RISKS-LIST: Risks-Forum Digest Saturday 4 May 2024 Volume 34 : Issue 22 ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, founder and still moderator
***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <http://www.risks.org> as <http://catless.ncl.ac.uk/Risks/34.22> The current issue can also be found at <http://www.csl.sri.com/users/risko/risks.txt> Contents: Locating where a photo was taken (Jeremy Epstein) Russia Accused of Meddling in GPS Systems (France24) An AI tool used in thousands of criminal cases is facing legal challenges (NBC News) SonarMed Inc. Recalls Airway Monitors Due to a Software Anomaly Resulting in Failure to Detect a Partial Obstruction in 2.5mm Sensors and Up To 3mm Distal to the Sensor Tip (Einpresswire) Engine cover falls off Boeing plane, hits wing flap; Southwest flight returns to Denver airport (NBC News) AI Faces Its 'Oppenheimer Moment (Jonathan Tirone) AI priest avatar gets the chop in first week of digital ministry - (Catholic Herald) Meta AI falsely claims lawmakers were accused of sexua harassment (City & State New York) ChatGPT provides false information about people (NOYB) GitHub's Take on AI-Powered Software Engineering (Kyle Wiggers) Developers seethe as Google surfaces buggy AI-written code (The Register) Precision Attacks Target Intel and AMD Processors (ScienceBlog) Phone Keyboard Exploits Leaves Billion Users Exposed (Margo Anderson) Coffee County, GA, this time ransomware (Douglas Lucas) EU Investigates Meta Over Fears of Election Interference, Foreign Disinformation (Brian Fung) Lawsuits test Tesla claim that drivers are solely responsible for crashes (WashPost) UK bans devices with weak passwords (Computing) Net Neutrality Is Back as FCC Votes to Regulate Internet Providers (Brian Fung) FCC Fines Wireless Carriers About $200 Million for Sharing Customer Data (WSJ) London Drugs closes stores until further notice due to cyberattack (CBC News) Century wrap-around: 101-year old becomes 1-year old (BBC) Healthcare giant comes clean about recent hack and paid ransom (ArsTechnica) Google SGE and shoplifting (Lauren Weinstein) New York Daily News, Chicago Tribune, and others sue OpenAI and Microsoft (The Verge) Can AI-powered drive-throughs save the day for fast food operators? (LATimes) Unexpected S3 bucket costs (Medium) CenturyLink left users with no service for two months, then billed them $239 (ArsTechnica) More customers say 'tap-to-pay' charged their credit card through bags, pockets (ABC7) New Job Scams Targeting Young Professionals Are Flourishing (WSJ) Court upholds New York law that says ISPs must offer $15 broadband (ArsTechnica) We Are Blowing the Fight to Contain Bird Flu (NYTimes) Covid Vaccine Side Effects: 4 Takeaways From Our Investigation (NYTimes) Re: We're always fighting the last war (Amos Shapir) Re: A Chinese firm is America's favorite drone maker except in Washington (Lauren Weinstein) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Fri, 3 May 2024 09:28:45 -0400 From: Jeremy Epstein <jeremy.j.epst...@gmail.com> Subject: Locating where a photo was taken Readers of RISKS are quite aware that most photos taken these days have embedded GPS data. I learned yesterday about geospy.ai <https://l.facebook.com/l.php?u=http%3A%2F%2Fgeospy.ai%2F%3Ffbclid%wZX= h0bgNhZW0CMTAAAR2rXPkUMJF25CnDgRycn3se6hDOhh5goDEGvPLGP-rqHbw2dD6T1xmQYi8_a= em_AWrS5muaJoIeuBHvjvmpl7FeajnQSE2iKmunEQqQq0pi185qxhmdYVFmHKdrlwvIvS5Dghy2= dlcNSXi2HeAi24he&h=AT1xfgfzcOu0ZtYm2FfaS-PNYJTqTRKREXEIq0fBy7NgzZ8FJixLLZ= EmETk4kkPgyv25NrB1O59D_axIN2M8HLsHFkyNdIhcDkKbwJJJ11fwjuhXI-rZ9bguxvtJiTU7B= Z25-ls&__tn__=-UK*F>, which claims to identify where a photo was taken using AI and computer vision -- implying that it is not relying on the GPS data. Playing with it, started with some photos my daughter had sent me from Spain and Czechia. It sometimes got the right country, but the explanation was generally wrong -- e.g., it identified one picture as being from Czechia because the signs were in Czech (they were actually in English), there was a Czech flag (not so), and there were cobblestones (there weren't). Another picture from Prague it insisted was in Paris. A picture of my grandson was identified as being taken in a suburban backyard because of the grass, but couldn't get beyond that. A picture taken of the Jefferson Memorial in DC it got right -- perhaps from the GPS data, but there's enough photos of that site that it's not too surprising. Moving on, I provided a picture of my girlfriend's birthday cake sitting on the kitchen counter, with no windows that might provide a view of the outside world. It claims that the photo (which was taken in Falls Church VA) was "taken in Hoboken, New Jersey. This is evident from the street signs, which are in English and use the American spelling of "Hoboken." The buildings in the background are also typical of American architecture. The coordinates of the photo are 40=C2=B043'N 74=C2=B002'W". I ran it again, and it gave a specific address (1100 Maxwell Lane, Hoboken NJ). Another time it said "the photo was taken in New York City because the cake has the words "happy two thirds century Julie" written on it [which is] a reference to the song "happy birthday to you", which was written by two sisters from New York City". Another try said the inscription was "likely a reference to Julie Andrews, who was born in Surrey England, but has lived in New York City since the 1960s". Another try said that the ribbon on the cake is the "color of the New York Yankees ... [and the inscription] is likely a reference to the New York Yankees baseball team, as they have won 27 World Series championships, which is two-thirds of the World Series championships that have been won by all of the teams in Major League Baseball". [Note to non sports fans, including myself -- WIkipedia says the World Series has been played almost every year since 1903, so 27 isn't 2/3 of that. And I don't know if the Yankees have won 27 times.] Yes, it's a beta product, with appropriate disclaimers. It's not an auspicious start. It's hard to imagine people making decisions based on this quality of software, but we're all seeing plenty of blind reliance on AI. ------------------------------ Date: Fri, 3 May 2024 11:20:34 -0400 (EDT) From: ACM TechNews <technews-edi...@acm.org> Subject: Russia Accused of Meddling in GPS Systems (France24) S=C3=88bastian Seibt, France 24, 1 May 24 [May-Day!] GPS signal interference at Tartu airport in Estonia is being attributed to Russia. An increase in such incidents, where signal jamming or spoofing make it difficult to land aircraft safely, has prompted Finland's Finnair to stop its aircraft from landing there over the next month. About 46,000 aircraft flying in and out of Britain since August 2023 have reportedly encountered GPS signal issues over the Baltic Sea. ------------------------------ Date: Fri, 3 May 2024 15:07:39 -0400 From: chuck fee <chuck...@gmail.com> Subject: An AI tool used in thousands of criminal cases is facing legal challenges (NBC News) Black box software with no audit trail and no peer review seems to be a critical piece of prosecutors' cases for murder. And its creator, who refuses to disclose pretty much anything about the program, might have perjured himself. Judges are now tossing the 'evidence.' This line explaining the software's capabilities seemed hard to believe. How does a random third party access to debug-level logging output of a random wifi security camera? And at just the right place and time? *Cybercheck connected the profiles to the scene of the killing within minutes of the homicide using a network address -- a unique number that identifies devices connected to the Internet -- from a Wi-Fi-enabled security camera, according to the filing.* *At least one device -- possibly a phone -- with a suspect's cyber profile had tried to communicate with the camera's Wi-Fi connection, according to the report, Malarcik said.* https://www.nbcnews.com/news/crime-courts/ai-tool-used-thousands-criminal-cases-facing-legal-challenges-rcna149607 ------------------------------ Date: Mon, 29 Apr 2024 12:55:08 -0400 From: Monty Solomon <mo...@roscom.com> Subject: SonarMed Inc. Recalls Airway Monitors Due to a Software Anomaly Resulting in Failure to Detect a Partial Obstruction in 2.5mm Sensors and Up To 3mm Distal to the Sensor Tip (Einpresswire) https://www.einpresswire.com/article/707437349/sonarmed-inc-recalls-airway-monitors-due-to-a-software-anomaly-resulting-in-failure-to-detect-a-partial-obstruction-in-2-5mm-sensors-and-up-to-3mm ------------------------------ Date: Sun, 28 Apr 2024 14:16:49 -0400 From: Monty Solomon <mo...@roscom.com> Subject: Engine cover falls off Boeing plane, hits wing flap; Southwest flight returns to Denver airport (NBC News) https://www.usatoday.com/story/travel/airline-news/2024/04/08/engine-cover-plane-boeing-southwest/73241105007/ ------------------------------ Date: Wed, 1 May 2024 11:50:02 -0400 (EDT) From: ACM TechNews <technews-edi...@acm.org> Subject: AI Faces Its 'Oppenheimer Moment (Jonathan Tirone) Jonathan Tirone, Bloomberg, 29 Apr 2024, via ACM TechNews During an April 29 meeting of civilian, military, and technology officials from more than 100 countries in Vienna, Austria, speakers said governments are running out of time to rein in autonomous weapons systems. "This is the Oppenheimer Moment of our generation," said Austrian Foreign Minister Alexander Schallenberg. Costa Rican Foreign Minister Arnoldo Andr=C3=88 Tinoco said new rules will be required once non-state actors and terrorists have access to the technology. ------------------------------ Date: Mon, 29 Apr 2024 06:22:56 -0700 To: "risks@csl.sri.com" <risks@csl.sri.com> From: Steve Bacher <seb...@verizon.net> Subject: AI priest avatar gets the chop in first week of digital ministry - (Catholic Herald) An AI generated avatar priest that was launched at the start of the week by a Catholic organisation appears to have been digitally defrocked following criticisms and concerns raised about the experiment in using emerging artificial intelligence technology to bolster the Catholic Faith. The âFr. Justinâ interactive AI app was launched by Catholic Answers, a US-based media ministry focused on apologetics and evangelisation, to answer questions about the Catholic faith, using material from the Catholic Answers library of resources, such as articles, talks and apologetics materials. https://catholicherald.co.uk/ai-priest-gets-the-chop-after-one-week-ministry/ ------------------------------ Date: Tue, 30 Apr 2024 14:30:49 +0000 From: Victor Miller <victorsmil...@gmail.com> Subject: Meta AI falsely claims lawmakers were accused of sexua harassment (City & State New York) Sadly, this is only the beginning. https://www.cityandstateny.com/politics/2024/04/meta-ai-falsely-claims-lawmakers-were-accused-sexual-harassment/396121/ ------------------------------ Date: Mon, 29 Apr 2024 07:44:04 -0400 From: Tom Van Vleck <t...@multicians.org> Subject: ChatGPT provides false information about people (NOYB) https://noyb.eu/en/chatgpt-provides-false-information-about-people-and-openai-cant-correct-it ------------------------------ Date: Wed, 1 May 2024 11:50:02 -0400 (EDT) From: ACM TechNews <technews-edi...@acm.org> Subject: GitHub's Take on AI-Powered Software Engineering (Kyle Wiggers) Kyle Wiggers, Tech Crunch, 29 Apr 2024, via ACM TechNews GitHub has unveiled plans for the Copilot Workspace, where AI agents powered by its Copilot coding assistant would help developers brainstorm, plan, build, test, and run code in natural language. GitHub's Jonathan Carter said Workspace would build on new capabilities, such as Copilot Chat, where developers can ask coding questions in natural language. Carter said Copilot Workspace "gives developers a plan to start iterating from." ------------------------------ Date: Thu, 2 May 2024 13:10:29 +0000 From: Victor Miller <victorsmil...@gmail.com> Subject: Developers seethe as Google surfaces buggy AI-written code (The Register) https://www.theregister.com/2024/05/01/pulumi_ai_pollution_of_search/ ------------------------------ Date: Mon, 29 Apr 2024 11:40:07 -0400 (EDT) From: ACM TechNews <technews-edi...@acm.org> Subject: Precision Attacks Target Intel and AMD Processors (ScienceBlog) ScienceBlog, 28 Apr 2024, via ACM TechNews A team led by computer scientists at the University of California San Diego uncovered two novel types of attacks that target the conditional branch predictor found in high-end Intel processors. The attack is the first known to target a feature in the Path History Register (PHR), exposing more information with more precision than prior attacks. The researchers also introduced a precise Spectre-style poisoning attack, enabling attackers to induce intricate patterns of branch mispredictions within victim code. Intel and AMD were informed of these findings. ------------------------------ Date: Wed, 1 May 2024 11:50:02 -0400 (EDT) From: ACM TechNews <technews-edi...@acm.org> Subject: Phone Keyboard Exploits Leaves Billion Users Exposed (Margo Anderson) Margo Anderson, *IEEE Spectrum*, 29 Apr 2024, via ACM TechNews A team led by researchers at the University of Toronto's Citizen Lab in Canada revealed that a billion smartphone users are exposed to potential cyberattacks due to their use of digital Chinese-language keyboards. The Chinese-language keyboards use character-prediction features that rely on cloud computing resources, and improperly secured communications between the keyboard app and external cloud servers make users' keystrokes and messages vulnerable to spying and eavesdropping. ------------------------------ Date: Sat, 27 Apr 2024 17:57:29 -0700 From: Douglas Lucas <d...@riseup.net> Subject: Coffee County, GA, this time ransomware Previously, in the battleground state of Georgia, Coffee County's computer systems were known for the Jan. 2021 elections office breach paid for by Sidney Powell's PAC and orchestrated by top Trumpers. Georgia's Secretary of State missed the deadline to certify patches for the stolen and proliferated software (Dominion Voting Systems Democracy Suite Version 5.5-A). So no upgrading it prior to the 2024 election, although the _Curling v. Raffensperger_ case in the Northern District of Georgia, finishing up, might reshape the state's electoral system. But now a Coffee County press release dated Apr. 26 says there's something additional: On Apr. 15, DHS/CISA alerted the county to a cyberattack on its systems, which a CNN article later said was probably ransomware. The vaguely written press release really seems to suggest it took some time to notify the Georgia Secretary of State, which eventually locked the county out of the state's voter registration database (GARViS) as a precautionary measure. Top Secretary of State staffers are saying the lockout happened on Apr. 16 and was "perfect" but the Coffee press release, and its date, suggest it didn't happen nearly so fast. The Cyberscoop article concludes by saying "County officials have been responding to public records requests this week by claiming the county archiver is down for maintenance." I'm one of those open records requesters who received such a claim. I'm currently working from an attorney-client privilege log that's part of Southern District of Georgia discovery action also trying to get Coffee to produce any of the thousands of records related to the breach and its aftermath. Certainly casts the ransomware in another light -- instead of just yet another ransomware attack by greedy cybercriminals somewhere, it could be the GRU (or somebody else) trying to intervene in the lawsuit on Coffee's behalf. After all, such records, if produced, might eventually result in more indictments for MAGA. Coffee County press release: https://douglaslucas.com/files/CoffeeCountyBoardofCommissionersPressRelease_26April2024.pdf Cyberscoop: https://cyberscoop.com/cyberattack-hits-georgia-county-at-center-of-voting-software-breach ------------------------------ Date: Wed, 1 May 2024 11:50:02 -0400 (EDT) From: ACM TechNews <technews-edi...@acm.org> Subject: EU Investigates Meta Over Fears of Election Interference, Foreign Disinformation (Brian Fung) Brian Fung, CNN, 29 Apr 2024, via ACM Technews Meta is being investigated by EU officials over concerns it is not doing enough to safeguard upcoming EU elections or curtail foreign disinformation on Facebook and Instagram. ------------------------------ Date: Sun, 28 Apr 2024 16:32:30 -0400 From: Gabe Goldberg <g...@gabegold.com> Subject: Lawsuits test Tesla claim that drivers are solely responsible for crashes (WashPost) Evidence emerging in the Tesla Autopilot cases -â including dash-cam video obtained by The Washington Post â- offers sometimes-shocking details. https://www.washingtonpost.com/technology/2024/04/28/tesla-trial-autopilot-lawsuit/ Given Tesla advertising and Musk bloviating, drivers "solely" responsible is a tough sell. ------------------------------ Date: Tue, 30 Apr 2024 11:02:20 +0000 From: John Colville <john.colvi...@uts.edu.au> Subject: UK bans devices with weak passwords (Computing) The United Kingdom government has enacted a law that bans Internet-connected devices from having weak default passwords. https://www.computing.co.uk/news/4202793/uk-bans-devices-weak-passwords ------------------------------ Date: Mon, 29 Apr 2024 11:40:07 -0400 (EDT) From: ACM TechNews <technews-edi...@acm.org> Subject: Net Neutrality Is Back as FCC Votes to Regulate Internet Providers (Brian Fung) CNN (04/25/24) Brian Fun. via ACM TechNews The U.S. Federal Communications Commission (FCC) adopted net neutrality regulations on April 26 prohibiting Internet service providers (ISPs) from selectively speeding up, slowing down, or blocking customers' Internet traffic. The rules reflect those imposed by the FCC in 2015 but rescinded by the Trump administration in 2017. Among other things, the rules will prevent ISPs from selling customers' personal data or sharing it with tech firms to train AI models. ------------------------------ Date: Tue, 30 Apr 2024 00:57:35 -0400 From: Monty Solomon <mo...@roscom.com> Subject: FCC Fines Wireless Carriers About $200 Million for Sharing Customer Data (WSJ) Agency says four carriers sold access to customersâ location data to aggregators https://www.wsj.com/business/telecom/fcc-fines-wireless-carriers-about-200-million-for-sharing-customer-data-5207df8d ------------------------------ Date: Mon, 29 Apr 2024 16:32:03 -0600 From: Brian Inglis <brian.ing...@systematicsw.ab.ca> Subject: London Drugs closes stores until further notice due to cyberattack (CBC News) Another Canadian chain obviously did not notice or get a clue: https://www.cbc.ca/news/canada/british-columbia/london-drugs-closure-western-can ada-1.7187615 ... after Indigo online went down and stores could only handle cash last year, and the troubles of U.S. pharmacies or UK Boots the Chemist! ------------------------------ Date: Sun, 28 Apr 2024 12:14:07 -0700 From: "Jim" <jgeiss...@socal.rr.com> Subject: Century wrap-around A 101-year-old woman keeps getting mistaken for a baby because of an error with an airline's booking system. The problem occurred because American Airlines' systems apparently cannot compute that Patricia, who did not want to share her surname, was born in 1922, rather than 2022. The BBC witnessed the latest mix-up, which she and the cabin crew were able to laugh off. https://www.bbc.com/news/articles/c9wz7pvvjypo [Also noted by Thomas Koenig, Matthew Kruk, and Gabe Goldberg ...BCD? COBOL? PGN] ------------------------------ Date: Tue, 30 Apr 2024 23:36:44 -0400 From: Monty Solomon <mo...@roscom.com> Subject: Healthcare giant comes clean about recent hack and paid ransom (ArsTechnica) https://arstechnica.com/?p=2020827 ------------------------------ Date: Sat, 27 Apr 2024 11:22:21 -0700 From: Lauren Weinstein <lau...@vortex.com> Subject: Google SGE and shoplifting Google says users really like getting SGE/LLM/AI answers. That users really don't want to bother with the blue links and visiting the sites where Google is getting their information from (giving those sites nothing in return) to create those answers. Here's an analogy. You know how many stores have had to lock up small items because they are shoplifted so often? Some people wonder why someone would steal every tube of toothpaste in a rack. Many stores have closed entirely due to these thefts, leaving entire neighborhoods without shopping choices. The main reason this happens is because these small stolen items are resold at ad hock street markets at vastly discounted prices. Now, if you ask the people buying those stolen items at those street markets, they'd tell you (1) they really like the low prices and (2) claim they had no idea they were stolen and didn't care anyway. Yeah, you want toothpaste. -L ------------------------------ Date: Tue, 30 Apr 2024 23:24:31 -0400 From: Monty Solomon <mo...@roscom.com> Subject: New York Daily News, Chicago Tribune, and others sue OpenAI and Microsoft (The Verge) https://www.theverge.com/2024/4/30/24145603/ai-openai-microsoft-new-york-daily-news-sue-copyright ------------------------------ Date: Wed, 1 May 2024 12:46:35 -0700 From: Steve Bacher <seb...@verizon.net> Subject: Can AI-powered drive-throughs save the day for fast-food operators? (LATimes) In the wake of the new $20 minimum wage for industry workers, quick-service restaurants in California are accelerating and expanding their use of technology. ------------------------------ Date: Mon, 29 Apr 2024 21:23:15 -0600 From: "Mark Johnson" <mhjohn...@mac.com> Subject: Unexpected S3 bucket costs If you name your Amazon S3 bucket to something that someone might discover or use -- you can get huge bills. Even for unauthorized access. https://medium.com/@maciej.pocwierz/how-an-empty-s3-bucket-can-make-your-aws-bill-explode-934a383cb8b1 "My bill was over 1300$, with the billing console showing nearly 100,000,000 S3 PUT requests executed within just one day!â "I made my bucket public for less than 30 seconds, and within that timeframe, collected over 10GB of data.â An open source tool was pushing data to this bucket (not sure why). That has been fixed but doesnât help with deployed systems not yet updated. Amazon did rescind the bill for the charges. [Also: AWS S3 storage bucket with unlucky name nearly cost developer $1,300 https://arstechnica.com/information-technology/2024/04/aws-s3-storage-bucket-with-unlucky-name-nearly-cost-developer-1300/ PGN] ------------------------------ Date: Thu, 2 May 2024 21:27:39 -0400 From: Monty Solomon <mo...@roscom.com> Subject: CenturyLink left users with no service for two months, then billed them $239 (ArsTechnica) https://arstechnica.com/tech-policy/2024/05/centurylink-left-users-with-no-service-for-two-months-then-billed-them-239/ ------------------------------ Date: Wed, 1 May 2024 10:31:23 -0700 From: Steve Bacher <seb...@verizon.net> Subject: More customers say 'tap-to-pay' charged their credit card through bags, pockets (ABC7) Several viewers told 7 On Your Side tap-enabled systems captured their credit card information at a variety of places -- a restaurant, a store, even a doctor's office. So is this going to happen more? https://abc7ne.ws/3Lgpkzu <https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbRTvb01NbEY4T1kwazlHMnZEby1nRk42VzFBZ3xBQ3Jtc0tra2UwZTNNQkIyV1Jraml6RW1UZ3dpQXpxcTZKSVVvWnU0WWF5dEw2Y0g5SzdNX0xWUWJTaHF2TEtZdWFENFJ6SjEyS2NjRldMZGVtVVVkTmEwb01TbkNrM3p1WmtJT0I3OHg3cXlIOEtXeEhXcEhoTQ&q=https%3A%2F%2Fabc7ne.ws%2F3Lgpkzu&v=mze1jb_jLE> ------------------------------ Date: Tue, 30 Apr 2024 08:19:43 -0400 From: Monty Solomon <mo...@roscom.com> Subject: New Job Scams Targeting Young Professionals Are Flourishing (WSJ) Fake recruiters using sophisticated techniques lure in college students and new graduates https://www.wsj.com/lifestyle/careers/new-job-scams-targeting-young-professionals-are-flourishing-70e1aba1 ------------------------------ Date: Tue, 30 Apr 2024 23:44:59 -0400 From: Monty Solomon <mo...@roscom.com> Subject: Court upholds New York law that says ISPs must offer $15 broadband (ArsTechnica) https://arstechnica.com/?p=2020332 ------------------------------ Date: Sun, 28 Apr 2024 20:35:14 -0400 From: Gabe Goldberg <g...@gabegold.com> Subject: We Are Blowing the Fight to Contain Bird Flu (NYTimes) Dr. Bright fell silent, then asked a very reasonable question: âDoesnât anyone keep tabs on this?â The H5N1 outbreak, already a devastating crisis for cattle farmers and their herds, has the potential to turn into an enormous tragedy for the rest of us. But having spent the past two weeks trying to get answers from our nationâs public health authorities, Iâm shocked by how little they seem to know about whatâs going on and how little of what they do know is being shared in a timely manner. How exactly is the infection transmitted between herds? The United States Department of Agriculture, the Food and Drug Administration and the Centers for Disease Control and Prevention all say they are working to figure it out. https://www.nytimes.com/2024/04/24/opinion/bird-flu-cow-outbreak.html?smid=nytcore-ios-share ------------------------------ Date: Fri, 3 May 2024 14:29:45 -0400 From: Monty Solomon <mo...@roscom.com> Subject: Covid Vaccine Side Effects: 4 Takeaways From Our Investigation (NYTimes) Thousands of Americans believe they experienced rare but serious side effects. But confirming a link is a difficult task. https://www.nytimes.com/2024/05/03/health/covid-vaccine-side-effects-takeaways.html All vaccines have at least occasional side effects. But people who say they were injured by Covid vaccines believe their cases have been ignored. https://www.nytimes.com/2024/05/03/health/covid-vaccines-side-effects.html ------------------------------ Date: Mon, 29 Apr 2024 11:28:47 +0300 From: Amos Shapir <amos...@gmail.com> Subject: Re: We're always fighting the last war (Baker, RISKS-34.21) History, as well as recent events, show that the use of new weapons and tactics may affect mainly the opening stages of a campaign, but affect the end result only if the war is concluded shortly afterwards. The losing side usually regains its senses and finds solutions rather quickly. Cases in point: The US winning the battle of Midway shortly after Pearl Harbor, or the recent Iranian attack on Israel, similar to the Millennium Challenge 2002 scenario, which was repealed with a 99% success rate. ------------------------------ Date: Sat, 27 Apr 2024 15:35:01 -0700 From: Lauren Weinstein <lau...@vortex.com> Subject: Re: A Chinese firm is America's favorite drone maker except in Washington (RISKS-34.19) There has never been any evidence that DJI drones purposely feed data to China. Their app had some issues with data leakage that have been fixed, and were very much the same sort that innumerable apps made in the USA have had (and probably continue to have). DJI drones aren't just the majority brand used recreationaly, but are enormously important in public safety, agriculture, utilities, an almost endless list. There simply are not U.S.-made alternatives that meet the requirements in terms of reliability, support, and cost. This China-bashing crusade by Congress (and the administration) isn't making the U.S. safer but is doing significant damage to our own citizens who choose DJI tech because it does the job. https://www.sltrib.com/news/nation-world/2024/04/27/chinese-firm-is-americas-favorite/ ------------------------------ Date: Sat, 28 Oct 2023 11:11:11 -0800 From: risks-requ...@csl.sri.com Subject: Abridged info on RISKS (comp.risks) The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is comp.risks, the feed for which is donated by panix.com as of June 2011. => SUBSCRIPTIONS: The mailman Web interface can be used directly to subscribe and unsubscribe: http://mls.csl.sri.com/mailman/listinfo/risks => SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that includes the string `notsp'. Otherwise your message may not be read. *** This attention-string has never changed, but might if spammers use it. => SPAM challenge-responses will not be honored. Instead, use an alternative address from which you never send mail where the address becomes public! => The complete INFO file (submissions, default disclaimers, archive sites, copyright policy, etc.) has moved to the ftp.sri.com site: <risksinfo.html>. *** Contributors are assumed to have read the full info file for guidelines! => OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's delightfully searchable html archive at newcastle: http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue. Also, ftp://ftp.sri.com/risks for the current volume/previous directories or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume If none of those work for you, the most recent issue is always at http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-34.00 ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001) *** NOTE: If a cited URL fails, we do not try to update them. Try browsing on the keywords in the subject line or cited article leads. Apologies for what Office365 and SafeLinks may have done to URLs. ==> Special Offer to Join ACM for readers of the ACM RISKS Forum: <http://www.acm.org/joinacm1> ------------------------------ End of RISKS-FORUM Digest 34.22 ************************