RISKS Forum mailing list archives
Risks Digest 28.03
From: RISKS List Owner <risko () csl sri com>
Date: Tue, 17 Jun 2014 20:00:21 PDT
RISKS-LIST: Risks-Forum Digest Tuesday 17 June 2014 Volume 28 : Issue 03 ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <http://www.risks.org> as <http://catless.ncl.ac.uk/Risks/28.03.html> The current issue can be found at <http://www.csl.sri.com/users/risko/risks.txt> Contents: Danger: Robots Working (John Markoff and Claire Cain Miller) Yet another EMR debacle (Robert L Wears) AT&T: We need to buy DirecTV because U-verse TV is a failure (Ars Technica) "Woman creates fake Facebook profile, discovers niece wants to kill her" (Review Journal via Gene Wirchenko) "Google Chrome's experiment with killing URLs appears to be on hold" (Ian Paul) Losing the Key (Steven Kurutz via Monty Solomon) P.F. Chang's turns to vintage 1970s tech after credit card breach (Ars via Sean Peisert) "Apple devices held hostage using Find My iPhone" (Loek Essers) "Evernote hit by denial-of-service attack" (Tim Hornyak) "Tech giants finally grow a spine and resist NSA spying" (Bill Snyder) Sign of the Times: The Intimacy of Anonymity (Tim Wum) The Privacy Paradox, a Challenge for Business (Steve Lohr) Web Site with no Password Change Option (Richard Karash) Ars tests Internet surveillance-by spying on an NPR reporter (Sean Gallagher) "Here's One Big Way Your Mobile Phone Could Be Open To Hackers" (Steve Henn) Court Rules Warrantless Cell Tracking Unconstitutional (HuffPost via Dave Farber) Re: You shouldn't use a spreadsheet for important work (Bob Frankston, Walter Bushell) Re: Would a Google car sacrifice you for the sake of the many? (fred) Re: Turning everyone's home router into a WiFi hotspot (Anthonys Lists, Bill Gunshannon, John R. Levine, Bob Frankston, Chris Drewe) Re: Renewable energy and electricity storage (Chris Drewe) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Tue, 17 Jun 2014 From: Peter Neumann Subject: Danger: Robots Working (John Markoff and Claire Cain Miller) John Markoff and Claire Cain Miller, *The New York Times*, 17 Jun 2014 (begins front page of Science Times in the National Edition) Smarter machines will be freer to interact with people, making safety a bigger concern The article lists a bunch of cases of serious industrial accidents involving robots, cited from OSHA data: * Bakery, Aug 2011 * Plastics factory, May 2011 * Metal factory, Jul 2006 * Car factory, Mar 2006 * Car factory, Dec 2001 * Metal factory, Aug 1999 * Meatpacking plant, Jun 1999 * Sporting goods manufacturer, Nov 1996 * Aluminum factory, Feb 1996 The article notes that ``Many were a result of human error; others were caused by robots' unexpected behavior.'' Each case involved a death, except for the sporting goods one. If you seriously believe in the infallibility of smart robots and their ability to prevent accidental misuse, you might want to read this article, and perhaps dig into the OSHA data. Also, when we combine robots with the Internet of Things, we must also address the reality that robots could be hacked remotely by malfeasers. The same considerations should also apply to Automated Highways, and perhaps even Free Flight (the FAA's notion that we can get rid of air-traffic controllers and have all the smarts in the cockpit computers -- which may mercifully have fallen by the wayside), Once again, the lessons from the Risks Forum leap to the forefront. ------------------------------ Date: Fri, 13 Jun 2014 13:22:21 -0400 From: "Robert L Wears, MD, MS, PhD" <wears () ufl edu> Subject: Yet another EMR debacle A province-wide EMR system in Alberta, Canada, collapsed Monday, making it impossible to see test results, medical histories, medications, etc for several hours. The system has a history of previous difficulties (202 clinics lost access for roughly one day a year ago; a major slowdown occurred last week, requiring about 15 minutes for simple tasks such as prescription renewals). The vendor reported the problem was "a technical issue that was difficult to find and address." A single system for an entire province -- what could go wrong? Details at: http://medicinehatnews.com/news/local-news/2014/06/10/system-failure-has-docs-patients-upset/ Robert L Wears, University of Florida, wears () ufl edu 1-904-244-4405 (ass't) Imperial College London r.wears () imperial ac uk +44 (0)791 015 2219 ------------------------------ Date: Thu, 12 Jun 2014 12:03:23 -0700 From: Lauren Weinstein <lauren () vortex com> Subject: AT&T: We need to buy DirecTV because U-verse TV is a failure Ars Technica via NNSquad http://arstechnica.com/business/2014/06/att-we-need-to-buy-directv-because-u-verse-tv-is-a-failure/ "AT&T has world-class wireline and wireless broadband facilities, but its video service, which is available in only a minority of customer locations within AT&T's 22-state incumbent local exchange carrier ('ILEC') region, is uneconomic and not fully competitive with cable providers," the company said. AT&T only provides U-verse video where it has fiber-to-the-node or fiber-to-the-premises, the company said. "As a result of its relatively limited video footprint, AT&T is far smaller than Comcast and Time Warner Cable, its principal competitors," it said. "Lack of scale particularly hinders AT&T with respect to content acquisition, which is by far the largest variable cost of MVPD [multichannel video programming distributor] service. AT&T therefore faces challenges selling competitive broadband/video bundles even inside its U-verse video footprint." Although AT&T lags behind Comcast in Internet and video subscribers, it has double Comcast's overall revenue. AT&T made $128.8 billion in revenue last year compared to Comcast's $64.7 billion. Left unsaid is that AT&T bears responsibility for making U-verse available only in "a minority of customer locations," by choosing to slow down and limit its fiber deployment, until AT&T announced a recent expansion. ------------------------------ Date: Sat, 14 Jun 2014 22:17:55 -0700 From: Gene Wirchenko <genew () telus net> Subject: "Woman creates fake Facebook profile, discovers niece wants to kill her" [We can argue risk for whom if you would like!] *Review Journal*, Jun 12 2014 http://www.reviewjournal.com/trending/woman-creates-fake-facebook-profile-discovers-niece-wants-kill-her ------------------------------ Date: Thu, 12 Jun 2014 12:42:54 -0700 From: Gene Wirchenko <genew () telus net> Subject: "Google Chrome's experiment with killing URLs appears to be on hold" (Ian Paul) Ian Paul | PC World, 11 Jun 2014 For several months, Google toyed with the idea of hiding full Web addresses from users in Chrome http://www.infoworld.com/d/applications/google-chromes-experiment-killing-urls-appears-be-hold-244145 ------------------------------ Date: Thu, 12 Jun 2014 21:35:01 -0400 From: Monty Solomon <monty () roscom com> Subject: Losing the Key (Steven Kurutz) Steven Kurutz, *The New York Times*, 11 Jun 2014 In this age of rapid transformation, the house key has been surprisingly resistant to change. Cars have mostly switched to key fobs. Hotels and office buildings favor the pass card. And yet the little metal keys we carry around -- part security device, part domestic totem -- aren't that different from the ones carried by our parents, their parents or their parents, going back to the Civil War, when Linus Yale Jr. invented the cylinder lock, modifying an ancient Egyptian design. That was before the Internet of Things, an approach to life in which every household fixture, no matter how unsexy or long neglected by designers, can be rewired for digital living. And now, like the thermostat and the slow cooker, the house key and its mate, the front-door lock, are going "smart" too. In the last year or so, several electronic door locks from industry bigwigs like Schlage and Kwikset have hit the market, making it possible to unlock your home using a smartphone, tablet or computer. And two new locks created by tech start-ups, which are forthcoming, promise the hands-free ease of unlocking the door automatically as you approach it. ... http://www.nytimes.com/2014/06/12/garden/losing-the-key.html [I guess that RISKS may soon have to spawn an offspring, called Smart RISKS! (or perhaps RISKS of Trying to Be *Too Smart*!) PGN] ------------------------------ Date: Fri, 13 Jun 2014 11:07:21 -0700 From: Sean Peisert <speisert () ucdavis edu> Subject: P.F. Chang's turns to vintage 1970s tech after credit card breach http://arstechnica.com/security/2014/06/pf-chang-turns-to-vintage-1970s-tech-after-credit-card-breach/ US restaurant chain P.F. Chang's China Bistro plans to temporarily bring back manual credit card imprinting while it investigates a security breach that allowed hackers to steal customer payment card data from multiple stores. The old-school manual system has already been spotted by people affiliated with Sans, a computer security training institute. Readers may remember the system from decades ago, when eight-track tapes and, later, Betamax video, were still the rage. P.F. Chang's servers will be retaining carbon copies of the transactions, according to KrebsOnSecurity reporter Brian Krebs, who first reported the breach three days ago after finding that thousands of newly stolen credit and debit cards for sale in underground forums were all used at the chain. "At P.F. Chang's, the safety and security of our guests' payment information is a top priority," a statement posted on the chain's website stated. "Therefore, we have moved to a manual credit card imprinting system for all P.F. Chang's China Bistro branded restaurants located in the continental United States. This ensures our guests can still use their credit and debit cards safely in our restaurants as our investigation continues." The statement went on to advise customers to monitor their credit card and bank statements and to report any suspicious activity to their card issuers. According to Krebs, P.F. Chang's is also deploying dial-up card readers that will be plugged in to old-fashioned phone lines and used to process the imprint slips. The chain's shift to a manual system is already prompting jokes that rib a security-through-obscurity approach. In fairness, manual imprints are probably more secure. Just as they are harder for merchants to quickly process in large numbers, they probably are similarly harder for digital thieves to siphon up wholesale. P.F. Chang's is the latest nationwide chain to be hit by an embarrassing hack that compromised its customers' sensitive data. In November, retailer Target suffered a breach that compromised credit card and personal data for as many as 110 million customers. Like P.F. Chang's, Target has been working with law enforcement agencies to investigate the hack. Unlike P.F. Chang's, Target has continued to process payment card transactions electronically. ------------------------------ Date: Tue, 27 May 2014 15:01:59 -0700 From: Gene Wirchenko <genew () telus net> Subject: "Apple devices held hostage using Find My iPhone" (Loek Essers) Loek Essers, InfoWorld Home, 27 May 2014 Hackers are demanding ransoms to unlock devices that were locked with the Find My iPhone tool, according to forum posts http://www.infoworld.com/d/mobile-technology/apple-devices-held-hostage-using-find-my-iphone-243133 ------------------------------ Date: Thu, 12 Jun 2014 12:40:19 -0700 From: Gene Wirchenko <genew () telus net> Subject: "Evernote hit by denial-of-service attack" (Tim Hornyak) Tim Hornyak, InfoWorld, 11 Jun 2014 The attack temporarily shut down Evernote, which now has over 100 million users http://www.infoworld.com/d/security/evernote-hit-denial-of-service-attack-244124 ------------------------------ Date: Thu, 12 Jun 2014 12:38:41 -0700 From: Gene Wirchenko <genew () telus net> Subject: "Tech giants finally grow a spine and resist NSA spying" (Bill Snyder) Bill Snyder, InfoWorld, 12 Jun 2014 Microsoft, Google, even Facebook are protecting their bottom lines -- and you -- by fighting outrageous court orders and encrypting user content http://www.infoworld.com/d/the-industry-standard/tech-giants-finally-grow-spine-and-resist-nsa-spying-244174 ------------------------------ Date: Thu, 12 Jun 2014 21:17:52 -0400 From: Monty Solomon <monty () roscom com> Subject: Sign of the Times: The Intimacy of Anonymity (Tim Wum) Tim Wum, *The New York Times*, 3 Jun 2014 Thanks to Facebook and Instagram, oversharing one's personal life feels as authentic as reality TV. Right now anonymous posts hold the key to the truth. In the seminal 1999 cultural manifesto "No Logo," the writer Naomi Klein pronounced that corporations were now in the business of selling brands, rather than products. Whoever "produces the most powerful images, as opposed to products," she wrote, "wins the race." At the time, it was a shocking message; little did she realize that by 2014 it would not just be companies, but also people, who would be caught up in a branding race through social media, and one directed not just at customers, but relatives and friends. The euphemism is "sharing," but Klein would probably just call it selling a personal brand, whether you consider yourself the pretty young thing with literary tastes and a traditional side, the family man who brews his own beer or the tough lawyer with a sense of humor. It can be nice to share, but brand maintenance takes constant work and demands consistency. A serious self-brand should have some presence on Facebook, Twitter, LinkedIn, Instagram, Foursquare, Google+ and Tumblr; keeping it all up can feel like working as an unpaid intern for a Z-list celebrity known as Oneself. In light of this, the recent comeback of online anonymity seems entirely predictable. Two popular smartphone apps, Secret and Whisper, took off this spring, especially in the tech communities, offering users the opportunity to speak to their friends and a broader audience, anonymously, on just about any subject. Reddit, an anonymous discussion and linking site, has recently witnessed a traffic explosion; with more than 110 million unique monthly visitors, it has more traffic than Netflix or any American newspaper. Users of these anonymous outlets make it clear they're looking for a break from Facebook and other social media. One comment: "Maybe the reason Secret is ... interesting ... is because it doesn't have to be happy all the time." ... http://tmagazine.blogs.nytimes.com/2014/06/03/oversharing-facebook-instagram-whisper-secret/ ------------------------------ Date: Thu, 12 Jun 2014 21:47:56 -0400 From: Monty Solomon <monty () roscom com> Subject: The Privacy Paradox, a Challenge for Business (Steve Lohr) Steve Lohr, *The New York Times*, 12 Jun 2014 People around the world are thrilled by the ease and convenience of their smartphones and Internet services, but they aren't willing to trade their privacy to get more of it. That is the top-line finding of a new study of 15,000 consumers in 15 countries. The privacy paradox was surfaced most directly in one question: Would you be willing to trade some privacy for greater convenience and ease? Worldwide, 51 percent replied no, and 27 percent said yes. (The remainder had no opinion or didn't know.) There were country-by-country differences, but there was a consistency to the results, especially in the developed nations. The United States was 56 percent no and 21 percent yes. Britain was almost identical -- 55 percent no, 18 percent yes. Germany was most privacy protective -- 71 percent no, and 12 percent yes. India, by contrast, had the highest yes percentage -- 48 percent, to 40 percent no. ... http://bits.blogs.nytimes.com/2014/06/12/the-privacy-paradox-a-challenge-for-business/ ------------------------------ Date: Fri, 13 Jun 2014 10:36:51 -0400 From: Richard Karash <richard () karash com> Subject: Web Site with no Password Change Option Among the many password traps: You have used the same password at multiple sites and now you want to clean things up. You go to one of these websites and find there is no option to change your password. Worse: The only option available is to request they send you your (precious) password in open e-mail. Hard to believe this could happen in 2014? Here it is: http://checkinsooner.com Implication: more important day by day, do not re-use passwords. Richard Karash, Karash Associates LLC +1 617-308-4750 http://Karash.com ------------------------------ Date: Thu, 12 Jun 2014 21:53:36 -0400 From: Monty Solomon <monty () roscom com> Subject: Ars tests Internet surveillance-by spying on an NPR reporter (Sean Gallagher) Sean Gallagher, Ars Technica, 10 Jun 2014 A week spent playing NSA reveals just how much data we leak online. On a bright April morning in Menlo Park, California, I became an Internet spy. This was easier than it sounds because I had a willing target. I had partnered with National Public Radio (NPR) tech correspondent Steve Henn for an experiment in Internet surveillance. For one week, while Henn researched a story, he allowed himself to be watched-acting as a stand-in, in effect, for everyone who uses Internet-connected devices. How much of our lives do we really reveal simply by going online? Henn let me into his Silicon Valley home and ushered me into his office with a cup of coffee. Waiting for me there was the key tool of my new trade: a metal-and-plastic box that resembled nothing more threatening than an unlabeled Wi-Fi router. This was the PwnPlug R2, a piece of professional penetration testing gear designed by Pwnie Express CTO Dave Porcello and his team and on loan to us for this project. The box would soon sink its teeth into the Internet traffic from Henn's home computer and smartphone, silently gobbling up every morsel of data and spitting it surreptitiously out of Henn's home network for our later analysis. With its help, we would create a pint-sized version of the Internet surveillance infrastructure used by the National Security Agency. Henn would serve as a proxy for Internet users, Porcello would become our one-man equivalent of the NSA's Special Source Operations department, and I would become Henn's personal NSA analyst. ... http://arstechnica.com/security/2014/06/what-the-nsa-or-anyone-can-learn-about-you-from-internet-traffic/ ------------------------------ Date: Fri, 13 Jun 2014 18:14:22 -0700 From: Gene Wirchenko <genew () telus net> Subject: "Here's One Big Way Your Mobile Phone Could Be Open To Hackers" (Steve Henn) Steve Henn, NPR, 13 Jun 2014 http://www.npr.org/blogs/alltechconsidered/2014/06/13/321389989/heres-one-big-way-your-mobile-phone-could-be-open-to-hackers selected text: Earlier this spring, when I conducted an experiment tapping my own Internet traffic, Sean Gallagher, a reporter from the tech news site Ars Technica, came to my house, and we connected a little device called a Pwn Plug -- invented by computer security expert Dave Porcello -- to my network. Seeing just how much data streamed out of my phone the second I connected was a big surprise. My phone pinged Apple, Google and Yahoo. Then apps like Twitter and Facebook connected to the Internet. This all happened in just seconds of it simply sitting on my desk. I hadn't touched the phone. If Porcello had been a hacker, those few seconds could have been a gold mine. ------------------------------ Date: Wed, 11 Jun 2014 21:02:43 -0400 From: "David Farber via ip" <ip () listbox com> Subject: Court Rules Warrantless Cell Tracking Unconstitutional http://www.huffingtonpost.com/2014/06/11/cell-tracking-unconstitutional_n_5486458.html ------------------------------ Date: Sun, 15 Jun 2014 15:19:27 -0400 From: "Bob Frankston" <bob2 () bob ma> Subject: Re: You shouldn't use a spreadsheet for important work (RISKS-28.02) "Simply put, spreadsheets are good for quick and dirty work, but they are not designed for serious and reliable work." Sez who? Let me state authoritatively that statement is simply not true. You'd think after all these years we'd be past "who needs spreadsheets when you have Fortran (or, for Lemire, C)". There is a reason why spreadsheets are valuable tool -- they give you the ability to work with the numbers. It's like complaining about those new-fangled typewriters because writing should be done at a leisurely pace using a ballpoint pen or maybe quill and ink. What we should be concerned with is the interpretation of the data and the tendency to treat number as supporting whatever meaning we project on them . It reminds me of another personal experience when I was at Interactive Data Corporation and we introduced Black-Scholes (option pricing) numbers. Naive people on Wall St used as the foundation for derivatives even though they had little intrinsic meaning. It's easy to see that wealth is increasingly concentrated -- the question is why does it take precise calculations based on guesstimates to "prove" that is happening? One risk is that we'll approach this as a problem of numbers rather than recognizing we have a structural problem. Spreadsheets are useful way to provide insight as long as we don't confuse the numbers with their meaning. We see this again in the spectrum auction which is backed by lots of analyses premised the idea that faux wires is the right way to communicate in the absence of wires thus maximizing the local value to the owners while minimizing the global value to society. ------------------------------ Date: Fri, 13 Jun 2014 21:00:15 -0400 From: Walter Bushell <proto () panix com> Subject: Re: You shouldn't use a spreadsheet for important work (RISKS-28.02) I've been saying this for years. Just to easy to hide mistakes either by accident or on purpose to make a point. Hundred or thousands or more programming statements scattered all over the sheets and linked perhaps to other sheets that the author has not reviewed in detail. ------------------------------ Date: Thu, 12 Jun 2014 14:34:20 -0700 From: <fred () crystallake name> Subject: Re: Would a Google car sacrifice you for the sake of the many? In RISKS there was some interesting commentary on Google's self-driving cars and the possible rules under which the software would decide who gets to live and who gets to die in the presence of a pending `exchange of inertia', one might call it, when vehicles and/or pedestrians collide out in the real world and smart cars have time to crunch software to evaluate least-harm consequences of possible defensive measures the cars may take. What I haven't seen mentioned in either David Weinberger's original article (https://medium.com/@dweinberger/would-a-google-car-sacrifice-you-for-the-sake-of-the-many-e9d6abcf6fed ) or the follow-up commentary to Risks is the most probable over-riding datum which smart cars will retrieve from their on-line databases and evaluate milliseconds before making defensive (or even offensive) actions: Smart cars will determine there is a threat to human life, talk among themselves to retrieve and weigh each threatened occupant's and pedestrian's financial wealth and social standing, and the priority for survival will be meted out to the wealthiest with us 99%ers peasants fully expected to die first. Let's be realistic, okay? Google is evil, ergo its cars will be evil. These corporate Oligarchs don't care about human life unless it's wrapped around a limo wearing a tuxedo on its way to a Wall Street meet-and-greet with lobbyists and politicians, and the software in their cars can be expected to have all the ethics and morals of a Mitt Romney or a Donald Trump. ------------------------------ Date: Fri, 13 Jun 2014 00:35:07 +0100 From: Anthonys Lists <antlists () youngman org uk> Subject: Re: Turning everyone's home router into a WiFi hotspot This sounds exactly like the BT Home Hub, which has been pretty much standard fare for British Telecom customers for many years. As I remember it, in order to sign up for roaming wi-fi, I had to enable my router as a hot-spot, but it was opt-in. So now, if I'm away from home and there is a BT customer nearby I will see a "BT wifi" router which I can sign in on using my home credentials. Hopefully that is configured to just provide a bridge directly to the BT master router in the exchange. I agree that if the router can be compromised, there is a risk that the user's home network will be hijacked but I suspect routers are vulnerable enough that the added attack surface isn't that important. ------------------------------ Date: Fri, 13 Jun 2014 08:35:03 -0400 From: "Bill Gunshannon" <bill () cs uofs edu> Subject: Re: Turning your home router into a public WiFi hotspot (RISKS-28.02)
I especially liked the part about "people using the Internet via the hotspot won't slow down Internet access on the home network.
Let me see if I understand this. The four guys sitting at my neighbor's pool all streaming a playoff game of their favorite team to their iPads are not going to use up any of the RF bandwidth of my local Access Point? Anyone care to explain that one to me? Bill Gunshannon, University of Scranton, Scranton, Pennsylvania ------------------------------ Date: 14 Jun 2014 15:47:08 -0400 From: "John R. Levine" <johnl () iecc com> Subject: Re: Turning everyone's home router into a WiFi hotspot
Thanks for sharing that. So long a the router doesn't have any flaws, and no one uses the guest access for nefarious purposes, what could go wrong?
Plenty, but no more than what's already wrong with any other public hotspots.
I don't recall any disaster stories, although I haven't particularly been looking for them. http://www.btwifi.com/find/uk/
John Levine, johnl () iecc com, Primary Perpetrator of "The Internet for Dummies", ------------------------------ Date: Sun, 15 Jun 2014 15:37:56 -0400 From: "Bob Frankston" <bob2 () bob ma> Subject: Re: Turning everyone's home router into a WiFi hotspot (RISKS-28.02) How do we get past the fear of contribute to the public good? What happens if someone uses your sidewalk or your porch light to conduct criminal activity? The Internet is about a big idea -- exchanging raw (best efforts) packets apart from their meaning. Making people liable is the idea that we must prevent all bits from flowing lest just in case someone may not understand the concept of a bit is akin to requiring someone walk in front of a car lest it go too fast and scare the horses. The risk of doing harm is not just a risk but a reality. By making everyone along the path a gatekeeper who must prevent all bits from passing we prevent even the simplest applications such as connected healthcare from happening and people die. I explain more in http://rmf.vc/BitsVsMessages and in my next IEEE column. We must educate lawyers and organizations like the ACLU about the importance of understanding the concept of packets apart from their meaning and the harm that comes from crippling our ability to communicate. As an added benefit we would get "network neutrality" as byproduct of removing gatekeepers from the role of second-guessing the meaning of bits. As to the Xfinity problem -- I presume that using a different IP address is a simple enough that we should instead concentrate on the value of increased connectivity. There's a separate risk of compromised routers that totally apart from the Xfinity effort. ------------------------------ Date: Sat, 14 Jun 2014 21:30:48 +0100 From: Chris Drewe <e767pmk () yahoo co uk> Subject: Re: Using people's home broadband routers into WiFi hotspots (RISKS 28.02) It's happening in the UK too -- this was included in a newspaper's computing section, text saved *WITHOUT* permission (BT is my ISP but I don't know it this applies to me, I don't use WiFi at all). On the face of it a good idea, as it allows ISPs to enhance their WiFi coverage with no extra hardware; presumably legal liability should be shown in the ISP T&Cs, but is it..?
Technology Advice <http://www.telegraph.co.uk/technology/advice/> Are curb crawlers piggybacking on my BT WiFi? Your Wi-Fi router is moonlighting as a part time public wireless hotspot, says Rick Maybury By Rick Maybury <http://www.telegraph.co.uk/journalists/rick-maybury/> <http://www.telegraph.co.uk/technology/advice/10805144/Are-curb-crawlers-piggybacking-on-my-BT-WiFi.html>
------------------------------ Date: Sat, 14 Jun 2014 21:30:48 +0100 From: "Chris D." <e767pmk () yahoo co uk> Subject: Re: Renewable energy and electricity storage (RISKS 28.02) Yes, I know about the Dinorwic pumped storage set-up in Wales, *however* this is just used to give a little extra capacity to cover short-term peaks. According to Wikipedia, the water can last for up to 6 hours, and the installed generating capacity is 1.65GW. Also according to Wikipedia, the UK's electricity demand is 35.8GW on average and 57.5GW peak. Therefore, 22 Dinorwics would be needed to meet the UK's average load, or 35 for peak load, and that's just for a few hours. Wikipedia gives the efficiency as 75% so getting 100% of power out means putting 133% in. The problem with renewable electricity sources (at least for wind, solar, and tidal) is that they only supply power in short bursts while it's needed 24/7, so if a country wanted to get all of its electricity from these sources, it would have to have enough storage capacity to meet the country's entire demand for quite long periods of time, and the renewable sources would have to have enough capacity to replenish the storage facilities (allowing for their inefficiencies) during the times when they do produce power. Other RISKS readers will probably have better information. The other problems are (a) if electricity supplies become unreliable then people may well use their own generators in preference to public supplies, which defeats the object of 'green' energy sources, and (b) building all those pumped storage projects and the transmission lines to them takes a lot of steel, concrete, truck journeys, freight activity, etc. which has a big environmental impact. ------------------------------ Date: Sun, 7 Oct 2012 20:20:16 -0900 From: RISKS-request () csl sri com Subject: Abridged info on RISKS (comp.risks) The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is comp.risks, the feed for which is donated by panix.com as of June 2011. => SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) if possible and convenient for you. The mailman Web interface can be used directly to subscribe and unsubscribe: http://lists.csl.sri.com/mailman/listinfo/risks Alternatively, to subscribe or unsubscribe via e-mail to mailman your FROM: address, send a message to risks-request () csl sri com containing only the one-word text subscribe or unsubscribe. You may also specify a different receiving address: subscribe address= ... . You may short-circuit that process by sending directly to either risks-subscribe () csl sri com or risks-unsubscribe () csl sri com depending on which action is to be taken. Subscription and unsubscription requests require that you reply to a confirmation message sent to the subscribing mail address. Instructions are included in the confirmation message. Each issue of RISKS that you receive contains information on how to post, unsubscribe, etc. => The complete INFO file (submissions, default disclaimers, archive sites, copyright policy, etc.) is online. <http://www.CSL.sri.com/risksinfo.html> *** Contributors are assumed to have read the full info file for guidelines. => .UK users may contact <Lindsay.Marshall () newcastle ac uk>. => SPAM challenge-responses will not be honored. Instead, use an alternative address from which you NEVER send mail! => SUBMISSIONS: to risks () CSL sri com with meaningful SUBJECT: line. *** NOTE: Including the string `notsp' at the beginning or end of the subject *** line will be very helpful in separating real contributions from spam. *** This attention-string may change, so watch this space now and then. => ARCHIVES: ftp://ftp.sri.com/risks for current volume or ftp://ftp.sri.com/VL/risks for previous VoLume http://www.risks.org takes you to Lindsay Marshall's searchable archive at newcastle: http://catless.ncl.ac.uk/Risks/VL.IS.html gets you VoLume, ISsue. Lindsay has also added to the Newcastle catless site a palmtop version of the most recent RISKS issue and a WAP version that works for many but not all telephones: http://catless.ncl.ac.uk/w/r <http://the.wiretapped.net/security/info/textfiles/risks-digest/> . ==> PGN's comprehensive historical Illustrative Risks summary of one liners: <http://www.csl.sri.com/illustrative.html> for browsing, <http://www.csl.sri.com/illustrative.pdf> or .ps for printing is no longer maintained up-to-date except for recent election problems. *** NOTE: If a cited URL fails, we do not try to update them. Try browsing on the keywords in the subject line or cited article leads. ==> Special Offer to Join ACM for readers of the ACM RISKS Forum: <http://www.acm.org/joinacm1> ------------------------------ End of RISKS-FORUM Digest 28.03 ************************
Current thread:
- Risks Digest 28.03 RISKS List Owner (Jun 17)