Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit precedence: bulk Subject: Risks Digest 32.10 RISKS-LIST: Risks-Forum Digest Tuesday 14 July 2020 Volume 32 : Issue 10 ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, founder and still moderator ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at as The current issue can also be found at Contents: Judge denies Harris County TX request to allow email voting for those infected with COVID-19 (Zach Despart, Houston Chronicle) Why Some Birds Are Likely To Hit Buildings (Scientific American) Microsoft Warns of a 17-Year-Old 'Wormable' Bug (WiReD) Risk Management (Rob Slade) Re: How Universities Can Keep Foreign Governments from Stealing Intellectual Capital (Amos Shapir) Re: Can an Algorithm Predict the Pandemic's Next Moves? (Jim Geissman) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Tue, 14 Jul 2020 15:56:07 -0400 From: Rebecca Mercuri Subject: Judge denies Harris County TX request to allow email voting for those infected with COVID-19 (Zach Despart, Houston Chronicle) It seems as if the only recourse is to have all of the people infected with COVID-19 get paper ballots on the basis of disability, make sure to sneeze and cough thoroughly all over the the ballots and the envelopes (which they should lick with their infected tongues), and then have their nurses mail them in. Those who can't get paper ballots should demand to be wheeled into the polling stations on their sickbeds (with ventilators in tow) where they can sneeze and cough all over everyone there. Then, after tens of thousands of people get sick and thousands of people die, they or their estates can sue the State for damages. Why aren't there any cartoonists depicting this nonsense? Have even the cartoonists given up? [Dan Wallach, Rebecca Mercuri, and I testified before the Houston City Council on 9-10 July 2001, where we maintained that the intended voting machines Harris County was about to acquire were nowhere near secure enough. Not much has changed technologically since then, other than the names of the purveyors. Overall, the voting machines are just rebranded snake oil, and the non-technological problems (biased redistricting, massive disenfranchisement, creative disinformation, etc.) are apparently endless. PGN] ------------------------------ Date: Tue, 14 Jul 2020 10:12:41 +0800 From: Richard Stein Subject: Why Some Birds Are Likely To Hit Buildings (Scientific American) https://www.scientificamerican.com/podcast/episode/why-some-birds-are-likely-to-hit-buildings/ "By understanding which birds are more likely to collide with buildings, researchers can perhaps determine the best way to modify buildings, or their lighting, to help prevent such accidents. And by knowing risks along with migration timing and behavior, building managers can better anticipate when birds are at their greatest danger—and modify lighting strategies accordingly." Birds unfortunately strike moving targets. "The number of wildlife strikes reported per year to the FAA increased steadily from about 1,800 in 1990 to 16,000 in 2018." https://wildlife.faa.gov/home operates database to report wildlife strikes against air vehicles. Do aircraft need a BCAS -- Bird Collision Avoidance System to supplement the avionics suite? https://www.faa.gov/air_traffic/by_the_numbers/ states ~44,000 daily tracked flights (pre-pandemic): 44,000 flights/day * 365 days/year ~= 16.1M annual flights/year. 16,000 strikes/year / 16,100,000 flights/year = .000996 * 100% ~= 0.1% (1 per 1000) strike probability per flight. Several comp.risks contributions cite bird strikes, e.g.: https://catless.ncl.ac.uk/Risks/12/2#subj9.1 https://catless.ncl.ac.uk/Risks/25/88#subj1.1 https://catless.ncl.ac.uk/Risks/29/19#subj6.1 https://catless.ncl.ac.uk/Risks/30/30#subj2.1 ------------------------------ Date: Tue, 14 Jul 2020 19:05:39 -0400 From: Monty Solomon Subject: Microsoft Warns of a 17-Year-Old 'Wormable' Bug (WiReD) The SigRed vulnerability exists in Windows DNS, used by practically every small and medium-sized organization in the world. https://www.wired.com/story/sigred-windows-dns-flas-wormable/ ------------------------------ Date: Tue, 14 Jul 2020 16:06:21 -0700 From: Rob Slade Subject: Risk management So, people have lost jobs, friends, family members, life as they know it, and lives. And the authorities are telling people, *begging* people, to stay apart, and stay inside, and stay away from crowds. So, what does Krispy Kreme (in New South Wales, Australia) do to aid things in this situation? They have a free donut giveaway, to celebrate their 83rd birthday. https://www.abc.net.au/news/2020-07-14/coronavirus-fears-over-krispy-kreme- doughnut-promotion/12454862 And people came out and crowded the stores. For a dozen free donuts. The promotion was a success. If you think drawing big crowds, in this environment, is a success ... ------------------------------ Date: Tue, 14 Jul 2020 13:44:04 +0300 From: Amos Shapir Subject: Re: How Universities Can Keep Foreign Governments from Stealing Intellectual Capital (RISKS-32.09) Is there a lawyer in the audience? The presented text snippet out of an EULA begs the questions, isn't causing damages by negligence a criminal offense? And, can a contract contain a clause which exempts one side from responsibility for criminal offenses it may commit? ------------------------------ Date: Mon, 13 Jul 2020 19:12:46 -0700 From: "Jim" Subject: Re: Can an Algorithm Predict the Pandemic's Next Moves? (RISKS-32.09) I was reminded of Gravity's Rainbow by Thomas Pynchon, 1973. https://en.wikipedia.org/wiki/Gravity's_Rainbow [This is a highly praised novel of potential interest to RISKS readers. PGN] ------------------------------ Date: Mon, 1 Jun 2020 11:11:11 -0800 From: RISKS-request@csl.sri.com Subject: Abridged info on RISKS (comp.risks) The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is comp.risks, the feed for which is donated by panix.com as of June 2011. => SUBSCRIPTIONS: The mailman Web interface can be used directly to subscribe and unsubscribe: http://mls.csl.sri.com/mailman/listinfo/risks => SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that includes the string `notsp'. Otherwise your message may not be read. *** This attention-string has never changed, but might if spammers use it. => SPAM challenge-responses will not be honored. Instead, use an alternative address from which you never send mail where the address becomes public! => The complete INFO file (submissions, default disclaimers, archive sites, copyright policy, etc.) is online. *** Contributors are assumed to have read the full info file for guidelines! => OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's searchable html archive at newcastle: http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue. Also, ftp://ftp.sri.com/risks for the current volume or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume If none of those work for you, the most recent issue is always at http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-32.00 ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001) *** NOTE: If a cited URL fails, we do not try to update them. Try browsing on the keywords in the subject line or cited article leads. Apologies for what Office365 and SafeLinks may have done to URLs. ==> Special Offer to Join ACM for readers of the ACM RISKS Forum: ------------------------------ End of RISKS-FORUM Digest 32.10 ************************