Encryption

Was the US Telecom Breach Inevitable, Proving Backdoors Can't Be Secure? (theintercept.com) 76

America's 1994 "Communications Assistance for Law Enforcement Act" (or CALEA) created the security hole that helped enable a massive telecomm breach. But now America's FBI "is falling back on the same warmed-over, bad advice about encryption that it has trotted out for years," argues the Intercept: In response to the Salt Typhoon hack, attributed to state-backed hackers from China, the bureau is touting the long-debunked idea that federal agents could access U.S. communications without opening the door to foreign hackers. Critics say the FBI's idea, which it calls "responsibly managed encryption," is nothing more than a rebranding of a government backdoor. "It's not this huge about-face by law enforcement," said Andrew Crocker, the surveillance litigation director at the Electronic Frontier Foundation. "It's just the same, illogical talking points they have had for 30+ years, where they say, 'Encryption is OK, but we need to be able to access communications.' That is a circle that cannot be squared...."

In a blog post last month, encryption expert Susan Landau said CALEA had long been a "national security disaster waiting to happen... If you build a system so that it is easy to break into, people will do so — both the good guys and the bad. That's the inevitable consequence of CALEA, one we warned would come to pass — and it did," she said...

Sean Vitka, the policy director at the progressive group Demand Progress, said the hack has once again provided damning evidence that government backdoors cannot be secured. "If the FBI cannot keep their wiretap system safe, they absolutely cannot keep the skeleton key to all Apple phones safe," Vitka said.

Thanks to Slashdot reader mspohr for sharing the article.
China

America Prepares New AI Chip Restrictions to Close China's Backdoor Access (msn.com) 20

The U.S. wants to limit China's access to advanced AI chips, reports the Wall Street Journal, with new rules to restrict sales in parts of the world.

"The rules are aimed at China, but they threaten to create conflict between the U.S. and nations that may not want their purchases of chips micromanaged from Washington. The latest round of curbs could come this month... Among the restrictions, the administration aims to introduce caps on shipments of AI chips to certain countries for use in large computing facilities, people familiar with the plans said. One grouping of countries — close U.S. allies — would be unrestricted, the people said, while another tier of countries would face limits on the number of chips that can go into data centers used for AI... The purchasing caps primarily apply to regions such as Southeast Asia and the Middle East, the people said...

The administration recently sent letters to major chip-makers including Taiwan Semiconductor Manufacturing and Samsung Electronics informing them about some of the restrictions, these people said. The letters said the companies needed to apply for a license to transfer chips to China that are manufactured using advanced chip-making technology or meet other criteria. These criteria include a size and transistor-number limit as well as any indication that the chips are for use in training AI models, the people said. Previous regulations already limit the shipment of advanced GPUs and memory chips to China, but the new rules spell out more clearly to manufacturers what is banned.

U.S. officials "are also considering other options," the article points out. "The administration is considering placing controls on exports of the so-called weights that underlie advanced AI models, according to people familiar with the matter, and weighing further China-specific restrictions on chip manufacturing."
Power

Chinese Electric Cars are Already Surging in Popularity in Mexico, Europe, Asia, and Africa (msn.com) 223

"The Chinese government has long subsidized carmakers with the goal of becoming a major auto exporter," notes the New York Times. But this week they reported on dozens of dealerships around Mexico that are now selling China-made electric vehicles, saying it could be "a potentially grave threat to the North American auto industry."

One employee said their dealership "was selling cars as fast as they arrived from China," including "a small but capable four-door electric compact that costs about $18,000." Chinese carmakers are effectively barred from the United States by tariffs that double the sticker price of vehicles imported from China, and they are not yet manufacturing significant numbers of vehicles in Mexico that could be exported across the border. But their ambition to expand overseas is on vivid display in Mexico and across Latin America, Asia, Europe and Africa. Ads for Chinese brands are in airports and soccer stadiums and loom above Mexico City streets on large billboards. Chinese cars, both gasoline and electric models, are an increasingly common sight. BYD and others are also looking for places to build factories in Mexico, although none have announced firm plans. Initially, the plants would serve Latin America, part of a campaign by Chinese automakers to erode the dominance of Japanese, American and European carmakers in places like Brazil and Thailand.

But there is little doubt that, eventually, Chinese carmakers hope to use Mexico as an on-ramp to the United States.

One of Mexico's EV dealers suggested to the Times that "maybe next year BYD can enter the United States." And he added with a smile, "If not, I can deliver." It is very unlikely that the Dolphin or any other Chinese car brand will be available in the United States soon. Because of the high tariffs, Chinese carmakers have not tried to establish dealerships or get approval from federal regulators to sell in the United States. (BYD does make electric buses in California.) And someone buying a BYD from a Mexican dealer like Mr. Alegría would have a hard time registering and insuring it in the United States because the cars have not demonstrated that they meet safety standards... But in the years to come it may be difficult to explain to consumers in the United States why they're not allowed to buy inexpensive electric vehicles that are readily available across the border, especially if they're made in Mexico, which already manufactures millions of cars for the United States.

Less than 20 years ago, Chinese cars were widely seen as inferior, even by many Chinese drivers. But in recent years, the country's manufacturers have pulled even with foreign rivals in mechanical quality, analysts say, and often surpass U.S., Japanese and European carmakers in battery technology, autonomous driving and entertainment software. (Think in-car karaoke and rotating touch screens)... [T]he auto industry does not appear to have seen anything like the current wave of Chinese brands, which have quickly overtaken Japanese companies as the world's largest auto exporters. Chinese carmakers have made deep inroads in countries where they have local production or face few significant trade barriers. In Brazil, Chinese brands have a 9 percent share of car sales, up from 1 percent in 2019. In Thailand, they have 18 percent of the market, up from 5 percent in 2019, according to JATO.

The article notes that for the world's largest car market — China itself — General Motors just announced "a more than $5 billion hit to its profit" to restructure China operations that have been losing money in recent years. And the article includes this quote from Felipe Munoz, global analyst at the research firm JATO Dynamics.

"Before the pandemic, the rules were set down by the Western carmakers. Now it's the opposite."
Apple

AirPods To Be Made In India For the First Time Next Year (macrumors.com) 6

An anonymous reader quotes a report from MacRumors: Apple will begin making AirPods in India for the first time early next year, reports Bloomberg. Foxconn will make the wireless earphones at a factory near Hyderabad in Telangana state, beginning around Q1 2025. The factory has reportedly been making AirPods on a trial basis, with manufacturing set to ramp up quickly after production begins. It will make AirPods only the second major Apple product to be assembled in India after the iPhone.

The decision to set up production in India was requested by Apple back in 2023, according to a previous report. Foxconn officials apparently debated internally for months about whether to assemble AirPods due to the relatively low profit margins, but ultimately decided to go ahead with it to "reinforce engagement" with Apple. Indian Prime Minister Narendra Modi's government offers financial incentives to companies that produce wireless earphones and smartwatches locally, which influenced Apple's decision to move manufacturing there. The move is also part of Apple's plan to reduce its production reliance on China amid rising geopolitical tensions between the country and the United States.

The Military

The US Military is Now Talking Openly About Going On the Attack in Space 107

The U.S. military has begun openly discussing offensive capabilities in space, reports ArsTechnica, a significant shift from previous policies that avoided mentioning space-based weapons to prevent an arms race. U.S. Space Command recently listed "integrated space fires" -- military terminology for offensive or defensive actions against adversaries -- among its priorities.

The move follows increasing concerns about China and Russia's space warfare capabilities, including satellite-disabling weapons and potential nuclear anti-satellite systems. "Space is a war-fighting domain," Space Force Chief Gen. Chance Saltzman said at a conference in Orlando. "Ten years ago, I couldn't say that." Gen. Stephen Whiting, head of U.S. Space Command, identified "integrated space fires" as his organization's most urgent requirement. The capabilities under consideration range from cyberattacks and directed energy weapons to satellite-capture systems, though specific details remain classified.
Social Networks

US Lawmakers Tell Apple, Google To Be Ready To Remove TikTok From App Stores on January 19 (reuters.com) 104

Leaders of the U.S. House of Representatives committee on China told Apple and Google's parent Alphabet to prepare to remove TikTok from U.S. app stores on January 19, following a federal appeals court decision upholding legislation requiring Chinese-based ByteDance to divest the platform or face a ban.
United States

US Curbs Scope of China Science Accord Amid Tech Rivalry (apnews.com) 5

The U.S. and China signed a modified science and technology agreement on Friday, narrowing its scope and adding security safeguards to address growing technological rivalry between the world's two largest economies.

The updated pact, which extends cooperation for five years, focuses solely on basic research and excludes critical technologies like AI and quantum computing. The State Department said the agreement strengthens intellectual property protections and introduces new provisions for transparency and data sharing. The revision comes amid escalating tech tensions, with Washington restricting advanced chip exports to China and limiting U.S. investments in sensitive technologies that could enhance Chinese military capabilities.
Games

Gukesh Dommaraju Becomes Youngest World Chess Champion (theguardian.com) 46

Indian teenager Gukesh Dommaraju made history by defeating China's Ding Liren to become the youngest world chess champion at 18, sealing a dramatic 7.5-6.5 victory in the 14-game match. The Guardian reports: The 18-year-old from Chennai dramatically snatched the decisive victory from a dead-drawn position in the final contest of their best-of-14-games showdown when Ding made one of the worst blunders in the 138-year history of world championship matchplay. The 32-year-old defending champion resigned moments later after a game that lasted 58 moves and just over four hours, sealing Gukesh's 7.5-6.5 win in the three-week match and rendering moot the widely expected prospect of tiebreaker matches on Friday afternoon.

In doing so, Gukesh shattered the age record held by Garry Kasparov, who was 22 when he toppled Anatoly Karpov in 1985. Gukesh admitted he didn't initially recognize Ding's rook move (55 Rf2??) as a blunder, saying it took a few seconds to spot that his opponent's bishop was trapped. He could barely conceal his excitement upon the discovery, while a devastated Ding could only bury his head in his hands. "When I realized it, it was probably the best moment of my life," said Gukesh, who brings home the $1.35 million winner's share of the $2.5 million prize fund along with the sport's most prestigious title.

Security

Researchers Uncover Chinese Spyware Used To Target Android Devices (techcrunch.com) 34

Security researchers have uncovered a new surveillance tool that they say has been used by Chinese law enforcement to collect sensitive information from Android devices in China. From a report: The tool, named "EagleMsgSpy," was discovered by researchers at U.S. cybersecurity firm Lookout. The company said at the Black Hat Europe conference on Wednesday that it had acquired several variants of the spyware, which it says has been operational since "at least 2017."

Kristina Balaam, a senior intelligence researcher at Lookout, told TechCrunch the spyware has been used by "many" public security bureaus in mainland China to collect "extensive" information from mobile devices. This includes call logs, contacts, GPS coordinates, bookmarks, and messages from third-party apps including Telegram and WhatsApp. EagleMsgSpy is also capable of initiating screen recordings on smartphones, and can capture audio recordings of the device while in use, according to research Lookout shared with TechCrunch.

A manual obtained by Lookout describes the app as a "comprehensive mobile phone judicial monitoring product" that can obtain "real-time mobile phone information of suspects through network control without the suspect's knowledge, monitor all mobile phone activities of criminals and summarize them."

China

Chinese Scientists Have No Choice But To Leave US, Top Mathematician Says (scmp.com) 235

China should focus on developing original technologies and scientific knowledge and leverage the expertise of scientists returning from the United States, according to a top Chinese-American mathematician. From a report: Yau Shing-Tung retired from Harvard University in 2022 to teach at Tsinghua University and help China become a maths powerhouse. He said many ethnic Chinese students had been driven away from the US by discrimination from the government, including accusations of misusing American research funds for China's benefit.

"Chinese scientists have no choice but to leave the US because they work best under a supportive research environment," he said. "This exodus is unfortunate for the US as it could diminish its research capabilities. For China, the return of these scientists means it is gaining top talent, but it also results in weakened ties with the US and a loss of first-hand knowledge of advanced technologies."

An increasing number of leading scientists are leaving the West for Chinese institutions. Yau's maths centre at Tsinghua in Beijing is one example where top foreign mathematicians have been recruited. In a survey of 1,300 US-based scientists of Chinese descent conducted between late 2021 and early 2022, 72 per cent of respondents said they did not feel safe as academic researchers. And 61 per cent said they had thought about leaving the United States for either Asian or non-Asian countries.

China

China's Trillion-Dollar Bet on High-Speed Rail Transformation (msn.com) 138

China's high-speed rail network, which has tripled to nearly 30,000 miles under President Xi Jinping's leadership, faces mounting financial challenges amid aggressive expansion plans. China State Railway Group, the national operator, has accumulated nearly $1 trillion in debt and liabilities, requiring $25 billion annually for debt service.

Despite this, plans call for adding 15,000 more miles by 2035. While flagship routes between major cities like Beijing and Shanghai remain profitable, newer lines into rural regions are struggling with low ridership. In Sichuan province's Fushun County, which received high-speed rail service in 2021, stations built for thousands sit largely empty despite having 12 high-speed rail stops within a 40-mile radius.

The expansion has become a symbol of China's technological advancement but raises concerns about economic viability. Ticket prices are maintained at about one-quarter of global averages to ensure public access, limiting profit potential. The railway operator turned a modest $460 million profit in 2023, aided by government subsidies, after three years of losses during the pandemic.
China

America's Phone Networks Could Soon Face Financial - and Criminal - Penalties for Insecure Networks (msn.com) 55

The head of America's FCC "has drafted plans to regulate the cybersecurity of telecommunications companies," reports the Washington Post, and the plans could include financial penalties phone network operators with insufficient security — "the first time the agency has asserted such powers under federal wiretapping law." Rosenworcel said the FCC's authority in this matter comes from Section 105 of the Communications Assistance for Law Enforcement Act [passed in 1994] — a single sentence that stipulates, without elaboration, that telecommunications carriers should ensure systems security "in accordance with regulations prescribed by the Commission." As one of the measures, she is seeking to require network providers to submit an annual certification to the FCC that they are implementing a cybersecurity risk management plan. In addition to imposing fines, the FCC could coordinate with other agencies to pursue criminal penalties against carriers deemed too careless on cybersecurity...

Biden administration officials said voluntary efforts to protect against aggressive Chinese hacking activity have fallen short. "We've had for the last decade voluntary public-private partnership efforts," Neuberger told The Post in a recent interview. "But we continue to see successful breaches, and in many cases, as with ransomware attacks, we continue to see pretty basic cybersecurity practices not being followed." With China's hackers becoming more brazen, pre-positioning themselves in U.S. critical networks, "we need to lock our digital doors," Neuberger said...

Cyber requirements can make a difference, she said. After the Colonial Pipeline ransomware attack in 2021 shut down one of the nation's largest energy pipelines for several days, creating a national security scare, the Transportation Security Administration issued several security directives, and today, all of the country's several dozen critical pipeline companies are in compliance, she said. Similar directives were subsequently issued for rail and aviation sectors, and the compliance rates in those industries are now at 68 and 57 percent respectively, she said.

China

Dozens of Countries Hit in Chinese Telecom Hacking Campaign, Top US Official Says (msn.com) 41

China-linked spies may still be lurking in U.S. telecommunications networks — but the breach could be much, much wider. In fact, a "couple dozen" countries were hit by the attack, the Wall Street Journal reported this week, citing a top U.S. national security adviser. "Chinese government hackers have compromised telecommunications infrastructure across the globe as part of a massive espionage campaign..." Speaking during a press briefing Wednesday, Anne Neuberger, President Biden's deputy national security adviser for cyber and emerging technology, said the so-called Salt Typhoon campaign is ongoing and that at least eight telecommunications firms in the U.S. had been breached... The Journal previously identified Verizon, AT&T, T-Mobile and Lumen Technologies among the victims... [M]etadata grabs appeared to be "regional" in focus, and were likely a means to identify phone lines of valuable senior government officials, which the hackers then targeted to steal encrypted text messages and listen in on some phone calls, the official said... President-elect Donald Trump, Vice President-elect JD Vance, senior congressional staffers and an array of U.S. security officials were among scores of individuals to have their calls and texts directly targeted, an intelligence-collection coup that likely ensnared their private communications with thousands of Americans, the Journal has reported.

The senior administration official said the global tally of countries victimized was currently believed to be in the "low, couple dozen" but didn't give a precise figure. The global campaign of hacking activity dates back at least a year or two, the official said.

"Neuberger, on the press briefing, said that it wasn't believed that classified communications were accessed in the breaches."
Science

Wuhan Lab Researcher Fully Sequences Genomes of Coronavirus Samples From 2004 to 2021, Finds No Close Relatives to SARS-CoV-2 (nature.com) 234

60-year-old Chinese virologist Shi Zhengli led the Wuhan Institute of Virology's group studying bat coronaviruses (prompting Science magazine to call her "Bat Woman"). In June of 2020 Scientific American described Zhengli as "distressed because stories from the Internet and major media have repeated a tenuous suggestion that SARS-CoV-2 accidentally leaked from her lab — despite the fact that its genetic sequence does not match any her lab had previously studied."

More than four years later, Nature writes Friday that Zhengli "reported that none of the viruses stored in her freezers are the most recent ancestors of the virus SARS-CoV-2," presenting data at a conference in Japan "on dozens of new coronaviruses collected from bats in southern China." Shi has consistently said that SARS-CoV-2 was never seen or studied in her lab. But some commentators have continued to ask whether one of the many bat coronaviruses her team collected in southern China over decades was closely related to it. Shi promised to sequence the genomes of the coronaviruses and release the data. The latest analysis, which has not been peer reviewed, includes data from the whole genomes of 56 new betacoronaviruses, the broad group to which SARS-CoV-2 belongs, as well as some partial sequences. All the viruses were collected between 2004 and 2021.

"We didn't find any new sequences which are more closely related to SARS-CoV-1 and SARS-CoV-2," said Shi, in a pre-recorded presentation at the conference... The results support her assertion that the WIV lab did not have any bat-derived sequences from viruses that were more closely related to SARS-CoV-2 than were any already described in scientific papers, says Jonathan Pekar, an evolutionary biologist at the University of Edinburgh, UK. "This just validates what she was saying: that she did not have anything extremely closely related, as we've seen in the years since," he says.

"Earlier this year, Shi moved from the WIV to the Guangzhou Laboratory, a newly established national research institute for infectious diseases."
Social Networks

TikTok is One Step Closer to Being Banned in the US (cnn.com) 208

"TikTok has lost its bid to strike down a law that could result in the platform being banned in the United States," reports CNN.

A U.S. federal appeals court just unanimously ruled in favor of the new U.S. law requiring TikTok's China-based owners to either sell the app next month or face an effective ban in the United States. Denying TikTok's argument that the law was unconstitutional, the judges found that the law does not "contravene the First Amendment to the Constitution of the United States," nor does it "violate the Fifth Amendment guarantee of equal protection of the laws"... After the [January 25] deadline, U.S. app stores and internet services could face hefty fines for hosting TikTok if it is not sold. (Under the legislation, President Biden may issue a one-time extension of the deadline.)

In a statement, TikTok indicated it would appeal the decision. "The Supreme Court has an established historical record of protecting Americans' right to free speech, and we expect they will do just that on this important constitutional issue," said company spokesperson Michael Hughes. "Unfortunately, the TikTok ban was conceived and pushed through based upon inaccurate, flawed and hypothetical information, resulting in outright censorship of the American people. The TikTok ban, unless stopped, will silence the voices of over 170 million Americans here in the US and around the world on January 19th, 2025"....

"People in the United States would remain free to read and share as much PRC propaganda (or any other content) as they desire on TikTok or any other platform of their choosing," the judges said. "What the Act targets is the PRC's ability to manipulate the content covertly. Understood in that way, the Government's justification is wholly consonant with the First Amendment."

The judges also wrote that "in part precisely because of the platform's expansive reach, Congress and multiple Presidents determined that divesting it from the PRC's control is essential to protect our national security... Congress judged it necessary to assume that risk given the grave national-security threats it perceived."

CNN notes that ByteDance "has previously indicated it will not sell TikTok."
The Internet

Is Europe Better Prepared to Protect Undersea Internet Cables? (carnegieendowment.org) 64

The Carnegie Endowment for Peace, a nonpartisan international affairs think tank, points out that when subsea internet cables were cut in November, Europe was more prepared: Where in the past there were no contingency plans for sabotage, there are now more maritime patrols, an attempt to forge deeper intelligence connections, and the beginnings of a new relationship with the private sector...

Even before the October 2023 incident, NATO, the EU, and certain European governments began to increase their efforts to boost subsea cable resilience and security. In February 2023, NATO stood up a new Critical Undersea Infrastructure Coordination Cell in Brussels to convene stakeholders and enhance coordination between the public and private sectors. In July 2023, NATO allies at the Vilnius Summit established a Maritime Center for the Security of Critical Undersea Infrastructure as part of the alliance's Maritime Command in Northwood, UK. In October 2023, after the first incident, NATO defense ministers endorsed a new Digital Ocean Vision, an initiative aimed at improving undersea surveillance. And in February 2024, the European Commission released its first "Recommendation on Secure and Resilient Submarine Cable Infrastructures," encouraging member states to conduct regular stress tests, improve information sharing amongst themselves, and improve cable maintenance and repair capabilities.

The article points out that the Chinese ship suspected in the 2023 cable cutting "ignored requests from Finnish and Estonian authorities to halt" and returned to China. But the Chinese ship suspected in November's cable-cutting "remains in international waters in the Kattegat, with naval and coast guard vessels from Denmark, Germany, and Sweden circling close by." Yet "Under international maritime law, these countries' authorities are not allowed to board..." Current provisions of international law are neither formulated to adequately protect subsea data cables from sabotage nor hold perpetrators accountable. This reality should lead the EU, as a body inherently focused on the resilience of international legal regimes, to push for updates that are better suited for the current geopolitical reality... Lawmakers should also explore ways to increase penalties for subsea cable damage, in part to deter acts of sabotage in the first place....

A forthcoming Carnegie Endowment report will detail more in-depth recommendations on how Europe can both protect itself against future subsea cable damage and help expand trusted networks around the world.

The article also notes that "Of the hundreds of disruptions to cables that occur each year, the vast majority are caused by accidental human activity, like fishing, or natural events, like earthquakes."
Businesses

Monday Americans Spent $13.3 Billion in Biggest Cyber Monday Ever (cnn.com) 50

"$15.8 million every 60 seconds. That's how much US consumers spent in two hours on Monday night," reports CNN, "capping off a five-day spending spree that smashed previous records." U.S. consumers spent a total of $13.3 billion on Cyber Monday, up 7.3% from the previous year, according to Adobe Analytics... Consumers spent a record $41.1 billion across the five days beginning Thanksgiving Day, according to Adobe. "While Cyber Monday remained the season's and year's biggest online shopping day, year-over-year growth was stronger on both Thanksgiving and Black Friday," Vivek Pandya, lead analyst at Adobe Digital Insights, said in a statement... The company's data projects that holiday spending from November 1 to December 31 will surpass $240 billion, up 8.4% from the previous year.

The record sales on Cyber Monday were boosted by US consumers shopping on their mobile devices, which accounted for $7.6 billion in spending. This year, 57% of online sales came through a mobile device, compared to 33% in 2019, as shopping on mobile phones has surged in popularity... Buy now, pay later" programs also contributed nearly $1 billion in spending on Cyber Monday, a record high. About 75% of these types of transactions occurred through a mobile device.

Cyber Monday shopping wasn't just confined to the US, either. Global sales reached $49.7 billion, up 3% from the previous year, according to data from Salesforce.

The top-selling items included consumer electronics like the PlayStation 5, Xbox Series X and Nintendo Switch OLED, the article points out (adding that "About 78% of all consumer smartphones and 87% of consoles were imported from China in 2023, according to a report from the Consumer Technology Association.")

More interesting statistics from CNN:
  • "Discounts on apparel peaked at just over 23% off, while TVs and computers peaked at almost 22% off, according to Adobe. And the discounts might last: Adobe projects discounts of up to 18% off computers through the end of the year... "
  • "For US retail sites, the share of revenue from affiliates and partners like social media influencers was 20.3% on Cyber Monday, up almost 7% from the previous year. "
  • "Additionally, companies employed AI chatbots to assist consumers, like Amazon's Rufus. Traffic to retail sites from chatbots increased by nearly 2,000% on Cyber Monday, according to Adobe."

Encryption

US Officials Urge Americans to Use Encrypted Apps Amid Unprecedented Cyberattack (nbcnews.com) 58

An anonymous reader shared this report from NBC News: Amid an unprecedented cyberattack on telecommunications companies such as AT&T and Verizon, U.S. officials have recommended that Americans use encrypted messaging apps to ensure their communications stay hidden from foreign hackers...

In the call Tuesday, two officials — a senior FBI official who asked not to be named and Jeff Greene, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency — both recommended using encrypted messaging apps to Americans who want to minimize the chances of China's intercepting their communications. "Our suggestion, what we have told folks internally, is not new here: Encryption is your friend, whether it's on text messaging or if you have the capacity to use encrypted voice communication. Even if the adversary is able to intercept the data, if it is encrypted, it will make it impossible," Greene said. The FBI official said, "People looking to further protect their mobile device communications would benefit from considering using a cellphone that automatically receives timely operating system updates, responsibly managed encryption and phishing resistant" multi-factor authentication for email, social media and collaboration tool accounts...

The FBI and other federal law enforcement agencies have a complicated relationship with encryption technology, historically advocating against full end-to-end encryption that does not allow law enforcement access to digital material even with warrants. But the FBI has also supported forms of encryption that do allow some law enforcement access in certain circumstances.

Officials said the breach seems to include some live calls of specfic targets and also call records (showing numbers called and when). "The hackers focused on records around the Washington, D.C., area, and the FBI does not plan to alert people whose phone metadata was accessed."

"The scope of the telecom compromise is so significant, Greene said, that it was 'impossible" for the agencies "to predict a time frame on when we'll have full eviction.'"
United States

Telcos Struggle To Boot Chinese Hackers From Networks (axios.com) 49

China-linked spies are still lurking inside U.S. telecommunications networks roughly six months after American officials started investigating the intrusions, senior officials told reporters Tuesday. From a report: This is the first time U.S. officials have confirmed reports that Salt Typhoon hackers still have access to critical infrastructure -- and they're proving difficult to kick out. Officials added that they don't yet know the full scope of the intrusions, despite starting the investigation in late spring.

The Cybersecurity and Infrastructure Security Agency and FBI released guidance Tuesday for the communications sector to harden their networks against Chinese state-sponsored hackers. The guide includes basic steps like maintaining logs of activity on the network, keeping an inventory of all devices in the telecom's environment and changing any default equipment passwords. The hack has given Salt Typhoon unprecedented access to records from U.S. telecommunications networks about who Americans are communicating with, a senior FBI official told reporters during a briefing.

Transportation

India's EV Paradox: Highest Subsidies, Lowest Uptake (indiadispatch.com) 132

India, the world's fifth-largest economy, is offering the heftiest electric vehicle subsidies globally -- yet has achieved just 2% market penetration so far. From a report: India's total EV subsidies amount to 40-50% of vehicle prices when accounting for GST (goods and services tax), road tax benefits, state subsidies and production-linked incentives. For larger vehicles like the Grand Vitara, the effective subsidy reaches 61%.

This dwarfs incentives in other major markets. China's subsidies represent about 10% of EV prices, while South Korea and Germany offer around 16-20%. The US provides roughly 26% through various federal and state programs.

Yet India's EV penetration significantly lags these markets. China has reached 24% penetration, South Korea 18%, Germany 20%, and the US 8%. India's 2% looks particularly stark in comparison.

Slashdot Top Deals