[continued from previous message]
"The result was a draw: humans, 93.9 percent correct; AI, 94.6 percent." 'Correct'? No false-positive or false-negative AUC ROC measures?
You should your physician -- they swear by the Hippocratic Oath. Trust the physician's tool supply chain? Not so fast.
------------------------------
Date: Thu, 16 Jan 2020 04:01:34 -0700
From: "Bob Gezelter" <
gezelter@rlgsc.com>
Subject: A Very Real Potential for Abuse: Using AI to Score Video Interviews
(CNN)
CNN has published an article on an interesting trend: the use of AI
evaluations of candidate video interviews during the selection process for internships and jobs.
As in other cases with AI-based evaluation of imagery, the potential for baked-in bias is clear. Without extensive study, is there a way to validate that such mechanisms are free of explicit or implicit bias concerning race, culture, and other factors. As an example, the subject of "word choice". In some cultures, directness is valued, in other cultures, precisely the
opposite is true. It would be far too simple for a bot to downgrade a
candidate for "lack of directness" when their cultural background values
it. Would that not be effective discrimination on race, national origin, or other prohibited or suspect factor.
A thought experiment: Consider scoring the statement "The patient has a
tumor" with the all-but-required phrasing used by a radiologist "The
patient's imagery is consistent with the presence of a tumor". Is one of
these options "evasive"?
One could argue that it is a matter of what questions are asked, but that presupposes a degree of sophistication which is likely not present in
practice.
https://www.cnn.com/2020/01/15/tech/ai-job-interview/index.html
------------------------------
Date: Mon, 13 Jan 2020 13:19:47 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: 5G, AI, blockchain, quantum, ... (Marketoonist)
Smart Devices and 5G cartoon | Marketoonist | Tom Fishburne
With the imminent arrival of 5G, there’s a lot of euphoric talk about about the future of connected devices, which is leading to a fair amount of technology-for-technology-sake. And there are many funny and no-so-funny bumps in the road.
On the funny end of the spectrum, GE was mocked <
https://www.marketwatch.com/story/this-ridiculous-ge-video-showing-14-steps-to-reset-a-smart-lightbulb-has-suddenly-gone-viral-2019-06-20>
a few months ago for releasing a guide to reset their Smart Lightbulb. It requires 14 complicated steps of turning it off and on at exact second
counts with a stopwatch (“turn off for two seconds … turn on for eight seconds”). Stephen Fry remarked <
https://www.marketwatch.com/story/this-ridiculous-ge-video-showing-14-steps-to-reset-a-smart-lightbulb-has-suddenly-gone-viral-2019-06-20>,
“This is insane enough to be joyous.”
On the not-so-funny end of the spectrum, smart-device maker Wyze announced <
https://www.marketwatch.com/story/smart-device-maker-wyze-confirms-data-breach-that-could-affect-millions-2019-12-29>
two weeks ago that both of the company’s production databases were left entirely open to the Internet, exposing the data of 2.4 million users of
their smart-home cameras and devices.
These are all reflections of the awkward adolescent stage of technology
we’re living and working in. We have to continually question just how “smart” all of this “smart” technology really is.
https://marketoonist.com/2020/01/smart.html
------------------------------
Date: January 8, 2020 8:14:28 JST
From: Richard Forno <
rforno@infowarrior.org>
Subject: Inside the Billion-Dollar Battle Over .Org (Steve Lohr)
[via Dave Farber]
Steve Lohr, *The New York Times*, 7 Jan 2020
A private equity firm wants to buy the Internet domain used by nonprofits. A group of online pioneers says it is not the place to maximize profits.
Two months ago, Ethos Capital, a private equity firm, announced that it
planned to buy the rights to a tract of Internet real estate for more than
$1 billion. But it wasn't just any piece of digital property. It was
dot-org, the cyber neighborhood that is home to big nonprofits and nongovernmental organizations like the United Nations (un.org) and NPR (npr.org), and to li ttle ones like neighborhood clubs.
The deal was met with a fierce backlash. Critics argued that a less
commercial corner of the Internet should not be controlled by a
profit-driven private equity firm, as a matter of both principle and
practice. Online petitions and letters of concern came from hundreds of organizations, thousands of individuals and four Democrats in Congress, including Senator Elizabeth Warren of Massachusetts.
Rarely has the acronym-strewn realm of Internet addresses -- so-called
domain names -- stirred such passion.
Now, a group of respected Internet pioneers and nonprofit leaders is
offering an alternative to Ethos Capital's bid: a nonprofit cooperative corporation. The incorporation papers for the new entity, the Cooperative Corporation of .ORG Registrants, were filed this week in California.
[...] [PGN-ed, longish item, truncated]
https://www.nytimes.com/2020/01/07/technology/dot-org-private-equity-battle.html?emc=3Drss&partner=3Drss
------------------------------
Date: Thu, 9 Jan 2020 21:03:39 -0800
From: Paul Saffo <
paul@saffo.com>
Subject: A lazy fix 20 years ago means the Y2K bug is taking down computers
now (New Scientist)
[Re: Martyn Thomas, This might be a genuine Y2K problem -- are there more?
RISKS-31.50]
Chris Stokel-Walker, *New Scientist*, 7 Jan 2020
https://www.newscientist.com/article/2229238-a-lazy-fix-20-years-ago-means-the-y2k-bug-is-taking-down-computers-now/
[PGN-ed to avoid duplication with RISKS-31.50 and 53.]
[...] Programmers wanting to avoid the Y2K bug had two broad options:
entirely rewrite their code, or adopt a quick fix called ``windowing'',
which would treat all dates from 00 to 20, as from the 2000s, rather than
the 1900s. An estimated 80 per cent of computers fixed in 1999 used the quicker, cheaper option.
``Windowing, even during Y2K, was the worst of all possible solutions
because it kicked the problem down the road,'' says Dylan Mulvin at the
London School of Economics.
Coders chose 1920 to 2020 as the standard window because of the significance
of the midpoint, 1970. ``Many programming languages and systems handle
dates and times as seconds from 1970/01/01, also called Unix time,'' says Tatsuhiko Miyagawa, an engineer at cloud platform provider Fastly.
Unix is a widely used operating system in a variety of industries, and this v``epoch time'' is seen as a standard.
The theory was that these windowed systems would be outmoded by the time
2020 arrived, but many are still hanging on and in some cases the issue had been forgotten.
``Fixing bugs in old legacy systems is a nightmare: it's spaghetti and
nobody who wrote it is still around,'' says Paul Lomax, who handled the Y2K
bug for Vodafone. ``Clearly they assumed their systems would be long out of
use by 2020. Much as those in the 60s didn't think their code would still be around in the year 2000.''
Those systems that used the quick fix have now reached the end of that
window, and have rolled back to 1920. Utility company bills have reportedly been produced with the erroneous date 1920, while tens of thousands of
parking meters in New York City have declined credit card transactions
because of the date glitch.
Thousands of cash registers manufactured by Polish firm Novitus have been unable to print receipts due to a glitch in the register's clock. The
company is attempting to fix the machines.
WWE 2K20, a professional wrestling video game, also stopped working at
midnight on 1 January 2020. Within 24 hours, the game's developers, 2K,
issued a downloadable fix.
Another piece of software, Splunk, which ironically looks for errors in computer systems, was found to be vulnerable to the Y2020 bug in
November. The company rolled out a fix to users the same week -- which
include 92 of the Fortune 100, the top 100 companies in the US.
Some hardware and software glitches have been incorrectly attributed to the bug. One healthcare professional claimed Y2020 hit a system developed by McKesson, which produces software for hospitals. A spokesperson for McKesson told New Scientist the firm was unaware of any outage tied to Y2020.
Exactly how long these Y2020 fixes will last is unknown, as companies
haven't disclosed details about them. If the window has simply been pushed
back again, we can expect to see the same error crop up.
Another date storage problem also faces us in the year 2038. The issue again stems from Unix's epoch time: the data is stored as a 32-bit integer, which will run out of capacity at 3.14 am on 19 January 2038.
[In response to a request from Eric Hofnagel, I pulled together a historical list of Y2K-related problems. It is now on my website
http://www.csl.sri.com/neumann/neumann.html at
http://www.csl.sri.com/neumann/y2k-pgn.txt
PGN]
------------------------------
Date: Mon, 13 Jan 2020 13:35:59 -0500
From: Jeremy Epstein <
jeremy.j.epstein@gmail.com>
Subject: When 2 < 7 => failure (Ars Technica)
Grocery store system does periodic audits of self-checkout users, but the system doesn't work if you have fewer than 7 items - the audit requires auditing exactly seven items.
Granted, not the biggest risk in the world, but if the venue didn't
have in-person employees, what would the customer do?
https://arstechnica.com/staff/2020/01/how-i-broke-my-grocery-stores-app-by-not-buying-enough-stuff/
------------------------------
Date: Tue, 7 Jan 2020 20:18:50 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Make It Your New Year's Resolution Not to Share Misinformation
(Mother Jones)
https://www.motherjones.com/politics/2020/01/make-it-your-new-years-resolution-not-to-share-misinformation/
Not profound but worth sharing with the less tech-savvy.
------------------------------
Date: Fri, 17 Jan 2020 11:50:03 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Inside the Feds' Battle Against Huawei (WiReD)
https://www.wired.com/story/us-feds-battle-against-huawei/
Long, interesting...
------------------------------
Date: Mon, 6 Jan 2020 19:57:42 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Apple Is Bullying a Security Company with a Dangerous DMCA Lawsuit
(iFixit)
https://www.ifixit.com/News/apple-is-bullying-a-security-company-with-a-dangerous-dmca-lawsuit
------------------------------
Date: Mon, 6 Jan 2020 19:58:52 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: How to Protect Yourself From Real Estate Scams (NYTimes)
https://www.nytimes.com/2020/01/03/realestate/how-to-protect-yourself-from-real-estate-scams.html
Not entirely new, but worth reading how it works, what to do and not to.
------------------------------
Date: Fri, 17 Jan 2020 10:14:25 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Dutch Artists Celebrate George Orwell's Birthday By Putting Party
Hats On Surveillance Cameras (BuzzFeed News)
https://www.buzzfeednews.com/article/ellievhall/dutch-artists-celebrate-george-orwells-birthday-by-adorning
------------------------------
Date: Mon, 06 Jan 2020 20:27:28 +0000
From: Chris Drewe <
e767pmk@yahoo.co.uk>
Subject: Re: reliability of computers (RISKS-31.53)
This brought back memories from a guy at the company where I used to work,
as he told of being called in as an expert witness on something very similar back in the 1990s. As I recall, he said that two banks or building
societies (mortgage providers) had merged; they had totally different
computer systems, but the new managers simply fired one of the support teams and expected the other to cope with both systems, which they struggled to
do. His expert opinion was that security on the unsupported system was a disaster area, with security features not enabled, passwords and log-ins
left with default settings, etc. As mentioned, he felt sympathy for the
police officer, who queried some transactions on his account and ended up
being charged with attempting to obtain money by deception. The
geographical location for the case was Woodbridge, Suffolk.
By the way, there was a similar "our computers are never wrong" item on a
BBC radio programme covering consumer affairs a couple of months ago. This featured a woman with a regular Chip&PIN credit/debit card, which had
expired and been routinely replaced by the card provider. She was told to
cut up the old one but forgot to do this, however she expected it to be cancelled anyway so wasn't concerned. Quite some time later she found unexpected transactions on the account and was told "the security with these cards has never failed so it must have been stolen", which she knew was
untrue as she still had it in her hands. After much argument it turned out that the old card had *not* been cancelled, so the woman went through normal life unknowingly having a pair of duplicate cards, then didn't notice when
one was stolen...
------------------------------
Date: Mon, 14 Jan 2019 11:11:11 -0800
From:
RISKS-request@csl.sri.com
Subject: Abridged info on RISKS (comp.risks)
The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
comp.risks, the feed for which is donated by panix.com as of June 2011.
SUBSCRIPTIONS: The mailman Web interface can be used directly to
subscribe and unsubscribe:
http://mls.csl.sri.com/mailman/listinfo/risks
SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that
includes the string `notsp'. Otherwise your message may not be read.
*** This attention-string has never changed, but might if spammers use it.
SPAM challenge-responses will not be honored. Instead, use an alternative
address from which you never send mail where the address becomes public!
The complete INFO file (submissions, default disclaimers, archive sites,
copyright policy, etc.) is online.
<
http://www.CSL.sri.com/risksinfo.html>
*** Contributors are assumed to have read the full info file for guidelines!
OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
searchable html archive at newcastle:
http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
Also,
ftp://ftp.sri.com/risks for the current volume
or
ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
If none of those work for you, the most recent issue is always at
http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-31.00
Lindsay has also added to the Newcastle catless site a palmtop version
of the most recent RISKS issue and a WAP version that works for many but
not all telephones:
http://catless.ncl.ac.uk/w/r
ALTERNATIVE ARCHIVES:
http://seclists.org/risks/ (only since mid-2001)
*** NOTE: If a cited URL fails, we do not try to update them. Try
browsing on the keywords in the subject line or cited article leads.
Apologies for what Office365 and SafeLinks may have done to URLs.
Special Offer to Join ACM for readers of the ACM RISKS Forum:
<
http://www.acm.org/joinacm1>
------------------------------
End of RISKS-FORUM Digest 31.54
************************
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)