[continued from previous message]

Wanna bet? COBOL is now 60 years old. The ISO standard was last updated in 2014 and now contains OOP constructs borrowed from C++, which is only fair since C++ borrowed its structures from COBOL via PL/I and C.

For all that people complain about COBOL, it is still a pretty good language for the things it was designed for -- business calculations with arithmetic that follow business rules, e.g., decimal rounding to the nearest cent.

I realize 2100 is 80 years from now, but we're almost halfway there already.

[What I meant (somewhat facetiously) was Original COBOL programmers. When
Y2K approached before 2000, many who were long retired were pulled back
into duty. Most of them are now long gone. PGN]

------------------------------

Date: Tue, 18 Feb 2020 18:50:00 +0000
From: Martin Ward <martin@gkc.org.uk>
Subject: Re: A lazy fix 20 years ago means the Y2K bug is taking down
computers, now (Levine, RISKS-31.59)

Many large companies are still using IBM assembler on mainframes. The
really forward-looking companies are thinking about migrating to the wave of the future: COBOL! But the temptation to make do with the current system
for another year or two is often too strong.

New technology is not being developed and put into practice in the way it
used to be (other than exploiting Moore's Law: which itself has slowed considerably in the last decade). Consider the technological inventions and advances that occurred in the 30 years from 1950 to 1980: microwaves,
lasers, halogen lamps, LEDs, LCDs, the transistor, integrated circuits, minicomputers, microcomputers, games consoles, mobile phones, colour television, FM radio, LP records, CDs, video recorders, solar panels, moon landings etc. etc.

Now think about the new technology that has been introduced to everyday life between 1990 and 2020. PCs have got faster, with larger memories, mobile
phones have got smaller and sprouted apps, and what else?

Given that COBOL has already survived decades of technological innovation,
in the current period of relative stagnation and caution, there seems to be
no reason why it should not survive indefinitely.

Scientific and technological progress are not inevitable features of the
modern world: they have to be desired and laboured for.

------------------------------

Date: Tue, 18 Feb 2020 13:48:48 -0500
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Re: Debunking the lone woodpecker theory (RISKS-31.58)

Understood, that goes with a curated digest!

The rambly bit was from friend-of-a-friend; someone else in our little cabal commented on it:

It's impressive that a company like that would even hire someone with actual experience. Somebody in HR slipped up somewhere. So is (as Dan was
discussing in another note) "get code into production as fast as possible"
just another way of saying "move fast and break things"?

The risk -- disdain for any sort of technology discipline -- is terrifying. NWANC is real and growing.

------------------------------

Date: Wed, 19 Feb 2020 21:48:39 -0000
From: "Cuckoo Fair Treasurer" <cuckoofairtreasurer@gmail.com>
Subject: My smart car rental was a breeze - until I got trapped in the woods

The dangers of renting an Internet-enabled (or is it dependent) car and then taking it to an area with no mobile coverage

https://www.theguardian.com/technology/2020/feb/18/smart-car-gig-rental-app-trapped?CMP=share_btn_link

------------------------------

Date: Tue, 18 Feb 2020 09:38:25 -0700
From: the keyboard of geoff goodfellow <geoff@iconia.com>
Subject: Today in sharing economy struggles: our app-powered rental car
lost cell service on the side of a mountain in rural California and now I
live here I guess

It appears that although I do not have enough cell service to start up my
only means of transportation I do have enough to live tweet my struggle so thanks for tuning in I will be here indefinitely... apparently in 45
minutes to an hour a tow truck will come to move us three miles down the
road where there is cell service so we can start our car the future is
dumb... six hours, two tow trucks, and 20 calls to customer service later apparently it was a software issue and the car needed to be rebooted before
we could use it...

https://twitter.com/kari_paul/status/1229214223227478016

------------------------------

Date: Sun, 16 Feb 2020 08:54:40 -0500
From: Jeremy Epstein <jeremy.j.epstein@gmail.com>
Subject: Re: Car renter paired car to FordPass, could still control car long
after return (ZDNet via Shaw, RISKS-31.58)

The Ford and Enterprise situation is just the tip of the iceberg.
Enterprise presumably has the technical and financial capability to reset
every rental car before re-renting it (and perhaps now has the motivation as well).

But what about people renting out their personal vehicles with Getaround or Turo or similar services? Those individuals undoubtedly do NOT have the knowledge or ability to reset the car, and since the systems are unattended, they may never even be accessed by the owner in between rentals. And
without centralized controls (since such services don't physically manage
the vehicles), the service can't do the reset for them - unless they enable remote automated reset, which brings its own set of risks...

So, I agree with ZDnet: "Too often, tech companies place the onus on
customers to work things out for themselves and even to save themselves.
Or, worse, to only discover a breach when it's too late. Wouldn't it be
bracing if tech companies, I don't know, showed a little responsibility in advance?"

[However,] that responsibility needs to be considered in light of the
different usage models, not just the traditional rental car companies (e.g., Enterprise), but also other uses.

(And FWIW, even something as simple as having the oil changed in your car
gives the opportunity for someone to link their phone to your car, and
enable the remote control. So I'd argue this isn't a failure by Enterprise
- it's a failure by Ford and anyone else who makes remote controls.)

------------------------------

Date: Sun, 16 Feb 2020 22:36:14 -0500
From: "R. G. Newbury" <newbury@mandamus.org>
Subject: Re: Car renter paired car to FordPass, could still control car long
after return (ZDNet via Shaw, RISKS-31.58)

It's worse than you think. A new OWNER may find himself unable to change the car's settings, because the car is still 'locked' to a prior owner. And the prior owner still has the power to start or unlock the car. It's not a
matter of 'clearing' the settings: only the 'owner' can do that! Apparently it's not just Land Rover; it could include Jaguar, Audi and BMW cars.

https://www.theregister.co.uk/2018/07/27/jaguar_land_rover_connected_car_privacy/

John Leyden, The Register, 27 Jul 2018

Shock Land Rover Discovery: Sellers could meddle with connected cars if not unbound; Secondhand owners who didn't sell at JLR dealer can call us, says
firm

Both data and the online controls on "connected cars" from Jaguar Land Rover remain available to previous owners, according to security experts and
owners of the upmarket vehicles. The car maker has defended its privacy safeguards and security of its InControl tech.

El Reg began investigating the issue after talking to Matt Watts, a techie
who blogged about the issue of connected cars and the data they collect, without initially naming Jaguar Land Rover (JLR).

Watts' secondhand Range Rover came with the ability to remotely control the climate systems, call breakdown services, upload GPS/destination details and much more. The vehicle also keeps a record of much of this information and stores it in an online account.

Most drivers won't use this functionality, but Watts is a self-admitted
geek. After he downloaded the JLR app to his smartphone and started to experiment, Watts realised that he was able to use the eight digits of the vehicle identification number (VIN) to link his vehicle to an online
account.

When doing so, the JLR website informed him that the vehicle was linked to another user's account. After dealing with support centres and a JLR dealer, Watts was eventually told that the previous owners should have disconnected before selling on the car. He was initially advised to contact the previous owner, which is annoying enough in itself.

"The process to get the manufacturer to update the online details for the vehicle is for me to try and find the previous owner and get them to do it
for me," Watts wrote.

The issue goes far beyond Watts being unable to use the funky functionality
of his secondhand motor, as he explained:

The previous owner of my car has control over it, they can unlock it, they
can remotely set the climate control without me knowing about it, even when
the car isn't running, they potentially can even look at the sat-nav system, they can also call break down services to the vehicle and all of this
without me knowing anything about it.

*Someone else has access to a significant amount of data about myself and my vehicle and there appears to be nothing that the manufacturer is prepared to
do about it.*

Watts told El Reg: "Data is being collected about me and the vehicle's
location and simply provided to whomever previously connected the app to the car. JLR needs a bullet-proof method for this to be automatically
disconnected when the vehicle changes hands. I don't know how you do this
but the current process is clearly not sufficient." [...]

------------------------------

Date: Sun, 16 Feb 2020 10:14:40 -0500
From: David <wb8foz@panix.com>
Subject: Re: The Intelligence Coup of the Century (RISKS-31.58)

One interesting aspect of this reporting is only CIA is mentioned.

When this saga started, they *were* effectively the Intelligence
Community. (Their only-child status did not last long.) Yet it's hardly
their forte to design crypto systems & hardware. That *is* the purview of
their stepbrothers at Fort Meade.

While they now seemingly on good terms, before the end of the Cold War there were many tales of their ...discordant... relationship. [I recall being told
by a SIS just assigned a joint tasking at the other place "I knew there was
a sea change when I arrived and found they suddenly honored not only my
badge but my executive parking pass..."]

So for now one can just wonder what part NSA played in this saga over its tenure. It can't be trivial.

------------------------------

Date: Sun, 16 Feb 2020 11:24:09 PST
From: "Peter G. Neumann" <neumann@csl.sri.com>
Subject: How the Iowa Caucuses Came Crashing Down (WashPost)

This adds some more details to what happened.

The Washington Post, 15 Feb 2020 https://www.washingtonpost.com/politics/how-the-iowa-caucuses-came-crashing-down-under-the-watchful-eye-of-the-dnc/2020/02/15/25b17e7e-4f5f-11ea-b721-9f4cdc90bc1c_story.html

------------------------------

Date: Mon, 17 Feb 2020 08:46:15 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: 'The only uncertainty is how long we'll last': a worst-case
scenario for the climate in 2050 (The Guardian)

*The Future We Choose*, a new book by the architects of the Paris climate accords, offers two contrasting visions for how the world might look in
thirty years (read the best case scenario here). <https://www.theguardian.com/environment/2020/feb/15/best-case-scenario-2050-climate-crisis-future-we-choose-christiana-figueres-tom-rivett-carnac>

EXCERPT:

It is 2050. Beyond the emissions reductions registered in 2015, no further efforts were made to control emissions. We are heading for a world that
will be more than 3C warmer by 2100

The first thing that hits you is the air. In many places around the world,
the air is hot, heavy and, depending on the day, clogged with particulate pollution. Your eyes often water. Your cough never seems to disappear. You think about some countries in Asia, where, out of consideration, sick
people used to wear white masks to protect others from airborne infection.
Now you often wear a mask to protect yourself from air pollution. You can
no longer simply walk out your front door and breathe fresh air: there
might not be any. Instead, before opening doors or windows in the morning,
you check your phone to see what the air quality will be.

Fewer people work outdoors and even indoors the air can taste slightly
acidic, sometimes making you feel nauseated. The last coal furnaces closed
10 years ago, but that hasn't made much difference in air quality around
the world because you are still breathing dangerous exhaust fumes from
millions of cars and buses everywhere. Our world is getting hotter. Over the next two decades, projections tell us that temperatures in some areas of the globe will rise even higher, an irreversible development now utterly beyond
our control. Oceans, forests, plants, trees and soil had for many years absorbed half the carbon dioxide we spewed out. Now there are few forests
left, most of them either logged or consumed by wildfire, and the permafrost
is belching greenhouse gases into an already overburdened atmosphere. The increasing heat of the Earth is suffocating us and in five to 10 years, vast swaths of the planet will be increasingly inhospitable to humans. We don't
know how hospitable the arid regions of Australia, South Africa and the
western United States will be by 2100. No one knows what the future holds
for their children and grandchildren: tipping point after tipping point is being reached, casting doubt on the form of future civilisation. Some say
that humans will be cast to the winds again, gathering in small tribes, hunkered down and living on whatever patch of land might sustain them.

More moisture in the air and higher sea surface temperatures have caused a surge in extreme hurricanes and tropical storms. Recently, coastal cities in Bangladesh, Mexico, the United States and elsewhere have suffered brutal infrastructure destruction and extreme flooding, killing many thousands and displacing millions. This happens with increasing frequency now. Every day, because of rising water levels, some part of the world must evacuate to
higher ground. Every day, the news shows images of mothers with babies
strapped to their backs, wading through floodwaters and homes ripped apart
by vicious currents that resemble mountain rivers. News stories tell of
people living in houses with water up to their ankles because they have
nowhere else to go, their children coughing and wheezing because of the
mold growing in their beds, insurance companies declaring bankruptcy,
leaving survivors without resources to rebuild their lives. Contaminated
water supplies, sea salt intrusions and agricultural runoff are the order of the day. Because multiple disasters are often happening simultaneously, it
can take weeks or even months for basic food and water relief to reach areas pummeled by extreme floods. Diseases such as malaria, dengue, cholera, respiratory illnesses and malnutrition are rampant.

You try not to think about the 2 billion people who live in the hottest
parts of the world, where, for upwards of 45 days per year, temperatures skyrocket to 60C (140F), a point at which the human body cannot be outside
for longer than about six hours because it loses the ability to cool itself down. Places such as central India are becoming increasingly challenging to inhabit. Mass migrations to less hot rural areas are beset by a host of
refugee problems, civil unrest and bloodshed over diminished water availability.

Food production swings wildly from month to month, season to season,
depending on where you live. More people are starving than ever before.
Climate zones have shifted, so some new areas have become available for agriculture (Alaska, the Arctic), while others have dried up (Mexico, California). Still others are unstable because of the extreme heat, never
mind flooding, wildfire and tornadoes. This makes the food supply in general highly unpredictable. Global trade has slowed as countries seek to hold on
to their own resources.

Countries with enough food are resolute about holding on to it. As a result, food riots, coups and civil wars are throwing the world's most vulnerable
from the frying pan into the fire. As developed countries seek to seal their borders from mass migration, they too feel the consequences. Most
countries' armies are now just highly militarised border patrols. Some countries are letting people in, but only under conditions approaching indentured servitude. [...]

https://www.theguardian.com/environment/2020/feb/15/worst-case-scenario-2050-climate-crisis-future-we-choose-christiana-figueres-tom-rivett-carnac

------------------------------

Date: Mon, 17 Feb 2020 08:47:41 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: Like Something Out of The Book Of Exodus Locust Armies Are
Devouring Entire Farms In Kenya In As Little As 30 Seconds (CGTN)

<https://africa.cgtn.com/2020/02/09/swarms-big-as-cities-un-chief-says-locust-fight-must-intensify/>

... we have never seen anything like this before. the UN continues to warn that the number of locusts could get 500 times bigger by June. But even if this plague ended right now, millions of people would still be facing a devastating famine in the months ahead. These locusts travel in swarms up
to 40 miles wide, each one can eat the equivalent of its own body weight
every day, and the swarms can travel close to 100 miles in a 24 hour period. This is a nightmare of epic proportions, and it is just getting started.

National Geographic has never been known to sensationalize news stories, but even they are saying that this plague is like something out of the Book of Exodus. [...] <https://www.nationalgeographic.com/science/2020/02/locust-plague-climate-science-east-africa/>

------------------------------

Date: Mon, 14 Jan 2019 11:11:11 -0800
From: RISKS-request@csl.sri.com
Subject: Abridged info on RISKS (comp.risks)

The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
comp.risks, the feed for which is donated by panix.com as of June 2011.

SUBSCRIPTIONS: The mailman Web interface can be used directly to

subscribe and unsubscribe:
http://mls.csl.sri.com/mailman/listinfo/risks

SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that

includes the string `notsp'. Otherwise your message may not be read.
*** This attention-string has never changed, but might if spammers use it.

SPAM challenge-responses will not be honored. Instead, use an alternative

address from which you never send mail where the address becomes public!

The complete INFO file (submissions, default disclaimers, archive sites,

copyright policy, etc.) is online.
<http://www.CSL.sri.com/risksinfo.html>
*** Contributors are assumed to have read the full info file for guidelines!

OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's

searchable html archive at newcastle:
http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
Also, ftp://ftp.sri.com/risks for the current volume
or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
If none of those work for you, the most recent issue is always at
http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-31.00
Lindsay has also added to the Newcastle catless site a palmtop version
of the most recent RISKS issue and a WAP version that works for many but
not all telephones: http://catless.ncl.ac.uk/w/r
ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
*** NOTE: If a cited URL fails, we do not try to update them. Try
browsing on the keywords in the subject line or cited article leads.
Apologies for what Office365 and SafeLinks may have done to URLs.

Special Offer to Join ACM for readers of the ACM RISKS Forum:

<http://www.acm.org/joinacm1>

------------------------------

End of RISKS-FORUM Digest 31.59
************************

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)