[continued from previous message]
Subject: National Guard hacked by Chinese 'Salt Typhoon' campaign for nearly
a year, DHS memo says (NBC New)s
An elite Chinese cyberspy group hacked at least one state’s National Guard network for nearly a year, the Department of Defense has found.
The hackers, already responsible for one of the most expansive
cyberespionage campaigns against the U.S. to date, are alleged to have
burrowed even further than previously known, and may have obtained sensitive military or law enforcement information. Authorities are still working to discover the extent of the data accessed.
A Department of Homeland Security memo from June, describing the Pentagon’s findings, said that the group, publicly known by the nickname Salt Typhoon, “extensively compromised a U.S. state’s Army National Guard network” from March 2024 through December 2024. The memo did not specify which state was affected. [...]
https://www.nbcnews.com/tech/security/national-guard-was-hacked-chinas-salt-typhoon-group-dhs-says-rcna218648
------------------------------
Date: Wed, 16 Jul 2025 15:39:57 -0400
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Microsoft Digital Escorts Could Expose Defense Dept Data to Chinese
Hackers (ProPublica)
Chinese Tech Support: Microsoft is using engineers in China to help maintain the Defense Department’s computer systems — with minimal supervision by U.S. personnel.
Skills Gap: Digital escorts often lack the technical expertise to police foreign engineers with far more advanced skills, leaving highly sensitive
data vulnerable to hacking.
Ignored Warnings: Various people involved in the work told ProPublica that
they warned Microsoft that the arrangement is inherently risky, but the
company launched and expanded it anyway.
https://www.propublica.org/article/microsoft-digital-escorts-pentagon-defense-department-china-hackers
------------------------------
Date: Wed, 16 Jul 2025 17:38:06 -0400
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: ICEBlock isn't completely anonymous, but no app is (The Verge)
The developer of ICEBlock, an iOS app for anonymously reporting sightings of
US Immigration and Customs Enforcement (ICE) officials, promises that it “ensures user privacy by storing no personal data.” But that claim has come under scrutiny. ICEBlock creator Joshua Aaron has been accused of making
false promises regarding user anonymity and privacy, being “misguided” about
the privacy offered by iOS, and of being an Apple fanboy. The issue isn’t what ICEBlock stores. It’s about what it could accidentally reveal through its tight integration with iOS.
https://www.theverge.com/cyber-security/707116/iceblock-data-privacy-security-android-version
Paywalled, and mostly speculative about iOS risks.
------------------------------
Date: Thu, 17 Jul 2025 14:38:21 -0700
From: Lauren Weinstein <
lauren@vortex.com>
Subject: Not just no. HELL NO! ChatGPT Agent Wants You to Hand Over Full
Control of Your Computer (Gizmodo)
https://gizmodo.com/chatgpt-agent-wants-you-to-hand-over-full-control-of-your-computer-2000630925
------------------------------
Date: Thu, 17 Jul 2025 07:59:22 -0700
From: Lauren Weinstein <
lauren@vortex.com>
Subject: UK lowering voting age to 16 ...
Apparently UK legislators never saw "Wild in the Streets" (1968).
https://www.youtube.com/watch?v=gbwkZnNWUPo
------------------------------
Date: Sat, 12 Jul 2025 13:30:44 +0100
From: Martin Ward <
martin@gkc.org.uk>
Subject: Re: Interesting Quirky Japanese research result (RISKS-34.71)
This [clip] is a resrospective study of a single cancer centre, which raises the question as to why this particular centre was selected for study? There
are 397 hospitals in Japan which are designated as cancer care hospitals, so
a "statistically significant" correlation between survival rates of some
form of cancer at one of these centres is highly probable, just by the
theory of probability.
cf.
https://xkcd.com/882/
The p values (level of significance in the results) are not mentioned in the abstract or conclusion, which is odd, given the above.
Looking at Table 1m there are 186 pre-COVID patients (2018-2021), which is
46.5 per year. Obviously, none of these were vaccinated. There are 86 post-COVID patients (2022-2023), which is 43 per year. Does this mean that
the incidence of PC (pancreatic cancer) is generally busier, so can only
take on the more serious patients? Vaccination status is unknown for 31 of
the 86 post-COVID patients. Only 4 post-COVID patients have fewer than 3 vaccinations, which is clearly not statistically significant, so the correlation between vaccination and survival is identical to a correlation between admission year and survival.
27.4% of the pre-COVID patients had surgery, while only 11.6% of post-COVID patients had surgery: this is highly significant. The introduction states
that "adjuvant therapy in combination with surgery have also improved prognoses": why are fewer patients getting surgery at this centre if surgery improves prognosis? Are their fewer surgeons available now, or are they
busier with other operations so can handle fewer PC cases? Could this be the reason for the observed correlation?
Finally, PC survival rates have reduced during the COVID-19 pandemic,
according to this study:
https://pmc.ncbi.nlm.nih.gov/articles/PMC9105306/
The study concludes that "the causes were multifactorial, including
increased likelihood of emergency presentation, reduced use of surgical resection, changes in treatment regimes, and other possible factors"
Note that the study includes reduced use of surgery as a possible cause
for the reduced survival rate.
Another study shows that "Infection with COVID-19 promotes
the progression of pancreatic cancer":
https://pmc.ncbi.nlm.nih.gov/articles/PMC10709274/
So, not getting vaccinated could reduce the chance of surviving PC if the patient ends up getting COVID at the same time.
[Many thanks for your statistical wisdom. PGN]
------------------------------
Date: Sat, 28 Oct 2023 11:11:11 -0800
From:
RISKS-request@csl.sri.com
Subject: Abridged info on RISKS (comp.risks)
The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
comp.risks, the feed for which is donated by panix.com as of June 2011.
SUBSCRIPTIONS: The mailman Web interface can be used directly to
subscribe and unsubscribe:
http://mls.csl.sri.com/mailman/listinfo/risks
SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that
includes the string `notsp'. Otherwise your message may not be read.
*** This attention-string has never changed, but might if spammers use it.
SPAM challenge-responses will not be honored. Instead, use an alternative
address from which you never send mail where the address becomes public!
The complete INFO file (submissions, default disclaimers, archive sites,
copyright policy, etc.) has moved to the ftp.sri.com site:
<risksinfo.html>.
*** Contributors are assumed to have read the full info file for guidelines!
OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
delightfully searchable html archive at newcastle:
http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
Also,
ftp://ftp.sri.com/risks for the current volume/previous directories
or
ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
If none of those work for you, the most recent issue is always at
http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-34.00
ALTERNATIVE ARCHIVES:
http://seclists.org/risks/ (only since mid-2001)
*** NOTE: If a cited URL fails, we do not try to update them. Try
browsing on the keywords in the subject line or cited article leads.
Apologies for what Office365 and SafeLinks may have done to URLs.
Special Offer to Join ACM for readers of the ACM RISKS Forum:
<
http://www.acm.org/joinacm1>
------------------------------
End of RISKS-FORUM Digest 34.72
************************
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)