RISKS-LIST: Risks-Forum Digest Wednesday 1 April 2020 Volume 31 : Issue 64

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/31.64>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>

Contents:
The Driverless Vehicle Act (Richard Stein, April Fools 2020)
Tokyo firm urges caution against surge in coronavirus-related
disinformation on April Fools' Day (The Japan Times via Dave Farber)
Risks of Ostrichizing Yourself: Almost everything is interdependent
(PGN)
U.S. Health and Human Services Department suffered a cyber-attack (IFTTT)
U.S. government & tech industry discussing ways to use smartphone
(WashPost via Jan Wolitzky)
Putin's New Cyberweapons (Zak Doffman)
Classified info on stolen laptop (NYTimes)
Electronic Health Records Need an Ethical Tune-Up (Scientific American)
Speech recognition algorithms may also have racial bias (Ars Technica)
Big Rigs Begin to Trade Diesel for Electric Motors (NYTimes)
RFID Locks and the Lock Picking Lawyer (YouTube via Sheldo)
Siri and Alexa Fails: Frustrations With Voice Search (The Manifest)
Zoom bombing (NYTimes)
Video conferences under attack by "zoombombing" (Lauren Weinstein)
Beware of call-back numbers (Mabry Tyso vi PGN)
Wash Your Hands -- but Beware the Electric Hand Dryer (Rob Slade)
Why Don't We Just Ban Targeted Advertising (WIRED)
Death on Mars (Scientific American)
Her Incredible Sense Of Smell Is Helping Scientists Find New Ways To
Diagnose Disease (npr.org)
MIT-based Team Works on Rapid Deployment of Open-source Low-cost Ventilator
(MIT News)
MIT Will Post Free Plans Online for an Emergency Ventilator That Can Be
Built for $100 (SciTechDaily via Lauren Weinstein)
A computer virus expert looks at CoVID-19 (Rob Slade)
Mathematics of life and death: How disease models shape national shutdowns
and other pandemic policies (Martin Enserink/Kai Kupferschmidt)
Coronavirus: Robots use light beams to zap hospital viruses (bbc.com)
Risks of extrapolation (Geoff Kuenning)
Coronavirus Reactions Creating Major Internet Security Risks
(Lauren Weinstein)
Seeking podcast contributors relating to Y2K (Peter de Jager)
Risks of Leap Years, and depending on WWVB (Rob Seaman)
Call for Cyberattack Use Cases (Sami Saydjari)
Re: What happens when Google loses your address? (Wendy M. Grossman)
Re: 911 operators couldn't trace the location of a dying student's
(John Levine)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Mon, 1 Apr 2020 10:49:59 +0800
From: Richard Stein <rmstein@ieee.org>
Subject: The Driverless Vehicle Act (April Fools 2020)

Washington, DC -- With a super PAC war chest estimated at US$ 100M to
lubricate Congress, the Driverless Vehicle Consortium's (DVC) eponymously
named Driverless Vehicle Act (DVA) achieved veto-proof House and Senate majorities. The White House signaled imminent Presidential signature during
a Rose Garden ceremony.

The DVA establishes a taxpayer-funded insurance pool to underwrite
full-scale deployment of driverless passenger vehicles and commercial cargo transport across American roads and highways.

The Act authorizes the US Treasury to create a US$ 50B fund to offset
potential liabilities arising from DV-initiated accidents and mishaps.
Nearly 7 times larger than The September 11th Victim Compensation Fund, the government-backed bonds kick-start a long-overdue infrastructure renewal
effort led by the Department of Transportation.

The legislation establishes a special master to administer the fund and adjudicate claims. The National Highway Transportation Safety Agency (NHTSA) budget gained a 10X increase over the US$ 900M 2018 appropriation to
energize DV safety monitoring and oversight programs.

The legislation funds the creation and operation of NHTSA towers, similar to those operated by the Federal Aviation Administration for domestic air
traffic. The cloud-hosted towers encompass fleet arbitration oversight authority, with local and interstate scope, to proactively anticipate and circumvent DV traffic conflicts.

The NHTSA towers rely on standardized fleet-control capabilities that continuously apply dynamic scheduling to sustain traffic routing, generative adversarial network structures, and deep-learning AI techniques that
optimize obstacle avoidance outcomes.

Legislative debate was rancorous in both Congressional houses. Certain consumer-friendly amendments were defeated by business lobbying during
Senate and House negotiations to reconcile the Bill before final passage.

Wisconsin Senator Floyd Thursby proposed that new or used DVs eligible for
sale be required to prominently display product liability indemnification clauses on their pricing stickers. The amendment's defeat ensures that manufacturers and fleet operators who sell, maintain, own, and/or lease the vehicle platform, including the vital obstacle-avoidance program and inter-vehicle communication software, retain liability ownership for any deployment mishaps.

Louisiana Senator Kaspar `Fats' Guttman proposed a "Dog Fooding" amendment requiring DV manufacturer and fleet operator boards of directors, employees, and their family members to participate in a 6-month duration,
pre-deployment trial without backup drivers. An unidentified industry
lobbyist exiting the House-Senate conference smirked that the defeated amendment was, "Potentially too retributive."

Michigan Senator Miles `Sharkey' Archer's "Consumer Vulnerability Exposure" amendment requiring DVs to render explainable diagnostic information from mishaps to assist claim adjudication processes was voted down. Passage would require DV manufacturers and software suppliers to publicly disclose
software test plans, test results, release qualification wall clock, and
defect discovery/repair life cycle metrics to assist DV safety rating compilation.

Speaking at a press conference, Senator Guttman said, "This legislation green-lights our nation's transport infrastructure transformation, a
'moonshot on the ground' for the unforestallable future."

A reporter asked, ``Would he hail a DV to commute to and from Capitol
Hill?'', Senator Guttman stated, "The manufacturers and fleet operators have full confidence in their product's effectiveness and operational safety; our regulatory bodies endorse these findings, with acceptable and calculated
risks. Get onboard for a ride that makes history!"

Driverless, interstate cargo transport and city-wide passenger hailing
services will progressively roll-out, without backup drivers, over the next
3 years. Scholastic, municipal, and cross-country bus services are to deploy initially. The Act also incentivizes state and local emergency services to replenish their aging fleets with DV versions of ambulances, firetrucks, and law enforcement prowlers.

The Bland Institute (BI), a non-profit transportation think-tank, excoriated the DVA as the single largest corporate welfare award in US history. "It progressively accelerates the demise of the right-to-drive by recklessly promoting nascent technology. Deployment will displace long-haul cargo truckers, bus captains, and ride-hailing service drivers. How will these transportation and logistic workers be retrained and re-employed? The re-insurance pool twists capitalism like DNA. It 'plays chicken' with our economic future, public safety, and social fabric. You know it! I know it!
The American people know it!" said BI spokeswoman Ms. Brigid O'Shaughnessy.

Cyber-safety and security analysts questioned DV fleet transport operating tower readiness. The effectiveness of tower operating procedures that
safeguard end-to-end travel, and cargo delivery service achievement comprise unknowable metrics which the DVA requires the NHTSA to periodically
disclose.

DVC spokesperson Henrik T. Ford VIII declined to comment on privately-owned fleet deployment readiness. He said, "DV simulation results comprise closely-guarded corporate trade secrets, intellectual property not freely disclosed. The commuting public will accept certain teething issues given anticipated DV convenience."

Mobile device-distracted pedestrians, motorcyclists, and bicyclists are
advised to be wary when alongside a DV. The transition from a DV-light
commute environment consisting of a hybrid transport environment comprised
of diminishing human motorists and pedestrians side-by-side with rising DV population, to a DV-supreme environment with carbon-based motorists
effectively banished from the road, is fraught with uncertainty.

As incremental DV-supreme transportation conditions emerge, traffic volume
will quickly outstrip carbon-based NHTSA tower arbitration and oversight capabilities. ``Traffic flow will be best addressed through autonomous management techniques. Human intervention will only be necessary for
emergency maintenance and pedestrian incidents,'' said an anonymous NHTSA employee speaking on background.

Questions regarding the efficacy and safety of dedicated short-range communications (DSRC) shared spectrum, essential for coordinating and
reporting DV movements, remain unresolved.

"Consumers benefit from DSRC. As dual-use spectrum, it will minimize
rush-hour congestion while accelerating WiFi content access that optimizes
the commuting experience," said Mr. Ford.

Ms. O'Shaughnessy added, "Consumer skepticism of technologically-enhanced convenience products is justified. Industry self-regulation, galvanized
through years of endemic regulatory capture and diminished federal agency enforcement, has shown to compromise the viability and safety of aircraft, cellphones, implanted medical devices, pharmaceuticals -- you name it. Our government shills public health and safety like a Ponzi scheme. Are DVs
safer than carbon-based drivers? An indication of DV public benefit will be shown if US traffic death rate declines below the 2016 level of 1.18 per 100 million vehicle miles traveled. The DVA represents a parlous wager of
investor sagacity with public safety."

Mr. Wilmer Cook, CEO of RansomWareNeverMore.com stated, "The cyber-attack perimeter for DVs is virtually indefensible. State-sponsored hackers -- advanced persistent threats -- are likely to penetrate DSRC protocol
defenses. Expanding the NHTSA's role is a first step, but DV deployment and operational viability comprise a mega-risk with limited mitigation."

------------------------------

Date: Tue, 31 Mar 2020 14:54:37 +0900
From: Dave Farber <farber@gmail.com>
Subject: Tokyo firm urges caution against surge in coronavirus-related
disinformation on April Fools' Day (The Japan Times)

While this is Tokyo centric, the disinformation comments apply everywhere.

https://www.japantimes.co.jp/news/2020/03/30/national/coronavirus-disinformation-april-fools-day/

------------------------------

Date: Wed, 25 Mar 2020 16:46:12 PDT
From: "Peter G. Neumann" <neumann@csl.sri.com>
Subject: Risks of Ostrichizing Yourself: Almost everything is interdependent

[This seems particularly relevant after the two items on Covid-19 being
nature's wake-up call, which ran in RISKS-31.63. PGN]

With respect to everything being interrelated, one of my favorite quotes is from Bob Morris (then chief scientist of the National Computer Security Center):

``To a first approximation, every computer in the world is connected with
every other computer.'' (19 September 1988, in a briefing from Bob, K
Speierman -- then Chief Scientist of the NSA -- me, and Don Good, for the
National Research Council Computer Science and Technology Board in
Washington DC)

That bit of wisdom has been borne out by the Internet malware and hacking attacks. But the more general form of it might be this:

To a first approximation, every living creature in the world is ultimately
potentially dependent on the behavior of every other creature.

It's a very old idea, e.g.,

``No man is an island, entire of itself.'' John Donne, 1624

but hugely timely in light of recent events. [Don't let the proverbial butterflyinyourface.]

------------------------------

Date: Mon, Mar 16, 2020 at 9:09 AM
From: Twitter via IFTTT <action@ifttt.com>
Subject: U.S. Health and Human Services Department suffered a cyber-attack

On 15 Mar 2020, a HHS computer system was attacked during the nation's
response to the coronavirus pandemic, according to three people familiar
with the matter.

https://t.co/6PPO1HEoPp https://t.co/Y5nGyaWAWw

------------------------------

Date: Tue, 17 Mar 2020 15:06:29 -0400
From: Jan Wolitzky <jan.wolitzky@gmail.com>
Subject: U.S. government & tech industry discussing ways to use smartphone

https://www.washingtonpost.com/technology/2020/03/17/white-house-location-data-coronavirus/

Also:

To Track Coronavirus, Israel Moves to Tap Secret Trove of Cellphone Data

https://www.nytimes.com/2020/03/16/world/middleeast/israel-coronavirus-cellphone-tracking.html

------------------------------

Date: Tue, 24 Mar 2020 10:12:06 PDT
From: "Peter G. Neumann" <neumann@csl.sri.com>
Subject: Putin's New Cyberweapons (Zak Doffman)

www.forbes.com/sites/zakdoffman/2020/03/21/putins-secret-intelligence-agency-hacked-dangerous-new-cyber-weapons-target-your-devices/#5c01d762778a

``Red faces in Red Square, again. Last July, I reported on the hacking of SyTech, an FSB (Federal Security Service) contractor working on Internet surveillance tech. Now, reports have emerged from Russia of another shocking security breach within the FSB ecosystem. This one has exposed a new weapon ordered by the security service," one that can execute cyber attacks on the Internet of Things (IoT)--the millions of connected devices now in our homes and offices.'' [...]

------------------------------

Date: Tue, 17 Mar 2020 21:08:00 -0400
From: Jan Wolitzky <jan.wolitzky@gmail.com>
Subject: Classified info on stolen laptop (NYTimes)

https://www.nytimes.com/2020/03/17/world/europe/germany-missile-laptop.html>

------------------------------

Date: Wed, 25 Mar 2020 15:48:43 +0800
From: Richard Stein <rmstein@ieee.org>
Subject: Electronic Health Records Need an Ethical Tune-Up
(Scientific American)

https://blogs.scientificamerican.com/observations/electronic-health-records-need-an-ethical-tune-up/

The proposed ethical tuneup, a recommendation that EHR engineering and sales businesses (their employees specifically) obey an equivalent physician oath
"to do no harm," must extend beyond this domain.

Why not require employees and governance for every technology vendor or person/persons that design, author/manufacture, test, and publish/sell any product to take an oath?

"Ethics or moral philosophy is a branch of philosophy that involves systematizing, defending, and recommending concepts of right and wrong
conduct" per https://en.wikipedia.org/wiki/Ethics. Ethics are mere words
unless solemnly embraced and sincerely enforced without being overly restrictive of practice.

Employee rights are essential to assert and demonstrate, without fear of employer reprisal, that a product defect may harm public safety. Defect disclosure transparency of discovery and repair before product release can build public trust. Few businesses unfortunately allow sunshine inside their walls.

Suppose a product defect escape injures customers or jeopardizes public
safety, and governance knew in advance, but declined to freely disclose, or direct resolution, before release. This hypothetical business favors
schedule and cost achievement over deliverable qualification rigor. Clearly unethical. A catastrophic product defect escape can generate severe brand outrage leading to bankruptcy.

Unfortunately, this conduct regularly occurs across the industrial spectrum: finance, aerospace, medical devices, technology, chemical, mining,
automobiles, etc. "Profit Without Honor" by Pontell, et.al. testifies to
the jeopardy which industry self-regulation, and a deficit of regulatory enforcement, enables acts of impunity against public interests.

What to do? Penalize employees -- dock their pay -- for not speaking up
about defect severity or not communicating defect discovery to the customer?
Or penalize employees $10 for every defect escape, perhaps doubling the
imposed amount for every layer of management right up through the board of directors, and pay a fine to the national treasury that cuts dividends or curtails stock buy-backs?

A company imposing an exponential organizational penalty structure for
defect escape would quickly alienate employees, but immediately telescope
the adopting a customer-centric corporate attitude.

One might boost funding for hiring and training regulatory inspectors,
perform more frequent inspection, and introduce heavier enforcement actions
for violating regulations. But political oversight "blows with wind," and seldom persists beyond one election cycle.

Systematizing ethics is historically challenging, defending ethics is like "shattered glass in an acid bath," and recommending ethics to redress organizational behavior is moot unless corporate governance is held
accountable regulatory action.

Caveat emptor.

------------------------------

Date: Wed, 25 Mar 2020 10:33:22 -0400
From: Monty Solomon <monty@roscom.com>
Subject: Speech recognition algorithms may also have racial bias
(Ars Technica)

https://arstechnica.com/science/2020/03/speech-recognition-algorithms-may-also-have-racial-bias/

------------------------------

Date: Thu, 26 Mar 2020 07:45:05 +0800
From: Richard Stein <rmstein@ieee.org>
Subject: Big Rigs Begin to Trade Diesel for Electric Motors (NYTimes)

https://www.nytimes.com/2020/03/19/business/electric-semi-trucks-big-rigs.html. After reading the NYT essay, my memory sparked a comp.risks archive search yielding this submission from 2010: "Quiet electric & hybrid cars endanger blind pedestrians" in http://catless.ncl.ac.uk/Risks/26/11#subj7.1.

In http://catless.ncl.ac.uk/Risks/26/13#subj10.2, Jonathan Kamens said, "I believe I first heard about the problem of electric cars being so quiet that they would pose a danger to pedestrians (blind and otherwise) and bicyclists from a kids' science program on TV *27 years ago*."

https://www.federalregister.gov/documents/2019/09/17/2019-19874/federal-motor-vehicle-safety-standard-no-141-minimum-sound-requirements-for-hybrid-and-electric
established "FMVSS 141 (Minimum Sound Requirements for Hybrid and Electric Vehicles)," a regulation that applies to hybrids and electric vehicles
weighing less than 10,000 lbs (~4.5 metric tons).

The regulation establishes a "crossover" speed value where audible alert emission starts/stops as vehicle tire/wind noise drops below a specified
sound pressure level threshold. The regulation is very long and complex,
with certain enforcement deferments given manufacturer implementation schedules, etc. If I read it correctly, the regulation establishes vehicle artificial audible alarm emission at and below 30 mph (~48 kph).

Regarding the 'Big Rig' family of long-haul electric trucks, I found
"Daimler Unveils Electric Freightliner Cascadia," retrieved on 23MAR2020
from https://www.trucks.com/2018/06/06/daimler-unveils-electric-freightliner-cascadia/.

The article states, "The company unveiled a nearly silent, electric version
of its flagship Freightliner Cascadia heavy-duty truck at the Portland International Raceway during a meeting with Wall Street analysts and investors..."

The essay does not mention any audible warning from the cab when in forward motion, though a backup warning (beep...beep...beep) is likely standard.

I reached out to the daimler.com contact listed in the essay to inquire
about audible alert noise emission. Their response was, "Although the FMVSS
141 (Minimum Sound Requirements for Hybrid and Electric Vehicles) applies to vehicle < 10, 000 lbs., we will apply the same standard to our series production electric Freightliner medium- and heavy-duty commercial
vehicles. Thus, they will emit a low-speed audible sound in addition to wind/tire noise."

The Freightliner Cascadia cab weight (batteries included) is estimated @
26,000 lbs (~11.8 metric tons). That's ~7.4X the weight a 2020 Honda CRV
(~1.6 metrics tons). With a typical maximum TEU (twenty-foot equivalent
unit) payload of ~24 metric tons, that's 35 metric tons whispering down the road @ ~100 km/h (~60 miles/hour)!

------------------------------

Date: Sun, 15 Mar 2020 23:52:27 -0400
From: Sheldon <sheldon10101@gmail.com>
Subject: RFID Locks and the Lock Picking Lawyer

It is amazing how bad various security products are.

You can see that if you subscribe to the Lock picking lawyer on youtube https://www.youtube.com/channel/UCm9K6rby98W8JigLoZOh6FQ

Gun safes often can be opened in seconds using a screwdriver. The standard
the lockpicking lawyer uses for gun safes is that they have to be able to
stop a teenager for a few minutes.

Some RFID door locks do the encryption checking on the outside of the door
and just send an unlock signal to the magnetic lock on the inside of the
door. So just send the electrical signal to the lock and you are in. Others allow you to capture the encrypted signal so that you can reprogram a card.

Bluetooth padlocks have the problem that they may be produced by companies
that don't know how to design locks so that they aren't hard to bypass.

And that's just the beginning. People have expensive and effective locks on doors only to have a lock box for keys that can be opened in seconds.

Go take a look.

And yes, he's a lawyer.

------------------------------

Date: Thu, 26 Mar 2020 23:59:28 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Siri and Alexa Fails: Frustrations With Voice Search (The Manifest)

Voice Search Assistants Are Often Summoned Unintentionally

Joshua Liljenquist is a senior at Minnesota State University in Mankato,
Minn. His professor walked into his class sophomore year and began to review the syllabus. He forbade the students from taking photos for note-taking purposes during the lecture, threatening expulsion.

Liljenquist was shocked and whispered to the person next to him, ``This guy
is kind of an a------.''

The lecture hall was silent when, suddenly, Liljenquist's Siri, trying to be helpful, said, "I found no results for `This guy is kind of an a------.' "

``A wrinkle in my jeans must have set off Siri -- My face turned bright red
as I wanted to grab my things and sprint out of the classroom. I don't
think the timing could be any worse.''

Liljenquist is not alone -- 64% of voice search users have accidentally accessed a voice assistant in the last month.

https://themanifest.com/digital-marketing/resources/siri-alexa-fails-frustrations-with-voice-search

------------------------------

Date: 21 Mar 2020 18:19:02 -0400
From: "John R. Levine" <johnl@iecc.com>
Subject: Zoom bombing

A lot of informal online gatherings have moved into online Zoom conferences. Unfortunately, since this is the Internet, trolls join and screen share hardcore porn. Since Zoom was designed as a business conference system
where the users are all known to the organizers and can be expected to
behave (sort of like the early Internet), it's hard to prevent.

https://www.nytimes.com/2020/03/20/style/zoombombing-zoom-trolling.html

Keeping in mind that the primary blame falls on cretins who think that sort
of thing is funny, this is also a usability issue. There are Zoom features
to deter this, e.g., lock the room to keep anyone from re-entering after
being ejected, but it's not well documented for new users.

------------------------------

Date: Sun, 22 Mar 2020 10:42:04 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: Video conferences under attack by "zoombombing"

[In addition to John Levine's *Times* item:]

Beware of "ZoomBombing" - screensharing filth to video calls

https://techcrunch.com/2020/03/17/zoombombing/

Troll Terrifies Public Zoom Meeting By Sharing Highly Disturbing Video

https://www.forbes.com/sites/leemathews/2020/03/21/troll-terrifies-zoom-meeting-zoombombing/#694fc6e53e70

------------------------------

Date: Fri, 20 Mar 2020 8:46:13 PDT
From: "Peter G. Neumann" <neumann@csl.sri.com>
Subject: Beware of call-back numbers

From Mabry Tyson:

Just before 6PM, I got a text on my phone this evening allegedly from 1-860-360-xxxx (I believe this is forgeable) saying

MSG: We have accepted your request.
If you did not make this request for an ADDITIONAL LINE
please call VZ Customer Support at 1-855-955-0926

This is not someone adding a line as claimed. This is an identity theft attempt.

The victim is expected to call up and be worried about a fraud attempt.  
They will then ask all kinds of questions, getting whatever identity information they can pull from you.

That 855-955 number is not listed at the VerizonWireless site as a customer support number. The text came through an hour after the customer support closed for the weekend (COVID-19 fallout)

I recently got a postal service mail allegedly from a bank that made a
similar claim. I actually checked that it was their customer service
number.  The bank had no record of the claim.

Mabry

------------------------------

Date: Sat, 21 Mar 2020 18:10:40 -0700
From: Rob Slade <rmslade@shaw.ca>
Subject: Wash Your Hands -- but Beware the Electric Hand Dryer

Some years back a high-school student (in Alberta?) did a study on the
various ways to dry your hands in public washrooms, swabbing her hands and culturing the results. As a control, she wiped her hands dry on her jeans.

Wiping her hands dry on her jeans was cleaner than using air dryers ...

------------------------------

Date: Sun, 22 Mar 2020 22:47:48 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Why Don't We Just Ban Targeted Advertising (WIRED)

From protecting privacy to saving the free press, it may be the single best way to fix the Internet.

The solution to our privacy problems, suggested Hansson, was actually quite simple. If companies couldn't use our data to target ads, they would have no reason to gobble it up in the first place, and no opportunity to do mischief with it later. From that fact flowed a straightforward fix: ``Ban the right
of companies to use personal data for advertising targeting.''

https://www.wired.com/story/why-dont-we-just-ban-targeted-advertising/

Excruciatingly overlong, makes the point in headline and never stops...

------------------------------

Date: Tue, 24 Mar 2020 09:49:50 +0800
From: Richard Stein <rmstein@ieee.org>
Subject: Death on Mars (Scientific American)

https://blogs.scientificamerican.com/life-unbounded/death-on-mars1/ by Caleb
A. Scharf (20JAN2020).

"The martian radiation environment is a problem for human explorers that
cannot be overstated."

Astronauts traveling to Mars from Earth will experience ~1 sievert of solar radiation (~10000 chest x-rays). "It would increase the odds of you getting fatal cancer by some 5% over your lifetime."

Without an Earth-like atmosphere and magnetic shield against ionizing radiation, Martian surface colonists will experience an estimated 18
sieverts over a ~20-30 year mission timeline. Digging into the regolith a
few meters affords a shield.

Instantaneous exposure to eighteen (18) sieverts will kill a human within a
few days. If spread over 20-30 years, one might survive. Although, "there
is evidence that neurological function is particularly sensitive to
radiation exposure, and there is the question of our essential microbiome
and how it copes with long-term, persistent radiation damage."

As Scharf states, "To put all of this another way: in the worst case
scenario (which may or may not be a realistic extrapolation) there's a
chance you'd end up dead or stupid on Mars. Or both."

------------------------------

Date: Tue, 24 Mar 2020 11:33:52 +0800
From: Richard Stein <rmstein@ieee.org>
Subject: Her Incredible Sense Of Smell Is Helping Scientists Find New Ways
To Diagnose Disease (npr.org)

https://www.npr.org/sections/health-shots/2020/03/23/820274501/her-incredible-sense-of-smell-is-helping-scientists-find-new-ways-to-diagnose-di

The NPR piece discusses Parkinson's Disease detection using a hyperosomic individual -- a person with super-sensitive smell.

The "volatilome" is a neologism that characterizes human body odors
outgassed from the volatile organic compounds contained by our skin's
sebaceous fluid. See https://pubs.acs.org/doi/10.1021/acscentsci.8b00879, "Discovery of Volatile Biomarkers of Parkinson’s Disease from Sebum" for technical details.

Risk: Inexpensive volatilome detectors enlarge individual biometric profile metadata for surveillance economy exploitation.

Will an IoT-enabled volatilome detector eventually replace doorbell camera facial recognition?

IoT devices that embed an open-source, web-enabled 'smellorithm'? The 'Smellogram,' a wireless peripheral proven to reconstruct and spritz any smellorithm-captured volatilome, a must-have 'ugh-mented' reality gizmo.

------------------------------

Date: Mon, 30 Mar 2020 9:22:31 PDT
From: "Peter G. Neumann" <neumann@csl.sri.com>
Subject: MIT-based Team Works on Rapid Deployment of Open-source Low-cost
Ventilator (MIT News)

David L. Chandler, MIT News, 26 Mar 2020 http://news.mit.edu/2020/ventilator-covid-deployment-open-source-low-cost-0326

MIT-based team works on rapid deployment of open-source low-cost ventilator

Clinical and design considerations will be published online; goal is to
support rapid scale-up of device production to alleviate hospital shortages.

The new device fits around an Ambu bag (blue), which hospitals already have
in abundance. Designed to be squeezed by hand, they are squeezed by
mechanical paddles (center) driven by a small motor. This directs air
through a tube to the patient's airway, MIT E-Vent Unit.

One of the most pressing shortages facing hospitals during the Covid-19 emergency is a lack of ventilators. These machines can keep patients
breathing when they no longer can on their own, and they can cost around $30,000 each. Now, a rapidly assembled volunteer team of engineers,
physicians, computer scientists, and others, centered at MIT, is working to implement a safe, inexpensive alternative for emergency use, which could be built quickly around the world.

The team, called MIT E-Vent [https://e-vent.mit.edu/] (for emergency ventilator), was formed on 12 March 2020 in response to the rapid spread of
the Covid-19 pandemic. Its members were brought together by the exhortations
of doctors, friends, and a sudden flood of mail referencing a project done a decade ago in the MIT class 2.75 (Medical Device Design). Students working
in consultation with local physicians designed a simple ventilator device
that could be built with about $100 worth of parts. They published a paper detailing their design and testing, but the work ended at that point. Now,
with a significant global need looming, a new team, linked to that course,
has resumed the project at a highly accelerated pace. [https://e-vent.mit.edu/wp-content/uploads/2020/03/DMD-2010-MIT-E-Vent.pdf]

MIT E-Vent Unit 000 Setup, Image by JC

The key to the simple, inexpensive ventilator alternative is a hand-operated plastic pouch called a bag-valve resuscitator, or Ambu bag, which hospitals already have on hand in large quantities. These are designed to be operated
by hand, by a medical professional or emergency technician, to provide
breaths to a patient in situations like cardiac arrest, until an
intervention such as a ventilator becomes available. A tube is inserted into the patient's airway, as with a hospital ventilator, but then the pumping of air into the lungs is done by squeezing and releasing the flexible
pouch. This is a task for skilled personnel, trained in how to evaluate the

[continued in next message]

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)