Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit precedence: bulk Subject: Risks Digest 34.67 RISKS-LIST: Risks-Forum Digest Saturday 30 May 2025 Volume 34 : Issue 67 ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, founder and still moderator ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at as The current issue can also be found at Contents: LexisNexis leaked social security numbers and other personal data of over 364,000 people (The Verge) For Some Recent Graduates, the AI Job Apocalypse May Already Be Here (NYTimes) Insider Threat Insider Threat ([sicp ABC News) Can we still tell what's real? 'Unsettling' new AI tech makes generating ultrarealistic videos easy (CBC) Re: New NY voting machines face intense skepticism (John Levine) Re: Deep Dive into Ronnie Dugger (PGN Corrections RISKS=34.66) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Fri, 30 May 2025 09:48:03 -0400 From: Monty Solomon Subject: LexisNexis leaked social security numbers and other personal data of over 364,000 people (The Verge) https://www.theverge.com/news/675702/lexisnexis-data-broker-breach-social-security-numbers ------------------------------ Date: Fri, 30 May 2025 18:50:35 -0400 From: Monty Solomon Subject: For Some Recent Graduates, the AI Job Apocalypse May Already Be Here (NYTimes) The unemployment rate for recent college graduates has jumped as companies try to replace entry-level workers with artificial intelligence. https://www.nytimes.com/2025/05/30/technology/ai-jobs-college-graduates.html ------------------------------ Date: Fri, 30 May 2025 10:17:51 -0400 From: "Steven J. Greenwald" Subject: Insider Threat Insider Threat [Sic ABC News) Here, have an ABC News story about an Information Security worker specializing on insider threat at U.S., DIA. A snippet: "An IT specialist employed by the Defense Intelligence Agency was arrested Thursday and charged with attempting to provide classified information to a friendly foreign government". Not much seems to have changed regarding insider threat. (The story did give me a chance to Quine the subject though.) https://abcnews.go.com/US/intelligence-agency-specialist-charged-attempting-provide-classified-information/story?id=122329650 [There's an inQuined plane hiding amongst us. I had the advanced logic class with Willard Van Ormand Quine in 1954, but had never heard him Verbed before. I suppose it's quite logical to do so. PGN ------------------------------ Date: Fri, 30 May 2025 05:55:59 -0600 From: Matthew Kruk Subject: Can we still tell what's real? 'Unsettling' new AI tech makes generating ultrarealistic videos easy (CBC) https://www.cbc.ca/news/canada/google-ai-videos-1.7545853 The news anchor looks professional, alert and slightly concerned. "We're getting reports of a fast-moving wildfire approaching a town in Alberta," she says in the calm-yet-resolute voice audiences have come to expect of broadcast journalists relaying distressing news. The video is 100 per cent fake. It was generated by CBC News using Google's new AI tool, Veo 3. But the unknowing eye might not realize it. That's because the video-generation model Veo 3 is designed to be astonishingly realistic, generating its own dialogue, sound effects and soundtracks. ------------------------------ Date: 29 May 2025 14:33:20 -0400 From: "John Levine" Subject: Re: New NY voting machines face intense skepticism (Gold, RISKS-34.66) It appears that Barry Gold said: >>From the description of ExpressVote XL, it appears to be secure against >these kinds of attacks. In the event of a challenge, the paper ballots can >be be run through an independent tallying system and/or hand-counted. Any >discrepancy between the human-readable hardcopy and the barcodes would be >readily detected. >But the article mentions two other problems: 1. the system is expensive >compared with other computer-assisted systems, and 2. voters report that it >was difficult to use. It strikes me as optimizing for the same thing. It has a whizzo touch screen that is supposed to make it usable by blind voters, except that a lot of us who aren't blind are not fans of touch screens. I live in NY and our county, like most of them, uses hand-marked paper ballots which you feed into a machine that accepts it if it can read your marks. You put a mark next to the candidate's name or YES or NO, no question that you know who you voted for. The counting machines are more sophisticated than they look -- during early voting, when you sign in in they print a ballot for your district on the spot, which you then mark and feed into the machine. There's a barcode that says which ballot it is (also printed in text) which I expect it uses to know where to look for the marks. While I believe that it is important for disabled people to be able to vote, I also believe this is not a new problem and if we could figure out how blind people could vote with lever machines or hand-counted paper ballots, we can deal with the ballots we use now. ------------------------------ Date: Thu, 29 May 2025 8:09:36 PDT From: RISKS List Owner Subject: Re: Deep Dive into Ronnie Dugger (PGNCorrections RISKS-34.66) It's amazing! Just this morning I circulated Ronnie's 1988 New Yorker article to the folks at the League of Women Voters added to the copy list for this email. Rebecca, you, Ronnie and Peter are the folks who introduced me to the election integrity issues that motivated me to get involved in election administration for the last 35 years [not 45 from Doug']. Just this morning, prompted by the NYLWV I opened Computer Related Risks for the first time this year. Doug Kellner [not Jim Churchill, noted by DrM).] ------------------------------ Date: Sat, 28 Oct 2023 11:11:11 -0800 From: RISKS-request@csl.sri.com Subject: Abridged info on RISKS (comp.risks) The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is comp.risks, the feed for which is donated by panix.com as of June 2011. => SUBSCRIPTIONS: The mailman Web interface can be used directly to subscribe and unsubscribe: http://mls.csl.sri.com/mailman/listinfo/risks => SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that includes the string `notsp'. Otherwise your message may not be read. *** This attention-string has never changed, but might if spammers use it. => SPAM challenge-responses will not be honored. Instead, use an alternative address from which you never send mail where the address becomes public! => The complete INFO file (submissions, default disclaimers, archive sites, copyright policy, etc.) has moved to the ftp.sri.com site: . *** Contributors are assumed to have read the full info file for guidelines! => OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's delightfully searchable html archive at newcastle: http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue. Also, ftp://ftp.sri.com/risks for the current volume/previous directories or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume If none of those work for you, the most recent issue is always at http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-34.00 ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001) *** NOTE: If a cited URL fails, we do not try to update them. Try browsing on the keywords in the subject line or cited article leads. Apologies for what Office365 and SafeLinks may have done to URLs. ==> Special Offer to Join ACM for readers of the ACM RISKS Forum: ------------------------------ End of RISKS-FORUM Digest 34.67 ************************ .