The RISKS Digest
Volume 28 Index
Forum on Risks to the Public in Computers and Related Systems
ACM Committee on Computers and Public Policy,
Peter G. Neumann, moderator
Forum on Risks to the Public in Computers and Related Systems
ACM
Committee on Computers and Public Policy, Peter G. Neumann, moderator
-
Volume 28 Issue 01 (Thursday 11 June 2014)
-
Volume 28 Issue 02 (Thursday 12 June 2014)
-
Volume 28 Issue 03 (Tuesday 17 June 2014)
-
Volume 28 Issue 03 (Tuesday 17 June 2014)
-
Volume 28 Issue 04 (Tuesday 24 June 2014)
-
Volume 28 Issue 05 (Thursday 26 June 2014)
-
Volume 28 Issue 06 (Saturday 5 July 2014)
-
Volume 28 Issue 07 (Tuesday 15 July 2014)
-
Volume 28 Issue 08 (Saturday 19 July 2014)
-
Volume 28 Issue 09 (Tuesday 22 July 2014)
-
Volume 28 Issue 10 (Friday 25 July 2014)
-
Volume 28 Issue 11 (Wednesday 30 July 2014)
-
Volume 28 Issue 12 (Thursday 31 July 2014)
-
Volume 28 Issue 13 (Tuesday 5 August 2014)
-
Volume 28 Issue 14 (Thursday 7 August 2014)
-
Volume 28 Issue 15 (Monday 11 August 2014)
-
Volume 28 Issue 16 (Tuesday 12 August 2014)
-
Volume 28 Issue 17 (Thursday 14 August 2014)
-
Volume 28 Issue 18 (Monday 18 August 2014)
-
Volume 28 Issue 19 (Thursday 21 August 2014)
-
Volume 28 Issue 20 (Sunday 24 August 2014)
-
Volume 28 Issue 21 (Tuesday 26 August 2014)
-
Volume 28 Issue 22 (Wednesday 27 August 2014)
-
Volume 28 Issue 23 (Thursday 28 August 2014)
-
Volume 28 Issue 24 (Wednesday 4 September 2014)
-
Volume 28 Issue 25 (Tuesday 9 September 2014)
-
Volume 28 Issue 26 (Thursday 11 September)
-
Volume 28 Issue 27 (Monday 15 September 2014)
-
Volume 28 Issue 28 (Tuesday 30 September 2014)
-
Volume 28 Issue 29 (Thursday 9 October 2014)
-
Volume 28 Issue 30 (Thursday 23 October 2014)
-
Volume 28 Issue 31 (Friday 24 October 2014)
-
Volume 28 Issue 32 (Friday 31 October 2014)
- Rocket Heading to International Space Station Explodes; No One Is Hurt (NYT via Monty Solomon)
- Dallas hospital alters account of failure to diagnose first US Ebola case (David Tarabar)
- Cars become uninsurable due to their weak security (Jeremy Epstein)
- HP accidentally signed malware, will revoke certificate (Ars)
- Clueless FBI sabotages its own anti-encryption campaign (Caroline Craig)
- FBI director says Chinese hackers are like a "drunk burglar" (Ars)
- Report Reveals Wider Tracking of Mail in U.S. (NYT via Monty Solomon)
- ComputerCOP: dubious "Internet Safety Software" given to US families (Ars via NNSquad)
- Adobe is Spying on Users, Collecting Data on Their eBook Libraries; Adobe Responds to Reports of Their Spying, Offers Half Truths and Misleading
Statements (Nate Hoffelder via Gene Wirchenko)
- Adobe tracks your e-book reading habits—sends logs in plain text (Ars)
- Bugzilla 0-day can reveal 0-day bugs in OSS giants such as Mozilla and Red Hat (Ars)
- White hat claims Yahoo and WinZip hacked by "shellshock" exploiters (Ars)
- Severe Security Problem in Drupal 7.x (Bob Gezelter)
- Chip&Pin^H^H^HDip: Replay It Again Sam (Henry Baker)
- Apple will face $350M trial over iPod DRM (Ars)
- Apple updates definitions to prevent "iWorm" botnet malware on Macs (Ars)
- APPLE-SA-2014-09-29-1 OS X bash Update 1.0 (Monty Solomon)
- APPLE-SA-2014-09-23-1 OS X: Flash Player plug-in blocked (Monty Solomon)
- "One week after patch, Flash vulnerability already exploited in large-scale attacks" (Lucian Constantin)
- 2 Drug Chains Disable Apple Pay, as a Rival Makes Plans (NYT)
- Apple Pay Runs Afoul of MCX, a Group With a Rival Product (Monty Solomon)
- Hackers swipe e-mail addresses from Apple Pay-competitor CurrentC (Ars)
- How Apple Pay and Google Wallet actually work (Ars Technica)
- Reddit-powered botnet infected thousands of Macs worldwide (Sean Gallagher)
- Apple patches "Shellshock" Bash bug in OS X 10.9, 10.8, and 10.7 (Andrew Cunningham)
- Shellshock fixes beget another round of patches as attacks mount (Andrew Cunningham)
- Executing the Messenger (Henry Baker)
- Even a built-in keylogger!—"Microsoft's Windows 10 has permission to spy on you!" (Techworm)
- More on Windows 10 /preview/ data collection (Lauren Weinstein)
- "Four more botched Microsoft patches (Woody Leonhard)
- "Microsoft yanks botched patch KB 2949927, re-issues KB 2952664" (Woody Leonhard)
- "Microsoft warns users to kill botched KB 2949927 patch" (Woody Leonhard)
- "Microsoft misses Windows bug, hackers slip past patch" (Gregg Keizer)
- Windows Update intentionally destroys chips (Brian Benchoff via Henry Baker)
- Re: Windows 9 Reportedly Skipped as Name Would Have Created Code Bugs (Mark Thorson)
- "12 surprising ways personal technology betrays your privacy" (Andy Patrizio)
- "Critical Bugzilla vulnerability could give hackers access to undisclosed software flaws" (Lucian Constantin)
- Adobe's e-book reader sends your reading logs back to Adobe — in plain text (Sean Gallagher)
- DHS No Longer Needs Permission Slips to Monitor Other Agencies' Networks (Henry Baker)
- The NSA has no interest in protecting you & me (Henry Baker)
- Law Lets I.R.S. Seize Accounts on Suspicion, No Crime Required (Monty Solomon)
- How Facebook Is Changing the Way Its Users Consume Journalism (Monty Solomon)
- Re: where last passenger went (Dimitri Maziuk)
- Re: Should Airplanes Be Flying Themselves? (John Levine)
- Taylor Swift Tops Canadian iTunes Chart With 8 Seconds of White Noise (Lorena O'Neil via Henry Baker)
-
Volume 28 Issue 33 (Tuesday 4 November 2014)
-
Volume 28 Issue 34 (Thursday 6 November 2014)
-
Volume 28 Issue 35 (Thursday 13 November 2014)
-
Volume 28 Issue 36 (Monday 17 November 2014)
-
Volume 28 Issue 37 (Friday 21 November 2014)
-
Volume 28 Issue 38 (Tuesday 25 November 2014)
-
Volume 28 Issue 39 (Friday 28 November 2014)
-
Volume 28 Issue 41 (Tuesday 16 December 2014)
-
Volume 28 Issue 42 (Friday 19 December 2014)
-
Volume 28 Issue 43 (Monday 5 January 2015)
-
Volume 28 Issue 44 (Tuesday 6 January 2015)
-
Volume 28 Issue 45 (Monday 12 January 2015)
- Ford recalls SUVs because drivers are accidentally turning them off (Ben Rothke)
- Green Bank, WV: The Town Without Wi-Fi (Monty Solomon)
- Risks in Using Social Media to Spot Signs of Mental Distress (Monty Solomon)
- EU response to free speech killings? More Internet censorship! (Gigaom via Lauren Weinstein)
- Snowden: U.S. puts too much emphasis on cyber-offense, needs defense (Dewayne Hendricks)
- Biometric Identification (Anthony Thorn)
- Memory corruption (Martyn Thomas)
- Morgan Stanley Breach Put Client Data Up for Sale on Pastebin, an Online Site (Nathaniel Popper via Monty Solomon)
- US banks trace credit fraud to Chick-fil-A locales in possible data breach (Ars via Monty Solomon)
- Re: "Could e-voting be on its way in the UK?" (Amos Shapir, Tony Finch)
- An oldie but goodie ODBC risk (Bernard Peek)
- Sony Cyberattack, First a Nuisance, Swiftly Grew Into a Firestorm (Cieply and Barnes via Monty Solomon)
- World's first *known* bootkit for OS X can permanently backdoor Macs (Dan Goodin)
- Spotlight search in OS X Yosemite exposes private user details to spammers (Monty Solomon)
- Apps Everywhere, but No Unifying Link (Monty Solomon)
- Re: Gogo Issues False SSL Certificates, Allowing them to decode SSL Traffic (Bob Gezelter)
- ASUS Routers reportedly vulnerable to local area network command execution exploit (Bob Gezelter)
- Re: Too many pilots can't handle an emergency (Craig Burton)
- Re: Lenovo recalls more than 500,000 power cords (david lewis, Dick Mills)
-
Volume 28 Issue 46 (Wednesday 21 January 2015)
-
Volume 28 Issue 47 (Monday 26 January 2015)
-
Volume 28 Issue 48 (Thursday 29 January 2015)
-
Volume 28 Issue 49 (Monday 2 February 2015)
-
Volume 28 Issue 50 (Friday 6 February 2015)
-
Volume 28 Issue 51 (Thursday 12 February 2015)
-
Volume 28 Issue 52 (Monday 16 February 2015)
-
Volume 28 Issue 53 (Monday 23 February 2015)
-
Volume 28 Issue 54 (Monday 2 March 2015)
-
Volume 28 Issue 55 (Tuesday 10 March 2015)
-
Volume 28 Issue 56 (Thursday 19 March 2015)
-
Volume 28 Issue 57 (Wednesday 25 March 2015)
-
Volume 28 Issue 58 (Wednesday 1 April 2015)
- The Apple zero-button mouse—and related innovations? (PGN)
- No liability for exchange rate software error by United (Jeremy Epstein)
- Digital currency risks (William Brodie-Tyrrell)
- Fraudster escapes jail by forging bail e-mail (Chris Drewe)
- Manipulating Wikipedia to Promote a Bogus Business School (Newsweek)
- DDoS against Rutgers University, and perpetrator claims credit (danny burstein)
- FTC Rules Jerk, LLC and John Fanning Deceived Consumers, Violated FTC Act (Gabe Goldberg)
- "Washington is coming for your personal data" (Caroline Craig)
- "Dell support tool put PCs at risk of malware infection" (Lucian Constantin)
- "Cisco IP phones open to remote eavesdropping, calling" (Lucian Constantin)
- Australia passes data retention into law (Lauren Weinstein)D
- Re: Jurisdictional risks (Doug Montalbano)
- Re: Kali Linux security is a joke! (Ian Jackson)
- Re: House Judiciary Committee tries to be cool, fails oh so miserably (Devon McCormick)
- Re: As We Age, Smartphones Don't Make Us Stupid ... (Rob Slade)
- Re: "GoDaddy accounts vulnerable to social engineering and Photoshop" (Craig Burton)
- Re: Software says "'Dr' Must Be Male"! (Thomas Koenig)
- Risky Business: Virgin Galactic (William Langewiesche)
- Book: Peter Carey, Amnesia (PGN)
- Subject: Risks Digest 28.59 Wednesday 22 April 2015
- Passenger, avionics networks still not separated in B787, A350, A380 (Mary Shaw)
- GAO report on FAA vulnerabilities to Cyberattack, and a news report on a claimed attack method (Peter Bernard Ladkin)
- First F-35 Jets Lack Ground-Combat Punch of 1970s-Era A-10s (Gabe Goldberg)
- Driver follows GPS off demolished bridge, killing wife (Gabe Goldberg)
- Automakers Say You Don't Really Own Your Car (Gabe Goldberg)
- Tweeting Fridges and Web Controlled Rice Cookers: 9 of the Stupidest Smart Home Appliances (Gabe Goldberg)
- "Smart home hacking is easier than you think" (Colin Neagle)
- Virginia decertified WinVote voting system (Jeremy Epstein)
- Australia government attacks researchers who reveal online election flaws (Lauren Weinstein)
- Curious election statistical observation (danny burstein)
- Bob Wachter on Technology and Hospitals at Medium (Prashanth Mundkur)
- Lawyers smell blood in electronic medical records (Lauren Weinstein)
- `Routine maintenance' and the EMR (Robert L Wears)
- "End-To-End Web Crypto: A Broken Security Model" (Indolering)
- Banks undermine chip and PIN security (Steven Murdoch via Prashanth Mundkur)
- Tewksbury police pay bitcoin ransom to hackers (Bob Frankston)
- State of the Internet (Akamai)
- The Internet Ruined April Fool's Day (The Atlantic)
- Hacked French TV network admits "blunder" that exposed YouTube password (Gabe Goldberg)
- Tech companies are sending your secrets to crowdsourced armies of low-paid workers (Gabe Goldberg)
- ISOS mass-defaceng websites (PGN)
- "How ICANN enabled legal Website extortion" (Cringely)
- "GitHub still recovering from massive DDoS attacks" (Jeremy Kirk)
- FBI would rather prosecutors drop cases than disclose stingray details (Cyrus Farivar)
- Cyberspace and the American Dream: A Magna Carta for the Knowledge Age (Daniel Berninger)
- "Lost in the clouds: 7 examples of compromised personal information" (Steve Ragan)
- French Senate Backs Bid To Force Google To Disclose Search Algorithm Workings (Lauren Weinstein)
- "4 no-bull facts about Microsoft's HTTP.sys vulnerability" (Serdar Yegulalp)
- Congress cannot be taken seriously on cybersecurity (Trevor Timm)
- How the New York Times is eluding censors in China (Lauren Weinstein)
- "Large-scale Google malvertising campaign hits users with exploits" (Lucian Constantin)
- Insurance co. wants to track you 24/7 for a discount (CNN)
- Fire TV Stick OS 1.5 Update (Gabe Goldberg)
- Internet Naming Body Moves to Crack Down on '.sucks' (Ars)
- Good news and bad news: Android Security State of the Union 2014 (Lauren Weinstein)
- Re: Kali Linux security is a joke! (Henry Baker)
-
Volume 28 Issue 60 (Monday 27 Apr 2015)
-
Volume 28 Issue 61 (Friday 1 May 2015)
-
Volume 28 Issue 62 (Friday 8 May 2015)
-
Volume 28 Issue 63 (Monday 11 May 2015)
-
Volume 28 Issue 64 (Saturday 16 May 2015)
-
Volume 28 Issue 65 (Tuesday 25 May 2015)
-
Volume 28 Issue 66 (Monday 1 June 2015)
-
Volume 28 Issue 67 (Thursday 4 June 2015)
-
Volume 28 Issue 68 (Thursday 11 June 2015)
-
Volume 28 Issue 69 (Monday 15 June 2015)
-
Volume 28 Issue 70 (Tuesday 16 June 2015)
-
Volume 28 Issue 71 (Saturday 20 June 2015)
-
Volume 28 Issue 72 (Monday 22 June 2015)
-
Volume 28 Issue 73 (Friday 26 June 2015)
-
Volume 28 Issue 74 (Wednesday 1 July 2015)
-
Volume 28 Issue 75 (Tuesday 7 July 2015)
-
Volume 28 Issue 76 (Wednesday 8 July 2015)
-
Volume 28 Issue 77 (Saturday 11 July 2015)
- Outages continue: USDA; Amazon (Alister Wm Macintyre)
- When Computers Go Down, It's Not Always a Hack (takingnote)
- An Offline NYSE. Makes Barely a Ripple in a Day's Trading (NYTimes)
- Moxie Marlinspike (WSJ)
- The Massive OPM Hack Actually Hit 25 Million People (WiReD)
- OpenSSL Patches Critical Certificate Forgery Bug (SlashDot)
- Hackdoors & Crypto Wars (Eric Geller via Henry Baker)
- Senator: OPM Hack Gave China a Spy Recruiting Database (Ben Sasse via Henry Baker)
- Privacy risks in healthcare (PGN)
- EFF report on the Going Dark Senate hearing (PGN)
- Cyber criminals adopt recently patched zero-day exploit in a flash (Lucian Constantin)
- Map of Cyber Attacks (Norsecorp via Alister Wm Macintyre)
- India's Supreme Court May Ban Porn Viewing, Even in Private Homes (HuFfpost)
- Facing a Selfie Election, Presidential Hopefuls Grin (NYTimes)
- Your next selfie could be your last, Russia warns (Amar Toor)
- Re: NZ Harmful Digital Communications Bill (Macintyre, O'Keefe)
- Leap Second Causes Sporadic Outages Across the Internet (Brian Inglis, Bob Frankston)
- Re: Samsung is being sued in China (Wols)
- Ada Lovelace and Babbage (PGN)
- RISKS-Forum Digest Tuesday 14 July 2015
- The Use of Encrypted, Coded, and Secret Communications is an `Ancient Liberty' Protected by the United States Constitution (VJoLT)
- The Dangers of Internet voting (Hans A. von Spakovsky)
- Report on Internet voting (U.S. Vote Foundation)
- U.N. body agrees to U.S. norms in cyberspace (Joseph Marks via Joly MacFie)
- Scent Received, With a Tap of a Smartphone (NYTimes)
- Theaters Struggle With Patrons' Phone Use During Shows (NYTimes)
- Addicted to Your Phone? There's Help for That (NYTimes)
- Sundar Pichai of Google Talks About Phone Intrusion (NYTimes)
- How China stopped its bloggers (AFR)
- Sports wearables may affect athletes' privacy, paycheques as well as performance (Christine Wong)
- Securing networks is harder than it was two years ago (BetaNews)
- Bitcoin wallets vulnerable to double-spending bug (BetaNews)
- Casper Bowden has died (BetaNews)
- Re: NZ Harmful Digital Communications Bill (Chris Drewe)
- Re: Chicago's 'cloud tax' makes Netflix ... more expensive (John Levine)
-
Volume 28 Issue 79 (Monday 20 July 2015)
-
Volume 28 Issue 80 (Wednesday 22 July 2015)
-
Volume 28 Issue 81 (Saturday 25 July 2015)
-
Volume 28 Issue 82 (Wednesday 29 July 2015)
-
Volume 28 Issue 83 (Digest Sunday 2 August 2015)
-
Volume 28 Issue 84 (Tuesday 4 August 2015)
-
Volume 28 Issue 85 (Wednesday 12 August 2015)
-
Volume 28 Issue 86 (Friday 14 August 2015)
-
Volume 28 Issue 87 (Monday 17 August 2015)
-
Volume 28 Issue 88 (Tuesday 18 August 2015)
-
Volume 28 Issue 89 (Wednesday 19 August 2015)
-
Volume 28 Issue 90 (Thursday 20 August 2015)
-
Volume 28 Issue 91 (Friday 21 August 2015)
-
Volume 28 Issue 92 ()
-
Volume 28 Issue 93 (Thursday 3 September 2015)
-
Volume 28 Issue 94 (Sunday 20 September 2015)
- America's Voting Machines at Risk (Brennan Center)
- Hanging chad redux? US heading for 2000-style election catastrophe, report finds (Ed Pilkington)
- Leaked NSC Memo on Encryption (WashPost)
- Obama faces growing momentum to support widespread encryption (Nakashima and Peterson)
- WH Realizes Mandating Backdoors To Encryption Isn't Going To Happen (Tech Dirt)
- Why We Positively, Absolutely, Can't Trust the Government with Encryption (Lauren Weinstein)
- CISA on OPM: “responding to a bear attack by stockpiling honey'' (Eric Geller via Henry Baker)
- Tech Companies Resist Govt Surveillance (Calo and Penuela)
- Kilton Public Library Reactivates Tor Node (Nora Doyle-Burr)
- Major Internet outage strikes again (Matthew Reed)
- American Airlines flew wrong plane to chawaii (WashPost)
- Hack on United Airlines Makes CIA's Job More Difficult (Cybersecintell)
- Drug lord may be in Costa Rica, based on tweet (Dan Jacobson)
- Lockpickers 3-D Print TSA Master Luggage Keys From Leaked Photos (WiReD)
- Researcher Hacks Self-driving Car Sensors (IEEE Spectrum)
- Russian Hackers Hijack Satellite to Steal Data from Thousands of Hacked Computers (PGN)
- FireEye Malware Protection System hacked with malware (Henry Baker)
- Programming errors allow cracking of 11 million+ Ashley Madison passwords (Dan Goodin)
- Buffer Overflows: Blast from the Past (Henry Baker)
- "Attackers install highly persistent malware implants on Cisco routers" (Lucian Constantin)
- Brain Hacking state-of-art (Lovett in Analog)
- How Can a Netizen be Responsible and Secure? (Dick Mills)
- How to make the Internet worse for everyone except the slimeballs (Lauren Weinstein)
- One Symptom in New Medical Codes: Doctor Anxiety (NYTimes)
- Watch Out: If You've Got a Smart Watch, Hackers Could Get Your Data (David Robertson)
- "How Microsoft's data case could unravel the US tech industry" (Zack Whittaker)
- Mozilla: data stolen from hacked bug database was used to attack Firefox (Ars Technica)
- How Ashley Madison Hid Its Fembot Con From Users and Investigators (Gizmodo)
- "The Web's 10 most dangerous neighborhoods" (Maria Korolov)
- Faults Sense of Security (Henry Baker)
- Facebook's Like Buttons Will Soon Track Your Web Browsing to Target Ads (Technology Review)
- Boston still tracks vehicles, lies about it, and leaves sensitive resident data exposed online (Dig Boston)
- HP didn't get the security memo re HTTPS (Henry Baker)
- FBI Safety: Disconnect IoT Devices from the Internet (Henry Baker)
- Need to install a font on Windows 10? Turn on the firewall (SuperUser)
- Microsoft is downloading Windows 10 to your machine 'just in case' (LW)
- Re: Windows 7, 8, and 10: Now all collecting user data for Microsoft (Erling Kristiansen)
- Re: Unwanted data transmissions by Windows 10 (Wol)
- Re: No gigabyte nets for autonomous vehicles (Dimitri Maziuk, Wol)
- Re: Vehicles with keyless ignition systems... (Chris Drewe)
- Re: Google's Driverless Cars Run Into Problem: Lack of appreciation of "social" (Bob Frankston)
-
Volume 28 Issue 95 (Thursday 24 September 2015)
-
Volume 28 Issue 96 (Monday 28 September 2015)
-
Volume 28 Issue 97 (Tuesday 29 September 2015)
Please report problems with the web pages to the maintainer
Top