payment
portals (Catalin Cimpanu)
Man allegedly used drone to pelt ex-girlfriend's home with bombs
(Charlie Osborne)
Apple Watch helps save motorcyclist's life (Adiran Kingsley-Hughes)
Good Quote from 'The Handmaid's Tale' Author (Chris Drewe)
Stanislav Petrov, `The Man Who Saved The World', Dies At 77 (NPR)
Too Many VPNs Put Our Privacy And Security At Risk (Forbes)
Two articles by Bruce Schneier on supply-chain security threats (PGN)
Re: Alabama is penalizing students for leaving football games early
(Arthur T.)
Re: Why a cup of coffee forced a plane to make an unplanned landing
(Mark Brader)
Abridged info on RISKS (comp.risks)
----------------------------------------------------------------------
Date: Sat, 14 Sep 2019 22:19:24 -0400
From: Monty Solomon <
monty@roscom.com>
Subject: Saudi Arabia oil output takes major hit after apparent drone attacks
claimed by Yemen rebels (The WashPost)
https://www.washingtonpost.com/world/drone-attacks-on-saudi-oil-facilities-spark-explosions-and-fires/2019/09/14/b6fab6d0-d6b9-11e9-ab26-e6dbebac45d3_story.html
------------------------------
Date: Mon, 16 Sep 2019 14:31:37 -0400
From: Jerry Leichter <
leichter@lrw.com>
Subject: Exclusive: Russia carried out a 'stunning' breach of FBI
communications system, escalating the spy game on U.S. soil (Cryptography)
From the Cryptography Mailing List <
cryptography@metzdowd.com>
Too long to try to summarize. It looks as if the Russians, starting in
roughly 2010, managed to crack the encryption used on FBI tactical radios.
``A former senior counterintelligence official blamed the compromises on a `hodgepodge of systems' ineffective beyond the line of sight. The infrastructure that was supposed to be built, they never followed up, or
gave us the money for it. The intelligence community has never gotten an integrated system.''
https://news.yahoo.com/exclusive-russia-carried-out-a-stunning-breach-of-fbi-communications-system-escalating-the-spy-game-on-us-soil-090024212.html
------------------------------
Date: Wed, 18 Sep 2019 10:11:16 PDT
From: "Peter G. Neumann" <
neumann@csl.sri.com>
Subject: Google CEO Warns of Deepfakes Detection Challenges Ahead (Politico)
Google CEO Sundar Pichai warned on Tuesday that "detecting deepfakes is one
of the most important challenges ahead of us," and announced the search
giant had released a massive trove of such videos. The goal: to use those deepfakes as a dataset for researchers working on tools and techniques to detect these AI-altered, doctored clips. (Earlier this year, Google also released a dataset of synthetic speech <
https://www.blog.google/outreach-initiatives/google-news-initiative/advancing-research-fake-audio-detection/>
to help researchers working on detecting fake audio.) Google said a blog
post that it has plans to add to the dataset -- which is made up of both
real and fake videos produced through deepfake generation methods available
to the public -- as the technology becomes more sophisticated. "We firmly believe in supporting a thriving research community around mitigating
potential harms from misuses of synthetic media," the company said.
Researchers have warned that the volume and sophistication of deepfakes will continue to climb as the 2020 election approaches, but some are wary that government regulation of deepfakes would raise First Amendment concerns. "I don't think [legislation's] a good way to go," Paul Barrett, deputy director
of NYU's Stern Center for Business and Human Rights and the researcher
behind a new report on 2020 disinformation, told your MT host. "The better alternative is for the companies themselves to devise technology that can
flag potential deepfakes. ... It's incumbent on the companies to invest more and work harder to make the kind of distinctions that need to be made."
------------------------------
Date: Tue, 17 Sep 2019 09:00:31 -1000
From: geoff goodfellow <
geoff@iconia.com>
Subject: 125 New Flaws Found in Routers and NAS Devices from Popular Brands
(TheHackerNews)
EXCERPT:
The world of connected consumer electronics, IoT, and smart devices <
https://thehackernews.com/2017/08/hacking-track-movements.html> is growing faster than ever with tens of billions of connected devices streaming and sharing data wirelessly over the Internet, but how secure is it?
As we connect everything from coffee maker to front-door locks and cars to
the Internet, we're creating more potential -- and possibly more dangerous
-- ways for hackers to wreak havoc.
Believe me, there are over 100 ways a hacker can ruin your life just by compromising your wireless router -- a device that controls the traffic
between your local network and the Internet, threatening the security and privacy of a wide range of wireless devices, from computers and phones to IP Cameras, smart TVs and connected appliances. <
https://thehackernews.com/2018/10/ghostdns-botnet-router-hacking.html>
In its latest study titled SOHOpelessly Broken 2.0, <
https://www.securityevaluators.com/whitepaper/sohopelessly-broken-2/> Independent Security Evaluators (ISE) discovered a total of 125 different security vulnerabilities across 13 small office/home office (SOHO) routers
and Network Attached Storage <
https://thehackernews.com/2019/07/ransomware-nas-devices.html> (NAS)
devices, likely affecting millions.
``Today, we show that security controls put in place by device manufacturers are insufficient against attacks carried out by remote adversaries. This research project aimed to uncover and leverage new techniques to circumvent these new security controls in embedded devices,'' the researchers said.
List of Affected Router Vendors...
https://thehackernews.com/2019/09/hacking-soho-routers.html
------------------------------
Date: Wed, 18 Sep 2019 9:29:35 PDT
From: "Peter G. Neumann" <
neumann@csl.sri.com>
Subject: How Hackers Could Break Into the Smart City (James Rundle)
James Rundle, *The Wall Street Journal*, 12 Sep 2019
via ACM TechNews, 18 Sep 2019
The more connected a smart city is, the greater its vulnerability to cyberattack, with sensors collecting data from streetlights and buildings
one likely attack vector. Connections to smart grids and water-supply
systems also could be exploited and hijacked, as could connections to autonomous vehicles. Suggested prevention and mediation strategies include encrypting data being transmitted over smart city networks, and ensuring everything is not on the same network. Portland, OR, keeps its sensors
separate from wider urban networks as much as possible; that city also anonymizes its data and deletes collected video footage immediately after analysis, under the aegis of the city's Smart City PDX program. Meanwhile, officials in New York have established a testing laboratory for Internet of Things devices, which has completed examinations of more than a dozen
devices for performance and vulnerabilities. Said Cesar Cerrudo, founder of Securing Smart Cities, ``If you don't cover security from the very
beginning, then it becomes very difficult to protect it.''
------------------------------
Date: Sat, 14 Sep 2019 23:05:38 -0400
From: Monty Solomon <
monty@roscom.com>
Subject: Chicago Man Fraudulently Accrued 42 Million Delta SkyBonus Points
(The NYTimes)
https://www.nytimes.com/2019/09/13/travel/delta-skybonus-fraud.html
Gennady Podolsky used his position as a travel agent to cheat Delta Air Lines out of $1.75 million worth of loyalty points, according to an indictment.
------------------------------
Date: September 15, 2019 6:27:47 JST
From: the keyboard of geoff goodfellow <
geoff@iconia.com>
Subject: I create fake videos. Here's why people believe even the obvious ones
(Fast Company)
People will accept anything as true if it confirms their beliefs --
regardless of whether a video or image has obviously been manipulated
EXCERPT:
Lots of people -- including Congress -- are worried about fake videos and imagery distorting the truth, purporting to show people saying and doing
things they never said or did.
I'm part of a larger U.S. government project that is working on developing
ways to detect images and videos that have been manipulated. My team's work, though, is to play the role of the bad guy. We develop increasingly devious, and convincing, ways to generate fakes -- in hopes of giving other
researchers a good challenge when they're testing their detection methods.
For the past three years, we've been having a bit of fun dreaming up new
ways to try to change the meaning of images and video. We've created some scenarios ourselves, but we've also had plenty of inspiration from current events and circumstances of actual bad guys trying to twist public opinion.
I'm proud of the work we've done, and hope it will help people keep track of the truth in a media-flooded world. But we've found that a key element of
the battle between truth and propaganda has nothing to do with
technology. It has to do with how people are much more likely to accept something if it confirms their beliefs.
FINDING, AND PUSHING, TECHNICAL BOUNDARIES
When we make our fakes, we start by collecting original, undoctored images
and videos. Those not only offer raw material for us to manipulate the
images but also include the data stored in authentic media files -- sort of like a technical fingerprint that accompanies every piece of media that describes how and when it was taken, and with what tools...
https://www.fastcompany.com/90404007/i-create-fake-videos-heres-why-people-believe-even-the-obvious-ones
------------------------------
Date: Sun, 15 Sep 2019 18:39:57 -0400
From: Monty Solomon <
monty@roscom.com>
Subject: I am awesome': How a millennial built a fentanyl empire (WashPost)
https://www.washingtonpost.com/national/health-science/the-fool-that-fentanyl-made-into-a-millionaire/2019/09/14/dcb696ec-d6f9-11e9-8924-1db7dac797fb_story.html
------------------------------
Date: September 15, 2019 22:36:48 JST
From: Dewayne Hendricks <
dewayne@warpspeed.com>
Subject: There Is No Tech Backlash; Worse, we think there is one. (Rob Walker)
Rob Walker, TheNYTimes, 14 Sep 2019
https://www.nytimes.com/2019/09/14/opinion/tech-backlash.html
It's fun, and increasingly fashionable, to complain about technology. Our
own devices distract us, others' devices spy on us, social media companies poison public discourse, new wired objects violate our privacy, and all of
this contributes to a general sense of runaway change careening beyond our control. No wonder there's a tech backlash.
But, really, is there? There certainly has been talk of a backlash, for a couple of years now. Politicians have discussed regulating big tech
companies more tightly. Fines have been issued, breakups called for. A tech press once dedicated almost exclusively to gadget lust and organizing conferences that trot out tech lords for the rest of us to worship has taken
on a more critical tone; a drumbeat of exposes reveal ethically and legally dubious corporate behavior. Novels and movies paint a skeptical or even dystopian picture of where tech is taking us. We all know people who have theatrically quit this or that social media service, or announced digital sabbaticals. And, of course, everybody kvetches, all the time.
However, there is the matter of our actual behavior in the real-world marketplace. The evidence there suggests that, in fact, we love our devices
as much as ever. There is no tech backlash.
Consider Facebook: It's hard to imagine a more backlashable company.
Facebook is widely associated with data breaches, the spread of dubious information and a basic deterioration of interpersonal communication. It was recently fined nearly $5 billion by the Federal Trade Commission for mishandling its customers' data. And, given its ubiquity, it's also a handy stand-in for the corporatization of online life in general. If you're going
to make a show of quitting a tech service, Facebook may be your best choice.
But according to its most recent quarterly report, the number of Facebook accounts used daily (1.59 billion) and monthly (2.4 billion) each increased
by 8 percent over the prior quarter. Despite all the anecdotes you've heard about people deleting their accounts, the company's flagship app added about
a million new daily users in the United States alone. Revenue was up 28%.
Even factoring in the F.T.C. fine, Facebook recorded a profit of $2.6B.
Facebook is not the only demonized tech platform; social media companies in general are routinely criticized as toxic swamps full of trolls, liars and bots. But again, there's no evidence of any exodus. In the same
quarter, Twitter addedfive million new daily users, and Snap reported that
the daily user base of its flagship Snapchat app grew 7 percent, its
best-ever performance as a public company. According to the Pew Research Center, 72 percent of Americans usesome form of social media, a percentage
that has risen steadily for years and shows no sign of flagging. (The people
I know who quit Facebook all use Facebook-owned Instagram, WhatsApp, or
both.)
Habits die hard. But even more remarkable than our apparent reluctance to
ditch the technologies we love to dis is a fervent embrace of newer new
things that seem, at the very least, worth approaching with caution.
Take smart speakers -- the kind that respond to vocal prompts and
questions -- as an example. It's exactly the sort of
technology that gives people pause. Is this thing listening to me all the
time? What about these weird stories of smart speakers laughing or cursing,
or randomly recording a conversation and sending it to the owners'
contacts? The tech press has gotten better and better at chronicling the
latest troubling answers -- for instance, people may in fact listen
to your voice activations as part of the process of refining the
device's functionality -- and detailing what, if anything,
you can do about it.
Nevertheless: As of last year, a little more than a quarter of American households owned a smart speaker, according to one estimate. The category leader is the Amazon Echo, equipped with the Alexa voice-recognition
software; Amazon says it has sold more than 100 million Alexa devices.
Certain tech-use indicators have in fact leveled off in recent years, but that's mostly because they correspond with categories that are already thoroughly established and widespread: Around 95 percent of consumers in the United States say they have or use a cellphone, and 89 percent have or use
the Internet, according to Pew. But dig a little deeper into that data, and
it turns out that *new connected devices continue to emerge* and we continue
to embrace them. In addition to voice assistants, smart TVs and wearable devices are growing in popularity.
Perhaps most remarkable, if you think we're in the midst of tech backlash,
is the traction of the aggressively hyped smart-home trend, encouraging you
to link your locks and lights and other household infrastructure to the Internet. Amazon(which intuitively ought to be suffering in a
tech-backlashed environment) recently announced that the record sales on its most recent Prime Day promotion included ``millions of smart home devices.''
------------------------------
Date: Mon, 16 Sep 2019 22:15:20 -0400
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Your Car. Your Data.
Your Car. Your Data. Your Choice. is an Auto Care Association education initiative created to engage car owners, policymakers and other stakeholders
on car data– What is it, why it matters, and its implications for consumer choice.
https://yourcaryourdata.org/
------------------------------
Date: Sat, 14 Sep 2019 21:51:01 -0400
From: "Arthur T." <
Risks201909.10.atsjbt@xoxy.net>
Subject: When `collect all the data' misses the important data
Pennsylvania has recent infestations of an invasive insect species (the
spotted lanternfly). It has given a grant to a state university to track sightings of them, and they're publicizing the tracking very aggressively.
But they won't accept a sighting report unless you first give them your name and telephone number. There's no indication as to who will have access to
that data, which is especially concerning as it's a government-affiliated university and possibly susceptible to FOIA requests.
That data would be a major boon for certain vendors and fund-raisers. Who is paying attention to the environment? Where do they travel and when? Etc.
So, by collecting data they don't need, they're missing the dozen or so
reports I would have made, and there are probably other non-reports by other privacy-minded people.
------------------------------
Date: September 17, 2019 0:22:22 JST
From: Richard Forno <
rforno@infowarrior.org>
Subject: Get popcorn for iOS 13's privacy pop-ups of creepy Facebook data grabs
(TechCrunch)
Privacy-minded changes to smartphone operating systems which foreground the background activity of third party apps are helping to spotlight more of the surveillance infrastructure deployed by adtech giants to track and profile human eyeballs for profit.
To wit: iOS 13, which will be generally released later this week, has
already been spotted catching Facebook's app trying to use Bluetooth
to track nearby users.....
https://techcrunch.com/2019/09/16/get-popcorn-for-ios-13s-privacy-pop-ups-of-creepy-facebook-data-grabs/
------------------------------
Date: Mon, 16 Sep 2019 21:04:45 -0400
From: Monty Solomon <
monty@roscom.com>
Subject: The children of Donor H898 (WashPost)
At least a dozen children diagnosed with autism were conceived with
sperm from the same donor.
https://www.washingtonpost.com/health/the-children-of-donor-h898/2019/09/14/dcc191d8-86da-11e9-a491-25df61c78dc4_story.html
------------------------------
Date: Thu, 19 Sep 2019 11:37:05 +0800
From: Richard Stein <
rmstein@ieee.org>
Subject: The man-made 'stars' changing the night sky (bbc.com)
http://www.bbc.com/future/story/20190918-is-humanity-changing-the-night-sky-with-artificial-stars
There is already around 8,400 tonnes of debris and junk currently racing
around the Earth as speeds of up to 18,000mph (28,800km/h). This hail of
debris can damage and even destroy satellites if they collide -- in 2009, a defunct Russian satellite smashed into a functioning US commercial
satellite, breaking both spacecraft into at least 2,000 pieces, dramatically increasing the amount of debris in orbit in the process.
``Nasa currently tracks thousands of pieces of debris down to the size of a marble and regularly performs avoidance maneuvers to keep its satellites
safe. The International Space Station has also had to make several maneuvers
to avoid debris during its 20 years in orbit.''
With a deployed 'man-mad space shield' of this magnitude already
operational, but not readily controllable, there's no need to build a
dedicated space force to defend the planet against extraterrestrial
invasion!
------------------------------
Date: Wed, 18 Sep 2019 23:58:13 -0400
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: What Really Brought Down the Boeing 737 Max? (The NYTimes)
https://www.nytimes.com/2019/09/18/magazine/boeing-737-max-crashes.html
------------------------------
Date: Thu, 19 Sep 2019 00:06:00 -0400
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: You watch TV. Your TV watches back. (The Washington Post)
In our latest privacy experiment, we tracked how four of the most popular TV brands record everything we watch.
https://www.washingtonpost.com/technology/2019/09/18/you-watch-tv-your-tv-watches-back/
I've had a *smart* TV for almost a year; it's not online and I watch cable
TV, DVDs, Roku (channels, Netflix, Amazon prime) just fine.
I ignore its occasional pleas to connect it to the outside world.
------------------------------
Date: Thu, 19 Sep 2019 08:07:12 -0400
From: Monty Solomon <
monty@roscom.com>
Subject: Single drivers are taking over Massachusetts carpool lanes
(The Boston Globe)
https://www.bostonglobe.com/metro/2019/09/11/single-drivers-are-taking-over-mass-carpool-lanes/a32bKhXxoZNygjnPPjgKvO/story.html
------------------------------
Date: Thu, 19 Sep 2019 09:12:45 -0400
From: Monty Solomon <
monty@roscom.com>
Subject: False emergency alarms set off in Hawaii, again. (NBC News)
https://www.nbcnews.com/news/us-news/false-emergency-alarms-set-hawaii-again-n1056281
------------------------------
Date: Thu, 19 Sep 2019 19:05:13 -0400
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Global Preparedness Monitoring Board (Fortune)
What does a worst case scenario look like in public health? If we went the Hollywood route, you could envision all sorts of disasters. A lone patient spreading a deadly bug via international travel; a contamination in the food supply; heck, maybe just the emergence of a superbug resistant to existing treatments (a potential $100 trillion risk <
https://click.newsletters.fortune.com/?qs=01edd9ca5e91c9d2cacdcadafa419ed0a96e80a0929024416654b57725ebd5101975ad65d20cb5f9b2631e012684a701c448d5f090da8e07>
by some accounts).
The thing is, any sort of pandemic could be catastrophic – and the world simply isn't prepared to deal with such an outbreak, according to a first-of-its-kind report <
https://click.newsletters.fortune.com/?qs=04a8392c00f77920cdb333607274ba4cc389753f201ffb5a822ce09f3d46b8e9f458bab130eb0bab31838c7fec525c8775fa8fd2a5b83d64>
from the Global Preparedness Monitoring Board (GPMB). In fact, as many as 80 million people could die in an outbreak within 36 hours, the authors say, if
an airborne pathogen were to make its way around the globe.
The GPMB was convened by the World Health Organization (WHO) and the World
Bank to investigate these exact kinds of issues. And the initial prognosis
is grim (the report itself is frighteningly titled, `A World At Risk').
Here's just a snippet of what the group had to say: “The central finding of the report is that the world needs to proactively establish the systems
needed to detect and control potential disease outbreaks. These acts of preparedness are a global public good that must meaningfully engage communities, from the local to the international, in preparedness,
detection, response and recovery.”
The report outlines the many failures of international governments, from lackluster public health systems to lapses in communication to a dearth of
drug and vaccine development, to prepare for a major pandemic. (The issue is serious enough that the World Bank created the first-ever global insurance market <
https://click.newsletters.fortune.com/?qs=116f9e6ffa6b24f0c4888644a1e6141dfd41b7deeee304c6c77370d904d6564557f54c276ee97bc36a76975bf4152c7e38097a3477c4428d>
for pandemics back in 2016.)
But GPMB also offers some practical solutions. “Investing in health
emergency preparedness will improve health outcomes, build community trust
and reduce poverty, thereby also contributing to efforts to achieve the
United Nations Sustainable Development Goals,” the authors wrote.
/From the foreword by Co-Chairs H.E. Dr Gro Harlem Brundtland and Mr Elhadj
As Sy/: “For its first report, the Global Preparedness Monitoring Board reviewed recommendations from previous high-level panels and commissions following the 2009 H1N1 influenza pandemic and the 2014-2016 Ebola outbreak, along with its own commissioned reports and other data. The result is a snapshot of where the world stands in its ability to prevent and contain a global health threat. Many of the recommendations reviewed were poorly implemented, or not implemented at all, and serious gaps persist. For too
long, we have allowed a cycle of panic and neglect when it comes to
pandemics: we ran.
http://apps.who.int/gpmb/annual_report.html
Plus: We Are All Pawns in a Mosquito's World
https://www.sierraclub.org/sierra/we-are-all-pawns-mosquitos-world
------------------------------
Date: Fri, 20 Sep 2019 11:14:12 -0400
From: Monty Solomon <
monty@roscom.com>
Subject: Instigator of fatal Kansas swatting receives prison sentence
(Ars Technica)
https://arstechnica.com/tech-policy/2019/09/man-behind-deadly-kansas-swatting-sentenced-to-15-months-in-prison/
------------------------------
Date: Sat, 21 Sep 2019 2:20:36 PDT
From: "Peter G. Neumann" <
neumann@csl.sri.com>
Subject: IoT Security: Now Dark Web Hackers are Targeting Internet-Connected
Gas Pumps (Danny Palmer)
Danny Palmer, ZDNet, 10 Sep 2019
Researchers at Trend Micro have found that cyber criminals are increasingly focusing their attention on hacking Internet of Things (IoT) devices. While routers remain the top target for IoT-based attacks, Internet-connected gas pumps are becoming a focal point as well. The researchers came to this conclusion after examining Dark Web marketplaces in five different
languages: Russian, Portuguese, English, Arabic, and Spanish. They found the Russian market is the most sophisticated of the underground communities,
with cyber criminals there ready to make money from attacks and exploits.
Trend Micro's Bharat Mistry said operators of Internet-connected gas pumps
and similar devices should have their default passwords changed, and
``should also think about using features such as VPNs to encrypt the
traffic, and mutual authentication, whereby both the device and the user validate one other before continuing.''
https://orange.hosting.lsoft.com/trk/click?ref=3Dznwrbbrs9_6-219dax21dd15x069949&
------------------------------
Date: Sat, 21 Sep 2019 19:50:05 -0400
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: 'Security' Cameras Are Dry Powder for Hackers. Here's Why (Fortune)
https://fortune.com/2019/09/19/security-cameras-are-dry-powder-for-hackers-heres-why/
------------------------------
Date: Sun, 22 Sep 2019 23:38:29 -0400
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: The iOS 13 Privacy and Security Features You Should Know (WiReD)
Your iPhone just got a major security upgrade. Here are all the ins and
outs.
If you own a relatively new iPhone <
https://www.wired.com/review/apple-iphone-11/>, this week you should have received a notification that the latest iOS 13 update <
https://www.wired.com/story/apple-ios-13-arrives/> is ready to
download. Besides the more obvious additions -- like the introduction of
dark mode, and the unexpected joys of Apple Arcade <
https://www.wired.com/story/apple-arcade-reshape-mobile-gaming/> -- it also features a raft of security and privacy enhancements.
The reputation of iOS security may have taken some dings <
https://www.wired.com/story/ios-security-imessage-safari/> of late, but
it's still one of the most secure consumer operating systems available.
Here are all the ways the latest version keeps you even more protected.
https://www.wired.com/story/ios-13-security-privacy-features-settings/
...complicated, sigh.
------------------------------
Date: Mon, 23 Sep 2019 11:49:42 -0700
From: Gene Wirchenko <
gene@shaw.ca>
Subject: Two years later, hackers are still breaching local government
payment portals (Catalin Cimpany)
Catalin Cimpanu for Zero Day | 19 Sep 2019
New 20,000 batch of payment card details found on the dark web and traced
back to new Click2Gov hacks.
https://www.zdnet.com/article/two-years-later-hackers-are-still-breaching-local-government-payment-portals/
opening text:
Two years after hackers first started targeting local government payment portals, attacks are still going on, with eight cities having had their Click2Gov payment portals compromised in the last month alone, security researchers from Gemini Advisory have revealed in a report shared with ZDNet today.
These new hacks have allowed hackers to get their hands on over 20,000
payment card details belonging to US citizens, which are now being traded on the dark web, the cyber-security firm said.
------------------------------
Date: Mon, 23 Sep 2019 11:53:51 -0700
From: Gene Wirchenko <
gene@shaw.ca>
Subject: Man allegedly used drone to pelt ex-girlfriend's home with bombs
(Charlie Osborne)
Charlie Osborne for Zero Day | 20 Sep 2019
Charges now include unregistered drone operation, meth use, and unlawfully owning firearms.
https://www.zdnet.com/article/man-allegedly-used-drones-to-pelt-ex-girlfriends-home-with-bombs/
In the aftermath of a breakup, people can lose all reason and taking irresponsible action -- whether it be cutting up an ex-partner's clothes, throwing out their possessions, or scratching their car.
In extreme cases, drones, otherwise known as unmanned aerial vehicles
(UAVs), may also allegedly become weaponized.
According to US prosecutors, a 43-year-man used a DJI Phantom 3 drone to
drop homemade bombs on a previous girlfriend's property.
------------------------------
Date: Mon, 23 Sep 2019 12:12:42 -0700
From: Gene Wirchenko <
gene@shaw.ca>
Subject: Apple Watch helps save motorcyclist's life (Adiran Kingsley-Hughes)
Adrian Kingsley-Hughes for Hardware 2.0 | 23 Sep 2019
A Washington man credits the Apple Watch with helping to save his father's
life following a biking accident that left him unconscious.
https://www.zdnet.com/article/apple-watch-helps-save-motorcyclists-life/
The Apple Watch 4 and later contains a sensor that is continually looking
out for the wearer suffering a hard fall that could render them unconscious
and summon emergency help. This is exactly what happened to Gabe Burdett's father.
------------------------------
Date: Mon, 23 Sep 2019 22:28:28 +0100
From: Chris Drewe <
e767pmk@yahoo.co.uk>
Subject: Good Quote from 'The Handmaid's Tale' Author
Last Saturday's newspaper featured an interview (couldn't find it on-line)
with Margaret Atwood, author of `The Handmaid's Tale' and more recently `The Testaments'. This included her saying: ``Like any human technology, there's
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)