The RISKS Digest
Volume 29 Index
Forum on Risks to the Public in Computers and Related Systems
ACM Committee on Computers and Public Policy,
Peter G. Neumann, moderator
Forum on Risks to the Public in Computers and Related Systems
ACM
Committee on Computers and Public Policy, Peter G. Neumann, moderator
-
Volume 29 Issue 01 (Saturday 3 October 2015)
-
Volume 29 Issue 02 (Tuesday 6 October 2015)
-
Volume 29 Issue 03 (Wednesday 14 October 2015)
-
Volume 29 Issue 04 (Saturday 17 October 2015)
-
Volume 29 Issue 05 (Monday 26 October 2015)
-
Volume 29 Issue 06 (Friday 30 October 2015)
-
Volume 29 Issue 07 (Tuesday 3 November 2015)
-
Volume 29 Issue 08 (Monday 9 November 2015)
-
Volume 29 Issue 09 (Friday 13 November 2015)
-
Volume 29 Issue 10 (Tuesday 17 November 2015)
-
Volume 29 Issue 11 (Thursday 19 November 2015)
-
Volume 29 Issue 12 (Wednesday 25 November 2015)
-
Volume 29 Issue 13 (Thursday 26 November 2015)
-
Volume 29 Issue 14 (Wednesday 2 December 2015)
-
Volume 29 Issue 15 (Wednesday 9 December 2015)
-
Volume 29 Issue 16 (Monday 14 December 2015)
-
Volume 29 Issue 17 (Tuesday 15 December 2015)
-
Volume 29 Issue 18 (Thursday 24 December 2015)
-
Volume 29 Issue 19 (Monday 28 December 2015)
-
Volume 29 Issue 20 (Tuesday 5 January 2016)
-
Volume 29 Issue 21 (Thursday 14 January 2016)
-
Volume 29 Issue 22 (Sunday 24 January 2016)
-
Volume 29 Issue 23 (Monday 25 January 2016)
-
Volume 29 Issue 24 (Saturday 30 January 2016)
-
Volume 29 Issue 25 (Thursday 11 February 2016)
-
Volume 29 Issue 26 (Monday 15 February 2016)
-
Volume 29 Issue 27 (Thursday 18 February 2016)
-
Volume 29 Issue 28 (Thursday 25 February 2016)
-
Volume 29 Issue 29 (Friday 26 February 2016)
-
Volume 29 Issue 30 (Monday 29 February 2016)
-
Volume 29 Issue 31 (Thursday 3 March 2016)
-
Volume 29 Issue 32 (Monday 7 March 2016)
-
Volume 29 Issue 33 (Wednesday 9 March 2016)
-
Volume 29 Issue 34 (Tuesday 15 March 2016)
-
Volume 29 Issue 35 (Wednesday 16 March 2016)
-
Volume 29 Issue 36 (Friday 18 March 2016)
-
Volume 29 Issue 37 (Monday 21 March 2016)
-
Volume 29 Issue 38 (Tuesday 22 March 2016)
-
Volume 29 Issue 39 (Wednesday 23 March 2016)
-
Volume 29 Issue 40 (Friday 25 March 2016)
-
Volume 29 Issue 41 (Tuesday 29 March 2016)
-
Volume 29 Issue 42 (Friday 1 April 2016)
-
Volume 29 Issue 43 (Friday 1 April 2016)
-
Volume 29 Issue 44 (Tuesday 5 April 2016)
-
Volume 29 Issue 45 (Monday 11 April 2016)
-
Volume 29 Issue 46 (Thursday 14 April 2016)
-
Volume 29 Issue 47 (Monday 18 April 2016)
-
Volume 29 Issue 48 (Monday 25 April 2016)
-
Volume 29 Issue 49 (Friday 29 April 2016)
-
Volume 29 Issue 50 (Tuesday 3 May 2016)
-
Volume 29 Issue 51 (Friday 6 May 2016)
-
Volume 29 Issue 52 (Tuesday 10 May 2016)
-
Volume 29 Issue 53 (Friday 20 May 2016)
-
Volume 29 Issue 54 (Sunday 29 May 2016)
- Connected Car Security (Gabe Goldberg)
- Nest to deliberately brick old smart hubs (Adrian Kingsley-Hughes)
- Are tighter rules needed on recording devices in cars? (Gabe Goldberg)
- Catch 22 in the Courtrooms: FBI and Tor malware (Cyrus Farivar)
- Dronebuster (Ars Technica)
- Attackers Steal $12.7M In Massive ATM Heist (EditorDavid)
- The risk of blaming the messenger (Rogier Wolff)
- Edward Snowden, John Crane, and Whistle-Blowing (McLaughlin/Froomkin)
- Student Exposes Bad Police Encryption, Gets Sentenced (EditorDavid)
- Armed FBI agents raid home of researcher who found unsecured (Ars)
- What the U.S. Gov really thinks about encryption (Christian Science Monitor)
- DARPA Extreme DDoS Project Transforming Network Attack Mitigation (Slashdot)
- Worm Takes Control Of Wireless ISPs Around the Globe (Dan Goodin)
- Untangling the Web: the NSA's supremely weird, florid guide to the Internet (Michael)
- Real-Life RoboCop Guards Shopping Centers In California (BeauHD)
- AI causes more unemployment and lower standards of living (Slashdot)
- "This unusual botnet targets scientists, engineers, and academics" (Danny Palmer)
- TOR to use improved RNG algorithm (Catalin Cimpanu)
- You Can Run, But You Can't Hide (Cyrus Farivar)
- Risk of Talking Like a Terrorist (Peter Bright)
- France's Guillotining of Global Free Speech Continues (Lauren Weinstein)
- "Why Free Speech Is Even More Important Than Privacy" (Lauren Weinstein)
- Major Cell Phone Radiation Study Reignites Cancer Questions (Sci Am via LW)
- The Thai cleaning lady facing prison for 'I see' (BBC)
- Robot Cause Unemployment in Hitech - tagged iPhone7, Foxconn, Apple (Softpedia)
- Facebook begins tracking non-users around the Internet (The Verge)
- "5 active mobile threats spoofing enterprise apps" (Ryan Francis)
- About Android [In]Security (Softpedia)
- Latest news / Hot right now (Softpedia)
- Ransomware Adds DDoS Attacks (Softpedia via EditorDavid on Slashdot)
- More Bad News.... for someone (Softpedia)
- Opera, VPN and sale to Chinese investors (Softmedia, May 26)
- TOR to use improved RNG algorithm (Catalin Cimpanu)
- You Can Run, But You Can't Hide (Cyrus Farivar)
- How copyright law is being misused to remove Internet material (The Guardian)
- China's scary lesson to the world: Censoring the Internet works (WashPost)
- Microsoft accused of Windows 10 upgrade "nasty trick" (BBC)
- PayPal refuses to deliver online purchases to UK addresses containing "Isis" (BoingBoing via Gabe Goldberg)
- Google's Paris HQ raided in tax probe (BBC)
- Censorship by Copyright claim to Google (The Guardian)
- Expect a Change of Google password policy (The Guardian)
- Stanford Computer Scientists Show Telephone Metadata Can Reveal (Bjorn Carey)
- PasteJacking and JavaScript.... (Softpedia)
- Politically Incorrect, April Fools, a rejected X-Files script, or.... just a Bad Dream ?!? (via Slashdot)
- Norwegian Consumer rights institute protests app terms, reading them for 24 hours on a live broadcast (via Slashdot)
- WPAD Protocol Bug Puts Windows Users at Risk (Catalin Cimpanu)
- Protect Your PC from Malware by Running Applications Inside a Sandbox (Softpedia)
- The elderly are way savvier with password security than millennials (QZ)
- Robots also Destroy Low-Tech Jobs (Sam Machkovech)
- How Genius annotations undermined web security (The Verge)
- Major DNS provider NS1 hit by mysterious focused DDoS attack (Sean Gallagher)
- China's Government Fabricates About 488 Million Social Media Posts Every Year (NPR)
- "More than 22 BILLION vehicle photos in UK database" (Daily Mail)
- Re: Video Exposes Officials' Mistakes but Can't Undo Blown Calls. Yet. (Paul van Keep)
- Re: It's Trivially Easy To Identify You Based On Records Of Your Calls and Texts (Chris Drewe)
- Re: Another Risk of Self-Driving Cars; Clogged Highways?!? (Amos Shapir)
- Re: The last non-Internet Generation (Anthony)
- Re: Theoretical Breakthrough Made in Random Number Generation (Mark Thorson)
- Re: In Oracle v. Google, a Nerd Subculture Is on Trial (Amos Shapir)
- Windows into the Soul: new book (Gary T. Marx)
-
Volume 29 Issue 55 (Tuesday 7 June 2016)
-
Volume 29 Issue 56 (Wednesday 15 June 2016)
-
Volume 29 Issue 57 (Saturday 18 June 2016)
-
Volume 29 Issue 58 (Tuesday 21 June 2016)
-
Volume 29 Issue 59 (Tuesday 28 June 2016)
-
Volume 29 Issue 60 (Thursday 14 July 2016)
-
Volume 29 Issue 61 (Friday 15 July 2016)
-
Volume 29 Issue 62 (Tuesday 19 July 2016)
-
Volume 29 Issue 63 (Thursday 21 July 2016)
- More on Web-Impac's voter software (PGN)
- EFF Lawsuit Takes on DMCA Section 1201: Research and Technology Restrictions Violate the First Amendment (EFF)
- Laugh of the Day: Snowden Designs a Device to Warn If Your iPhone's Radios Are Snitching (*WiReD* via NNSquad)
- MIT Says Their Anonymity Network Is More Secure Than Tor (PC-Magazine)
- US government declares ransomware a breach by default (Kevin Fu)
- "Apple patent could prevent 'illegal' iPhone recording" (Zach Whittaker)
- M&S: an unacceptable extremely unfortunate error (Mark Vandevelde)
- "This Android Trojan blocks victims from alerting banks" (Michael Kan)
- "Salesforce1 update will leave many mobile devices out in the cold" (Katherine Noyes)
- Security Researcher Publishes How-To Guide To Crack Android Full Disk Encryption (SlashDot)
- "Here's how secret voice commands in YouTube videos could hijack your smartphone" (Michael Kan)
- Study: 98% of us will sign away our firstborn because we don't read the terms of service (Consumerist via Gabe Goldberg)
- Password Reuse Tool "Shard" Makes It Easy To ID Vulnerable Accounts On Other Sites (Dan Goodin)
- You've been punked: Company boasts of experimenting on us with fake videos (Gabe Goldberg)
- Bloomberg: Do You Own Your Own Fingerprints? (Gabe Goldberg)
- Critical bug threatens to bite mobile phones and networks (Ars)
- Study: 78% of Resold Drives Still Contain Readable Personal or
- Business Data (SlashDot)
- "Oracle issues largest patch bundle ever, fixing 276 security flaws" (Lucian Constantin)
- How Oracle's business as usual is threatening to kill Java (Ars)
- Lenovo Scrambling To Get a Fix For BIOS Vulnerability (Richard Chirgwin)
- A New Corporate AI Can Read Your Emails - and Your Mind (Fortune)
- Steam Warns Users Against Gambling Site After YouTube Stars Discovered As Owners (EuroGamer)
- "Amazon isn't saying if Echo has been wiretapped" (Zach Whittaker)
- Security researcher gets threats over Amazon review (TechCrunch)
- "Hidden 'backdoor' in Dell security software gives hackers full access" (Zack Whittaker)
- Apple Patents Technology To Disable iPhone Cameras At Concerts (Stereogum via Gabe Goldberg)
- Congressman Wants Ransomware Attacks To Trigger Breach Notifications (BeauJD)
- The midnight rollover problem—solved (Paul Robinson)
- Google's My Activity Reveals How Much It Knows About You (SlashDot)
- Europe's 'Net Neutrality' Rules Fail to Ban Throttling (SlashDot)
- "How Ancient Monopolies Keep You from Getting Decent Internet Service" (LW)
- UN Council: Seriously, Nations, Stop Switching Off the Internet! (The Register)
- For Facebook, violating users' privacy is going to backfire someday (Evan Schuman)
- The Man Who Nailed Jello to the Wall (Foreign Policy via Suzanne Johnson)
- How China Took Control of Bitcoin (NYTimes)
- "Even in remotest Africa, Windows 10 nagware ruins your day: Update burns satellite link cash" (Iain Thomson)
- "Win7 and 8.1 patch KB 3173040 throws full-screen Win10 upgrade warning" (InfoWorld)
- "Dell stops selling Android devices, won't deliver patches" (Agam Shah)
- "Why CIOs should care about click fraud" (Paul Rubens)
- Ashley Madison Admits It Lured Customers With 70,000 Fake 'Fembots'
- (Ars Technica)
- Risk of being sent to house address 404 if Page Not Found (Dan Jacobson)
- chmod 0 (Dan Jacobson)
- Re: Stanford Mall robot runs over small child (Ian Macky)
- Re: Self-driving cars, accepting the moral dilemma (David Mitchell)
- Re: UK bill introduces 10 year prison sentence for online pirates (Keith Medcalf)
- Re: Faulty image analysis software may invalidate 40,000 fMRI studies (Amos Shapir)
- Re: Dallas Shooter Killed By Bomb Robot In Policing First (Gary Barnes, Amos Shapir)
-
Volume 29 Issue 64 (Monday 25 July 2016)
-
Volume 29 Issue 65 (Thursday 28 July 2016)
-
Volume 29 Issue 66 (Friday 5 August 2016)
-
Volume 29 Issue 67 (Monday 9 August 2016)
-
Volume 29 Issue 68 (Thursday 11 August 2016)
-
Volume 29 Issue 69 (Tuesday 16 August 2016)
-
Volume 29 Issue 70 (Thursday 18 August 2016)
-
Volume 29 Issue 71 (Monday 22 August 2016)
-
Volume 29 Issue 72 (Wednesday 24 August 2016)
-
Volume 29 Issue 73 (Tuesday 29 August 2016)
- World's biggest aircraft crashes on landing (*The Guardian*)
- Russia's Powerful Weapon to Hurt Rivals: Falsehoods (Neil MacFarquahar)
- Good thing this wasn't one of those nuclear bomb/EMP detectors... (danny burstein)
- "U.S. convicts Russian hacker in credit card theft scheme" (Michael Kan)
- Russian hackers breached a computer used by county elections officials in Arizona, a state official said (WashPost)
- FL state election officials deny problems even as databases are hacked (PGN)
- Fundamental flaw in neuroscience research (Kate Murphy)
- Self-Driving Cars don't care about your moral dilemmas (Herns and Science via WU)
- They really did remove the streets from Google Maps (Dan Jacobson)
- How to shut down a 911 center? Hit the off button (NBC News)
- 4 decades after a computer in the Bay Area connected to one in Boston, the effect of The Internet on our lives is hard to overstate (Jessica Floum)
- "Medical device security disclosure ignites an ethics firestorm" (Michael Kan)
- "New collision attacks against triple-DES, Blowfish break HTTPS sessions" (Fahmida Y. Rashid)
- DC 911 Outage Caused by Contractor Hitting Emergency Shutoff Button (NBC)
- Researchers use Excel to mangle gene names into dates (GenomeBiology via Patrick O'Beirne)
- "Baltimore cops using private company's aerial cameras to conduct secret surveillance" (Computerworld)
- Microsoft's maps lost Melbourne because it used bad Wikipedia data (Gabriel Goldberg)
- "Unauthorized, mislabeled Microsoft support tool leaks; could cause more trouble than it cures" (Ed Bott)
- "Fake resumes, jobs, lead to real guilty plea in H-1B fraud case" (Patrick Thibodeau)
- Apple patents technique for grabbing iPhone thieves' fingerprints and photo (Adrian Kingsley-Hughes)
- "The Dirt" about iOS 9.3.5 (ZDnet)
- GozNym Trojan spreads to attack German banks (Charlie Osborne)
- "Is your Android phone being controlled by a rogue Twitter account? Botnet is first to receive commands via tweets" (ZDnet)
- Inside Facebook's —Totally Insane, Unintentionally Gigantic, Hyperpartisan—Political-Media Machine (NYTimes)
- Parking garage makes it easier for stalkers (Jeremy Epstein)
- Opera resets passwords after sync server hacked (Zack Whittaker)
- More Airline Outages Seen As Carriers Grapple With Aging Technology (Reuters via SlashDot)
- Re: Airlines' reservation systems (John Levine, Jeff S. Jonas)
- Re: Excel garbles microarray experiment data (Joe Loughry)
- Re: "When Hiding Passwords Is Stupid—or Worse!" (Don Norman)
- Re: Why you *still* can't trust password strength meters (Barry Gold)
- Re: Sleep 'resets' brain connections crucial for memory and learning (Jeff S. Jonas)
- Re: "Smart Power Outlets" (Peter Bernard Ladkin, Al Mac)
-
Volume 29 Issue 74 (Friday 2 September 2016)
-
Volume 29 Issue 75 (Tuesday 6 September 2016)
-
Volume 29 Issue 76 (Monday 12 September 2016)
-
Volume 29 Issue 77 (Friday 16 September 2016)
-
Volume 29 Issue 78 (Thursday 22 September 2016)
-
Volume 29 Issue 79 (Saturday 24 September 2016)
-
Volume 29 Issue 80 (Monday 3 October 2016)
-
Volume 29 Issue 81 (Tuesday 4 October 2016)
-
Volume 29 Issue 82 (Saturday 8 October 2016)
-
Volume 29 Issue 83 (Monday 10 October 2016)
-
Volume 29 Issue 84 (Wednesday 12 October 2016)
-
Volume 29 Issue 85 (Saturday 15 October 2016)
-
Volume 29 Issue 86 (Wednesday 19 October 2016)
-
Volume 29 Issue 87 (21 October 2016)
-
Volume 29 Issue 88 (Tuesday 25 October 2016)
- Russian Suspected of Hacking U.S. Tech Companies Is Indicted (The NYTimes)
- Radio interference disables cars and cell phones in Evanston (ARRL via Ed Ravin)
- Report on "Ethics of AI" (John Horgan)
- As Artificial Intelligence Evolves, So Does Its Criminal Potential (The NYTimes)
- Pittsburgh's new artificially intelligent stoplights could mean no more pointless idling (Chris Weller)
- Re: Self-driving cars shouldn't have to choose who to protect in a crash
- (tanner andrews)
- Samsung washing machines in Australasia hot issue since 2013 (Donald Mackie)
- China's Total Information Awareness? (Simon Denyer)
- Every LTE call, text, can be intercepted, blacked out, hacker finds (The Register)
- Unneeded Services Foster Botnets and other security problems (Bob Gezelter)
- Kevin Marks: Internet becoming unreadable, lighter thinner fonts (LW, Al Mac)
- Dyn Statement on the 21 Oct 2016 DDoS Attack (Kyle York PGN-ed)
- Hacked Cameras, DVRs Powered Today's Massive Internet Outage (Brett Glass)
- German voting system, for comparison (Thomas Koenig)
- Re: Undetectable election hacking? (Mark Brader, Paul Edwards, David Brodbeck)
- The Right to be Forgotten for posts sitting in a moderator's queue (Dan Jacobson)
-
Volume 29 Issue 89 (Monday 31 October 2016)
-
Volume 29 Issue 90 (Tuesday 8 November 2016)
-
Volume 29 Issue 91 (Sunday 13 November 2016)
-
Volume 29 Issue 92 (Wednesday 16 November 2016)
-
Volume 29 Issue 93 (Monday 21 November 2016)
-
Volume 29 Issue 94 (Friday 25 November 2016)
-
Volume 29 Issue 95 (Tuesday 29 November 2016)
-
Volume 29 Issue 96 (Saturday 10 December 2016)
Please report problems with the web pages to the maintainer
Top