China

China Bans Compulsory Facial Recognition and Its Use in Private Spaces Like Hotel Rooms (theregister.com) 28

China's Cyberspace Administration and Ministry of Public Security have outlawed the use of facial recognition without consent. From a report: The two orgs last Friday published new rules on facial recognition and an explainer that spell out how orgs that want to use facial recognition must first conduct a "personal information protection impact assessment" that considers whether using the tech is necessary, impacts on individuals' privacy, and risks of data leakage. Organizations that decide to use facial recognition must data encrypt biometric data, and audit the information security techniques and practices they use to protect facial scans. Chinese that go through that process and decide they want to use facial recognition can only do so after securing individuals' consent. The rules also ban the use of facial recognition equipment in public places such as hotel rooms, public bathrooms, public dressing rooms, and public toilets. The measures don't apply to researchers or to what machine translation of the rules describes as "algorithm training activities" -- suggesting images of citizens' faces are fair game when used to train AI models.
China

China Explores Limiting Its EV and Battery Exports For US Tariff Negotiations (msn.com) 160

"China is considering trying to blunt greater U.S. tariffs and other trade barriers," reports the Wall Street Journal, "by offering to curb the quantity of certain goods exported to the U.S., according to advisers to the Chinese government." Tokyo's adoption of so-called voluntary export restraints, or VERs, to limit its auto shipments to the U.S. in the 1980s helped prevent Washington from imposing higher import duties. A similar move from Beijing, especially in sectors of key concern to Washington, like electric vehicles and batteries, would mitigate criticism from the U.S. and others over China's "economic imbalances": heavily subsidized companies making stuff for slim profits but saturating global markets, to the detriment of other countries' manufacturers...

The Xi leadership has indicated a desire to cut a deal with the Trump administration to head off greater trade attacks... Similar to Japan, the Chinese advisers say, Beijing may also consider negotiating export restraints on EVs and batteries in return for investment opportunities in those sectors in the U.S. In some officials' views, they say, that might be an attractive offer to Trump, who at times has indicated an openness to more Chinese investment in the U.S. even though members of his administration firmly oppose it.

The article notes agreements like this are also hard to enforce, "particularly when Chinese companies export to the U.S. from third countries including Mexico and Vietnam."
China

Five Charged In European Parliament Huawei Bribery Probe (yahoo.com) 34

An anonymous reader quotes a report from Reuters: The Belgian prosecutor's office said on Tuesday that it has charged five people in connection with a bribery investigation in the European Parliament allegedly linked to China's Huawei. The five were detained last week. Four have now been arrested and charged with active corruption and involvement in a criminal organization, while a fifth faces money laundering charges and has been released conditionally. The prosecutor's officer did not disclose the names of those involved or give information that could identify them.

It said new searches had taken place on Monday, this time at European Parliament offices. Huawei said last week it took the allegations seriously. "Huawei has a zero tolerance policy towards corruption or other wrongdoing, and we are committed to complying with all applicable laws and regulations at all times," it said. The prosecutors have said the alleged corruption took place "very discreetly" since 2021 under the guise of commercial lobbying and involved payments for taking certain political stances or excessive gifts such as food and travel expenses or regular invitations to football matches.

Security

Microsoft Isn't Fixing 8-Year-Old Shortcut Exploit Abused For Spying (theregister.com) 34

Trend Micro uncovered an eight-year-long spying campaign exploiting a Windows vulnerability involving malicious .LNK shortcut files, which attackers padded with whitespace to conceal commands. Despite being reported to Microsoft in 2023, the company considers it a UI issue rather than a security risk and has not prioritized a fix. The Register reports: The attack method is low-tech but effective, relying on malicious .LNK shortcut files rigged with commands to download malware. While appearing to point to legitimate files or executables, these shortcuts quietly include extra instructions to fetch or unpack and attempt to run malicious payloads. Ordinarily, the shortcut's target and command-line arguments would be clearly visible in Windows, making suspicious commands easy to spot. But Trend's Zero Day Initiative said it observed North Korea-backed crews padding out the command-line arguments with megabytes of whitespace, burying the actual commands deep out of sight in the user interface.

Trend reported this to Microsoft in September last year and estimates that it has been used since 2017. It said it had found nearly 1,000 tampered .LNK files in circulation but estimates the actual number of attacks could have been higher. "This is one of many bugs that the attackers are using, but this is one that is not patched and that's why we reported it as a zero day," Dustin Childs, head of threat awareness at the Zero Day Initiative, told The Register. "We told Microsoft but they consider it a UI issue, not a security issue. So it doesn't meet their bar for servicing as a security update, but it might be fixed in a later OS version, or something along those lines."

After poring over malicious .LNK samples, the security shop said it found the vast majority of these files were from state-sponsored attackers (around 70 percent), used for espionage or information theft, with another 20 percent going after financial gain. Among the state-sponsored crews, 46 percent of attacks came from North Korea, while Russia, Iran, and China each accounted for around 18 percent of the activity.

Power

BYD Unveils New Super-Charging EV Tech With Peak Speeds of 1,000 kW (yahoo.com) 275

fahrbot-bot shares a report from Reuters: BYD on Monday unveiled a new platform for electric vehicles (EVs) that it said could charge EVs as quickly as it takes to pump gas and announced for the first time that it would build a charging network across China. The so-called "super e-platform" will be capable of peak charging speeds of 1,000 kilowatts (kW), enabling cars that use it to travel 400 km (249 miles) on a 5-minute charge, founder Wang Chuanfu said at an event livestreamed from the company's Shenzhen headquarters.

Charging speeds of 1,000 kW would be twice as fast as Tesla's superchargers whose latest version offers up to 500 kw charging speeds. The new charging architecture will be initially available in two new EVs -- Han L sedan and Tang L SUV priced from 270,000 yuan ($37,328.91) and BYD said it would build over 4,000 ultra-fast charging piles, or units, across China to match the new platform.
"In order to completely solve our user's charging anxiety, we have been pursuing a goal to make the charging time of electric vehicles as short as the refuelling time of petrol vehicles," Wang said.

"This is the first time in the industry that the unit of megawatt (charge) has been achieved on charging power," he said.
Intel

Intel's Stock Jumps 18.8% - But What's In Its Future? (msn.com) 47

Intel's stock jumped nearly 19% this week. "However, in the past year through Wednesday's close, Intel stock had fallen 53%," notes Investor's Business Daily: The appointment of Lip-Bu Tan as CEO is a "good start" but Intel has significant challenges, Morgan Stanley analyst Joseph Moore said in a client note. Those challenges include delays in its server chip product line, a very competitive PC chip market, lack of a compelling AI chip offering, and over $10 billion in losses in its foundry business over the past 12 months. There is "no quick fix" for those issues, he said.
"There are things you can do," a Columbia business school associate professor tells the Wall Street Journal in a video interview, "but it's going to be incremental, and it's going to be extremely risky... They will try to be competitive in the foundry manufacturing space," but "It takes very aggressive investments."

Meanwhile, TSMC is exploring a joint venture where they'd operate Intel's factories, even pitching the idea to AMD, Nvidia, Broadcam, and Qualcomm, according to Reuters. (They add that Intel "reported a 2024 net loss of $18.8 billion, its first since 1986," and talked to multiple sources "familiar with" talks about Intel's future). Multiple companies have expressed interest in buying parts of Intel, but two of the four sources said the U.S. company has rejected discussions about selling its chip design house separately from the foundry division. Qualcomm has exited earlier discussions to buy all or part of Intel, according to those people and a separate source. Intel board members have backed a deal and held negotiations with TSMC, while some executives are firmly opposed, according to two sources.
"They say Lip-Bu Tan is the best hope to fix Intel — if Intel can be fixed at all," writes the Wall Street Journal: He brings two decades of semiconductor industry experience, relationships across the sector, a startup mindset and an obsession with AI...and basketball. He also comes with tricky China business relationships, underscoring Silicon Valley's inability to sever itself from one of America's top adversaries... [Intel's] stock has lost two-thirds of its value in four short years as Intel sat out the AI boom...

Manufacturing chips is an enormous expense that Intel can't currently sustain, say industry leaders and analysts. Former board members have called for a split-up. But a deal to sell all or part of Intel to competitors seems to be off the table for the immediate future, according to bankers. A variety of early-stage discussions with Broadcom, Qualcomm, GlobalFoundries and TSMC in recent months have failed to go anywhere, and so far seem unlikely to progress. The company has already hinted at a more likely outcome: bringing in outside financial backers, including customers who want a stake in the manufacturing business...

Tan has likely no more than a year to turn the company around, said people close to the company. His decades of investing in startups and running companies — he founded a multinational venture firm and was CEO of chip design company Cadence Design Systems for 13 years — provide indications of how Tan will tackle this task in the early days: by cutting expenses, moving quickly and trying to turn Intel back into an engineering-first company. "In areas where we are behind the competition, we need to take calculated risks to disrupt and leapfrog," Tan said in a note to Intel employees on Wednesday. "And in areas where our progress has been slower than expected, we need to find new ways to pick up the pace...."

Many take this culture reset to also mean significant cuts at Intel, which already shed about 15,000 jobs last year. "He is brave enough to adjust the workforce to the size needed for the business today," said Reed Hundt, a former Intel board member who has known Tan since the 1990s.

China

Is Oracle Closer to Running TikTok? (politico.com) 34

America's Vice President "expressed confidence Friday that a deal to sell TikTok and keep the social media app running in the U.S. would largely be in place by an April deadline," reports NBC News. (Specifically the Vice President said "There will almost certainly be a high-level agreement that I think satisfies our national security concerns, allows there to be a distinct American TikTok enterprise.")

The article adds that TikTok owner ByteDance "has not publicly confirmed negotiations with any potential U.S. buyer, nor has it confirmed its willingness to sell TikTok to a U.S. bidder." But ByteDance "favors" a deal with Oracle, according to an X.com post on Thursday from tech-publication The Information.

And today Politico adds that Oracle "is accelerating talks with the White House on a deal to run TikTok, though significant concerns remain about what role the app's Chinese founders will play in its ongoing U.S. operation, according to three people familiar with the discussions." [Oracle's discussions are happening] amid ongoing warnings from congressional Republicans and other China hawks that any new ownership deal — if it keeps TikTok's underlying technology in Chinese hands — could be only a surface-level fix to the security concerns that led to last year's sweeping bipartisan ban of the app. Key lawmakers, including concerned Republicans, are bringing in Oracle this week to discuss the possible deal and rising national security concerns, according to four people familiar with the meetings. One of the three people familiar with the discussions with Oracle said the deal would essentially require the U.S. government to depend on Oracle to oversee the data of American users and ensure the Chinese government doesn't have a backdoor to it — a promise the person warned would be impossible to keep.

"If the Oracle deal moves forward, you still have this [algorithm] controlled by the Chinese...."

The data security company HaystackID, which serves as independent security inspectors for TikTok U.S., said in February that it has found no indications of internal or external malicious activity — nor has it identified any protected U.S. user data that has been shared with China.

Open Source

Startup Claims Its Upcoming (RISC-V ISA) Zeus GPU is 10X Faster Than Nvidia's RTX 5090 (tomshardware.com) 69

"The number of discrete GPU developers from the U.S. and Western Europe shrank to three companies in 2025," notes Tom's Hardware, "from around 10 in 2000." (Nvidia, AMD, and Intel...) No company in the recent years — at least outside of China — was bold enough to engage into competition against these three contenders, so the very emergence of Bolt Graphics seems like a breakthrough. However, the major focuses of Bolt's Zeus are high-quality rendering for movie and scientific industries as well as high-performance supercomputer simulations. If Zeus delivers on its promises, it could establish itself as a serious alternative for scientific computing, path tracing, and offline rendering. But without strong software support, it risks struggling against dominant market leaders.
This week the Sunnyvale, California-based startup introduced its Zeus GPU platform designed for gaming, rendering, and supercomputer simulations, according to the article. "The company says that its Zeus GPU not only supports features like upgradeable memory and built-in Ethernet interfaces, but it can also beat Nvidia's GeForce RTX 5090 by around 10 times in path tracing workloads, according to slide published by technology news site ServeTheHome." There is one catch: Zeus can only beat the RTX 5090 GPU in path tracing and FP64 compute workloads. It's not clear how well it will handle traditional rendering techniques, as that was less of a focus. In speaking with Bolt Graphics, the card does support rasterization, but there was less emphasis on that aspect of the GPU, and it may struggle to compete with the best graphics cards when it comes to gaming. And when it comes to data center options like Nvidia's Blackwell B200, it's an entirely different matter.

Unlike GPUs from AMD, Intel, and Nvidia that rely on proprietary instruction set architectures, Bolt's Zeus relies on the open-source RISC-V ISA, according to the published slides. The Zeus core relies on an open-source out-of-order general-purpose RVA23 scalar core mated with FP64 ALUs and the RVV 1.0 (RISC-V Vector Extension Version 1.0) that can handle 8-bit, 16-bit, 32-bit, and 64-bit data types as well as Bolt's additional proprietary extensions designed for acceleration of scientific workloads... Like many processors these days, Zeus relies on a multi-chiplet design... Unlike high-end GPUs that prioritize bandwidth, Bolt is evidently focusing on greater memory size to handle larger datasets for rendering and simulations. Also, built-in 400GbE and 800GbE ports to enable faster data transfer across networked GPUs indicates the data center focus of Zeus.

High-quality rendering, real-time path tracing, and compute are key focus areas for Zeus. As a result, even the entry-level Zeus 1c26-32 offers significantly higher FP64 compute performance than Nvidia's GeForce RTX 5090 — up to 5 TFLOPS vs. 1.6 TFLOPS — and considerably higher path tracing performance: 77 Gigarays vs. 32 Gigarays. Zeus also features a larger on-chip cache than Nvidia's flagship — up to 128MB vs. 96MB — and lower power consumption of 120W vs. 575W, making it more efficient for simulations, path tracing, and offline rendering. However, the RTX 5090 dominates in AI workloads with its 105 FP16 TFLOPS and 1,637 INT8 TFLOPS compared to the 10 FP16 TFLOPS and 614 INT8 TFLOPS offered by a single-chiplet Zeus...

The article emphasizes that Zeus "is only running in simulation right now... Bolt Graphics says that the first developer kits will be available in late 2025, with full production set for late 2026."

Thanks to long-time Slashdot reader arvn for sharing the news.
AI

China Announces Generative AI Labeling To Cull Disinformation (bloomberg.com) 20

China has introduced regulations requiring service providers to label AI-generated content, joining similar efforts by the European Union and United States to combat disinformation. The Cyberspace Administration of China and three other agencies announced Friday that AI-generated material must be labeled explicitly or via metadata, with implementation beginning September 1.

"The Labeling Law will help users identify disinformation and hold service suppliers responsible for labeling their content," the CAC said. App store operators must verify whether applications provide AI-generated content and review their labeling mechanisms. Platforms can still offer unlabeled AI content if they comply with relevant regulations and respond to user demand.
China

OpenAI Warns Limiting AI Access To Copyrighted Content Could Give China Advantage 74

OpenAI has warned the U.S. government that restricting AI models from learning from copyrighted material would threaten America's technological leadership against China, according to a proposal submitted [PDF] to the Office of Science and Technology Policy for the AI Action Plan.

In its March 13 document, OpenAI argues its AI training aligns with fair use doctrine, saying its models don't replicate works but extract "patterns, linguistic structures, and contextual insights" without harming commercial value of original content. "If the PRC's developers have unfettered access to data and American companies are left without fair use access, the race for AI is effectively over. America loses, as does the success of democratic AI," OpenAI stated.

The Microsoft-backed startup criticized European and UK approaches that allow copyright holders to opt out of AI training, claiming these restrictions hinder innovation, particularly for smaller companies with limited resources. The proposal comes as China-based DeepSeek recently released an AI model with capabilities comparable to American systems despite development at a fraction of the cost.
News

German Spy Agency Concluded COVID Virus Likely Leaked From Lab (reuters.com) 227

An anonymous reader shares a report: Germany's foreign intelligence service in 2020 put at 80%-90% the likelihood that the coronavirus behind the COVID-19 pandemic was accidentally released from China's Wuhan Institute of Virology, two German newspapers reported on Wednesday.

According to a joint report by publications Die Zeit and Sueddeutscher Zeitung, Germany's spying agency BND had indications that the institute had conducted gain-of-function experiments, whereby viruses are modified to become more transmissible to humans for research purposes.

It also had indications that numerous violations of safety regulations had occurred at the lab, the papers said. The spy agency assessment's was based on an unspecified intelligence operation code-named "Saaremaa" as well as on publicly-available data. It had been commissioned by the office of Germany's chancellor at the time, Angela Merkel, but never published, the report said.

AI

Anthropic CEO Says Spies Are After $100 Million AI Secrets In a 'Few Lines of Code' (techcrunch.com) 47

An anonymous reader quotes a report from TechCrunch: Anthropic's CEO Dario Amodei is worried that spies, likely from China, are getting their hands on costly "algorithmic secrets" from the U.S.'s top AI companies -- and he wants the U.S. government to step in. Speaking at a Council on Foreign Relations event on Monday, Amodei said that China is known for its "large-scale industrial espionage" and that AI companies like Anthropic are almost certainly being targeted. "Many of these algorithmic secrets, there are $100 million secrets that are a few lines of code," he said. "And, you know, I'm sure that there are folks trying to steal them, and they may be succeeding."

More help from the U.S. government to defend against this risk is "very important," Amodei added, without specifying exactly what kind of help would be required. Anthropic declined to comment to TechCrunch on the remarks specifically but referred to Anthropic's recommendations to the White House's Office of Science and Technology Policy (OSTP) earlier this month. In the submission, Anthropic argues that the federal government should partner with AI industry leaders to beef up security at frontier AI labs, including by working with U.S. intelligence agencies and their allies.

Transportation

Rules for Portable Batteries on Planes Are Changing. (nytimes.com) 55

Several Asian airlines have tightened restrictions on portable battery chargers amid growing concerns about fire risks, following a January blaze that destroyed an Air Busan aircraft in South Korea. South Korean airlines now require passengers to keep portable chargers within arm's reach rather than in overhead bins, a rule implemented March 1 to ease public anxiety, according to the Transportation Ministry. Taiwan's EVA Air and China Airlines have banned using or charging power banks on flights but still allow them in overhead compartments.

Thai Airways announced a similar ban last Friday, citing "incidents of in-flight fires on international airlines." Battery-related incidents on U.S. airlines have increased from 32 in 2016 to 84 last year, with portable chargers identified as the most common culprit, according to Federal Aviation Administration data. The International Civil Aviation Organization has banned lithium-ion batteries from cargo holds since 2016, though no industry standard exists for regulating power banks.
Iphone

Morgan Stanley Cuts iPhone Shipment Forecast on Siri Upgrade Delay, China Tariffs 9

Morgan Stanley has reduced its iPhone shipment forecasts after Apple confirmed the delay of a more advanced Siri personal assistant, dampening prospects for accelerating phone upgrades. The investment bank now predicts 230 million iPhone shipments in 2025 (flat year-over-year) and 243 million in 2026 (up 6%), down from previous estimates.

An upgraded Siri was the most sought-after Apple Intelligence feature among prospective buyers, according to the bank's survey data. "Access to Advanced AI Features" appeared as a top-five driver of smartphone upgrades for the first time, with about 50% of iPhone owners who didn't upgrade to iPhone 16 citing the delayed Apple Intelligence rollout as affecting their decision. The firm also incorporated headwinds from China tariffs in its assessment, noting Apple is unlikely to fully offset these costs without broader exemptions.
Security

Thousands of TP-Link Routers Have Been Infected By a Botnet To Spread Malware (tomsguide.com) 43

The Ballista botnet is actively exploiting a high-severity remote code execution flaw (CVE-2023-1389) in TP-Link Archer AX-21 routers, infecting over 6,000 devices primarily in Brazil, Poland, the UK, Bulgaria, and Turkey. Tom's Hardware reports: According to a new report from the Cato CTRL team, the Ballista botnet exploits a remote code execution vulnerability that directly impacts the TP-Link Archer AX-21 router. The botnet can lead to command injection which then makes remote code execution (RCE) possible so that the malware can spread itself across the internet automatically. This high severity security flaw (tracked as CVE-2023-1389) has also been used to spread other malware families as far back as April 2023 when it was used in the Mirai botnet malware attacks. The flaw also linked to the Condi and AndroxGh0st malware attacks.

Ballista's most recent exploitation attempt was February 17, 2025 and Cato CTRL first detected it on January 10, 2025. Of the thousands of infected devices, the majority of them are concentrated in Brazil, Poland, the United Kingdom, Bulgaria and Turkey; with the botnet targeting manufacturing, medical/healthcare, services and technology organizations in the United States, Australia, China and Mexico.

Facebook

Facebook Was 'Hand In Glove' With China (bbc.com) 24

An anonymous reader quotes a report from the BBC: A former senior Facebook executive has told the BBC how the social media giant worked "hand in glove" with the Chinese government on potential ways of allowing Beijing to censor and control content in China. Sarah Wynn-Williams -- a former global public policy director -- says in return for gaining access to the Chinese market of hundreds of millions of users, Facebook's founder, Mark Zuckerberg, considered agreeing to hiding posts that were going viral, until they could be checked by the Chinese authorities.

Ms Williams -- who makes the claims in a new book -- has also filed a whistleblower complaint with the US markets regulator, the Securities and Exchange Commission (SEC), alleging Meta misled investors. The BBC has reviewed the complaint. Facebook's parent company Meta, says Ms Wynn-Williams had her employment terminated in 2017 "for poor performance." It is "no secret we were once interested" in operating services in China, it adds. "We ultimately opted not to go through with the ideas we'd explored." Meta referred us to Mark Zuckerberg's comments from 2019, when he said: "We could never come to agreement on what it would take for us to operate there, and they [China] never let us in."

Facebook also used algorithms to spot when young teenagers were feeling vulnerable as part of research aimed at advertisers, Ms Wynn-Williams alleges. A former New Zealand diplomat, she joined Facebook in 2011, and says she watched the company grow from "a front row seat." Now she wants to show some of the "decision-making and moral compromises" that she says went on when she was there. It is a critical moment, she adds, as "many of the people I worked with... are going to be central" to the introduction of AI. In her memoir, Careless People, Ms Wynn-Williams paints a picture of what she alleges working on Facebook's senior team was like.

Crime

Thousands of Freed Scam Center Workers Now Trapped in Overcrowded Detention Centers (apnews.com) 85

August, 2023: Thousands of Crypto Scammers are Enslaved by Human-Trafficking Gangsters, Says Bloomberg Reporter. ("They'd lure young people from across Southeast Asia...with the promise of well-paying jobs in customer service or online gambling.")

February, 2025: A coordinated response begins by Thai, Chinese and Myanmar authorities, which includes cutting power, internet, and fuel supplies to the scam centers.

Today: The Associated Press reports that thousands of the people liberated from locked compounds in Myanmar now "have found themselves trapped once again, this time in overcrowded facilities with no medical care, limited food and no idea when they'll be sent home." Thousands of sick, exhausted and terrified young men and women, from countries all over the world squat in rows, packed shoulder to shoulder, surgical masks covering their mouths and eyes. Their nightmare was supposed to be over... The armed groups who are holding the survivors, as well as Thai officials across the border, say they are awaiting action from the detainees' home governments. It's one of the largest potential rescues of forced laborers in modern history, but advocates say the first major effort to crack down on the cyber scam industry has turned into a growing humanitarian crisis...

An unconfirmed list provided by authorities in Myanmar says they're holding citizens from 29 countries including Philippines, Kenya and the Czech Republic. Authorities in Thailand say they cannot allow foreigners to cross the border from Myanmar unless they can be sent home immediately, leaving many to wait for help from embassies that has been long in coming. China sent a chartered flight Thursday to the tiny Mae Sot airport to pick up a group of its citizens, but few other governments have matched that. There are roughly 130 Ethiopians waiting in a Thai military base, stuck for want of a $600 plane ticket. Dozens of Indonesians were bused out one morning last week, pushing suitcases and carrying plastic bags with their meager possessions as they headed to Bangkok for a flight home... The recent abrupt halt to U.S. foreign aid funding has made it even harder to get help to released scam center workers...

It's not clear how much of an effect these releases will have on the criminal groups that run the scam centers. February marked the third time the Thais have cut internet or electricity to towns across the river. Each time, the compounds have managed to work around the cuts. Large compounds have access to diesel-powered generators, as well as access to internet provider Starlink, experts working with law enforcement say.

The article also points out that "The people released are just a small fraction of what could be 300,000 people working in similar scam operations across the region, according to an estimate from the United States Institute of Peace. Human rights groups and analysts add that the networks that run these illegal scams will continue to operate unless much broader action is taken against them..."

"The United Nations Office on Drugs and Crimes estimates that between $18 billion and $37 billion was lost in Asia alone in 2023, with minimal government action against the criminal industry's spread."
Facebook

Zuckerberg's Meta Considered Sharing User Data with China, Whistleblower Alleges (msn.com) 36

The Washington Post reports: Meta was willing to go to extreme lengths to censor content and shut down political dissent in a failed attempt to win the approval of the Chinese Communist Party and bring Facebook to millions of internet users in China, according to a new whistleblower complaint from a former global policy director at the company.

The complaint by Sarah Wynn-Williams, who worked on a team handling China policy, alleges that the social media giant so desperately wanted to enter the lucrative China market that it was willing to allow the ruling party to oversee all social media content appearing in the country and quash dissenting opinions. Meta, then called Facebook, developed a censorship system for China in 2015 and planned to install a "chief editor" who would decide what content to remove and could shut down the entire site during times of "social unrest," according to a copy of the 78-page complaint exclusively seen by The Washington Post.

Meta chief executive Mark Zuckerberg also agreed to crack down on the account of a high-profile Chinese dissident living in the United States following pressure from a high-ranking Chinese official the company hoped would help them enter China, according to the complaint, which was filed in April to the Securities and Exchange Commission [SEC]. When asked about its efforts to enter China, Meta executives repeatedly "stonewalled and provided nonresponsive or misleading information" to investors and American regulators, according to the complaint.

Wynn-Williams bolstered her SEC complaint with internal Meta documents about the company's plans, which were reviewed by The Post. Wynn-Williams, who was fired from her job in 2017, is also scheduled to release a memoir this week documenting her time at the company, titled "Careless People: A Cautionary Tale of Power, Greed, and Lost Idealism." According to a memo in the complaint, Meta leaders faced aggressive pressure by Chinese government officials to host Chinese users' data to local data centers, which Wynn-Williams alleges would have made it easier for the Chinese Communist Party to covertly obtain the personal information of its citizens.

Wynn-Williams told the Washington Post that "for many years Meta has been working hand in glove with the Chinese Communist Party, briefing them on the latest technological developments and lying about it."

Reached for a comment, Meta spokesman Andy Stone told the Washington Post it was "no secret" they'd been interested in operating in China. "This was widely reported beginning a decade ago. We ultimately opted not to go through with the ideas we'd explored, which Mark Zuckerberg announced in 2019." Although the Post shares new details about what a Facebook privacy policy staffer offer China in negotations in 2014. ("In exchange for the ability to establish operations in China, FB will agree to grant the Chinese government access to Chinese users' data — including Hongkongese users' data.")

The Post also describes one iteration of a proposed agreement in 2015. "To aid the effort, Meta built a censorship system specially designed for China to review, including the ability to automatically detect restricted terms and popular content on Facebook, according to the complaint...

"In 2017, Meta covertly launched a handful of social apps under the name of a China-based company created by one of its employees, according to the complaint."
China

Undocumented 'Backdoor' Found In Chinese Bluetooth Chip Used By a Billion Devices (bleepingcomputer.com) 129

"The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains an undocumented 'backdoor' that could be leveraged for attacks," writes BleepingComputer.

"The undocumented commands allow spoofing of trusted devices, unauthorized data access, pivoting to other devices on the network, and potentially establishing long-term persistence." This was discovered by Spanish researchers Miguel Tarascó Acuña and Antonio Vázquez Blanco of Tarlogic Security, who presented their findings yesterday at RootedCON in Madrid. "Tarlogic Security has detected a backdoor in the ESP32, a microcontroller that enables WiFi and Bluetooth connection and is present in millions of mass-market IoT devices," reads a Tarlogic announcement shared with BleepingComputer. "Exploitation of this backdoor would allow hostile actors to conduct impersonation attacks and permanently infect sensitive devices such as mobile phones, computers, smart locks or medical equipment by bypassing code audit controls...."

Tarlogic developed a new C-based USB Bluetooth driver that is hardware-independent and cross-platform, allowing direct access to the hardware without relying on OS-specific APIs. Armed with this new tool, which enables raw access to Bluetooth traffic, Targolic discovered hidden vendor-specific commands (Opcode 0x3F) in the ESP32 Bluetooth firmware that allow low-level control over Bluetooth functions. In total, they found 29 undocumented commands, collectively characterized as a "backdoor," that could be used for memory manipulation (read/write RAM and Flash), MAC address spoofing (device impersonation), and LMP/LLCP packet injection.

Espressif has not publicly documented these commands, so either they weren't meant to be accessible, or they were left in by mistake.

Thanks to Slashdot reader ZipNada for sharing the news.
AI

US Likely To Ban Chinese App DeepSeek From Government Devices (msn.com) 14

The White House is weighing measures to restrict Chinese artificial-intelligence upstart DeepSeek, including banning its chatbot from government devices because of national-security concerns, WSJ reported Friday, citing people familiar with the matter. From the report: U.S. officials are worried about DeepSeek's handling of user data, which the Chinese company says it stores in servers located in China, the people said. Officials also believe DeepSeek hasn't sufficiently explained how it uses the data it collects and who has access to the data, they said.

The Trump administration is likely to adopt a rule that would bar people from downloading DeepSeek's chatbot app onto U.S. government devices, the people said. Officials are also considering two other possible moves: banning the DeepSeek app from U.S. app stores and putting limits on how U.S.-based cloud service providers could offer DeepSeek's AI models to their customers, people close to the matter said. They cautioned that discussions about these two moves were still at an early stage.

Slashdot Top Deals