EU

Meta Faces Data Retention Limits On Its EU Ad Business After Top Court Ruling (techcrunch.com) 35

An anonymous reader quotes a report from TechCrunch: The European Union's top court has sided with a privacy challenge to Meta's data retention policies. It ruled on Friday that social networks, such as Facebook, cannot keep using people's information for ad targeting indefinitely. The judgement could have major implications on the way Meta and other ad-funded social networks operate in the region. Limits on how long personal data can be kept must be applied in order to comply with data minimization principles contained in the bloc's General Data Protection Regulation (GDPR). Breaches of the regime can lead to fines of up to 4% of global annual turnover -- which, in Meta's case, could put it on the hook for billions more in penalties (NB: it is already at the top of the leaderboard of Big Tech GDPR breachers). [...]

The original challenge to Meta's ad business dates back to 2014 but was not fully heard in Austria until 2020, per noyb. The Austrian supreme court then referred several legal questions to the CJEU in 2021. Some were answered via a separate challenge to Meta/Facebook, in a July 2023 CJEU ruling -- which struck down the company's ability to claim a "legitimate interest" to process people's data for ads. The remaining two questions have now been dealt with by the CJEU. And it's more bad news for Meta's surveillance-based ad business. Limits do apply. Summarizing this component of the judgement in a press release, the CJEU wrote: "An online social network such as Facebook cannot use all of the personal data obtained for the purposes of targeted advertising, without restriction as to time and without distinction as to type of data."

The ruling looks important on account of how ads businesses, such as Meta's, function. Crudely put, the more of your data they can grab, the better -- as far as they are concerned. Back in 2022, an internal memo penned by Meta engineers which was obtained by Vice's Motherboard likened its data collection practices to tipping bottles of ink into a vast lake and suggested the company's aggregation of personal data lacked controls and did not lend itself to being able to silo different types of data or apply data retention limits. Although Meta claimed at the time that the document "does not describe our extensive processes and controls to comply with privacy regulations." How exactly the adtech giant will need to amend its data retention practices following the CJEU ruling remains to be seen. But the law is clear that it must have limits. "[Advertising] companies must develop data management protocols to gradually delete unneeded data or stop using them," noyb suggests.
The court also weighed in a second question that concerns sensitive data that has been "manifestly made public" by the data subject, "and whether sensitive characteristics could be used for ad targeting because of that," reports TechCrunch. "The court ruled that it could not, maintaining the GDPR's purpose limitation principle."
AI

AI Agent Promotes Itself To Sysadmin, Trashes Boot Sequence 86

The Register's Thomas Claburn reports: Buck Shlegeris, CEO at Redwood Research, a nonprofit that explores the risks posed by AI, recently learned an amusing but hard lesson in automation when he asked his LLM-powered agent to open a secure connection from his laptop to his desktop machine. "I expected the model would scan the network and find the desktop computer, then stop," Shlegeris explained to The Register via email. "I was surprised that after it found the computer, it decided to continue taking actions, first examining the system and then deciding to do a software update, which it then botched." Shlegeris documented the incident in a social media post.

He created his AI agent himself. It's a Python wrapper consisting of a few hundred lines of code that allows Anthropic's powerful large language model Claude to generate some commands to run in bash based on an input prompt, run those commands on Shlegeris' laptop, and then access, analyze, and act on the output with more commands. Shlegeris directed his AI agent to try to SSH from his laptop to his desktop Ubuntu Linux machine, without knowing the IP address [...]. As a log of the incident indicates, the agent tried to open an SSH connection, and failed. So Shlegeris tried to correct the bot. [...]

The AI agent responded it needed to know the IP address of the device, so it then turned to the network mapping tool nmap on the laptop to find the desktop box. Unable to identify devices running SSH servers on the network, the bot tried other commands such as "arp" and "ping" before finally establishing an SSH connection. No password was needed due to the use of SSH keys; the user buck was also a sudoer, granting the bot full access to the system. Shlegeris's AI agent, once it was able to establish a secure shell connection to the Linux desktop, then decided to play sysadmin and install a series of updates using the package manager Apt. Then things went off the rails.

"It looked around at the system info, decided to upgrade a bunch of stuff including the Linux kernel, got impatient with Apt and so investigated why it was taking so long, then eventually the update succeeded but the machine doesn't have the new kernel so edited my Grub [bootloader] config," Buck explained in his post. "At this point I was amused enough to just let it continue. Unfortunately, the computer no longer boots." Indeed, the bot got as far as messing up the boot configuration, so that following a reboot by the agent for updates and changes to take effect, the desktop machine wouldn't successfully start.
The Internet

Cloudflare Blocks Largest Recorded DDoS Attack Peaking At 3.8Tbps (bleepingcomputer.com) 8

BleepingComputer's Ionut Ilascu reports: During a distributed denial-of-service campaign targeting organizations in the financial services, internet, and telecommunications sectors, volumetric attacks peaked at 3.8 terabits per second, the largest publicly recorded to date. The assault consisted of a "month-long" barrage of more than 100 hyper-volumetric DDoS attacks flooding the network infrastructure with garbage data. In a volumetric DDoS attack, the target is overwhelmed with large amounts of data to the point that they consume the bandwidth or exhaust the resources of applications and devices, leaving legitimate users with no access.

Many of the attacks aimed at the target's network infrastructure (network and transport layers L3/4) exceeded two billion packets per second (pps) and three terabits per second (Tbps). According to researchers at internet infrastructure company Cloudflare, the infected devices were spread across the globe but many of them were located in Russia, Vietnam, the U.S., Brazil, and Spain. The threat actor behind the campaign leveraged multiple types of compromised devices, which included a large number of Asus home routers, Mikrotik systems, DVRs, and web servers. Cloudflare mitigated all the DDoS attacks autonomously and noted that the one peaking at 3.8 Tbps lasted 65 seconds.

Network

Cisco Is Abandoning the LoRaWAN Space With No Lifeboat For IoT Customers 37

Cisco is exiting the LoRaWAN market for IoT device connectivity, with no migration plans for customers. "LoRaWAN is a low power, wide area network specification, specifically designed to connect devices such as sensors over relatively long distances," notes The Register. "It is built on LoRa, a form of wireless communication that uses spread spectrum modulation, and makes use of license-free sub-gigahertz industrial, scientific, and medical (ISM) radio bands. The tech is overseen by the LoRa Alliance." From the report: Switchzilla made this information public in a notice on its website announcing the end-of-sale and end-of-life dates for Cisco LoRaWAN. The last day customers will be able to order any affected products will be January 1, 2025, with all support ceasing by the end of the decade. The list includes Cisco's 800 MHz and 900 MHz LoRaWAN Gateways, plus associated products such as omni-directional antennas and software for the Gateways and Interface Modules. If anyone was in any doubt, the notification spells it out: "Cisco will be exiting the LoRaWAN space. There is no planned migration for Cisco LoRaWAN gateways."
Music

Hidden 'BopSpotter' Microphone Is Constantly Surveilling San Francisco For Good (404media.co) 44

An anonymous reader quotes a report from 404 Media: Somewhere over the streets of San Francisco's Mission, a microphone sits surveilling ... for banger songs. Bop Spotter is a project by technologist Riley Walz in which he has hidden an Android phone in a box on a pole, rigged it to be solar powered, and has set it to record audio and periodically sends it to Shazam's API to determine which songs people are playing in public. Walz describes it as ShotSpotter, but for music. "This is culture surveillance. No one notices, no one consents. But it's not about catching criminals," Walz's website reads. "It's about catching vibes. A constant feed of what's popping off in real-time."

ShotSpotter, of course, is the microphone-based, "gunshot detection" surveillance company that cities around the country have spent millions of dollars on. ShotSpotter is often inaccurate, and sometimes detects things like fireworks or a car backfiring as gunshots. Chicago, one of ShotSpotter's biggest clients, is finally allowing its contract with the company to end. Bop Spotter, on the other hand, is designed to figure out what cool music people are blasting from their cars or as they walk down the street. "I am a chronic Shazam-er. Most songs I listen to come from first hearing them at a party, store, or on the street," Walz told 404 Media. "Years ago I had the thought that it'd be cool to Shazam 24/7 from a fixed location, and I recently learned about ShotSpotter, and thought it'd be amusing to do what they do with music instead of gunshots. Was a great weekend project."

Walz said that the phone itself is rigged to a solar panel, and that it records audio in 10-minute blocks while in airplane mode. "Then it connects to WiFi to send the file to my server, which then split it into 20-second chunks that get passed to Shazam's API. The device doesn't Shazam directly, that would use way too much power. Probably $100 of parts," he said. BopSpotter's website has a constant feed of songs it hears, as well as links to play the songs in Spotify or Apple Music. As I'm writing this, BopSpotter has picked up "Not Like Us" by Kendrick Lamar, "The Next Episode" by Dr. Dre, and "Never Gonna Give You Up" by Rick Astley (a Rick Roll already?) among dozens of songs in the last few hours. The site also has a constant feed of the device's power levels. So far in three days, it has detected 380 songs.
"I thought the solar panel would be annoying but it provides 4 times more power than the phone needs," Walz said. "The hardest part was scoping out which pole to actually put it up on. I had to balance finding a busy location where lots of music could be picked up, with enough sunlight, and good connection to a public wifi network."

Walz didn't say where exactly the phone is located.
Earth

Mount Everest Is Growing Even Taller (msn.com) 32

The world's tallest mountain is getting taller. Mount Everest, also known as Chomolungma, has grown about 15 to 50 meters (50 to 164 feet) higher over the past 89,000 years than expected, according to a modeling study released Monday. From a report: The culprit is a nearby river eroding and pushing down land, causing the ground under Mount Everest to rebound and lift. "It's a new additional component of uplift of Mount Everest," said Matthew Fox, study co-author and geologist at University College London. He expects this spurt of Everest and its surrounding peaks to continue for millions of years. He added "the biggest impact is probably on the climbers that have to climb another 20 meters or so to the top." The additional height may also lead to the growth of more ice at the higher elevations.

Mount Everest, part of the Himalayan mountain range, towers along the Nepal-Tibet border at around 8,850 meters (29,000 feet) high. Not only is it the tallest worldwide, it leaves its surrounding peaks in the dust -- rising around 250 meters above the next tallest mountain in the Himalayas, the 8,611-meter (28,251-foot) K2 mountain. But what could cause Everest's anomalous height compared to its neighbors? These extra meters on Mount Everest can be chalked up to a relatively rare "river capture event" from 89,000 years ago, according to the authors' computer models. During such an event, one river changes it course, interacts with another and steals its water, Fox said. In this case, the team said the Arun river network -- about 75 kilometers east of Mount Everest -- stole water from a river flowing north of Everest. Fox said the capture could have been initiated by a dramatic flood, which rerouted the water to a new drainage network. Today, the Arun River is a main tributary to the Kosi River to the south.

Businesses

Verizon Leases Over 6,300 Wireless Towers To Vertical Bridge For $3.3 Billion (capacitymedia.com) 26

Vertical Bridge has acquired the rights to lease and operate over 6,000 wireless towers from Verizon for $3.3 billion as part of a 10-year agreement, with potential extensions of up to 50 years. Capacity Media reports: "Upon the completion of this transaction, these assets, together with our existing portfolio which includes thousands of young, purpose-built towers, enhance Vertical Bridge's position as a fast, friendly, and flexible colocation partner to the wireless industry," said Ron Bizick, President and CEO of Vertical Bridge. Terms of the deal provide Verizon access to additional space on the towers for future use.

The US carrier said its latest deal with Vertical Bridge supports existing efforts to drive tower-related costs. "As the nation's largest mobility provider, we are well positioned with greater financial flexibility to invest in our business, return value to our shareholders and make the nation's best network even better for customers," said Hans Vestberg, chair and CEO of Verizon. The transaction is expected to close by the end of 2024, subject to closing conditions.
Earlier this month, Verizon announced a deal to acquire Frontier Communications for $9.6 billion.
Earth

Switzerland and Italy Redraw Border Due To Melting Glaciers (bbc.com) 38

An anonymous reader quotes a report from the BBC: Switzerland and Italy have redrawn part of their border in the Alps due to melting glaciers, caused by climate change. Part of the area affected will be beneath the Matterhorn, one of Europe's tallest mountains, and close to a number of popular ski resorts. Large sections of the Swiss-Italian border are determined by glacier ridgelines or areas of perpetual snow, but melting glaciers have caused these natural boundaries to shift, leading to both countries seeking to rectify the border. Switzerland officially approved the agreement on the change on Friday, but Italy is yet to do the same. This follows a draft agreement by a joint Swiss-Italian commission back in May 2023.

Statistics published last September showed that Switzerland's glaciers lost 4% of their volume in 2023, the second biggest loss ever after 2022's record melt of 6%. An annual report is issued each year by the Swiss Glacier Monitoring Network (Glamos), which attributed the record losses to consecutive very warm summers, and 2022 winter's very low snowfall. Researchers say that if these weather patterns continue, the thaw will only accelerate. On Friday, Switzerland said that the redefined borders had been drawn up in accordance with the economic interests of both parties. It is thought that clarifying the borders will help both countries determine which is responsible for the upkeep of specific natural areas.

Swiss-Italian boundaries will be changed in the region of Plateau Rosa, the Carrel refuge and Gobba di Rollin -- all are near the Matterhorn and popular ski resorts including Zermatt. The exact border changes will be implemented and the agreement published once both countries have signed it. Switzerland says that the approval process for signing the agreement is under way in Italy.

AI

Raspberry Pi Launches Camera Module For Vision-Based AI Applications (techcrunch.com) 15

An anonymous reader quotes a report from TechCrunch: Raspberry Pi, the company that sells tiny, cheap, single-board computers, is releasing an add-on that is going to open up several use cases -- and yes, because it's 2024, there's an AI angle. Called the Raspberry Pi AI Camera, this image sensor comes with on-board AI processing and is going to cost $70. In more technical terms, the AI Camera is based on a Sony image sensor (the IMX500) paired with a RP2040, Raspberry Pi's own microcontroller chip with on-chip SRAM. Like the rest of the line-up, the RP2040 follows Raspberry Pi's overall philosophy -- it is inexpensive yet efficient. In other words, AI startups aren't going to replace their Nvidia GPUs with RP2040 chips for inference. But when you pair it with an image sensor, you get an extension module that can capture images and process those images through common neural network models. As an added benefit, on-board processing on the camera module means that the host Raspberry Pi isn't affected by visual data processing. The Raspberry Pi remains free to perform other operations -- you don't need to add a separate accelerator. The new module is compatible with all Raspberry Pi computers.

This isn't Raspberry Pi's first camera module. The company still sells the Raspberry Pi Camera Module 3, a simple 12-megapixel image sensor from Sony (IMX708) mounted on a small add-on board that you can pair with a Raspberry Pi with a ribbon cable. As Raspberry Pi promises to keep production running for many years, the Camera Module 3 will remain available for around $25. The AI Camera is the same size as the Camera Module 3 (25mm x 24mm) but slightly thicker due to the structure of the optical sensor. It comes pre-loaded with the MobileNet-SSD model, an object detection model that can run in realtime.

Communications

DirecTV To Buy Rival Dish Network (variety.com) 41

DirecTV has agreed to acquire struggling rival Dish Network, creating a satellite TV behemoth with nearly 20 million subscribers. The complex transaction, announced Monday, involves private equity firm TPG acquiring a majority stake in DirecTV from AT&T for $7.6 billion. DirecTV will then purchase Dish for $1 and assume its debt.

The deal provides a lifeline for Dish, which faces $2 billion in debt due November with only $500 million in available cash. EchoStar, Dish's parent company, will retain its wireless spectrum investments and operate independently. Subject to regulatory approval and creditor agreement, the merger is expected to close in late 2025. DirecTV and TPG will provide $2.5 billion to cover Dish's immediate financial needs. The deal's fate remains uncertain, as a similar 2002 merger attempt was blocked on antitrust grounds.
Cellphones

Are Your Phone's 5G Icon and Signal Bars Lying to You? (msn.com) 47

An anonymous reader shared this report from the Washington Post: Look at the top right corner of your phone. You might see an icon with "5G" and another with vertical bars showing the strength of your internet connection. Those symbols don't mean what you think they do.

If your phone shows "5G," you're not necessarily connected to the latest and zippiest cellphone network technology. It might just mean that 5G connections are available nearby. And the bars are a cellular version of a shrug. There is no standard measure of how much signal strength each bar represents. "The connection icon is a lie," said Avi Greengart, president of the technology analysis firm Techsponential...

The good news is you might not need 5G, anyway. Most of the time, your phone calls, texting and web surfing are perfectly fine on the prior generation of wireless technology called 4G or sometimes "LTE." Many phone networks will funnel you over 5G service when it makes a real difference, like if you're on a video call or playing an intense video game.

If you see more specific types of 5G icons, like "5G UW" used by Verizon or "5G UC" if you're on T-Mobile service, Hyers said you're probably connected to a 5G network at that moment. Those extra letters or symbols sometimes indicate types of 5G technology that are capable of faster and more reliable connections, but they aren't always better, depending on your circumstances. Confusingly, AT&T has showed "5G E" icons on phones. That is not 5G service at all.

Here's how major carriers responded to the Post's reporter:
  • "AT&T said its '5G' indicators on phones line up with a telecommunications standards organization that established the icon to mean 5G networks are available."
  • "Verizon didn't respond to my questions."
  • "T-Mobile said for most of its cellphone network, your phone accurately reflects if you're on 5G."

The article suggests setting your phone to just automatically switch to 5G networks when high-bandwidth applications are in use...


Communications

Starlink Is Now Available on All Hawaiian Airlines Airbus Flights (cnet.com) 36

Hot on the heels of United Airlines' Starlink announcement, Hawaiian Airlines said it, too, is offering "fast and free Starlink Wi-Fi" across its entire Airbus fleet. CNET reports: Hawaiian Airlines is now the first major carrier to use Elon Musk's satellite internet service, which taps more than 7,000 satellites in low earth orbit to deliver high-speed internet worldwide. "In Starlink's low earth orbit constellation of advanced satellites, the latest of which utilize a revolutionary laser mesh network, we found an ideal solution to ensure reliable, high-speed, low-latency Wi-Fi on transpacific flights," a Hawaiian Airlines representative told CNET. "Working with Starlink has allowed us to offer a fast and consistent in-flight connectivity experience that meets our high standard for guest service."

The company first debuted Starlink on its planes in February on a flight from Honolulu to Long Beach, California. It first struck a deal with Starlink in 2022 and has now completed installation across its entire Airbus fleet, which includes 24 A330 planes and 18 A321neos. Hawaiian Airlines will also deploy the service on its two Boeing 787-9 planes, but not its Boeing 717 aircraft, which are used on shorter flights between the Hawaiian Islands.

Businesses

Dozens of Fortune 100 Companies Have Unwittingly Hired North Korean IT Workers (therecord.media) 29

"Dozens of Fortune 100 organizations" have unknowingly hired North Korean IT workers using fake identities, generating revenue for the North Korean government while potentially compromising tech firms, according to Google's Mandiant unit. "In a report published Monday [...], researchers describe a common scheme orchestrated by the group it tracks as UNC5267, which has been active since 2018," reports The Record. "In most cases, the IT workers 'consist of individuals sent by the North Korean government to live primarily in China and Russia, with smaller numbers in Africa and Southeast Asia.'" From the report: The remote workers "often gain elevated access to modify code and administer network systems," Mandiant found, warning of the downstream effects of allowing malicious actors into a company's inner sanctum. [...] Using stolen identities or fictitious ones, the actors are generally hired as remote contractors. Mandiant has seen the workers hired in a variety of complex roles across several sectors. Some workers are employed at multiple companies, bringing in several salaries each month. The tactic is facilitated by someone based in the U.S. who runs a laptop farm where workers' laptops are sent. Remote technology is installed on the laptops, allowing the North Koreans to log in and conduct their work from China or Russia.

Workers typically asked for their work laptops to be sent to different addresses than those listed on their resumes, raising the suspicions of companies. Mandiant said it found evidence that the laptops at these farms are connected to a "keyboard video mouse" device or multiple remote management tools including LogMeIn, GoToMeeting, Chrome Remote Desktop, AnyDesk, TeamViewer and others. "Feedback from team members and managers who spoke with Mandiant during investigations consistently highlighted behavior patterns, such as reluctance to engage in video communication and below-average work quality exhibited by the DPRK IT worker remotely operating the laptops," Mandiant reported.

In several incident response engagements, Mandiant found the workers used the same resumes that had links to fabricated software engineer profiles hosted on Netlify, a platform often used for quickly creating and deploying websites. Many of the resumes and profiles included poor English and other clues indicating the actor was not based in the U.S. One characteristic repeatedly seen was the use of U.S-based addresses accompanied by education credentials from universities outside of North America, frequently in countries such as Singapore, Japan or Hong Kong. Companies, according to Mandiant, typically don't verify credentials from universities overseas.
Further reading: How Not To Hire a North Korean IT Spy
Social Networks

Evan Prodromou Launches The Social Web Foundation To Build Out the Fediverse 15

Evan Prodromou, co-author of the ActivityPub protocol, has launched The Social Web Foundation to address the challenges of the ActivityPub ecosystem and foster the growth of the Fediverse. The foundation aims to support developers, organizations, and governments through advocacy, educational materials, and infrastructure, while maintaining a decentralized approach to improving the social web. We Distribute reports: "I wish I would've started it five years ago," Evan explains in a call, "We're seeing growth of ActivityPub in the commercial sector, we want to help guide that work, especially for devs that don't know how to engage with the Fediverse, or the work that happens in private spaces. As we're seeing a lot of growth, it's important to help push that growth forward, we're really filling in the crack no other organization is doing." The foundation launches with a dedicated team of three: Evan Prodromou is the Research Director, Mallory Knodel serves as the Executive Director, and Tom Coates acts as Product Director. The trio brings a wealth of knowledge regarding protocol development, open source development, technology policy, and product development for the Web.

In terms of fulfilling its goals, the organization has a few specific areas of focus: People, Policy, Protocol, and Plumbing. The SWF has deemed these areas as critical to their mission statement, and will start with these core focuses. [...] At launch, The Social Web Foundation has announced 12 partner organizations, who serve as a pool of knowledge, resources, and stakeholders. The majority of these entities are either building for the Fediverse directly, or providing infrastructure and services indirectly. Aside from Meta being an early supporter, one surprise is the inclusion of The Ford Foundation, a social justice organization dedicated to supporting next-generation solutions for the social good. At time of launch, the SWF will have access to more than 20 dedicated advisors, who will guide the organization on current problem areas their own efforts are facing, and provide insights on how to move forward and make progress.
"The Fediverse is too big and too diverse for anyone to claim to speak for the Fediverse. That's not what we want to do or who we want to be," Evan says, "We may do things that people on the network disagree with, like encouraging media organizations to join the network, but what we want to do is help the mission of growing and improving the Fediverse over time."
Censorship

Russia Blocks OONI Explorer, a Large Open Dataset On Internet Censorship (ooni.org) 13

As of September 11th, Russia has blocked access to OONI Explorer, citing concerns over circumvention tools. This block affects Russian users' ability to access not only circumvention data but also the extensive dataset on global internet censorship that OONI provides. From a blog post: OONI Explorer is one of the largest open datasets on internet censorship around the world. We first launched this web platform back in 2016 with the goal of enabling researchers, journalists, and human rights defenders to investigate internet censorship based on empirical network measurement data that is contributed by OONI Probe users worldwide. Every day, we publish new measurements from around the world in real-time.

Today, OONI Explorer hosts more than 2 billion network measurements collected from 27 thousand distinct networks in 242 countries and territories since 2012. Out of all countries, OONI Probe users in Russia contribute the second largest volume of measurements (following the U.S, where OONI Probe users contribute the most measurements out of any country). This has enabled us to study various cases of internet censorship in Russia, such as the blocking of Tor, the blocking of independent news media websites, and how internet censorship in Russia changed amid the war in Ukraine.

In this report, we share OONI data on the blocking of OONI Explorer in Russia.

China

China-Linked Hackers Breach US Internet Providers in New 'Salt Typhoon' Cyberattack (msn.com) 16

Hackers linked to the Chinese government have broken into a handful of U.S. internet-service providers in recent months in pursuit of sensitive information, WSJ reported Wednesday, citing people familiar with the matter. From the report: The hacking campaign, called Salt Typhoon by investigators, hasn't previously been publicly disclosed and is the latest in a series of incursions that U.S. investigators have linked to China in recent years. The intrusion is a sign of the stealthy success Beijing's massive digital army of cyberspies has had breaking into valuable computer networks in the U.S. and around the globe.

In Salt Typhoon, the actors linked to China burrowed into America's broadband networks. In this type of intrusion, bad actors aim to establish a foothold within the infrastructure of cable and broadband providers that would allow them to access data stored by telecommunications companies or launch a damaging cyberattack. Last week, U.S. officials said they had disrupted a network of more than 200,000 routers, cameras and other internet-connected consumer devices that served as an entry point into U.S. networks for a China-based hacking group called Flax Typhoon. And in January, federal officials disrupted Volt Typhoon, yet another China-linked campaign that has sought to quietly infiltrate a swath of U.S. critical infrastructure.

"The cyber threat posed by the Chinese government is massive," said Christopher Wray, the Federal Bureau of Investigation's director, speaking earlier this year at a security conference in Germany. "China's hacking program is larger than that of every other major nation, combined." U.S. security officials allege that Beijing has tried and at times succeeded in burrowing deep into U.S. critical infrastructure networks ranging from water-treatment systems to airports and oil and gas pipelines. Top Biden administration officials have issued public warnings over the past year that China's actions could threaten American lives and are intended to cause societal panic. The hackers could also disrupt the U.S.'s ability to mobilize support for Taiwan in the event that Chinese leader Xi Jinping orders his military to invade the island.

Microsoft

Admins Using Windows Server Update Services Up in Arms as Microsoft Deprecates Feature (theregister.com) 77

Microsoft giveth and Microsoft taketh away, as administrators using Windows Server Update Services (WSUS) will soon find out. From a report: Windows Server 2025 remains in preview, but Microsoft has been busy letting users know what is set for removal and what will be deprecated in the release. WSUS fits into the latter category -- still there for now, but no longer under active development. This is a big deal for many administrators who rely on the feature to deploy and manage the distribution of updates and features in an enterprise environment.

It'll even work on a network disconnected from the internet -- download the patches to a connected computer, stick them on some removable media, import the patches to a WSUS server on the disconnected network, and away you go. A tame administrator told El Reg: "We are migrating to Intune. It's a lot more complicated than WSUS, and it takes a lot longer to get set up."

"Such is progress!" he sighed. Microsoft's advice is, unsurprisingly, to migrate to cloud tools. As well as the aforementioned Intune, there is also Windows Autopatch for client update management or Azure Update Manager for server update management. And there are plenty of third-party tools out there too, such as Ansible. Microsoft's announcement has attracted comment. One user said: "Congratulations, you just made centralized automated patching subject to internal politics and budget constraints. "I survived the era of Melissa, SQL Slammer, and other things that were solved when we no longer had to choose between paid patch management or trusting admins of every server to do the right thing. For those of you that did not live through that, buckle up!"

United States

DOJ Sues Visa For Locking Out Rival Payment Platforms (theverge.com) 35

The Department of Justice has filed an antitrust lawsuit against Visa, alleging that the financial services firm has an illegal monopoly over debit network markets and has attempted to unlawfully crush competitors, including fintech companies like PayPal and Square. From a report: The lawsuit follows a multiyear investigation of Visa which the company disclosed in 2021. "We allege that Visa has unlawfully amassed the power to extract fees that far exceed what it could charge in a competitive market," Attorney General Merrick Garland said in a statement. "Merchants and banks pass along those costs to consumers, either by raising prices or reducing quality or service. As a result, Visa's unlawful conduct affects not just the price of one thing -- but the price of nearly everything."

Visa makes more than $7 billion a year in payment processing fees alone, and more than 60 percent of debit transactions in the United States run on Visa's network, the complaint claims. The government alleges that Visa's market dominance is partly due to the "web of exclusionary agreements" it imposes on businesses and banks. Visa has also attempted to "smother" competitors -- including smaller debit networks and newer fintech companies -- the complaint alleges. Visa executives allegedly feel particularly threatened by Apple, which the company has described as an "existential threat," the DOJ claims.

Microsoft

Microsoft Tightens Digital Defenses with Sweeping Security Overhaul (geekwire.com) 32

Microsoft unveiled detailed security reforms Monday, five months after CEO Satya Nadella pledged to prioritize cybersecurity following major breaches. The 25-page Secure Future Initiative report [PDF] outlines technical and governance changes addressing criticisms in an April 2024 Cyber Safety Review Board report that deemed Microsoft's security culture "inadequate."

Microsoft said it implemented significant security upgrades to its Entra ID and Microsoft Account systems, introducing Azure-managed hardware security modules for access token signing keys. The company has also purged 5.75 million inactive tenants to minimize potential attack vectors and adopted a new testing system with secure defaults to prevent legacy-related security issues. Concurrently, Microsoft has enhanced its network tracking capabilities, now monitoring over 99 percent of its physical network through a centralized inventory system, which aids in firmware compliance and logging.

Internal security measures have been tightened, with engineering teams facing stricter access controls. Personal access tokens are now limited to seven days, SSH access has been disabled for internal engineering repositories, and access to critical engineering systems has been restricted to fewer groups. Additionally, Microsoft has extended its audit log retention period to a minimum of two years, bolstering its ability to investigate and respond to potential security incidents.
Google

Internal Google Emails Presented at Antitrust Trial (msn.com) 28

In the antitrust trial alleging Google had an ad-selling monopoly, "government lawyers have said some of their strongest evidence is in Google's own internal communications," reports the Wall Street Journal: [In 2010] a new crop of ad-tech companies were threatening Google's bottom line. "One way to make sure we don't get further behind in the market is picking up the one with the most traction and parking it somewhere..." [wrote YouTube Chief Executive Neal Mohan, who previously ran Google's display-ads business]. Google ended up buying one such company, AdMeld, for $400 million in 2011. Google shut down AdMeld two years later, after incorporating some of the startup's technology into its ad exchange, known commonly as AdX.

The Justice Department argued that AdMeld was part of a larger trend: Google acquiring nascent rivals to corner the market and then locking customers into using its products by conditioning access to one software tool on them paying for another... In a 2016 email introduced by the government, Google executive Jonathan Bellack asked colleagues: "Is there a deeper issue with us owning the platform, the exchange, and a huge network? The analogy would be if Goldman or Citibank owned the NYSE [New York Stock Exchange]...." The Justice Department also cited a 2018 email from another then-executive, Chris LaSala, who raised concerns internally over the 20% cut that Google takes from many of its AdX customers, saying Google was extracting "irrationally high rent" from users. "I don't think there is 20% of value in comparing two bids," wrote LaSala. "AdX is not providing additional liquidity to the market. It is simply running the auction."

Another former Google executive, Eisar Lipkovitz, testified that Google's omnipresence in ad-tech gives rise to conflicts of interest. Lipkovitz was rebuffed when he tried to get Google to lower the cut it took from AdX, he testified in a prerecorded deposition. The Justice Department finished presenting its case on Friday. Other witnesses included Google customers. One was Stephanie Layser, a former News Corp executive, who said she felt she had no choice but to use Google technology because the search giant has such market power that switching to another ad server would have meant losing out on millions in advertising revenue.

Google's lawyer countered that "There will be no witness in this case who can say with clarity where this industry is going in the next five years."

Or, as the Wall Street Journal puts it, "It makes no sense to focus on display ads, Google argues, when the industry is shifting to apps, social media and streaming services. Far from monopolizing the space, Google is actually losing ground, Google lawyer Karen Dunn said in her opening trial statement..."

Slashdot Top Deals