RISKS-LIST: Risks-Forum Digest Saturday 11 May 2024 Volume 34 : Issue 24

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/34.24>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>

Contents:
System outage affecting UniSuper services (via Colin Sutton)´˜´çoß∂Dubjrvy∂ßço
More than 200 people with diabetes injured after software issue drained
insulin pump batteries (Jamie Gubrecht and FDA)
New Spectre-Style 'Pathfinder' Attack Targets Intel CPU, Leak
Encryption Keys and Data (The Hacker News)
Solar Flares and Northern Lights (WashPost)
Wildfires causing widespread telecom outages in the NWT Yukon (CBC)
State actor blamed for cyberattack on B.C. government systems (CBC)
Interview With the Russian-Military-Linked Hackers Targeting U.S. Water
Utilities (WiReD)
AI Is Declared Ready to Make Decisions in War (APNews)
Microsoft Creates Top Secret Generative AI Service for U.S. Spies
(Katrina Manson)
AI Bots Are Taking Over the Job Application Process. Everyone Is Losing.
(WSJ)
Translation Tech Is Amazing, Except When It's Not (WiReD)
Hundreds of charges laid in OPP child sexual abuse investigation (CBC)
Did Rihanna and Katy Perry attend the Met Gala? No, but AI had fans
thinking otherwise (LATimes)
Ethereum's Cofounder Says SEC Is Gaslighting Everyone About Crypto (WiReD)
New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP
Manipulation (LevianthanSecurity)
UnitedHealth Top Executive Slammed Over Cyberattack (NYTimes)
Risks with websites providing data that is difficult to interpret
(Lars-Henrik Eriksson)
Fake photos, but make it fashion. Why the Met Gala
pics are just the beginning of AI deception (CBC)
Stack Overflow users sabotage their posts after OpenAI deal
(ArsTechnica)
No Country Should be Making Speech Rules for the World (EFF)
Apple faces celebrity backlash over piano crushing (BBC)
Robot dogs armed with AI-aimed rifles undergo U.S. Marines Special Ops
evaluation (ArsTechnica)
Parts supplied to Boeing had 'serious defects' (whistleblower via BBC)
How Google Became Evil (Dana F. Blankenhorn)
Google's new *Find My* device network is useful but a stalking risk
(WashPost)
Re: Could the Covid-19 Vaccines Have Caused Some People Harm?
(Joseph Gwinn, Jay Libove Alzina)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Thu, 9 May 2024 12:45:41 +1000
From: Colin Sutton <colin_sutton@ieee.org>
Subject: System outage affecting UniSuper services

A large Australian investment organisation, UniSuper, "had duplication in
two geographies as a protection against outages and loss. However, when the deletion of UniSuper's Private Cloud subscription occurred, it caused
deletion across both of these geographies." All access was lost a week
ago. It seems everything is still being recreated from backups. https://www.unisuper.com.au/contact-us/outage-update

------------------------------

Date: Fri, 10 May 2024 11:06:16 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: More than 200 people with diabetes injured after
software issue drained insulin pump batteries (FDA)

Jamie Gumbrecht, *CNN*, 8 May 2024, via ACM TechNews

More than 200 people with diabetes were injured when their insulin pumps
shut down unexpectedly due to a problem with a connected mobile app, the US Food and Drug Administration said Wednesday. <https://www.fda.gov/medical-devices/medical-device-recalls/tandem-diabetes-care-inc-recalls-version-27-apple-ios-tconnect-mobile-app-used-conjunction-tslim-x2?utm_medium=email&utm_source=govdelivery>

The FDA has identified this as a Class I recall, the most serious type of recall. Use of these devices may cause serious injuries or death. Version
2.7 of the t:connect Apple iOS app -- used with the t:slim X2 insulin pump
with Control-IQ -- has been recalled due to a software = issue that causes
the app to crash and relaunch. This cycle drains the pump battery, causing
it to shut down sooner than expected and suspend insulin delivery.

The issue ``may result in hyperglycemia or even diabetic ketoacidosi= s,
which can be a life-threatening condition due to high blood sugars and lack
of insulin,'' the FDA said. The agency said there have been 224 reported injuries as of April 15. No deaths have been reported. [...]

https://www.cnn.com/2024/05/08/health/tandem-insulin-pump-app-recall/index.= html

[comment from the press release: Fortunately, this failure mode means the
pump stops dispensing insulin, which, while it can lead to ugly medical problems, takes hours or days to get bad and can usually be noticed in time. The reverse problem, namely dumping large amounts of insulin into the blood stream, can cause immediate brain damage and other life threats (cf. Sunny
von Bullow).]

PRESS RELEASE: https://www.fda.gov/medical-devices/medical-device-recalls/tandem-diabetes-care-inc-recalls-version-27-apple-ios-tconnect-mobile-app-used-conjunction-tslim-x2

------------------------------

Date: Wed, 8 May 2024 09:16:11 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: New Spectre-Style 'Pathfinder' Attack Targets Intel CPU, Leak
Encryption Keys and Data (The Hacker News)

Researchers have discovered two novel attack methods targeting
high-performance Intel CPUs that could be exploited to stage a key recovery attack against the Advanced Encryption Standard (AES) algorithm.

The techniques have been collectively dubbed Pathfinder by a group of
academics from the University of California San Diego, Purdue University,
UNC Chapel Hill, Georgia Institute of Technology, and Google.

"Pathfinder allows attackers to read and manipulate key components of the branch predictor, enabling two main types of attacks: reconstructing
program control flow history and launching high-resolution Spectre
attacks," Hosein Yavarzadeh, the lead author of the paper <https://dl.acm.org/doi/10.1145/3620666.3651382>, said in a statement
shared with The Hacker News.

"This includes extracting secret images from libraries like libjpeg and recovering encryption keys from AES through intermediate value extraction."

Spectre is the name given to a class of side-channel attacks <https://thehackernews.com/2024/04/researchers-uncover-first-native.html>
that exploit branch prediction
<https://en.wikipedia.org/wiki/Branch_predictor> and speculative
execution <https://en.wikipedia.org/wiki/Speculative_execution> on
modern CPUs to read privileged data in the memory in a manner that
sidesteps isolation protections between applications.

The latest attack approach targets a feature in the branch predictor
called the Path History Register (PHR <https://ieeexplore.ieee.org/document/955033>) -- which keeps a record
of the last taken branches -- to induce branch mispredictions and
cause a victim program to execute unintended code paths, thereby
inadvertently exposing its confidential data.

Specifically, it introduces new primitives that make it possible to
manipulate PHR as well as the prediction history tables (PHTs) within the conditional branch predictor (CBR) to leak historical execution data and ultimately trigger a Spectre-style exploit. [...]

------------------------------

Date: Sat, 11 May 2024 02:40:01 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Solar Flares and Northern Lights (WashPost)

One of the strongest geomagnetic storms in two decades hit Earth on Friday afternoon. Scientists say the severe storm could disrupt communication
systems but also bring beautiful displays of the northern lights this
weekend. [...]

Geomagnetic storms occur when the sun sends a punch of charged particles and parts of its magnetic field to Earth, often through eruptions from its
surface called coronal mass ejections. This severe geomagnetic storm — rated a level four out of five — resulted from five coronal mass ejections earlier this week, some of which are catching up with one another as they hurtle through space.

“We’re a little concerned in that we haven’t seen this in a long time,” Shawn Dahl, the service coordinator for the National Oceanic and Atmospheric Administration’s Space Weather Prediction Center, said in a news conference Friday. “We have notified all of our infrastructure operators that we coordinate with, such as satellite operators, communication folks … and of course, the power grid here in North America.”

A severe geomagnetic storm powered by five coronal ejections from the sun
will result in a vivid aurora borealis. Here are some tips for seeing it
this weekend

A severe geomagnetic storm can cause issues with power systems, spacecraft operations, radio communications and even pipeline systems, if not appropriately prepared for.

“Our role is to alert the operators of these different systems so that they’re aware and can take actions to mitigate these kinds of impacts,” Rob Steenburgh, a space scientist at NOAA’s Space Weather Prediction Center,
said at a news conference Friday.

Steenburgh and his colleagues work with grid operators across North America
to ensure high voltage transmission lines can withstand the incoming surge
of energy from the sun. Over past decades, engineers built systems that can protect power lines rapidly and keep them online during geomagnetic storms.

https://www.washingtonpost.com/weather/2024/05/10/northern-lights-solar-storm-where-to-watch/

------------------------------

From: Matthew Kruk <mkrukg@gmail.com>
Date: Sat, 11 May 2024 14:32:22 -0600
Subject: Wildfires causing widespread telecom outages in the NWT Yukon (CBC)

https://www.cbc.ca/news/canada/north/911-nwt-service-wildfire-alert-1.7201524

As of Saturday morning, the telecom provider confirmed that cell service, long-distance landline calls, and Internet were still down in Yukon,
Northern B.C., and the Beaufort Delta and Mackenzie Delta regions of N.W.T." ``We are working closely with our partners to gain safe access to the
damaged infrastructure to assess the situation. Once we're able to gain safe access, we can begin repairs. We do not have ETA for repair at this time, customers should plan to be without service for several more hours.'' Northwestel wrote on its Facebook page.
<https://www.facebook.com/Northwestel>"

[The almost unprecedented Friday evening Solar Flares caused some very
spectacular Northern Lights much farther south, as predicted. I wonder if
fires or power outages were related. PGN]

------------------------------

Date: Fri, 10 May 2024 15:57:44 -0600
From: Matthew Kruk <mkrukg@gmail.com>
Subject: State actor blamed for cyberattack on B.C. government systems (CBC)

https://www.cbc.ca/news/canada/british-columbia/bc-government-cyberattack-state-actor-1.7200735

The head of British Columbia's public service has announced that there is a high degree of confidence a state or state-sponsored actor attempted to
breach government systems in a cyberattack.

Shannon Salter, head of the public service, announced that three separate attempts were made to breach government systems over the last month. Salter said that investigations remain ongoing, and did not share which state could have been involved in the cyberattack or which systems they attempted to access.

------------------------------

Date: Wed, 8 May 2024 18:15:01 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Interview With the Russian-Military-Linked Hackers Targeting U.S.
Water Utilities (WiReD

Despite Cyber Army of Russia’s claims of swaying US “minds and hearts,” experts say the cyber sabotage group appears to be hyping its hacking for a domestic audience.

Yet as unprecedented and disturbing as it may be for a Russian hacker group
to trigger a significant water leak at a US utility, Cyber Army of Russia
still seems at times to comically overestimate the clarity of its threat against Ukraine's allies. In response to a question about the Muleshoe water utility attack specifically, Julia noted that the group's operation is
intended to persuade “mainly representatives of the Democratic Party [because] their support for Ukraine is the most significant"—a head-scratching statement given that Muleshoe is in a Texas congressional district that hasn't elected a Democratic representative since 1982.

In other hacking operations like its targeting of a Polish wastewater
utility, cybersecurity researchers who watched the video of the attack told WIRED that Cyber Army of Russia appeared to be arbitrarily changing values
in the utility's control system software, with no actual disruptive
effect. In another case, the hackers posted a video to their Telegram
channel claiming that, in response to French president Emmanuel Macron's
threat of sending French military personnel to Ukraine, it had hacked a
French hydroelectric dam and caused it to stop generating power. In fact, French newspaper Le Monde reported, the group had actually hacked a water
mill in a small village and caused its water level to drop by 20
centimeters.

https://www.wired.com/story/cyber-army-of-russia-interview

------------------------------

Date: Tue, 7 May 2024 14:44:02 -0400
From: Charles Dunlop <cdunlop@umich.edu>
Subject: AI Is Declared Ready to Make Decisions in War (APNews)

After taking a ride in an F-16 fighter jet piloted by AI, Air Force
Secretary Frank Kendall said that "he'd trust this still-learning AI with
the ability to decide whether or not to launch weapons in war."

https://apnews.com/article/artificial-intelligence-fighter-jets-air-force-6a1100c96a73ca9b7f41cbd6a2753fda

------------------------------

Date: Fri, 10 May 2024 11:32:13 -0400 (EDT)
From: ACM TechNews <technews-editor@acm.org>
Subject: Microsoft Creates Top Secret Generative AI Service for U.S. Spies
(Katrina Manson)

Microsoft Creates Top Secret Generative AI Service for U.S. Spies
Katrina Manson, *Bloomberg*, 7 May 2024, via ACM TechNews

Microsoft has rolled out a generative AI platform that operates without an Internet connection, which U.S. intelligence agencies can use to analyze top secret information. The large language model is based on GPT-4 and operates
in an air-gapped environment in the cloud. The model can read files but is unable to learn from them or from the open Internet.

------------------------------

Date: Sat, 11 May 2024 17:14:20 +0000 (UTC)
From: Steve Bacher <sebmb1@verizon.net>
Subject: AI Bots Are Taking Over the Job Application Process. Everyone Is
Losing. (WSJ)

Job seekers, frustrated with corporate hiring software, are using artificial intelligence to craft cover letters and resumes in seconds, band deploying
new automated bots to robo-apply for hundreds of jobs in just a few
clicks. In response, companies are deploying more bots of their own to sort through the oceans of applications.

The result: a bot versus bot war that's leaving both applicants and
employers irritated and has made the chances of landing an interview, much
less a job, even slimmer than before. [...]

https://www.wsj.com/lifestyle/careers/ai-job-application-685f29f7

------------------------------

Date: Wed, 8 May 2024 01:29:43 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Translation Tech Is Amazing, Except When It's Not
(WiReD)

We can hold surprisingly deep conversations across languages using simple
apps on our phones. But even as these apps get a fresh boost from AI, they
can still lead to some awkward moments.

https://www.wired.com/story/translation-tech-is-amazing-except-when-its-not

------------------------------

Date: Wed, 8 May 2024 10:22:57 -0600
From: Matthew Kruk <mkrukg@gmail.com>
Subject: Hundreds of charges laid in OPP child sexual abuse
investigation (CBC)

https://www.cbc.ca/news/canada/toronto/project-aquatic-online-child-sexual-abuse-opp-1.7197494

Brown also said AI-generated images have created a problem for
investigators, who now have to differentiate between what he called "real
and synthetic victims."

Signy Arnason, associate executive director at the Canadian Centre for Child Protection, told reporters Wednesday that the number of AI-generated sexual abuse images her team is finding just keeps growing: ]...]

------------------------------

Date: Wed, 8 May 2024 06:49:02 -0700
From: Steve Bacher <sebmb1@verizon.net>
Subject: Did Rihanna and Katy Perry attend the Met Gala? No, but AI had fans
thinking otherwise (LATimes)

Katy Perry's mom was among the social media fans duped by AI images of the 'Roar' singer and Rihanna at the 2024 Met Gala. Neither one attended the
event.

https://www.latimes.com/entertainment-arts/story/2024-05-07/rihanna-katy-perry-ai-pictures-2024-met-gala

------------------------------

Date: Wed, 8 May 2024 01:40:40 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Ethereum's Cofounder Says SEC Is Gaslighting Everyone About Crypto
(WiReD)

Joe Lubin cofounded Ethereum. Now his company is suing the Securities and Exchange Commission, and he says the future of the internet is at stake.
[...]

In bringing the lawsuit, Consensys hopes to drag itself and Ethereum out
from underneath the SEC, by clarifying the limits of its jurisdiction, and embolden the rest of the crypto industry to retaliate against what it
describes as “aggressive and unlawful SEC overreach.” An SEC spokesperson declined to comment on the specific allegations made by Consensys, saying
only that “noncompliance with the securities laws deprives investors of critical protections, including rulebooks that prevent fraud and
manipulation, proper disclosures, segregation of customer assets, safeguards against conflicts of interest, oversight by a self-regulatory organization,
and routine inspection by the SEC. It’s investors who get hurt and the American financial markets that may suffer.”

https://www.wired.com/story/ethereums-co-founder-says-sec-is-gaslighting-us-about-crypto

------------------------------

Date: Thu, 9 May 2024 11:17:12 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP
Manipulation (LevianthanSecurity)

Researchers have detailed a Virtual Private Network (VPN) bypass technique dubbed TunnelVision that allows threat actors to snoop on victim's network traffic by just being on the same local network.

The "decloaking" method
<https://www.leviathansecurity.com/blog/tunnelvision> has been assigned the
CVE identifier CVE-2024-3661
<https://nvd.nist.gov/vuln/detail/CVE-2024-3661> (CVSS score: 7.6). It
impacts all operating systems that implement a DHCP client and has support
for DHCP option 121 routes.

At its core, TunnelVision involves the routing of traffic without

An attacker who can change the configuration of a DHCP server can force
clients to route their not encrypted traffic through the DHCP server
instead of the VPN tunnel.

https://www.leviathansecurity.com/blog/tunnelvision

[See also https://arstechnica.com/security/2024/05/novel-attack-against-virtually-all-vpn-apps-neuters-their-entire-purpose/
PGN]

------------------------------

Date: Wed, 8 May 2024 12:44:30 PDT
From: Peter Neumann <neumann@csl.sri.com>
Subject: UnitedHealth Top Executive Slammed Over Cyberattack
(NYTimes)

(See earlier items: RISKS-34.09 and 12)

Reed Abelson and Noah Weiland, *The New York Times" National
Edition Business Section front page, 2 May 2024

Senators from both parties questioned whether the 21 Feb 2024
ransomware cyberattack of Change Healthcare (which manages a third of
all U.S. patient records and 15 billion transactions a year, with its
parent Unitedhealth having reported $372B in revenues in 1923) is too
deeply embedded in almost every aspect of U.S. healthcare. [PGN-ed]

They had to shut down for several weeks, despite having paid the $22M
ransom.

[No backup-and-recovery procedures? We might expect that a company
with that much revenue would invest in something significantly
better than the alleged so-called industry *best practices*, which
are obviously rather mediocre, and nowhere near good enough. PGN]

------------------------------

Date: Wed, 8 May 2024 08:24:56 +0200
From: Lars-Henrik Eriksson <lhe@it.uu.se>
Subject: Risks with websites providing data that is difficult
to interpret

During a recent major outdoor event in my hometown, police used drones for surveillance. They had set up a flight restriction and was monitoring the airspace using flightradar24.com. They were unaware that the barometric altitude transmitted by aircraft transponders and reported by
flightradar24.com has standard altimeter setting (1013 hPa) as reference. At the time, there was a high pressure weather situation and aircraft were actually more than 400-ft higher than reported by flightradar24.com.

One overflying aircraft thus appeared to be inside the restricted area,
causing drone activities to stop for flight safety reasons and a criminal investigation to be initiated against the pilot for violation of the
Aviation Act. After several days, following discussions with both the
aircraft operator and air traffic control, the police realised their mistake and closed the investigation.

The RISK is that authorities -- and people in general -- use publicly
available web sites that provide information where correct interpretation is not obvious.

------------------------------

Date: Thu, 9 May 2024 06:32:10 -0600
From: Matthew Kruk <mkrukg@gmail.com>
Subject: Fake photos, but make it fashion. Why the Met Gala
pics are just the beginning of AI deception (CBC)

https://www.cbc.ca/news/world/fake-photos-met-gala-1.7197566

Actor Jared Leto carrying around his own head as an accessory? Real. Rapper
Lil Nas X, painted head to toe in silver, his body encrusted with pearls
and crystals, wearing only a metallic Dior thong? It happened. Actor and
singer Billy Porter, wearing a catsuit, carried into the event by six
shirtless men in gold pants? Yes.

If there's any event where it might be difficult to discern reality from fantasy, it's the Met Gala, where Grimes once brandished a sword and Lady
Gaga once stripped through four different outfits until she was wearing
only a black lingerie set, go-go boots, and pulling a pink wagon behind her
on the carpet.

But this year, people weren't tripped up by the fashion choices (which were relatively tame, naked dresses aside). Instead, they were confused about
which celebrities were actually there, thanks to AI-generated images during fashion's biggest night.

------------------------------

Date: Fri, 10 May 2024 08:26:08 -0400
From: Monty Solomon <monty@roscom.com>
Subject: Stack Overflow users sabotage their posts after OpenAI deal
(ArsTechnica)

Stack Overflow users sabotage their posts after OpenAI deal https://arstechnica.com/information-technology/2024/05/stack-overflow-users-sabotage-their-posts-after-openai-deal/

------------------------------

Date: Fri, 10 May 2024 17:32:45 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: No Country Should be Making Speech Rules for the World
(EFF)

It's a simple proposition: no single country should be able to restrict
speech across the entire Internet. Any other approach invites a swift relay race to the bottom for online expression, giving governments and courts in countries with the weakest speech protections carte blanche to edit the Internet.

Unfortunately, governments, including democracies that care about the rule
of law, too often lose sight of this simple proposition. That's why EFF, represented by Johnson Winter Slattery <https://jws.com.au/>, has moved to intervene in support of X, formerly known as Twitter's legal challenge to a global takedown <https://www.theguardian.com/australia-news/2024/apr/23/elon-musks-x-v-australias-online-safety-regulator-untangling-the-tweet-takedown-orders>
order from Australia's eSafety Commissioner. The Commissioner ordered X and Meta to take down a post with a video of a stabbing in a church. X complied
by geo-blocking the post so Australian users couldn't access it, but it declined to block it elsewhere. The Commissioner asked an Australian court
to order a global takedown.

Our intervention <https://www.eff.org/files/2024/05/09/34174.pdf> calls the court's attention to the important public interests at stake in this litigation, particularly for Internet users who are not parties to the case
but will nonetheless be affected by the precedent it sets. A ruling against
X is effectively a declaration that an Australian court (or its eSafety Commissioner) can prevent Internet users around the world from accessing something online, even if the law in their own country is quite different.
In the United States, for example, the First Amendment guarantees that platforms generally have the right to decide what content they will host,
and their users have a corollary right to receive it.

We've seen this movie before. In *Google v Equustek*, <https://www.eff.org/cases/google-v-equustek> a company used a trade secret claim to persuade a Canadian court to order Google to delete search results linking to sites that contained allegedly infringing goods from Google.ca
and *all* other Google domains, including Google.com <http://google.com/>
and Google.co.uk <http://google.co.uk/>. Google appealed, but both the
British Columbia Court of Appeal and the Supreme Court of Canada upheld the order. The following year, a U.S. court held the ruling couldn't be enforced against Google US. <https://www.eff.org/deeplinks/2017/11/us-federal-court-rejects-global-search-order>

The Australian takedown order also ignores international human rights standards, restricting global access to information without considering less speech-intrusive alternatives. In other words: the Commissioner used a sledgehammer to crack a nut.

If one court can impose speech-restrictive rules on the entire Internet -- despite direct conflicts with laws a foreign jurisdiction as well as international human rights principles -- the norms of expectations of all Internet users are at risk. We're glad X is fighting back, and we hope the judge will recognize the eSafety regulator's demand for what it is a big
step toward unchecked global censorship -- and refuse to let Australia set another dangerous precedent.

https://www.eff.org/deeplinks/2024/05/no-country-should-be-making-speech-rules-world

------------------------------

Date: Thu, 9 May 2024 07:17:42 -0600
From: Matthew Kruk <mkrukg@gmail.com>
Subject: Apple faces celebrity backlash over piano crushing (BBC)

https://www.bbc.com/news/articles/cld0rxlqgggo

Apple is facing a backlash online over an advert in which objects including musical instruments and books are crushed into oblivion by a hydraulic
press.

The video is meant to demonstrate how their creativity has been compressed
into the latest iPad.

But celebrities including Hugh Grant and Justine Bateman have reacted with horror to the destruction on view.

Apple boss Tim Cook has been called tone deaf for his post on X, formerly Twitter, about the device, where he asked people to "imagine all the things it'll be used to create".

------------------------------

Date: Thu, 9 May 2024 11:54:01 -0400
From: Monty Solomon <monty@roscom.com>
Subject: Robot dogs armed with AI-aimed rifles undergo U.S. Marines Special
Ops evaluation (ArsTechnica)

https://arstechnica.com/?p=2022843

------------------------------

Date: Thu, 9 May 2024 01:14:00 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Parts supplied to Boeing had 'serious defects' (whistleblower)

https://www.bbc.com/news/business-68979354

------------------------------

Date: Wed, 8 May 2024 18:55:26 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: How Google Became Evil (Dana F. Blankenhorn)

Author: You can't make men work for money alone - you starve their souls
when you try it

When a company loses its passion, when it tosses employee morale in the
sink, it’s time to walk away.

I dumped my Alphabet (Google) stock last week.

Google began losing its way the day co-founders Larry Page and Sergey Brin left. They’re now the 6th and 7th richest people in the world. Their fortunes, taken together, would rank them 1st, by a huge margin.

What are they doing? Not much. Page “invests in start-ups” and “life extension.” Brin has hosted a baby shower where adults wore diapers. These are no longer serious people. Yet both retain their voting stock meaning
they, and in time their kids, will be absolute rulers of all Google domains.

Ruth Porat, a former Morgan Stanley banker, stepped into the vacuum. She has made CEO Sundar Pichai a billionaire, but he has hollowed out the company.

Have you tried Microsoft Edge lately? How about Bing and Co-Pilot? I have,
and they’re miles ahead of Google.

Google knows this. But it’s not responding, because it pays Apple and others for its traffic. That’s the subject of an antitrust trial, now nearing its climax, which could hit Google as hard as Microsoft was hit a generation
ago.

https://danafblankenhorn.substack.com/p/how-google-became-evil

------------------------------

Date: Fri, 10 May 2024 20:18:27 -0400
From: Monty Solomon <monty@roscom.com>
Subject: Google's new *Find My* device network is useful but a stalking risk
(WashPost)

The always-on Bluetooth tracking technologies from Apple and Google help pinpoint lost or stolen devices. But they can be abused.

https://www.washingtonpost.com/technology/2024/05/10/android-find-my-network= -google-is-it-safe/

------------------------------

Date: Wed, 8 May 2024 15:30:03 -0400
From: Joseph Gwinn <joegwinn@comcast.net>
Subject: Re: Could the Covid-19 Vaccines Have Caused Some People Harm?
(RISKS-34.23)

First, note that COVID vaccines have measured serious problem rates of order
a part per million, so for vaccines that have been administered to hundreds
of millions of people, one would expect hundreds of bad outcome reports to
have accumulated.

Mandavilli argues that a very slightly imperfect vaccine is infinitely worse than no vaccine at all. But vaccinated people tended to have less severe
COVID and very few deaths compared to unvaccinated people. This has been
proven worldwide in multiple often massive formal studies, in many cases conducted over the entire population of a country.

The anti-vax folk may focus on the few adverse results, but denying the existence of well-documented adverse results destroys credibility making the public health problem worse.

------------------------------

Date: Tue, 7 May 2024 13:55:28 +0000
From: Jay Libove Alzina <libove@felines.org>
Subject: Re: Could the Covid-19 Vaccines Have Caused Some People Harm? (PGN,
(RISKS-34.23)

I had read *The NY Times* article that Peter Neumann points out. The article (from my perspective as a European) might as well have been subtitled "commercial liability nearly unique to the United States", but the content
is still valid, and the difficulty that patients worldwide are having with getting acknowledgment and even moreso with getting treatment, whether for "post-COVID" or "post-vaccine", is very real. (For the record, I have some
kind of immune dysfunction post-COVID syndrome, which began in November
2022, and continues today. It sucks).

Peter's disclaimer about not being anti-vaccine does not go far enough,
after he points to the vaccine batch lookup website which draws apparently completely uncurated data from the vaccine adverse events reporting system.

I can't figure out what that site is supposed to be useful for. In concept,
it should be to allow someone who believes they've been harmed to look to
see if a disproportionately high number of other recipients of a particular vaccine batch had also reported problems ... but as not remotely enough

[continued in next message]

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)