Risks Digest 34.52

RISKS-LIST: Risks-Forum Digest Saturday 11 January 2025 Volume 34 : Issue 52

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/34.52>
The current issue can also be found at
<http://www.csl.sri.com/users/risko/risks.txt>

Contents:
10 killed and dozens injured in pickup-truck attack on New Orleans crowd
(Lauren Weinstein)
'Fundamentally wrong': Self-driving Tesla steers Calif. tech
founder onto train tracks (SFGate)
Driver accidentally disconnects autopilot, crashes car
(Lars-Henrik Eriksson)
Driver in Las Vegas Cybertruck explosion used ChatGPT to plan
blast, authorities say (NBC News)
It's not just Tesla. Vehicles amass huge troves of possibly
sensitive data. (WashPost)
Tech allows Big Auto to evolve into Big Brother
(LA Times via Jim Geissman)
Wrong turn from GPS leaves car abandoned on Colorado ski run (9news.com)
A Waymo robotaxi and a Serve delivery robot collided in run Los Angeles
(TechCrunch)
Waymo robotaxis can make walking across the street a game of chicken
(The Washington Post)
Trifecta of articles in *LA Times* about cars (Ssteve Bacher)
LA Sheriff outage (LA Times)
Eutelsat resolves OneWeb leap year software glitch
after two-day outage (SpaceNews)
Traffic lights will have a fourth color in 2025
(ecoticias via Steve Bacher)
FAA chief: Boeing must shift focus to safety over profit
(LA Times)
ARRL hit with ransomware (ARRL)
Taiwan Suspects China of Latest Undersea Cable Attack"
(Tom Nicholson)
The Memecoin Shenanigans Are Just Getting Started (WiReD)
Apple to pay $95M to settle lawsuit accusing Siri of
eavesdropping (CBC)
Meta Getting Rid of Fact Checkers (Clare Duff)
Huge problems with axing fact-checkers, Meta oversight
board says (BBC)
Meta hosts AI chatbots of 'Hitler,' 'Jesus Christ,' Taylor Swift
(NBC News)
God can take Sunday off
(NYTimes via Tom Van Vleck)
Several items Google and Meta (Lauren Weinstein_
AI means the end of Internet search as we've known it (Technology Review))
Is it still 'social media' if it's overrun by AI? (CBC)
AI Incident Database (Steve Bacher)
Apple's AI News Summaries and Inventions (BBC)
What real people think about Google Search today (Lauren Weinstein)
WARNING: Google Voice is flagging LEGITIMATE robocalls from
insurance companies to their customers in the fires as spam
(Lauren Weinstein)
A non-tech analogy for Google Search AI Overviews (Lauren Weinstein)
Happy new year, compute carefully (Tom Van Vleck)
How to understand Generative AI (Lauren Weinstein)
Google censoring my AI criticism? (Lauren Weinstein)
U.S. newspapers are deleting old crime stories offering
subjects a clean slate (The Guardian)
EU Commission Fined for Transferring User Data
to Meta in Violation of Privacy Laws (THN)
The Ghosts in the Spotify Machine (Liz Pelly:)
Spotify (Rob Slade)
Abridged info on RISKS (comp.risks)

----------------------------------------------------------------------

Date: Wed, 1 Jan 2025 09:09:56 -0800
From: Lauren Weinstein <lauren@vortex.com>
Subject: 10 killed and dozens injured in pickup-truck attack on New Orleans
crowd

Driver was killed by police. It is reported that he shot at them and
also had explosive devices. Pickup is reportedly registered to a 42
year old man from Texas. -L

------------------------------

Date: Sat, 4 Jan 2025 09:45:55 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: 'Fundamentally wrong': Self-driving Tesla steers Calif. tech
founder onto train tracks (SFGate)

Jesse Lyu trusts his Tesla’s “self-driving” technology; he’s taken it to
work, and he’s gone on 45-minute drives without ever needing to intervene. He’s a “happy customer,” he told SFGATE. But on Thursday, his Tesla scared
him, badly.

Lyu, the founder and CEO of artificial intelligence gadget startup Rabbit,
was on the 15-minute drive from his apartment to his office in downtown
Santa Monica. He’d turned on his car’s self-driving features, called “Autopilot” and “Full Self-Driving (Supervised),” after pulling out of his
parking garage. The pay-to-add features are meant to drive the Tesla with “minimal driver intervention,” steering, stopping and accelerating on highways and even in city traffic, according to Tesla's website. Lyu was cruising along, resting his arms on the steering wheel but letting the car direct itself, he said in a video interview Friday.

Then, Lyu’s day took a turn for the worse. At a stoplight, his Tesla turned left onto Colorado Avenue, but it missed the lane for cars. Instead, it
plunged onto a street-grade light rail track between the road’s vehicle traffic lanes, paved but meant solely for trains on LA’s Metro E Line. He couldn’t just move over — a low concrete barrier separates the lanes, and a fence stands on the other side.

“It’s just f–king crazy,” he said, narrating a video he posted to X of the
incident. “I’ve got nowhere to go. And, you can tell from behind -- the train’s right here.” (He pointed to the oncoming train, stopped about a block behind his car.) [...] https://www.sfgate.com/tech/article/tesla-fsd-jesse-lyu-train-20014242.php

------------------------------

Date: Sat, 4 Jan 2025 10:25:39 +0100
From: Lars-Henrik Eriksson <lhe@it.uu.se>
Subject: Driver accidentally disconnects autopilot, crashes car

A Swedish driver was convicted for reckless driving and insurance fraud
after crashing his Tesla.

To show off, he engaged the autopilot at a speed of 70-80 km/h and then
moved over into the passenger seat. After a short while the car
crashed. Fortunately no one was seriously hurt. It was initially seen as a normal car accident and his insurance compensated him for the car which was
a total loss, but his (now ex) wife had recorded everything from the back
seat and later turned the video over to the police.

The police asked him if he was aware that the autopilot would disengage if
the driver seat belt was released and he replied that he wasn't.

The risk here is not primarily one of idiot drivers but of the increasing complexity of modern cars where the drivers don't fully understand how they behave and there is no real pressure to motivate them. In traffic, you can
see that drivers frequently mishandle such a relatively simple thing as automatic front and rear lights.

In aviation, pilots of larger aircraft have to take formal training to completely understand the aircraft systems. Even with smaller aircraft --
which may have less complex systems than modern cars -- pilots are expected
to read up on how the aircraft systems operate.

(https://www.unt.se/nyheter/tarnsjo/artikel/filmbeviset-trodde-bilen-var-sjalvkorande-kraschade/j8ex8emj, in Swedish and behind a paywall.)

------------------------------

Date: Wed, 8 Jan 2025 06:40:48 -0800
From: Steve Bacher <sebmb1@verizon.net>
Subject: Driver in Las Vegas Cybertruck explosion used ChatGPT to plan
blast, authorities say (NBC News)

NBC News (01/07/25) Tom Winter and Andrew Blankstein ; Antonio Planas

The soldier who authorities believe blew up a Cybertruck on New Year's Day
in front of the entrance of the Trump International Hotel in Las Vegas used artificial intelligence to guide him about how to set off the explosion, officials said Tuesday.

Matthew Alan Livelsberger, 37, queried ChatGPT for information about how he could put together an explosive, how fast a round would need to be fired for the explosives found in the truck to go off —- not just catch fire -— and what laws he would need to get around to get the materials, law enforcement officials said.

An OpenAI spokesperson said, "ChatGPT responded with information already publicly available on the Internet and provided warnings against harmful or illegal activities."

https://www.nbcnews.com/news/us-news/driver-las-vegas-cybertruck-explosion-used-chatgpt-plan-blast-authorit-rcna186704

------------------------------

Date: Sat, 4 Jan 2025 08:46:42 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: It's not just Tesla. Vehicles amass huge troves of possibly
sensitive data. (WashPost)

Video footage and other data collected by Tesla helped law enforcement
quickly piece together how a Cybertruck came to explode outside the Trump International Hotel in Las Vegas on New Year's Day.

The trove of digital evidence also served as a high-profile demonstration of how much data modern cars collect about their drivers and those around them.

Data privacy experts say the investigation -- which has determined t= hat
the driver, active-duty U.S. Army soldier Matthew Livelsberger, died by
suicide before the blast -- highlights how car companies vacuum up reams of data that can clear up mysteries but also be stolen or given to third
parties without drivers' knowledge. There are few regulations controlling
how and when law enforcement authorities can access data in cars, and
drivers are often unaware of the vast digital trail they leave behind.
``These are panopticons on wheels,'' said Albert Fox Cahn, who founded the Surveillance Technology Oversight Project, an advocacy group that argues the volume and precision of data collected can pose civil liberties concerns for people in sensitive situations, like attending protests or going to abortion clinics.

Federal and state officials have begun to scrutinize companies' use of car
data as evidence has emerged of its misuse. There have been reports that abusive spouses tracked partners' locations, and that insurers raised rates based on driving behavior data shared by car companies. There have also been cases in which local police departments sought video from Tesla cars that
may have recorded a crime, or obtained warrants to tow vehicles to secure
such footage. [...]

https://www.msn.com/en-us/news/technology/it-s-not-just-tesla-vehicles-amass-huge-troves-of-possibly-sensitive-data/ar-AA1wX8Lo

------------------------------

Date: Mon, 6 Jan 2025 07:33:49 -0800
From: "Jim" <jgeissman@socal.rr.com>
Subject: Tech allows Big Auto to evolve into Big Brother

[Another on this topic]

Your car is spying on you.

That is one takeaway from the fast, detailed data that Tesla collected on
the driver of one of its Cybertrucks that exploded in Las Vegas last week.

Privacy data experts say the deep dive by Elon Musk's company was impressive but also shines a spotlight on a difficult question as vehicles become more like computers on wheels.

Is your car company violating your privacy rights?

"You might want law enforcement to have the data to crack down on criminals, but can anyone have access to it?" said Jodi Daniels, chief executive of the privacy consulting firm Red Clover Advisors. "Where is the line?"

Many of the latest cars not only know where you've been and where you are going, but also often have access to your contacts, your call logs, your
texts and other sensitive information, thanks to cellphone syncing.

The data collected by Musk's electric car company after the Cybertruck
packed with fireworks burst into flames in front of the Trump International Hotel proved valuable to police in helping track the driver's movements.

http://enewspaper.latimes.com/infinity/article_share.aspx?guid=432286e7-91d3 -4e45-9e57-aa95a830767e

------------------------------

Date: Tue, 7 Jan 2025 03:03:33 -0700
From: Jim Reisert AD1C <jjreisert@alum.mit.edu>
Subject: Wrong turn from GPS leaves car abandoned on Colorado ski
run (9news.com)

Melissa Reeves, 9NEWS, Updated: 10:19 PM MST January 6, 2025

The Summit County Sheriff's Office (SCSO) posted pictures on social
media of an abandoned car at Keystone Resort that was left behind on a
ski run overnight.

The sheriff's office said the driver left the car after it got stuck
in the snow, but they left a note on the car's windshield for the
resort and police that made it easy to find them.

The note explained that the driver was following directions from a GPS
as they were on their way to visit a friend who lives in nearby
employee housing.

https://www.9news.com/article/news/local/colorado-news/driver-makes-wrong-turn-keystone-ski-run/73-b54a9f76-451e-44b9-b5e8-014d28963a6d

------------------------------

Date: Fri, 3 Jan 2025 18:45:51 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: A Waymo robotaxi and a Serve delivery robot collided in
Los Angeles (TechCrunch)

On 27 Dec 2024, a Waymo robotaxi and a Serve Robotics sidewalk delivery
robot collided at a Los Angeles intersection, according to a video that's circulating on social media.

The footage shows a Serve bot crossing a street in West Hollywood at night
and trying to get onto the sidewalk. It reached the curb, backed up a little
to correct itself and started moving toward the ramp. That's a Waymo making
a right turn hit the little bot. [...]

https://techcrunch.com/2024/12/31/a-waymo-robotaxi-and-a-serve-delivery-robot-collided-in-los-angeles/

------------------------------

Date: Mon, 30 Dec 2024 15:24:37 -0500
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Waymo robotaxis can make walking across the street a game of
chicken (The Washington Post)

On roads teeming with robotaxis, crossing the street can be harrowing -- Our tech columnist captured videos of Waymo self-driving cars failing to stop
for him at a crosswalk. How does an AI learn how to break the law?

https://www.washingtonpost.com/technology/2024/12/30/waymo-pedestrians-robotaxi-crosswalks/

------------------------------

Date: Mon, 6 Jan 2025 06:42:54 -0800
From: Steve Bacher <sebmb1@verizon.net>
Subject: Trifecta of articles in *LA Times* about cars

Los Angeles man is trapped in circling Waymo on way to airport: 'Is
somebody playing a joke?'
[Matthew Kruk spotted this one:
Mike Johns boarded a driverless Waymo taxi to an airport in Scottsdale,
Arizona, but it began spinning in circles in a parking lot. He filmed the
moment he was trapped in the vehicle, unable to stop the car or get help.
Johns said he almost missed his flight.
https://www.bbc.com/news/videos/c70e2g09ng9o]

LA tech entrepreneur Mike Johns posted a video of his call to a customer service representative for Waymo to report that the car kept turning in
circles

https://www.latimes.com/california/story/2025-01-05/los-angeles-man-trapped-in-circling-waymo-says-he-missed-his-flight-home

[Jim Geissman also noted it. PGN]

------------------------------

Date: Thu, 2 Jan 2025 09:21:47 -0800
From: "Jim" <jgeissman@socal.rr.com>
Subject: LA Sheriff outage (LA Times)

A few hours before the ball dropped on New Year's Eve, the computer dispatch system for the Los Angeles County Sheriff's Department crashed, rendering
all patrol car computers nearly useless and forcing deputies to handle all calls by radio, according to officials and sources in the department.

Department leaders first learned of the problem around 8 p.m., when deputies
at several sheriff's stations began having trouble logging onto their patrol car computers, officials told The Times in a statement.

The department said it eventually determined its computer-aided dispatch program -- known as CAD -- was "not allowing personnel to log on with the
new year, making the CAD inoperable."

It's not clear how long it will take to fix the problem, but in the meantime deputies and dispatchers are handling everything old-school - using their radios instead of patrol car computers.

"It's our own little Y2K," a deputy who was working Wednesday morning told
The Times.

https://www.latimes.com/california/story/2025-01-01/l-a-sheriffs-dispatch-sy stem-crashes-on-new-years-eve

And there is more on this -- a "temporary fix". http://enewspaper.latimes.com/infinity/article_share.aspx?guid=8276009d-5b4b -4787-bece-ec72b2bbe0df

[Also noted by Jan Wolitzky. Also, Paul Saffo noted

If the trouble began a little after 16:00 local time (00:00 UTC), I
would suspect the system was keeping time internally with UTC, but news
reports say it started around 20:00. Furthermore, they say the system is
old and needs to be replaced, which implies it's handled the end of year
successfully many times.

Perhaps there's a rollover issue, such as the GPS week number rollover
that happened years ago. Since that occurred, my ca. 2000 Magellan
receiver is years in error in its dates, though it still navigates
without trouble. In fact, it's better than new in that respect. Rarely
do I see its positions off by more than 10 feet. PS

It still smells like a residual Y2K-type poor retrofix. PGN]

------------------------------

Date: Thu, 2 Jan 2025 18:03:01 -0500
From: Steve Golson <sgolson@trilobyte.com>
Subject: Eutelsat resolves OneWeb leap year software glitch
after two-day outage (SpaceNews)

https://spacenews.com/eutelsat-resolves-oneweb-leap-year-software-glitch-after-two-day-outage/

Eutelsat said Jan. 2 it has restored services across its low Earth orbit
(LEO) OneWeb broadband network following a two-day outage.

The software issue was caused by a failure to account for 2024 being a leap year… services were partially restored 36 hours after the disruption began
31 Dec 2024.

------------------------------

Date: Wed, 1 Jan 2025 09:14:58 -0800
From: Steve Bacher <sebmb1@verizon.net>
Subject: Traffic lights will have a fourth color in 2025

It is hard not to recognize the famous red, yellow, and green traffic
signals on roads throughout the globe. By 2025, traffic signals may have one
of the biggest changes because one more color will be added to them. This shift aims to meet new increases by AVs and redefine the meaning of traffic management to make it safer and more effective in the future. [...]

To further illustrate this strategy, we provide the proposed fourth color, white, which would signal to other drivers that the self-driving vehicle is managing traffic conditions. However, unlike the traditional Traffic
signals, which inform other motorists of the behavior expected from
autonomous vehicles at AIs, the White light informs the human drivers to
mimic the behavior of the AVs at AIs. This system leverages the idea that
AVs are intelligent vehicles that actively relay information and manage
traffic information flow.

In the case the AVs get to an intersection, they communicate with the
traffic signals, as well as other AVs, to achieve the best flow. When AVs
are in command, a white light informs human drivers what the self-driving vehicles intend to do. This makes it easier for human drivers to decide when
to veer in either direction, thus eagles traffic congestion and making the
road safer. [...]

https://www.ecoticias.com/en/traffic-lights-fourth-color/10086/

[Don't fire the traffic-manager programmer until you see the WHITES of his
LIGHTS? PGN]

------------------------------

Date: Mon, 6 Jan 2025 07:47:23 -0800
From: "Jim" <jgeissman@socal.rr.com>
Subject: FAA chief: Boeing must shift focus to safety over profit

Boeing used to manufacture airplanes and make profit as a side-effect. Then they changed to making profits primary with airplanes as a side-effect. FAA tells them to go back to the original model.

A year after a panel blew out of a Boeing 737 Max during a flight, the
nation's top aviation regulator says the company needs "a fundamental
cultural shift" to put safety and quality above profit.

Mike Whitaker, chief of the Federal Aviation Administration, said in an
online post Friday that his agency also has more work to do in its oversight
of Boeing.

Whitaker, who plans to step down in two weeks to let President-elect Donald Trump pick his own FAA administrator, looked back on his decision last
January to ground all 737 Max jets with similar panels called door plugs. Later, the FAA put more inspectors in Boeing factories, limited production
of new 737s and required Boeing to come up with a plan to fix manufacturing problems.

"Boeing is working to make progress executing its comprehensive plan in the areas of safety, quality improvement and effective employee engagement and training," Whitaker said. "But this is not a one-year project. What's needed
is a fundamental cultural shift at Boeing that's oriented around safety and quality above profits. That will require sustained effort and commitment
from Boeing, and unwavering scrutiny on our part."

http://enewspaper.latimes.com/infinity/article_share.aspx?guid=72e50023-50c9-470e-812e-39984c87cf63

------------------------------

Date: Thu, 2 Jan 2025 18:03:09 -0500:
From: Steve Golson <sgolson@trilobyte.com>
Subject: ARRL hit with ransomware (ARRL)

American Radio Relay League (ARRL), the U.S. national association for
amateur radio, was hit with a sophisticated ransomware attack.

https://www.arrl.org/news/arrl-it-security-incident-report-to-members

Sometime in early May 2024, ARRL’s systems network was compromised by threat actors (TAsing everything from desktops and laptops to Windows-based and Linux-based servers. Des) using information they had purchased on the dark
web. The TAs accessed headquarters on-site systems and most cloud-based systems. They used a wide variety of payloads affecting everything from desktops and laptops to Windows-based and Linux-based servers. Despite the
wide variety of target configurations, the TAs seemed to have a payload that ould host and execute encryption or deletion of network-based IT assets, as well as launch demands for a ransom payment, for every system.

This serious incident was an act of organized crime. The highly coordinated
and execute d attack took place during the early morning hours of May
15. That morning, as staff arrived, it was immediately apparent that ARRL
had become the victim of an extensive and sophisticated ransomware
attack. The FBI categorized the attack as “unique” as they hadn't yet seen this level of sophistication among the many other attacks, they have
experience with.

The ransom demands by the TAs, in exchange for access to their decryption tools, were exorbitant. It was clear they didn’t know, and didn’t care, that
they had attacked a small 501(c)(3) organization with limited
resources. Their ransom demands were dramatically weakened by the fact that they did not have access to any compromising data. It was also clear that
they believed ARRL had extensive insurance coverage that would cover a multi-million-dollar ransom payment.

------------------------------

Date: Wed, 8 Jan 2025 11:24:10 -0500 (EST)
From: ACM TechNews <technews-editor@acm.org>
Subject: Taiwan Suspects China of Latest Undersea Cable Attack"
(Tom Nicholson)

Politico Europe (01/05/25) Tom Nicholson

Taiwanese officials suspect a Cameroon-flagged cargo ship owned by Je Yang Trading Limited of Hong Kong, led by Chinese citizen Guo Wenjie, was responsible for cutting an international undersea telecom cable on
Jan. 3. The Shunxin-39 was intercepted by Taiwan's coast guard, but rough weather prevented an on-board investigation, and the ship continued on to a South Korean port.

------------------------------

Date: Thu, 9 Jan 2025 21:11:00 -0500
From: Gabe Goldberg <gabe@gabegold.com>
Subject: The Memecoin Shenanigans Are Just Getting Started (WiReD)

The market for absurdist cryptocurrencies mutated into a
hundred-billion-dollar phenomenon in 2024. Yes, things can get even more deranged.

Around that time, a bunch of other celebrities—from Caitlyn Jenner to Andrew Tate and Jason Derulo—were all launching their own crypto coins. The
pile-on reflected a renewed fervor among traders for memecoins, a type of cryptocurrency that generally has no utility beyond financial speculation.

Because memecoins do not generate revenue or cash flow, their value is
entirely based on the attention they attract, which can fluctuate
wildly. Though some people make a lot of money on memecoins, many others
lose out. With a general euphoria taking hold in cryptoland as the price of bitcoin rises to historic levels above $100,000, the stage is set for yet further memecoin “degeneracy,” says Azeem Khan, cofounder of the Morph blockchain and venture partner at crypto VC firm Foresight Ventures.

https://www.wired.com/story/memecoins-cryptocurrency-regulation

------------------------------

Date: Fri, 3 Jan 2025 11:05:47 -0700
From: Matthew Kruk <mkrukg@gmail.com>
Subject: Apple to pay $95M to settle lawsuit accusing Siri of
eavesdropping (CBC)

https://www.cbc.ca/news/business/apple-siri-privacy-settlement-1.7422363

Apple has agreed to pay $95 million US to settle a lawsuit accusing the privacy-minded company of deploying its virtual assistant Siri to eavesdrop
on people using its iPhone and other trendy devices.

The proposed settlement filed Tuesday in an Oakland, Calif., federal court would resolve a five-year-old lawsuit revolving around allegations that
Apple surreptitiously activated Siri to record conversations through
iPhones and other devices equipped with the virtual assistant for more than
a decade.

------------------------------

Date: Wed, 8 Jan 2025 11:24:10 -0500 (EST)
From: ACM TechNews <technews-editor@acm.org>
Subject: Meta Getting Rid of Fact Checkers (Clare Duff)

CNN 01/07/25) Clare Duffy

Mark Zuckerberg said Tuesday that Meta will adjust its content review
policies on Facebook and Instagram, replacing fact checkers with
user-generated "community notes." In doing so, Zuckerberg follows in the footsteps of Elon Musk who, after acquiring Twitter, dismantled the
company's fact-checking teams. Said Zuckerberg, "Fact checkers have been too politically biased and have destroyed more trust than they've created."

------------------------------

Date: Wed, 8 Jan 2025 07:08:55 -0700
From: Matthew Kruk <mkrukg@gmail.com>
Subject: Huge problems with axing fact-checkers, Meta oversight
board says (BBC)

https://www.bbc.com/news/articles/cjwlwlqpwx7o

While Meta says the move -- which is being introduced in the US initially -
is about free speech, others have suggested it is an attempt to get closer
to the incoming Trump administration, and catch up with the access and influence enjoyed by another tech titan, Elon Musk.

The tech journalist and author Kara Swisher told the BBC it was "the most cynical move" she had seen Mr Zuckerberg make in the "many years" she had
been reporting on him.

"Facebook does whatever is in its self-interest", she said.
"He wants to kiss up to Donald Trump, and catch up with Elon Musk in that
act."

------------------------------

Date: Thu, 9 Jan 2025 14:19:32 -0500
From: Gabe Goldberg <gabe@gabegold.com>
Subject: Meta hosts AI chatbots of 'Hitler,' 'Jesus Christ,' Taylor Swift
(NBC News)

Meta says it reviews every user-generated AI chatbot, but NBC News found
dozens that seemed to violate Meta’s policies.

https://www.nbcnews.com/tech/social-media/meta-user-made-ai-chatbots-include-hitler-jesus-christ-rcna186206

------------------------------

Date: Wed, 8 Jan 2025 08:41:43 -0500
From: Tom Van Vleck <thvv@multicians.org>
Subject: God can take Sunday off (NYTimes)

from the New York Times 8 Jan 2025

To members of his synagogue, the voice that played over the speakers of Congregation EmanuEl in Houston sounded just like Rabbi Josh Fixler's. In
the same steady rhythm his congregation had grown used to, the voice
delivered a sermon about what it meant to be a neighbor in the age of artificial intelligence. Then, Rabbi Fixler took to the bimah himself. "The audio you heard a moment ago may have sounded like my words," he said. "But they weren't." The recording was created by what Rabbi Fixler called "Rabbi Bot," an AI chatbot trained on his old sermons. The chatbot, created with
the help of a data scientist, wrote the sermon, even delivering it in an
AI version of his voice. During the rest of the service, Rabbi Fixler intermittently asked Rabbi Bot questions aloud, which it would promptly
answer.

Rabbi Fixler is among a growing number of religious leaders experimenting
with AI in their work, spurring an industry of faith-based tech companies
that offer AI tools, from assistants that can do theological research to chatbots that can help write sermons. [...] Religious leaders have used
AI to translate their livestreamed sermons into different languages in
real time, blasting them out to international audiences. Others have
compared chatbots trained on tens of thousands of pages of Scripture to a
fleet of newly trained seminary students, able to pull excerpts about
certain topics nearly instantaneously. The report's author draws a parallel
to previous generations' initial apprehension -- and eventual embrace -- of transformative technologies like radio, television, and the Internet. "For centuries, new technologies have changed the ways people worship, from the radio in the 1920s to television sets in the 1950s and the Internet in the 1990s," the report says. "Some proponents of AI in religious spaces have
gone back even further, comparing AI's potential -- and fears of it -- to
the invention of the printing press in the 15th century."

Well, we are halfway there. Now all we need is AI-generated parishioners.

Think of the savings in time and real estate. Church services can be over
in microseconds. No need for church buildings, pews, altars: all virtual.
They could repurpose churches as Amazon warehouses, patrolled by robots.

------------------------------

Date: Thu, 9 Jan 2025 11:29:50 PST
From: Peter Neumann <neumann@csl.sri.com>
Subject: Several items Google and Meta (Lauren Weinstein_

* Google gives a million dollars to Trump inauguration, as billionaire CEO
Sundar goes full MAGA]

* Changes at Meta amount to a MAGA Makeover Kevin Roose, *The New York
Times*, 9 Jan 2025, front page of Business Section.
[Lauren suggests META == Make Evil Trendy Again.]

* Zuckerberg falls in line, goes fully MAGA
Joe Garifoli, *The San Francisco Chronicle*, 9 Jan 2025

* Google gives a million dollars to Trump inauguration, as billionaire CEO
Sundar goes full MAGA, Lauren Weinstein, 9 Jan 2025

[The best government money can buy? PGN]

------------------------------

Date: Wed, 8 Jan 2025 08:47:42 -0800
From: Steve Bacher <sebmb1@verizon.net>
Subject: AI means the end of Internet search as
we've known it (Technology Review))

The way we navigate the web is changing, and it’s paving the way to a more AI-saturated future.

https://www.technologyreview.com/2025/01/06/1108679/ai-generative-search-internet-breakthroughs/

------------------------------

Date: Wed, 8 Jan 2025 06:47:35 -0700
From: Matthew Kruk <mkrukg@gmail.com>
Subject: Is it still 'social media' if it's overrun by AI? (CBC)

https://www.cbc.ca/news/business/meta-ai-generated-characters-future-social-media-1.7424641

Back in 2010, a 26-year-old Mark Zuckerberg shared his vision for Facebook
-- by that point a wildly popular social network with more than 500-million users.

"The primary thing that we focus on all day long is how to help people
share and stay connected with their friends, family and the people in the community around them," Zuckerberg told CNBC. "That's what we care about,
and that's why we started the company."

Fifteen years and three billion users later, Facebook's parent company Meta
has a new vision: characters powered by artificial intelligence existing alongside actual friends and family. Some experts caution that this could
mark the end of social media as we know it.

For early users of social media, platforms like Facebook and Instagram have become "about as anti-social as you can imagine," said Carmi Levy, a
technology analyst and journalist based in London, Ont. "It's becoming increasingly difficult to connect with an actual human being."

------------------------------

Date: Sat, 4 Jan 2025 08:38:38 -0800
From: Steve Bacher <sebmb1@verizon.net>
Subject: AI Incident Database

This should be of interest to RISKS readers:

Welcome to the Artificial Intelligence Incident Database
Search over 3000 reports of AI harms
https://incidentdatabase.ai/

------------------------------

Date: Tue, 7 Jan 2025 14:32:38 -0800
From: "Jim" <jgeissman@socal.rr.com>
Subject: Apple's AI News Summaries and Inventions (BBC)

https://www.bbc.com/news/articles/cge93de21n0o

Apple is facing fresh calls to withdraw its controversial artificial intelligence (AI) feature that has generated inaccurate news alerts on its latest iPhones.

The product is meant to summarise breaking news notifications but has in
some instances invented entirely false claims.

The BBC first complained to the tech giant about its journalism being misrepresented in December but Apple did not respond until Monday this week, when it said it was working to clarify that summaries were AI-generated.


Alan Rusbridger, the former editor of the Guardian, told the BBC Apple
needed to go further and pull a product he said was "clearly not ready."

Mr Rusbridger, who also sits on Meta's Oversight Board that reviews appeals
of the company's content moderation decisions, added the technology was "out
of control" and posed a considerable misinformation risk.

"Trust in news is low enough already without giant American corporations
coming in and using it as a kind of test product," he told the Today
programme, on BBC Radio Four.

The National Union of Journalists (NUJ), one of the world's largest unions
for journalists, said Apple "must act swiftly" and remove Apple Intelligence
to avoid misinforming the public - echoing prior calls by journalism body Reporters Without Borders <https://www.bbc.co.uk/news/articles/cx2v778x85yo> (RSF).

"At a time where access to accurate reporting has never been more important, the public must not be placed in a position of second-guessing the accuracy
of news they receive," said Laura Davison, NUJ general secretary.

The RSF also said Apple's intervention was insufficient, and has repeated
its demand that the product is taken off-line.


Series of errors


The BBC complained <https://www.bbc.co.uk/news/articles/cd0elzk24dno> last month after an AI-generated summary of its headline falsely told some
readers that Luigi Mangione, the man accused of killing UnitedHealthcare CEO Brian Thompson, had shot himself.

On Friday, Apple's AI inaccurately summarised BBC app notifications to claim that Luke Littler had won the PDC World Darts Championship <https://www.bbc.co.uk/news/articles/cx27zwp7jpxo> hours before it began -
and that the Spanish tennis star Rafael Nadal had come out as gay.

This marks the first time Apple has formally responded to the concerns
voiced by the BBC about the errors, which appear as if they are coming from within the organisation's app.

------------------------------

Date: Tue, 31 Dec 2024 07:29:00 -0800
From: Lauren Weinstein <lauren@vortex.com>
Subject: What real people think about Google Search today

It's both notable and deeply depressing how many nontechnical people I know
who have unprompted told me how much they despise Google AI Overviews, which they inevitably describe as usually inaccurate and worthless, at which point they usually add how Google Search quality has declined enormously (in their own words, of course).

Then they sometimes say something like, "Hey Lauren, don't you know people
at Google that you could tell about how bad this is getting?"

At which point I usually bite my tongue, which is increasingly feeling like
a pincushion as a result.

Don't believe the happy face metrics that Google claims -- out in

------------------------------

Date: Fri, 10 Jan 2025 10:50:22 -0800
From: Lauren Weinstein <lauren@vortex.com>
Subject: WARNING: Google Voice is flagging LEGITIMATE robocalls from
insurance companies to their customers in the fires as spam

BE SURE TO CHECK YOUR SPAM FOLDERS! GOOGLE AI DOES IT AGAIN!

------------------------------

Date: Tue, 31 Dec 2024 10:28:03 -0800
From: Lauren Weinstein <lauren@vortex.com>
Subject: A non-tech analogy for Google Search AI Overviews

Here's a non-tech analogy to the problem (well, a problem) with Google AI Overviews:

Let's say you go to a restaurant. Maybe they're offering free meals
that day, maybe you're paying. Either way, several plates of
reasonable appearing food are placed in front of you. You ask about
the ingredients, but you only get vague answers back if any, and the
restaurant refuses to tell you anything about the actual recipes per
se.

You notice a little card sticking out from under one of the plates. It
reads:

"Some or all of this food may be fine. Some or all of this food may
have a bad taste. Some or all may give you food poisoning. It's up to
you to double check this food before eating it -- we take no
responsibility for any ill effects it may have on you."

Still hungry?

------------------------------

Date: Fri, 3 Jan 2025 09:58:24 -0500
From: Tom Van Vleck <thvv@multicians.org>
Subject: Happy new year, compute carefully

Just some notes to remind you to compute carefully in 2025.

1. In the past I recommended Gmail to people because it does some spam detection, but now Gmail is being exploited to hack people. If you get a (fake) call ostensibly from Google or (fake) notices that your Google
account is being attacked, run. Don't click anything. https://www.forbes.com/sites/zakdoffman/2025/01/03/new-gmail-outlook-apple-mail-warning-2025-hacking-nightmare-is-coming-true/?

2. If anybody says "now with AI," run.
They are not giving you something wonderful for free.

3. I have stopped using Google Chrome except for testing web page changes.
I avoid "Chrome Browser Extensions" because they have been hacked to do bad things.

4. 2.6 million devices have been backdoored with credential stealing
malware. Don't be a victim. https://therecord.media/hackers-target-vpn-ai-extensions-google-chrome-malicious-updates

------------------------------

Date: Sat, 4 Jan 2025 10:08:35 -0800
From: Lauren Weinstein <lauren@vortex.com>
Subject: How to understand Generative AI

To really understand generative AI, you need to keep one simple fact in
mind. There is no "Intelligence" in "Artificial Intelligence". OpenAI -- it turns out -- literally defines intelligence in terms of profits!

And as we see, Google AI is essentially a low grade moron. But this is true
for all of these systems. This is FUNDAMENTAL to how these systems
work. They are NOT intelligent. They do NOT understand what they're saying.

The term "Intelligence" in the context of these systems is merely a
MARKETING HYPE term, nothing more.

Keep this in mind and the chaos being created by Big Tech at our
expense is much easier to at least understand. -L

------------------------------

Date: Sat, 4 Jan 2025 16:51:29 -0800
From: Lauren Weinstein <lauren@vortex.com>
Subject: Google censoring my AI criticism?

One of the digest versions of today's mailings, which included
the messages:

1. The laughs keep rolling in to that fraction question I asked
Google (Lauren Weinstein)
2. The execs know their AI is trash (Lauren Weinstein)
3. Sources: Pentagon planning for how to deal with rogue Trump
(Lauren Weinstein)

was marked by Gmail as dangerous spam, with a red banner declaring it to
be a likely phishing attack. If you can figure out any possible way any
of those messages -- which were sent out as individual messages earlier
today -- could possibly be legit interpreted in that way, I'd love to
hear about it.

Otherwise, I suspect Google has filters in place to try divert some of
this criticism into a scary category that people won't read, whether
that was their actual intention or not.

VERY BAD. -L

------------------------------

Date: Sun, 5 Jan 2025 06:32:54 -0800
From: Steve Bacher <sebmb1@verizon.net>
Subject: U.S. newspapers are deleting old crime stories offering
subjects a clean slate (The Guardian)

Civil rights advocates across the US have long fought to free people from
their criminal records, with campaigns to expunge old cases and keep
people’s past arrests private when they apply for jobs and housing.

The efforts are critical, as more than 70 million Americans have prior convictions or arrests – roughly one in three adults. But the policies haven’t addressed one of the most damaging ways past run-ins with police can derail people’s lives: old media coverage.

Some newsrooms are working to fill that gap.

A handful of local newspapers across the US have in recent years launched programs to review their archives and consider requests to remove names or delete old stories to protect the privacy of subjects involved in minor
crimes.

“In the old days, you put a story in the newspaper and it quickly, if not immediately, receded into memory,” said Chris Quinn, editor of Cleveland.com and the Plain Dealer newspaper. “But because of our [search engine] power, anything we write now about somebody is always front and center.” [...]

https://www.theguardian.com/us-news/2025/jan/04/newspaper-crime-stories

------------------------------

Date: Thu, 9 Jan 2025 10:43:21 -0700
From: geoff goodfellow <geoff@iconia.com>
Subject: EU Commission Fined for Transferring User Data
to Meta in Violation of Privacy Laws (THN)

The European General Court on Wednesday fined the European Commission, the primary executive arm of the European Union responsible for proposing and enforcing laws for member states, for violating the bloc's own data privacy regulations.

The development marks the first time the Commission has been held liable
for infringing stringent data protection laws in the region.

The court determined that a "sufficiently serious breach" was committed by transferring a German citizen's personal data, including their IP address
and web browser metadata, to Meta's servers in the United States when
visiting the now-inactive futureu.europa[.]eu website in March 2022.

The individual registered for one of the events on the site by using the Commission's login service, which included an option to sign in using a Facebook account.

"By means of the 'Sign in with Facebook' hyperlink displayed on the E.U.
Login webpage, the Commission created the conditions for transmission of
the IP address of the individual concerned to the U.S. undertaking Meta Platforms," the Court of Justice of the European Union said in a press statement.

The applicant had alleged that by transferring their information to the
U.S., there arose a risk of their personal data being accessed by the U.S. security and intelligence services. [...] https://thehackernews.com/2025/01/eu-commission-fined-for-transferring.html

------------------------------

Date: Thu, 2 Jan 2025 09:22:06 -0800
From: Steve Bacher <sebmb1@verizon.net>
Subject: The Ghosts in the Spotify Machine (Liz Pelly:)

I first heard about ghost artists in the summer of 2017. At the time, I was
new to the music-streaming beat. I had been researching the influence of
major labels on Spotify playlists since the previous year, and my first
report had just been published. Within a few days, the owner of an
independent record label in New York dropped me a line to let me know about
a mysterious phenomenon that was “in the air” and of growing concern to those in the indie music scene: Spotify, the rumor had it, was filling its
most popular playlists with stock music attributed to pseudonymous musicians—variously called ghost or fake artists—presumably in an effort to reduce its royalty payouts. Some even speculated that Spotify might be
making the tracks itself. At a time when playlists created by the company
were becoming crucial sources of revenue for independent artists and labels, this was a troubling allegation. [...]

https://harpers.org/archive/2025/01/the-ghosts-in-the-machine-liz-pelly-spotify-musicians/

------------------------------

Date: Mon, 16 Dec 2024 09:35:13 -0800
From: Rob Slade <rslade@gmail.com>
Subject: Spotify

I have mentioned, at times, that many people seem to be laboring under the misapprehension that the email address rslade@gmail.com is theirs.

Recently I have had cause to look into Spotify. I don't carry my "tunes" around with me (well, they often pop up as mindworms, but I don't need any external source for that.), and I don't listen to podcasts, so I haven't
used Spotify, and I haven't created an account on it. But I've started contributing to a podcast, I didn't need to get a Spotify account to
listen to the podcast. But recently someone sent me a playlist of songs,
and I thought it would listen to it and hear what was in it. But Spotify, while it *would* play a free podcast, apparently *won't* play a playlist of commercial songs unless you create an account.

So I tried, only to find out, yes, you guessed it, there already *was* an account under the email address rslade@gmail.com. Of course, I didn't know
the account password. So, I just told Spotify that I lost the password.
And it helpfully sent me an opportunity to change it.

Whoever signed up for Spotify under my email address doesn't seem to have
any playlists or anything else on the account, so I guess they haven't used
it much and haven't lost anything. Much. Except for the account.

Handy for me, though ...

------------------------------

Date: Sat, 28 Oct 2023 11:11:11 -0800
From: RISKS-request@csl.sri.com
Subject: Abridged info on RISKS (comp.risks)

The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
comp.risks, the feed for which is donated by panix.com as of June 2011.

SUBSCRIPTIONS: The mailman Web interface can be used directly to

subscribe and unsubscribe:
http://mls.csl.sri.com/mailman/listinfo/risks

SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that

includes the string `notsp'. Otherwise your message may not be read.
*** This attention-string has never changed, but might if spammers use it.

SPAM challenge-responses will not be honored. Instead, use an alternative

address from which you never send mail where the address becomes public!

The complete INFO file (submissions, default disclaimers, archive sites,

copyright policy, etc.) has moved to the ftp.sri.com site:
<risksinfo.html>.
*** Contributors are assumed to have read the full info file for guidelines!

OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's

delightfully searchable html archive at newcastle:
http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
Also, ftp://ftp.sri.com/risks for the current volume/previous directories
or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
If none of those work for you, the most recent issue is always at
http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-34.00
ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
*** NOTE: If a cited URL fails, we do not try to update them. Try
browsing on the keywords in the subject line or cited article leads.
Apologies for what Office365 and SafeLinks may have done to URLs.

Special Offer to Join ACM for readers of the ACM RISKS Forum:

<http://www.acm.org/joinacm1>

------------------------------

End of RISKS-FORUM Digest 34.52
************************