1. Forum
  2. Usenet
  3. COMP.RISKS

  • Risks Digest 33.39 (2/2)

    From RISKS List Owner@21:1/5 to All on Tue Aug 16 23:38:22 2022
    [continued from previous message]

    Modern phone systems were designed to be tapped, both recording the contents
    of calls and, with considerably less protection, pen registers that record
    who you called and who called you. While I believe that judges will apply
    the law correctly when asked to authorize a tap, it is already obvious that
    in states where abortion is illegal, a whole lot of stuff is illegal and
    would authorize a tap. We have also seen way too many cases where people
    skip the process and listen in without authorization.

    Signal uses open source software written and maintained by a guy who has a
    good reputation in the cryptography and security communities. I think it is credible when they say your conversations are encrypted in ways they cannot decode and they don't keep logs. Whatsapp uses the same encryption as Signal
    so I think it's a reasonable second choice.

    ------------------------------

    Date: Sun, 14 Aug 2022 15:21:54 -0400
    From: "Arthur T." <risks202208.6.atsjbt@xoxy.net>
    Subject: Re: Tech giants, including Meta, Google, and Amazon, want to
    put an end to leap-seconds (Ross, RISKS-33.38)

    Not everyone writing software has the financial backing of a major
    government. Nor do they necessarily have the level of quality control such funding can yield. If you look in the RISKS archives, you'll find instances (some fairly recent) of programs not even coding properly for leap *years*.

    It is easier to not screw up something simple than something complex. Not
    only are leap seconds more complex than not using them, they're
    unpredictable and ad hoc.

    I am not trying to directly address the complex question of whether leap seconds should be continued. I am merely trying to explain some of the objections.

    ------------------------------

    Date: Sat, 13 Aug 2022 21:17:47 -0700
    From: geoff goodfellow <geoff@iconia.com>
    Subject: Re: Chinese Hackers Backdoored MiMi Chat App to Target Windows, Linux,
    macOS Users (noted in RISKS-33.38 without details)

    A pair of reports from cybersecurity firms SEKOIA <https://blog.sekoia.io/luckymouse-uses-a-backdoored-electron-app-to-target-macos/>
    and Trend Micro <https://www.trendmicro.com/en_us/research/22/h/irontiger-compromises-chat-app-Mimi-targets-windows-mac-linux-users.html>
    sheds
    light on a new campaign undertaken by a Chinese threat actor named Lucky
    Mouse that involves leveraging a trojanized version of a cross-platform messaging app to backdoor systems.

    Infection chains leverage a chat application called MiMi, with its
    installer files compromised to download and install HyperBro samples for
    the Windows operating system and rshell artifacts for Linux and macOS.

    As many as 13 different entities located in Taiwan and the Philippines have been at the receiving end of the attacks, eight of whom have been hit with rshell. The first victim of rshell was reported in mid-July 2021.

    Lucky Mouse, also called APT27 <https://malpedia.caad.fkie.fraunhofer.de/actor/emissary_panda>, Bronze
    Union, Emissary Panda, and Iron Tiger, is known to be active since 2013 and
    has a history of gaining access to targeted networks in pursuit of its political and military intelligence-collection objectives aligned with
    China.

    The advanced persistent threat actor (APT) is also adept at exfiltrating high-value information using a wide range of custom implants such as
    SysUpdate <https://thehackernews.com/2021/04/luckymouse-hackers-target-banks.html>, HyperBro <https://malpedia.caad.fkie.fraunhofer.de/details/win.hyperbro>,
    and PlugX. <https://thehackernews.com/2022/06/state-backed-hackers-using-ransomware.html>

    The latest development is significant, not least because it marks the
    threat actor's introductory attempt at targeting macOS alongside Windows
    and Linux. [...]

    https://thehackernews.com/2022/08/chinese-hackers-backdoored-mimi-chat.html

    ------------------------------

    Date: Mon, 15 Aug 2022 13:26:19 -0500
    From: "Craig S. Cottingham" <craig@cottingham.net>
    Subject: Re: Rainwater everywhere on Earth unsafe to drink due to *forever
    chemicals*, study finds (EuroNews, RISKS-33.38)

    I’m not disputing the conclusions of the researchers, but I'd really like to see some numbers before I take back my grain of salt.

    * What is the accepted safe level?
    * What is the current level (different for different areas, I assume)?
    * What is the adjusted level of mortality due to higher levels of these
    chemicals?

    I've seen too many doom-and-gloom reports of the form of ``you're ten times more likely to get cancer if you do'' -- where it turns out that the probability over a lifetime goes from 0.001% to 0.01%.

    [There is no one accepted safe level. People with severe allergies
    have to be considered. PGN]

    ------------------------------

    Date: Sun, 14 Aug 2022 06:11:13 -0400 (EDT)
    From: Mark Brader <msb@Vex.Net>
    Subject: Re; Doug Jones's review (RISKS-33.37)

    May I suggest adding a note to Doug Jones's review in the second-last issue, either pointing to my correction in the following issue or just giving
    noting the correct information?

    (By the way, I have bought the book. Haven't started reading it yet,
    though.)

    BTW, Is your autoresponder no longer in use? I was surprised not to receive
    a response when sending the correction, and I just checked my spam bucket
    and it isn't there either.

    [Beats me. I have no idea how it is generated. PGN]

    ------------------------------

    Date: Mon, 1 Aug 2020 11:11:11 -0800
    From: RISKS-request@csl.sri.com
    Subject: Abridged info on RISKS (comp.risks)

    The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
    comp.risks, the feed for which is donated by panix.com as of June 2011.
    SUBSCRIPTIONS: The mailman Web interface can be used directly to
    subscribe and unsubscribe:
    http://mls.csl.sri.com/mailman/listinfo/risks

    SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that
    includes the string `notsp'. Otherwise your message may not be read.
    *** This attention-string has never changed, but might if spammers use it.
    SPAM challenge-responses will not be honored. Instead, use an alternative
    address from which you never send mail where the address becomes public!
    The complete INFO file (submissions, default disclaimers, archive sites,
    copyright policy, etc.) is online.
    <http://www.CSL.sri.com/risksinfo.html>
    *** Contributors are assumed to have read the full info file for guidelines!

    OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
    searchable html archive at newcastle:
    http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
    Also, ftp://ftp.sri.com/risks for the current volume/previous directories
    or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
    If none of those work for you, the most recent issue is always at
    http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-33.00
    ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
    *** NOTE: If a cited URL fails, we do not try to update them. Try
    browsing on the keywords in the subject line or cited article leads.
    Apologies for what Office365 and SafeLinks may have done to URLs.
    Special Offer to Join ACM for readers of the ACM RISKS Forum:
    <http://www.acm.org/joinacm1>

    ------------------------------

    End of RISKS-FORUM Digest 33.39
    ************************

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)