RISKS-LIST: Risks-Forum Digest Monday 25 November 2019 Volume 31 : Issue 48
ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy
***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <
http://www.risks.org> as
<
http://catless.ncl.ac.uk/Risks/31.48>
The current issue can also be found at
<
http://www.csl.sri.com/users/risko/risks.txt>
Contents:
Ghost ships, crop circles, and soft gold: A GPS mystery in Shanghai
(MIT Technology Review)
GPS is easy to hack, and the US has no backup (Scientific American)
European Council approves plans to make new car safety features
mandatory (INews)
Non-urgent alarms are drowning out real ones in hospitals (WashPost)
Internet world despairs as non-profit .org sold for $$$$ to private
equity firm, price caps axed (The Register)
How dumb design wwii plane led macintosh (WiReD)
Accidental evacuation warning (Peter H. Gregory)
6 Tips for Windows 7 End of Life and Support (MakeUseOf}
Microsoft restores services after it experienced a large global
outage across numerous platforms (Business Insider)
Someone Got Access to Their Secret Consumer Score. Now You Can Get
Yours, Too. (NYTimes)
Could Salesforce Blockchain Cut Cancer Drug Development Costs in Half?
(Fortune)
China is Pushing Toward Global Blockchain Dominance (WiReD)
Burglars Really Do Use Bluetooth Scanners to Find Laptops Phones (WiReD) Disruption Mitigation Systems for Fusion Demonstration at ITER
(Richard Stein)
Law enforcement can plunder DNA profile database, judge rules (ZDNet)
How to Opt Out of the Sites That Sell Your Personal Data (WiReD)
Privacy not included (Mozilla)
146 New Vulnerabilities All Come Preinstalled on Android Phones (WiReD)
Uber safety push includes plans to start audio recording rides in
the U.S. (WashPost)
Nikki Haley Used System for Unclassified Material to Send `Confidential'
Information (The Daily Beast)
Official Monero website is hacked to deliver currency-stealing malware
(Ars Technica)
UK Conservative Party Scolded for Rebranding Twitter Account (NYTimes)
AI future or follies? (Fortune magazine email)
The Downside of Tech Hype (Scientific American)
Best Buy Made These Smart Home Gadgets Dumb Again (WiReD)
Officials Warn of "Juice Jacking" Scams at USB Charging Stations (LA County) Artificial Intelligence Discovers Tool Use in Hide-and-Seek Games (NYTimes) After False Drug Test, He Was in Solitary Confinement for 120 Days
NoiseAware - proprietary algorithm for noise detection in rental properties
(The Verge)
A hypothesis on the immediate future of audio scams (CBC)
How to prevent a data breach, lessons learned from the infosec vendors
themselves (Web Informant)
Someone Got Access to Their Secret Consumer Score. Now You Can Get Yours,
Too. (NYTimes)
Iowa hired cyberhackers, then arrested them (TechSpot)
Mastercard vs. mistakes and fraud (Fortune)
As 5G Rolls Out, Troubling New Security Flaws Emerge (WiReD)
Re: The rise of microchipping: are we ready for technology to get
under the skin? (Amos Shapir)
Re: What happens if your mind lives for ever on the Internet?
(John R. Levine)
Abridged info on RISKS (comp.risks)
----------------------------------------------------------------------
Date: Mon, 18 Nov 2019 17:21:43 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Ghost ships, crop circles, and soft gold: A GPS mystery in Shanghai
(MIT Technology Review)
A sophisticated new electronic warfare system is being used at the world's busiest port. But is it sand thieves or the Chinese state behind it? Now,
new research and previously unseen data show that the Manukai, and thousands
of other vessels in Shanghai over the last year, are falling victim to a mysterious new weapon that is able to spoof GPS systems in a way never seen before.
Nobody knows who is behind this spoofing, or what its ultimate purpose might be. These ships could be unwilling test subjects for a sophisticated
electronic warfare system, or collateral damage in a conflict between environmental criminals and the Chinese state that has already claimed
dozens of ships and lives. But one thing is for certain: there is an
invisible electronic war over the future of navigation in Shanghai, and GPS
is losing. ...
https://www.technologyreview.com/s/614689/ghost-ships-crop-circles-and-soft-gold-a-gps-mystery-in-shanghai/
------------------------------
Date: Wed, 20 Nov 2019 13:47:14 +0800
From: Richard Stein <
rmstein@ieee.org>
Subject: GPS is easy to hack, and the US has no backup (Scientific American)
https://www.scientificamerican.com/magazine/sa/2019/12-01/
Old news for this forum. See
http://catless.ncl.ac.uk/Risks/30/58#subj2.1 for instance. Search on
'gps spoof' or 'gps hack'.
The 1st and 2nd paragraphs of this piece are noteworthy for public flight safety:
"On August 5, 2016, Cathay Pacific Flight 905 from Hong Kong was heading for
an on-time arrival at Manila's Ninoy Aquino International Airport when something unexpected occurred. The pilots radioed air traffic controllers
and said they had lost GPS (Global Positioning System) guidance for the
final eight nautical miles to 'runway right-24.' Surprised, the controllers told the pilots to land the widebody Boeing 777-300 using just their own
eyes. The crew members pulled it off, but they were anxious the whole way
in. Fortunately, skies were mostly clear that day.
"The incident was not isolated. In July and August of that year, the International Civil Aviation Organization received more than 50 reports of
GPS interference at the Manila airport alone. In some cases, pilots had to immediately speed up the plane and loop around the airport to try landing again. That kind of scramble can cause a crew to lose control of an
aircraft. In a safety advisory issued this past April, the organization
wrote that aviation is now dependent on uninterrupted access to satellite positioning, navigation and timing services and that vulnerabilities and threats to these systems are increasing."
Airmanship is attributed to pilots that successfully react to abnormal
cockpit conditions, and sustain flight safety. See
https://www.nytimes.com/2019/09/18/magazine/boeing-737-max-crashes.html for
a descriptions of pilots that possess and demonstrate airmanship, versus
those that regard flying as 1352 procedural steps from takeoff to landing.
That GPS is frequently spoofed or jammed or hacked, often by hostile governments or non-state actors, is unsettling as a periodic member of the
air traveling public.
This USA Today piece from (
https://www.usatoday.com/story/travel/columnist/mcgee/2015/06/03/amtrak-rail-bus-flying-safety/28358899/)
indicates that bus travel was safest:
"Here's how the U.S. Department of Transportation ranked these modes by fatalities in 2012:
Bus: 39
Aviation: 447
Railroad: 557
All other highway: 33,743
"Undoubtedly some readers are typing responses already -- and rightfully so. Because the story begins rather than ends with these numbers, and such statistics are brimming with caveats, clarifications, exceptions and
asterisks. In fact, the benchmarks themselves need to be constantly reevaluated; for example, simply calculating fatalities may not capture
other serious but non-fatal hazards."
------------------------------
Date: Thu, 14 Nov 2019 22:40:46 +0000
From: Chris Drewe <
e767pmk@yahoo.co.uk>
Subject: European Council approves plans to make new car safety features
mandatory (INews)
Spotted this in a local newspaper, by Matt Allan, INews, 13 Nov 2019 <
https://inews.co.uk/inews-lifestyle/cars>
Speed limiters and breathalyser tech to be fitted to all new cars from 2022
All new cars launched from 2022 will have to be equipped with speed-limiting equipment and the wiring for in-built breath alysers following a decision by the European Council. The rule will make it compulsory for car makers to
fit intelligent speed assistance (ISA); wiring for in-car breathalysers; lane-keep assistance; autonomous emergency braking; data loggers and driver drowsiness warning systems. The move has met with a mixed response from
safety and motoring organisations. [...]
Looks like lots of risks, e.g. how much data is logged, and what happens
to it? Hygiene issues with breathalyser? How are these features checked
at vehicle inspections? Could drivers be faced with legal action for
taking circuitous routes or driving in an uneconomic style..?
As a friend observed, the problem with all this automation in cars is that
it's not clear who the heck is actually driving the darn thing...
------------------------------
Date: Sun, 24 Nov 2019 22:06:05 -0500
From: Monty Solomon <
monty@roscom.com>
Subject: Non-urgent alarms are drowning out real ones in hospitals
(WashPost)
The safety devices are everywhere in health-care facilities, but they also create a riot of disturbances for staff and patients.
https://www.washingtonpost.com/health/hospital-alarms-prove-a-noisy-misery-for-patients-i-feel-like-im-in-jail/2019/11/22/e4f6edc8-0554-11ea-ac12-3325d49eacaa_story.html
------------------------------
Date: Fri, 22 Nov 2019 9:45:55 PST
From: "Peter G. Neumann" <
neumann@csl.sri.com>
Subject: Internet world despairs as non-profit .org sold for $$$$ to private
equity firm, price caps axed (The Register)
https://www.theregister.co.uk/2019/11/20/org_registry_sale_shambles/?page=1
In a sign that ICANN is unlikely to challenge the sale of the registry -- as some have formally urged it to do -- ICANN says in its statement that the
new contract requires the operator of the registry to ``provide registrars
at least 30 days'' advance written notice of any price increase for initial registrations and 6 months' notice for any price increases of renewals,''
while allowing domain owners to renew a domain for as much as 10 years in advance ``thus enabling a registrant to lock in current prices for 10 years
in advance of a pricing change.''
It is debatable whether even a small number of the 10 million .org domain holders would be aware of price increases until they are required to pay
them, or whether the ability to register a domain for 10 years is equivalent
to a 10-year price freeze.
------------------------------
Date: Thu, 14 Nov 2019 11:21:39 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: How dumb design wwii plane led macintosh (WiReD)
We now presume that apps that reorder the entire economy should require no instruction manual at all; some of the most advanced computers ever made now come with only cursory instructions that say little more than "turn it on."
Using the app, you could reserve all your activities way before you boarded
the ship. And once on board, all you needed was to carry was a disk the size
of a quarter; using that, any one of the 4,000 touchscreens on the ship
could beam you personalized information, such which way you needed to go for your next reservation. The experience recalled not just scenes from /Her/
and /Minority Report/, but computer-science manifestos from the late 1980s
that imagined a suite of gadgets that would adapt to who you are, morphing
to your needs in the moment.
Behind the curtains, in the makeshift workspace, a giant whiteboard wall was covered with a sprawling map of all the inputs that flow into some 100 different algorithms that crunch every bit of a passenger;s preference
behavior to create something called the *Personal Genome*. If Jessica from Dayton wanted sunscreen and a mai tai, she could order them on her phone,
and a steward would deliver them in person, anywhere across the sprawling
ship.
The server would greet Jessica by name, and maybe ask if she was excited
about her kitesurfing lesson. Over dinner, if Jessica wanted to plan an excursion with friends, she could pull up her phone and get recommendations based on the overlapping tastes of the people she was sitting with. If only some people like fitness and others love history, then maybe they;ll all
like a walking tour of the market at the next port.
Jessica;s Personal Genome would be recalculated three times a second by 100 different algorithms using millions of data points that encompassed nearly anything she did on the ship: How long she lingered on a recommendation for
a sightseeing tour; the options that she /didn't/ linger on at all; how long she'd actually spent in various parts of the ship; and what's nearby at that very moment or happening soon. If, while in her room, she had watched one of Carnival's slickly produced travel shows and seen something about a market
tour at one her ports of call, she'd later get a recommendation for that
exact same tour when the time was right. ``Social engagement is one of the things being calculated, and so is the nuance of the context,'' one of the executives giving me the tour said.
https://www.wired.com/story/how-dumb-design-wwii-plane-led-macintosh/
Good news about design, until...
Risks? Believing that anything high-tech is fully self-evident or self-explanatory. And revealing a bit too much information and thinking.
------------------------------
Date: Fri, 15 Nov 2019 14:09:59 -0600
From: "Peter H. Gregory" <
peter.gregory@gmail.com>
Subject: Accidental evacuation warning
A warning was broadcast in the Highway 99 tunnel to get out of their cars
and evacuate the tunnel. Someone at the command center mistakenly pushed the wrong buttons causing this alarm. Despite the warnings, no one followed the instructions.
https://mynorthwest.com/1598411/seattle-tunnel-accidental-alert/?roi=echo3-58101618167-53483587-16474aef43b30d442cb39e87eef9740b
------------------------------
Date: Fri, 15 Nov 2019 17:01:06 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: 6 Tips for Windows 7 End of Life and Support (MakeUseOf}
https://www.makeuseof.com/tag/windows-7-end-of-life-support/
No surprises here except I didn't know about:
The end of Windows 7 support is a cause for concern for anyone running the
fading operating system.
However, it isn't the end of Windows 7 if you have enough money.
Windows 7 Pro and Enterprise have the option to pay $350 to keep Windows 7
alive for three years.
The *Microsoft Extended Security Updates program* will run until 2023.
The program isn't for everyone, though. Only businesses, professional
organizations, and mission-critical computers can apply for the Extended
Security Updates program. When that period ends, those companies must
have made provisions to upgrade to Windows 10 (or otherwise).
And this misstatement presumably means Microsoft programs, not all software: The programs you use on Windows 7 will also stop receiving updates to fix
bugs and security holes.
------------------------------
Date: Wed, 20 Nov 2019 12:05:25 -0500
From: Monty Solomon <
monty@roscom.com>
Subject: Microsoft restores services after it experienced a large global
outage across numerous platforms (Business Insider)
https://www.businessinsider.com/microsoft-outage-us-japan-and-australia-2019-11
------------------------------
Date: Sun, 24 Nov 2019 22:28:29 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Someone Got Access to Their Secret Consumer Score. Now You Can Get
Yours, Too. (NYTimes)
Little-known companies are amassing your data -- like food orders and Airbnb messages -- and selling the analysis to clients. Here's how to get a copy of what they have on you.
I Got Access to My Secret Consumer Score. Now You Can Get Yours, Too.
https://www.nytimes.com/2019/11/04/business/secret-consumer-score-access.html
Sigh, a while ago I requested my files from various government agencies mentioned in a surveillance article. Nothing much found. Now there's more
work learning what these people have on me.
------------------------------
Date: Sun, 24 Nov 2019 22:13:27 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Could Salesforce Blockchain Cut Cancer Drug Development Costs in
https://fortune.com/2019/11/21/ucsf-salesforce-blockchain-breast-cancer/
I was just screened, at a specialist's office, for a clinical trial. The process was straightforward and rigorous, driven by an automated online questionnaire a nurse completed with my answers. It included criteria for inclusion/exclusion, and branched through questions based on my answers.
So I'm not sure what this from article all means or how (apparently) magic blockchain solves all problems:
Just how would that work out in practicality? Esserman explains that the current clinical trial and drug development process is riddled with uncertainty, especially when it comes to data collection and integrity.
For instance: The baseline for what qualifies as an acceptable liver
function level for a potential clinical trial participant can vary wildly
based on who did the test, where it came from, and what criteria were used
to assess the numbers. Blockchain could simultaneously universalize and democratize that process, according to Esserman.
That's because this system could automate a process that is still, in this digital age, reliant on flesh-and-blood humans to assess, record, and
analyze something as basic as lab reading.
``I can see, with blockchain, what the normalized numbers are for someone enrolling in an iSPY trial,'' she says, adding that data re-entry and
redundant practices can drive up the cost of a clinical trial 30% to 60%.
Blockchain could potentially provide both accountability and efficiency on
this front since everything is linked together in a documented
chain-of-custody -- a practice that is surprisingly foreign to American
health care.
------------------------------
Date: Fri, 15 Nov 2019 15:39:45 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: China is Pushing Toward Global Blockchain Dominance (WiReD)
As US leaders dither, President Xi Jinping vies for the technological future
of finance.
https://www.wired.com/story/opinion-china-is-pushing-toward-global-blockchain-dominance/
The risk? Blockchain? Not blockchain?
------------------------------
Date: Tue, 19 Nov 2019 16:28:24 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Burglars Really Do Use Bluetooth Scanners to Find Laptops
Phones (WiReD)
Bluetooth scanners are readily available and easy to use -- which means that smash-and-grab car break-in might not have been pure chance.
https://www.wired.com/story/bluetooth-scanner-car-thefts/
------------------------------
Date: Sun, 17 Nov 2019 14:42:12 +0800
From: Richard Stein <
rmstein@ieee.org>
Subject: Disruption Mitigation Systems for Fusion Demonstration at ITER
I looked up progress on the ITER (International Thermonuclear Experimental Reactor) program, a multi-billion dollar effort that plans to demonstrate viable and sustained fusion energy before the permanent shift to fusion
powered reactors. See ITER.org for the full story and interim progress
reports.
I happened on this summary article: "Addressing the challenge of plasma disruptions" System (DMS).
https://www.iter.org/newsline/-/2678&sa=U&ved=2ahUKEwj_7LnzzPDlAhV-7nMBHU0VCGQQFjAAegQIBRAC&usg=AOvVaw3NsHxU8Qu30UmW_uvj4Mrf
A portentous name. Airlines and other industries rely on disruption
MANAGEMENT systems to assist their operations during crises. For logistics-based businesses, the scale of invocation is usually a few minutes before emergency governance kicks in and commences protocols to sustain or recover business continuity.
In the case of a fusion reactor, the Disruption MITIGATION System needs to respond within ~10-20 msec according to this paper: "Requirements for Triggering the ITER Disruption Mitigation System."
https://www.researchgate.net/publication/295829604_Requirements_for_Triggering_the_ITER_Disruption_Mitigation_System/link/56ec5fee08ae59dd41c4fc4f/download
DMS will require a hard real-time platform to successfully interact with and monitor the plasma fusion reactor parameters that can compromise electricity generation.
Plasmas that operate at a Q-value greater than 1 (self-sustaining nuclear fusion reactions) generate ~15-25 million amps of electron flow, neatly
trapped by intense magnetic fields to prevent runaway electrons (RE) from damping out the reaction. But when the REs start to negatively influence fusion, the DMS must engage to sustain fusion or the reactor parts can
meltdown into a diverter.
My short investigation on the whole DMS issue found a few more interesting tidbits:
1)
https://www.euro-fusion.org/fusion/fusion-conditions/ hosts a video of controllable fusion parameters, made from a fusion simulation that operators can control for practice. Homer Simpson has it easy at the Springfield
Nuclear Plant compared to this simulation video.
2) "Plasma Disruption Management in ITER," via
https://nucleus.iaea.org/sites/fusionportal/Shared%20Documents/FEC%202016/fec2016-preprints/preprint0314.pdf
shows estimated DMS invocation parameters based on a simulation using the
Joint European Torus as a baseline model.
------------------------------
Date: Wed, 20 Nov 2019 09:37:46 -0800
From: Gene Wirchenko <
gene@shaw.ca>
Subject: Law enforcement can plunder DNA profile database, judge rules
(ZDNet)
Charlie Osborne for Zero Day, 7 Nov 2019
DNA data is available even if users opt-out in a landmark ruling that
could have serious privacy implications.
https://www.zdnet.com/article/law-enforcement-can-plunder-dna-profile-database-judge-rules/
A judge has approved a warrant for law enforcement to access the database of DNA profiler GEDmatch, a landmark ruling which may have serious privacy implications.
Fields, however, would like to see these databases become common
repositories of information for investigators.
"You would see hundreds and hundreds of unsolved crimes solved overnight,"
the detective told the publication. "I hope I get a case where I get to
try."
------------------------------
Date: Fri, 15 Nov 2019 16:32:49 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: How to Opt Out of the Sites That Sell Your Personal Data (WiReD)
It's much harder than it should be to get your name off of data broker and people-search sites, but it's possible.
https://www.wired.com/story/opt-out-data-broker-sites-privacy/
------------------------------
Date: Sat, 16 Nov 2019 09:56:41 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Privacy not included (Mozilla)
Be Smart. Shop Safe.
How creepy is that smart speaker, that fitness tracker, those wireless headphones? We created this guide to help you shop for safe, secure
connected products.
This URL shows how creepy users find these products:
https://foundation.mozilla.org/en/privacynotincluded/
Ho ho ... uh oh.
------------------------------
Date: Fri, 15 Nov 2019 17:20:24 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: 146 New Vulnerabilities All Come Preinstalled on Android Phones
(WiReD)
The dozens of flaws across 29 Android smartphone makers show just how
insecure the devices can be, even brand-new.
https://www.wired.com/story/146-bugs-preinstalled-android-phones/
------------------------------
Date: Wed, 20 Nov 2019 13:44:22 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Uber safety push includes plans to start audio recording rides in
the U.S. (WashPost)
https://www.washingtonpost.com/technology/2019/11/20/uber-plans-start-audio-recording-rides-us-safety/
The risk? No good deed (recording for safety) goes unpunished (violating
laws and privacy).
------------------------------
Date: Wed, 20 Nov 2019 14:21:02 -0700
From: Jim Reisert AD1C <
jjreisert@alum.mit.edu>
Subject: Nikki Haley Used System for Unclassified Material to Send
`Confidential' Information (The Daily Beast)
Newly released emails suggest that in 2017 the then-ambassador lost her password for classified communication, and so she used a different system.
Christopher Dickey
World News Editor
Updated Nov. 20, 2019 8:46AM ET / Published Nov. 20, 2019 5:01AM ET
Excerpt:
North Korea had just tested an intercontinental ballistic missile capable
of hitting Alaska, and the Trump administration was scrambling to
react. But it seems Nikki Haley, Trump's ambassador to the United Nations,
had lost her password for classified communications.
That's why on that fraught July 4, 2017, she was typing away on her
BlackBerry 10 smartphone, sending 'confidential' information over a system
meant only for unclassified material.
Haley was in a rush as she headed to her office "On my way in" shooting
emails back and forth with top aides who'd been with her since she was
governor of South Carolina. She needed to make a statement, and they were
drafting it for her. 'Let's clean this up,' she writes after looking at
some of the copy. 'Pretty this up for me,' she says.
The next day we discover what the problem is with her
communications. 'Can't find my password for the high side,' she writes.
The stylistic suggestions and the apparent explanation for using less
secure messages was in a trove of emails recently obtained under the
Freedom of Information Act by the watchdog organization American
Oversight.
https://www.thedailybeast.com/nikki-haley-used-system-for-unclassified-material-to-send-confidential-information
Also
https://arstechnica.com/information-technology/2019/11/nikki-haley-lost-her-password-so-she-sent-sensitive-info-over-unclassified-system/
------------------------------
Date: Wed, 20 Nov 2019 21:00:41 -0500
From: Monty Solomon <
monty@roscom.com>
Subject: Official Monero website is hacked to deliver currency-stealing
malware (Ars Technica)
https://arstechnica.com/information-technology/2019/11/official-monero-website-is-hacked-to-deliver-currency-stealing-malware/
------------------------------
Date: Thu, 21 Nov 2019 11:14:22 -0500
From: Monty Solomon <
monty@roscom.com>
Subject: UK Conservative Party Scolded for Rebranding Twitter Account
(NYTimes)
https://www.nytimes.com/2019/11/20/world/europe/factcheck-uk-conservative-party.html
The temporary name change, to *factcheckUK*, was an effort to *mislead
people* during an election debate between Prime Minister Boris Johnson and Jeremy Corbyn of Labour, Twitter said.
------------------------------
Date: Sat, 16 Nov 2019 22:55:13 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: AI future or follies? (Fortune magazine email)
*OpenAI Releases Full-Scale Version of Its "Too Dangerous to Release"
Language Model. *The San Francisco-based AI research shop has released the full-size version of its language modeling algorithm <
https://click.newsletters.fortune.com/?qs=304881d1f47022db4f760185645ac2ac31d0d56b4c65014094846471e16c4081a577163efe8dd6ddb221b3736f452cdb2721d903d584bd5e>,
GPT-2, which can compose whole paragraphs of fairly-coherent text from just
a few seed words or sentences. When it unveiled the model in February, the company said it was declining to make the most powerful version of the
software -- which has 1.5 billion parameters -- available to the public out
of fear it could be abused to create fake news. At the time, many in the AI research community criticized that decision as a publicity stunt. OpenAI
says it has reversed course now because, since February, it has released gradually more powerful versions of GPT-2 and seen little evidence of
misuse.
1.5 billion parameters -- one hopes they're not using that word for its
common definition in programming.
And what could go wrong with this?
Speaking of GPT-2: At Microsoft's Ignite developer conference last week, the company showcased *how OpenAI's language model could be used to create an auto-complete feature for lines of software code. <
https://click.newsletters.fortune.com/?qs=304881d1f47022db4dbaf7299aa4046ce631a1f8631c155c7c536ccab15fec10a3b423e23d79653c1795c5b1141d8b0740595bfbe6029e5f>
Microsoft's team took the language model and trained it on the 3,000
top-rated open-source code repositories on Github. The result is a system
that suggests, as a coder types, the most likely completion of a line of
code. Microsoft says the system can be fine-tuned for a specific team of
coders by training it on their particular code base. This is just one of several examples of AI simplifying -- or sometimes even automating (see Google's AutoML, <
https://click.newsletters.fortune.com/?qs=304881d1f47022db5155acde02b6e6b27ff76b1140e84eaa051d56bebbcbca9cd6067ca8f4653df4171128073d96c9cc1bbce1aed87f040d>
for example) -- the act of writing software. So if you thought learning to
code was a guarantee of employment in the face of relentless AI-driven automation, think again.
------------------------------
Date: Fri, 22 Nov 2019 10:36:16 +0800
From: Richard Stein <
rmstein@ieee.org>
Subject: The Downside of Tech Hype (Scientific American)
https://blogs.scientificamerican.com/observations/the-downside-of-tech-hype/
"What can be done about rising hype? Although scientists and engineers can
have little impact on the media, those at universities can promote better measures of success and more accuracy in their announcements, courses and curricula. Measuring university programs by amounts of venture capital
funding attracted or numbers of start-ups created makes it easy for programs
to game the system.
"Better accuracy requires acknowledging the long development times,
explaining the reasons for them, and illuminating the process by which new technologies became economically feasible, going beyond simplistic
distinctions between basic and applied research. The reality is that few technologies experience the types of improvements necessary for commercialization and excessive hype distracts decision makers from the challenges of achieving the necessary pre-commercialization improvements."
Academic offices exaggerate technology benefits to lure funding from
commercial and government sources. Absent long-term measurements of success
for a given R&D dollar, there's no quantitative predictor of failure or
success for scientific of engineering research payoff.
No risk, no reward, like betting a few bucks at the roulette table. In a casino, the odds of a return are fixed.
In biotechnology, the odds of a candidate substance becoming a blockbuster
drug are estimated at 1000 to 1 (see
http://blogs.einstein.yu.edu/the-high-cost-of-and-uncertain-path-to-a-blockbuster-drug/).
Regarding AI hype, see the companion piece "The Media's Coverage of AI is Bogus"
https://blogs.scientificamerican.com/observations/the-medias-coverage-of-ai-is-bogus/.
------------------------------
Date: Fri, 15 Nov 2019 11:16:24 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Best Buy Made These Smart Home Gadgets Dumb Again (WiReD)
Last week, a series of smart home gadgets became dumb again. On November 6, Best Buy pulled the plug on its line of Insignia Connect products, including
a convertible freezer/fridge, two kinds of smart plugs, a smart light
switch, and a Wi-Fi-connected camera. Best Buy offered people who purchased
the gadgets partial gift cards, not full refunds. Most of the items still
have some functionality, but are no longer equipped with the smart features that led people to choose them in the first place. The Wi-Fi camera,
however, ceased to function altogether.
The incident is a salient reminder that when you buy an Internet-connected device, you're betting the company behind it will continue supporting its corresponding software in the future. That means regularly updating apps to ensure compatibility with the latest smartphones, patching bugs, and
more. But it's impossible to tell ahead of time what brands will outlast
their competitors and which will shutter, get acquired, or pivot. One day
you wake up and your smart freezer is suddenly stupid.
https://www.wired.com/story/best-buy-smart-home-dumb/
------------------------------
Date: Fri, 22 Nov 2019 16:26:30 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)