According to Interpol, nearly 4,000 people around the world have been arrested for a variety of online crimes, with $257 million in assets seized. The Record reports: The operation, dubbed First Light, was conducted by police officers from 61 countries and targeted phishing, investment fraud, fake online shopping sites, romance scams, and impersonation scams, according to a statement by Interpol. In addition to arresting thousands of potential cybercriminals, the police also identified over 14,600 other possible suspects across all continents.

During the searches, law enforcement seized suspects' real estate, high-end vehicles, expensive jewelry, and many other high-value items and collections. They also froze 6,745 bank accounts used for transferring money obtained through illegal operations. In one case, the police intercepted $331,000 gleaned from a business email compromise fraud involving a Spanish victim who unknowingly transferred money to someone in Hong Kong. In another case, authorities in Australia successfully recovered $3.7 million on behalf of an impersonation scam victim after the funds were fraudulently transferred to bank accounts in Malaysia and Hong Kong.

The criminal networks identified during the operation were spread around the globe. In Namibia, for example, the police rescued 88 local youths who were forced into conducting scams as part of a sophisticated international crime network, according to Interpol. Law enforcement from Singapore, Hong Kong, and China prevented an attempted tech support scam, saving a 70-year-old victim from losing $281,200 worth of savings.

Fujifilm's X100 digital camera, once a niche product, has become an unexpected cash cow, driven by surging demand from young social media users. The retro-styled $1,599 camera has boosted Fujifilm's imaging division to its biggest profit contributor, accounting for 37% of operating profit in fiscal 2023, up from 27% the previous year.

Despite doubling production in China for the latest model, Fujifilm struggles to meet demand. The camera's popularity on platforms like TikTok has transformed it into a coveted accessory. The surge marks an unexpected reversal for Fujifilm, which had pivoted towards healthcare after the decline of traditional film photography.

An anonymous reader quotes a report from Ars Technica: Temu -- the Chinese shopping app that has rapidly grown so popular in the US that even Amazon is reportedly trying to copy it -- is "dangerous malware" that's secretly monetizing a broad swath of unauthorized user data, Arkansas Attorney General Tim Griffin alleged in a lawsuit (PDF) filed Tuesday. Griffin cited research and media reports exposing Temu's allegedly nefarious design, which "purposely" allows Temu to "gain unrestricted access to a user's phone operating system, including, but not limited to, a user's camera, specific location, contacts, text messages, documents, and other applications."

"Temu is designed to make this expansive access undetected, even by sophisticated users," Griffin's complaint said. "Once installed, Temu can recompile itself and change properties, including overriding the data privacy settings users believe they have in place." Griffin fears that Temu is capable of accessing virtually all data on a person's phone, exposing both users and non-users to extreme privacy and security risks. It appears that anyone texting or emailing someone with the shopping app installed risks Temu accessing private data, Griffin's suit claimed, which Temu then allegedly monetizes by selling it to third parties, "profiting at the direct expense" of users' privacy rights. "Compounding" risks is the possibility that Temu's Chinese owners, PDD Holdings, are legally obligated to share data with the Chinese government, the lawsuit said, due to Chinese "laws that mandate secret cooperation with China's intelligence apparatus regardless of any data protection guarantees existing in the United States."

Griffin's suit cited an extensive forensic investigation into Temu by Grizzly Research -- which analyzes publicly traded companies to inform investors -- last September. In their report, Grizzly Research alleged that PDD Holdings is a "fraudulent company" and that "Temu is cleverly hidden spyware that poses an urgent security threat to United States national interests." As Griffin sees it, Temu baits users with misleading promises of discounted, quality goods, angling to get access to as much user data as possible by adding addictive features that keep users logged in, like spinning a wheel for deals. Meanwhile hundreds of complaints to the Better Business Bureau showed that Temu's goods are actually low-quality, Griffin alleged, apparently supporting his claim that Temu's end goal isn't to be the world's biggest shopping platform but to steal data. Investigators agreed, the lawsuit said, concluding "we strongly suspect that Temu is already, or intends to, illegally sell stolen data from Western country customers to sustain a business model that is otherwise doomed for failure." Seeking an injunction to stop Temu from allegedly spying on users, Griffin is hoping a jury will find that Temu's alleged practices violated the Arkansas Deceptive Trade Practices Act (ADTPA) and the Arkansas Personal Information Protection Act. If Temu loses, it could be on the hook for $10,000 per violation of the ADTPA and ordered to disgorge profits from data sales and deceptive sales on the app. In a statement to Ars, a Temu spokesperson discredited Grizzly Research's investigation and said that the company was "surprised and disappointed by the Arkansas Attorney General's Office for filing the lawsuit without any independent fact-finding."

"The allegations in the lawsuit are based on misinformation circulated online, primarily from a short-seller, and are totally unfounded," Temu's spokesperson said. "We categorically deny the allegations and will vigorously defend ourselves."

"We understand that as a new company with an innovative supply chain model, some may misunderstand us at first glance and not welcome us. We are committed to the long-term and believe that scrutiny will ultimately benefit our development. We are confident that our actions and contributions to the community will speak for themselves over time." Last year, Temu was the most downloaded app in the U.S. and has only become more popular as reports of security and privacy risks have come out.

The US Conference of Mayors, which speaks for the administrations of more than 1,400 cities with a population of at least 30,000 people, adopted a resolution over the weekend at its annual meeting that voiced an objection to HR 3557, a draft law known as the American Broadband Deployment Act of 2023. From a report: The bill, which was introduced by House Rep Earl Carter (R-GA) last May and is awaiting further consideration by Congress, is ostensibly designed to make it easier for telcos to build infrastructure and run additional cables on state and locally managed land, ideally allowing fast broadband connectivity to reach more and more folks.

Rep Carter went as far as saying his proposals will ensure "more Americans have access to internet and the United States can maintain its competitive edge against China." Meanwhile, the mayors say HR 3557 strips local governments of authority to oppose bad projects. What raises particular ire are provisions in the draft law that would provide a very short window for opposition. What we have here, basically, is a classic example of one side trying to strip away what is perceived to be bureaucracy and red tape, and the other side insisting that checks and balances are sorely needed.

Chinese undersea cable manufacturers are experiencing growth despite U.S. trade restrictions, as Beijing pushes for self-sufficiency in critical communications infrastructure, Nikkei is reporting. FiberHome International Technologies, blacklisted by the U.S. in 2020, reports increased business due to China's drive for domestic production. "We don't need foreign technologies," a FiberHome executive told Nikkei.

China is challenging U.S. dominance in the global undersea cable network, which spans 1.4 million kilometers and carries over 95% of the world's data. Chinese companies are expected to contribute 45% of new cable installations from 2023 to 2028, according to industry estimates. The Asia-Pacific region leads in subsea cable investment, with China spearheading multiple projects connecting to Southeast Asian nations. This aligns with President Xi Jinping's "Digital Silk Road" initiative, part of the broader Belt and Road strategy. However, geopolitical tensions have led to project delays and increased costs. Some cables are being rerouted to avoid contentious areas like the South China Sea, potentially creating parallel networks divided along geopolitical lines.

ChatGPT developer OpenAI has sent out emails to users based in countries it considers "unsupported," saying it will block their access for good starting July 9. From a report: The email, reproduced on the OpenAI community forum here, includes a brief statement. "Our data shows that your organization has API traffic from a region that OpenAI does not currently support," it reads. "We will be taking additional measures to block API traffic from regions that are not on our supported countries and territories list starting on July 9."

"To continue using OpenAI's services, you will need to access the service in a supported region," it concludes. Much of the world has access to OpenAI including virtually the entire West, most of Eastern Europe, South Asia, and about half of Africa. However, there are some notable absences on the list such as Russia, Iran, Saudi Arabia, and mainland China.

China brought a capsule full of lunar soil [non-paywalled link] from the far side of the moon down to Earth on Tuesday, achieving the latest success in an ambitious schedule to explore the moon and other parts of the solar system. From a report: The sample, retrieved by the China National Space Administration's Chang'e-6 lander after a 53-day mission, highlights China's growing capabilities in space and notches another win in a series of lunar missions that started in 2007 and have so far been executed almost without flaw. "Chang'e-6 is the first mission in human history to return samples from the far side of the moon," Long Xiao, a planetary geologist at China University of Geosciences, wrote in an email. "This is a major event for scientists worldwide," he added, and "a cause for celebration for all humanity."

Such sentiments and the prospects of international lunar sample exchanges highlighted the hope that China's robotic missions to the moon and Mars will serve to advance scientific understanding of the solar system. Those possibilities are contrasted by views in Washington and elsewhere that Tuesday's achievement is the latest milestone in a 21st-century space race with geopolitical overtones. In February, a privately operated American spacecraft landed on the moon. NASA is also pursuing the Artemis campaign to return Americans to the lunar surface, although its next mission, a flight by astronauts around the moon, has been delayed because of technical issues. China, too, is looking to expand its presence on the moon, landing more robots there, and eventually human astronauts, in the years to come.

The Biden administration is investigating China Mobile, China Telecom and China Unicom over concerns the firms could exploit access to American data through their U.S. cloud and internet businesses by providing it to Beijing, Reuters reported Tuesday, citing sources familiar with the matter. From the report: The companies still have a small presence in the United States, for example, providing cloud services and routing wholesale U.S. internet traffic. That gives them access to Americans' data even after telecom regulators barred them from providing telephone and retail internet services in the United States.

Reuters found no evidence the companies intentionally provided sensitive U.S. data to the Chinese government or committed any other type of wrongdoing. The investigation is the latest effort by Washington to prevent Beijing from exploiting Chinese firms' access to U.S. data to harm companies, Americans or national security, as part of a deepening tech war between the geopolitical rivals. It shows the administration is trying to shut down all remaining avenues for Chinese companies already targeted by Washington to obtain U.S. data.

Passant Rabie reports via Gizmodo: A video circulating online appears to show debris from a Chinese rocket falling above a populated area, with residents running for cover as a heavy cloud of dark yellow smoke trails across the sky in a frightening scene. The suspected debris may have come from China's Long March 2C rocket, which launched on Saturday, June 22, carrying a joint mission by China and France to study Gamma-ray bursts. The launch was declared a success, but its aftermath was captured by videos posted to Chinese social media sites.

The videos show what appears to be the first stage rocket booster of the Long March 2C rocket tumbling uncontrollably over a village in southwest China, while local residents cover their ears and run for shelter from the falling debris. There are no reports of injuries or damage to property. That said, unverified video and images show a gigantic cloud erupting at the site of the crashed rocket, and the booster itself seemingly next to a roadway. The first stage of the rocket can be seen leaking fuel, the color of which is consistent with nitrogen tetroxide. The chemical compound is a strong oxidizing agent that is used for rocket propulsion but it can be fatally toxic, according to Jonathan McDowell, astrophysicist at the Harvard-Smithsonian Center.

"It's known in the rocket industry as BFRC, a big fucking red cloud," McDowell told Gizmodo. "And when you see a BFRC, you run for your life." Nitrogen tetroxide was accepted as the rocket propellant oxidizer of choice in the early 1950s by the U.S.S.R. and the United States, however it became less commonly used over the years because it is extremely toxic, according to NASA (PDF). If it comes in contact with skin, eyes, or respiratory system, it can destroy human tissue, and if inhaled through the lungs, it can lead to a build up of fluids or, in extreme cases, death. "It's pretty scary, but this is just how the Chinese do business," McDowell told Gizmodo. "They have a different level of acceptable public risk." "I think over a 10 year period, we may see the older rockets phased out but they're not in any hurry to do so," added McDowell. "They're still launching one a week or something like that, and they are really quite dangerous."

Top officials from the European Union and China agreed to negotiate a planned series of import taxes on Chinese electric vehicles. "The call marks the first time the two sides have agreed to negotiate since the EU threatened China with electric vehicle (EV) tariffs of up to 38%," reports the BBC. From the report: The EU said Chinese EVs were unfairly subsidised by its government. In response, China accused the EU of protectionism and trade rule breaches. An EU spokesperson told the BBC the call between Trade Commissioner Valdis Dombrovskis and his Chinese counterpart Wang Wentao was "candid and constructive." They said the two sides would "continue to engage at all levels in the coming weeks." However, the spokesperson also doubled down on the EU's opposition to how the Chinese EV industry is funded. They said "any negotiated outcome" to the proposed tariffs must address the "injurious subsidisation" of Chinese EVs.

China released a similar statement on Saturday and made clear it still disagreed with the EU. As well as its call with the EU, Mr Wang met German Vice-Chancellor and Federal Minister for Economic Affairs and Climate Action Robert Habeck on Saturday. In a Facebook post about the meeting, China's Ministry of Commerce said it had told Mr Habeck about its "firm opposition" to the tariffs. It repeated its threat to file a lawsuit with the World Trade Organization (WTO) "to firmly defend its legitimate rights and interests."

Germany has also expressed criticism of the tariffs. When the EU first proposed them last week following its investigation of Chinese EVs in the trading bloc, Germany's Transport Minister, Volker Wissing, said the move risked a "trade war" with Beijing. "The European Commission's punitive tariffs hit German companies and their top products," he wrote on X, formerly known as Twitter, at the time. The European car industry has been critical too. Stellantis - which owns Citroen, Peugeot, Vauxhall, Fiat, and several other brands - said it did not support measures that "contribute to the world fragmentation [of trade]."

JD.com founder Richard Liu warned employees against prioritizing work-life balance during a recent video conference, stating those who "put life first and work second" were not welcome at the company. This stance reflects a broader trend in China's tech sector as executives face slowing growth and increased competition.

Major tech firms, including Alibaba and Tencent, have cut tens of thousands of jobs since 2021. Companies are now seeking younger, cheaper workers and demanding longer hours from existing staff. Pinduoduo, an e-commerce group known for its high productivity and grueling work culture, is seen as a model by some in the industry. In 2021, two Pinduoduo employees died in incidents linked to overwork by colleagues.

Older tech professionals, typically over 35, face the greatest risk of redundancy and struggle to find new positions. Employers often view them as expensive and less flexible due to family responsibilities. A 2023 survey of 2,200 professionals in China's largest cities revealed widespread anxiety about career prospects and work-life balance. Many in the industry report experiencing depression and high stress levels.

"A Chinese launch of the joint Sino-French SVOM mission to study Gamma-ray bursts early Saturday saw toxic rocket debris fall over a populated area..." writes Space News: SVOM is a collaboration between the China National Space Administration (CNSA) and France's Centre national d'études spatiales (CNES). The mission will look for high-energy electromagnetic radiation from these events in the X-ray and gamma-ray ranges using two French and two Chinese-developed science payloads... Studying gamma-ray bursts, thought to be caused by the death of massive stars or collisions between stars, could provide answers to key questions in astrophysics. This includes the death of stars and the creation of black holes.

However the launch of SVOM also created an explosion of its own closer to home.A video posted on Chinese social media site Sina Weibo appears to show a rocket booster falling on a populated area with people running for cover. The booster fell to Earth near Guiding County, Qiandongnan Prefecture in Guizhou province, according to another post...

A number of comments on the video noted the danger posed by the hypergolic propellant from the Long March rocket... The Long March 2C uses a toxic, hypergolic mix of nitrogen tetroxide and unsymmetrical dimethylhydrazine (UDMH). Reddish-brown gas or smoke from the booster could be indicative of nitrogen tetroxide, while a yellowish gas could be caused by hydrazine fuel mixing with air. Contact with either remaining fuel or oxidizer from the rocket stage could be very harmful to individuals.
"Falling rocket debris is a common issue with China's launches from its three inland launch sites..." the article points out.

"Authorities are understood to issue warnings and evacuation notices for areas calculated to be at risk from launch debris, reducing the risk of injuries.

sonlas writes: Germany's energy transition plan includes extensive interconnection projects to distribute its intermittent renewable energy production. However, these projects face significant challenges. The latest example is Sweden. One such project, Hansa PowerBridge, announced in 2017, intended to link Germany and Sweden via a 300 km HVDC line through the Baltic Sea. This 700 MW project, estimated at 600 million euro, aimed to stabilize Germany's volatile electricity prices. However, on June 14, 2024, Sweden rejected the project, citing incompatibility between the countries' electricity systems. The connection would link northern Germany to southern Sweden, an area with insufficient infrastructure. Concerns also arose about the volatile German market disrupting Sweden's and increasing local prices. Energy Minister Ebba Busch justified this decision by saying the German market is currently not efficient enough and a connection would risk leading to higher prices and a more unstable electricity market in southern Sweden.

This highlights the difficulty Germany faces with its Energiewende, or energy transition model. This model leads to erratic electricity price behaviors and significant challenges in balancing production capacities. While a possible solution for Germany lies in interconnection with neighboring countries, the examples of Norway (which cancelled the NorGer project too) and Sweden show that from the perspective of these neighbors, it looks more like an "export of German problems" rather than a solution.

An anonymous reader shares a report: Punishing heat waves gripped three continents on Tuesday, breaking records in cities around the Northern Hemisphere less than two weeks after the Earth recorded what scientists said were likely its hottest days in modern history. Firefighters in Greece scrambled to put out wildfires, as parched conditions raised the risk of more blazes throughout Europe. Beijing logged another day of 95-degree heat, and people in Hangzhou, another Chinese city, compared the choking conditions to a sauna. From the Middle East to the American Southwest, delivery drivers, airport workers and construction crews labored under blistering skies. Those who could stay indoors did.

The temperatures, afflicting so much of the world all at once, were a withering reminder that climate change is a global crisis, driven by human-made forces: the emissions of heat-trapping gases, mainly caused by the burning of fossil fuels. John Kerry, the U.S. special envoy for climate change, sought to coordinate some of the global response with the Chinese premier in Beijing, as a heat wave clutched a huge swath of China. "The world really is looking to us for that leadership, particularly on the climate issue," Mr. Kerry told Chinese officials. "Climate, as you know, is a global issue, not a bilateral issue. It's a threat to all of humankind."

The planet has warmed about 2 degrees Fahrenheit since the 19th century and will continue to grow hotter until humans essentially stop burning coal, oil and gas, scientists say. The warmer temperatures contribute to extreme weather events and help make periods of extreme heat more frequent, longer and more intense. Also affecting this year's conditions is the return of El Nino, a cyclical weather pattern that, depending on the sea surface temperature and the pressure of the air above it, can originate in the Pacific and have wide-ranging effects on weather around the world.

Shubham Sharma reports via VentureBeat: Chinese AI startup DeepSeek, which previously made headlines with a ChatGPT competitor trained on 2 trillion English and Chinese tokens, has announced the release of DeepSeek Coder V2, an open-source mixture of experts (MoE) code language model. Built upon DeepSeek-V2, an MoE model that debuted last month, DeepSeek Coder V2 excels at both coding and math tasks. It supports more than 300 programming languages and outperforms state-of-the-art closed-source models, including GPT-4 Turbo, Claude 3 Opus and Gemini 1.5 Pro. The company claims this is the first time an open model has achieved this feat, sitting way ahead of Llama 3-70B and other models in the category. It also notes that DeepSeek Coder V2 maintains comparable performance in terms of general reasoning and language capabilities.

Founded last year with a mission to "unravel the mystery of AGI with curiosity," DeepSeek has been a notable Chinese player in the AI race, joining the likes of Qwen, 01.AI and Baidu. In fact, within a year of its launch, the company has already open-sourced a bunch of models, including the DeepSeek Coder family. The original DeepSeek Coder, with up to 33 billion parameters, did decently on benchmarks with capabilities like project-level code completion and infilling, but only supported 86 programming languages and a context window of 16K. The new V2 offering builds on that work, expanding language support to 338 and context window to 128K -- enabling it to handle more complex and extensive coding tasks. When tested on MBPP+, HumanEval, and Aider benchmarks, designed to evaluate code generation, editing and problem-solving capabilities of LLMs, DeepSeek Coder V2 scored 76.2, 90.2, and 73.7, respectively -- sitting ahead of most closed and open-source models, including GPT-4 Turbo, Claude 3 Opus, Gemini 1.5 Pro, Codestral and Llama-3 70B. Similar performance was seen across benchmarks designed to assess the model's mathematical capabilities (MATH and GSM8K). The only model that managed to outperform DeepSeek's offering across multiple benchmarks was GPT-4o, which obtained marginally higher scores in HumanEval, LiveCode Bench, MATH and GSM8K. [...]

As of now, DeepSeek Coder V2 is being offered under a MIT license, which allows for both research and unrestricted commercial use. Users can download both 16B and 236B sizes in instruct and base avatars via Hugging Face. Alternatively, the company is also providing access to the models via API through its platform under a pay-as-you-go model. For those who want to test out the capabilities of the models first, the company is offering the option to interact. with Deepseek Coder V2 via chatbot.

"At the height of the COVID-19 pandemic, the U.S. military launched a secret campaign to counter what it perceived as China's growing influence in the Philippines..." reports Reuters.

"It aimed to sow doubt about the safety and efficacy of vaccines and other life-saving aid that was being supplied by China, a Reuters investigation found."

Reuters interviewed "more than two dozen current and former U.S officials, military contractors, social media analysts and academic researchers," and also reviewed posts on social media, technical data and documents about "a set of fake social media accounts used by the U.S. military" — some active for more than five years. Friday they reported the results of their investigation: Through phony internet accounts meant to impersonate Filipinos, the military's propaganda efforts morphed into an anti-vax campaign. Social media posts decried the quality of face masks, test kits and the first vaccine that would become available in the Philippines — China's Sinovac inoculation. Reuters identified at least 300 accounts on X, formerly Twitter, that matched descriptions shared by former U.S. military officials familiar with the Philippines operation. Almost all were created in the summer of 2020 and centered on the slogan #Chinaangvirus — Tagalog for China is the virus.

"COVID came from China and the VACCINE also came from China, don't trust China!" one typical tweet from July 2020 read in Tagalog. The words were next to a photo of a syringe beside a Chinese flag and a soaring chart of infections. Another post read: "From China — PPE, Face Mask, Vaccine: FAKE. But the Coronavirus is real." After Reuters asked X about the accounts, the social media company removed the profiles, determining they were part of a coordinated bot campaign based on activity patterns and internal data.

The U.S. military's anti-vax effort began in the spring of 2020 and expanded beyond Southeast Asia before it was terminated in mid-2021, Reuters determined. Tailoring the propaganda campaign to local audiences across Central Asia and the Middle East, the Pentagon used a combination of fake social media accounts on multiple platforms to spread fear of China's vaccines among Muslims at a time when the virus was killing tens of thousands of people each day. A key part of the strategy: amplify the disputed contention that, because vaccines sometimes contain pork gelatin, China's shots could be considered forbidden under Islamic law...

A senior Defense Department official acknowledged the U.S. military engaged in secret propaganda to disparage China's vaccine in the developing world, but the official declined to provide details. A Pentagon spokeswoman... also noted that China had started a "disinformation campaign to falsely blame the United States for the spread of COVID-19."
A senior U.S. military officer directly involved in the campaign told Reuters that "We didn't do a good job sharing vaccines with partners. So what was left to us was to throw shade on China's."

At least six senior State Department officials for the region objected, according to the article. But in 2019 U.S. Defense Secretary Mark Esper signed "a secret order" that "elevated the Pentagon's competition with China and Russia to the priority of active combat, enabling commanders to sidestep the StateDepartment when conducting psyops against those adversaries."

[A senior defense official] said the Pentagon has rescinded parts of Esper's 2019 order that allowed military commanders to bypass the approval of U.S. ambassadors when waging psychological operations. The rules now mandate that military commanders work closely with U.S. diplomats in the country where they seek to have an impact. The policy also restricts psychological operations aimed at "broad population messaging," such as those used to promote vaccine hesitancy during COVID...

Nevertheless, the Pentagon's clandestine propaganda efforts are set to continue. In an unclassified strategy document last year, top Pentagon generals wrote that the U.S. military could undermine adversaries such as China and Russia using "disinformation spread across social media, false narratives disguised as news, and similar subversive activities [to] weaken societal trust by undermining the foundations of government."

And in February, the contractor that worked on the anti-vax campaign — General Dynamics IT — won a $493 million contract. Its mission: to continue providing clandestine influence services for the military.

Wednesday the annual electric vehicle outlook report was released by market researcher BloombergNEF. And the analyst wrote that "Our long-term outlook for EVs remains bright," according to the Los Angeles Times: In 2023, EVs made up 18% of global passenger-vehicle sales. By 2030, according to the report, 45% will be EVs. That number jumps to 73% by 2040 — still short of what the world needs to reach net zero emissions in transportation, the firm says, but enough to achieve major reductions in climate-changing carbon emissions...

[D]ifferent countries are moving at different speeds and with different levels of commitment. Today, "China, India and France are still showing signs of healthy growth, but the latest data from Germany, Italy and the U.S. is more concerning," BloombergNEF said. Global EV sales "are set to rise from 13.9 million in 2023 to over 30 million in 2027," despite the lagging U.S. [The article points out later that "For the first quarter in China, EV sales were up 37%, according to BloombergNEF. In India, it's 39%, and in France, 20%. The U.S. was a laggard, up just 4%."]

Whatever the geography, consumer concerns about price, driving range, battery lifespan, and unreliable public charging continue to dampen many buyers' enthusiasm for EVs. BloombergNEF's findings are echoed by consulting firm McKinsey and the AAA motor club, in recent forecasts of their own. But EV prices are coming down, range is improving, and large numbers of public chargers are being installed, all of which could revive sales growth. Consumers around the planet are warming to the idea of buying an electric car, but they're moving slowly. According to McKinsey, 14% of 30,000 global survey respondents in 2021 said their next vehicle would be an EV. This year, it's 18%.

In the U.S. it's a different story, where consumer interest in an EV purchase declined to 18% this year, according to AAA's survey, down from 23% in 2023. And nearly two-thirds reported they were unlikely to buy an EV next time they buy a car. Interest in hybrids is on the rise. One in three said they were likely to buy a hybrid, a vehicle that adds a small battery to an internal combustion engine to improve fuel efficiency. That's bad news for pure EV sales, at least in the immediate future, said Greg Brannon, head of automotive research at AAA. Early adopters already have their EVs, he said, while mainstream buyers remain skeptical.
The article does note that major automakers "are losing billions of dollars in their EV division," with several cutting the EV goals for the U.S. (Though Hyundai and Kia are not.) And then there's this... A global survey conducted by consulting firm McKinsey, also released Wednesday, included this shocker: 29% of EV owners told McKinsey they plan to replace the EV they bought with a gasoline or diesel car, a figure that jumps to 38% for U.S. EV owners. Phillip Kampshoff, who leads McKinsey's Center for Future Mobility in the Americas, said he'd seen EV sales as "a one way street. Once you buy, you're hooked on an EV. But that's not what the data shows...."
But the article points out that both BloombergNEF and McKinsey still remained bullish that adoption will increase in the future.

A critical vulnerability in the PHP programming language (CVE-2024-4577) has been exploited by ransomware criminals, leading to the infection of up to 1,800 servers primarily in China with the TellYouThePass ransomware. This vulnerability, which affects PHP when run in CGI mode, allows attackers to execute malicious code on web servers. Ars Technica's Dan Goodin reports: As of Thursday, Internet scans performed by security firm Censys had detected 1,000 servers infected by a ransomware strain known as TellYouThePass, down from 1,800 detected on Monday. The servers, primarily located in China, no longer display their usual content; instead, many list the site's file directory, which shows all files have been given a .locked extension, indicating they have been encrypted. An accompanying ransom note demands roughly $6,500 in exchange for the decryption key. The vulnerability, tracked as CVE-2024-4577 and carrying a severity rating of 9.8 out of 10, stems from errors in the way PHP converts Unicode characters into ASCII. A feature built into Windows known as Best Fit allows attackers to use a technique known as argument injection to convert user-supplied input into characters that pass malicious commands to the main PHP application. Exploits allow attackers to bypass CVE-2012-1823, a critical code execution vulnerability patched in PHP in 2012.

CVE-2024-4577 affects PHP only when it runs in a mode known as CGI, in which a web server parses HTTP requests and passes them to a PHP script for processing. Even when PHP isn't set to CGI mode, however, the vulnerability may still be exploitable when PHP executables such as php.exe and php-cgi.exe are in directories that are accessible by the web server. This configuration is extremely rare, with the exception of the XAMPP platform, which uses it by default. An additional requirement appears to be that the Windows locale -- used to personalize the OS to the local language of the user -- must be set to either Chinese or Japanese. The critical vulnerability was published on June 6, along with a security patch. Within 24 hours, threat actors were exploiting it to install TellYouThePass, researchers from security firm Imperva reported Monday. The exploits executed code that used the mshta.exe Windows binary to run an HTML application file hosted on an attacker-controlled server. Use of the binary indicated an approach known as living off the land, in which attackers use native OS functionalities and tools in an attempt to blend in with normal, non-malicious activity.

In a post published Friday, Censys researchers said that the exploitation by the TellYouThePass gang started on June 7 and mirrored past incidents that opportunistically mass scan the Internet for vulnerable systems following a high-profile vulnerability and indiscriminately targeting any accessible server. The vast majority of the infected servers have IP addresses geolocated to China, Taiwan, Hong Kong, or Japan, likely stemming from the fact that Chinese and Japanese locales are the only ones confirmed to be vulnerable, Censys researchers said in an email. Since then, the number of infected sites -- detected by observing the public-facing HTTP response serving an open directory listing showing the server's filesystem, along with the distinctive file-naming convention of the ransom note -- has fluctuated from a low of 670 on June 8 to a high of 1,800 on Monday. Censys researchers said in an email that they're not entirely sure what's causing the changing numbers.

Speaking of Microsoft, the House Homeland Security committee is grilling Microsoft President Brad Smith Thursday about the software giant's plans to improve its security after a series of devastating hacks reached into federal officials' email accounts, challenging the company's fitness as a dominant government contractor. Washington Post adds:The questioning followed a withering report on one of those breaches, where the federal Cyber Safety Review Board found the event was made possible by a "cascade of avoidable errors" and a security culture "that requires an overhaul." In that hack, suspected agents of China's Ministry of State Security last year created digital keys using a tool that allowed them to pose as any existing Microsoft customer. Using the tool, they impersonated 22 organizations, including the U.S. Departments of State and Commerce, and rifled through Commerce Secretary Gina Raimondo's email among others.

The event triggered the sharpest criticism in decades of the stalwart federal vendor, and has prompted rival companies and some authorities to push for less government reliance on its technology. Two senators wrote to the Pentagon last month, asking why the agency plans to improve nonclassified Defense Department tech security with more expensive Microsoft licenses instead of with alternative vendors. "Cybersecurity should be a core attribute of software, not a premium feature that companies upsell to deep-pocketed government and corporate customers," Sens. Eric Schmitt (R-Mo.) and Ron Wyden (D-Ore.) wrote. "Through its buying power, DOD's strategies and standards have the power to shape corporate strategies that result in more resilient cybersecurity services." Any serious shift in executive branch spending would take years, but Department of Homeland Security leaders say plans are in motion to add security guarantees and requirements to more government purchases -- an idea touted in the Cyber Safety Review Board's Microsoft report.

Assisted driving systems and robot taxis are becoming more popular in China with government help, as cities designate large areas for testing on public roads. From a report: The world's largest experiment in driverless cars is underway on the busy streets of Wuhan, a city in central China with 11 million people, 4.5 million cars, eight-lane expressways and towering bridges over the muddy waters of the Yangtze River. A fleet of 500 taxis navigated by computers, often with no safety drivers in them for backup, buzz around. The company that operates them, the tech giant Baidu, said last month that it would add a further 1,000 of the so-called robot taxis in Wuhan.

Across China, 16 or more cities have allowed companies to test driverless vehicles on public roads, and at least 19 Chinese automakers and their suppliers are competing to establish global leadership in the field. No other country is moving as aggressively. The government is providing the companies significant help. In addition to cities designating on-road testing areas for robot taxis, censors are limiting online discussion of safety incidents and crashes to restrain public fears about the nascent technology.

Surveys by J.D. Power, an automotive consulting firm, found that Chinese drivers are more willing than Americans to trust computers to guide their cars. "I think there's no need to worry too much about safety -- it must have passed safety approval," said Zhang Ming, the owner of a small grocery store near Wuhan's Qingchuan Pavilion, where many Baidu robot taxis stop. Another reason for China's lead in the development of driverless cars is its strict and ever-tightening control of data. Chinese companies set up crucial research facilities in the United States and Europe and sent the results back home. But any research in China is not allowed to leave the country. As a result, it's difficult for foreign carmakers to use what they learn in China for cars they sell in other countries.