RISKS-LIST: Risks-Forum Digest Saturday 19 August 2023 Volume 33 : Issue 79

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/33.79>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>

Contents:
Voyager 2: NASA Loses Contact With Probe After Sending Wrong Command
(Business Insider)
American Airlines flight from Logan delayed Monday after close call with
Spirit Airlines (The Boston Globe)
Birds and fish competing with squirrels for power failures (Fox)
Lahaina: single points of failure (Henry Baker)
More than 134,000 Mass. residents part of data security breach
(The Boston Globe)
Windows feature that resets system clocks based on random data is wreaking
havoc (Ars Technica)
For the Good of Society, Hackers Prod AI to Be Bad (NYTimes)
San Francisco robotaxi traffic jam is a warning to the world, says city
official (CBC)
CA DMV orders Cruise to reduce robotaxi fleet in SF by 50% after
collision with fire truck, injuring passenger (TechCrunch)
The rapid expansion of robotaxis in major cities MUST BE STOPPED
(Lauren Weinstein)
Potential NYT lawsuit could force OpenAI to wipe ChatGPT and start
over (Ars Technica)
An Iowa school district is using ChatGPT to decide which books to
ban (The Verge)
Not AI? (Cliff Kilby)
Crypto smart contracts still stupid (Amy Castor)
Attackers find new ways to deliver DDoSes with "alarming" sophistication ()
(Ars Technica)
`Bitcoin Bonnie and Clyde' plead guilty in `spy novel'-like laundering case
(WashPost)
Microsoft pulls article recommending Ottawa Food Bank to tourists (CBC)
Cheese and chips: parmesan producers fight fakes with microtransponders
(The Guardian)
Ukraine busts bot farm spreading Russian infowar propaganda and frauds
(The Register)
Imposter scams are the top U.S. fraud (NPR)
Good reason to keep BMC LAN connections on an isolated LAN
(Ars Technica)
Internet Archive's legal woes mount as record labels sue for $400M
(Ars Technica)
AI chatbot scares Snapchat users by posting mysterious video
(Ars Technica)
Re: Don't use our content to train AI systems (Amos Shapir)
Re: Cellphone Radiation Is Harmful, but Few Want to Believe It (PGN)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Tue, 1 Aug 2023 23:53:27 -0400
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Voyager 2: NASA Loses Contact With Probe After Sending
Wrong Command (Business Insider)

NASA accidentally lost contact with its Voyager 2 probe after sending a
wrong command. It could mean the end of its 46-year-old mission.

[The requirements specifiers, designers, and programmers forgot about
"undo"? or required confirmation of questionable inputs? Foresight,
forsooth farsight, when it is that FAR AWAY? PGN]

https://www.businessinsider.com/nasa-loses-contact-voyager-2-sent-wrong-command-mistake-space-2023-8

------------------------------

Date: Wed, 16 Aug 2023 23:20:24 -0400
From: Monty Solomon <monty@roscom.com>
Subject: American Airlines flight from Logan delayed Monday after close
call with Spirit Airlines (The Boston Globe)

The close call was the fourth time this year aircraft at Logan have
inadvertently flown close to one another, according to FAA records.

https://www.bostonglobe.com/2023/08/16/metro/american-airlines-flight-logan-delayed-monday-after-close-call-with-spirit-airlines/

------------------------------

Date: Wed, 16 Aug 2023 21:32:05 +0000 ()
From: danny burstein <dannyb@panix.com>
Subject: Birds and fish competing with squirrels for power failures (Fox)

https://www.foxnews.com/us/unlikely-animal-falls-from-sky-knocks-power-out-thousands-new-jersey-town

A fish dropped out of the sky by its bird captor caused a power outage for a
section of homes in a New Jersey town, officials say. "There is a large area
of Lower Sayreville without power. [Jersey Central Power & Light] is
reporting a [fish emoji] was found on a transformer.

------------------------------

Date: Thu, 17 Aug 2023 20:03:34 +0000
From: Henry Baker <hbaker1@pipeline.com>
Subject: Lahaina: single points of failure

High winds => downed power lines => sparked fires =>
melted water lines + pumping power loss => no way to fight the fires.

Reminds me of the 'Useless Box' that Turns Itself Off:
https://www.youtube.com/watch?v=3KTilOsXBmU

Lahaina clearly demonstrates the Major Risk of *centralized electrical power
systems*; to gain resilience, we *have* to move to *distributed electrical
power systems*, aka 'microgrids':

https://www.nrel.gov/grid/microgrids.html

"Advanced microgrids enable local power generation assets&mdash;including
traditional generators, renewables, and storage&mdash;to keep the local grid
running even when the larger grid experiences interruptions or, for remote
areas, where there is no connection to the larger grid."

https://www.nytimes.com/2023/08/13/us/lahaina-water-failure.html

As Inferno Grew, Lahain's Water System Collapsed

Firefighters who rushed to contain the Maui wildfire found that hydrants
were running dry, forcing crews to embark instead on a perilous rescue
mission.

West Maui's water system relies on electrical power to pump water through
the network and deliver it to fire hydrants, and officials at Hawaiian
Electric, the state's main electrical utility, have said that the need to
maintain this pumping capability has made it difficult to shut off power
when high winds pose a fire risk.

``Pre-emptive, short-notice power shut-offs have to be coordinated with
first-responders and in Lahaina, electricity powers the pumps that provide
the water needed for firefighting,'' said Jim Kelly, a spokesman for the
utility.

[Re: the sirens, discussed in an earlier RISKS issue, I heard a news
report faulting officials that the sirens were not used. The rebuttal
justification seemed to be that their use was primarily for tsunamis, for
which people are trained to move inland higher altitudes as fast as
possible -- which may not have been relevant here. PGN]

------------------------------

Date: Wed, 16 Aug 2023 22:52:34 -0400
From: Monty Solomon <monty@roscom.com>
Subject: More than 134,000 Mass. residents part of data security breach
(The Boston Globe)

https://www.boston.com/news/crime/2023/08/16/massachusetts-data-security-breach-moveit-umass-chan-medical-school/

------------------------------

Date: Thu, 17 Aug 2023 11:15:37 -0400
From: Monty Solomon <monty@roscom.com>
Subject: Windows feature that resets system clocks based on random data is
wreaking havoc (Ars Technica)

Windows Secure Time Seeding resets clocks months or years off the correct
time.

A few months ago, an engineer in a data center in Norway encountered some
perplexing errors that caused a Windows server to suddenly reset its system
clock to 55 days in the future. The engineer relied on the server to
maintain a routing table that tracked cell phone numbers in real time as
they moved from one carrier to the other. A jump of eight weeks had dire
consequences because it caused numbers that had yet to be transferred to be
listed as having already been moved and numbers that had already been
transferred to be reported as pending. [...]

https://arstechnica.com/security/2023/08/windows-feature-that-resets-system-clocks-based-on-random-data-is-wreaking-havoc

------------------------------

Date: Thu, 17 Aug 2023 12:07:34 PDT
From: Peter Neumann <neumann@csl.sri.com>
Subject: For the Good of Society, Hackers Prod AI to Be Bad
(NYTimes)

Sarah Kessler and Tiffany Hsu, *The New York Times* business front
page, 17 Aug 2023

AI Village was part of a White-House endorsed contest to expose weak
spots before the criminals can. [PGN-ed]

[Instead of Biden' our time and waiting for rampant Zero-day misuses
to emerge, RISKS readers should find pre-zero days (subzero?)
salubrious. Although it clearly took a village, there were no
bounties. However, two of the three top scores of the judges were
attributed to Cody Ho, a Stanford CS student. PGN]

------------------------------

Date: Thu, 17 Aug 2023 06:49:19 -0600
From: Matthew Kruk <mkrukg@gmail.com>
Subject: San Francisco robotaxi traffic jam is a warning to the
world, says city official (CBC)

https://www.cbc.ca/radio/asithappens/san-francisco-robotaxi-traffic-jam-1.6=
938440

The day after California approved an expansion of driverless taxis, 10 of
them came to a grinding halt on a busy San Francisco street, creating a
gridlock that encompassed several blocks.

The culprit? A music festival.

"Cell phones were overwhelmed, and as a result, they were not able to take
control of these cars -- which is a pretty frightening systemic defe= ct,"

Aaron Peskin, president of the San Francisco Board of Supervisors (SFBV),
told As It Happens guest host Paul Hunter.