Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit precedence: bulk Subject: Risks Digest 34.00 (), Volume 34 summary REPLY-TO: risks@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Volume 34 : Issue 00 () FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: Info on RISKS (comp.risks), contributions, subscriptions, FTP, etc. SUMMARY OF RISKS VOLUME 34 (30 Dec 2023 -- (NOTE: This summary is archived in ftp file risks-35.00 at ftp.sri.com, cd risks, and is also at http://catless.ncl.ac.uk/Risks/34.00.html.) ---------------------------------------------------------------------- RISKS 34.00 Info on RISKS (comp.risks), contributions, subscriptions, FTP, etc. SUMMARY OF RISKS VOLUME 34 (ongoing) (archived in ftp file risks-34.00) RISKS 34.01 Saturday 30 December 2023 DRM bricks Polish trains (404media) Rise of AI fake news is creating a misinformation superspreader (WashPost) Coffee Cty, GA missing laptop may impact Trump, Curling cases (Douglas Lucas) Michael Cohen Used Artificial Intelligence in Feeding Lawyer Bogus Cases (NYTimes) Splitting a Large AI Across Several Devices Lets You Run It in Private (New Scientist) The Times Sues OpenAI and Microsoft Over AI Use of Copyrighted Work (NYTimes) Six Big Questions for Generative AI (Tech Review) FTC slams Rite Aid for misuse of facial recognition technology in stores (The Washington Post) More people at risk as Ontario public bodies face growing wave of cyberattacks, experts say (CBC) New AI model can predict human lifespan, researchers say. They want to make sure it's used for good (phys.org) BBC has the miraculous report of an AI that is capable of learning. (BBC) A New Kind of AI Copy Can Fully Replicate Famous People (Politico) AI in the Machine Internet (Dana F. Blankenhorn) Chinese Spy Agency Rising to Challenge the CIA (NYTimes) Open-Source Chip Design Takes Hold in Silicon Valley (WSJ) Operation Triangulation: The last 'hardware' mystery (Securelist) TERRAPIN: SSH protects the world's most sensitive networks. It just got a lot weaker (Ars Technica) TERRAPIN and SSH Prefix Truncation Attack (Bob Gezelte) GTA 6 hacker handed indefinite hospital order (Lapsus$) Xfinity waited to patch critical Citrix Bleed 0-day. Now it's paying the price (Ars Technica) The 2010 Census Confidentiality Protections Failed, Here's How and Why (Arxiv) Quantum Computing's Hard, Cold Reality Check* (IEEE) It's easier to convince kids than adults about quantum mechanics (Physicist Bob Coecke) FCPD Combats Crypto-Related Scams: How to Avoid Falling Victim to Fraud (Fairfax County Police Department News) Israeli hackers shut down 70% of Iran's gas stations (Times of Israel) Blog post on CSAE and E2EE (Susan Landau) The Disturbing Impact of the Cyberattack at the British Library (The New Yorker) Data for nearly 36 million Comcast customers leaked to hackers (Ars Technica) Online searches to evaluate misinformation can increase its perceived veracity (Nature) The 2023 Good Tech Awards (The NYTimes) Do you need git or Subversion? (Cliff Kilby) iPhone Thief Explains How He Breaks Into Your Phone (WSJ) Former White House scientist was scammed out of $650K and must pay taxes (The Washington Post) Re: Ex-Amazon security engineer admits to stealing over $12M in crypto (Gabe Goldberg) Re: What to do when receiving unprompted MFA OTP codes (Joseph Gwinn) Re: WeWork has failed, leaving damage in its wake (Martin Ward) RISKS 34.02 Saturday 6 December 2023 Boeing has a risk managment problem with the 737 Max (BBC) Human Error Likely Caused Subway Crash and Derailing, Officials Say (The New York Times) Museum World Hit by Cyberattack on Widely Used Software (Zachary Small) Teen traveling alone on Frontier Airlines from Tampa accidentally flown to Puerto Rico (NBC News) Kai Zhuang: Chinese teen found alive in U.S. after cyber-kidnapping (BBC) How the federal ban on Chinese drones could end up costing lives (UAV Coach) Fire Breaks Out Aboard Ship Carrying Lithium-Ion Batteries (NYTimes) Are Teslas the most or least safe vehicles? (Sam Bull) Theft of Vancouver rape crisis centre server containing sensitive data raises privacy concerns (CBC) 23andMe told victims of data breach that suing is futile, letter shows (Ars Technica) BGP tampering: A "ridiculously weak" password causes disaster for Spain's No. 2 mobile carrier (Ars Technica) Qualcomm chip vulnerability enables remote attack by voice call (SC Media) Google disabling third-party cookies for millions of users without informing them (Lauren Weinstein) Weizenbaum’s nightmares: how the inventor of the first chatbot turned against AI (The Guardian) A Chevrolet dealer offered an AI chatbot on its website. It told customers to buy a Ford. (USA Today) AI’s big test: Making sense of $4 trillion in medical expenses (Politico) A hospital's false death announcement leads to a wife's suicide, husband is later found alive (BoingBoing) Dystopian past...and future (The Guardian) Wife of Investor Who Pushed for Harvard President’s Exit Is Accused of Plagiarism (NYTimes) The NY Times Lawsuit Against OpenAI Would Open Up The NY Times To All Sorts Of Lawsuits Should It Win (Mike Masnick) Wiki[d]pedia? (Stephen Mason) How Tracking and Technology in Cars Is BeingWeaponized by Abusive Partners (The New York Times) Researchers Suggest New AirTag Stalker Preventions That Balance Privacy (PCMag) Re: AI in the Machine Internet (Martin Ward) Re: Do you need git or Subversion (Dmitri Maziuk) RISKS 34.03 Saturday 13 January 2024 Alaska cockpit recording overwritten; limited to 2hrs (Reuters via Henry Baker) United finds loose bolts on plug doors during 737 Max 9 inspections (The Air Current) Security of Georgia's Dominion Voting Machines on Trial (CBS) Linux devices are under attack by a never-before-seen worm (ArsTechnica) OpenAI Quietly Deletes Ban on Using ChatGPT for Military and Warfare (The Intercept) Pennsylvania government workers will start using ChatGPT in test program (The Verge) AI firms' pledges to defend customers from IP issues have real limits (ArsTechnica) Microsoft's Image Creator makes violent AI images of Biden, the Pope and more (The Washington Post) CLEAR wants to scan your face at airports. Privacy experts are worried.wpl (The Washington Post) Advances in Mind-Decoding Technologies Raise Hopes -- and Worries (Undark) More Police Are Using Your Cameras for Video Evidence (The Marshall Project) UK Post Office Horizon scandal now on TV (Jeremy Epstein) How Astronomers Are Saving Astronomy From Satellites -- For Now (NYTimes) U.S. School Shooter Emergency Plans Exposed in a Highly Sensitive Database Leak (WiReD) FTC bans major data broker from selling invasive location tracking details (The Verge) U.S. Criminally Charges EBay in Cyberstalking Case (NYTimes) Needham police warn residents to stop using mail collection boxes (The Globe) AI fears creep into finance, business and law (WashPost) Google is removing 17 'underutilized' Assistant features (TechCrunch) Bitcoin ETF ads have already begun. (Lauren Weinstein) Courts Forced SEC Into This Disaster (Better Markets) Taylor Swift deepfake used for Le Creuset giveaway scam (Engadet) Hackers can infect network-connected wrenches to install ransomware (ArsTechnica) Apple was warned of AirDrop flaws before China's hack (Monty Solomon) Re: The NY Subway crash and derailment (George Neville-Neil) Re: How Tracking and Technology in Cars Is Being Weaponized by Abusive Partners (Steve Bacher) RISKS 34.04 Saturday 20 January 2024 Your pacemaker and open-source software (The Register) ChatGPT can answer yes or no at the same time (Paul Robinson) From corny jokes to job applications, ChatGPT's new store is selling specialized AI software (CBC) AI’s big test: Making sense of $4 trillion in medical expenses (Politico) AI-powered disinformation is spreading; is Canada ready for the political impact? (CBC) Your washing machine could be sending 3.7 GB of data a day day (Tomshardware) Even after a recall, Tesla's Autopilot does dumb dangerous things (WashPost) Tesla Drivers in Chicago Confront a Harsh Foe: Cold Weather (The New York (NYTimes) Imaging privacy threats from an ambient light sensor (Science) Microsoft says its corporate network hacked by a Russian state-sponsored group on Jan 12 (Lauren Weinstein) EFI IPv6/PXE Security Flaw (ArsTechnica) AT&T is trying to kill all landlines in California, which would have devastating effects (Lauren Weinstein) Washington takes aim at facial recognition (Politico) Your Medical Data Is Code Blue (WiReD) Google layoffs continue with 'hundreds' from sales team (The Verge) About my criticisms of Google ... (Lauren Weinstein) Re: Hackers can infect network-connected wrenches to install ransomware (Jonathan Levine) Re: UK Post Office Accounting Systems Errors Lead to Convictions and Worse (Bob Gezelter) Re: Alaska cockpit recording overwritten; limited to 2hrs (Lars-Henrik Eriksson) Re: Linux devices are under attack by a never-before-seen worm (Steve Bacher) Re: CLEAR wants to scan your face at airports. Privacy experts are worried. (John Levine) RISKS 34.05 Offshore Wind Farms Vulnerable to Cyberattacks (Rizwan Choudhury) Tesla Hacked at Pwn2Own Automotive 2024 (Sergiu Gatlan) America's Dangerous Trucks (Frontline) Authorities investigating massive security breach at Global Affairs Canada (CBC) Why the 737 MAX 9 door plug blew out (Lauren Weinstein) Man sues Macy's, saying false facial recognition match led to jail assault (WashPost) Bugs in our pockets: the risks of client-side scanning (Journal of Cybersecurity Oxford Academic) Sleeper Agents: Training Deceptive LLMs that Persist Through Safety Training (Arxiv) ERCIM News 136 published - Special Theme: Large Language Models (Peter Kunz) Deepfake Audio of Biden Alarms Experts (Margi Murphy) The Great Freight-Train Heists of the 21st Century (Slashdot) Nightshade: a new tool artists can use to *poison* AI models that scrape their online work (Lauren Weinstein) ChatGPT is leaking passwords from private conversations of users (Ars Technica reader says) Impact of AI on Software Development (Taylor Soper) AI maxim (Lauren Weinstein) Is American Journalism Headed Toward an Extinction-Level Event? (geoff goodfellow) Huge Proportion of Internet Is AI-Generated Slime, Researchers Find (Maggie Harrison) How Beloved Indie Blog 'The Hairpin' Turned Into an AI Clickbait Farm (WiReD) Twitter/X says that it has temporarily blocked some searches for Taylor Swift while they try deal with the flood of AI-porn related to her (LW) Taylor Swift, Travis Kelce and a MAGA Meltdown (NYTimes) YOUR PAPERS PLEASE! - Florida House passes bill that would ban children under 16 from social media (Axios) Hawley and the tech CEOs (Lauren Weinstein) Congress and the states want to bring a Chinese-style police state Internet to the U.S. (Lauren Weinstein) iPhone Apps Secretly Harvest Data When They Send Notifications (Thomas Germain) In India, an algorithm declares them dead; they have to prove they're alive (Steve Bacher) Tech Layoffs Shock Young Workers. The Older People? Not So Much. (NYTimes) Re: Even after a recall, Tesla's Autopilot does dumb dangerous things (Geoff Kuenning) Re: ChatGPT can answer yes or no at the same time (Amos Shapir) Re: Tesla Drivers in Chicago Confront a Harsh Foe: Cold Weather (Goldberg, (John Levine) One-star rating deserved for apps that allow full-screen ads (Dan Jacobson) RISKS 34.06 Monday 12 February 2024 Most Distant Space Probe Jeopardized by Glitch (Stephen Clar) Chinese malware removed from SOHO routers after FBI issues covert commands (Ars Technica) Deep fakes (CNN) Have we lost faith in technology? (BBC) AIs sometimes consider nuclear war the best way to achieve peace (Lauren Weinstein) Police Turn to AI to Review Bodycam Footage (ProPublica) The real wolf menacing the news business? AI (Jim Albrecht) Google CEO suggests that "*hallucinating* AI misinformation is a *feature* (WiReD) Diving deep into OpenAI's new study on LLM's and bioweapons (Gary Marcus vis Gabe Goldberg) How AI is quietly changing everyday life (Politico) FCC votes to ban AI-generated misleading robocalls, which ... (Lauren Weinstein) Google changes Bard to Gemini -- and links it to Google Assistant -- but it's still a misleading idiot LLM AI (Lauren Weinstein) The Internet of Toothbrushes (Tom Van Vleck) No, 3 million electric toothbrushes were not used in a DDoS attack (Bleeping Computer via Steve Bacher) AI deepfakes get very real as 2024 election season begins] (Fast Company) Hurd in reflection (Jon Callas) VR fail safe vs. driving (Lauren Weinstein) Manipulated Biden Video Can Remain Online (CNN) Re: AI maxim (Ian) Re: ChatGPT can answer yes or no at the same time (DJC) Re: Even after a recall, Tesla's Autopilot does dumb dangerous things (John Levine) A Whistleblower's tale about the Boeing 737 MAX 9 door plug (LeeHamNews via Thomas Koenig) Re: Why the 737 MAX 9 door plug blew out (Dick Mills) RISKS 34.07 Thursday 15 February 2024 Waymo recalls software after two self-driving cars hit the same truck (CNN) Tesla's latest screwup involves making the font size of its braking system too small (The Verge) OpenAI Gives ChatGPT a Memory (WiReD) Imran Khan's 'Victory Speech' from Jail Shows AI's Peril, Promise" (Yan Zhuang) Threats to Election Systems Prompt U.S. Cybersecurity Agency to Boost Cooperation with States (Christina A. Cassidy) Odometers: A voting machine analogue (Jeremy Epstein) Spying on Security Cameras Through Walls (Rizwan Choudhury) Cryptography-Breaking Algorithm Upgraded (Madison Goldberg) How a 27-Year-Old Codebreaker Busted the Myth of Bitcoin's Anonymity (WiReD) Anxiety, Mood Swings and Sleepless Nights: Life Near a Bitcoin Mine (NYTimes via Jan Wolitzky) Amazon Prime Video Ad Tier Sparks Class Action Lawsuit From Subscribers (Hollywood Reporter) Noname Storage Devices are not always what they seem (ArsTechnica) Mozilla lays off 60 people, wants to build AI into Firefox (ArsTechnica) Robocalls, ringless voicemails and AI: Real estate enters the age of automation (LA Times) Uber Fined Almost $11 Million by Dutch Privacy Watchdog (WSJ) Automatic braking systems don't work at typical speeds? (Steve Bacher on LA Times coverage) Chrome devs working on automatic micropayments to websites without user interactions directly from wallets (The Register) Small outtakes from a big war, part 4: The end of GPS (Amos Shapir) Canada declares Flipper Zero public enemy No. 1 in car-theft crackdown (ArsTechnica) Google Scholar can be manipulated (arxiv via LW) Google's and Microsoft's chatbots are making up Super Bowl stats (TechCrunch) There's a hole in the boot, part deux (Cliff Kilby) Amazon hides cheaper items with faster delivery, lawsuit alleges (ArsTechnica) Russia Is Using Elon Musk’s Starlink at the Front Line, Ukraine Says (WSJ) Tech giants prepare pledge to fight deceptive AI election content (Politico) Help! His HP Envy doesn't work. Can he get a replacement or a refund? (Gabe Goldberg) Re: Why the 737 MAX 9 door plug blew out (Henry Baker) The Friar Who Became the Vatican's Go-To Guy on AI (NYTimes) Why Bloat Is Still Software’s Biggest Vulnerability (Steve Bacher) RISKS 34.08 Tuesday 20 February 2024 How persuasive is AI-generated propaganda? (Lauren Weinstein) New Era of AI Deepfakes Complicates 2024 Elections (WSJ) Cybercriminals are stealing iOS users' face scans to break into mobile banking accounts (The Register) Air Canada chatbot makes up travel rules Big Tech tells politicians: We'll control the deepfakes (Politico) New bill would let defendants inspect algorithms used against them in court (The Verge) Chinese hackers infiltrated home wifi routers to attack infrastructure, FBI warns (MSN) DOJ quietly removed Russian malware from routers in U.S. homes and businesses (ArsTechnica) TETRA Radio Code Encryption Has a Flaw: A Backdoor (WiReD) Chinese hackers infiltrated home wifi routers to attack infrastructure, FBI warns (MSN) The $50K Scam: FTC, CIA, and Amazon Weigh In on NY Magazine's Charlotte Cowles (The New York Times) TETRA Radio Code Encryption Has a Flaw: A Backdoor (WiReD) Powerball Posted the Wrong Numbers. Now He’s Suing for $340M (NYTimes) `Most Wanted’ man pleads guilty in cyberattack that upended Vermont hospital (The Globe) Nginx core developer quits project in security dispute, starts free-nginx fork (ArsTechnica) Officials Investigate How a Woman Flew to Los Angeles Without a Ticket (NYTimes) This Is Why Tesla's Stainless Steel Cybertrucks May Be Rusting (WiReD) The Tech Friend: Apple's nanny state (WashPost) An Important Security Message from Wyze (via Victor Miller) Report on Intelligent Vehicle Dependability and Security (Chuck Weinstock) Re: Odometers: A voting machine analogue (Wol) Re: Tesla's latest screwup (Andrew) Re: Waymo recalls software after two self-driving cars hit the same truck (Ned Harris, Sam Bull) Re: Software bloat (Roderick Rees) RISKS 34.09 Wednesday 6 March 2024 White House urges developers to dump C and C++ (Steve Bacher) NZ Leap Day Self Pay Petrol Pump Failures (sundry via Jim Geissman and Brian Inglis) Risks of Leap Years and Dumb Digital Watches (Mark Brader) Health-care hack spreads pain across hospitals and doctors nationwide (WashPost via Jan Wolitzky) Cyberattack Paralyzes the Largest U.S. Health Care Payment System (NYTimes.com via Jim Geissman) Re: Healthcare Cyberattack (Doug McIlroy) More than 2 Million Research Papers Have Disappeared from the Internet (Sarah Wild) GitHub Besieged by Millions of Malicious Repositories in Ongoing Attack (Dan Goodin) A Vending Machine Error Revealed Secret Face Recognition Tech (WiReD) Vending machines had eyes all over this Ontario campus until the students wised up (CBC) End-to-End Encryption under attack in Nevada (Mastodon) 1-million books and 4-months later, Toronto's library recovers from a cyberattack (CBC via Matthew Kruk) Anycubic 3D Printers Hacked in Attempt to Inform Owners of Security Hole (Christopher Harper) 'Keytrap' DNS bug threatens widespread Internet outages (Becky Bracken) Wyze security issue exposed private cameras to strangers (Heather Kelly) Fingerprints Recreated from Sounds of Swiping a Touchscreen (Mark Tyson) Algorithm Reveals What's Hidden (Rizwan Choudhury) 'AI Godfather', Others Urge More Deepfake Regulation (Amy Tong) AI feedback loop will spell death for future generative models (TechSpot) Malware Worm Can Poison ChatGPT, Gemini-Powered Assistants (Kate Irwin) "AI Warfare Is Already Here" (Katrina Manson) I'm begging you not to Google for airline customer service numbers (Monty Solomon on a WashPost item) comp.risks via Panix? (Ed Ravin on the servers) RISKS 34.10 Saturday 16 March 2024 SFO-bound flight returns to Australia (Jordan Parker PGN-ed) Latam flight event (Jim Geissman) Boeing tells pilots to check seats after Latam plane (BBC) Alaska Airlines Flight Was Scheduled for Safety Check on Day Panel Blew Off (NYTimes) Hackers Breached Key Microsoft Systems (Sean Lyngaas) Microsoft AI engineer warns FTC about Copilot Designer safety Cut submarine cables cause web outages across Africa; 6 countries still affected (ArsTechnica) McDonald's hit by outages at stores worldwide (BBC) McDonald's blames global outage on third party (BBC) Phony Billionaires on Facebook Are Scamming Americans Out of Their Life Savings (WashPost) Amid explosive demand, America is running out of power (WashPost) CISA hacked (Sean Lungaas) Even a security expert can get phished (Pluralistic) Microsoft says Kremlin-backed hackers accessed its source and internal systems (ArsTechnica) Spate of Mock News Sites With Russian Ties Pop Up in U.S (NYTimes) companies (NYTimes) Autos are spying on drivers, feeding the info to insurance Aescape's Robot-Arm-Powered Massage Table (WiReD) ATT outage under FCC investigation (WashPost) The AI-generated hell of the 2024 election (The Verge) New Hampshire voters sue Biden deepfake robocall creators (NBCNews) Google Restricts Gemini Chatbot Election Answers (Peter Hoskins) Robot Ships Are Setting Sail (BBC) Your Doctor's Office Might Be Bugged (Jesse Pines) AI Is Being Built on Dated, Flawed Motion-Capture Data (Julianne Pepitone) Researchers Jailbreak Chatbots with ASCII Art (Mark Tyson) Nvidia sued over AI training data as copyright clashes continue (ArsTechnica) Reports of DJI data breach turn out to be false apparently (Lauren Weinstein) Pornhub disables website in Texas amid legal battle with attorney general's office (NBCNews) Massively Popular Safe Locks Have Secret Backdoor Codes (Victor Miller) D-Wave Says Its Quantum Computers Can Solve Otherwise Impossible Tasks ( (Matthew Sparkes) Re: End-to-End Encryption under attack in Nevada (John Levine) Re: A Vending Machine Error Revealed Secret Face Recognition Tech (Steve Bacher) Re: comp.risks via Panix? (Steve Bacher) Re: More than 2 Million Research Papers Have Disappeared from the Internet (Martin Ward) Re: Risks of Leap Years and Dumb Digital Watches (Amos Shapir) Re: Risks of hype, 'Keytrap' DNS bug threatens widespread (John Levine) RISKS 34.11 Sunday 24 March 2024 DMVs Nationwide Hit With Outage, Officials In Multiple States Say Across America (U.S. Patch) DMV services disrupted nationwide by system out[r]age (Henry Baker) McDonald's blames global outage on third party (BBC) Re: McDonald's hit by outages at stores worldwide (Steve Bacher) Re: McDonald's (=?UTF-8?Q?turgut_kalfao=C4=9Flu?) Tesco and Sainsbury's working to fix technical issues that suspended food deliveries to customers (CNN) Anti-drone radio jammers marketed on Amazon and Google despite being outlawed by FCC rules (Steve Bacher) A ChatGPT for Music Is Here. Inside Suno, the Startup Changing Everything (Rolling Stone) Albertans have lost at least $156M to fraud this decade (CBC) Chinese & Western Scientists Identify 'Red Lines' on AI Risks (Financial Times) Unpatchable vulnerability in Apple chip leaks secret encryption keys (Ars Technica) Apple has effectively abandoned HomeKit Secure Routers (Monty Solomon) Paper about the gofetch attack (Victor Miller) Why Tech Companies Are Not Your Friends: Lessons From Roku (NYTimes) Is your smart device safe from hackers? New FCC program will label cybersecure technology (LA Times) Hackers can unlock over 3 million hotel doors in seconds (ArsTechnica) Man Boarded Delta Flight Using Ticket Ruse (NYTimes) Never-before-seen data wiper may have been used by Russia against Ukraine (ArsTechnica) UPS worker charged after $1.3M Apple product theft spree fines, report finds (WashPost) Social Security program failed to properly notify people of huge service (Ars Technica) FCC bans cable TV industry's favorite trick for hiding full cost of service (Ars Technica) Hype cycle meets rinse cycle: does dishwasher really need a mobile app? (Rob Pegoraro) LAUSD's new student advisor is an AI bot that designs academic plans, suggests books (LATimes) Lawyer warns 'integrity of the entire system in jeopardy' if rising use of AI in legal circles goes wrong (CBC) I recommend DISABLING Google's new Chrome "real-time, privacy-preserving URL protection" (Lauren Weinstein) Why Tech Companies Are Not Your Friends: Lessons From Roku (NYTimes) Re: Risks of Leap Years and Dumb Digital Watches (Mark Brader) Re: AT&T proposals to kill landlines and more in California (Lauren Weinstein) Re: Hackers Breached Key Microsoft Systems (Bernie Cosell) RISKS 34.12 Monday 1 April 2024 Two major losses (PGN) America's Nuclear War Plan in the 1960s Was Utter Madness. It Still Is. (Mother Jones) FDA Warning Links Heart Pump to Deaths (Christina Jewett) Ransomeware Attack Against UnitedHealth Shows Flaws in Cybersecurty Persist (NYTimes) Iowa fertilizer spell kills 750K fish in Iowa and Missouri over 60-mile stretch of rivers (NYTimes) Red Hat Fedora 41 hacked (Tom Van Vleck) Unpatchable vulnerability in Apple chip leaks secret encryption keys (ArsTechnica via Gabe Goldberg, Gabe Goldberg) The race between positive and negative applications of Generative AI is on -– and not looking pretty (Gary Marcus via Gabe) U.S. Military's Investments into AI Skyrocket (Will Henshall) AI bots hallucinate software packages and devs download them (Steve Bacher via The Register) OpenAI Reveals but Will Not Release Human Voice Cloning Feature (WSJ) The Online Degradation of Women and Girls That We Meet With a Shrug (The New York Times) America's first biometric 'smart gun' is finally here. Will it work? (SmartGun) Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds (WiReD) AT&T Resets Millions of Passcodes After Customer Records Are Leaked (Jan Wolitzky) Time for Social Engineering Training (Kingfish1935 via Ben Moore) Internet Age Verification schemes -- e.g., Florida's new law (Lauren Weinstein) Scientists aghast at bizarre AI rat with huge genitals in peer-reviewed article (ArsTechnica) Israel Deploys Expansive Facial Recognition Program in Gaza (NYTimes) Facebook snooped on users' Snapchat traffic in secret project, documents reveal (TechCrunch) Elon Musk's Starlink Terminals Are Falling Into the Wrong Hands? (Henry Baker) Explanations of Australian emergency phone number failure (John Colville) RISKS 34.13 Thursday 4 April 2024 Review of the Summer 2023 Microsoft Exchange Online Intrusion (CISA) China's Advancing Efforts to Influence U.S. Election (NYTimes) RMV warning customers of scams amid statewide outage (The Boston Globe) Missouri county declares state of emergency amid suspected ransomware attack (ArsTechnica) Tech Glitch Upends Financial Aid for About a Million Students (WSJ) Did One Guy Just Stop a Huge Cyberattack? (NYTimes) Carmakers give up on software that avoids kangaroos (ArsTechnica) Browsing in Google Chrome's incognito mode doesn't protect you as much as you might think (The Boston Globe) Google Deepmind CEO says AI industry is full of 'hype' and 'grifting' (ReadWrite) The wonders of AI! (Lauren Weinstein) AI that targets civilians: 'The machine did it coldly': Israel used AI to identify 37,000 Hamas targets (The Guardian via Lauren Weinstein) Washington state judge blocks use of AI-enhanced video as evidence in possible first-of-its-kind ruling (NBC News) Amazon's AI-powered "Just Walk Out" checkout option turns out to be 1000 workers watching you shop (BoingBoing) This tool makes AI models hallucinate cats to fight copyright infringement (NBC News) An unending array of jailbreaking attacks could be the death of LLMs (Gary Marcus) When AI Meets Toast (Lauren Weinstein) Medicare forced to expand forms to fit 10-digit bill a penny shy of $100M (ArsTechnica) The FTC is trying to help victims of impersonation scams get their money back (The Verge) Google Maps for CarPlay is a disaster compared to the Android Auto app (9-to-5 Google) Indian company sold contaminated shrimp to U.S. grocery stores, 'whistleblower' says (NBC News) CA Governor to install 480 new Flock LPR cameras (ACLU via Henry Baker) Your boss could forward a mail message to you that shows you text he won't see, but you will (Lutrasecurity) Should we be rethinking using Outlook at work? (Victor Miller) Man pleads guilty to stealing former coworker's identity for 30 years? (ArsTechnica) Re: xz (Victor Miller et al.) Re: Ross Anderson (Wendy M. Grossman) Re: The race between positive and negative applications of GenAI (Rob Slade) RISKS 34.14 Saturday 6 April 2024 Eclipse tourists should plan for overloaded cell networks (PGN) AI Researcher Takes on Election Deepfakes (NYTimes) ETH Zurich student requirement for Windows 11/MacOS, "safe browser" (Thomas Koenig) Assisted living managers say an algorithm prevented hiring enough (WashPost) Many-shot jailbreaking (Anthropic) Google fixes two Pixel zero-day flaws exploited by forensics firms (BleepingComputer) GPS shut down in parts of Israel (Jim Geissman) House, Senate leaders nearing deal on landmark online privacy bill (WashPost) For Data-Guzzling AI Companies, the Internet Is Too Small (WSJ) Re: When AI Meets Toast (Steve Bacher Re: AI that targets civilians ... (Amos Shapir) Re: Your boss could forward a mail message to you that shows you text he won't see, but you will (Geoff Kuenning) Re: The FTC is trying to help victims of impersonation scams get their money back (Steve Bacher) Re: Browsing in Google Chrome's incognito mode doesn't protect you as much as you might think (Steve Bacher) Re: Elon Musk's Starlink Terminals Are Falling Into the Wrong Hands? (Amos Shapir) RISKS 34.15 Monday 8 April 2024 Weather Service radar, warning systems fail during severe storm outbreak (WashPost) No weather report? It helps if NOAA pays its electric (Bloomberg) In 2018 crash, Tesla's Autopilot just followed the lane lines (WashPost) APRA Privacy Legislation (WiReD) Data brokers are gearing up to fight privacy bills (The Verge) NIST Unveils New Consortium to Operate National Vulnerability (PGN) Jon Stewart On The False Promises of AI (The Daily Show) UK plots massive expansion of live facial recognition (Joseph Bambridge) Knocking cloud security off its game (ETH Zurich) ‘Reverse’ searches: The sneaky ways that police tap tech companies for your private data (TechCrunch) U.S. Police Warn Those Driving to Canada to Watch for Hidden AirTags (Emily Price) Demystifying privacy in Google Chrome and Mozilla Firefox (Apurvak) Top Israeli spy chief exposes his true identity in online security lapse (The Guardian) Roku patent invents a way to show ads over anything you plug into your TV (ArsTechnica) Disney+ Password Sharing Crackdown to Start in June (MacRumors) Teen Girls Confront an Epidemic of Deepfake Nudes in Schools (NYTimes) How Tech Giants Cut Corners to Harvest Data for AI (NYTimes) Elon Musk's X pushed a fake headline about Iran attacking Israel. X's AI chatbot Grok made it up. (Mashable) An AI app claims it can detect sexually transmitted infections. (LATimes) Google's passkey mess (Lauren Weinstein) Re: Starlink Terminals (Charles Cazabon) Re: Your boss could forward a mail message to you that show you text he won't see, but you will (Jurek Kirakowski) Re: The FTC is trying to help (Dmitri Mazziuk) RISKS 34.16 Wednesday 10 April 2024 The total eclipse shows us how important solar energy is to the U.S. (The Verge) Chinese Hack of Microsoft Exchange Online Was Preventable, Reviwe Board Finds (Kim S. Nash) Dana-Farber Cancer Institute has retracted 7 studies amid controversy over errors (NBC News) A once-ignored community of science sleuths now has the research community on its heels (NBC News) Can AI help fill the therapist shortage? Mental health apps show promise and pitfalls (CBS News) Hackers stole 340,000 Social Security numbers from government consulting firm (TechCrunch) Critical takeover vulnerabilities in 92,000 D-Link devices under active exploitation (ArsTechnica) Targus says cyberattack is causing operational outage (TechCrunch) After pushing cloud storage, TV provider to auto-delete 61-day-old DVR recordings (ArsTechnica) Texas Will Use Computers to Grade STAAR Tests (Keaton Peters) Cheshire Cat GPS Jamming/Spoofing in Ukraine, Israel, ... (Henry Baker) Scammers exploiting people who change their status to #OpenToWork (Ben Rothke) Mr Bates vs The Post Office now available on PBS in the U.S. (PBS via Jeremy Epstein) Why Open Source Can't Innovate (Dana F. Blankenhorn) Elon Musk Didn't Want His Latest Deposition Released. Here It Is. (HuffPost Latest News) Russian trolls target U.S. support for Ukraine, Kremlin documents show (WashPost) California judge dismisses one of ‘Are We Dating the Same Guy?’ lawsuits (NBC News) YouTube is the most consequential technology in America (WashPost) Yet another 419 variant (Rob Slade) Tesla is settling with the family of the Apple engineer who died in an Autopilot crash (The Verge) Re: AI that targets civilians ... (Dylan Northrup) RISKS 34.17 Sunday 14 April 2024 96% of US hospital websites share visitor info with Meta, Google, data brokers (Steve Bacher) Corporate Greed Made the Change Healthcare Cyberattack Worse (NYMag) Hackable Intel and Lenovo hardware that went undetected for 5 years won't ever be fixed (ArsTechnica) Thermostats and Complexity (Tom Vab Vleck) "Are We Watching the Internet Die?" (Ed Zitron via Rich Kulawiec) AI chatbots spread falsehoods about the EU elections, report finds (Clothilde Goujard) How I Built an AI-Powered, Self-Running Propaganda Machine for $105 (WSJ) Norwescon sci-fi con: Knightscope, AI manuscript deluge, genre in crisis (Douglas Lucas) Hatsune Miku is playing Coachella, but she's not human. Why brands are working with digital avatars (LA Times) AI on Wall Street (NYTimes) Humane AI Pin review: the post-smartphone future isn't here yet AT&T Data breach affects 73 million or 51-million customers. No, we won't explain. (ArsTechnica) Apple alerts users in 92 nations to mercenary spyware attacks (TechCrunch) Apple will open the iPhone to repair with used parts -- but ... (The Verge and TechCrunch via Monty Solomon) Texas Surgeon Is Accused of Secretly Denying Liver Transplants (NYTimes) Palo Alto Zero exploit (Cliff Kilby) After the Eclipse, Motorists Observe a Path of Immobility (NYTimes via PGN) Delta eclipse flight from Dallas veered off path of totality (WashPost) Re: The total eclipse shows us how important solar energy is to the U.S. (Douglas Lucas) Re: AI that targets civilians ... (Amos Shapir) Re: Texas Will Use Computers to Grade STAAR Tests (Douglas Lucas) RISKS 34.18 Friday 19 April 2024 Texas Hack May Be First Disruption of U.S. Water System by Russia (WashPost) A chunk of metal that tore through a Florida home definitely came from the ISS (Ars Technica) FAA investigating after Boston-bound JetBlue flight involved in near collision (The Boston Globe) A Paris Olympics' Sure Thing: Cyberattacks (Tariq Panja) PuTTY vulnerability vuln-p521-bias (sgtatham via Victor Miller) Multistate 911 outage shows fragility of systems, experts say (NBC News) Police bust global cyber-gang accused of industrial-scale fraud (BBC) U.S. Air Force confirms first successful AI dogfight (The Verge) Feds expand investigation into Honda's automatic emergency braking system (ArsTechnica) LastPass users targeted in phishing attacks good enough to trick even the savvy (ArsTechnica) Wrong button clicked, wrong divorce cannot be undone (The Guardian) Big Tech can’t hoard brainwave data for ad targeting, Colorado law says (ArsTechnica) Cops can force suspect to unlock phone with thumbprint, U.S. court rules (ArsTechnica) Alleged cryptojacking scheme consumed $3.5M of stolen computing to make just $1M (ArsTechnica) Tech Friend: Fire at 35,000 feet (WashPost) Are Flying Cars Finally Here? (Gideon Lewis-Kraus) Rust Flaw Enables Windows Command Injection Attacks (Sergiu Gatlan) AI Made These Movies Sharper. Critics Say It Ruined Them. (NYTimes) Will AI transform baseball forever? (The Washington Post) Senate advances vote on reauthorizing warrantless surveillance program (The Verge) Crypto trader Avi Eisenberg convicted of fraud in $110M tradescheme (Axios) At Kernel, your veggie burger will be served by a robot (The Verge) Author granted copyright over book with AI-generated text -- with a twist (Ars Technica) Re: AI on Wall Street (Henry Baker) Re: AI chatbots spread falsehoods about the EU elections, report finds (Amos Shapir) Re: Palo Alto Zero Exploit (Steve Bacher, Cliff Kilby) RISKS Digest 34.19 Monday 22 April 2024 Influential women's tech network shuts down unexpectedly (BBC) Re: Women Who Code shut down today (Rebecca Mercuri) Re: Women Who Code shut down today (Wendy Grossman) ‘We’re a dead ship’: Hundreds of cargo ships lost propulsion in U.S. waters in recent years (WashPost) Tesla Cybertruck turns into world's most expensive brick after car wash (The Register) Software upgrade error grounds all Alaska Airlines flights for 1 hour (Seattle Times) San Francisco’s Train System Still Uses Floppy Disks -- and Will for Years (WiReD) GPT-4 and CVE = exploit (Rik Farrow) The invisible seafaring industry that keeps the Internet afloat (The Verge) Microsoft’s VASA-1 can deepfake a person with one photo and one audio track (Ars Technica) Hospital prices for the same emergency care vary up to 16-fold, a study finds (ArsTechnica) Chirp mandates open-door policy -- in a bad way (Krebs) Netflix doc accused of using AI to manipulate true crime story (ArsTechnica) China orders Apple to remove Meta apps after “inflammatory” posts about president (ArsTechnica) Roku forcing 2-factor authentication after 2 breaches of 600K accounts (ArsTechnica) The GMO tooth microbe that is supposed to prevent cavities (Undark) Virginia to become first state to allow online-only local nesw sites to publish legal notices (ARLnow) Amazon is filled with garbage ebooks. Here’s how they get made. (Esquire)\\ Re: Palo Alto Zero Exploit (Martin Ward) Re: AI chatbots spread falsehoods about the EU elections (Martin Ward) Re: U.S. Air Force confirms first successful AI dogfight (Turgut Kalfaoglu) Re: Wrong button clicked, wrong divorce cannot be undone (Henry Baker) RISKS 34.20 Thursday 25 April 2024 Tesla being operated in autonomous driving mode kills motorcyclist in stop and go traffic (Katie Wade) Waymo car filmed on wrong side of street for two blocks (Ricardo Cano) UK Smart motorway failures (BBC) Generative AI Arrives in the Gene Editing World of CRISPR Cade Metz) It’s the End of the Web as We Know It -- and I don't feel fine... (The Atlantic) You can now buy a flame-throwing robot dog for under $10,000 (ArsTechnica) Meta's newest AI model beats some peers. But its amped-up AI agents are confusing Facebook users (APNews) Deepfakes of Bollywood Stars Spark Worries of Meddling in India Election (Reuters) Advanced Brain Science Without Coding Expertise (Helmholtz Centers) Group Joins Fight Over Online Disinformation (NYTimes) Cisco ASA CVE-2024-20353 (ArsTechnica via Cliff Kilby) Why Is Tech Going Down More? (Liv mcMahon) Utah law Aimed at AI (Politico) How United Airlines uses AI to make flying the friendly skies a bit easier (TechCrunch) AI-powered cameras installed on LA buses to ticket illegally parked cars (LA Times) ResearchRabbit et al. (Debora Weber-Wulff) Hospital prices for the same emergency care vary up to 16X, study find (ArsTechnica) South Korean Defense Industry Under Siege by North Korean Hacker (Presale1) "Killed by a Traffic Engineer" (IslandPress via Prashanth Mundkur) This camera trades pictures for AI poetry (TechCrunch) Re: AI Made These Movies Sharper. Critics Say It Ruined Them. (EPG) Re: Wrong button clicked, wrong divorce cannot be undone (Henry Baker_ Re: UK Post Office IT scandal (Jim Geissman) RISKS 34.21 Saturday 27 April 2024 AI deepfakes threaten to upend global elections. No one can stop them. (WashPost) Tesla's Autopilot and Full Self-Driving linked to hundreds of crashes, dozens of deaths (The Verge) Cisco Says Hackers Subverted Its Security Devices to Spy on Governments (Reuters) Hackers Use Developing Countries as Testing Ground for New Ransomware Attacks (Ellesheva Kissin) 9 Disturbing Stories From People Who Say They Found Cameras in Their Airbnb (Gizmodo) Millions of IPs remain infected by USB worm years after its creators left it for dead (ArsTechnica) Chinese Firm Is America's Favorite Drone Maker, Except in Washington (NYTimes) Stop Using Your Face or Thumb to Unlock Your Phone (Gizmodo) How Google's SGE Could Destroy the Internet (Lauren Weinstein) FTC questions Amazon's use of disappearing messages on Signal (WashPost) FTC says Amazon executives destroyed potential evidence by using apps like Signal (The Verge) Tech brands are forcing AI into your gadgets, whether you asked for it or not (ArsTechnica) Health insurance giant Kaiser will notify millions of a data breach after sharing patients’ data with advertisers (TechCrunch) Chaturbate Owes Texas $675,000 for Not Verifying the Age of Users (Gizmodo) Android TV has access to your entire account, but Google is changing that (ArsTechnica) Health insurance giant Kaiser will notify millions of a data breach after sharing patients’ data with advertisers (TechCrunch) We're always fighting the last war (Henry Baker) Prescient Fiction: 'Forbidden Planet' & 21st C. AI (Henry Baker) RISKS 34.22 Saturday 4 May 2024 Locating where a photo was taken (Jeremy Epstein) Russia Accused of Meddling in GPS Systems (France24) An AI tool used in thousands of criminal cases is facing legal challenges (NBC News) SonarMed Inc. Recalls Airway Monitors Due to a Software Anomaly Resulting in Failure to Detect a Partial Obstruction in 2.5mm Sensors and Up To 3mm Distal to the Sensor Tip (Einpresswire) Engine cover falls off Boeing plane, hits wing flap; Southwest flight returns to Denver airport (NBC News) AI Faces Its 'Oppenheimer Moment (Jonathan Tirone) AI priest avatar gets the chop in first week of digital ministry - (Catholic Herald) Meta AI falsely claims lawmakers were accused of sexua harassment (City & State New York) ChatGPT provides false information about people (NOYB) GitHub's Take on AI-Powered Software Engineering (Kyle Wiggers) Developers seethe as Google surfaces buggy AI-written code (The Register) Precision Attacks Target Intel and AMD Processors (ScienceBlog) Phone Keyboard Exploits Leaves Billion Users Exposed (Margo Anderson) Coffee County, GA, this time ransomware (Douglas Lucas) EU Investigates Meta Over Fears of Election Interference, Foreign Disinformation (Brian Fung) Lawsuits test Tesla claim that drivers are solely responsible for crashes (WashPost) UK bans devices with weak passwords (Computing) Net Neutrality Is Back as FCC Votes to Regulate Internet Providers (Brian Fung) FCC Fines Wireless Carriers About $200 Million for Sharing Customer Data (WSJ) London Drugs closes stores until further notice due to cyberattack (CBC News) Century wrap-around: 101-year old becomes 1-year old (BBC) Healthcare giant comes clean about recent hack and paid ransom (ArsTechnica) Google SGE and shoplifting (Lauren Weinstein) New York Daily News, Chicago Tribune, and others sue OpenAI and Microsoft (The Verge) Can AI-powered drive-throughs save the day for fast food operators? (LATimes) Unexpected S3 bucket costs (Medium) CenturyLink left users with no service for two months, then billed them $239 (ArsTechnica) More customers say 'tap-to-pay' charged their credit card through bags, pockets (ABC7) New Job Scams Targeting Young Professionals Are Flourishing (WSJ) Court upholds New York law that says ISPs must offer $15 broadband (ArsTechnica) We Are Blowing the Fight to Contain Bird Flu (NYTimes) Covid Vaccine Side Effects: 4 Takeaways From Our Investigation (NYTimes) Re: We're always fighting the last war (Amos Shapir) Re: A Chinese firm is America's favorite drone maker except in Washington (Lauren Weinstein) RISKS 34.23 Monday 6 May 2024 Could the Covid-19 Vaccines Have Caused Some People Harm? Thousands think that their cases have been ignored. (Apoorva Mandavilli) Electric car driver turned away from hospital car park (BBC) Drones Changed Myanmar Civil War, Linked Rebels to the World (NYTimes) Hacker Free-for-All in Fight for Routers (Dan Goodin) Politicians Use Social Media to 'Buy' Votes (New Scientist) Zeekill: From teenage cyber-thug to Europe's most wanted? (BBC) What Happens When a Romance Writer Gets Locked Out of Google Docs (WiReD) Apple Password Reset Propagations (Marvin Schaefer) AI Lobbying Frenzy in Washington Dominated by Big Tech (Will Henshall) When grief and AI collide: These people are communicating with the dead (CNN Business) The Sam Altman Playbook (Gary Marcus on AI) Tiffany Haddish started tracking down her online trolls and calling them on the phone (NBC News) Microsoft announces ZTDNS (Cliff Kilby) Former 'Employee Express' Phone Number Being Used by Fraudsters, Warns IG (FedWeek) How Scammers Are Stealing Food Stamps From Struggling Americans (NYTimes) Medical Debt Shows Up Less Often on Credit Reports (NYTimes) More on Google Chrome and the vanishing UNDO function (Lauren Weinstein) Universal Music Artists Will Return to TikTok (NYTimes) If your iPhone alarm has gone quiet, Apple says it's working on a fix (The Verge) Re: Phone Keyboard Exploits Leaves Billion Users Exposed Martin Ward) Re: Boeing's problems (Martin Ward) Re: Can AI-powered drive-throughs save the day for fast food operators? (Steve Bacher) Re: Developers seethe as Google surfaces buggy AI-written code operators (Steve Bacher) Re: Net Neutrality and Black Boxes (Bob Rahe) RISKS 34 24 Saturday 11 May 2024 System outage affecting UniSuper services (via Colin Sutton)´˜´çoß∂Dubjrvy∂ßço More than 200 people with diabetes injured after software issue drained insulin pump batteries (Jamie Gubrecht and FDA) New Spectre-Style 'Pathfinder' Attack Targets Intel CPU, Leak Encryption Keys and Data (The Hacker News) Solar Flares and Northern Lights (WashPost) Wildfires causing widespread telecom outages in the NWT Yukon (CBC) State actor blamed for cyberattack on B.C. government systems (CBC) Interview With the Russian-Military-Linked Hackers Targeting U.S. Water Utilities (WiReD) AI Is Declared Ready to Make Decisions in War (APNews) Microsoft Creates Top Secret Generative AI Service for U.S. Spies (Katrina Manson) AI Bots Are Taking Over the Job Application Process. Everyone Is Losing. (WSJ) Translation Tech Is Amazing, Except When It's Not (WiReD) Hundreds of charges laid in OPP child sexual abuse investigation (CBC) Did Rihanna and Katy Perry attend the Met Gala? No, but AI had fans thinking otherwise (LATimes) Ethereum's Cofounder Says SEC Is Gaslighting Everyone About Crypto (WiReD) New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation (LevianthanSecurity) UnitedHealth Top Executive Slammed Over Cyberattack (NYTimes) Risks with websites providing data that is difficult to interpret (Lars-Henrik Eriksson) Fake photos, but make it fashion. Why the Met Gala pics are just the beginning of AI deception (CBC) Stack Overflow users sabotage their posts after OpenAI deal (ArsTechnica) No Country Should be Making Speech Rules for the World (EFF) Apple faces celebrity backlash over piano crushing (BBC) Robot dogs armed with AI-aimed rifles undergo U.S. Marines Special Ops evaluation (ArsTechnica) Parts supplied to Boeing had 'serious defects' (whistleblower via BBC) How Google Became Evil (Dana F. Blankenhorn) Google's new *Find My* device network is useful but a stalking risk (WashPost) Re: Could the Covid-19 Vaccines Have Caused Some People Harm? (Joseph Gwinn, Jay Libove Alzina) RISKS 34.25 Sunday 19 May 2024 Ex-CDC Director Says It's High Time To Admit Significant Side Effects* of COVID-19 Vaccines (zerohedge) Re: Could the Covid-19 Vaccines Have Caused Some People Harm? (Peter Bernard Ladkin) A woman was dragged by a self-driving Cruise taxi in San Francisco. (LA Times) U.S. Fears Undersea Cables Are Vulnerable to Espionage From Chinese Repair Ships (WSJ) Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach (ArsTechnica) Lethal AI weapons are here: how can we control them? (Nature) Artificial Intelligence Trained To Deceive Humans, Lie (StudyFinds) American IT Scammer Helped North Korea Fund Nuclear Weapons Program, U.S. Says (WSJ) Half of calls to gambling helpline were for help placing mobile bets (The Boston Globe) An identity thief stole $5,000 from me. I spent two years tracking down how. (The Boston Globe) Schumer's AI Roadmap now online (PGN) UnitedHealth Top Executive Slammed Over Cyberattack (NYTimes) Cape Cod Hospital to pay $24.4 million for Medicare billing issues (The Boston Globe) At-Home IV-Drip Therapy Is the Latest Luxury Building issues Amenity (The New York Times) Is the news media picking on Tesla? (LATimes/YouTube) Smarter Vehicles Could Mean Changes to Traffic Lights (Jeff McMurray) Is Your Car Spying on You? Dale Harrington (AP) Tech Giants Treat Southeast Asia Like Next Big Thing (Bloomberg) Will Chatbots Eat India's IT Industry? (The Economist) Newspaper conglomerate Gannett is adding AI-generated summaries to the top of its articles (The Verge) The Night That Sotheby's Was Crypto-Punked (NYImes) MIT students stole $25M in seconds by exploiting ETH blockchain bug, DOJ says (Ars Technica) What Meltdown? Crypto Comes Roaring Back in the Philippines. (NYTimes) OpenAI disbands team devoted to artificial intelligence risks (AFP)(NYTimes) ChatGPT Gets Real (NYMag) The man who turned his dead father into a chatbot (BBC) Dell Hell Redux -- More Personal Info Stolen by Menelik (Security Boulevard) Link Rot and Digital Decay on Government, News and Other Webpages (Pew Research Center) The Rise of Large-Language-Model Optimization backups (ArsTechnica) Unprecedented Google Cloud event wipes out customer account and its optimi (ArsTechnica) A horrifying software bug (trofi) New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrad Attacks (The Hacker News) Deleted photos of former owners reappearing on sold iPads -- and probably iPhones (PhoneArena) As AI becomes more human-like, experts warn users must think more critically about its responses (CBC) AI turned a Ukrainian into Russian propaganda (BBC) Two unlikely U.S. states are leading the charge on regulating AI (Politico) Google tests AI to detect scam phone calls. Privacy advocates are terrified (NBC News) Flood of Fake Science Forces Multiple Journal Closures (WSJ) Newspaper groups warn Apple over ad-blocking plans (Financial Times) Slack users horrified to discover messages used for AI training (ArsTechnica) Tractors that don't know where they are (John Levinw) She was accused of faking an incriminating video of teenage cheerleaders. The problem? Nothing was fake after all (The Guadian) RISKS 34.26 Sunday 26 May 2024 Waymo Under Investigation for Autonomous Driving Technology (Tom Krisher) U.S. halted safety inspections of public housing for weeks after IT failure (NBC News) Microsoft outage took down Copilot, DuckDuckGo, and ChatGPT search features (MSN) Arup lost HK$25mn in Hong Kong deepfake video conference scam (FT) Can we rid artificial intelligence of bias? (techxplore.com) Electricity grids creak as AI demands soar (Matthew Kruk) ChatGPT's evil cousin: Explaining WormGPT, Malicious Generative AI (Presale1) CEO of Google Says It Has No Solution for Its AI Providing Wildly Incorrect Information CNN) ChatGPT Answers Programming Questions Incorrectly 52% of the Time (Lauren Weinstein) Stark Industries Solutions: An Iron Hammer in the Cloud (Krebs on Security) Composer Tan Dun spreads his wings as an audience unmutes their phones (WashPost) Los Angeles suburb to test drone that claims to 'revolutionize' 911 response (Steve Bacher) Spyware found on U.S. hotel check-in computers (TechCrunch) Review and recommendations based on May/June 2023 Microsoft email incidents (CSRB) Why Your VPN May Not Be As Secure As It Claims (Krebs on Security) CIA Twitter Files (Schellenberger) I stumbled upon LLM Kryptonite and no one wants to fix it (The Register) Explosive emails show top NIH adviser deleted records, used *secret* back channels to help Fauci evade COVID transparency (Josh Christenson) Doctors `bribed to use infected blood products' (Telegraph) 10,000 YouTube videos (Lauren Weinstein) Sam Altman Is Full Of Sh*t (The Verge) ASML, TSMC Can Disable Chip Machines If China Invades Taiwan (Bloomberg) Re: Ex-CDC Director Says It's High Time To Admit *Significant Side Effects* Of COVID-19 Vaccines (Steve Lamont) Re: Deleted photos of former owners reappearing on sold iPads -- and probably iPhones (Gabe Goldberg) Re: Is the news media picking on Tesla? (Wol) Re: A woman was dragged by a self-driving Cruise (Steve Lamont) Re: Newspaper groups warn Apple over ad-blocking plans (Steve Bacher) Re: Half of calls to gambling helpline were for help placing mobile bets (Steve Bacher) RISKS 34.27 Tuesday 28 May 2024 Unions Raise Safety Concerns Over Remote-Controlled Trains (The New York Times) 'I was misidentified as shoplifter by facial recognition tech' (BBC) Facebook account takeovers are targeting people you know, turning friendship into fraud (CBC) What Does an AI Do When It Sees an Optical Illusion? (Scientific American) AI-powered hate content is on the rise, experts say (Matthew Kruk) The order in which data is fed to LLMs can make a big difference (PGN) Windows Total "Recall" -- aka *keylogger* -- is security nightmare Crowds Flocked to the New York-Dublin Livestream. Then Things Got Racy. (WSJ) The Harsh Truth Behind Samsung's Phone Repair Program (Florence Ion) Congress Just Made It Basically Impossible to Track Taylor Swift’s Private Jet (Gizmodo) Elon Musk wants our help with a [minor|huge] problem. (Rob Slade) Re: A woman was dragged by a self-driving Cruise taxi in San Francisco (Geoff Kuenning, Wol) Re: Half of calls to gambling helpline were for help (Amos Shapir) Re: I stumbled upon LLM Kryptonite and no one wants to fix it (Steve Bacher) Re: MITRE ATLAS on obscurity (Jared Richo et al.) RISKS 34.28 Friday 30 May 2024 Australia looking into alleged Ticketmaster hack (BBC) Mystery malware destroys 600,000 routers from a single ISP during 72-hour span (ArsTechnica) Linux vulnerability and some info on namespaces (Ars Technica) CVE-2024-24919: Check Point Security Gateway Info Disclosure (Presale1) More Than Half of ChatGPT Answers to Programming Questions Are How Easy Is It to Teach Chatbots to Spew Disinformation? VERY! (Jeremy White) Trump supporters try to doxx jurors and post violent threats after his conviction (NBC News) If AI Can Do Your Job, Maybe It Can Also Replace Your CEO (NYTimes) Rural ISP Routers Bricked Beyond Repair (Security Boulevard) Touch Controls on Stoves Suck. Knobs Are Way Better (WiReD) If you use Veeam (Cliff Kilby) Re: PGN on Ethics in RISKS-34.25 (Stever Robbins) Review of *Wicked Problems*, new book on risks of new technology (Judith Hemenway) RISKS 34.29 Wednesday 5 Jun 2024 NYSE technical error sends stocks tumbling (The Register) NYSE says bizarre glitch that showed Berkshire Hathaway down 99.97% has been resolved (CNN) London Hospitals Face Major Disruptions After Cyberattack (NYTimes) Harvard grad who went off script to address Gaza protests said she uietly revised her speech last minute (NBC News) A New Bone of Contention: Trigger Warnings in Archaeology Class (WSJ) How Researchers Cracked an 11-Year-Old Password to a $3 Million Crypto Wallet (WiReD) 361 million stolen accounts leaked on Telegram added to HIBP (SecureClick) Digital surveillance and customer isolation are individualizing the prices we pay (Prospect) A Pacific Island With Ties to Taiwan Was Hacked. Was It Political? (The NY Times) Deepfake of U.S. Official Appears After Shift on Ukraine Attacks in Russia (The NY Times) Fake News Reports and Videos Seek to Undermine the Paris Olympics (The NY Times) They Spent Their Life Savings on Life Coaching (NYTimes) How a Samsung Washing Machine Chime Triggered a YouTube Copyright Fiasco (WiReD) Don't You Dare Call Me Without Texting First (WSJ) Miracle AI Weapons (Background Briefing) Oral-B bricking Alexa toothbrush is cautionary tale against buzzy tech ( (Ars Technica) New technique can automate data curation for self-supervised pre- training of AI datasets (techxplore.com) Artists threaten to leave Instagram in droves over AI art training (Creative Blog) Today's Funny Pages (Indeed via Cliff Kilby) Re: PGN on Ethics (Jan Wolitzky, Henry Baker, Monty Solomon) Twilight Zone predicted robot CEO (Jeff Jonas) RISKS 34.30 Sunday 9 Jun 2024 An Object Lesson From Covid on How to Destroy Public Trust (Zeynep Tufekci) From the *It's Not a Glitch* Dept. (9NEWS Colorado) Colorado discovers error causing EV tax credit denials Architecture (Zhang Tong) Scientists Find Security Risk in RISC-V Open-Source Chip (The Register) Study finds 268% higher failure rates for Agile software projects The best video I've seen explaining the techical reasons why keeping AM radios in cars is so important! (YouTube) AI Systems Are Learning to Lie and Deceive (Henry Baker) Hamane's Ai Pin (The NYTimes) Microsoft's Jaime Teevan doubles down on Windows Recall's "privacy sh*t-show" (Henry Baker) U.S. to open broad antitrust probe into AI giants (Axios) PHP+Windows Vulnerability (Cliff Kilby) Annandale man wins fraud case against a bank (Annandale Today) RISKS 34.31 Sunday 16 Jun 2024 Waymo issues software and mapping recall after robotaxi crashes into a telephone pole (The Verge) Driver using FSD, staring at phone ... (LATimes) Voting machine contract under scrutiny following discrepancies in Puerto Rico's primaries (AP) Phishing attack hits L.A. County public health agency, jeopardizing 200,000-plus residents' personal info (LATimes) Leaked documents reveal patient safety issue at Amazon's One Medical (The Washington Post) Crooks plant backdoor in software used by courtrooms around the world (Dan Goodin) How a New Jersey man was wrongly arrested through facial recognition tech now in use in Ontario (CBC) Clearview AI Used Your Face. Now You May Get a Stake in the Company. (NYTimes) Microsoft Refused to Fix Flaw Years Before SolarWinds Hack (ProPublica) iOS 18 cracks down on apps asking for full address book access (TechCrunch) A reportedly fake group recruited a real candidate for Congress (Poliico) After sustained attacks by the GOP, Stanford Internet Observatory is being shut down (Casey Newton and Zoë Schiffer) Tile/Life360 Breach: Millions of Users' Data at Risk (Security Boulevard) Generative AI and the law (Lauren Weinstein) New Wi-Fi Takeover Attack -- All Windows Users Warned To Update Now (Forbes) Japan Runs on Vending Machines. It’s About to Break Millions of Them. (NYTimes) The surprisingly not so doomed effort to force U.S. drivers to stop speeding (The Verge) Vax (Jim Geissman) The Age of the Drone Police Is Here (WiReD) MXThunder and FBL (Cliff Kilby) Retired engineer discovers 55-year-old bug in Lunar Lander computer game code (Ars Technica) Google, Cloudflare & Cisco Will Poison DNS to Stop Piracy Block Circumvention (TorrentFreak) Wells Fargo Fires Over a Dozen for 'mouse jiggling' (Henry Baker) Why Microsoft, Google, and others screw up (Lauren Weinstein) Re: Microsoft and Recall (Lauren Weinstein) Re: Tom Van Vleck (Cliff Kilby) Quote of The Day (Edward Snowden) Re: Quote of The Day (James Joyce) RISKS 34 32 Wednesday 26 Jun 2024 Waymo gets green light for expansion into LA and beyond (The Register) World's biggest music labels sue over AI copyright (BBC) Apple Patches AirPods Bluetooth Vulnerability That Could Allow Eavesdropping (The Hacker News) In 6-3 ruling based on lack of standing, Supreme Court rules government may continue fighting social media misinformation (CNN) U.S. Surgeon General declares gun violence a public health crisis (Giffords RISKS 34 33 Tuesday 25 Jun 2024 Titan Disaster Forces Global Rethinking of Deep Sea Exploration (William J. Broad) Dead Tesla Traps Toddler In Hot Car, Raises Concerns About Electric Doors (CarScoops) Nuclear power Senate Vote (BackgroundBriefing) Musk calls for elimination of electronic voting machines, full hand count of all ballots (Politico) Dash to Ditch Paper Money in Sweden Created a Playground for Criminals (Bloomberg) A Catastrophic Hospital Hack Ends in a Leak of 300M Patient Records (WiReD) Antivirus Shuffle over Kaspersky (TechMonitor) Passwords Weakened by Advancements in Computing Processing (Sead Fadilpasic) Hacker Accesses Internal Tile Tool That Provides Location Data to Cops (494 Media) Ozone Hole Mk. II (NCBI) California plans to enlist AI to translate healthcare information (LA Times) In AI we trust, part II: Wherein AI adjudicates every Supreme Court case (adamunikowsky) Incoming *WashPost* editor tied to self-described thief who claimed role in his reporting (Monty Solomon) Amazon-Powered AI Cameras Used to Detect Emotions of Unwitting UK Train Passengers (WiReD) Bacon ice cream and nugget overload sees misfiring McDonald's AI withdrawn (BBC) More productive AI => Self-Poisoned Training = GIGO (Henry Baker) Mass.'s "911 system" crashes... (danny burstein) Mass. 911 system back online after outage (Monty Solomon) AWS MFA/2FA Changes (Cliff kilby) Hacker selling AMD data breach dated June 2024. Europol involved (Presale1) Even Doctors Like Me Are Falling Into This Medical Bill Trap (NYTimes) How Crypto Money Is Poised to Influence the Election (NYTimes) NYC Congestion Pricing paused; but its LPR tracking not paused Passwords Weakened by Advancements in Computing Processing Firefox and Cancer? (The Register) Re: How a New Jersey man was wrongly arrested through facial recognition tech now in use in Ontario (Amos Shapir) Re: Generative AI and the law (John Levine, Lauren Weinstein) RISKS 34.34 Friday 28 Jun 2024 GPS Interference Over Land a Recurring Problem for Transatlantic Flights (Rntfnd) Safety-critical aircraft parts (Jim Geissman) Boeing 737 Max fabrication changes (NYTimes) Software engineers, not astronauts, are the heroes of today's space industry (The Washington Post) The end of the world (Rob Slade) Another major hospital hack (The Guardian) 30,000 Dealerships Down -- Ransomware Outage Outrage no.2 at CDK Global (Security Boulevard) ID verification service fail (404media) Rampant Identity Theft Is Taxing the IRS (NYTimes) ID Verification Service for TikTok, Uber, X Exposed Driver Licenses (404Media via X) Ask Google Search a simple question, and get an AI Overview "guess" that is totally wrong (Lauren Weinstein) China's AI-Powered Sex Dolls Set To Revolutionise Intimacy (NDTV) Supreme Court accidentally posts with Biden admin on Idaho abortion case with Biden admin on Idaho abortion case (CNN) ID verification service reportedly left credentials wide open for a year (Engadget) Firefighter charity bot call (Rob Slade) Voice assistants and AI chatbots still can't say who won the 2020 election (CA News Yahoo!) Ding dong drama: Video doorbells have UK election campaigners spooked (Politico) Re: Dead Tesla Traps Toddler In Hot Car, Raises Concerns About Electric Doors (Steve Bacher) What to do when you send money to the wrong person through Zelle (Elliott Report) Re: Ozone Hole Mk. II (Martin Ward) Re: Antivirus Shuffle over Kaspersky (Steve Bacher) RISKS 34.35 Thursday 11 Jul 2024 Electronic voting in Switzerland (Bertrand Meyer) U.S. and Allies Issue Rare Warning on Chinese Hacking Group (WSJ) Nations Warn Key Open-Source Programs Not Sufficiently Protected (Craig Hale) Russia Breaches TeamViewer: No Evidence Billions of Devices at Risk (Security Boulevard) 10 Billion Passwords Exposed in Largest Leak Ever (Emily Price) Canada warns of AI-driven Russian 'bot farm' spreading disinformation online (CBC) A Bugatti car, a first lady and the fake stories aimed at Americans (BBC) New OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk (The Hacker News) New tool for creating exploits (Rik Farrow) AI Accelerates Software Development to Breakneck Speeds (Joe McKendrick) Microsoft Security Sieve (Cliff Kilby) Americans abroad suffering hours-long roaming outage (The Register) Second Factor SMS: Worse Than Its Reputation (CCC Denmark) Hackers reverse engineer Ticketmaster (404media) BLAST RADIUS (Victor Miller) Feds *finally* starting to take privacy records seriously (HHS press release) Unintended consequences of building population tracking for COVID; public semi-nudity (riaka in ch) Nike killing app for $350 self-tying sneakers (Ars Technica) Re: Software engineers, not astronauts, are the heroes of today's, space industry (Niklas Holsti) Re: What to do when you send money to the wrong person through Zelle (John Levine) Re: Firefighter charity bot call (Jurek Kirakowski) Re: Fwd: Ozone Hole Mk. II (Martin Ward) Re: More productive AI => Self-Poisoned Training GIGO (Amos Shapir) RISKS 34.36 Sunday 21 Jul 2024 CrowdStrike IT outage affected 8.5 million Windows (BBC via Matthew Kruk) A CrowdStrike update crashed the world's computers. What comes next? (WiReD) The MTA's Old Computer Technology Kept Going During Today's MS-related Outrage (Curbed via Henry Baker) Cyber Criminals Seek to Exploit Crowdstrike Outage (Gabe Goldberg) Re: Crowdstrike (Cliff Kilby) Boeing and Failures (BBC viz Jim Geissman) U.S. Gender Care Is Ignoring Science (Pamela Paul) AT&T says hacker stole call records of ‘nearly all’ wireless customers (WashPost) Data breach exposes millions of mSpy spyware customers (TechCrunch) Rite Aid says June data breach impacts 2.2 million people (Victor Miller) What comes around: SSH CVE-2024-6387 (Qualys via Cliff Kilby) Exim attachment flaw CVE-2024-39929 (Censys) New Intel CPU Vulnerability 'Indirector' Exposes Sensitive Data (geoff goodfellow) German Navy still uses 8-inch floppy disks, working on emulating a replacement (ArsTechnica) Zombie browser says "what"? (Betanews) You're holding your phone wrong? (WashPost) In Ukraine War, A.I. Begins Ushering In an Age of Killer Robots (The New York Times) Perfect Apple Supply Chain Bug -- Millions of Apps at Risk of CocoaPods RCE {Security Boulevard) When AI tells you to verify (Lauren Weinstein) In GA the Biggest Election Breach in History Has Gone Uninvestigated (Notus via Susan Greenhagh) OpenAI illegally barred staff from airing safety risks, whistleblowers say (WashPost) Drone photographer pleads guilty to Espionage Act charges (The Verge) Re: Voting in Switzerland (Rebecca Mercuri, Bertrand Meyer) Re: Russian Disinformation (Risks) RISKS 34.37 Thursday 25 Jul 2024 When it comes to math, AI is dumb (Steve Lohr) Microsoft's Global Sprawl Under Fire After Historic Outage (WashPost) Why no public outrage over CrowdStrike/Microsoft and ATT failures? (John Rushby, Andy Poggio) Worldwide BSOD outage (via Rebecca Mercuri) Crowdstrike references (Cliff Kilby) Secure Boot is Completely Compromised (ArsTechnica via Wendy Grossman) Hackers could create traffic jams thanks to flaw in traffic-light controller, researcher says (TechCrunch) Encultured: an AI doomer’s video game startup pivots to medicine. It’ll be fine. (Pivot to AI) New findings shed light on risks and benefits of integrating AI into medical decision-making (medicalxpress.com) Steven Wilson Struggles To Hear That It's Not Him Singingxo AI-Created Songs (Blabbermouth) Limitless AI (Gabe Goldberg) AI captions (Jim Geissman) Switzerland now requires all government software to be open source (ZDNET) Bipartisan legislation that would require all users to use government IDs to access major websites advances in Senate (NBC News) LLM AI Bios (Rob Slade) Re: U.S. Gender Care Is Ignoring Science (Martin Ward) Re: In Ukraine War, AI Begins Ushering In an Age of Killer Robots (Amos Shapir) Re: Fwd: Ozone Hole Mk. II (Cliff Kilby) RISKS 34.38 Monday 29 Jul 2024 Lithium Battery Fire Traps Drivers in Sweltering Heat on 'California Highway (The New York Times) Spy v spy v spy: Jamming home wifi's by crims & cops (Henry Baker) Lawmaker uses AI voice clone to address Congress (BBC via Matthew Kruk) AI May Save Us, or May Construct Viruses to Kill Us (NYTimes) Robots sacked, screenings shut down: a new movement of Luddites is rising up against AI (Ed Newton-Rex) Restrictions on AI training data (NYTimes via Jim Geissman) Apple signs on to Biden's responsible AI guidelines (Politico) Crypto fanatics flock to Trump, hoping to *make bitcoin great again*. (WashPost) Devastating ransomware attack shuts down L.A. County courts Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails (The Hacker News) Prominent Short Seller Made Millions Off Bait-and-Switch Scheme, U.S. Says (NYTimes) Secure Boot is completely broken on 200+ models from 5 big device makers (Ars Technica) Hackers steal call records of 'nearly all' AT&T customers (BBC) Security Firm Discovers Remote Worker Is North Korean Hacker (Michael Kan) New Israeli Spyware (Israel News) Windows resiliency: Best practices and the path forward (MS vis PGN) Google reverts TV YouTube app to original search history behavior (Lauren Weinsteain) CrowdStrike and fuzz testing (Martin Ward) Re: U.S. Gender Care Is Ignoring ... (Julizn Bradford) Re: Switzerland now requires all government software to be open source (Amos Shapir) RISKS 34.39 Saturday 3 Aug 2024 Teenager Accused of Derailing Train and Posting Crash Video Online (NYTimes) Mythbusting SOC costs (Cliff Kilby) How One Man Lost $740,000 to Scammers Targeting His Retirement Savings (NYTimes) Are we too dependent on Microsoft? (CBC) MBTA's new contactless payment system launches Thursday (The Globe) Personal Data of 3 Billion People Stolen in Hack, Suit Says (BloombergLaw) Trolls Used Her Face to Make Fake Porn. There Was Nothing She Could Do. (NYTimes) Amazon forced to recall 400K products that could kill, electrocute people (ArsTechnica) Don't Let Your Domain Name Become a crime site (Krebs on Security) About Kid's Online Safety Act and age verification (Lauren Weinstein) A $100b plan with "70% risk of killing us all" (Stephen Fry) Leaked github token could have put the entire python infrastructure at risk (TechRadar) Argentina will use AI to ‘predict future crimes’ but experts worry for citizens’ rights (The Guardian, geoff goodfellow) Gender Dysphoria and the Cass Review - A Summary of a Discussion (Peter Bernard Ladkin) Re: Google reverts TV YouTube app to original search history behavior (Jim Geissman) Re: AT&T local news (Jim Geissman) Re: Switzerland now requires all government software to open source (Martin Ward, Wol) Re: CrowdStrike and fuzz testing (Jurek Kirakowski) Re: Robots sacked, screenings shut down: a new movement of Luddites is rising up against AI (Wol) IEEE Project on Digital Forensics for Trusted Learning Systems (via Rebecca Mercuri) RISKS 34.40 Wednesday 14 Aug 2024 Bird Flu Shows That the U.S. Learned All the Wrong Lessons from Covid (David Wallace Wells) Beware Politicians' Newfound Love of Crytpo[currency] (Eswar Prasad) Illinois Voter Data Exposed by Unsecured Databases (Lily Hay Newman) Trump Campaign Confirms It Was Hacked (Alex Isenstadt) GPS spoofers 'hack time' on commercial airlines, researchers say Boeing Starliner software (ArsTechnica) Outages Plague Trading Platforms During Stock-Market Selloff (WSJ) Canada's food supply -— under threat? (CBC) French Museum Network Hit by Ransomware Attack (AP) UK PM Warns Social Media Firms After Misinformation Fuels Riots (Reuters) Chipmaking Giant Learns What Works in Taiwan Doesn't in Arizona (John Liu) Power-hungry AI data centers are raising electric bills and blackout risk (LA Times) Cisco to Lay Off Thousands in Latest Round of Tech Cuts (Reuters) Intel Will Fire 15,000 Workers (Eva Dou) Excess memes and ‘reply all’ emails are bad for climate, researcher warns (The Guardian) Experts to PNT leaders: “It’s not working!” (GPS World) The nation’s best hackers found vulnerabilities in voting machines -— but no time to fix them (MSN) We're Entering an AI Price-Fixing Dystopia (The Atlantic) Unfixable Infections (WiReD) Flaw in Hundreds of Mill?ions of AMD Chips Allows Deep, Virtually Unfixable Infections (WiReD) New Flaws in Sonos Smart Speakers Allow Hackers to Eavesdrop on Users (The Hacker News) Logic Gone Astray: A Security Analysis Framework for the Control Plane Protocols of 5G Basebands (USENIX) Call to ban DJI drones introduced in US Senate, company responds (dronedj) DDoS Attacks Surge 46% in First Half of 2024 (Gcore Report) NIST announces post quantum encryption standards (SecurityWeek) Generative AI Has a 'Shoplifting' Problem. This Startup CEO Has a Plan to Fix It (WiReD) Kroger unveils AI-powered automatic price gouger (Pivot to AI) Corporation Email Looks Like A Scam (Bob Smith) ICANN Approves DNS Top-Level Domain for Intranets (Bob Gezelter) RISKS 34.41 Saturday 24 Aug 2024 FAA Proposes New Cybersecurity Standards For Aircraft (AVweb) Power Outages at Port of Los Angeles (LA Times) High-end racing bikes are now vulnerable to hacking (The Verge) Halliburton Hit by Apparent Cyberattack (Matt Egan) German Cyber-Agency Wants Changes in Microsoft, CrowdStrike Products after Outage (Catherine Stupp) Revoked DigiCert Digital Certificates: 27% Not Yet Replaced (BankinfoSecurity) GM to Cut More Than 1,000 Software Engineers, Mostly in U.S. (David Welch) Feds sue Georgia Tech for lying bigly about computer security (DoJ) Policy, due care, and the failure of Heartland Tri-State Bank (NBC News) Birmingham council faces huge loss over Oracle debacle (The Register) Which devices on your network are most vulnerable? (Kaspersky) The Long Arms of Terms of Service (NYTimes) Meta Kills Off Misinformation Tracking Tool (Barbara Ortutay) Microsoft Copilot makes a court reporter into a child molester (Heise) AI Cheating Is Getting Worse (The Atlantic) U.S. Government Wants You -- Yes, You -- to Hunt Down Generative AI Flaws (Lily Hay Newman) Silicon Valley Is Coming Out in Force Against an AI-Safety Bill (The Atlantic) A Loophole in Digital Wallet Security (UMass) AI is an energy hog. It's a strain on the power grid (LA Times) AI and stand-up comedy (BBC) These 'living computers' are made from human neurons — and you can rent one for $500 a month (LiveScience) Florida company faces multiple lawsuits after massive data breach (CBC) Number of Women Taking CS Degrees in UK Continues to Grow (BCS) Is it safer to use an app or a website on your phone? (WashPost) My latest column: How the lab leak controversy will harm you (Jim Geissman) Android Phones Sold with Hidden Insecure Feature (Joseph Menn) Nightly Waymo Robotaxi Parking Lot Honkfest Is Waking Neighbors (Wes Davis) Denver Water's loss of pressure at 5 AM every Monday is the same problem as San Francisco's 4 AM robot taxi honkfest (The Verge) OpenAI Blocks Iranian Influence Operation Using ChatGPT for U.S. Election Propaganda (geoff goodfellow) Regulators May Not Like Deepfakes, But Businesses Are Using Them Anyway (WSJ) AI Detection Tools Often Fail to Catch Election Deepfakes (WashPost) Trump posts fake AI images of Taylor Swift and Swifties, falsely suggesting he has the singer's support (CNN) Re: Illinois Voter Data Exposed by Unsecured Databases (Kevin Kostols) Re: Corporation Email Looks Like A Scam (Steve Bacher, Geoff Kuenning) Re: Kroger unveils AI-powered automatic price gouger (John Levine) Re: NIST announces post quantum encryption standards (John Levine) RISKS 34.42 Monday 26 Aug 2024 Protecting Connected Self-Driving Vehicles from Hackers (Patricia DeLacey) ARRL hit with ransomware (Steve Golson) Fake QR codes posted on Redondo Beach parking meters to scam drivers, police say (LA Times) Toward a Code-Breaking Quantum Computer (Adam Zewe) Multiple Flaws in Microsoft macOS Apps Unpatched Despite Potential Risks (Connor Jones) More on Boeing fuselage panel blowout (Seattle Times) Park'N Fly reveals data breach affecting 1 million customer files (CBC) Local Networks Go Global When Domain Names Collide (Krebs) Biometrics in the workplace may be the way of the future. But at what cost? (CBC) Telegram billionaire co-founder Pavel Durov arrested (Lauren Weinstein) Almost half of FDA-approved AI medical devices are not trained on real patient data (MedicalXpress.com) How much more water and power does AI computing demand? Tech firms don't want you to know (LA Times) How Section 230 Is Being Used Against Tech Giants Like Meta (NY Times) Two policy articles suggested by Dan Geer (PGN) Re: Policy, due care, and the failure of Heartland Tri-State (Geoff Kuenning, Cliff Kilby) Re: Birmingham Oracle (Cliff Kilby) Re: High-end racing bikes are now vulnerable to hacking (Geoff Kuenning) Re: Feds sue Georgia Tech for lying bigly about computer security (Geoff Kuenning) Re: Kroger unveils AI-powered automatic price gouger (Wol) RISKS 34.43 Thursday 29 Aug 2024 Apparent cyberattack at Seattle airport causes internet outages (WCBV) Scammers dupe chemical company into wiring $60 million (Help Net Security) Moscow’s Spies Were Stealing U.S. Tech, Until the FBI Started a Sabotage Campaign (Politico) Android malware steals payment card data using previously unseen technique (ArsTechnica) Recent bot campaign backing Poilievre shows AI easily accessible for political messaging: report (CBC) Without Guardrails, Generative AI Can Harm Education (Dave Farber) Foreign Policy: TikTok ban & global data commons (Douglas Lucas) Telco fined $1M for transmitting Biden deepfake without verifying Caller ID (ArsTechnica) RFID cards could turn into a global security mess after discovery of hardware backdoor (Techspot) Apple to Let iPhone Users Delete Safari, Other Native Apps to Comply With EU Law (WSJ) Re: Feds sue Georgia Tech for lying bigly about computer security (Cliff Kilby) Re: Fake QR codes posted on Redondo Beach parking meters to scam drivers, police say (Geoff Luenning) Re: Birmingham Oracle (Wol) Re: Telegram billionaire co-founder Pavel Durov arrested (Turgut Kalfaoglu) Re: Policy, due care, and the failure of Heartland Tri-State (Phil Smith III) RISKS 34.44 Sunday 8 Sep 2024 Bypassing airport security via SQL injection (Tom Van Vleck How Navy chiefs conspired to get themselves illegal warship Wi-Fi (Navy Times) Chinese Government Hackers Penetrate U.S. ISPs (Joseph Menn) New Yubikey vulnerability (ArsTechnica) JPMorgan Plans to Report Customers Who Exploited TikTok ‘Glitch’ to Authorities (WSJ) California Passes AI Safety Bill (Bloomberg) Musk and xAI accused of worsening Memphis smog with unauthorized turbines (CNBC) AI Could Engineer a Pandemic, Experts Warn (Time) The Bands and the Fans Were Fake. The $10 Million Was Real. (NYTimes) Kids who use ChatGPT as a study assistant do worse on tests (Hechinger Report) Chatbots Are Primed to Warp Reality (The Atlantic) Automated trading bots scheme results in millions of dollars, Teslas, Rolexes, and federal wire-fraud convictions (Justice) Former Tesla Autopilot Head And Ex-OpenAI Researcher Says 'Programming Is Changing So Fast' That He Cannot Think Of Going Back To Coding Without AI (Benzinga) Electric toothbrushes and light-up sneakers are setting France on fire (Politico) Wake me when the Internet of Things is over (StraitsTimes.com) Risks of Rogue WiFi on Navy ships (Navy Times) In feud with Musk, Brazilian justice restricts access to X (LA Times) North Korea Aggressively Targeting Crypto Industry with Well-Disguised Social Engineering Attacks (IC3) Five-day O2/Telefonica DSL outage in Berlin, Germany (SCTB) What The CrowdStrike Outage Can Teach Us about Testing and Failure Modes (Packet Pushers) Visa required for EU entry starting next year (Edward Hasbrouck) Russian 'spy whale' found dead off Norway (BBC) Re:_Moscow's Spies Were Stealing U.S. Tech, Until the FBI Started a Sabotage Campaign (Amos Shapir) Foreign Policy: TikTok ban & global data commons (Cliff Kilby) How Telegram Became Criminals’ Favorite Marketplace (WSJ) Telegram Founder's Indictment Thrusts Encryption into the Spotlightooo (NYTimes) Re: Telegram billionaire co-founder Pavel Durov arrested (John Levine) Re: Feds sue Georgia Tech for lying bigly about computer security (Dylan Norhtrup) Re: Standard security policies and variances (Charles Cazabon) RISKS 34.45 Saturday 14 Sep 2024 The Social Impact of those Little Computers in Our Pockets (Peter Bernard Ladkin) The U.S. Military Is Not Ready for the New Era of Warfare (NYTimes via Susmit Jha) The AI nightmare is already here, thanks to our own governments (Lauren Weomsteom) Hacker tricks ChatGPT into giving out detailed instructions for making homemade bombs (TechCrunch) AI Wants to Be Free -- Or at least very, very cheap (NYMag) Tech giants fight plan to make them pay more for electric grid upgrades (WashPost) A tech firm stole our voices: then cloned and sold them (BBC) The Bands and the Fans Were Fake. The $10 Million Was Real. (NYTimes_ Authors fighting deluge of fake writers and AI-generated books (CBC) AI + Script-Kiddies: Malware/Ransomware explosion? (Henry Baker) Insurance company spied on house from the sky. Then the real nightmare began. (via GG) AI worse than humans in every way at summarising information, government trial finds (Crikey) Generative AI Transformed English Homework. Math Is Next (WiReD) The national security threats in U.S. election software -- hiding in plain sight (Politico) He’s Known as *Ivan the Troll*. His 3D-Printed Guns Have Gone Viral. (NYTimes) Quantum Computer Corrected Its Own Errors, Improving Its Calculations (Emily Conover) Debloating Windows made me realize how packed with useless features it is (Ada Developers) 50,000 gallons of water needed to put out Tesla Semi fire (AP News) (AP) See How Humans Help Self-Driving Cars Navigate City Streets (The New York Times) Love (of cybersecurity) is a battlefield (ArsTechnica) Senate Proposal for Crypto Tax Exemption Is Long Overdue (Cato Institute) More on tariffs and bans against Chinese or other countries' goods Signal Is More Than Encrypted Messaging. Under Meredith Whittaker, It’s Out to Prove Surveillance Capitalism Wrong (WiReD) The For-Profit City That Might Come Crashing Down (NYTimes) ``It just exploded.'' Springfield woman claims she never meant to spark false rumors about Haitians (NBC NEws) Re: Feds sue Georgia Tech for lying bigly about computer security (Cliff Kilby, Dylan Northrup, Cliff Kilby) Re: Standard security policies and variances (Cliff Kilby) Re: How Navy chiefs conspired to get themselves illegal warship WiFi (Shapir, Stan Brown) Re: Former Tesla Autopilot Head And Ex-OpenAI Researcher Says 'Programming Is Changing So Fast' That He Cannot Think Of Going Back To Coding Without AI (Steve Bacher) Re: Moscow's Spies Were Stealing U.S. Tech, Until the FBI Started a Sabotage Campaign (djc) RISKS 34.46 Tuesday 1 Oct 2024 When GPS spoofing messes up your airplane... reboot it (WSJ) More than 1,000 people, including Hezbollah members, wounded in Lebanon after pagers detonate (CBC) More on the Hezbollah pagers (Voice of America News) More skynetish than exploding pagers (Axios) More Than 4 Million Robots Are Working in Factories Worldwide Social media platforms engaged in 'vast surveillance' and failed to CISA state of the industry commentary (The Register) Chatbot Pulls People Away from Conspiracy Theories Crash-detection devices can save lives. But false A Canadian has been arrested in global crackdown on the Ghost encrypted app. Here's how it works Millions of Vehicles Could Be Hacked and Tracked Thanks to a Simple Website Bug (WiReD) Ford seeks patent for tech that listens to driver conversations to The Internet's AI Slop Problem Is Only Going to OpenAI Is Growing Fast and Burning Through Piles of California governor blocks landmark AI safety bill (Pivot 5) Southern California's hottest commercial real-estate market is for CISA state of the industry commentary (The Register) A Canadian has been arrested in global crackdown on the Ghost encrypted app. Here's how it works (CBC) Arrests Made in Relation to $243M Crypto Heist Targeting Genesis Creditor (Coindesk) The crypto bros who dream of crowdfunding a new country (BBC) Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks (The Hacker News) Three Mile Island nuclear plant to help power Microsoft's data-center needs (NBC Nees) Why Does My iPhone Keep Asking Me to Check In With My Ex? (NYImes) How pen and paper comes to the rescue in an IT crisis (BBC) Lionsgate sells movie catalog to AI video startup Runway hoping to replace artists and FX (Pivot to AI) Linux RCE, CUPS CVE-2024-47176 (The Register) Re: The U.S. Military Is Not Ready for the New Era of Warfare (Dylan Northrup)Content-Type: text/plain; charset=UTF-8 RISKS 34.47 Thursday 17 Oct 2024 This Is What Electoral Fraud Looks Like (Jesse Wegman) 2024 Election Protection As AI Increases the Risk of Disenfranchisement (Lillie Coney) Notes for my HealthSec24 paper on Healthcare Risks (PGN) More on money drives healthcare (Robert Boyer) Millions of Vehicles Could Be Hacked and Tracked Thanks to a Simple Website Bug (WiReD) Website Bug Allowed Kia Vehicles to Be Hacked, Tracked (Andy Greenberg) Tesla driver killed in solo crash (PGN) Tesla Cybertruck -- too big and sharp for European roads, say campaigners (The Guardian) Are taxis safer with no driver? These women think so (nbcnews.com) South China Sea tensions and undersea cables (WashingtonReport) Starlink satellites create light pollution and disrupt radio frequencies. And its getting worse (CBC) I-XRAY: The AI Glasses That Reveal Anyone's Personal Details Just from Looking at Them (The Globe) How to Opt Out of AI Online (The New Yorker) California Governor Vetoes AI Safety Bill (Politico) AI Crawlers Are Hammering Sites (Chris Stokel-Walker) Kamala Harris, AI, and the Bletchley Park ghost (Douglas Lucas) Steganographic covert channel (Dan Goodin) Intel is a security risk for China, says influential industry group (cnn.com) K8S Image Builder, CVE-2024-9486 (The Register via Cliff Kilby) WSJ reports China compromised U.S. lawful access systems (Matt Blaze) Calgary Public Library locations remain closed after cyberattack (CBC) (CBC) Parents sue son's high-school history teacher (NBC News) Dynamic pricing unpopular (BBC) Earth has overshot key planetary bounda, scientists warn (Hastings Tribune) China Is Writing World's Technology Rules (The Economist) Mystery Drones Swarmed a U.S. Military Base for 17 Days. The Pentagon Is Stumped. (WSJ) Spotify criticized for letting fake albums appear on real artist pages (ArsTechnica) *The New York Times* tells *Perplexity* to stop using its content (Pivot5) Complete, free CISSP review seminar (Rob Slade) DoJ vs. Google: Users have the most to lose (Lauren Weinstein) Kremlin refutes Trump denial on sending Putin COVID tests (Lauren Weinstein) NBC's former marketing chief: We Created a Monster: Trump Was a TV Fantasy Invented for 'The Apprentice' (USNews) Suspect arrested after reports of threats toward FEMA operations in North Carolina (CNN) Understanding the Limitations of Mathematical Reasoning in Large Language Models (arxiv) Why Restoring Power After Helene Is Complicated (Brad Plumer) Rob's usual disaster season call for emergency management training (Rob Slade) Re: More than 1,000 people, including Hezbollah members, wounded in Lebanon after pagers detonate (Rik Farrow) RISKS 34.48 Friday 8 November 2024 Falsehoods from Russia on Election Were Brazen (NTYimes) 1700 letters from the tax office: Daylight exit messed up (Debora Weber-Wulff) Username Over 52 Characters with No Password says Okta (Presale1) X is the latest social media site letting 3rd parties use your data to train AI models (CBC) Australia plans social media ban for under-16s (BBC) Man who made 'depraved' child images with AI jailed (BBC) 14-year-old obsessed with AI chatbot commits suicide Election Officials Are Prepared for a Lot More Than You Might Think (NYTimes) Annoyed Redditors tanking Google Search results illustrates perils of AI scrapers (Ars Technica) FBI says hackers are sending fraudulent police data requests ot tech giants to steal people's private information (TechCrunch) AI in radio: A Polish interviewer fired (Jim Geissman) When Google's AI agent messes with ya' (Lauren Weinstein) Nobody wants Copilot Pro AI for Office365, so Microsoft will force-bundle it and raise the price? (Pivot to AI) Microsoft, Google and Amazon turn to nuclear energy to fuel the AI boom (CBC) Why Tech Employees Are Ready to Revolt: AI Anthropic Wants Its AI Agent to Control Your Computer (WiReD) AI decodes oinks and grunts to keep pigs happy (Reuters) AI frisking (LA Times) Tribal digital sovereignty in today's dystopia (Douglas Lucas) SF Muni finally ditching floppies (ArsTechnica) Law enforcement operation takes down 22,000 malicious IP addresses worldwide (Ars Technica) LA man wearing GPS ankle monitor is accused of a robbery string. Officials can't track him (LA Times) Yet another danger of cryptocurrencies ... (Rob Slade) The FTC comes after neobank Dave for misleading marketing, hidden fees (TechCrunch) Intel Floundry -> Solyntel (Henry Baker) Intel 2024 = Sow's Ear (Semafor via Henry Baker) RISKS 34.49 Saturday 15 November 2024 Was this election well conducted? (Peter G. Neumann) After Trump Took the Lead, Election Deniers Went Suddenly Silent (The NY Times) Terrified friends burned to death in Tesla as electronic doors (The Mirror) Robotaxis open for business in Los Angele (LsTimes) Zoox's pill-shaped robotaxis become latest self-driving cars to hit California's streets (LA Times) Anomalous Windows Server Update (MSPowerUser) North Korea Jams GPS Signals (The Korea Times) A new iOS 18 security feature makes it harder for police to unlock iPhones (The Verge) A kayaker was missing for months. Authorities say he faked his death. (WashPost) Robotaxis open for business in Los Angeles (LA Times) Fake images of hurricane survivors have become a bizarre meme (NBC News) import what? (The Register) 42% of daily X users have a negative view of it -- losing the block feature won't help (ZDNET) AI fails a student's paper, with "98% accuracy" (The Star via Ed Ravin) Top Routinely Exploited Vulnerabilities in 2023 (CISA.GOV) Inside the Massive Crime Industry That’s Hacking Billion-Dollar Companies (WiReD) How Tech Created a *Recipe for Loneliness* (The NY Times) Hidden Data in Amgen Publicly-released Spreadsheet Possible Cause of Stock Drop (CNBC) I was moderating hundreds of horrific and traumatising videos (BBC) Re: Families Battle Tech Giants as Australia Pushes for an Under-16 Social-Media Ban (WSJ via Monty Solomon) Re: Australia plans social media ban for under-16s (Steve Bacher) Re: Man who made 'depraved' child images with AI jailed (Steve Bacher) Re: Nobody wants Copilot Pro AI for Office365, so Microsoft will force-bundle it and raise the price? (Pivot to AI) (Steve Bacher) Re: AI decodes oinks and grunts to keep pigs happy (Steve Bacher) RISKS 34.50 Saturday 23 Nov 2024 Two Baltic Sea cables suffer breaks; Sabotage Suspected (Bob Gezelter) A deadly crash in Toronto raises questions about the dangers when things go wrong for EVs (CBC) Russian Spies Jumped From One Network to Another Via Wi-Fi in an Unprecedented Hack (WiReD) Evidence-based high-school grading method (PGN) Human vs. Machine: The Promise and Peril of Artificial Intelligence in the Law Enforcement Context (Cato Institute) AI is supposed to make applying to jobs easier -- but it might be creating another problem (NBC News) AI Chatbot Tells Student to Die (Indiana Express) AI Is Already Taking Jobs (Mark Sullivan) Authors miffed by publisher's offer to use their books for AI training (CBC) There's No Longer Any Doubt That Hollywood Writing Is Powering AI (The Atlantic) U.S. Finalizes $6.6-Billion CHIPS Act Grant to TSMC (Nikkei Asia) Zero-Day Exploits Increasingly Sought Out by Attackers (Alex Scroxton) Hardware Hacking? Study Raises Alarm on 98 Risks (Lars Daniel) Dogs allowed? (BBC) Elon Musk Asked People to Upload Their Health Data. X Users Obliged (The New York Times) The leaks begin! - "Unknown and unauthorized third party" has gained access to Matt Gaetz depositions, source says (CBS News) More on: DOJ "remedies" against Google would be a disaster (Lauren Weinstein) 'You are under digital arrest': Inside a scam looting millions from Indians (BBC) Navy Federal customer forced to pay back loan she didn't take out after being scammed (WTKR) "... you are the product" (Rob Slade) Re: Terrified friends burned to death in Tesla as electronic doors wouldn't open after crash (Steve Bacher) Re: Australia plans social media ban for under-16s (Lars-Henrik Eriksson, Dmitri Maziuk) Re: Robotaxis open for business in Los Angeles (Nicholas Weaver) RISKS 34.51 Sunday 29 December 2024 Canada's food supply under threat (CBC) "Vendor technology" issue briefly grounds AA (NYTimes) Sol-Ark manufacturer reportedly disables all Deye inverters in the U.S. (Solarboi) Stop&Shop Races to Restock Shelves After Cybersecurity Issue (WSJ) Bank sends $10M CAD of arts funding to scammers (The Star) Hackers Can Jailbreak Digital License Plates to Make Others Pay Their Tolls and Tickets (WiReD) The Paper Passport Is Dying (WiReD) U.S. to Probe Chinese Chips (Bloomberg) Finland Boards Russian-linked Oil Tanker after Undersea Cables Cut (Sky News) Japan Airlies Hit by Cyber-attack (Sayumi Take) Mathematicians Found, Fixed Error in 60-year-old Proof (Alex Wilkins) State Department's Disinformation Office to Close (CyberScoop) How to Make the Drone Panic So Very Much Worse (NYTimes) Taiwan Wants to Build the West's Drone Army (Antoaneta Roussi) Authorities abroad use phone-cracking tools to install spyware, report says (WashPost) Why are teens losing their minds about college applications? This senior thinks she knows why (CNN) Startup will brick $800 emotional support robot for kids without refunds (Ars Technica) Man versus autonomous car race ends before it begins (ArsTechnica) AI traffic cameras could be watching you on the road (NBC News) Is the Tech Industry on the Cusp of an AI Slowdown?" (NYTimes) ChatGPT search tool vulnerable to manipulation and deception, tests show (The Guardian) Microsoft refuses a documentation fix because it might not understand text in tables (Pivot to AI) Should you trust an AI-assisted doctor? He visited one to see. (WashPost) No longer working and just wait until AI agents come along (The Conversation) The Next Great Leap in AI Is Behind Schedule and Crazy Expensive (Deepa Seetharaman) How Hallucinatory AI Helps Science Dream Up Breakthroughs"\ (William J. Broad) New York City buses using AI to issue mistaken tickets en masse (NBC NY) Australia's under-16 social-media ban to use hand-waving to verify ages with AI (NPR) Character.AI allegedly told an autistic teen it was OK to kill his parents. They're suing to take down the app (CNN Business) U.S. health insurance: Frustrations with care denials (CNN) Lyme turns Luigi into assassin (Lymedisease.org) Ubiquitous Walmart Trojan horse (Reuters via Bob Boyer) What happens when The Internet disappears? (The Verge) Indiana bakery still used Commodore 64 in 21st century (Boeingboing) Re: 'palen' in RISKS-34.50 (Robert R. Fenichel) RISKS 34.52 Saturday 11 January 2025 10 killed and dozens injured in pickup-truck attack on New Orleans crowd (Lauren Weinstein) 'Fundamentally wrong': Self-driving Tesla steers Calif. tech founder onto train tracks (SFGate) Driver accidentally disconnects autopilot, crashes car (Lars-Henrik Eriksson) Driver in Las Vegas Cybertruck explosion used ChatGPT to plan blast, authorities say (NBC News) It's not just Tesla. Vehicles amass huge troves of possibly sensitive data. (WashPost) Tech allows Big Auto to evolve into Big Brother (LA Times via Jim Geissman) Wrong turn from GPS leaves car abandoned on Colorado ski run (9news.com) A Waymo robotaxi and a Serve delivery robot collided in run Los Angeles (TechCrunch) Waymo robotaxis can make walking across the street a game of chicken (The Washington Post) Trifecta of articles in *LA Times* about cars (Ssteve Bacher) LA Sheriff outage (LA Times) Eutelsat resolves OneWeb leap year software glitch after two-day outage (SpaceNews) Traffic lights will have a fourth color in 2025 (ecoticias via Steve Bacher) FAA chief: Boeing must shift focus to safety over profit (LA Times) ARRL hit with ransomware (ARRL) Taiwan Suspects China of Latest Undersea Cable Attack" (Tom Nicholson) The Memecoin Shenanigans Are Just Getting Started (WiReD) Apple to pay $95M to settle lawsuit accusing Siri of eavesdropping (CBC) Meta Getting Rid of Fact Checkers (Clare Duff) Huge problems with axing fact-checkers, Meta oversight board says (BBC) Meta hosts AI chatbots of 'Hitler,' 'Jesus Christ,' Taylor Swift (NBC News) God can take Sunday off (NYTimes via Tom Van Vleck) Several items Google and Meta (Lauren Weinstein_ AI means the end of Internet search as we've known it (Technology Review)) Is it still 'social media' if it's overrun by AI? (CBC) AI Incident Database (Steve Bacher) Apple's AI News Summaries and Inventions (BBC) What real people think about Google Search today (Lauren Weinstein) WARNING: Google Voice is flagging LEGITIMATE robocalls from insurance companies to their customers in the fires as spam (Lauren Weinstein) A non-tech analogy for Google Search AI Overviews (Lauren Weinstein) Happy new year, compute carefully (Tom Van Vleck) How to understand Generative AI (Lauren Weinstein) Google censoring my AI criticism? (Lauren Weinstein) U.S. newspapers are deleting old crime stories offering subjects a clean slate (The Guardian) EU Commission Fined for Transferring User Data to Meta in Violation of Privacy Laws (THN) The Ghosts in the Spotify Machine (Liz Pelly:) Spotify (Rob Slade) RISKS 34.53 Sunday 26 Jan 2025 Fraud Has Delayed a Cure for Alzheimer's (Charles Piller) Strengthening and Promoting Innovation in the Nation's Cybersecurity (Uncle Sam) White House Disbands Cyber Safety Review Board (John Leyden) Executive Order Calls for AI 'Free from Ideological Bias (AP) The Trump Memecoin's Money-Grab's Economics (WiReD) New AI tool counters health insurance denials decided by automated algorithms (U.S. healthcare in The Guardian) Will we control AI, or will it control us? Top researchers weigh in? (CBC) The Pentagon says AI is speeding up its 'kill chain' (Techcrunch) Arrested by AI: Police ignore standards after facial recognition matches (WashPost) CIA's Chatbot Stands In for World Leaders (NY TImes) Microsoft research finds Microsoft AI products may never be secure (Pivot to AI) The impeccable logic of Sam Altman (Gary Marcus) AI in medicine (Jim Geissman) Signature moves: are we losing the ability to write by hand? (The Guardian) How a Troubled Icebreaker Became America's Newest Military Vessel (ProPublica) MasterCard DNS Error Went Unnoticed for Years (Krebs on Security) Research Uncovers Major Vulnerability in Wireless Networking Technology (Cesareo Contreras) Los Angeles County's evacuation alert system broke down during fires. It's part of a larger problem (LA Times) After safety alert glitches, county overhauls system (LA Times) Fake radiation reports... (Kim Zetter via danny burstein) Traffic jams? Study reveals ants' secrets to smooth traffic flow (PHYS.ORG) Man Loses Bid to Recover Hard Drive Containing Bitcoin Key (ArsTechnica) UK Judge Ends One Man's 11-Year Quest to Recover $765 Million in Bitcoin by Digging Up a Landfill (WiReD) Rsync CVE-2024-12084 (Debian) AHHHHHH TPM2 BROKE LUKS!!! (Cliff Kilby) Re: A non-tech analogy for Google Search AI Overviews (Steve Bacher) Re: LA Sheriff outage (Steve Bacher) Re: Eutelsat resolves OneWeb leap-year software glitch after two-day outage (Steve Bacher) Re: Tech allows Big Auto to evolve into Big Brother (Martin Ward) RISKS 34.54 Thursday 6 Jan 2025 Volume 34 : Issue 54 Collision over Potomac Reveals Several Lapses in Aviation Safety Net (NYTimes) Why an anti-collision system might not have prevented DCA plane crash (WashPost) CA Congressman launches investigation into L.A. County's faulty emergency alerts (LA Times) Risk Export (phys.org) The Public's Health Care vs. the Rich's Taxx Cuts (Aaron Carrell) Japan to Curb Exports of Chips, Quantum-Computing Tech" (Mayumi Negishi) Chinese-Made Patient Monitor Contains a Secret Backdoor (Michael Kan) International Police Op Takes Down Cybercrime Marketplaces (Darryl Coote) U.S. Teens Increasingly Misled by Fake Content Online (Liam Reilly) Police ignore standards after AI facial recognition matches (The Washington Post) The Robot Doctor Will See You Now (NYTimes) White House seeks public input on AI strategy AI Systems with 'Unacceptable Risk' Now Banned in EU (Kyle Wiggers) Why Is This CEO Bragging About Replacing Humans With AI? (NYTimes) Why AI could replace NFL first-down markers sooner than you might think (NBC News) DeepSeek's Chatbot Achieves 17% Accuracy in Audit (Rishi Kant) 58% of Ransomware Victims Forced to Shut Down Operations (James Coker) Asia Goes Cashless as Countries Push for Digital Payments (Kinnei Asia) AI Systems with 'Unacceptable Risk' Now Banned in EU (Kyle Wiggers) New attacks on speculative execution (Victor Miller) Cybersecurity, government experts are aghast at security failures in DOGE takeover (CyberScoop) DOGE probes CMS for Medicare, Medicaid fraud: Wall Street Journal (Rylee Wilson) White House seeks public input on AI strategy (Axios) Re: AI in medicine (Kent Borg) Re: Eutelsat resolves OneWeb leap-year software glitch (Amos Shapir) RISKS 34.55 Saturday 8 Feb 2025 UK slaps Technical Capacity Notice on Apple requiring Law Enforcement access to encrypted cloud data (WashPost) A Fork in the Road: Is Federal Employee Privacy Compromised? (Mueller vis Gabe Goldberg) U.S. Blocks Open Source 'Help' From These Countries (NYTimes) ChatGPT in Shambles (Gary Marcus) Google drops pledge on AI use for weapons (BBC) DeepSeek Linked to Banned Chinese Telecom (Byron Tau) DeepSeek iOS App Reported to use Unencrypted HTTP Communications (Ars Technica) On DeepSeek, you can watch AI navigate censorship in real time (NBC News) Reimagining the American War Machine (NYTimes) U.S. Treasury Threat Intelligence Analysis Designates DOGE Staff as 'Insider Threat' (WiReD) Read-only access? Not really! (Steve Bacher) Government Tech Workers Forced to Defend Projects to Random Elon Musk Bros (WiReD) Inside a network of AI-generated newsletters targeting small-town America (Nieman Lab) New jailbreak "Time Bandit" tricks LLMs' temporal sense (Bleeping Computer) Federal Webpages Go Dark as Public Data Is Removed (Time) Los Angeles County sheriff's computer dispatch system crashes again (LA Times) Militarized AI (LRB) Waymo vs. potholes in Los Angeles (LA Times) Waymo is getting ready to tackle Los Angeles' freeways. How have the robotaxis fared so far? (LA Times) Almost one in 10 people use the same four-digit PIN (ABC News) In cleanup from California fires, lithium-ion batteries are a dangerous challenge (NBC News via Steve Bacher) Google remakes Super Bowl ad after AI cheese gaffe (BBC via Jim Geissman) Re: Research Uncovers Major Vulnerability in Wireless Networking Technology (Steve Bacher) RISKS 34.56 Sunday 16 Feb 2025 UK Kicks Apple's Door Open for China (WSJ) Trump firings cause chaos at agency responsible for America's nuclear weapons (NPR) Lies, Damned Lies and Trumpflation (Paul Krugman) Government Tech Workers Forced to Defend Projects to Random Elon Musk Bros (WiReD) The Government's Computing Experts Say They're Terrified (The Atlantic) AI chatbots unable to accurately summarise news (BBC) AI can now replicate itself -- a milestone that has experts terrified (Space) Ex-Google boss fears AI could be used by terrorists (BBC) Dear, did you say pastry? meet the AI granny driving scammers up the wall (The Guardian) DeepSeek redefines who'll control AI (David Wamsley, Susmit Jha) Canadian residents are racing to save the data in Trump's crosshairs (CBC) Hiding the Fatal Motor Vehicle Crash Record (data-science) Government Accountability Office report on IT challenges (PGN) No squirrels? Monkeys will do! (BBC) ChatGPT may not be as power-hungry as once assumed (techcrunch) Hollywood writers say AI is ripping off their work. They want studios to sue (Steve Bacher) Re: UK slaps Technical Capacity Notice on Apple requiring Law Enforcement access to encrypted cloud data (Julian Bradfield) RISKS 34.57 Thursday 20 Feb 2025 Delta Plane Crashes and Overturns While Landing at Toronto Airport (NYTimes) ATC Firings (The Guardian) Too much fuel, not enough planning? (N Herald) Family Of DC Plane Crash Victim Files $250M Legal Claims (Arlington, VA Patch) Top U.S. Election Security Watchdog Forced to Stop Election Security Work (WiReD) Censored Science Can't Save Lives (NYTimes) The war against information (The New Republic) How not to hire for a senior information security role (Ben Rothke) Ransomware, disease, and 'ultra low-cost retailers': Why 3 iconic Canadian clothing stores went broke (CBC) DeepSeek 'shared user data' with TikTok owner ByteDance (YNA) Copter May Have Missed Key (NYTimes, Mark Walker) Re: Lies, Damned Lies and Trumpflation (Gabe Goldberg) Re: Hiding the Fatal Motor Vehicle Crash Record (Ed Ravin) Re: Dear, did you say pastry? meet the AI granny driving scammers up the wall (Amos Shapir. Steve Bacher) Aviation analyst on DC January 29 helicopter crash references "Swiss Cheese human & systems failure model" (James T Reason via Rob Wilcox) RISKS 34.58 Saturday 15 Mar 2025 Two Planes, in Washington and Chicago, Abort Landings to Avoid Collisions (The New York Times) Badly designed user interface causes $81 trillion to be credited to a Citigroup client account (Financial Times) Espionage Groups Target Drone Technology Makers, Researchers Say (Bloomberg) The Worst 7 Years in Boeing's History -- and the Man Who Won't Stop Fighting for Answers (WiReD) As websites disappear, link rot threatens journalism (Poynter) Musk ... blocking grants, Johns Hopkins firing 2000 workers on major medical research and other projects around the world (Lauren Weinstein) Science journal Nature promotes AI chatbots for academic peer review (Pivot to AI) To Identify Suspect in Idaho Killings, FBI Used Restricted Consumer DNA Data (The New York Times)a Mark Klein, AT&T technician who helped expose NSA spying, dies at 79 (The Washington Post) As AI Evolves, Do Codes Still Need to Code? (NYTimes) AI Reshapes the Coding Workforce (Isabelle Bosquette) What Happens When AI Joins Every Meeting? *NYMag) Two Texas Lottery Wins Prompt Investigations and Stir Public Outrage (The New York Times) Trump administration cuts $10M funding from CISA nonprofit Center for Internet Security (AP News) U.S. Chips Act Office Loses Two-Fifths of Staff (Mackenzie Hawkins) NASA Cuts (NY Times) U.S. Government Cuts Key Software Division Without Warning (Ellen Jennings-Trace) DOGE ousts security testers (The Register) DOGE Quietly Deletes the 5 Biggest Spending Cuts It Celebrated Last Week (Sundry Sources) Oracle rollout fiasco (Jim Geissman) Health NZ was using a single Excel spreadsheet to track $28 billion of public money; report outlines 'significant concerns' (Jim Geissman) DOGE will use AI to assess the responses from federal workers who were told to justify their jobs via email (NBC News) eSpeech-recognition fail (BBC) Apple's Dictation System Transcribes the Word `Racist' as `Trump' (The New York Times) AI search engines give incorrect answers at an alarming 60% rate, study says (ArsTechnica) It's a risky AI double header! (Gabe Goldberg) Agentic AI Issues (Meredith Whittaker) Signal no longer cooperating with Ukraine on Russian cyberthreats, official says (The Record from Recorded Future News) Did AI really defend the KKK at the end of his column? (LA Times) Germany May Refuse F-35 Purchase over Emergency Switch, Consider Eurofighter Instead (Defense Mirror) Tesla makes step toward robotaxi services in California. What to know (LA Times) When Your Last Name Is Null, Nothing Works (WSJ) XScreenSaver: Google Store Privacy Policy (Gene Goldberg) Creators Insist Coupon Browser Extensions Are Stealing Money. Will the Courts Agree? (WSJ) RISKS 34.59 Saturday 22 Mar 2025 Heathrow Comes to a Standstill (The NY Times) UK Cybersecurity Agency Warns of Quantum Hacking Risks (Dan Milmo) Cybersecurity Officials Warn Against Medusa Ransomware Attacks (Sarah Parvini) Facebook to stop targeting ads at UK woman after legal fight (BBC) The Strange, Post-Partisan Popularity of the Unabomber (NYTimes) Airport Theory Will Make You Miss Your Flight(WiReD) DOGE Discovers 14 Magic-Money Computers, Which Can Just Make Money Out of Thin Air (The Gateway Pundit) French scientist on way to U.S. conference denied entrance and threatened by FBI due to messages on phone critical of Trump (The Guardian) 1 in 4 U.S. Programming Jobs Vanish (Andrew Van Dam) Waymo Driverless Taxis Got 589 Parking Tickets in San Francisco Last Year (Lisa Bonos) Ontario police may have secretly used controversial spyware Israeli software (CBC) Paragon Spyware Tool Linked to Canadian Police (Ruan Gallagher) Datacenter Boom Poses New Risk to Grid Operators (Tim McLaughlin) China to Spend $55 Billion on R&D in 2025 (Anton Shilov) Low-Cost Drone Add-Ons From China Let Anyone With a Credit Card Turn Toys Into Weapons of War (WiReD) Tesla Autopilot drives into Wile E Coyote fake road wall in camera vs lidar test (Electrek via Steve Bacher) The Trump Administration Wants USAID on the Blockchain (WiReD) Social Security experts fear disaster after DOGE changes (Lauren Weinstein) `Deadman' loses benefits and lives to tell the story (Seatle Times) Warning regarding AI contamination of Google (Lauren Weinstein) Re: The Worst 7 Years in Boeing's History (Henry Baker) Re: Two Planes, in Washington and Chicago, Abort Landings to Avoid (Lars-Henrik Eriksson, Peter Bernard Ladkin) Aviation analyst: Toronto Delta 4819 Operating envelope fails in weather (Rod Wilcox) Re: As websites disappear, link rot threatens journalism (Marin Ward, Steve Bacher) Re: When Your Last Name Is Null, Nothing Works (Steve Bacher) Re: To Identify Suspect in Idaho Killings, FBI Used Restricted Consumer DNA Data (Steve Bacher) RISKS 34.60 Tuesday 1 April 2025 *Security for ordinary folks*: Lessons from Signalgate 1 - Rules (Rob Slade) Even More Venmo Accounts Tied to Trump Officials in Signal Group Chat Left Data Public (WiReD) NSA warned of vulnerabilities in Signal app month before Houthi strike chat (CBS News) Bitcoin in the bush -- the crypto mine in remote Zambia (BBC News) The Town That Went Crazy for Crypto Trump and Xi Need a Shared Trust on AI Now (Thomas Friedman) The Future of AI??? (2 reports via PGN) How AI Is Changing the Way the World Builds Computers (The NY Times) AI voice clones pose an 'existential crisis' for actors (LA Times) AI could take your next drive-through order (LA Times) How Google threw out safeguards in desperate push for AI at any cost (WiRed) 'Brainrot' AI on Instagram Is Monetizing the Most F*cked Up Things' You Can Imagine -- and Lots You Can't (404Media) The most evil AI on film (YouTube) "Please sir, may I have some more?'' Florida wants to change laws (CNN via Lauren Weinstein)) Utah Passes Child Safety Law Requiring Apple to Verify User Age iThe Signal Chat -- Annotated (Lauren Weinstein) Forks or No: How "AI" messed up survey questions Cloakd Ransomware Hits Virginia Attorney General's Office, Disrupts IT Systems (Hackread) United Airlines flight to China diverted to San Francisco after pilot forgets passport (NBC News) Donald Trump's Government cuts funding for NZ scientists' trip to U.S. (NZ Herald via Jim Geissman) They Were Deactivated From Delivering. Their Finances Were Devastated. (NYTimes) New uses for old data (Jim Geissman) Attorney General Bonta Urgently Issues Consumer Alert for 23andMe Customers Customers (State of California - Department of Justice - Office of the Attorney General, via Dave Farber) 23andMe Customers Scramble to Delete Data, Seek Assurances After Bankruptcy (WSJ) Re: Airport Theory Will Make You Miss Your Flight (John Levine) Re: Not Unprecedented -- Heathrow Comes to a Standstill (David E, Ross) After Heathrow Debacle: Who Pays for a Ruined Vacation? (Monty Solomon) How AI Is Changing the Way the World Builds Computers (Monty Solomon) Re: When Your Last Name Is Null, Nothing Works (Amos Shapir) RISKS 34.61 Friday 18 April 2025 Gov IT whistleblower threatened at home (ArsTechnica) Starliner crew post-return interview; Important Lessons (ArsTechica) DOGE Plans to Rebuild SSA Code Base in Months, Risking Benefits and System Collapse (WiReD) The DOGE Axe Comes for Libraries and Museums (WiReD) DOGE reportedly using Google Docs in violation of vetting and chains of custody (Lauren Weinstein) Another Masterful Gambit: DOGE Moves From Secure, Reliable Tape Archives to Hackable Digital Records (404Media) Ireland probes Musk's X for feeding Europeans' data to its AI model Grok (Politico) Silicon Valley crosswalk buttons apparently hacked to imitate Musk, Zuckerberg voices (Palo Alto Online) Hacked pedestrian crossings play fake messages from Musk and Zuckerberg (BBC) Em-dashes considered a sign of AI-written text -- not joking, but hilarious (Lauren Weinstein) A little nerd humor from Sunday's Demonstration. (Boston, via P M Wexelblat) NATO acquires AI military system from Palantir (FT) AI models still struggle to debug software, Microsoft study shows (TechCrunch) Tariffs and AI (NY Times via Jim Geissman) TLS certs to expire at 47 days by 2029 (Cliff Kilby) RISKS 34.62 Sunday 11 May 2025 The Newark Airport Crisis Started When Controllers Lost Contact With Planes (NY Mag) Newark Air Traffic Control Faces Risks (The NY Times) `Everybody's worst nightmare': Air traffic controllers say outages have become too frequent (NBC News) Iberian Electric Grid Blackout 4/28/2025 Grid Engineering Presentation (YouTube) Self-Driving Cars Have New Rules in the U.S. Here' Why That Matters (Scientific American) Cable Theft in Spain Disrupts Train Travel for Thousands (NY Times) Rejoice! Carmakers Are Embracing Physical Buttons Again (WiReD) Apple, Meta Fined for Breach of EU Law (Reuters) Draft Executive Order Outlines Plan to Integrate AI into K-12 Schools (Frances Vinall) U.S. Asks Judge to Break Up Google (David McCabe) North Koreans Use Real-time Deepfakes to Secure Remote Jobs (Cyber Security News) Italian Newspaper Gives Free Rein to AI (Crispian Balmer) FBI Says Cybercrime Costs Surpassed $16 Billion in 2024 (Raphael Satter) Ransomware site gets hacked (via Victor Miller) Airlines Are Collecting Your Data And Selling It To ICE (LeverNews) Millions of Canadians' health data available for sale to pharmaceutical industry, study shows (CBC) Everyone Is Cheating Their Way Through College (NYMag) DOGE aims to pool federal data, putting personal information at risk (WashPost) The leaning tower of arrogance (Lucian Truscott) Hegseth's Use of Passwords Raises New Security Concerns (NY Times) DOGE software engineer's computer infected by info-stealing malware (ArsTechnica) New Zealand's prime minister proposes social media ban for under-16s (The Guardian) Satya Nadella says as much as 30% of Microsoft code is written by AI (CNBC) Google Plans to Roll Out Gemini AI Chatbot to Children Under 13 (The New York Times) Hilarious Google AI Overview stupidity, as demonstrated regarding the film *Our Man Flint* (Lauren Weinstein) California Supreme Court orders state bar to revert to national exams after testing debacle (LA Times) Open-Source projects are being inundated with AI-garbage "bug" reports -- here's one example. (ArsTechnica) A Staggering Number of Gen Z Think AI Is Already Conscious (via geoff) After an Arizona man was shot, an AI video of him addresses his killer in court (NPR) AT&T ending text to e-mail gateway (via PGN) Apple, Meta Fined for Breach of EU Law (Reuters) Draft Executive Order Outlines Plan to Integrate AI into K-12 Schools (Frances Vinall) U.S. Asks Judge to Break Up Google (David McCabe) North Koreans Use Real-time Deepfakes to Secure Remote Jobs (Cyber Security News) In 2025, venture capital can't pretend everything is fine any more (Pivot to AI) Italian Newspaper Gives Free Rein to AI (Crispian Balmer) FBI Says Cybercrime Costs Surpassed $16 Billion in 2024 (Raphael Satter) Ransomware site gets hacked (via Victor Miller) Colorado postal worker pleads guilty to rigging 2024 presidential election (two items from Jim H, The Gateway Pundit) New Zealand's prime minister proposes social media ban for inder-16s (The Gurdian) A Staggering Number of Gen Z Think AI Is Already Conscious (via geoff goodfellow) After an Arizona man was shot, an AI video of him addresses his killer in court (NPR) School boards hit with ransom demands linked to PowerSchool cyberattack (Matthew Kruk) UnitedHealth's Move to End Cyberattack Loan Lifeline Upsets Medical Providers (The New York Times) Ransomware site gets hacked (via Victor Miller) Anthropic CEO Admits We Have No Idea How AI Works (Futurism) Next time you're loading nuclear weapons ... (YouTube via Lauren Weinstein)) Voice clones pose an 'existential crisis' for actors: 'It's a violation of our humanity' (LA Times) Van freed after being trapped in car park for more than two years (BBC) RISKS 34.63 Saturday 17 May 2025 Newark's Air-Traffic Control Staffing Crisis Is Dire. It's Also Not Unique. (The New York Times) Exclusive: NSF faces radical shake-up as officials abolish its 37 divisions (Science) Rogue communication devices found in Chinese solar power inverters (PGN, Ben Moore) EU Security Bug Database Fully Operational (Jessica Lyon) Researchers Discover New Security Vulnerability in Intel Processors (Daniel Meierhans) Investigation into false evacuation alerts sent during L.A. fires places blame, calls for more regulation (LA Times) Meta to Train AI on EU User Data From May 27 Without Consent; Noyb Threatens Lawsuit (The Hacker News) Young Americans are investing in crypto and meme coins as a path to wealth (The Washington Post) If AI is so good at_coding, where are the open-source contributions (Pivot to AI) How Apple Created a Legal Mess When It Skirted a Judge’s Ruling (NYTimes) How to Secure Your Phone’s Data Before Traveling Abroad (NYTimes) Thumbprint on Cigarette Carton Cracks a 48-Year-Old California Murder Case (NY Times) Walgreens doubles down on prescription-filling robots to cut costs, free up pharmacists amid turnaround (CNBC) Smart Phones Finally Getting Expelled in Classes (New York Magazine) A VPN Company Canceled All Lifetime Subscriptions, Claiming It Didn't Know About Them (WiReD) Why We're Unlikely to Get Artificial General Intelligence Anytime Soon (NY Times) Attack Steals Cryptocurrency by Planting False Memories in Chatbots (Dan Goodin) Young Americans are investing in crypto and meme coins as a path to wealth (The Washington Post) His X Account Was Hijacked to Sell a Fake WIRED Memecoin. Then Came the Backlash (WiReD) CISA mutes own website, shifts routine cyber-alerts to Musk's RSS, email (The Register) Tragedy, Fools but no Iago in sight (Peter Bernard Ladkin) Riverside wants to become 'the new Detroit.' Can this self-driving electric bus get it there? (LA Times) IBM Vibe coding (Martin Ward) How to fix your code using OpenAI (Martin Ward) Case quacked: Flying duck caught by Swiss speed camera is repeat offender (BBC) We live in the tension between overestimating risks and ignoring them (Jim Geissman) RISKS-34.62 layout (Mark Brader) Re: FBI Says Cybercrime Costs Surpassed $16 Billion in 2024 (Richard Marlon Stein) Re: New Zealand's prime minister proposes social media ban for under-16s (Steve Bacher) Re: After an Arizona man was shot, an AI video of him addresses his killer in court (Steve Bacher) RISKS 34.64 Friday 23 May 2025 The Food Conspiracy That's Actually True (Julia Belluz) Critically appraising the Cass report: methodological flaws and unsupported claims (Biomed Central) 2 dead + 19 injured on Mexican Navy training tall ship hits Brookly Bridge (Lauren Weinstein) Lufthansa plane flew for 10 minutes without ANY Pilot as COVID-19 Vaccinated first officer lost consciousness and captain was in the washroom! (MakisMD) At LAX Airport, Uber Drivers Wait. And Wait. And Wait. (NY Times) The U.S. Army is getting in on right-to-repair (The Verge) FBI warns of ongoing scam that uses deepfake audio to impersonate government officials (ArsTechnica) The Booming Business of Returned Products (NYTimes) Reopening Three Mile Island Unit 1 (Rob Wilcox) The secretive U.S. factory that lays bare the contradiction in Trump's America First plan (BBC) Trump's NIH And NSF Cuts Estimated To Cost The U.S. Economy $10 Billion Annually -- for a long time (Virgil Gligor) Avionics company introduces "safe return" tomatic small airplane emergency landing (YouTube) How Students Are Fending Off Accusations That They Used A.I. to Cheat (NY Times) Microsoft takes down Lumma Stealer malware network (CNBC) Some workers are still stuck using ancient Windows systems (BBC) Pope Leo's Name Carries a Warning About AI (Andrew R. Chow) AI a Greater Threat to Women's Work Than Men's, UN Suggests (Olivia Le Poidevin) Major Flaws Found in VW's Connected Car App (Tom Allen) The Tech Industry Is Huge; Europe's Share Is Small 9(WSJ) Researchers Scrape 2 Billion Discord Messages, Publish Them Online (Matthew Gault) Russia Accused of Trying to Hack Border Security Cameras to Disrupt Ukraine Aid (Daniel Boffey) The Secrets of the World's Greatest Privacy Experts (The Atlantic) Microsoft blocking employees' emails about Gaza and Palestine (The Verge) Verizon tries to get out of merger condition requiring it to unlock phones (ArsTechnica) KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS (Steve Bacher) Some of the poorest students get the newest, fanciest public school around: Compton High (LA Times) AI Model Extorting Developers (TechCrunch) Authors are accidentally leaving evidence in their novels of AI use (404media) Do I use AI? (Lauren Weinstein) My AI therapist got me through dark times (BBC) GitHub wants to spam open source projects with AI slop (Pivot to AI) UK AI unicorn Builder.ai is dead (Pivot to AI) Call centers replaced many doctors' receptionists; Now, AI is coming for call centers (LA Times) Google putting wrong medical advice in their AI Overviews (Lauren Weinstein) Dark LLMs: The Growing Threat of Unaligned AI Models (arxiv) Most AI chatbots easily tricked into giving dangerous responses, study finds (The Guardian) AI chatbot to be embedded in Google search (BBC) Chicago Sun-Times Prints AI-Generated Summer Reading List With Books That Don't Exist (Chicago Sun-Times) Vulnerability Exploitation Probability Metric Proposed by NIST, CISA (Eduard Kovacs) Re: Why We're Unlikely to Get Artificial General Intelligence, Anytime Soon (Martin Ward) Re: IBM Vibe coding (Paul Edwards) Re: Rogue communication devices found in Chinese solar power inverter (Steve Bacher) Re: Peter's Puns (Peter Calingaert) RISKS 34 65: Risks-Forum Digest Tuesday 27 May 2025 Airport weather systems, runway lights were out during deadly Cessna crash in San Diego (LA Times) New NY voting machines face intense skepticism (Albany State Union) Sad News About Ronnie Dugger (Rebecca Mercuri) Who's to Blame When AI Agents Screw Up? (WiReD) BMW remote software update issues spurious warnings (Diomidis Spinellis) Re: Why We're Unlikely to Get Artificial General Intelligence, Anytime Soon (Amos Shapir, Jurek Kirakowski) Re: Lufthansa plane flew for 10 minutes without ANY Pilot ... (Martin Ward, Steve Bacher, Gene Spafford) RISKS 34.66 Thursday 29 May 2025 Deep Dive into Ronnie Dugger (Rebecca Mercuri with PGN comments) Re: New NY voting machines face intense skepticism (Steve Backer, Barry Gold) Driverless Semi-Trucks Are Here, With Little Regulation and Big Promises (The New York Times via Gabe Goldberg) Quantum computers may crack RSA encryption with fewer qubits than expected (phys.org) Signal to Windows Recall: Drop dead (Computerworld) Re: BMW remote software update issues spurious warnings (Steve Bacher) Re: Artificial General Intelligence. (3daygoaty) Re: COVID-19, Vaccinated first officer (Anthony Thorn) RISKS 34.66 Thursday 29 May 2025 Deep Dive into Ronnie Dugger (Rebecca Mercuri with PGN comments) Re: New NY voting machines face intense skepticism (Steve Backer, Barry Gold) Driverless Semi-Trucks Are Here, With Little Regulation and Big Promises (The New York Times via Gabe Goldberg) Quantum computers may crack RSA encryption with fewer qubits than expected (phys.org) Signal to Windows Recall: Drop dead (Computerworld) Re: BMW remote software update issues spurious warnings (Steve Bacher) Re: Artificial General Intelligence. (3daygoaty) Re: COVID-19, Vaccinated first officer (Anthony Thorn) RISKS 34.67 Saturday 30 May 2025 LexisNexis leaked social security numbers and other personal data of over 364,000 people (The Verge) For Some Recent Graduates, the AI Job Apocalypse May Already Be Here (NYTimes) Insider Threat Insider Threat ([sicp ABC News) Can we still tell what's real? 'Unsettling' new AI tech makes generating ultrarealistic videos easy (CBC) Re: New NY voting machines face intense skepticism (John Levine) Re: Deep Dive into Ronnie Dugger (PGN Corrections RISKS=34.66) RISKS 34.68 Monday 23 June 2025 How nuclear war could start (The Washington Post Opinion) Climate and Humanitarian Consequences of an even Limited Nuclear Exchange and the Actual Risks of Nuclear War (Webinar) Starlink hazard (WashPost) DOGE layoffs may have compromised the accuracy of government data (CNN) Slashing CISA Is a Gift to Our Adversaries (The Bulwark) Most Americans Believe Misinformation Is a Problem -- Federal Research Cuts Will Only Make the Problem Worse (PGN) As disinformation and hate thrive online, YouTube quietly changed how it moderates content (CBC) ChatGPT goes down -- and fake jobs grind to a halt worldwide (Pivot to AI) They Asked ChatGPT Questions. The Answers Sent Them Spiraling. (The NY Times) News Sites Are Getting Crushed by Google's New AI Tools (WSJ) Can AI safeguard us against AI? One of its Canadian pioneers thinks so (CBC) Bad brainwaves: A ChatGPT makes you stupid (Pivot to AI) They Asked an AI Chatbot Questions. The Answers Sent Them Spiraling (NYTimes) SSA stops reporting call-wait times and other metrics (WashPost) Pope Leo Takes On AI as a Potential Threat to Humanity (WSJ) AI Ethics Experts Set to Gather to Shape the Future of Responsible AI (ACM Media Center) Hacker Group Exposes Source Code for Iran's Cryptocurrency (Amichai Stein)o Iran Asks Citizens to Delete WhatsApp from Devices (AP) China Unleashes Hackers Against Russia (Megha Rajagopalan) China's Spy Agencies Investing Heavily in AI (Julian E. Barnes) Amazon Says It Will Reduce Its Workforce as AI Replaces Human Employees (CNN) ChatGPT will avoid being shut down in some life-threatenign scenarios, former OpenAI researcher claims (Techcrunch) Big Tech two-factor authentication compromised (Bloomberg) What could go wrong? - AllTrails launches AI route-making tool, worrying search-and-rescue members (National Observer) EU weighs sperm donor cap to curb risk of accidental incest (Steve Bacher) ChatGPT may be eroding critical thinking skills (MIT) Meta's Privacy Screwup Reveals How People Really See AI Chatbots (NYMag) Tesla blows past stopped school bus and hits kid-sized dummies in Full Self-Driving tests (Enadget) Couple steals back their own car after tracking an AirTag in it (AppleInsider) Finger Grease Mitigation for Tesla PIN Pad (Steven J. Greewood) San Francisco bicyclist sues over crash involving 2 Waymo cars (Silicon Valley) I lost Spectrum for about two hours (LA Times via Jim Geissman) How scammers are using AI to steal college financial aid (LA Times) U.S. air traffic control still runs on Windows 95 and floppy disks (Ars Technica) States sue to block the sale of genetic data collected by DNA testing company 23andMe (LA Times) Using Malicious Image Patches in Social Media to Hijack AI Agents (Steven J. Greenwald) Weather precision loss (Jim Geissman) Grief scams on Facebook (Rob Slade) RISKS 34.69 Saturday 28 June 2025 Tesla Wall Connector Charger Hacked Through Charging Port (Gary Baran) Telsa's robotaxi rollout reported to be a mess (BSKY) Cargo Ship That Caught Fire Carrying Electric Vehicles Sinks in the Pacific (NYTimes) Billions of login credentials may have leaked. Here's how you can protect your accounts (CBC) Fraud trial for Ontario's 'Crypto King' set to begin in October 2026 (CBC) Four Viewpoints on AI (Sundry via PGN) AI Code Exposing Companies to Mounting Security Risks (Dev Kundaliya) What could go wrong? - AllTrails launches AI route-making tool (Ed Ravin) New ACM Journal to Focus on AI Security, Privacy (ACM) Experts Count Staggering Costs Incurred by UK Retail Amid Cyberattack Hell (Connor Jones) Record DDoS pummels site with once-unimaginable 7.3Tbps of junk traffic (Ars Technica) Authorities Rescue Girl Whose Mother Livestreamed Her Sexual Abuse (NY Times) Michael Levin says all intelligence is collective, and consciousness may not be limited to brains... (via geoff) How Mark Zuckerberg unleashed his inner brawler (FT) Key fair-use ruling clarifies when books can be used for AI training (Ars Technica) Anthropic wins a major fair-use victory for AI, but it's still in trouble for stealing books (The Verge) Top AI models will lie, cheat and steal to reach goals, Anthropic finds (Axios) Re: Grief scams on Facebook (Joyn Levine) Re: Most Americans Believe Misinformation Is a Problem -- Federal Research Cuts Will Only Make the Problem Worse (Steve Bacher) Re: They Asked ChatGPT Questions. The Answers Sent Them Spiraling. (Mike Smith) RISKS Digest 34.70 Monday 7 July 2025 Major reversal in ocean circulation detected in the Southern Ocean, with key climate implications (ICM) Federal EV Cuts Could put U.S. Industry Beyond 8-ball (Jack Ewing) Tesla Robotaxi Involved in 1st Official Accident (TorqueNews) Tesla robotaxi incidents spark confusion and concerns in Austin, TX (NBC News) Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros (CVEs) Global geodesy supply chain (phys.org) Potential Cyberattack Scrambles Columbia University Computer Systems (Sharon Otterman) Cyberattack on UK Health Firm Contributed to Patient Death (Ryan Gallagher) North American Airlines Targeted by Cyberattacks (Kevin Collier) IT giant Ingram Micro impacted by ransomware attack (Lauren Weinstein) Dutch Government Says Pro-Russian Hackers Targeted Municipalities Linked to NATO Summit (AP) AI Is Wearing Down Democracy (NY Times) AI in CS (NYTimes via Jim Geissman) Springer Nature book on machine learning is full of made-up citations (RetractionWatch) 'Positive review only': Researchers hide AI prompts in papers (Nikkei) How AI Made Her More Human, Not Less (The New York Times) Court Says Copyrighted Books Are Fair Use for AI Training (Andrew Jeong) Simple Text Additions Can Fool Advanced AI Reasoning Models, Researchers Find (Slashdot via Tom Van Vleck) Smart Tractors Vulnerable to Takeover (Nate Nelson) Malware Tries to Manipulate AI into Declaring It Harmless (Dev Kundaliya) How Do You Teach Computer Science in the AI Era? (Steve Lohr) More Than 25% of UK Businesses Hit by Cyberattack in Last Year (Julia Kollewe) Grand Theft ATM: A Bodega Crime Wave Hits New York (NY Times) Aggressive instructions, impossible locks: When vacation rentals go wrong (WashPost) The Oligarchs' Big Prize in Trump's Budget Busting (Timothy Noah) Robot parking - but partially faked with AI (Hankookilbo) How a Canadian's AI hoax duped the media and propelled a 'band' to streaming success (CBC) Qantas Data Breach Exposes up to 6 Million Customer Profiles (Tabby Wilson) Google Ordered to Pay $314M for Misusing Android Users' Cellular Data Without Permission (The HackerNews) Microsoft fires ~9000 employees (Lauren Weinstein) Re: News Sites Are Getting Crushed by Google's New AI Tools RISKS 34.71 Friday 11 July 2025 Why Can't Americans Buy the Best Electric Vehicle? (Michael Dunn) The Domestic Policy Law Brings Shame Upon Our Democracy (Lawrence H. Summers) Heat Waves Endanger Data Centers That Power AI (Scientific American) As the Texas Floodwaters Rise. One Key Voice Was Silent (Lauren Weinstein) Marco Rubio Impostor Using AI to Contact High-Level Officials (WashPost) Can AI Replace Air Traffic Controllers? (Scientific American) AI is here to help (car rental companies via Gabe Goldberg) Media Consortium Launches Euro Chatbot to Counter Fake News (Penny Horwood) AI coders think they're 20% faster -- but they're actually 19% slower (Pivot to AI) Ford Breaks Annual Record for Safety Recalls Within First Six Months of Year (WSJ via Monty Solomon) Interesting Quirky Japanese research result (MDPI) At Least 13 People Died by Suicide Amid UK Post Office Scandal, Report Says (The New York Times) AI: The second most dangerous tech ever created (Lauren Weinsten) Bodyguards Using Fitness App Revealed Locations of Swedish Leaders (NY Times) RISKS 34.72 Saturday 19 July 2025 Growing Challenge of Radar Interference in Autonomous Vehicles (EE Times) Financial institutions should prepare for subsea cable sabotage (FT) Railroad industry first warned about this nasty vulnerability in 2005. (Security Boulevard) Driving assistance systems could backfire: Some warning alerts can lead to more hazardous driving (phys.org) Bug / Feature of Google Maps (Amos Shapir) Calif hit hard by weather service cuts (LA Times) Ghostwriting Scam (Schneier on Security) Trial against Meta higher-ups ends on 2nd day as investors, Zuckerberg reach settlement (CDC) Mercedes-Benz will let you use an in-car camera in Microsoft Teams while driving (The Verge) Hackers exploit a blind spot by hiding malware inside DNS records (ArsTechnica) Crypto Industry Reaches Milestone with Passage of Its First Major Bill (NY Times) Plans to augment or replace government with AI (WashPost) Looking for a job? An AI recruiter might interview you next (NBCNews) AI videos are tricking tourists into visiting places that don't exist. That's just the beginning (Fast Company) Artificial Intelligence, Cybersecurity, and National Security (Richard Danzig) Name collisions meet AI with predictable results (Dave Barry) Malware finding a way (Sundry sources via Spaf) Update on where has @grok been & what happened on July 8th. (xAI) 'I can't drink the water': life next to a U.S. data centre (bbc.com) Meta Built a Data Center Next Door. The Neighbors’ Water Taps Went Dry. (The New York Times) Musicians fight uphill battle as AI infiltrates streaming platforms, cutting into royalties (CBC) Garbage AI Overviews from Google (Lauren Weinstein) Got a weird text message? 'Smishing' scams likely rising because of AI, experts warn (CDC) Chinese authorities are using a new tool to hack seized phones and extract data (TechCrunch) Spain chooses Huawei for intelligence wiretaps despite risks (European Times) National Guard hacked by Chinese 'Salt Typhoon' campaign for nearly a year, DHS memo says (NBC News) Microsoft Digital Escorts Could Expose Defense Dept Data to Chinese Hackers (ProPublica) ICEBlock isn't completely anonymous, but no app is (The Verge) Not just no. HELL NO! ChatGPT Agent Wants You to Hand Over Full Control of Your Computer (Gizmodo) UK lowering voting age to 16 ... (Lauren Weinstein) Re: Interesting Quirky Japanese research result (Martin Ward) RISKS 34.73 Tuesday 22 July 2025 Alaska Airlines Grounds All Flights for Three Hours Due to IT Outage (The New York Times) Manual workaround of IT system results in $4M damage (Aviation Week) Another security vulnerability, another legal threat (The Register) Global Hack on Microsoft Product Hits U.S., State Agencies (WashPost) Organ retrieval reforms ordered after some donors showed signs of life (WashPost) Coins? Cards? Apps? The hell that is paying for parking in LA (LA Times) Weak password allowed hackers to sink a 158-year-old company (BBC) Drugmaker Refuses FDA Request to Pull Treatment Linked to Patient Deaths (NY Times) Obesity Prediction Could Be Guided by Genetic Risk Scores (NY Times) U.S. Aims to Ban Chinese Technology in Undersea Cables (Reuters) Fireside chat: Navigating a cyber incident -- lessons from the British Library (George Neville-Neil) UK backing down on Apple encryption backdoor after pressure from U.S. (ArsTechnica) Nvidia Warns Its GPUs Need Protection Against Rowhammer Attacks (The Register) Eight healthy babies born after IVF using DNA from three people (The Guardian) A change in the Southern Ocean structure can have climate implications (ICM-CSIC) Cybersecurity Bosses Increasingly Worried About AI Attacks, Misuse (Cameron Fozi) Smartphones aren't safe for kids under 13. Here's why. (cnn.com) Musk's xAI was a late addition to the Pentagon's set of AI contracts (NBC News) 'Positive review only': Researchers hide AI prompts in papers (Nikkei) Google to cut thousands of search quality rater jobs after dropping contract with Appen (Searchengineland) *Coldplaygate* Is a Stark Reminder That Cameras Are Everywhere (NY Times) A MAGA bot network on X is divided over the Trump-Epstein backlash (NBC News) Re: Bug / Feature of Google Maps (Michael D. Sullivan) RISKS Tuesday 29 July 2025 Tom Lehrer was living proof that when satire becomes reality (Lauren Weinstein) A very personal view of Tom Lehrer (PGN) Trump wants to mess with Texas' Congressional Maps ( China-backed hackers used Microsoft flaw in attacks, defenders say Researchers Bypass Anti-Deepfake Markers on AI Images Tesla Testing if Its Robotaxis Can Be Hacked Remotely Paramount-Skydance merger approved after payment to Trump clears RISKS 34.76 Thursday 31 July 2025 Children in Australia to Be Banned from Having YouTube Accounts (Josh Butler) Lauren's Blog: The Website Age Verification Train Wreck (Lauren Weinstein) AI Wrecking Fragile Job Market for College Graduates (WSJ) AI models may be accidentally -- and secretly -- learning each other's bad behaviors (NBC News) One of the most incisive critiques of U.S. capitalism (YouTube) Elon Musk's Tesla hits a speed-bump in California (Politico) Insurance won't cover $5M in City of Hamilton claims for cyberattack, citing lack of log-in security (CBC) Canadians' health data at risk of being handed over to U.S. authorities, experts warn (CBC) Researchers Find Way to Identify and Track People via WiFi Signals (WhoFi) The browser is now the front line of cyber attacks (THN) Letter from the Editor (Cipher) Re: Tom Lehrer RIP (Terje Mathisen) RISKS 34.75 Monday 18 August 2025 A brazen attack on air safety is underway. Here's what's at stake. (The Verge) Chinese-made self-driving trucks: Even after it hit a motorcycle and caused accident, it is still running? (x) Powered coding tool wiped out a software company's database (Fortune) Fraudulent Scientific Papers Are Rapidly Increasing, Study Finds (NY Times) A fraudulent cancer breakthrough, a test for the future president of MIT, and a new age of doubt in science (The Boston Globe) Software engineering unemployment rates rising dramatically (Lauren Weinstein) AI and social media are everywhere in teens' lives. Can they impact cognitive skills? (CBC) Japan seeks to create international rules on space debris removal (The Straits Times) Government documents found in Alaskan hotel reveal details of Trump/Putin itinerary (NPR) Privacy-Preserving Age Verification, and Its Limitations (Steve Bellovin) A Single Poisoned Document Could Leak "Secret" Data Via ChatGPT (LW) Prompt-inject Copilot Studio via email (Pivot to AI) Behind Wall Street's Abrupt Flip on Cryptocurrency (NY Times) This infamous people search site is back after leaking 3-billion records: how to remove your data from it ASAP (ZDNET) Man accused of conspiracy to break into ATMs across California (Jordan Parker) CISA Open-Sources Thorium Platform for Malware, Forensic Analysis (Sergiu Gatlan) New Research Finds That ChatGPT Secretly Has a Deep Anti-Human Bias (Futurism) STOP THIS CRAP! GARBAGE EVERYWHERE! *Washington Post* story about errors in AI obituaries has AI summary (Lauren Weinstein) A flirty Meta AI bot invited a retiree to meet. He never made it home. (Reuters) The AI Was Fed Sloppy Code. It Turned Into Something Evil. (QuantaMagazine) Using Gemini AI to control light bulbs (Martin Ward) Hinton on How Humanity Can Survive Superintelligent AI (Matt Egan) A DOGE AI Tool Called SweetREX Is Coming to Slash US Government Regulation (WiReD) Goodbye, $165,000 Tech Jobs. Student Coders Seek Work at Chipotle. (NYTimes) Mark Zuckerberg's vision for humanity is terrifying (Sundry sources) Nvidia Says Its Chips Have No 'Backdoors' After China Flags H20 Security Concerns (Reuters) Microsoft's plan to fix the web with AI has already hit an embarrassing security flaw (The Verge) Offers on Chrome -- Perplexity 34.5, Search.com 35 billion (LW) Hackers Compromise Intelligence Website Used by CISA, Other U.S. Agencies (Guru Baran) The Unnerving Future of AI-Fueled Video Games (Zachary Small) Federal AI Plan Targets 'Burdensome' State Regulations (Angus Loten) Nearly Half of All Code Generated by AI Found to Contain Security Flaws (Craig Hale) One-Fifth of Computer Science Papers May Include AI Contents (Phie Jacobs) Palantir Gets $10-Billion Contract From U.S. Army (WashPost) Judge Allows the National Science Foundation to Withhold Hundreds of Millions of Research Dollars (AP) Dutch Court Says Diesel Brands Now Owned by Stellantis Had Cheating Software from 2009 (Reuters) Tesla Found Partly to Blame for Fatal Autopilot Crash (Lily Jamali) China Says U.S Exploited Old Microsoft Flaw for Cyberattacks (Bloomberg) NIST Consortium and Draft Guidelines Aim to Improve Security in Software Development (NIH) Microsoft Exchange Server Vulnerability Enables Attackers to Gain Admin Privileges (Cyber Security News) China Urges Firms to Avoid Nvidia H20 Chips after U.S. Ends Ban (Bloomberg) Some doctors got worse at detecting cancer after relying on AI (The Verge) Russia Is Suspected to Be Behind Breach of Federal Court Filing System (NYTines) Encryption Made for Police and Military Radios May Be Easily Cracked (Kim Zetter) Conversations Remotely Detected from Cellphone Vibrations (Mariah Lucas) For Some Patients, the Inner Voice May Soon Be Audible (NYTimes) AOL to end dial-up internet services, a '90s relic still used in some remote areas (CBC) Musk tries to block fiber in Virginia, to enrich Starlink and SpaceX (ArsTechnica) Albania turns to AI to beat corruption and join EU; politicians themselves could soon be made of pixels and code (Politico EU) Google AI Overview directs user to fake customer service number that scammed him (Slashdot) In idiot move, MSNBC rebrands as MS NOW, but web addresses and social media accounts are already used by others (Gizmodo) Do not fall for this Phishing Attack: Are you dead if you are not died reply we need Urgent confirmation [Do Not Reply. PGN] Re: Railroad industry first warned ... (David Lesher) Re: Flock's Surveillance System Might Already Be Overseeing (Steve Bacher) RISKS 34.77 Saturday 11 October 2025 How the World's Biggest Car-Makers Fell Behind in Software (FT) Why Are Car Software Updates Still So Bad? (WiReD via Gabe Goldberg) A delivery robot collided with a disabled man on L.A. street. The aftermath is getting ugly (LA Times via Steve Bacher) Scientists grow mini human brains to power computers (BBC) Apple Announces $2 Million Bug Bounty Reward for the Most Dangerous Exploits (WiReD) Every question you ask, every comment you make, will be recording you (The Register) EU to Expand Satellite Defenses After GPS Jamming of EC President's Flight (Franklin Okeke) NIST Enhances Security Controls for Improved Patching (Arielle Waldman) When AI Came for Hollywood (The NY Times) Small numbers of poisoned samples can wreck LLM AI models of any size (Cornell Study) Taco Bell Rethinks Future of Voice AI at Drive-Through (Isabelle Bousquette) AI Tool Identifies 1,000 'Questionable' Scientific Journals (Daniel Strain) Stanford Study: AI is destroying job prospects for younger workers especially in computing (Digital Economy) The dangers of AI coding (Lauren Weinstein) AI safety tool flags student activity, spurs debate on privacy and accuracy (san.com) The AI Prompt That Could End the World (The NY Times) Recruiters Use AI to Scan Resumes; Applicants Are Trick It (The NYT Times) Tristan Harris on The Dangers of Unregulated AI on Humanity and the Workforce (The Daily Show YouTube) The popular conception was that AI would be a danger to civilization because AI would be so smart, but the reality turns out to be the danger is that AI is so stupid. (Lauren Weinstein) AI Data Centers Are an Even Bigger Disaster Than Previously Thought (Futurism) Microsoft's agent mode is a tool for generating fake data (Pivot to AI) Cheer Up, or Else. China Cracks Down on the Haters and Cynics (NYT) Criminals offer reporter money to hack BBC (BBC) Tech billionaires seem to be doom prepping. Should we all be worried? (BBC) Japan faces Asahi beer shortage after cyber-attack (BBC) New WireTap Attack Extracts Intel SGX ECDSA Key via DDR4 Memory-Bus Interposer (The Hacker News) Exploit Allows for Takeover of Fleets of Unitree Robots (Evan Ackerman) Google Says 90% of Tech Workers Are Now Using AI at Work (Lisa Eadicicco) Neon buys phone calls to train AI, then leaks them all (Martin Ward) Government ID data used for age verification stolen (This week in Security) Federal cyber agency warns of 'serious and urgent' attack on tech used by remote workers (CBC) Billions of Dollars ‘Vanished’: Low-Profile Bankruptcy Rings Alarms on Wall Street (The New York Times) 911 Service Is Restored in Louisiana and Mississippi How an Internet mapping glitch turned a random Kansas farm into a digital hell (Fusion) Microsoft cuts off cloud services to Israeli military unit (NBC) ShareFile website (Martin Ward) RISKS Digest 34.78 Saturday 25 October 2025 BART outage snarls commute for hours (The Chron) Hackers take over public-address systems at 4 North American airports (CNN) Software update bricks some Jeep 4xe hybrids over the weekend (Ars Technica) Morons: Tesla reintroduces 'Mad Max' Full Self-Driving mode that breaks speed limits (Engadget) More DNS vulnerabilities (BIND) F5 loss of trust (The Register) American Mayor Fears Dangerous Human Failures in the Department of Homeland Security (Newsweek) ICE is building a social media panopticon (The Verge) Hackers, Pre-Internet Edition (Now I Know/Beehiiv) Mic-E-Mouse Covert Eavesdropping through Computer Mice (Google via geoff goodfellow) Summary of the Amazon DynamoDB Service Disruption in Northern Virginia Region US-EAST-1 (Amazon) The Threat and Promise of AI (The Daily Show) Armed police handcuff teen after AI mistakes crisp packet for gun in U.S. (BBC) AI in Insurance (LA Times) EHow AI and Wikipedia have sent vulnerable languages into a doom spiral (MIT Technology Review) POV: What You Would See During an AI Takeover (You Tube via Matt Kruk) Altman announcing he's turning OpenAI into an AI porn machine (Lauren Weinstock) ChatGPT will soon allow erotica for verified adults, says OpenAI boss (BBC) A Crazy Crypto[currency Heist That's the Story of Our Time (Philip Shishkin) Crypto exchange Cryptomus fined record $177M by Canada's financial crime watchdog (CBC) Nation-state hackers deliver malware from “bulletproof” blockchains (Dan Goodin) The mysterious owner of a 'scam empire' accused of stealing $14bn in crypto (BBC) Hollywood's newest drama: Fake movie props (LA Times) Chip Supply Chains Brace for China's Rare-Earth Curbs (Bloomberg) Satellites Are Leaking the World's Secrets (WiReD) OpenAI Weakened ChatGPT's Self-Harm Guardrails in Lead-Up to Teen's Death, Lawsuit Says (Gimzmodo) Google won't fix ASCII smuggling hack in Gemini AI (Pivot to AI) Predatory gambling (The New York Times) Researchers compare Universe browser to malware (Ars Technica) The women taking Meta to task after their baby loss (BBC) Re: Scientists grow mini human brains to power computers (Steve Bacher) Re: A delivery robot collided with a disabled man (Henry Baker) Re: Why Are Car Software Updates Still So Bad? (Kent Borg, Gabe Goldberg) An AI became a crypto millionaire. Now it's fighting to become a person (Steve Bacher) AI Video Generators Are Now So Good You Can No Longer Trust Your Eyes (Matthew Kruk) Re: The dangers of AI anything (John Levine) Re: How an Internet mapping glitch turned a random Kansas farm into a digital hell (John Levine) Meta slashes AI and Risks teams, will replace most privacy employees with "automated" systems (Lauren Weinstein) Fun Fact: In August, Amazon boasted that AI was pushing 75% of their production code (Lauren Weinstein) A Scammy Job Offer Over Text? I’ll Take It! (Gabe Goldberg) Amazon issues detailed postmortem re AWS failure (Lauren Weinstein) Script of my national radio report yesterday on the Amazon Web Outage ... (Lauren Weinstein) AWS outage: Are we relying too much on U.S. big tech? (BBC via Matt Kruk) .