RISKS-LIST: Risks-Forum Digest Friday 12 August 2022 Volume 33 : Issue 38

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/33.38>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>

Contents:
Tesla faces new probes into motorbike deaths, false advertising
(Ars Technica)
One of 5G's Biggest Features Is a Security Minefield (WiReD)
Cisco Confirms It's Been Hacked by Yanluowang Ransomware Gang
(The Hacker News)
The Hacking of Starlink Terminals Has Begun (WiReD)
A bug lurking for 12 years gives attackers root on every major Linux distro
(Ars Technica)
Coinbase reports 63% drop in revenues in second quarter (NYTimes)
Rainwater everywhere on Earth unsafe to drink due to *forever chemicals*,
study finds (Euronews)
A Sydney high school banned mobile phones. It had dramatic results
(Sydney Morning Herald)
Math error overturns 100-year-old understanding of color perception (Phys) Sloppy Use of Machine Learning Is Causing a Reproducibility Crisis in
Science (WiReD)
MoFi has been using digital all along, a scandal in the audio community
(WashPost)
FEC approves Google's horrible political spam filter bypass plan
(Lauren Weinstein)
MoFi has been using digital all along, a scandal in the audio community
(WashPost)
Cryptocurrencies and the US Government Are Headed for a Decisive Showdown
(WiReD)
U.S. sanctions Tornado Cash and crypto shrieks in horro
(Attack of the 50-Foot Blockchain)
Just use voice calls or in person for sensitive communications
(Lauren Weinstein)
What about Signal or Whatsapp, etc. vs. voice callsignal or Whatsapp,
etc. vs. voice calls privacy/security? (Lauren Weinstein)
New Data Suggests Our Fundamental Model of the Universe Is Wrong, And
Scientists Are Racing to Solve It (dnyuz)
Re: "Dr. Birx ADMITS She 'Knew' COVID-19 Vaccines 'Were Not Going to Protect
Against Infection' (Steve Lamont)
Re: Bad Batches (Judith Hemenway)
Danger: Metaverse Ahead! (Rob Slade)
Amazon vacuums up more data and money with Roomba? (Lauren Weinstein)
Re: Tech giants, including Meta, Google, and Amazon, want to put an end to
leap-seconds (David E. Ross)
Re: Who is at fault when medical software gets it wrong? (Gabe Goldberg)
Re: Robotic Surgery (Gabe Goldberg)
Re: Clipping wires to upgrade (Lindsay Marshall)
Re: Book Review: America's Biggest Lottery Scam by Bob Sand (Mark Brader) Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Mon, 8 Aug 2022 14:45:58 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Tesla faces new probes into motorbike deaths, false
advertising (Ars Technica)

NHTSA is investigating bike deaths as California says Tesla statements are "untrue."

The first fatal crash occurred in the early hours of July 7 in Riverside, California, when a Tesla Model Y on State Route 91 hit a motorcycle from behind, killing its rider. The second fatal motorcycle crash occurred on
July 24, again at night, this time on I-15 outside Draper, Utah. In that
case, a Tesla Model 3 was driving behind a motorcycle and hit it, killing
the rider.

------------------------------

Date: Thu, 11 Aug 2022 01:38:32 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: One of 5G's Biggest Features Is a Security Minefield (WiReD)

New research found troubling vulnerabilities in the 5G platforms carriers
offer to wrangle embedded device data.

https://www.wired.com/story/5g-api-flaws

------------------------------

Date: Thu, 11 Aug 2022 10:20:56 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: Cisco Confirms It's Been Hacked by Yanluowang Ransomware Gang
(The Hacker News)

Networking equipment major Cisco on Wednesday confirmed it was the victim of
a cyberattack on May 24, 2022 after the attackers got hold of an employee's personal Google account that contained passwords synced from their web
browser.

"Initial access to the Cisco VPN was achieved via the successful compromise
of a Cisco employee's personal Google account," Cisco Talos said in a
detailed write-up. "The user had enabled password syncing via Google Chrome and had stored their Cisco credentials in their browser, enabling that information to synchronize to their Google account." <https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html>

The disclosure comes as cybercriminal actors associated with the Yanluowang ransomware gang published a list of files from the breach to their data leak site on August 10.
<https://twitter.com/Cyberknow20/status/1557419082210676736>

The exfiltrated information, according to Talos, included the contents of a
Box cloud storage folder that was associated with the compromised employee's account and is not believed to have included any valuable data.

Besides the credential theft, there was also an additional element of
phishing wherein the adversary resorted to methods like *vishing* (aka voice phishing) and multi-factor authentication (MFA) fatigue to trick the victim into providing access to the VPN client. [...]

https://thehackernews.com/2022/08/cisco-confirms-its-been-hacked-by.html

------------------------------

Date: Thu, 11 Aug 2022 10:23:00 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: The Hacking of Starlink Terminals Has Begun (WiReD)

It cost a researcher only $25 worth of parts to create a tool that allows custom code to run on the satellite dishes.

https://www.wired.com/story/starlink-internet-dish-hack/

------------------------------

Date: Wed, 26 Jan 2022 11:08:40 PST
From: Peter Neumann <neumann@csl.sri.com>
Subject: A bug lurking for 12 years gives attackers root on every major
Linux distro (Ars Technica)

[oops. i forwarded this to a colleague and lost the author from another
list. PGN]

https://arstechnica.com/information-technology/2022/01/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro/

This highlights a problem with running old versions of OSes that aren't
getting software updates.

(Ubuntu Advantage has patches for this in 14.04 and 16.04, but only if
you're in the program. It looks like they aren't supporting 12.04 (which is still within 5 yrs of end of security patches, so I expected them to)

This was more interesting to me... https://thehackernews.com/2022/01/chinese-hackers-spotted-using-new-uefi.html

------------------------------

Date: Wed, 10 Aug 2022 19:23:03 PDT
From: Peter Neumann <neumann@csl.sri.com>
Subject: Coinbase reports 63% drop in revenues in second quarter (NYTimes)

David Yaffe-Bellany, *The New York Times" Business, 10 Aug 2022

... and $2.2 billion down from a year ago.

------------------------------

Date: Tue, 9 Aug 2022 10:51:32 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: Rainwater everywhere on Earth unsafe to drink due to *forever
chemicals*, study finds (EuroNews)

[Another ALMOST EVERYTHING IS INTERCONNECTED example.]

Per- and poly-fluoroalkyl substances (PFAS) are a large family of
human-made chemicals that don't occur in nature. They have non-stick or
stain repellent properties so can be found in household items like food
packaging, electronics, cosmetics and cookware. But now researchers at
the University of Stockholm have found them in rainwater in most
locations on the planet -- including Antarctica. There is no safe space
to escape them.

https://www.euronews.com/green/2022/08/04/rainwater-everywhere-on-earth-unsafe-to-drink-due-to-forever-chemicals-study-finds

------------------------------

Date: Sun, 7 Aug 2022 16:57:58 -0600
From: Jim Reisert AD1C <jjreisert@alum.mit.edu>
Subject: A Sydney high school banned mobile phones. It had dramatic results
(Sydney Morning Herald)

Andrew Taylor, *Sydney Morning Herald*, 7 Aug 2022

A Sydney high school has seen a dramatic decrease in behavioural issues
and a boost in physical activity and students talking to each other just
two months after it tightened restrictions on mobile phone usage.

Davidson High School principal David Rule said there had been significant
changes since students in years 7 to 10 were banned from using mobile
phones at school. "Classrooms have effectively become phone-free and this
has allowed staff to focus on educating students," he said in a school
newsletter. "Finally, in eight weeks of the policy, there has been a 90
per cent reduction in behavioural issues related to phones in the school."

The high school in Frenchs Forest requires students to put phones in a
pouch that, once closed, cannot be reopened without breaking a lock.

https://www.smh.com.au/national/nsw/a-sydney-high-school-banned-mobile-phones-it-had-dramatic-results-20220803-p5b6zf.html

------------------------------

Date: Thu, 11 Aug 2022 20:48:54 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: Math error overturns 100-year-old understanding of color perception
(Phys)

https://phys.org/news/2022-08-math-error-overturns-year-old-perception.html

------------------------------

Date: Thu, 11 Aug 2022 08:49:51 -0400
From: =?iso-8859-1?Q?Jos=E9_Mar=EDa?= Mateos <chema@rinzewind.org>
Subject: Sloppy Use of Machine Learning Is Causing a Reproducibility
Crisis9 in Science (WiReD)

https://www.wired.com/story/machine-learning-reproducibility-crisis/

From the article (one of the examples):

History shows civil wars to be among the messiest, most horrifying of
human affairs. So Princeton professor Arvind Narayanan and his PhD student Sayash Kapoor got suspicious last year when they discovered a strand of political science research claiming to predict when a civil war will break out with more than 90 percent accuracy, thanks to artificial intelligence.

A series of papers described astonishing results from using machine

learning, the technique beloved by tech giants that underpins modern
AI. Applying it to data such as a country’s gross domestic product and unemployment rate was said to beat more conventional statistical methods
at predicting the outbreak of civil war by almost 20 percentage points.

Yet when the Princeton researchers looked more closely, many of the
results turned out to be a mirage. Machine learning involves feeding an algorithm data from the past that tunes it to operate on future, unseen
data. But in several papers, researchers failed to properly separate the pools of data used to train and test their code’s performance, a mistake termed *data leakage* that results in a system being tested with data it
has seen before, like a student taking a test after being provided the answers.

A bit of self-promotion: I co-wrote a review detailing the most common ways machine learning is misused in the field of neuroscience. (https://www.sciencedirect.com/science/article/pii/S2213158218302602)
With the advent of "click-here-and-you-are-done" systems, I wouldn't expect this to be different in any other field (except in the ML research itself.)

------------------------------

Date: Sun, 7 Aug 2022 15:38:15 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: MoFi has been using digital all along, a scandal in the audio
community (WashPost)

MoFi claimed its expensive reissues were purely analog reproductions. It had been deceiving its customer base for years.

Mike Esposito still won't say who gave him the tip about the records. But
on July 14, he went public with an explosive claim.

In a sometimes halting video posted to the YouTube channel of his Phoenix record shop, the 'In' Groove, Esposito said that "pretty reliable sources"
told him that MoFi (Mobile Fidelity), the Sebastopol, Calif., company that
has prided itself on using original master tapes for its pricey reissues,
had actually been using digital files in its production chain. In the world
of audiophiles — where provenance is everything and the quest is to get as close to the sound of an album’s original recording as possible — digital is
considered almost unholy. And using digital while claiming not to is the gravest sin a manufacturer can commit.

https://www.washingtonpost.com/music/2022/08/05/mofi-records-analog-digital-scandal/

------------------------------

Date: Thu, 11 Aug 2022 12:02:43 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: FEC approves Google's horrible political spam filter bypass plan
(Lauren Weinstein)

The Federal Election Commission officially has now approved the horrible
Google plan for political mail to bypass Gmail spam filters by default.
Please see: "How to Fix Google's Gmail Political Spam Bypass Plan":

https://lauren.vortex.com/2022/08/03/how-to-fix-googles-gmail-political-spam-bypass-plan

------------------------------

Date: Sun, 7 Aug 2022 15:38:15 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: MoFi has been using digital all along, a scandal in the audio
community (WashPost)

MoFi claimed its expensive reissues were purely analog reproductions. It had been deceiving its customer base for years.

Mike Esposito still won't say who gave him the tip about the records. But
on July 14, he went public with an explosive claim.

In a sometimes halting video posted to the YouTube channel of his Phoenix record shop, the 'In' Groove, Esposito said that "pretty reliable sources"
told him that MoFi (Mobile Fidelity), the Sebastopol, Calif., company that
has prided itself on using original master tapes for its pricey reissues,
had actually been using digital files in its production chain. In the world
of audiophiles — where provenance is everything and the quest is to get as close to the sound of an album’s original recording as possible — digital is
considered almost unholy. And using digital while claiming not to is the gravest sin a manufacturer can commit.

https://www.washingtonpost.com/music/2022/08/05/mofi-records-analog-digital-scandal/

------------------------------

Date: Tue, 9 Aug 2022 00:33:33 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Cryptocurrencies and the US Government Are Headed for a Decisive
Showdown (WiReD)

A crop of lawsuits could finally settle the question of whether most digital assets are illegal securities offerings.

https://www.wired.com/story/crypto-web3-securities-ripple-sec-lawsuits

------------------------------

Date: Tue, 9 Aug 2022 18:43:33 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: U.S. sanctions Tornado Cash and crypto shrieks in horro
(Attack of the 50-Foot Blockchain)

Transactions on the Ethereum blockchain are completely traceable. Any transaction anyone ever made on Ethereum can be traced, all the way back to
the launch of the project in 2015. Transactions are pseudonymous â but many users have been identified after the fact.

Tornado Cash is a mixer â an Ethereum smart contract program that you can
use to break the traceability of transactions on Ethereum. This is for
privacy.

Tornado Cash accepts deposits of ether (the currency on Ethereum) from one address and enables you to withdraw the ether from a different address. The smart contract works as a pool that mixes all deposits, using zero-knowledge proofs.

If the ether is proceeds from a crime, then this is literally just money laundering.

Tornado Cash was also used heavily by North Koreaâs Lazarus Group to launder stolen ether and help the country get hard currency.

In what should come as no surprise to anyone whatsoever, Tornado Cash has
been sanctioned by the US Office of Foreign Asset Control.

https://davidgerard.co.uk/blockchain/2022/08/09/us-sanctions-tornado-cash-and-crypto-shrieks-in-horror/

------------------------------

Date: Tue, 9 Aug 2022 15:25:10 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: Just use voice calls or in person for sensitive communications

Free Advice: Don't discuss ANYTHING on social media that you wouldn't want released to anyone outside of the person with whom you're communicating. In person is best, conventional voice phone calls are usually OK. Don't email, don't text, don't use Facebook, etc. for this. -L

------------------------------

Date: Tue, 9 Aug 2022 16:44:01 -0700 about Signal or Whatsapp, etc. vs. voice From: Lauren Weinstein <lauren@vortex.com>
Subject: What about Signal or Whatsapp, etc. vs. voice callsignal or
Whatsapp, etc. vs. voice calls privacy/security?

Since I'm already getting queries about this, let me put it this way. What about Signal or Whatsapp, etc. vs. voice calls privacy/security?
discussions to stay truly private need to be as ephemeral as possible.
Since I'm already getting queries about this, let me put it this way. With
the demise of Roe, we have entered a new era. My view is that to stay truly private discussions need to be as ephemeral as possible. Many
communications don't need that level of privacy. For them, use whatever you feel comfortable with. But voice calls through conventional carriers are
still pretty much the most ephemeral of communications compared with
everything else. Yes, voice calls could be recorded. Yes,r they're just
data. But the laws regarding wiretaps are significantly stronger (and much older) compared with how more "modern" communications are handled. While an anti-abortion state might get a search warrant for emails, texts, posts,
even entire phones, they are unlikely to get a search warrant for past phone calls -- since those usually will not exist as they are not routinely
recorded en masse. Obviously once a wiretap order is placed by a court, that changes. But by and large, the most ephemeral communications still are, in
my opinion, ordinary voice phone calls through the conventional
carriers. And again, that is just my opinion.

------------------------------

Date: Mon, 8 Aug 2022 09:55:36 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: New Data Suggests Our Fundamental Model of the Universe Is Wrong,
And Scientists Are Racing to Solve It (dnyuz)

We live in a strange universe filled with unexplained phenomena that have perplexed humans since time immemorial. Scientists have pieced together a
rough guide to the cosmos -- known as the Lambda cold dark matter model, or more simply, the standard model of cosmology -- but many mysteries don't
seem to fit into this otherwise well-corroborated framework, especially as
our view of space has gotten ever more precise in recent years.

Scientists are now especially preoccupied with intractable tensions that
have emerged from different measurements of two cosmic properties: The rate
at which our universe is expanding, known as the Hubble constant (Ho), and a value called sigma-8, which describes variations in how matter clumps
together across large cosmic scales.

Efforts to measure these properties in space have puzzlingly returned
different values. When the Hubble constant is measured based on observations
of brilliant stars that act as yardsticks in space, its speed is clocked as about 50,400 miles per hour per million light years. However, when it is measured using the cosmic microwave background (CMB), the oldest light in
the universe, it is 46,200 miles per hour per million light years.
Meanwhile, the value of sigma-8 is different when measured using the CMB, compared to other observational techniques.

What this means, essentially, is that there may be a potentially serious
flaw in our basic understanding of the universe and the fabric of reality.
In response, scientists around the world are now trying to resolve these tensions. [...]

https://dnyuz.com/2022/08/08/new-data-suggests-our-fundamental-model-of-the-universe-is-wrong-and-scientists-are-racing-to-solve-it/

------------------------------

Date: Fri, 12 Aug:34:09 -0700
From: Rob Slade <rslade@gmail.com>
Subject: Danger: Metaverse Ahead!

No, I'm not talking about the latest excuse for plot contortions in the
Marvel studios movie franchises.

We are being told to prepare for the Metaverse. We are being told that the Metaverse is coming. Facebook, indeed, has changed its name to Meta, the better to cash in on the Metaverse. Whenever it arrives. Or to create it,
and sell it to us.

What is the Metaverse? Well, it seems to be a sort of virtual reality interface to, well, who knows? Social media in general? A social media platform, in the same mode as Facebook? But with avatars? (Instead of
faces?)

(Today I saw an article about an artificial intelligence program to turn
your image, into an avatar, that looks something, not completely dissimilar
to, but not really like, you.)

It's all very meta.

We are already being sold the Metaverse. Perhaps not quite for cold hard
cash, quite yet, but we are being prepared for heavy duty sales pitches as
soon as somebody comes up with an acceptable platform.

(Maybe that will be a bit of protection for us. None of the existing social media giants, or indeed technical giants, want somebody else to be the Metaverse. As long as they are fighting about it, we are safe from it.
Well, relatively safe. I'm sure they'll still try to sell us little bits of it.)

Why should you be concerned? Well let me start off with a different
question: why would you need it? As analyst, pundit, and social commentator Neil Postman has said, what is the problem to which this technology is the solution?

But, all right. Let me address the question of why you should be concerned. They are going to sell you the Metaverse. Or, they are going to sell you little bits of it. They are already starting to sell Metaverse "real
estate." Even the phrase "Metaverse real estate" is misleading. Metaverse real estate is completely unreal. In the real world real estate has real
value because it's real. And because you need it. To have a place to live,
or a place to work, or a place to build a factory, or a place to build roads
to get goods from one factory to another, or from a factory to the homes.
As Mark Twain famously said, buy land, they are not making any more. (Well, except for the Dutch, of course.)

Metaverse real estate isn't real. When they want to sell you more Metaverse real estate, they just make it. And it's easy to make. Because it's not
real. It's all just ones and zeros. They are selling you nothing.

Speaking of selling you nothing, the Metaverse will probably be using cryptocurrencies. And NFTs. And using decentralized finance (or defi, for short). Remember cryptocurrencies? That system where you pay in real
money, to buy cryptocurrency, with no inherent value of its own, because the people who have created the cryptocurrency are telling you that many people will want to buy cryptocurrency, and you will be able to get real money out
of the system, because of the new people, who come in after you, and pay
real money, to buy cryptocurrencies with no inherent value. Your return,
and the inflation on your investment, depends upon the new people who come
in after you and pay real money to buy in. You will be paid from the money that they deposit.

Didn't someone named Charles Ponzi invent something similar a while back?

Metaverse real estate is not the only unreal thing that the vendors of the Metaverse will want you to pay real money for. If you want a house on the unreal real estate, they will sell you an unreal house. If you want
artworks in your unreal house they will sell you unreal artworks (at unreal prices). (But charge you real money.)

The vendors will sell you entertainments. These entertainments will be popular. Even if you are the only one attending. It's easy to create a
whole bunch of avatars, filling a theater, and creating a whole bunch of applause. Pre-recorded applause. The vendors will sell you games. The vendors will sell you opportunities to interact with your friends. The same friends that you can interact with now for free. Or possibly new friends.
Who may or may not be real.

The vendors may sell you opportunities to work, and therefore make money.
It'll probably be in cryptocurrency, but they'll probably sell you the opportunity to convert it to real money as well. (For a reasonable fee.)
The opportunities to work will probably be real. You will probably have
real clients or real employers, so that they can pay you the real money.
But they'll charge a reasonable fee for the opportunity to get that work.
Of course, "reasonable" will be defined by the vendors.

It may be that, in the Metaverse, you need to make life bearable, or more enjoyable. What's a thneed? I have no idea. I'm borrowing Dr Seuss's
term. But I'm sure that the vendors of the Metaverse will find one, or make one, or imagine one, and convince everybody that they need one.

Still don't think that there are dangers in the Metaverse?

------------------------------

Date: Mon, 8 Aug 2022 14:09:22 -0700
From: Lauren Weinstein <lauren@vortex.com>
Subject: Amazon vacuums up more data and money with Roomba?

[PGN retitled]

Amazon bought the company that makes the Roomba. Antitrust researchers and data-privacy experts say it's 'the most dangerous, threatening acquisition
in the company's history'.

https://www.businessinsider.com/amazon-roomba-vacuums-most-dangerous-threatening-acquisition-in-company-history-2022-8

[Also noted by Gabe Goldberg. PGN]

------------------------------

Date: Sun, 07 Aug 2022 20:16:00 -0700
From: Steve Lamont <spl@tirebiter.org>
Subject: Re: "Dr. Birx ADMITS She 'Knew' COVID-19 Vaccines 'Were Not Going
to Protect Against Infection' (RISKS-33.35)

In re: "How bad is my batch"
http://howbadismybatch.info/

Reading to the bottom is always useful.
To wit:

Data Source

USA Data : All data is sourced from VAERS, a public database of over
700,000 adverse reaction reports for Moderna, Pfizer and Janssen Covid 19
vaccines in the USA.

Foreign Data : VAERS database now also includes data for Moderna, Pfizer
and Janssen Covid 19 vaccines in countries outside of the USA. This data
can be found here - Vaccine Adverse Event Reporting System (VAERS) - the
last table listed. This non-domestic data has been submitted by foreign
regulatory agencies and consists of approximately 1,000,000 adverse
reaction reports.

[So who has the definitive data? Apparently no one? PGN]

------------------------------

Date: Fri, 12 Aug 2022 00:48:51 +0000
From: Judith Hemenway <Judith@divingturtle.com>
Subject: Re: Bad Batches

Having an MD (and throwing a lot of numbers around) does not imply
competence in research design or statistical analysis. [The founder of the website] does not appear to have factored out even the most obvious
covariants, such as age. The initial batches of vaccines were restricted to healthcare workers and people aged 75 and older (remarkably, that is 5.9% of the population -- compare that with his 5% of the batches, etc.), who would have more co-morbidities, a greater chance of dying and possibly a greater tendency to react adversely to vaccines. There is nothing in the VAERS data that indicates whether the death/disability/reaction was in fact due to the vaccine – that has to be demonstrated via careful analysis. Because the batches are strongly time-dependent, the analysis must include factoring out other time-dependent covariants. For example, Moderna batch 041L20A, which
has the highest ADR of all the Moderna batches, and among the highest for Deaths and Disabilities, was administered very early (I got it in January
2021, and reported my adverse reaction to VAERS in February). Another
obvious time-dependent covariant is the version of the virus that was active
at the time of vaccination (since the vaccines do NOT PREVENT either
infection or deaths -- they simply reduce the probability, *all other things being equal*). Yet another time-dependent factor is that covid is a very different sort of infection, and there has been a long learning curve on the part of health-care providers in how best to treat it, so that the
death-rate early on (with or without vaccination) was in part due to lack of appropriate/effective treatment (and again, no vaccine PREVENTS death). I
do not deny that some people have severe adverse reactions to vaccines -- I
am one of them. And there may indeed be some variability in batch effectiveness and reactivity potential -- but I'd be willing to bet that it
is much smaller than this guy asserts.

------------------------------

Date: Sun, 7 Aug 2022 16:52:00 -0700
From: "David E. Ross" <david@rossde.com>
Subject: Re: Tech giants, including Meta, Google, and Amazon, want to put
an end to leap-seconds (Bacher, RISKS-33.36)????

I do not understand why anyone is objecting to continued implementation of leap-seconds. Well more than a half-century ago, I worked on software that handled leap-seconds without any problems. That was before the protocol was implemented to use whole seconds. Instead, fractional leap-seconds occurred several times a year.

To simplify things, the protocol was changed in 1972 to use only whole leap-seconds. Furthermore, the preferred occurrence of leap-seconds was set for either the end of 30 June or the end of 31 December, with additional opportunities -- only if really necessary -- at the end of 31 March and 30 September.

The software where all this worked well was used by the U.S. Air Force to operate its constellation of earth-orbiting space satellites. To avoid
timing ambiguities, the software used TAI internally. TAI is invariant, without leap-seconds. Time was kept in terms of seconds elapsed since some adjustable base instant. In some cases, time had to be resolved to the
nearest millisecond. For external use, TAI was converted to UTC or
vice-versa via a few very simple subroutines.

If key operations required UTC, the Air Force was alerted to pending leap-seconds. No such operations were scheduled within a few minutes before
or after the scheduled occurrence of a leap-second.

The software system involved was operational well beyond its expected
lifetime, more than 20 years. It was replaced by a new system created by system engineers, programmers, and coders who had no knowledge of
leap-seconds -- until the go-to guy for issues of time and earth rotation
(me) asked the simple question: "How do you handle leap-seconds?"

------------------------------

Date: Sun, 7 Aug 2022 21:28:35 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Re: Who is at fault when medical software gets it wrong? (R 33 36)

I just toured training facility at Inova, huge health system in Northern Virginia. The robotic pharmacist medicines dispenser has been improved to require typing THREE (not ONE) characters to begin selecting a drug from pulldown list. I'd heard years ago from a nurse friend that it was all too
easy to type a letter, get the list, and miss clicking the desired
selection. At least with three characters it's a bit more reliable. Plus,
when drugs are administered, they're scanned and patient is scanned to
ensure it's right med for right patient.

------------------------------

Date: Sun, 7 Aug 2022 21:44:05 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Re: Robotic Surgery (Fenichel, RISKS 33.36)

I had my gall bladder out almost 30 years ago. Surgeon said he'd do
it laparoscopically. Surgeon friend said no matter intent and promise, he
might have to open. My surgeon agreed -- but said in something like 5,000 procedures he'd never had to open. Plus, I think, he'd been involved in developing the laparoscopic procedure.

I just toured training facility at Inova, huge health system in Northern Virginia, had a chance to drive Da Vinci surgical robot. Now I understand
much better the advantages it has -- improved/magnified visibility of work area, flexibility working inside small incisions vs. needing larger
incisions, precise motions. I' m not comparing its risks to open procedure

[continued in next message]

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)