[continued from previous message]
a plus side, a minus side, and a stupid side that you didn't anticipate.
Pick out any technology, it's true of them all.''
So it looks unlikely for RISKS to run short of source material any time
soon...
------------------------------
Date: September 24, 2019 6:23:18 JST
From: Richard Forno <
rforno@infowarrior.org>
Subject: Stanislav Petrov, `The Man Who Saved The World', Dies At 77 (NPR)
[via Dave Farber]
Greg Myre Facebook Twitter
https://www.npr.org/sections/thetwo-way/2017/09/18/551792129/stanislav-petrov-the-man-who-saved-the-world-dies-at-77
Stanislav Petrov, a former Soviet military officer, poses at his home in
2015 near Moscow. In 1983, he was on duty when the Soviet Union's early
warning satellite indicated the U.S. had fired nuclear weapons at his
country. He suspected, correctly, it was a false alarm and did not
immediately send the report up the chain of command. Petrov died at age 77.
Stanislav Petrov was a lieutenant colonel in the Soviet Union's Air Defense Forces, and his job was to monitor his country's satellite system, which was looking for any possible nuclear weapons launches by the United States.
He was on the overnight shift in the early morning hours of 26 Sep 1983,
when the computers sounded an alarm, indicating that the U.S. had launched
five nuclear-armed intercontinental ballistic missiles. ``The siren howled, but I just sat there for a few seconds, staring at the big, back-lit, red screen with the word 'launch' on it,'' Petrov told the BBC in 2013.
It was already a moment of extreme tension in the Cold War. On Sept. 1 of
that year, the Soviet Union shot down a Korean Air Lines plane that had
drifted into Soviet airspace, killing all 269 people on board, including a
U.S. congressman. The episode led the U.S. and the Soviets to exchange
warnings and threats.
Petrov had to act quickly. U.S. missiles could reach the Soviet Union in
just over 20 minutes. ``There was no rule about how long we were allowed to think before we reported a strike,'' Petrov told the BBC. ``But we knew
that every second of procrastination took away valuable time, that the
Soviet Union's military and political leadership needed to be informed
without delay. All I had to do was to reach for the phone; to raise the
direct line to our top commanders -- but I couldn't move. I felt like I was sitting on a hot frying pan.''
Petrov sensed something wasn't adding up. He had been trained to expect an all-out nuclear assault from the U.S., so it seemed strange that the
satellite system was detecting only a few missiles being launched. And the system itself was fairly new. He didn't completely trust it.
Arms control expert Jeffrey Lewis recalled the episode in an interview last December on NPR:
``[Petrov] just had this feeling in his gut that it wasn't right. It was
five missiles. It didn't seem like enough. So even though by all of the
protocols he had been trained to follow, he should absolutely have
reported that up the chain of command and, you know, we should be talking
about the great nuclear war of 1983 if any of us survived.''
After several nerve-jangling minutes, Petrov didn't send the computer
warning to his superiors. He checked to see if there had been a computer malfunction.
He had guessed correctly. ``Twenty-three minutes later I realized that
nothing had happened,'' he said in 2013. ``If there had been a real strike, then I would already know about it. It was such a relief.''
That episode and the 1962 Cuban Missile Crisis are considered to be the
closest the U.S. and the Soviets came to a nuclear exchange. And while the Cuban Missile Crisis has been widely examined, Petrov's actions have
received much less attention.
Petrov died on 19 May 2019, at age 77, in a suburb outside Moscow, according
to news reports Monday. He had long since retired and was living alone. News
of his death apparently went unrecognized at the time.
Karl Schumacher, a German political activist who had highlighted Petrov's actions in recent years, tried to contact Petrov earlier this month to wish
him a happy birthday. Instead, he reached Petrov's son, Dmitri, who said his father had died in May.
Petrov said he received an official reprimand for making mistakes in his logbook on Sept. 26, 1983.
His story was not publicized at the time, but it did emerge after the Soviet Union collapsed. He received a number of international awards during the
final years of his life. In 2015, a docudrama about him featuring Kevin
Costner was called The Man Who Saved The World.
But he never considered himself a hero.
``That was my job. But they were lucky it was me on shift that night.''
Greg Myre is a national security correspondent. Follow him @gregmyre1.
------------------------------
Date: Mon, 23 Sep 2019 14:14:05 -1000
From: the keyboard of geoff goodfellow <
geoff@iconia.com>
Subject: Too Many VPNs Put Our Privacy And Security At Risk (Forbes)
Virtual private networks: they help you sidestep geographical media restrictions, and they keep your web browsing private, right? Well, not
always, because even if the best VPNs add a welcome layer of security to our web setups, cybersecurity experts are warning that there are just as many
VPN applications that expose their trusting users to surveillance and cyberattacks.
According to a broad range of specialists, many free and mobile VPNs on the market use unsafe protocols and log user activity, while even good virtual private networks can't always guarantee to protect their users from the
prying eyes of a jealous government or its intelligence agencies. That's why it's vitally important that we not only choose the most reliable and robust VPNs available, but that we also learn how to configure and run them to
their full potential. Otherwise, we may find ourselves in a similar
situation to users of Fortigate and Pulse Secure, two VPNs which were
targeted by cyberattackers last month.
Normally, VPNs are very useful and dependable tools, with 30% of all
Internet users employing a VPN at least once a month. ``Generally speaking,
a modern online VPN is a service that is designed to encrypt your entire computer's traffic and at the same time hide your identity by routing your
(now encrypted) traffic through one or more anonymous routers,'' explains
Yaniv Balmas, the head of cyber research at Check Point. ``Assuming that
the VPN provider uses up-to-date encryption methods and frequently changes
its routing points, this service should provide a secure and robust
service.''
However, Balmas adds that ``the devil lies in the details,'' with poorly implemented virtual private networks causing ``more harm than good for its users.'' In fact, the scale of the problem is actually more extensive than most people realise, because in many cases VPNs -- and particularly free
and/or mobile VPNs -- not only don't work as advertised, but also leave
users open to viruses and privacy violations.
``We tested the top 150 free VPN Android apps and found that many had
serious security flaws and performance issues,'' warns Callum Tennent, a VPN expert and the site editor at Top10VPN.com. Referring to a study his website conducted in February, Tennent alarmingly reveals that 18% of the tested
VPNs contained potential malware or viruses, 85% featured excessive
permissions or functions that could put a user's privacy at risk, and 25% exposed a user's traffic to DNS leaks and other leaks...
https://www.forbes.com/sites/simonchandler/2019/09/23/too-many-vpns-put-our-privacy-and-security-at-risk/
------------------------------
Date: Wed, 25 Sep 2019 2:59:40 PDT
From: "Peter G. Neumann" <
neumann@csl.sri.com>
Subject: Two articles by Bruce Schneier on supply-chain security threats
https://www.nytimes.com/2019/09/25/opinion/huawei-internet-security.html
https://edition.cnn.com/2019/09/21/opinions/chinese-spy-trains-are-not-a-credible-threat-schneier/index.html
------------------------------
Date: Fri, 13 Sep 2019 20:31:50 -0400
From: "Arthur T." <
Risks201909.10.atsjbt@xoxy.net>
Subject: Re: Alabama is penalizing students for leaving football games early
(RISKS-31.42)
The Washington Post's headline is seriously misleading. The story text says that students ``earn 100 points for attending a home game and then get an additional 250 if they're still in attendance by the fourth quarter.'' To
me, not rewarding someone is very different from penalizing them. The story
(as opposed to the headline) implies that a student is always better off attending a game, even if the student leaves early.
------------------------------
Date: Fri, 13 Sep 2019 19:20:45 -0400
From: Mark Brader <
msb@vex.net>
Subject: Re: Why a cup of coffee forced a plane to make an unplanned landing
(WashPost via Solomon, RISKS-31.42)
A new safety bulletin from the British government shows that an unplanned landing in Ireland was caused by coffee that spilled on a control panel in the cockpit.
Life imitates fiction! This is exactly the cause identified for a plane
crash in the movie *Fate is the Hunter* -- in 1964.
[There's no crying over spilled milk, but spilled coffee is different.
The diverted aircraft resulted in a new form of diverticulitis for every
passenger and crew member. PGN]
------------------------------
Date: Mon, 14 Jan 2019 11:11:11 -0800
From:
RISKS-request@csl.sri.com
Subject: Abridged info on RISKS (comp.risks)
The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
comp.risks, the feed for which is donated by panix.com as of June 2011.
SUBSCRIPTIONS: The mailman Web interface can be used directly to
subscribe and unsubscribe:
http://mls.csl.sri.com/mailman/listinfo/risks
SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that
includes the string `notsp'. Otherwise your message may not be read.
*** This attention-string has never changed, but might if spammers use it.
SPAM challenge-responses will not be honored. Instead, use an alternative
address from which you never send mail where the address becomes public!
The complete INFO file (submissions, default disclaimers, archive sites,
copyright policy, etc.) is online.
<
http://www.CSL.sri.com/risksinfo.html>
*** Contributors are assumed to have read the full info file for guidelines!
OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
searchable html archive at newcastle:
http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
Also,
ftp://ftp.sri.com/risks for the current volume
or
ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
If none of those work for you, the most recent issue is always at
http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-31.00
Lindsay has also added to the Newcastle catless site a palmtop version
of the most recent RISKS issue and a WAP version that works for many but
not all telephones:
http://catless.ncl.ac.uk/w/r
ALTERNATIVE ARCHIVES:
http://seclists.org/risks/ (only since mid-2001)
*** NOTE: If a cited URL fails, we do not try to update them. Try
browsing on the keywords in the subject line or cited article leads.
Apologies for what Office365 and SafeLinks may have done to URLs.
Special Offer to Join ACM for readers of the ACM RISKS Forum:
<
http://www.acm.org/joinacm1>
------------------------------
End of RISKS-FORUM Digest 31.43
************************
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)