[continued from previous message]

(Pivot to AI)

Kroger, the U.S.’s largest supermarket chain, has been rolling out
AI-powered “dynamic pricing” -— hooked to cameras on its display shelves.

Since 2018, the chain has been using digital price labels that can change in real-time based on the mountains of data the store collects on
shoppers. Kroger expanded this system to 500 of its 2,750 retail grocery
stores in 2023.

Kroger has been working with Microsoft since 2018 to put cameras on its so-called EDGE (Enhanced Display for Grocery Environment) shelf
displays. These let them do video analytics to enable “personalized offers” based on “customer demographics” — and certainly not price gouging based on
age, sex, or color. [Supermarket News, 2019]

Microsoft insists that these “smart shelves” will “delight the shoppers.”
[Microsoft, 2018]

In February 2024, Kroger partnered with AI company Intelligence Node to
analyze their growing piles of customer data in the quest for “unparalleled digital shelf optimization.” Intelligence Node sells the dynamic pricing software. [Press release; Intelligence Node]

Senators Elizabeth Warren (D-MA) and Bob Casey (D-PA) wrote a letter to
Kroger CEO Rodney McCullen on August 5. They worry about the potential for price gouging and exploiting sensitive consumer data. [Letter, PDF]

Kroger insists that “any test of electronic shelf tags is to lower prices more for customers where it matters most. To suggest otherwise is not true.” For some reason, nobody trusts them. [Progressive Grocer]

We can hardly wait for the followup story: “Whoops! Kroger’s dynamic pricing
system turns out to be savagely racist.”

https://pivot-to-ai.com/2024/08/13/kroger-unveils-ai-powered-automatic-price-gouger/

------------------------------

Date: Mon, 12 Aug 2024 21:53:36 -0400
From: Bob Smith <bsmith@sudleyplace.com>
Subject: Corporation Email Looks Like A Scam

I made a purchase at Lowes for which there was a substantial discount if I signed up for their credit card, so I did.

A few days later I received an email about my new Lowes.com credit card
which looked legit except for the fact that none of the links pointed to anything within the Lowes.com domain. This break in the chain of trust is a common way scammers exploit the trusting public.

I contacted Lowes by phone and pointed out to them the email I received was
in a format commonly used by scammers. The person I contacted told me that
the links were to a legitimate bank and didn't seem to understand the
general issue for our society if legitimate emails from banks look similar
to scammer emails.

The links were to synchronyfinancial.com and syf.com which I did not
recognize but I later determined are in fact to a legitimate banking institution.

Perhaps I'm being too paranoid, but it seems that without too much effort, Lowes could arrange with the out-sourced financial institution to use links which always point to a CNAME on Lowes.com which Lowes can then redirect to
the appropriate destination at synchronyfinancial bank.

I guess the issue is the extent to which a legitimate business like Lowes should go out of their way to make sure its email messages are clearly
distinct from language and formats commonly used by scammers.

------------------------------

Date: Sat, 10 Aug 2024 07:02:50 -0400
From: Bob Gezelter <gezelter@rlgsc.com>
Subject: ICANN Approves DNS Top-Level Domain for Intranets

The ICANN Board has approved the resolution reserving the DNS TLD
".INTERNAL" for internal organization use. This parallels the decades-long reservation of intranet IPv4 addresses, e.g., 10.*.*.*, 172.16.0.0-172.31.255.255, and 192.168.*.*, under RFC 1918 -- Address Allocation for Private Internets, and the reserved intranet addresses under IPv6.

Now one can use ".INTERNAL" for systems within the organization without fear that someone, somewhere will register the corresponding TLD.

Board notes at: https://www.icann.org/en/board-activities-and-meetings/materials/approved-resolutions-special-meeting-of-the-icann-board-29-07-2024-en#section2.a

------------------------------

Date: Sat, 28 Oct 2023 11:11:11 -0800
From: RISKS-request@csl.sri.com
Subject: Abridged info on RISKS (comp.risks)

The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
comp.risks, the feed for which is donated by panix.com as of June 2011.

SUBSCRIPTIONS: The mailman Web interface can be used directly to

subscribe and unsubscribe:
http://mls.csl.sri.com/mailman/listinfo/risks

SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that

includes the string `notsp'. Otherwise your message may not be read.
*** This attention-string has never changed, but might if spammers use it.

SPAM challenge-responses will not be honored. Instead, use an alternative

address from which you never send mail where the address becomes public!

The complete INFO file (submissions, default disclaimers, archive sites,

copyright policy, etc.) has moved to the ftp.sri.com site:
<risksinfo.html>.
*** Contributors are assumed to have read the full info file for guidelines!

OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's

delightfully searchable html archive at newcastle:
http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
Also, ftp://ftp.sri.com/risks for the current volume/previous directories
or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
If none of those work for you, the most recent issue is always at
http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-34.00
ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
*** NOTE: If a cited URL fails, we do not try to update them. Try
browsing on the keywords in the subject line or cited article leads.
Apologies for what Office365 and SafeLinks may have done to URLs.

Special Offer to Join ACM for readers of the ACM RISKS Forum:

<http://www.acm.org/joinacm1>

------------------------------

End of RISKS-FORUM Digest 34.40
************************

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)