RISKS-LIST: Risks-Forum Digest Saturday 17 May 2025 Volume 34 : Issue 63
ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, founder and still moderator
***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <
http://www.risks.org> as
<
http://catless.ncl.ac.uk/Risks/34.63>
The current issue can also be found at
<
http://www.csl.sri.com/users/risko/risks.txt>
Contents:
Newark's Air-Traffic Control Staffing Crisis Is Dire. It's Also Not Unique.
(The New York Times)
Exclusive: NSF faces radical shake-up as officials abolish its 37 divisions
(Science)
Rogue communication devices found in Chinese solar power inverters
(PGN, Ben Moore)
EU Security Bug Database Fully Operational (Jessica Lyon)
Researchers Discover New Security Vulnerability in Intel Processors
(Daniel Meierhans)
Investigation into false evacuation alerts sent during L.A. fires places
blame, calls for more regulation (LA Times)
Meta to Train AI on EU User Data From May 27 Without Consent; Noyb Threatens
Lawsuit (The Hacker News)
Young Americans are investing in crypto and meme coins as a path to wealth
(The Washington Post)
If AI is so good at_coding, where are the open-source contributions
(Pivot to AI)
How Apple Created a Legal Mess When It Skirted a Judge’s Ruling (NYTimes)
How to Secure Your Phone’s Data Before Traveling Abroad (NYTimes)
Thumbprint on Cigarette Carton Cracks a 48-Year-Old California Murder Case
(NY Times)
Walgreens doubles down on prescription-filling robots to cut costs, free up
pharmacists amid turnaround (CNBC)
Smart Phones Finally Getting Expelled in Classes (New York Magazine)
A VPN Company Canceled All Lifetime Subscriptions, Claiming It Didn't Know
About Them (WiReD)
Why We're Unlikely to Get Artificial General Intelligence Anytime Soon
(NY Times)
Attack Steals Cryptocurrency by Planting False Memories in Chatbots
(Dan Goodin)
Young Americans are investing in crypto and meme coins as a path to wealth
(The Washington Post)
His X Account Was Hijacked to Sell a Fake WIRED Memecoin. Then Came the
Backlash (WiReD)
CISA mutes own website, shifts routine cyber-alerts to Musk's RSS, email
(The Register)
Tragedy, Fools but no Iago in sight (Peter Bernard Ladkin)
Riverside wants to become 'the new Detroit.' Can this self-driving electric
bus get it there? (LA Times)
IBM Vibe coding (Martin Ward)
How to fix your code using OpenAI (Martin Ward)
Case quacked: Flying duck caught by Swiss speed camera is repeat offender
(BBC)
We live in the tension between overestimating risks and ignoring them
(Jim Geissman)
RISKS-34.62 layout (Mark Brader)
Re: FBI Says Cybercrime Costs Surpassed $16 Billion in 2024
(Richard Marlon Stein)
Re: New Zealand's prime minister proposes social media ban for under-16s
(Steve Bacher)
Re: After an Arizona man was shot, an AI video of him addresses his killer
in court (Steve Bacher)
Abridged info on RISKS (comp.risks)
----------------------------------------------------------------------
Date: Fri, 16 May 2025 07:32:53 -0700
From: "Jim" <
jgeissman@socal.rr.com>
Subject: Newark's Air-Traffic Control Staffing Crisis Is Dire. It's Also Not
Unique. (The New York Times)
NY Times 16 May 2025
Ninety-nine percent of the air traffic control facilities in the United
States are operating below recommended staffing levels, a New York Times analysis has found.
The ongoing crisis at Newark Liberty International Airport has put a
spotlight on the prolonged nationwide shortage of air traffic
controllers. As of 7 May 2025, only two of 313 facilities - one in Akron,
Ohio, and another in Fort Lauderdale, Fla. -- met staffing targets set by
the Federal Aviation Administration and the union representing controllers, according to union data obtained by The Times.
<
https://www.nytimes.com/2025/05/07/us/politics/newark-airport-delays.html> <
https://www.nytimes.com/interactive/2025/05/08/nyregion/newark-airport-delays.html>
[Even if you are flying from Akron to Fort Lauderdale, that is not good
enough, because you have to cross undermanned ATC centers. PGN]
------------------------------
Date: Fri, 9 May 2025 20:21:24 +0900
From: David Farber <
farber@keio.jp>
Subject: Exclusive: NSF faces radical shake-up as officials abolish its 37
divisions (Science)
https://www.science.org/content/article/exclusive-nsf-faces-radical-shake-officials-abolish-its-37-divisions
The National Science Foundation (NSF), already battered by White House directives and staff reductions, is plunging into deeper turmoil. According
to sources who requested anonymity for fear of retribution, staff were told today that the agency's 37 divisions -- across all eight NSF directorates -- are being abolished and the number of programs within those divisions will
be drastically reduced. The current directors and deputy directors will lose their titles and might be reassigned to other positions at the agency or elsewhere in the federal government.
The consolidation appears to be driven in part by President Donald Trump's proposal to cut the agency's $9-billion budget by 55% for the 2026 fiscal
year that begins on 1 October. NSF's decision to abolish its divisions could also be part of a larger restructuring of the agency's grant-making process that involves adding a new layer of review. NSF watchers fear that a
smaller, restructured agency could be more vulnerable to pressure from the White House to fund research that suits its ideological bent.
------------------------------
Date: Thu, 15 May 2025 14:09:41 -0700
From: "Peter G. Neumann" <
peter.neumann@sri.com>
Subject: Rogue communication devices found in Chinese solar power inverters
https://www.reuters.com/sustainability/climate-energy/ghost-machine-rogue-communication-devices-found-chinese-inverters-2025-05-14/
[This resembles a cross between the DMA problem addressed by the
Thunderclap paper, and planted Trojan horses. PGN]
------------------------------
Date: Fri, 16 May 2025 09:37:13 -0500
From: Ben Moore <
ben.moore@juno.com>
Subject: Rogue communication devices found in Chinese solar power
inverter (MSN)
As Bruce Schneier says "This is a weird story."
https://www.msn.com/en-us/news/world/ar-AA1EMfHP
But less so when you consider this story.
https://www.huschblackwell.com/newsandinsights/new-executive-order-prohibits-use-of-equipment-produced-by-foreign-adversaries-in-bulk-power-system
------------------------------
Date: Fri, 16 May 2025 11:37:34 -0400 (EDT)
From: ACM TechNews <
technews-editor@acm.org>
Subject: EU Security Bug Database Fully Operational (Jessica Lyon)
Jessica Lyon, *The Register* (UK) (05/13/25), via ACM TechNews
The European Union Agency for Cybersecurity has rolled out the European Vulnerability Database (EUVD). Updated in real time and now fully
operational, the database identifies disclosed bugs with their U.S. Common Vulnerabilities and Exposures (CVE)-assigned IDs and EUVD identifiers,
details their criticality and exploitation status, and provides links to available advisories and patches.
[The U.S. mothballing of the MITRE-NIST CVE collection was the
result of an abonimable showman. The CVE repository may have been
the wrong solution to the wrong problem, but it provided a very
useful catalog of vulnerabilities against which to track progress
(or the lack of it). The deeper problem that is not being
adequately confronted is that commercial-system security sucks,
so-called best practices are dramatically incomplete, and the
industry apparently does not want to bother avoiding even the most
critical flaws, much less the way it develops new systems. This has
been going on during all of my 71 years as a computer professional,
with very few exceptions, and shows few signs of changing (except
for perhaps our SRI/Cambridge-UK CHERI clean-slate hardware-software
approach, which earlier this week received this year's Test-of-Time
award at the 46th IEEE Symposium on Security and Privacy for our
2015 paper, CHERI: A Hybrid Capability-System Architecture for
Scalable Software Compartmentalization). I am delighted to see the
European Union showing fortitude (although the letters VD in EUVD
have a connotation that is symbolic of the self-infectious nature of
system and network vulnerabilities). PGN]
------------------------------
Date: Fri, 16 May 2025 11:37:34 -0400 (EDT)
From: ACM TechNews <
technews-editor@acm.org>
Subject: Researchers Discover New Security Vulnerability in Intel
Processors (Daniel Meierhans)
Daniel Meierhans, ETH Zurich (Switzerland) (05/13/25)
A new class of vulnerabilities in all Intel processors identified by
computer scientists at Switzerland's ETH Zurich can be exploited to misuse
the central processing unit's (CPU) prediction calculations to gain access
to information from other users of the same CPU. The vulnerabilities enable
the incorrect assignment of privileges during the few nanoseconds when the
CPU switches between prediction calculations for two users with different permissions. ETH Zurich's Sandro Ruegge said quickly repeating the attack
can result in a more than 5,000-bytes-per-second readout speed, allowing attackers to read the entire memory over time.
------------------------------
Date: Mon, 12 May 2025 09:14:07 -0700
From: Steve Bacher <
sebmb1@verizon.net>
Subject: Investigation into false evacuation alerts sent during L.A. fires
places blame, calls for more regulation ()
The alerts were intended for a small group of residents near Calabasas, but stoked panic and confusion as they were blasted out repeatedly to a much
larger area. [...]
In “Sounding the Alarm: Lessons From the Kenneth Fire False Alerts,” Garcia’s office reports that Genasys, the software company contracted with the county to issue wireless emergency alerts, said a technical error caused the faulty alert to ping across the sprawling metro region. [...]
https://www.latimes.com/california/story/2025-05-12/report-on-faulty-fire-alert-calls-for-more-federal-regulation-of-private-tech-companies-issuing-alerts
------------------------------
Date: Fri, 16 May 2025 10:38:05 -0700
From: geoff goodfellow <
geoff@iconia.com>
Subject: IS: Meta to Train AI on EU User Data From May 27 Without Consent;
Noyb Threatens Lawsuit (The Hacker News)
Austrian privacy non-profit noyb (none of your business) has sent Meta's
Irish headquarters a cease-and-desist letter, threatening the company with
a class action lawsuit if it proceeds with its plans to train users' data
for training its artificial intelligence (AI) models without an explicit opt-in.
The move comes weeks after the social media behemoth announced <
https://thehackernews.com/2025/04/meta-resumes-eu-ai-training-using.html>
its plans to train its AI models using public data shared by adults across Facebook and Instagram in the European Union (EU) starting May 27, 2025,
after it paused the efforts in June 2024 following concerns raised by Irish data protection authorities.
"Instead of asking consumers for opt-in consent, Meta relies on an alleged 'legitimate interest' to just suck up all user data," noyb said <
https://noyb.eu/en/noyb-sends-meta-cease-and-desist-letter-over-ai-trainin-european-class-action-potential-next-step>. "Meta may face massive legal
risks -- just because it relies on an 'opt-out' instead of an 'opt-in'
system for AI training."
The advocacy group further noted that Meta AI is not compliant with the
General Data Protection Regulation (GDPR) in the region, and that, besides claiming that it has a ``legitimate interest in taking user data for AI training, the company is also limiting the right to opt-out before the
training has started.'' <
https://www.gdpreu.org/the-regulation/key-concepts/legitimate-interest/>
------------------------------
Date: Mon, 12 May 2025 12:58:06 -0400
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Young Americans are investing in crypto and meme coins as a
path to wealth (The Washington Post)
These young people see meme coins as their best shot at the American Dream
When traditional routes to wealth feel out of reach, jokey cryptocurrencies
can look more attractive.
“Financial nihilism” is driving some members of Gen Z to crypto, said Joe McCann, founder and CEO of Asymmetric, a crypto hedge fund that counts
itself as one of the first institutional investors in meme coins. Young
people with high levels of student debt, who are more likely to live with
their parents than prior generations, are less inclined to stash money into
a 401(k), he said. They’d rather wager a few hundred bucks on a meme coin, McCann added, because they feel they don’t have other good options. [...]
Several conference attendees told *The Washington Post( they expected crypto
to thrive during President Donald Trump’s administration in part because he has a personal stake in meme coins.
The president has been promoting two coins launched in January called $TRUMP and $MELANIA that were created by a firm affiliated with the Trump Organization. His association with the coins, including a recent offer to
host a dinner for top investors, has been criticized for creating a conflict
of interest.
Trump has also overseen a pullback in regulatory scrutiny of crypto
firms. In February, the U.S. Securities and Exchange Commission ruled that
meme coins are collectibles, not securities. Industry players say that could lead to a bumper crop of newly minted meme coins. [...]
Following the meme coin market’s moves requires dedication as the Internet cycles from one punch line to the next. “I always have my phone in my hand,”
said Jeff Matthews, who estimates that he notches 14 to 17 hours of screen
time daily, mostly spent trading meme coins.
------------------------------
Date: Tue, 13 May 2025 17:53:56 -0400
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: If AI is so good at_coding, where are the open-source contributions
(Pivot to AI)
It’s true that a lot of open source projects really hate AI code. There’s several objections, but the biggest one is that users who don't understand their own lack of competence spam the projects with time-wasting AI
garbage. The Curl project banned AI-generated security reports because they were getting flooded with automated AI-generated “bug bounty” requests. [LinkedIn]
More broadly, the very hardest problem in open source is not code, it’s people -— how to work with others. Some AI users just don’t understand the level they simply aren't working at.
One user of the LLVM compiler complained that his AI-generated pull requests were not being taken seriously — by a compiler project, where correct computer science and knowing precisely what the heck you’re doing is profoundly important.
The user considered it was the unpaid volunteer coders’ “job” to take his AI
submissions seriously. He even filed a code of conduct complaint with the project against the developers. This was not upheld. So he proclaimed the project corrupt. [GitHub; Seylaw, archive]
This is an actual comment that this user left on another project: [GitLab]
 As a non-programmer, I have zero understanding of the code and the
analysis and fully rely on AI and even reviewed that AI analysis with a
different AI to get the best possible solution (which was not good enough
in this case).
You can see why people don’t really want to deal with this sort of
contribution. But maybe we’ll get a flood of obviously excellent AI code
-— and AI code submitters —- next year.
https://pivot-to-ai.com/2025/05/13/if-ai-is-so-good-at-coding-where-are-the-open-source-contributions/
------------------------------
Date: Sat, 10 May 2025 21:31:38 -0400
From: Monty Solomon <
monty@roscom.com>
Subject: How Apple Created a Legal Mess When It Skirted a Judge’s Ruling
Court documents show the company commissioned a sham report and lied on the stand to justify its actions, which will cast a shadow over future lawsuits.
https://www.nytimes.com/2025/05/09/technology/apple-app-store-antitrust.html
------------------------------
Date: Sat, 10 May 2025 21:39:32 -0400
From: Monty Solomon <
monty@roscom.com>
Subject: How to Secure Your Phone’s Data Before Traveling Abroad (NYTimes)
Here are some best practices for safeguarding sensitive personal data.
https://www.nytimes.com/2025/04/30/technology/personaltech/travel-burner-phone-cbp.html
------------------------------
Date: Sat, 10 May 2025 22:54:46 -0400
From: Monty Solomon <
monty@roscom.com>
Subject: Thumbprint on Cigarette Carton Cracks a 48-Year-Old California
Murder Case (NY Times)
A young mother told friends that she’d be “back in 10 minutes.” She never returned, and the police in San Jose have now charged a man in her death.
https://www.nytimes.com/2025/05/10/us/jeanette-ralston-cold-case-murder-suspect.html
------------------------------
Date: Sun, 11 May 2025 07:00:32 -0700
From: Steve Bacher <
sebmb1@verizon.net>
Subject: Walgreens doubles down on prescription-filling robots to cut costs,
free up pharmacists amid turnaround (CNBC)
Walgreens is expanding the number of its retail stores served by its micro-fulfillment centers as it works to turn itself around and prepares to
go private.
As struggling drugstore chains work to regain their footing, Walgreens is doubling down on automation.
The company is expanding the number of retail stores served by its micro-fulfillment centers, which use robots to fill thousands of
prescriptions for patients who take medications to manage or treat diabetes, high blood pressure and other conditions.
Walgreens aims to free up time for pharmacy staff, reducing their routine
tasks and eliminating inventory waste. Fewer prescription fills would allow employees to interact directly with patients and perform more clinical
services such as vaccinations and testing. [...]
https://www.cnbc.com/2025/05/11/walgreens-doubles-down-on-robots-to-fill-prescriptions-amid-turnaround.html
------------------------------
Date: Fri, 9 May 2025 10:12:25 PDT
From: Peter Neumann <
neumann@csl.sri.com>
Subject: Smart Phones Finally Getting Expelled in Classes (New York Magazine)
NY Magazine, 8 May 2025
Starting at the beginning of the 2025–26 school year, New York public and charter schools will be implementing plans for “bell-to-bell” smartphone bans, which prohibit the “unsanctioned use of smartphones and other Internet-enabled personal devices on school grounds in K-12 schools for the entire school day.”
Yes, there is a growing trend of schools and states banning or restricting student smartphone use, particularly during class time. This is driven by concerns about student distraction, mental health, and the potential for bullying and negative social behaviors. Many states, including Florida, Indiana, and New York, have already implemented or are planning to implement such bans.
------------------------------
Date: Wed, 14 May 2025 22:46:42 -0400
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: A VPN Company Canceled All Lifetime Subscriptions, Claiming It
Didn't Know About Them (WiReD)
In March, complaints started appearing online about lifetime subscriptions
to VPNSecure no longer working.
The new owners of VPN provider VPNSecure have drawn ire after canceling lifetime subscriptions. The owners told customers that they didn’t know
about the lifetime subscriptions when they bought VPNSecure, and they cannot honor the purchases.
The first public response Ars Technica found came on April 28, when lifetime subscription holders reported receiving an email from the VPN provider
saying: “To continue providing a secure and high-quality experience for all users, Lifetime Deal accounts have now been deactivated as of April 28th, 2025.”
A copy of the email from “The VPN Secure Team” and posted on Reddit notes that VPNSecure had previously deactivated accounts with lifetime
subscriptions that it said hadn’t been used in “over 6 months.” The message
noted that VPNSecure was acquired in 2023, “including the technology,
domain, and customer database—but not the liabilities.” The email continues:
 Unfortunately, the previous owner did not disclose that thousands of
Lifetime Deals (LTDs) had been sold through platforms like StackSocial. We
discovered this only months later—when a large portion of our resources
were strained by these LTD accounts and high support volume from users,
who through part of the database, provided no sustaining income to help us
improve and maintain the service.
https://www.wired.com/story/vpnsecure-canceled-all-lifetime-subscriptions-claiming-it-didnt-know-about-them
------------------------------
Date: Sat, 17 May 2025 11:32:33 -0400
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Why We're Unlikely to Get Artificial General Intelligence
Anytime Soon (NY Times)
The titans of the tech industry say artificial intelligence will soon match
the powers of humans’ brains. Are they underestimating us?
[(No) surprise]
https://www.nytimes.com/2025/05/16/technology/what-is-agi.html?smid=nytcore-ios-share&referringSource=articleShare
------------------------------
Date: Fri, 16 May 2025 11:37:34 -0400 (EDT)
From: ACM TechNews <
technews-editor@acm.org>
Subject: Attack Steals Cryptocurrency by Planting False Memories in
Chatbots (Dan Goodin)
Dan Goodin, *Ars Technica* (05/13/25), via ACM TechNews
A "context manipulation" exploit developed by Princeton University
researchers leverages prompt injection attacks against the open source framework ElizaOS to steal cryptocurrency. ElizaOS uses large language
models to undertake blockchain-based transactions for users based on
predefined rules. The attacks depend on a feature of ElizaOS in which past conversations are stored in an external database, which allows anyone authorized to transact with an agent to create a false memory that triggers
an override of security defenses.
------------------------------
Date: Mon, 12 May 2025 12:58:06 -0400
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Young Americans are investing in crypto and meme coins as a
path to wealth (The Washington Post)
These young people see meme coins as their best shot at the American Dream. When traditional routes to wealth feel out of reach, jokey cryptocurrencies
can look more attractive.
“Financial nihilism” is driving some members of Gen Z to crypto, said Joe McCann, founder and CEO of Asymmetric, a crypto hedge fund that counts
itself as one of the first institutional investors in meme coins. Young
people with high levels of student debt, who are more likely to live with
their parents than prior generations, are less inclined to stash money into
a 401(k), he said. They’d rather wager a few hundred bucks on a meme coin, McCann added, because they feel they don’t have other good options. [...]
Several conference attendees told The Washington Post they expected crypto
to thrive during President Donald Trump’s administration in part because he has a personal stake in meme coins.
The president has been promoting two coins launched in January called $TRUMP and $MELANIA that were created by a firm affiliated with the Trump Organization. His association with the coins, including a recent offer to
host a dinner for top investors, has been criticized for creating a conflict
of interest.
Trump has also overseen a pullback in regulatory scrutiny of crypto
firms. In February, the U.S. Securities and Exchange Commission ruled that
meme coins are collectibles, not securities. Industry players say that could lead to a bumper crop of newly minted meme coins. [...]
Following the meme coin market’s moves requires dedication as the Internet cycles from one punch line to the next. “I always have my phone in my hand,”
said Jeff Matthews, who estimates that he notches 14 to 17 hours of screen
time daily, mostly spent trading meme coins.
------------------------------
Date: Mon, 12 May 2025 12:55:31 -0400
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: His X Account Was Hijacked to Sell a Fake WIRED Memecoin. Then
Came the Backlash (WiReD)
Earlier this year, a hacker used his X account to hawk a fraudulent WIRED-branded crypto coin. After they pulled the rug on investors, he faced
the aftermath.
https://www.wired.com/story/wired-memecoin-scam-hacked-x-account/
------------------------------
Date: Tue, 13 May 2025 08:12:00 -0700
From: "Jim" <
jgeissman@socal.rr.com>
Subject: CISA mutes own website, shifts routine cyber-alerts to Musk's
RSS, email (The Register)
Cripes, we were only joking when we called Elon's social network the new
state media
Iain Thomson <
https://www.theregister.com/Author/Iain-Thomson>
------------------------------
Date: Mon, 12 May 2025 14:05:28 +0200
From: "Prof. Dr. Peter Bernard Ladkin" <
ladkin@causalis.com>
Subject: Tragedy, Fools but no Iago in sight
On Friday, 2 May, at about 17.50 local time, the driver of a Mercedes SUV
ran into pedestrians on a busy street near the centre of the city of
Stuttgart in Germany. One died; seven others were injured. It seems to have
all the indications of a tragic accident. The car is (very) expensive; the owner was driving; his young son was sitting in the passenger seat. The most-read newspaper in Germany is the "tabloid" Bild-Zeitung. Bild reported
the accident, as well as that the driver is a "Selfmade-Millionär" (which is German for "selfmade millionaire") with an Internet portal on which he sells stuff. Bild also invented a pseudonym for him, "Markus S." (German law
prevents reporting full last names in potential criminal cases, in this case
a possible charge of "causing death by negligence", fahrlässige Tötung).
There is, however, a real Markus S., last name "Schön", who is an Internet entrepreneur in Detmold, a city some 450+km north of the accident site in Stuttgart. Herr Schön's site sells office and school supplies. He started receiving hate mails and death threats almost immediately, it seems, and
sales on his site went precipitiously down.
Sunday 4 May he posted on LinkedIn to say it wasn't him. The editor of Bild
got in touch. Bild amended its story to make it clear that it wasn't him,
and offered him space to do so himself (which he didn't take).
By Friday 9 May it seems things were back to "normal" for Herr Schön and his business.
All this courtesy of a story in my local paper at the weekend (10-11 May) by Silke Buhrmester entitled "Detmolder Unternehmer bedroht" ("Detmold
businessman threatened").
[PDL, Danke Schön. PGN]
------------------------------
Date: Fri, 16 May 2025 07:50:00 -0700
From: Steve Bacher <
sebmb1@verizon.net>
Subject: Riverside wants to become 'the new Detroit.' Can this self-driving
electric bus get it there? (LA Times)
In 2023, the Riverside (CA) City Council approved a two-year pilot program
to have the Riverside Transit Agency operate, staff and maintain three automated, fully electric shuttle buses. The first bus began serving the Riverside Municipal Airport this week.
There is a little shuttle bus in the Inland Empire that’s fueled with big aspirations.
It’s electric, tops out at 25 mph, and can only go on a pre-designated route set up by the Riverside Transit Agency.
But here’s a catch — it also drives itself.
As of Monday, commuters in Riverside are the first in the country to ride a fully self-driving, publicly accessible bus that is deployed by a city
transit agency. [...]
https://www.latimes.com/california/story/2025-05-15/riverside-self-driving-buses
------------------------------
Date: Thu, 15 May 2025 12:56:54 +0100
From: Martin Ward <
martin@gkc.org.uk>
Subject: IBM Vibe coding
IBM is really into the new vibe of "vibe coding":
https://www.ibm.com/think/topics/vibe-coding
There are just a few, really minor, limitations:
"for real world applications ... vibe coding becomes challenging."
"Code generated by AI is challenging to debug because it's dynamic
and lacks architectural structure."
"Applications built using AI generated code face maintenance
and update challenges"
"This can cause developers to struggle to understand the underlying logic" "Security concerns ... unseen vulnerabilities that can go unnoticed
and be exploited"
But hey, as long as your application isn't a real world application,
does not need optimisation, you don't care about bugs, you don't
need to maintain it or understand the underlying logic,
and you don't care about security, then vibe coding is for you!
------------------------------
Date: Thu, 15 May 2025 12:56:18 +0100
From: Martin Ward <
martin@gkc.org.uk>
Subject: How to fix your code using OpenAI
You write a try/catch and in the catch send a message to OpenAI: "Fix this error but return only the code" and then you eval the result!
https://www.youtube.com/watch?v=TZt6thN7AU8
------------------------------
Date: Tue, 13 May 2025 21:47:44 -0600
From: Matthew Kruk <
mkrukg@gmail.com>
Subject: Case quacked: Flying duck caught by Swiss speed camera is
repeat offender (BBC)
https://www.bbc.com/news/articles/c1ldnedvde9o
A duck has been caught speeding on traffic cameras in the town of Koeniz in central Switzerland.
Local police said the mallard -- a wild duck -- was snapped on radar images
on 13 April clocking in at 52km (32 miles per hour) in a 30km zone.
Adding to the mystery, authorities said the duck was likely a repeat
offender and shared an image of a similar looking duck traveling in the
same spot, at the same speed and on the same date in 2018.
[Perhaps the duck thought the zone was 30mph? There's a somewhat tortured
German pun here: Gans Gut! However, Gans is a Goose not a duck (Ente),
and Ganz is German for more-or-less. So, since it might be the same duck,
it might be flying until Die Ente Time. PGN]
------------------------------
Date: Fri, 16 May 2025 07:13:49 -0700
From: "Jim" <
jgeissman@socal.rr.com>
Subject: We live in the tension between overestimating risks and ignoring
them
http://enewspaper.latimes.com/infinity/article_share.aspx?guid=80b7df93-cfb5 -4ba3-a2b2-0a87bb7cd025
[I wish it were so simple. Lately, I have been unable to keep up with the
huge pile of e-mail, which suggests that our readers are more tuned to the
middle ground -- some sort of huge area in between, in which veteran RISKS
readers are not overestimating the risks. However, I have had to ignore a
few items because of the huge pile of potentially fascinating items
submitted that I cannot always read. If you ever submit something really
germane that I seem to have overlooked, please RESUBMIT with a subject
line that says perhaps I UNDERLOOKED it and ask me to consider it. That
would make me feel much better about not missing a superb item. PGN]
------------------------------
Date: Wed, 14 May 2025 03:35:23 -0400 (EDT)
From: Mark Brader <
msb@Vex.Net>
Subject: RISKS-34.62 layout
As seen in comp.risks, RISKS-34.62 contains 12 items that are second or
third occurrences of earlier items in the same issue. (That was based
on the table of contents, but I think the body was the same way.)
[Mark, My apologies to all readers. I had a series of EMACS accidents
after having completed an earlier version of the issue and then tried to
add lots more items to try to catch up. I think there were actually some
dupes that were not duped in the ToC but duped in the text. I won't try
that again -- as it evidently created unneeded risks! I usually keep a
backup once I get a stable version, but did not do so this time. And I
don't have time to try to fix it now after it was immediately discovered
by Lindsay Marshall in Newcastle... PGN]
------------------------------
Date: Mon, 12 May 2025 06:19:30 +0000
From: Richard Marlon Stein <
rmstein@protonmail.com>
Subject: Re: FBI Says Cybercrime Cost Surpassed $16 Billion in 2024
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)