British soldiers are using computer games such as Call of Duty to sharpen their "war-fighting readiness," an Army chief has said. From a report: General Sir Tom Copinger-Symes, the deputy commander of Cyber and Specialist Operations Command, said the war in Ukraine, where remote-operated drones have become crucial on the battlefield, proved the worth of having soldiers skilled in video gaming.

The Ministry of Defence on Friday announced the launch of the International Defence Esports Games (IDEG), a video gaming tournament that will pit the best of Britain's "future cyber warriors" against military teams from 40 other countries.

"Three Chinese astronauts returned from their nation's space station Friday," reports the Associated Press, "after more than a week's delay because the return capsule they had planned to use was damaged, likely from being hit by space debris." The team left their Shenzhou-20 spacecraft in orbit and came back using the recently arrived Shenzhou-21, which had ferried a three-person replacement crew to the station, China's Manned Space Agency said. The original return plan was scrapped because a window in the Shenzhou-20 capsule had tiny cracks, most likely caused by impact from space debris, the space agency said Friday... Their return was delayed for nine days, and their 204-day stay in space was the longest for any astronaut at China's space station...

China developed the Tiangong space station after the country was excluded from the International Space Station over U.S. national security concerns. China's space program is controlled by its military.

A new "cold war" between America and China is "pushing leaders to sideline concerns about the dangers of powerful AI models," reports the Wall Street Journal, "including the spread of disinformation and other harmful content, and the development of superintelligent AI systems misaligned with human values..."

"Both countries are driven as much by fear as by hope of progress. " In Washington and Silicon Valley, warnings abound that China's "authoritarian AI," left unchecked, will erode American tech supremacy. Beijing is gripped by the conviction that a failure to keep pace in AI will make it easier for the U.S. to cut short China's resurgence as a global power. Both countries believe market share for their companies across the world is up for grabs — and with it, the potential to influence large swaths of the global population.

The U.S. still has a clear lead, producing the most powerful AI models. China can't match it in advanced chips and has no answer for the financial firepower of private American investors, who funded AI startups to the tune of $104 billion in the first half of 2025, and are gearing up for more. But it has a massive population of capable engineers, lower costs and a state-led development model that often moves faster than the U.S., all of which Beijing is working to harness to tip the contest in its direction. A new "whole of society" campaign looks to accelerate the construction of computing clusters in areas like Inner Mongolia, where vast solar and wind farms provide plentiful cheap energy, and connect hundreds of data centers to create a shared compute pool — some describe it as a "national cloud" — by 2028. China is also funneling hundreds of billions of dollars into its power grid to support AI training and adoption...

"Our lead is probably in the 'months but not years' realm," said Chris McGuire, who helped design U.S. export controls on AI chips while serving on the National Security Council under the Biden administration. Chinese AI models currently rank at or near the top in every task from coding to video generation, with the exception of search, according to Chatbot Arena, a popular crowdsourced ranking platform. China's manufacturing sector, meanwhile, is rocketing past the U.S. in bringing AI into the physical world through robotaxis, autonomous drones and humanoid robots. Given China's progress, McGuire said, the U.S. is "very lucky" to have its advantage in chips...

If AI surpasses human intelligence and acquires the ability to improve itself, it could confer unshakable scientific, economic and military superiority on the country that controls it. Short of that, AI's ability to automate tedious tasks and process vast amounts of data quickly promises to supercharge everything from cancer diagnoses to missile defense. With so much at stake, hacking and cyber espionage are likely to get worse, as AI gives hackers more powerful tools, while increasing incentives for state-backed groups to try to steal AI-related intellectual property. As distrust grows, Washington and Beijing will also find it hard, if not impossible, to cooperate in areas like preventing extremist groups from using AI in destructive ways, such as building bioweapons. "The costs of the AI Cold War are already high and will go much higher," said Paul Triolo, a former U.S. government analyst and current technology policy lead at business consulting firm DGA-Albright Stonebridge Group. "A U.S.-China AI arms race becomes a self-fulfilling prophecy, with neither side able to trust that the other would observe any restrictions on advanced AI capability development...."
The article includes an interesting observation from Helen Toner, director of strategy for Georgetown's Center for Security and Emerging Technology and a former OpenAI board member. Toner points out "We don't actually know" if boosting computing power with better chips will continue producing more-powerful AI models.

So "If performance plateaus," the Journal writes, "despite all the spending by OpenAI and others — a growing concern in Silicon Valley — China has a chance to compete."

An anonymous reader quotes a report from The Record: Russian telecom operators have begun cutting mobile internet access for 24 hours for citizens returning to the country from abroad, in what officials say is an effort to prevent Ukrainian drones from using domestic SIM cards for navigation. "When a SIM card enters Russia from abroad, the user has to confirm that it's being used by a person -- not installed in a drone," the Digital Development Ministry said in a statement earlier this week.

Users can restore access sooner by solving a captcha or calling their operator for identification. Authorities said the temporary blackout is meant to "ensure the safety of Russian citizens" and prevent SIM cards from being embedded in "enemy drones." The new rule has led to unexpected outages for residents in border regions, whose phones can automatically connect to foreign carriers. Officials advised users to switch to manual network selection to avoid being cut off.

Democratic U.S. Senator Elizabeth Warren is escalating pressure on the defense industry to stop opposing military right-to-repair legislation, as House and Senate negotiators work to finalize the fiscal 2026 National Defense Authorization Act. From a report: In a sharply-worded November 5 letter to the National Defense Industrial Association (NDIA) obtained by Reuters, Warren accused the industry group of attempting to undermine bipartisan efforts to give the Pentagon greater ability to repair weapons and equipment it owns.

She called the group's opposition "a dangerous and misguided attempt to protect an unacceptable status quo of giant contractor profiteering." Currently, the government is often required to pay contractors like NDIA members Lockheed Martin, Boeing and RTX to use expensive original equipment and installers to service broken parts, versus having trained military maintainers 3D print spares in the field and install them faster and more cheaply.

An anonymous reader shares a report: On Wednesday, Reuters reported that Google is planning to build a large AI data center on Christmas Island, a 52-square-mile Australian territory in the Indian Ocean, following a cloud computing deal with Australia's military. The previously undisclosed project will reportedly position advanced AI infrastructure a mere 220 miles south of Indonesia at a location military strategists consider critical for monitoring Chinese naval activity.

Aside from its strategic military position, the island is famous for its massive annual crab migration, where over 100 million of red crabs make their way across the island to spawn in the ocean. That's notable because the tech giant has applied for environmental approvals to build a subsea cable connecting the 135-square-kilometer island to Darwin, where US Marines are stationed for six months each year.

[...] Christmas Island's annual crab migration is a natural phenomenon that Sir David Attenborough reportedly once described as one of his greatest TV moments when he visited the site in 1990. Every year, millions of crabs emerge from the forest and swarm across roads, streams, rocks, and beaches to reach the ocean, where each female can produce up to 100,000 eggs. The tiny baby crabs that survive take about nine days to march back inland to the safety of the plateau.

According to the Wall Street Journal, SpaceX is reportedly poised to secure a $2 billion Pentagon contract to develop hundreds of missile-tracking satellites for President Trump's ambitious Golden Dome defense system. The Independent reports: The planned "air moving target indicator" system in question could ultimately feature as many as 600 satellites once it is fully operational, The Wall Street Journal reports. Musk's company has also been linked to two more satellite ventures, which are concerned with relaying sensitive communications and tracing vehicles, respectively.

Golden Dome, inspired by Israel's "Iron Dome," was announced by Trump and Secretary of War Pete Hegseth at the White House in May and will amount to a complex system of satellites and weaponry capable of destroying incoming missiles before they hit American targets. The president promised it would be "fully operational" before he leaves office in January 2029, capable of intercepting rockets, "even if they are launched from space," with an overall price tag of $175 billion.

An anonymous reader quotes a report from ZDNet: Even before Azure had a global failure this week, Austria's Ministry of Economy had taken a decisive step toward digital sovereignty. The Ministry achieved this status by migrating 1,200 employees to a Nextcloud-based cloud and collaboration platform hosted on Austrian-based infrastructure. This shift away from proprietary, foreign-owned cloud services, such as Microsoft 365, to an open-source, European-based cloud service aligns with a growing trend among European governments and agencies. They want control over sensitive data and to declare their independence from US-based tech providers.

European companies are encouraging this trend. Many of them have joined forces in the newly created non-profit foundation, the EuroStack Initiative. This foundation's goal is " to organize action, not just talk, around the pillars of the initiative: Buy European, Sell European, Fund European." What's the motive behind these moves away from proprietary tech? Well, in Austria's case, Florian Zinnagl, CISO of the Ministry of Economy, Energy, and Tourism (BMWET), explained, "We carry responsibility for a large amount of sensitive data -- from employees, companies, and citizens. As a public institution, we take this responsibility very seriously. That's why we view it critically to rely on cloud solutions from non-European corporations for processing this information."

Austria's move and motivation echo similar efforts in Germany, Denmark, and other EU states and agencies. The organizations include the German state of Schleswig-Holstein, which abandoned Exchange and Outlook for open-source programs. Other agencies that have taken the same path away from Microsoft include the Austrian military, Danish government organizations, and the French city of Lyon. All of these organizations aim to keep data storage and processing within national or European borders to enhance security, comply with privacy laws such as the EU's General Data Protection Regulation (GDPR), and mitigate risks from potential commercial and foreign government surveillance.

New submitter hadleyburg writes: President Trump has directed the Department of War to restart nuclear weapons testing. The directive appears to be a counter measure to rival nations catching up with the US. The last US nuclear test was an underground test, on September 23, 1992, in Nevada.

"Japan's new HTV-X cargo spacecraft launched on its first-ever mission to the International Space Station on Saturday," reports Space.com: The robotic HTV-X lifted off atop an H3 rocket from Japan's Tanegashima Space Center at 8 p.m. EDT (0000 GMT and 9 a.m local Japan time on October 26). It is expected to arrive at the station for its capture and berthing on Wednesday (Oct. 29) at about 11:50 a.m. EDT (1550 GMT)...

The HTV-X's potential uses also extend beyond the ISS, according to JAXA. The agency envisions it aiding "post-ISS human space activities in low Earth orbit" as well as possibly flying cargo to Gateway, the space station NASA may build in lunar orbit as part of its Artemis program.

HTV-X's debut increases the stable of ISS cargo craft by one-third. The currently operational freighters are Russia's Progress vehicle and Cygnus and Dragon, spacecraft built by the American companies Northrop Grumman and SpaceX, respectively. Only Dragon is reusable; the others (including HTV-X) are designed to burn up in Earth's atmosphere when their missions are over.

The Associated Press reports that "North Korean hackers have pilfered billions of dollars" by breaking into cryptocurrency exchanges and by creating fake identities to get remote tech jobs at foreign companies — all orchestrated by the North Korean government to finance R&D on nuclear arms.

That's according to a new the 138-page report by a group watching North Korea's compliance with U.N. sanctions (including officials from the U.S., Australia, Canada, France, Germany, Italy, Japan, the Netherlands, New Zealand, South Korea and the United Kingdom). From the Associated Press: North Korea also has used cryptocurrency to launder money and make military purchases to evade international sanctions tied to its nuclear program, the report said. It detailed how hackers working for North Korea have targeted foreign businesses and organizations with malware designed to disrupt networks and steal sensitive data...

Unlike China, Russia and Iran, North Korea has focused much of its cyber capabilities to fund its government, using cyberattacks and fake workers to steal and defraud companies and organizations elsewhere in the world... Earlier this year, hackers linked to North Korea carried out one of the largest crypto heists ever, stealing $1.5 billion worth of ethereum from Bybit. The FBI later linked the theft to a group of hackers working for the North Korean intelligence service.

Federal authorities also have alleged that thousands of IT workers employed by U.S. companies were actually North Koreans using assumed identities to land remote work. The workers gained access to internal systems and funneled their salaries back to North Korea's government. In some cases, the workers held several remote jobs at the same time.

An anonymous reader shares this report from the Associated Press: Myanmar's military has shut down a major online scam operation near the border with Thailand, detaining more than 2,000 people and seizing dozens of Starlink satellite internet terminals, state media reported Monday... The centers are infamous for recruiting workers from other countries under false pretenses, promising them legitimate jobs and then holding them captive and forcing them to carry out criminal activities.

Scam operations were in the international spotlight last week when the United States and Britain enacted sanctions against organizers of a major Cambodian cyberscam gang, and its alleged ringleader was indicted by a federal court in New York. According to a report in Monday's Myanma Alinn newspaper, the army raided KK Park, a well-documented cybercrime center, as part of operations starting in early September to suppress online fraud, illegal gambling, and cross-border cybercrime.

alternative_right shares a report from France 24: [Sweden's] latest contribution to the war effort is Glimt, an innovative project launched by the Swedish Defence Research Agency (FOI) earlier this year. Glimt is an open platform that relies on the theory of "crowd forecasting": a method of making predictions based on surveying a large and diverse group of people and taking an average. "Glimt" is a Swedish word for "a glimpse" or "a sudden insight." The theory posits that the average of all collected predictions produces correct results with "uncanny accuracy," according to the Glimt website. Such "collective intelligence" is used today for everything from election results to extreme weather events, Glimt said. [...]

Group forecasting allows for a broad collection of information while avoiding the cognitive bias that often characterizes intelligence services. Each forecaster collects and analyses the available information differently to reach the most probable scenario and can add a short comment to explain their reasoning. The platform also encourages discussion between members so they can compare arguments and alter their positions. Available in Swedish, French and English, the platform currently has 20,000 registered users; each question attracts an average of 500 forecasters. Their predictions are later sent to statistical algorithms that cross-reference data, particularly the relevance of the answers they provided. The most reliable users will have a stronger influence on the results; this reinforces the reliability of collective intelligence. "We used this method and research, and we suggested to the Ukrainians that it could improve their understanding of the world and its evolution," said Ivar Ekman, an analyst for the Swedish Defence Research Agency and program director for Glimt. "If you have a large group of people, you can achieve great accuracy in assessing future events. Research has shown that professional analysts don't necessarily have a better capacity in this domain than other people."

SpaceX has deactivated over 2,500 Starlink terminals allegedly used by scam operations in Myanmar, where the service isn't licensed but was reportedly enabling large-scale cybercrime networks tied to human trafficking and fraud. Ars Technica reports: Lauren Dreyer, vice president of Starlink business operations, described the action in an X post last night after reports that Myanmar's military shut down a major scam operation: "SpaceX complies with local laws in all 150+ markets where Starlink is licensed to operate," Dreyer wrote. "SpaceX continually works to identify violations of our Acceptable Use Policy and applicable law... On the rare occasion we identify a violation, we take appropriate action, including working with law enforcement agencies around the world. In Myanmar, for example, SpaceX proactively identified and disabled over 2,500 Starlink Kits in the vicinity of suspected 'scam centers.'"

Starlink is not licensed to operate in Myanmar. While Dreyer didn't say how the terminals were disabled, it's known that Starlink can disable individual terminals based on their ID numbers or use geofencing to block areas from receiving signals. On Monday, Myanmar state media reported that "Myanmar's military has shut down a major online scam operation near the border with Thailand, detaining more than 2,000 people and seizing dozens of Starlink satellite Internet terminals," according to an Associated Press article. The army reportedly raided a cybercrime center known as KK Park as part of operations that began in early September. The operations reportedly targeted 260 unregistered buildings and resulted in seizure of 30 Starlink terminals and detention of 2,198 people.

"Maj. Gen. Zaw Min Tun, the spokesperson for the military government, charged in a statement Monday night that the top leaders of the Karen National Union, an armed ethnic organization opposed to army rule, were involved in the scam projects at KK Park," the AP wrote. The Karen National Union is "part of the larger armed resistance movement in Myanmar's civil war" and "deny any involvement in the scams."

"A new study published on Monday found that communications from cellphone carriers, retailers, banks, and even militaries are being broadcast unencrypted through geostationary satellites..." reports Gizmodo. "The team obtained unencrypted internet communications from U.S. military sea vessels and even communications regarding narcotics trafficking from Mexican military and law enforcement." Researchers from the University of California, San Diego (UCSD) and the University of Maryland scanned 39 of these satellites from a rooftop in Southern California over three years. They found that roughly half of the signals they analyzed were transmitting unencrypted data, potentially exposing everything from phone calls and military logistics to a retail chain's inventory. "There is a clear mismatch between how satellite customers expect data to be secured and how it is secured in practice," the researchers wrote in their paper titled "Don't Look Up: There Are Sensitive Internal Links in the Clear on GEO Satellites...." "They assumed that no one was ever going to check and scan all these satellites and see what was out there. That was their method of security," Aaron Schulman, a UCSD professor and co-lead of the study, told Wired....

Even more surprisingly, the researchers didn't need any fancy spy gear to collect this data. Their setup used only off-the-shelf hardware, including a $185 satellite dish, a $140 roof mount with a $195 motor, and a $230 tuner card. Altogether, the system cost roughly $750 and was installed on a university building in La Jolla, San Diego.

With their simple setup, the researchers were able to collect a wide range of communication data, including phone calls, texts, in-flight Wi-Fi data from airline passengers, and signals from electric utilities. They even obtained U.S. and Mexican military and law enforcement communications, as well as ATM transactions and corporate communications... When it came to telecoms, specifically, the team collected phone numbers, calls, and texts from customers of T-Mobile, AT&T Mexico, and Telmex... It only took the team nine hours to collect the phone numbers of over 2,700 T-Mobile users, along with some of their calls and text messages.
T-Mobile told Gizmodo the lack of encryption was "a vendor's technical misconfiguration" affecting "a limited number of cell sites" and was "not network-wide... [W]e implemented nationwide Session Initiation Protocol (SIP) encryption for all customers to further protect signaling traffic as it travels between mobile handsets and the network core, including call set up, numbers dialed and text message content. We appreciate our collaboration with the security research community, whose work helps reinforce our ongoing commitment to protecting customer data and enhances security across the industry."

Indeed, the researchers write that "Each time we discovered sensitive information in our data, we went through considerable effort to determine the responsible party, establish contact, and disclose the vulnerability. In several cases, the responsible party told us that they had deployed a remedy. For the following parties, we re-scanned with their permission and were able to verify a remedy had been deployed: T-Mobile, WalMart, and KPU."

The researchers acknowledge that exposure "was limited to a relatively small number of cell towers in specific remote areas."

Researchers at UC San Diego and the University of Maryland have found that roughly half of geostationary satellite signals transmit sensitive data without encryption. The team spent three years using an $800 satellite receiver on a university rooftop in San Diego to intercept communications from satellites visible from their location. They collected phone calls and text messages from more than 2,700 T-Mobile users in just nine hours of recording.

The researchers also obtained data from airline passengers using in-flight Wi-Fi, communications from electric utilities and offshore oil and gas platforms, and US and Mexican military communications that revealed personnel locations and equipment details. The exposed data resulted from telecommunications companies using satellites to relay signals from remote cell towers to their core networks.

The researchers examined only about 15% of global satellite transponder communications and presented their findings at an Association for Computing Machinery conference in Taiwan this week. Most companies warned by the researchers have encrypted their satellite transmissions, but some US critical infrastructure owners have not yet added encryption.

Palmer Luckey's defense tech firm Anduril has unveiled EagleEye, an AI-powered mixed-reality combat helmet built in partnership with Meta. The system integrates AR displays, spatial audio, and drone control to create what Luckey calls "a new teammate" for soldiers. "The idea of an AI partner embedded in your display has been imagined for decades. EagleEye is the first time it's real," said Luckey. The Verge reports: Anduril, which also manufactures border control tech, lethal drones, and military aircraft, has been developing EagleEye since its inception, and already provides software for the Army's existing MR goggles, based on Microsoft's HoloLens hardware. Its partnership with Meta was announced this May, and the company told TechCrunch at the time that the collaboration was to develop EagleEye. It's a reunion of sorts for Luckey and Mark Zuckerberg, after Meta purchased Luckey's then-start-up Oculus in 2014 and fired the founder three years later.

It's the largest nuclear power plant in Europe. But "Ukraine's foreign minister accused Russia on Sunday of deliberately severing the external power line to the Russian-held Zaporizhzhia nuclear power station," reports Reuters, "in order to link the plant to Moscow's power grid." Ukrainian Foreign Minister Andrii Sybiha said Moscow was attempting to test a reconnection to Russia's grid. Ukraine has long feared that Moscow would try to redirect the plant's output to its grid. But Russian officials have denied any intention of trying to restart the plant, seized by Moscow's forces in the early weeks of the February 2022 invasion of Ukraine.

The plant produces no electricity at the moment, but has been without an external electricity source for nearly three weeks. Officials have relied on emergency diesel generators to secure the power needed to keep the fuel cool inside the facility and guard against a meltdown. "Russia intentionally broke the plant's connection with the Ukrainian grid in order to forcefully test reconnection with the Russian grid," Sybiha wrote on X in English. He denounced the "attempted theft of a peaceful Ukrainian nuclear facility".... Each side has accused the other of shelling that caused the line outage.
Russia's continued occupation of the Zaporizhzhia nuclear power plant deprived Ukraine of a quarter of its generating capacity, according to a report from the Brookings Institute — calling Ukraine's energy sector "a key battleground" in the war. The Russian invasion began on the very day that Ukraine launched its so-called island test. This involved completely isolating the Ukrainian and Moldovan power systems from their neighbors to check whether the system was stable. This is a mandatory procedure prior to synchronization with the European grid... Despite this, Ukraine managed not only to militarily defend itself but also to maintain grid stability in wartime conditions and implement all the solutions necessary for an unprecedented synchronization on March 16, 2022.
In 2022 a former commissioner of the U.S. Nuclear Regulatory Commission (from 1998 to 2007) even argued in the Wall Street Journal that "An unappreciated motive for Russia's invasion of Ukraine is that Kyiv was positioning itself to break from its longtime Russian nuclear suppliers..." At the time of the invasion, Westinghouse supplied fuel to six of the 15 [Ukrainian] nuclear reactors and could displace the Russians in all of them. The U.S. government had been highly supportive of this effort, and these fuel contracts represented hundreds of millions of dollars in yearly lost sales to Atomstroyexport [a nuclear exporter that's a subsidiary of Russian state corporation Rosatom]. By seizing the nuclear plants, Russia is able to retake the market for Ukrainian nuclear fuel.

Most important, Westinghouse, with support from the U.S., was in a position to build nuclear reactors in Ukraine over the next two decades. On Aug. 31, 2021, Energy Secretary Jennifer Granholm and her Ukrainian counterpart, Herman Halushchenko, signed a strategic cooperation agreement to build five nuclear units with a value, according to the World Nuclear Association, of more than $30 billion. The timing is telling. In November 2021, Ukraine's leaders signed a deal with Westinghouse to start construction on what they hoped would be at least five nuclear units — the first tranche of a program that could more than double the number of plants in the country, with a potential total value approaching $100 billion. Ukraine clearly intended that Russia receive none of that business.
Brookings looks at how Ukraine's energy sector has fared during the war: The Ukrainian energy sector was designed to be oversized with significant redundancy in order to meet huge Soviet-era industrial demand as well as to make it more resilient to a future world war... A radical change did not occur until 2014, when Ukrainians overthrew the pro-Russian president, Viktor Yanukovych. In the decade since then, Ukraine has pursued a policy of European Union (EU) integration with determination and without interruption... The real prospect of an improvement in the quality of life and development of Ukraine through integration with the EU and NATO was unacceptable to Russia, which first annexed Crimea and covertly attacked the Ukrainian Donbas, before launching a full-scale invasion of Ukraine on February 24, 2022. Russia's in-depth knowledge of the Ukrainian power system, dating back to the Soviet Union, was used to carry out a well-planned operation to cut off electricity to Ukrainians.

The aim was to break the morale of Ukrainians to continue defending themselves and to collapse the economy so that it could not support the Ukrainian military effort. Ironically, however, the size of the energy system, which had been scaled up in case of war, and the enormous Western support, unexpectedly ensured its resilience to Russian attacks.
Although they note that "During the first two years of the war, Russia fired nearly 2,000 missiles and drones at Ukrainian energy infrastructure... "

And this week in Ukraine, damage to substations, power plants and oil depot temporarily cut off electricity for hundreds of thousands of Ukrainian homes and businesses, reports the UN. "As colder weather sets in, strikes on critical infrastructure are deepening humanitarian needs," warned a UN spokesperson on Thursday...

Cryptologist/CS professor Daniel J. Bernstein is alleging that America's National Security Agency is attempting to influence NIST post-quantum cryptography standards.

Bernstein first emphasizes that it's normal for post-quantum cryptography (or "PQ") to be part of "hybrid" security that also includes traditional pre-quantum cryptography. (Bernstein says this is important because since 2016, "We've seen many breaks of post-quantum proposals...")

"The problem in a nutshell. Surveillance agency NSA and its [UK counterpart] GCHQ are trying to have standards-development organizations endorse weakening [pre-quantum] ECC+PQ down to just PQ." Part of this is that NSA and GCHQ have been endlessly repeating arguments that this weakening is a good thing... I'm instead looking at how easy it is for NSA to simply spend money to corrupt the standardization process.... The massive U.S. military budget now publicly requires cryptographic "components" to have NSA approval... In June 2024, NSA's William Layton wrote that "we do not anticipate supporting hybrid in national security systems"...

[Later a Cisco employee wrote of selling non-hybrid cryptography to a significant customer, "that's what they're willing to buy. Hence, Cisco will implement it".]

What do you do with your control over the U.S. military budget? That's another opportunity to "shape the worldwide commercial cryptography marketplace". You can tell people that you won't authorize purchasing double encryption. You can even follow through on having the military publicly purchase single encryption. Meanwhile you quietly spend a negligible amount of money on an independent encryption layer to protect the data that you care about, so you're actually using double encryption.
This seems to be a speculative scenario. But Bernstein is also concerned about how the Internet Engineering Task Force handled two drafts specifying post-quantum encryption mechanisms for TLS ("the security layer inside HTTPS and inside various other protocols"). For a draft suggesting "non-hybrid" encryption, there were 20 statements of support (plus 2 more only conditionally supporting it), but 7 more statements unequivocally opposing adoption, including one from Bernstein. The IETF has at times said they aim for "rough consensus" — or for "broad consensus" — but Bernstein insists 7 opposers in a field of 29 (24.13%) can't be said to match the legal definition of consensus (which is "general agreement"). "I've filed a formal complaint regarding the claim of consensus to adopt."

He's also written a second blog post analyzing the IETF's decision-making process in detail. "It's already bad that the IETF TLS working group adopted non-hybrid post-quantum encryption without official answers to the objections that were raised. It's much worse if the objections can't be raised in the first place."

Thanks to alanw (Slashdot reader #1,822) for spotting the blog posts.

An anonymous reader shares a report: Poland's critical infrastructure has been subject to a growing number of cyberattacks by Russia, whose military intelligence, has trebled its resources for such action against Poland this year, the country's digital affairs minister told Reuters. Of the 170,000 cyber incidents that have been identified in the first three quarters of this year, a significant portion has been attributed to Russian actors, while other cases are financially motivated, involving theft or other forms of cybercrime, Krzysztof Gawkowski said.

He said Poland is a subject to between 2,000 and 4,000 incidents a day and that 700 to 1,000 are "taken up by us, meaning they posed a real threat or had the potential to cause serious problems," he said. Foreign adversaries are now expanding their focus beyond water and sewage systems to the energy sector, he said.