• RISKS Digest 31.25

    From Sean Dennis@1:18/200 to All on Friday, May 17, 2019 21:29:01
    RISKS-LIST: Risks-Forum Digest Friday 17 May 2019 Volume 31 : Issue 25

    ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

    ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at <http://www.risks.org> as
    The current issue can also be found at

    Vote-by-phone tech trend is scaring the life out of security experts
    worldwide (Japan Times)
    FBI can't say with certainty that Florida voter databases not affected by
    2016 hack (Politico)
    U.S. Senate election security bill requiring paper ballots (Maggie Miller) WhatsApp flaw let hackers install spyware on cellphones when people
    made or got calls (CBS)
    Facebook busts Israel-based 'fake news' campaign to disrupt elections
    Israeli TV Eurovision webcast hacked with fake missile alert (The Guardian) CRYPTO-GRAM, May 15, 2019 (Bruce Schneier PGN-ed)
    San Francisco Bans Facial Recognition Technology (NYTimes) Britain_risks_heading_to_US_levels_of_inequality, warns_top_economist
    (The Guardian)
    Poll says that 56% of Americans don't want kids taught Arabic numerals.
    We have some bad news. (Marissa Higgins)
    New speculative execution bug leaks data from Intel chips' internal
    buffers (Ars Technica)
    GozNym cyber-crime gang which stole millions busted (BBC.com)
    Ransomware Is Putting a Damper on Our Smart City Future (Gizmodo)
    Re: Gregory Travis's article on the 737 MAX (Chris Drewe)
    Re: Healthcare spending (Martin Ward)
    Re: Is curing patients a sustainable business model? (Martin Ward)
    Abridged info on RISKS (comp.risks)


    Date: Thu, 16 May 2019 20:42:21 PDT
    From: "Peter G. Neumann" <neumann@csl.sri.com>
    Subject: Vote-by-phone tech trend is scaring the life out of security experts

    https://www.sandiegouniontribune.com/news/us-politics/la-na-pol-voting-by-phone -20190516-story.html

    With their playbook for pushing government boundaries as a guide, some
    Silicon Valley investors are nudging election officials toward an innovation that prominent coders and cryptographers warn is downright dangerous for democracy.

    Voting by phone could be coming soon to an election near you.

    As seasoned disruptors of the status quo, tech pioneers have proven
    persuasive in selling the idea, even as the National Academies of Science, Engineering and Medicine specifically warn against any such experiment.

    The fight over mobile voting pits technologists who warn about the risks of entrusting voting to apps and cellphones against others who see Internet
    voting as the only hope for getting most Americans to consistently
    participate on election day.

    "There are so many things that could go wrong," said Marian Schneider, president of Verified Voting, a coalition of computer scientists and
    government transparency advocates pushing for more-secure elections. "It is
    an odd time for this to be gaining momentum."

    [PGN-truncated for RISKS. Lots more on Bradley Tusk, who is spearheading
    vote-by-phone, and Voatz, with responses from Josh Benaloh, who responds
    that this is just `Magic beans', also relating to using blockchains:
    Blockchains "don't solve any of the problems," Benaloh said. "They
    actually introduce new ones, and make things worse." Worth reading in
    its entirety if you believe this is a good idea! PGN-ed]


    Date: Fri, 17 May 2019 10:26:07 PDT
    From: "Peter G. Neumann" <neumann@csl.sri.com>
    Subject: FBI can't say with certainty that Florida voter databases not
    affected by 2016 hack (Politico)

    Martin Matishak and Gary Fineout, Politico

    Florida lawmakers once again railed against the FBI on Thursday for its handling of the investigation into Russian election tampering in the state,
    and expressed skepticism that the intrusion didn't alter voter rolls.

    After a briefing with the FBI about its investigation into the 2016 cyber-attacks, members of the state's congressional delegation blasted the bureau for not even revealing the names of the affected counties for almost three years.

    "I don't know who the hell they think they are not to share that information with us," said Republican Rep. Matt Gaetz.

    Congressional lawmakers just found out Thursday the identities of the
    counties but did not reveal the names to reporters following the closed-door meeting with FBI officials.

    Thursday's briefing marked the latest chapter in the ongoing saga since
    March, when special counsel Robert Mueller issued his redacted report on Russian interference in the 2016 election, which concluded that at least one Florida county had been hacked.

    While the FBI and Department of Homeland Security say they have "no
    evidence" the voter databases were tampered with by Russian hackers,
    "there's more to follow there," said Rep. Michael Waltz (R-Fla.) said during
    a Capitol Hill press conference that followed a classified briefing from the agencies.

    "We have a lot of questions across our delegation on how the FBI came to
    that determination," added Waltz. He noted bureau officials were "very
    clear" that voter rolls were not manipulated and that the election results
    were not impacted by the breaches.

    Rep. Debbie Mucarsel-Powell (D-Fla.) likewise said lawmakers weren't able to get with "certainty" that the databases had been left alone, explaining the FBI told them hackers were able to "enter the garage" but "not the house" of the two county networks.

    Still, the revelations that Russian hackers were able to penetrate another Florida county do raise new troubling questions about the scope of Moscow's attempts to tamper with the 2016 presidential election, which has been the subject of much confusion.

    Incumbent Sen. Bill Nelson, a Democrat, asserted that Russians had
    successfully hacked Florida's systems, Sen. Rick Scott assailed him on the campaign trail, demanding proof and calling the comment ``irresponsible''.
    D Scott, a Republican and governor at the time, unseated Nelson in November.

    Scott, who had his own briefing a day earlier, said in a statement he had
    urged the FBI to divulge the name of the two counties the Russians
    successfully targeted but that he was ``confident'' in Florida's election security efforts.

    He also defended his attacks on Nelson, saying ``the FBI could not provide
    any evidence to support the claims about security during the 2018 election
    made by then-Senator Nelson, which confirms the conclusion of both the FBI
    and the Department of Homeland Security at the time.''

    Scott's statement, however, is not completely accurate. His campaign also assailed Nelson for asserting that the Russians obtained access in
    2016. Additionally, the DHS last year said the Russians were unable to
    access ``vote tallying systems'' in 2016. They said nothing at the time
    about accessing voter information records.

    After a meeting with the FBI and DHS last week, Florida Gov. Ron DeSantis Tuesday held a press conference where he revealed that two counties had been breached. However, the FBI made him sign a nondisclosure agreement to not reveal details of the meeting.

    Waltz said the FBI sent ``multiple warnings'' to state officials about the possible threat, held a conference call with local leaders and had a "back
    and forth" with vendors responsible for the voter database software.

    While the FBI argued it couldn't reveal the names in order to "protect
    sources and methods" and because the bureau had labeled the supervisor of elections in the counties as the "victims," members still expressed
    bipartisan outrage over the level of secrecy surrounding the 2016 hacks.

    Rep. Stephanie Murphy (D-Fla.), who along with Waltz originally requested Thursday's briefing, called the lack of transparency ``~counter-productive'' and predicted it would erode confidence in the election systems.

    Lawmakers said they asked FBI and DHS to go back and review their
    notification system, adding they asked a lot of questions about the nature
    of the communications between the bureau and local and state officials.

    Rep. Darren Soto (D-Fla.) said it was "critical" that members come together
    to support legislation that would require DHS to brief the congressional delegations of states that had been targeted or successfully hacked.

    Murphy said the delegation had asked the FBI to review if the information shared Thursday could be made available before the 2020 elections.

    There is "more work that needs to be done," she said.


    Date: Wed, 15 May 2019 22:48:26 PDT
    From: "Peter G. Neumann" <neumann@csl.sri.com>
    Subject: U.S. Senate election security bill requiring paper ballot
    (Maggie Miller)

    Maggie Miller, The Hill, 15 May 2019

    Senate Dems introduce election security bill requiring paper ballots https://thehill.com/policy/cybersecurity/443809-senate-dems-introduce-election- security-bill-requiring-paper-ballots

    Sen. Ron Wyden (D-Ore.) and a group of 12 other senators introduced a bill Wednesday to mandate the use of paper ballots in U.S. elections and also ban all Internet, Wi-Fi and mobile connections to voting machines in order to
    limit the potential for cyber interference.

    Wyden's office described the Protecting American Votes and Elections (PAVE)
    Act as ``providing the strongest protections for American elections of any proposal currently before Congress.'' <https://www.wyden.senate.gov/imo/media/doc/Protecting%20American%20Votes%20and %20Elections%20Act%20of%202019%20Bill%20Text.pdf>

    The legislation would also give the Department of Homeland Security the
    power to set minimum cybersecurity standards for U.S. voting machines, authorize a one-time $500 million grant program for states to buy ballot-scanning machines to count paper ballots and require states to
    conduct risk-limiting audits of all federal elections in order to detect any cyber hacks.

    Among the bill's co-sponsors are 2020 presidential candidates Sens. Bernie Sanders (I-Vt.),Elizabeth Warren (D-Mass.), Cory Booker (D-N.J.), Kirsten Gillibrand (D-N.Y.), and Kamala Harris (D-Calif.). Rep. Earl Blumenauer (D-Ore.) is planning to introduce a companion bill in the House.

    ``The Russian government interfered in American elections in 2016 and if we don't stop them, they and other governments are going to do it again,''
    Wyden said in a statement. ``The administration refuses to do what it takes
    to protect our democracy, so Congress has to step up. Our bill will give
    voters the confidence they need that our elections are secure.''

    Blumenauer said that ``if the 2016 and 2018 elections taught us anything, it
    is that our election security systems are woefully inadequate.'' [...]


    Date: Wed, 15 May 2019 18:59:13 -0700
    From: the keyboard of geoff goodfellow <geoff@iconia.com>
    Subject: WhatsApp flaw let hackers install spyware on cellphones when people
    made or got calls (CBS)

    Spyware created by a sophisticated group of hackers-for-hire took advantage
    of a flaw in the WhatsApp communications program used by more than 1.5
    billion people worldwide to remotely hijack dozens of phones, the company
    said late Monday. The Financial Times identified the firm as Israel's NSO Group, and WhatsApp all but confirmed the identification.

    WhatsApp described the hackers to CBS News as having "all the hallmarks of a private company that works with a number of governments around the world," adding to The Associated Press that they do so "to deliver spyware." A spokesman for the Facebook subsidiary later told the AP: "We're certainly
    not refuting any of the coverage you've seen."

    WhatsApp also told CBS News, "We have made information available to U.S.
    law enforcement for further review. We may make additional information available as appropriate."...

    https://www.cbsnews.com/news/whatsapp-flaw-let-hackers-install-spyware-on-cellp hones-when-people-made-or-got-calls/

    [See also Attacks used app's call function. Targets didn't have to answer
    to be infected, noted by Monty Solomon: https://arstechnica.com/information-technology/2019/05/whatsapp-vulnerability-e xploited-to-infect-phones-with-israeli-spyware/


    Date: Fri, 17 May 2019 10:27:19 +0900
    From: Dave Farber <farber@gmail.com>
    Subject: Facebook busts Israel-based 'fake news' campaign to disrupt

    Facebook busts Israel-based 'fake news' campaign to disrupt elections
    worldwide (The Japan Times)

    https://www.japantimes.co.jp/news/2019/05/17/business/facebook-busts-israel-bas ed-fake-news-campaign-disrupt-elections-worldwide/%3Fappsule%3D1%26idfa%3D2FA2 9BF3-DF21-40C3-BD24-C3937A2D1577%23.XN4NthKRWnM


    Date: Wed, 15 May 2019 08:17:37 -0400
    From: =?ISO-8859-1?Q?Jos=E9_Mar=EDa_Mateos?= <chema@rinzewind.org>
    Subject: Israeli TV Eurovision webcast hacked with fake missile alert
    (The Guardian)

    https://www.theguardian.com/world/2019/may/15/israeli-tv-eurovision-webcast-hac ked-with-fake-missile-alert

    The online stream of the Eurovision semi-finals in Israel was hacked to show warnings of a missile strike and images of blasts in the host city, Tel

    The website for KAN's television stations was interrupted on Tuesday evening
    -- just as the competition's first round was beginning - with a fake alert
    from Israel's army telling of an impending attack.

    Messages such as: ``Risk of Missile Attack, Please Take Shelter'' and:
    ``Israel is NOT Safe. You Will See!'' appeared on the screen. Animated satellite footage showed explosions in the coastal city.


    Date: Wed, 15 May 2019 07:05:05 +0000
    From: Bruce Schneier <schneier@schneier.com>
    Subject: CRYPTO-GRAM, May 15, 2019 (PGN-excerpted)

    [Bruce's Crypto-gram has so many RISKS-worthy items that I am going to
    stop trying to pick out a few. Here I picked a few items to list from the
    table of contents of his latest issue, and only the first item. I urge
    some of you to subscribe. PGN]

    Bruce Schneier, CTO, IBM Resilient

    A free monthly newsletter providing summaries, analyses, insights, and commentaries on security: computer and otherwise.

    For back issues, or to subscribe, visit Crypto-Gram's web page https://www.schneier.com/crypto-gram.html

    Read this issue on the web https://www.schneier.com/crypto-gram/archives/2019/0515.html

    ** *** ***** ******* *********** *************

    ** IN THIS ISSUE: [PGN-excerpted just a few items]

    * China Spying on Undersea Internet Cables
    * Vulnerabilities in the WPA3 Wi-Fi Security Protocol
    * More on the Triton Malware
    * New DNS Hijacking Attacks
    * Iranian Cyberespionage Tools Leaked Online
    * Excellent Analysis of the Boeing 737 Max Software Problems
    * Vulnerability in French Government Tchap Chat App
    * Fooling Automated Surveillance Cameras with Patchwork Color Printout
    * Stealing Ethereum by Guessing Weak Private Keys
    * Why Isn't GDPR Being Enforced?
    * Malicious MS Office Macro Creator
    * Leaked NSA Hacking Tools
    * Amazon Is Losing the War on Fraudulent Sellers
    * Another NSA Leaker Identified and Charged
    * Cryptanalyzing a Pair of Russian Encryption Algorithms
    * Reverse Engineering a Chinese Surveillance App
    * Cryptanalysis of SIMON-32/64



    Supply chain security is an insurmountably hard problem. The recent focus is
    on Chinese 5G equipment, but the problem is much broader. This opinion piece looks at undersea communications cables. https://www.bloomberg.com/opinion/articles/2019-04-09/china-spying-the-internet -s-underwater-cables-are-next

    But now the Chinese conglomerate Huawei Technologies, the leading firm
    working to deliver 5G telephony networks globally, has gone to sea. Under
    its Huawei Marine Networks component, it is constructing or improving nearly 100 submarine cables around the world. Last year it completed a cable stretching nearly 4,000 miles from Brazil to Cameroon. (The cable is partly owned by China Unicom, a state-controlled telecom operator.) Rivals claim
    that Chinese firms are able to lowball the bidding because they receive subsidies from Beijing.

    Just as the experts are justifiably concerned about the inclusion of
    espionage "back doors" in Huawei's 5G technology, Western intelligence professionals oppose the company's engagement in the undersea version, which provides a much bigger bang for the buck because so much data rides on so
    few cables.

    This shouldn't surprise anyone. For years, the US and the Five Eyes have had
    a monopoly on spying on the Internet around the globe. Other countries want

    As I have repeatedly said, we need to decide if we are going to build our future Internet systems for security or surveillance. Either everyone gets
    to spy, or no one gets to spy. And I believe we must choose security over surveillance, and implement a defense-dominant strategy.


    Date: Tue, 14 May 2019 20:44:48 -0400
    From: Monty Solomon <monty@roscom.com>
    Subject: San Francisco Bans Facial Recognition Technology (NYTimes)


    It is the first ban by a major city on the use of facial recognition
    technology by the police and all other municipal agencies.


    Date: May 15, 2019 at 8:09:49 AM GMT+9
    From: Brian Randell <brian.randell@newcastle.ac.uk>
    Subject: Britain_risks_heading_to_US_levels_of_inequality, warns_top_economist
    (The Guardian)

    [via Dave Farber]

    "Rising inequality in Britain risks putting the country on the same path
    as the US to become one of the most unequal nations on earth, according to
    a Nobel-prize winning economist.

    Sir Angus Deaton is leading a landmark review of inequality in the UK amid
    fears that the country is at a tipping point due to a decade of stagnant
    pay growth for British workers. The Institute for Fiscal Studies
    thinktank, which is working with Deaton on the study, said the
    British-born economist would ``point to the risk of the UK following the
    U.S.'' -- which has extreme inequality levels in pay, wealth and health.

    Speaking to The Guardian at the launch of the study, he said: There's a
    real question about whether democratic capitalism is working, when it's
    only working for part of the population."

    https://www.theguardian.com/inequality/2019/may/14/britain-risks-heading-to-us- levels-of-inequality-warns-top-economist


    Date: May 15, 2019 at 8:31:28 AM GMT+9
    From: Dewayne Hendricks <dewayne@warpspeed.com>
    Subject: Poll says that 56% of Americans don't want kids taught Arabic
    numerals. We have some bad news. (Marissa Higgins)

    Marissa Higgins, Daily Kos, 13 May 2019

    https://www.dailykos.com/stories/2019/5/13/1857360/-Poll-says-that-56-of-Americ ans-don-t-want-kids-taught-Arabic-numerals-We-have-some-bad-news

    [...] An astounding 56% of Americans said Arabic numerals should not be
    taught in American schools. Arabic numerals. Which are, you know, the ones
    we use. [1,2,3, etc.] Is there an explanation that doesn't have to do with bigotry? I think not. Islamophobia is a huge problem in the U.S. My guess (and the only explanation I can gather) is that people read `Arabic' and immediately went negative. Gross.


    Date: Tue, 14 May 2019 22:23:38 -0400
    From: Monty Solomon <monty@roscom.com>
    Subject: New speculative execution bug leaks data from Intel chips' internal
    buffers (Ars Technica)

    Intel-specific vulnerability was found by researchers both inside and
    outside the company.

    https://arstechnica.com/gadgets/2019/05/new-speculative-execution-bug-leaks-dat a-from-intel-chips-internal-buffers/


    Date: Fri, 17 May 2019 16:16:19 +0800
    From: Richard Stein <rmstein@ieee.org>
    Subject: GozNym cyber-crime gang which stole millions busted (BBC.com)


    Mario Puzo wrote that "A lawyer with his briefcase can steal more than a hundred men with guns."

    "What is known as 'crime as a service' has been a growing feature in recent years, allowing organised crime gangs to switch from their traditional
    haunts of drugs to much more lucrative cyber-crime."

    CaaS only requires quick hands to type faster than law enforcement can apprehend criminals. CaaS proudly exploits IaaS, PaaS, and SaaS.

    Risk: Internet-based business resilience and continuity, critical infrastructure, etc.


    Date: May 17, 2019 9:15:06 JST
    From: Dewayne Hendricks <dewayne@warpspeed.com>
    Subject: Ransomware Is Putting a Damper on Our Smart City Future (Gizmodo)

    Patrick Howell O'Neill, Gizmodo, 14 May 2019

    [Note: This item comes from reader Randall Head. DLH]

    https://gizmodo.com/ransomware-is-putting-a-damper-on-our-smart-city-future-183 4731404

    Last month, we found out that hackers took down a county government in California. Around the same time, a city in Maine lost control of all its
    data. These followed New York state's capital, Albany, admitting that
    hackers had crippled the city's technology operations, which means just
    about everything important in the city was taken down. And just last week, Baltimore was hit by a successful ransomware attack that demanded 13 bitcoin
    to decrypt city files that were being held hostage.

    The world is supposed to be launching into a dazzling smart city future
    where governments are always connected and, therefore, move quicker and more efficiently than before. But if that's where we're going, we
    have to deal with the fact that many cities fall victim to profit-driven hackers.

    The weapon often used against cities is ransomware, a type of malware
    designed to gain access, take control of important data and then demand
    money to end the ensuing crisis. It's a popular extortion-hacking
    scheme that's now seeing a new source of success.

    American governments, particularly cities, states, law enforcement agencies, and schools, are being increasingly targeted by ransomware, according to a
    new report from the cybersecurity firm Recorded Future. At least 170
    government systems have been attacked since 2013, according to public
    reports. And there have been 21 attacks so far this year, Recorded Future found, and 2019 is on pace to tally the highest ever number of ransomware attacks against cities. But due to the lack of transparency and
    accountability, there are likely more attacks unknown to both the public and many defenders.

    Is this due to an overall rise in ransomware attacks, or is it a result of
    more cities bringing their systems online? No one knows the full answer because, thanks to a lack of transparency and information sharing rules, no
    one knows fully what's happening.

    In a time when American cities are struggling to deal with crumbling infrastructure -- bad roads, collapsing bridges, old hospitals -- it's
    becoming increasingly clear that vulnerable networks ought to be added to
    the list of decaying necessities in dire need of an upgrade. With the
    emergence of the so-called smart city, in which everything is connecting to
    the Internet -- including those very same roads, bridges, and hospitals --
    the challenges facing cities loom even larger.

    ``We see with cities coming online in every respect so that when ransomware takes them offline, how much it affects constituents,'' Recorded Future's
    Allan Liska told Gizmodo. ``Atlanta had everything in the `smart city', so even court systems were taken offline, no one could pay anything through the city because the systems were taken offline.''

    Cities around the country are racing to become `smart'. Tech and federal
    money along with an undeniable popular sentiment to modernize government is driving the push to connect. But it's one thing to let an algorithm direct
    road crews or build a facial recognition system to identify drivers -- it's
    an entirely different issue to have cities prepared to deal with the
    inevitable security problems that will pop up. That's to say nothing of the looming privacy concerns of smart cities.


    Date: Thu, 16 May 2019 22:12:37 +0100
    From: Chris Drewe <e767pmk@yahoo.co.uk>
    Subject: Re: Gregory Travis's article on the 737 MAX (RISKS-31.21-23)

    RISKS-31.21-23 have had several posts on this item:

    My knowledge of modern passenger aircraft design and operation is
    negligible, along with the relationships between manufacturers and airlines, but obviously there's an enormously-complicated combination of systems interacting here. Topics like these are not well covered by mainstream
    media, so it's useful to have informed debates in forums like RISKS. Investigations are still ongoing as I write.

    Personally, I find it NOT useful to have soap opera-style name-calling, intentionally avoiding scientific rigour to maximise emotional impact.
    Total safety is pretty easy to achieve, it just needs infinite quantities of time, money, and resources. In real life these are all restricted, so compromises are necessary. A good design isn't one which is almost perfect
    but never gets made because it's too expensive, it's one which makes the
    best trade-offs between conflicting demands, which in turn require value judgments, which is one reason why we have agreed safety standards. The
    safety of aircraft can always be improved by spending more money, but the planes have to be low-cost enough for airlines to afford to buy or lease
    them, and the tickets affordable for passengers, and air-related businesses have to make money or they go bust. It's easy to be wise with hindsight.


    Date: Wed, 15 May 2019 12:29:39 +0100
    From: Martin Ward <martin@gkc.org.uk>
    Subject: Re: Healthcare spending (RISKS-31.22)

    A couple of posts in Risks Digest 31.22 seemed related:

    Abilify MyCite adds the electronic tracking component and, at $1,650 a
    month, costs almost 30 times as much as a 30-day supply of generic
    at a Costco pharmacy.

    How much would a daily visit from a carer cost? If one carer had only three people to look after, then this would save nearly $60,000 a year to cover
    their employment. There would also be a number of other benefits, besides ensuring that the patient takes their medication.

    resident physicians in a busy emergency room spent 28 percent of their
    work time with patients and 43 percent on data entry, during which they
    made 4,000 keystrokes.

    Providing each physician with a secretary proficient in typing and medical terminology would appear to allow them to at least double the time they
    spend with patients, while costing far less than doubling the number of physicians.

    But in a Capitalist economy the technological solution is much more
    attractive than the human solution: because there is more profit to be made from a technological solution, and profit is everything!


    Date: Wed, 15 May 2019 12:29:49 +0100
    From: Martin Ward <martin@gkc.org.uk>
    Subject: Re: Is curing patients a sustainable business model?

    A friend of mine once opined that advertising was a zero-sum game.

    This is clearly incorrect: it can only be a negative-sum game. The name of
    the game (as with competition in so many other areas) is to try to hurt your opponent *more* than you hurt yourself. Then you have "won" the game.

    You seem to think it incredible that billions of dollars spent in
    advertising will actually have a measurable psychological effect on hundreds
    of millions of people. But advertising *works*: otherwise nobody would do

    Attempts to introduce competition into the Soviet economy were a
    However, attempts to run an economy (the Soviet economy again) without competition were also a disaster.

    This is also factually incorrect.

    This Reddit post gives a carefully argued, factually supported,
    comparison between US capitalism and Soviet communism:


    Let's unpack the idea that "Capitalism works". In the US, the most
    developed Capitalist country, the richest country in the history of the

    1 out of every 7 US citizens needs to visit food banks to survive, despite having enough food to feed 10 billion people. Half of all food produced is thrown away by retailers.

    Empty homes outnumber the homeless by 6 to 1. Bank foreclosures and housing speculators have left 18.9 million empty homes. 2.5 million homeless
    children, or ~1 / 30. In the UK, there are 10x more empty houses than
    homeless families.

    UNICEF, RESULTS, and Bread for the World estimate that 15 million people die each year from preventable poverty, of whom 11 million are children under
    the age of five.

    In the US alone, 20-40k deaths every year because of lack of health
    insurance / care. On average, that's 300k over the last decade.

    Average US household carries ~$140k in debt. Median household income only $60k, 40% of millennials live with their parents.

    8 men control as much wealth as half the worlds population. Anyone wanna
    take a guess at how this game of monopoly ends?

    80% of US workers live paycheck to paycheck, 40% cannot cover a $400

    US Life expectancy peaked in 2015, is on the decline, and is now lower than
    in China.

    Suicide rates have leaped more than 25% in the last 20 years.

    Committed countless atrocities, killing millions directly and indirectly
    across the globe. Imperialist network of 800 military bases in 70

    Most prisoners per capita AND by total. Makes sense, since prison is Capitalism's boarding house. Runs least 54 agricultural slave labor camps.

    Capitalist hegemony has short-circuited people into buying wildly illogical
    and ridiculous propaganda like: "Lift yourselves up by the bootstraps"
    (which shows the almost religious power of capitalist propaganda, that the impossible can become possible), or "Communism doesn't work", when in fact Communism did work extremely well.

    Examples from this post by /u/bayarea415 about the USSR specifically:

    * USSR had more nutritious food than the US (CIA). Calories consumed
    surpassed the US. Ended famines. Had the 2nd fastest growing economy of
    the 20th century after Japan. The USSR started out at the same level of
    economic development and population as Brazil in 1920, which makes
    comparisons to the US, an already industrialized country by the 1920s,
    even more spectacular.

    * Free Universal Health care, and most doctors per capita in the world. 42
    doctors per 10,000 population, vs 24 in Denmark and Sweden, 19 in US.

    * Had zero unemployment, continuous economic growth for 70 straight years.
    The "continuous" part should make sense --- the USSR was a planned,
    non-market economy, so market crashes ß la capitalism were pretty much

    * All education, including university level, free.

    * 99% literacy.

    * Saved the world from Fascism, killing 7 out of every 10 fascist soldier,
    bore the enormous cost of blood and pain). Nazis were in retreat after
    the battle of Stalingrad in 1942, a full 2 years before the US landed
    troops in normandy.

    * Doubled life expectancy. Eliminated poverty.

    * End gender inequality. Equal wages for men and women mandated by law, but
    gender inequality, although not as pronounced as under capitalism, was
    perpetuated in social roles. Very important lesson to learn.

    * End racial inequality.

    * Feudalism to space travel in 40 years. First satellite, rocket, space
    walk, woman, man, animal, space station, moon and mars probes.

    * Had zero homelessness. Houses were often shared by two families
    throughout the 20s and 30s--so unlike capitalism, there were no empty
    houses, but the houses were very full. In the 40s there was the war, and
    in the 50s there were a number of orphans from the war. The mass housing
    projects began in the 60s, they were completed in the 70s, and by the 70s,
    there were homeless people, but they often had genuine issues with mental

    Now let's take a look at what happens after the USSR collapse:

    * Life expectancy decreases by 10 years. 7.7 million excess deaths
    in the first year.

    * 40% of population drops into poverty.

    * GDP instantly halves.

    * One in ten children now live on the streets. Infant mortality increases.
    Was 29.3 in 2003 which is around (current) Syria and Micronesia, 7.9 in
    2013. Infant mortality in USSR was 1.92, literally the lowest in the

    * 1996 election rigged by the US, Yeltsin sends in tanks to disperse the
    supreme soviet.

    For an overview of the soviet experiment, watch this brilliant talk by
    Micheal Parenti, or read his article, Left anticommunism, the unkindest cut.

    Also read this great article by Stephen Gowans, Do publicly owned, planned economies work?. Audio on youtube

    Bonus vid about cyber-communism: Paul Cockshott, Going beyond money.

    More sources: Socialism Crash Course, Socialism FAQ, Glossary.

    Follow this link for the above references:


    a profound discouragement to technical innovation

    That is the propaganda. The reality is (as discussed above):

    If you follow the Reddit links, then you will find that all of the above statements are supported with factual documentation. None of your statements come with any factual support.

    I am happy to continue the debate, but please can we stick to facts only
    and leave out the opinion and propaganda?

    Note: I am not suggesting that Communism is the ideal. I prefer G.K.Chesterton's Distributism to either Capitalism or Communism.


    Date: Mon, 14 Jan 2019 11:11:11 -0800
    From: RISKS-request@csl.sri.com
    Subject: Abridged info on RISKS (comp.risks)

    The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
    comp.risks, the feed for which is donated by panix.com as of June 2011.
    SUBSCRIPTIONS: The mailman Web interface can be used directly to
    subscribe and unsubscribe:

    SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that
    includes the string `notsp'. Otherwise your message may not be read.
    *** This attention-string has never changed, but might if spammers use it.
    SPAM challenge-responses will not be honored. Instead, use an
    address from which you never send mail where the address becomes public!
    The complete INFO file (submissions, default disclaimers, archive sites,
    copyright policy, etc.) is online.
    *** Contributors are assumed to have read the full info file for guidelines!

    OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
    searchable html archive at newcastle:
    http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
    Also, ftp://ftp.sri.com/risks for the current volume
    or ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
    If none of those work for you, the most recent issue is always at
    http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-31.00
    Lindsay has also added to the Newcastle catless site a palmtop version
    of the most recent RISKS issue and a WAP version that works for many but
    not all telephones: http://catless.ncl.ac.uk/w/r
    ALTERNATIVE ARCHIVES: http://seclists.org/risks/ (only since mid-2001)
    *** NOTE: If a cited URL fails, we do not try to update them. Try
    browsing on the keywords in the subject line or cited article leads.
    Apologies for what Office365 and SafeLinks may have done to URLs.
    Special Offer to Join ACM for readers of the ACM RISKS Forum:


    End of RISKS-FORUM Digest 31.25

    ... Nothing ever becomes real till it is experienced. - John Keats
    --- GoldED+/LNX 1.1.5-b20180707
    * Origin: Outpost BBS * Limestone, TN, USA (1:18/200)