An anonymous reader quotes a report from Ars Technica: Over a year and a half after tentatively winning $886 million in broadband funding from the government's Rural Digital Opportunity Fund (RDOF), SpaceX is still trying to get paid by the Federal Communications Commission. One problem for Starlink -- though not the only problem -- is a series of objections from satellite company Viasat, which says Starlink lacks the capacity and speed to meet FCC obligations. In a new FCC filing, SpaceX denounced Viasat's "misguided campaign" against the Starlink funding. "Viasat is transparently attempting to have the Commission impede competition at all costs to protect its legacy technology," SpaceX told the FCC. The new SpaceX filing was submitted on Friday and posted to the FCC's website Monday, as pointed out by Light Reading.

Viasat submitted an analysis (PDF) to the FCC in April 2021 claiming that Starlink won't be able to meet the speed obligations attached to the RDOF funding due to capacity limitations. SpaceX bid in the "Above Baseline" tier that requires at least 100Mbps download speeds and 20Mbps upload speeds, and committed to latency of 100 ms or less. Viasat, which primarily uses geostationary satellites with worse latency than Starlink's low Earth satellites, didn't bid in the auction. Viasat's most recent filing last month said, "Starlink still does not support the 100/20Mbps speeds that SpaceX is obligated to provide to all households covered by its provisionally winning RDOF bids" and that "Starlink is unable to do so because of its own system design limitations that cannot be overcome by launching more satellites." Viasat cited Ookla speed tests in its July 2022 filing [...].

In its July 29 response, SpaceX said the "filing adds to Viasat's ongoing campaign to oppose every one of SpaceX's applications, regardless of the proceeding... Viasat is perhaps reinvigorated by recent Ookla data showing Starlink has been able to provide high-speed, low-latency broadband service vastly exceeding Viasat's performance." SpaceX also previously denounced Viasat's objections in FCC filings in July 2021 (PDF) and December 2021 (PDF). The old and new SpaceX filings said the company is cooperating with FCC staff on the Starlink funding review. "Viasat continues to ignore that the Commission specifically directed the Commission staff -- not competitors -- to review the merits of RDOF applications," SpaceX's new filing said. "Starlink has welcomed that staff review and has fully engaged within that Commission-mandated process to demonstrate its ability to meet all of its RDOF obligations and provide high-quality broadband service to consumers that for too long have gone unserved."

An anonymous reader quotes a report from The Register: The head of WhatsApp will not compromise the security of its messenger service to bend to the UK government's efforts to scan private conversations. Will Cathcart, who has been at parent company Meta for more than 12 years and head of WhatsApp since 2019, told the BBC that the popular communications service wouldn't downgrade or bypass its end-to-end encryption (EE2E) just for British snoops, saying it would be "foolish" to do so and that WhatsApp needs to offer a consistent set of standards around the globe. "If we had to lower security for the world, to accommodate the requirement in one country, that ... would be very foolish for us to accept, making our product less desirable to 98 percent of our users because of the requirements from 2 percent," Cathcart told the broadcaster. "What's being proposed is that we -- either directly or indirectly through software -- read everyone's messages. I don't think people want that."

Strong EE2E ensures that only the intended sender and receiver of a message can read it, and not even the provider of the communications channel nor anyone eavesdropping on the encrypted chatter. The UK government is proposing that app builders add an automated AI-powered scanner in the pipeline -- ideally in the client app -- to detect and report illegal content, in this case child sex abuse material (CSAM).

The upside is that at least messages are encrypted as usual when transmitted: the software on your phone, say, studies the material, and continues on as normal if the data is deemed CSAM-free. One downside is that any false positives mean people's private communications get flagged up and potentially analyzed by law enforcement or a government agent. Another downside is that the definition of what is filtered may gradually change over time, and before you know it: everyone's conversations are being automatically screened for things politicians have decided are verboten. And another downside is that client-side AI models that don't produce a lot of false positives are likely to be easily defeated, and are mainly good for catching well-known, unaltered CSAM examples.

Bolt Mobility, the Miami-based micromobility startup co-founded by Olympic gold medalist Usain Bolt, appears to have vanished without a trace from several of its U.S. markets. From a report: In some cases, the departure has been abrupt, leaving cities with abandoned equipment, unanswered calls and emails and lots of questions. Bolt has stopped operating in at least five U.S. cities, including Portland, Oregon, Burlington, South Burlington and Winooski in Vermont and Richmond, California, according to city officials. City representatives also said they were unable to reach anyone at Bolt, including its CEO Ignacio Tzoumas. TechCrunch has made multiple attempts to reach Bolt and those who have backed the company. Emails to Bolt's communications department, several employees and investors went unanswered. Even the customer service line doesn't appear to be staffed. The PR agency that was representing Bolt in March of this year told TechCrunch it is no longer working with the company. Bolt halted its service in Portland on July 1. The company's failure to provide the city with updated insurance and pay some outstanding fees, Portland subsequently suspended Bolt's permit to operate there, according to a city spokesperson.

Nokia Oyj will provide equipment to connect AST SpaceMobile Inc. satellites to the global telecommunications network, creating a crucial link in a planned space-based broadband network designed to work with standard mobile phones, the companies said in a statement Thursday. Bloomberg reports: In addition to AirScale base stations, Espoo, Finland-based Nokia will provide its NetAct network management systems and technical support, the companies said. Terms of the five-year deal with Austin, Texas-based AST SpaceMobile weren't disclosed. AST's BlueWalker 3 test satellite, an array of antennas that measures 693 square feet (64 square meters), is planned for launch in early to mid-September. Eventually the network will consist of 168 satellites, the company told investors in a March 31 filing.

With BlueWalker 3 aloft, AST plans to conduct testing on five continents in coordination with mobile network operators such as Vodafone Group Plc, Rakuten Mobile and Orange SA. AST and Nokia said the network is intended to offer connections to people and places without digital services. "Connectivity should be considered an essential service like water, electricity or gas," said Tommi Uitto, Nokia's president of mobile services. "Everyone should be able to have access to universal broadband services that will ensure that no one is left behind." Unlike the offerings from Elon Musk's SpaceX or OneWeb and Eutelsat, which recently announced plans to merge in the hopes of becoming a stronger competitor, is that SpaceMobile's service is designed to connect to "standard, unmodified cellular phones without the requirement of special software, ground terminals or hardware," says the company in its annual filing.

Democrats on Capitol Hill plan to introduce legislation that could restore net neutrality and the Federal Communications Commission's authority to regulate broadband. From a report: With President Joe Biden's pick to be the fifth commissioner at the FCC stalled, two Senate Democrats will introduce the Net Neutrality and Broadband Justice Act that would codify Obama-era net neutrality rules repealed under President Donald Trump's administration. The renewed effort to pass a federal net neutrality law is being led by Sens. Edward J. Markey from Massachusetts and Ron Wyden from Oregon, according to a press release sent by Markey's office Thursday.

The legislation would reestablish the FCC's authority over broadband infrastructure by reclassifying internet service as a telecommunications service, the press release states. This would mean stricter oversight for broadband companies like AT&T, Comcast and Verizon, The Washington Post reports. Rep. Doris Matsui, a Democrat from California, will introduce companion legislation in the House, George Hatamiya, a spokesman for Matsui, confirmed last week. "I strongly believe that net neutrality principles should form the foundation of an open internet," Matsui said in an emailed statement to CNET. "These protections will help defend free expression and innovation -- protecting consumers and securing a more equitable online ecosystem."

Comcast fell the most in two years after its prized internet business added no new customers last quarter, its worst performance in decades, due to a housing slowdown and heavy competition. From a report: The largest US cable TV provider had added broadband customers in every quarter since at least 2005, according to data compiled by Bloomberg. Analysts were looking for around 83,000 new subscribers in the second quarter, and none of them predicted the gain would be in fact, zero. The shares slid as much as 9.9% on Thursday, their biggest intraday decline since March 2020. Rival Charter Communications, which reports earnings on Friday, dropped as much as 7.5%. "We expect the stock to face pressure absent forward-looking comments that suggest an improvement in broadband trends," New Street Research analyst Jonathan Chaplin wrote of Comcast. As home buying slows and competition among fiber and wireless broadband providers intensifies, the prospects of Comcast and its cable peers returning to prepandemic internet growth has become more challenging.

Charter Communications must pay out $7 billion in damages after one of its Spectrum cable technicians robbed and killed an elderly woman, a jury decided Tuesday. The Register reports: Betty Thomas, 83, was stabbed to death by Roy Holden Jr in December 2019. He had dropped by her home in Irving, Texas, on a service call after she reported a problem with her internet-TV bundle, and returned the next day in his company uniform and van, inviting himself in and killing her using his Spectrum-issued gloves and utility knife. She was found dead by her family on her living room floor after she didn't show up to a Christmas and birthday party that night. Holden pleaded guilty to murder last year and was sentenced to life behind in bars.

Thomas' family sued Charter [PDF] in 2020 for negligence. It was alleged in testimony that Holden had complained to his bosses that he was penniless and desperate after a divorce. It was further alleged that he had stolen credit cards and checks from elderly Spectrum subscribers, and that the corporation turned a blind eye to a pattern of theft by its installers and technicians. During that civil trial it was also claimed Thomas' family was charged $58 for Holden's service call, and continued to be billed after their grandmother's brutal slaying to the point where her account was sent to collections.

The court heard how Holden was not working the day he killed Thomas, and went out to her home anyway to rob her. He was able to use his company keycard to access a Charter vehicle lot and drive off in one of its service vans even though he was off-duty. According to the family's legal team, while Holden was seemingly making repairs, he tried to steal one or more of her bank cards from her purse, and murdered her when he was caught in the act. He later went on a spending spree with her funds, it was claimed. "This was a shocking breach of faith by a company that sends workers inside millions of homes every year," said the one of family's trial lawyers Chris Hamilton, of Dallas-based Hamilton Wingo, in a statement.

According to the law firm, Holden lied about his employment history -- such as not revealing he had been previously fired -- which wasn't checked by Charter when it hired him and would have been one of many red flags against him. During the civil trial, the court heard how Holden would break down crying at work, at one point was convinced he was a former Dallas Cowboys football player, suffered from insomnia, and was probably sleeping overnight in his Spectrum van. It was further claimed the cable giant tried to force the lawsuit into closed-door arbitration where the results would have been secret and damages limited.

What if we glimpsed alien life for the first time by peering through a natural telescope made by the Sun's gravity? This wild idea, known as a solar gravitational lens (SGL) mission, may sound like an Einsteinian fever dream, but scientists have now found that it is "feasible with technologies that are either extant or in active development," according to a new study. Motherboard reports: Researchers led by Henry Helvajian, senior scientist in the Physical Sciences Laboratories at the nonprofit research center The Aerospace Corporation, have now shared the initial results of this ongoing NIAC study on the preprint server arxiv, which have not been peer-reviewed. Though the team cautioned that the mission would need to overcome several technical challenges, it could ultimately answer one of humanity's most fundamental questions: Are we alone in the universe?

"The SGL offers capabilities that are unmatched by any planned or conceivable optical instrument," according to the study, which was co-authored by Slava Turyshev, a scientist at NASA's Jet Propulsion Laboratory and principal investigator of the NIAC mission concept. "With its unique optical properties, the SGL can be used to obtain detailed, high resolution images of Earth-like exoplanets as far as 100 light years from Earth, with measurement durations lasting months, or at most a few years." "Of particular interest is the possibility of using the SGL to obtain images of high spatial and spectral resolution of a yet-to-be-identified, potentially life-bearing exoplanet in another solar system in our Galactic neighborhood," the researchers added. "The direct high-resolution images of an exoplanet obtained with the SGL could lead to insight on the on-going biological processes on the target exoplanet and find signs of habitability."

The focal point of the Sun's gravitational lens is located all the way out in interstellar space, some 550 and 900 times the distance that Earth orbits our star, which is much farther than any spacecraft has ventured beyond our planet. Helvajian and his colleagues envision their mission as consisting of a one-meter telescope that is accompanied by a sunshade and propelled by solar sails that produce thrust by capturing solar radiation, in a somewhat analogous fashion to wind-propelled sails. Even if they were able to overcome the technical hurdles involved with this concept -- which include the development of more reliable solar sails and long-duration navigation and communications systems -- the team estimated that it would take at least 25 to 30 years for a spacecraft to reach this far-flung location, in the best case scenario. That said, if a telescope were able to spot alien life, arguably the biggest breakthrough in science, it would be well worth the long wait.

As reported by CNET, Google will allow law enforcement to access data from its Nest products -- or theoretically any other data you store with Google -- without a warrant. PetaPixel reports: "If we reasonably believe that we can prevent someone from dying or from suffering serious physical harm, we may provide information to a government agency -- for example, in the case of bomb threats, school shootings, kidnappings, suicide prevention, and missing person cases," reads Google's TOS page on government requests for user information. "We still consider these requests in light of applicable laws and our policies."

An unnamed Nest spokesperson did tell CNET that the company tries to give its users notice when it provides their data under these circumstances. Google "reserves the right" to make emergency disclosures to law enforcement even when there is no legal requirement to do so. "A provider like Google may disclose information to law enforcement without a subpoena or a warrant 'if the provider, in good faith, believes that an emergency involving danger of death or serious physical injury to any person requires disclosure without delay of communications relating to the emergency,'" a Nest spokesperson tells CNET.

While Amazon and Google have both said they would hand over a user's data to law enforcement without a warrant, Arlo, Apple, Wyze, and Anker, owner of Eufy, all confirmed to CNET that they won't give authorities access to a user's smart home camera's footage unless they're shown a warrant or court order. These companies would be legally bound to provide data to the authorities if they were shown a legal document. But, unlike Google and Amazon, they will not otherwise share camera footage with law enforcement, even if they had an emergency request for data. Apple's default setting for video cameras connected via Homekit is end-to-end encryption which means the company is unable to share user video at all. In an updated statement, a Google spokesperson clarified that they have never sent Nest data to authorities, "but it's important that we reserve the right to do so."

They added: "To reiterate, and as we've specified in our privacy commitments, we will only share video footage and audio recordings with third-party apps and services that work with our devices if you or a member of your home explicitly gives us permission, and we'll only ask for this permission in order to provide a helpful experience from an approved partner (such as a home security service provider)."

Internet satellite operators OneWeb and Eutelsat are planning to merge in the hopes of becoming a stronger rival to SpaceX's Starlink. Engadget reports: The merger, which is subject to approval from regulators and Eutelsat shareholders, is expected to close by mid-2023 and it values OneWeb at $3.4 billion. Shareholders of OneWeb and Eutelsat will each own half of the combined company. Eutelsat has a fleet of 36 geostationary orbit satellites. These will be combined with OneWeb's cluster of low-earth orbit satellites, which can provide internet access from the skies. OneWeb currently has 428 satellites in orbit of a planned 648 in its first-generation network.

OneWeb and Eutelsat expect to have combined revenues of $1.56 billion in the 2022-23 fiscal year. Eutelsat chair Dominique D'Hinnin and CEO Eva Berneke will remain in those positions in the merged entity. OneWeb investor Sunil Bharti Mittal will become co-chairman. [...] After the expected merger, the UK will retain a "special share" in OneWeb as well as exclusive rights over the company. These grant the government a significant say in national security controls over the network and veto rights over certain decisions, such as the location of OneWeb's headquarters.

An anonymous reader quotes a report from the Washington Post: China's latest launch of a huge rocket is, once again, raising alarm that the debris will crash into the Earth's surface in an uncertain location and at great speed. On Sunday afternoon local time, the Long March 5B blasted off from the Wenchang launch site on the southern island province of Hainan, carrying a solar-powered new lab, the Wentian experiment module, to be added to China's Tiangong Space Station. But the size of the heavy-lift rocket -- it stands 53.6 meters (176 feet) tall and weighs 837,500 kilograms (more than 1.8 million pounds) -- and the risky design of its launch process have led experts to fear that some debris from its core stage could fail to burn up as it reenters Earth's atmosphere.

As with two previous launches, the rocket shed its empty 23-ton first stage in orbit, meaning that it will continue to loop the Earth over coming days as it gradually comes closer to landing. This flight path is difficult to predict because of fluctuations in the atmosphere caused by changes in solar activity. Although experts consider the chances of debris hitting an inhabited area very low, many also believe China is taking an unnecessary risk. After the core stage of the last launch fell into the Indian Ocean, NASA Administrator Bill Nelson said China was "failing to meet responsible standards regarding their space debris," including minimizing risks during reentry and being transparent about operations. China rejects accusations of irresponsibility. In response to concerns about last year's launch, the Chinese Foreign Ministry said the likelihood of damage was "extremely low."

Many scientists agree with China that the odds of debris causing serious damage are tiny. An article published in the journal Nature Astronomy this month put the chance that, under current launch practices, someone would die or be injured from parts of a rocket making an uncontrolled reentry at 1 in 10 over the next decade. But many believe launch designs like the Long March 5B's are an unnecessary risk. "Launch providers have access to technologies and mission designs today that could eliminate the need for most uncontrolled re-entries," the authors wrote. They proposed global safety standards mandating controlled reentry.
UPDATE: It crashed into the Indian Ocean.

As new details about the scope of the sabotage emerge, the perpetrators -- and the reason for their vandalism -- remain unknown. From a report: Buried deep beneath your feet lie the cables that keep the internet online. Crossing cities, countrysides, and seas, the internet backbone carries all the data needed to keep economies running and your Instagram feed scrolling. Unless, of course, someone chops the wires in half. On April 27, an unknown individual or group deliberately cut crucial long-distance internet cables across multiple sites near Paris, plunging thousands of people into a connectivity blackout. The vandalism was one of the most significant internet infrastructure attacks in France's history and highlights the vulnerability of key communications technologies. Now, months after the attacks took place, French internet companies and telecom experts familiar with the incidents say the damage was more wide-ranging than initially reported and extra security measures are needed to prevent future attacks. In total, around 10 internet and infrastructure companies -- from ISPs to cable owners -- were impacted by the attacks, telecom insiders say. The assault against the internet started during the early hours of April 27. "The people knew what they were doing," says Michel Combot, the managing director of the French Telecoms Federation, which is made up of more than a dozen internet companies. In the space of around two hours, cables were surgically cut and damaged in three locations around the French capital city -- to the north, south, and east -- including near Disneyland Paris.

"Those were what we call backbone cables that were mostly connecting network service from Paris to other locations in France, in three directions," Combot says. "That impacted the connectivity in several parts of France." As a result, internet connections dropped out for some people. Others experienced slower connections, including on mobile networks, as internet traffic was rerouted around the severed cables. All three incidents are believed to have happened at roughly the same time and were conducted in similar ways -- distinguishing them from other attacks against telecom towers and internet infrastructure. "The cables are cut in such a way as to cause a lot of damage and therefore take a huge time to repair, also generating a significant media impact," says Nicolas Guillaume, the CEO of telecom firm Nasca Group, which owns business ISP Netalis, one of the providers directly impacted by the attacks. "It is the work of professionals," Guillaume says, adding that his company launched a criminal complaint with Paris law enforcement officials following the incident. Two things stand out: how the cables were severed and how the attacks happened in parallel. Photos posted online by French internet company Free 1337 immediately after the attacks show that a ground-level duct, which houses cables under the surface, was opened and the cables cut. Each cable, which can be around an inch in diameter, appears to have straight cuts across it, suggesting the attackers used a circular saw or other type of power tool. Many of the cables have been cut in two places and appear to have a section missing. If they had been cut in one place they could potentially have been reconnected, but the multiple cuts made them harder to repair.

A worldwide shortage of fibre optic cable has driven up prices and lengthened lead times, endangering companies' ambitious plans to roll out state of the art telecommunications infrastructure. From a report: Europe, India and China are among the regions most affected by the crunch, with prices for fibre rising by up to 70 per cent from record lows in March 2021, from $3.70 to $6.30 per fibre km, according to Cru Group, a market intelligence firm. Although the pandemic prompted some of the biggest tech and telecoms groups to slash their capex, there has been a surge in demand for internet and data services, leading to a shortfall in availability of the crucial but often overlooked material.

Companies such as Amazon, Google, Microsoft and Facebook owner Meta are expanding their data centre empires to meet soaring demand, including laying vast international fibre networks under the ocean. Meanwhile, governments have set ambitious targets for the rollout of superfast broadband and 5G, both of which require vast quantities of fibre optic cable to be laid under the ground. Total cable consumption increased by 8.1 per cent in the first half of the year compared with the same time last year, according to Cru estimates. China accounted for 46 per cent of the total, with North America representing the fastest growing region, at 15 per cent year on year.

There's been "a dramatic escalation of Chinese espionage on US soil over the past decade," sources in the U.S. counterintelligence community have told CNN this weekend.

But some dramatic new examples have been revealed. For example, in 2017 China's government offered to build a $100 million pavilion in Washington D.C. with an ornate 70-foot pagoda. U.S. counterintelligence officials realized its location — two miles from the U.S. Capitol — appeared "strategically placed on one of the highest points in Washington DC...a perfect spot for signals intelligence collection." Also alarming was that Chinese officials wanted to build the pagoda with materials shipped to the US in diplomatic pouches, which US Customs officials are barred from examining, the sources said. Federal officials quietly killed the project before construction was underway...

Since at least 2017, federal officials have investigated Chinese land purchases near critical infrastructure, shut down a high-profile regional consulate believed by the US government to be a hotbed of Chinese spies and stonewalled what they saw as clear efforts to plant listening devices near sensitive military and government facilities.

Among the most alarming things the FBI uncovered pertains to Chinese-made Huawei equipment atop cell towers near US military bases in the rural Midwest. According to multiple sources familiar with the matter, the FBI determined the equipment was capable of capturing and disrupting highly restricted Defense Department communications, including those used by US Strategic Command, which oversees the country's nuclear weapons.... It's unclear if the intelligence community determined whether any data was actually intercepted and sent back to Beijing from these towers. Sources familiar with the issue say that from a technical standpoint, it's incredibly difficult to prove a given package of data was stolen and sent overseas.

The Chinese government strongly denies any efforts to spy on the US.... But multiple sources familiar with the investigation tell CNN that there's no question the Huawei equipment has the ability to intercept not only commercial cell traffic but also the highly restricted airwaves used by the military and disrupt critical US Strategic Command communications, giving the Chinese government a potential window into America's nuclear arsenal.... As Huawei equipment began to proliferate near US military bases, federal investigators started taking notice, sources familiar with the matter told CNN. Of particular concern was that Huawei was routinely selling cheap equipment to rural providers in cases that appeared to be unprofitable for Huawei — but which placed its equipment near military assets.

An anonymous reader quotes a report from Ars Technica: US Senators Ben Ray Lujan (D-N.M.) and Cory Booker (D-N.J.) want to ban Internet data caps. The senators today introduced the "Uncap America Act," which would "prohibit predatory data caps that force families to pay high costs and unnecessary fees to access high-speed broadband," they said in a press release. "A broadband Internet access service provider shall not impose a data cap except when tailored primarily for the purposes of reasonable network management or managing network congestion," the bill says. The proposed law would order the Federal Communications Commission to issue "regulations to define the conditions under which a data cap is to be considered tailored to the purpose of reasonable network management or managing network congestion."

Data caps that don't comply with the exceptions would violate the Communications Act. "While certain broadband Internet access service networks may require practices to effectively manage congestion, those practices should be tailored to improve equitable access among consumers," the bill says. "Unnecessary data caps limit participation in the digital economy and are contrary to the public interest." The bill can be expected to attract fierce opposition from the broadband industry and would face long odds of passing through the Senate and House. If it does become law, it would likely prohibit the home Internet data caps imposed by Comcast and others, which clearly exist for financial purposes and not for any network management need.

While the Lujan/Booker bill leaves key details up to the FCC, it provides a comprehensive definition of what counts as a data cap under the proposed law. The bill says a data cap is "a limit on the amount of bits or other units of information a customer of a broadband Internet access service provider may download or upload during a period of time specified by the broadband Internet service access provider before the customer is charged a fee for additional usage; is subject to an increasing cost per bit or other unit of information; is charged for an incremental block of usage; or experiences a reduction of access speed; or that the customer is otherwise discouraged or prevented from exceeding." The proposed law would apply to home Internet services and mobile data plans, as it uses a definition of broadband service in US law that includes "mass-market retail service by wire or radio." But the FCC would be able to define different rules for different types of connections, Lujan's office told Ars.

SpaceX made it through its second attempt to launch 46 satellites on Friday (July 22), breaking a record along the way. The launch allowed SpaceX to surpass its 31 record launches of 2021 with a 32nd record launch in 2022, and still counting. Space.com reports: The two-stage Falcon 9 rocket, which induced a scrub at T-46 seconds on Thursday (July 21), lifted off successfully from Vandenberg Space Force Base in California Friday. Liftoff took place at 1:40 p.m. EDT (1740 GMT or 10:40 a.m. local time at the launch site) amid severely foggy conditions on the west coast. Falcon 9's first stage also completed its mission, landing atop the "Of Course I Still Love You" droneship in the Pacific Ocean as planned, about 8.5 minutes after launch. The report notes that SpaceX has launched more than 2,800 individual Starlink satellites to orbit as the company seeks to build out its satellite-internet service.

Tech companies should move ahead with controversial technology that scans for child abuse imagery on users' phones, the technical heads of GCHQ and the UK's National Cybersecurity Centre have said. From a report: So-called "client-side scanning" would involve service providers such as Facebook or Apple building software that monitors communications for suspicious activity without needing to share the contents of messages with a centralised server. Ian Levy, the NCSC's technical director, and Crispin Robinson, the technical director of cryptanalysis -- codebreaking -- at GCHQ, said the technology could protect children and privacy at the same time.

"We've found no reason why client-side scanning techniques cannot be implemented safely in many of the situations one will encounter," they wrote in a discussion paper published on Thursday, which the pair said was "not government policy." They argued that opposition to proposals for client-side scanning -- most famously a plan from Apple, now paused indefinitely, to scan photos before they are uploaded to the company's image-sharing service -- rested on specific flaws, which were fixable in practice. They suggested, for instance, requiring the involvement of multiple child protection NGOs, to guard against any individual government using the scanning apparatus to spy on civilians; and using encryption to ensure that the platform never sees any images that are passed to humans for moderation, instead involving only those same NGOs.

A 2021 eruption in Iceland gave researchers rare and illuminating access to the mantle, one of the Earth's layers. From a report: What do you do when a volcano erupts for the first time in centuries? For many people on the southern peninsula in Iceland, when the Fagradalsfjall volcano went off in 2021 after 781 years of dormancy, the answer was to take pictures. As the eruption continued over the course of six months, tourists and locals traveled closer to the volcano to take even more. Red bursts flying out of a black pyramid; the viscous creep of flame. But this documentation only went so far. Some scientists wanted to know what was going on underneath the surface, miles deep, where light does not reach. There, the flowing rock works in ways that experts still cannot describe. So on the first day of the eruption, a helicopter flew out to the site and scooped up a bit of lava. Some samples were distributed to labs, which, after testing, sent back unexpected results: The lava was full of crystals.

Recently, with the help of similar samples gathered throughout the Fagradalsfjall eruption, steps have been taken toward characterizing the dynamics under the surface of the oceanic volcano. In a paper published in June in the journal Nature Communications, researchers who observed the chemical composition of the lava crystal samples collected over a six-month period found that they contained a wide range of material from different parts of the mantle, the amalgamate layer between the Earth's crust and core. This kind of variation was unexpected, and it painted a more vivid picture of what contributes to volcanic eruptions. "We have a really detailed record of the different types of composition that we can find in the mantle now, and it must be very heterogeneous, very variable," said Frances Deegan, a volcanologist at Uppsala University in Sweden, and a co-author of the paper. Compositionally, the Fagradalsfjall lava was primitive, meaning it came from a deep reservoir of magma, or underground lava, not a shallow reservoir in the Earth's crust. Noticing this, researchers, including Ed Marshall, a geochemist at the University of Iceland, sprinted to gather more samples as the lava continued to spew out of vents. "We were working all hours -- you're asleep and the volcano's still erupting and you're like, 'I got to get back out there,'" said Dr. Marshall. "But it's hard to describe how rare this kind of thing is."

Fagradalsfjall exists at a confluence of fault lines along a boundary between the Eurasian and North American tectonic plates, a point where they are both pulling apart and rubbing against each other. Geological records show that there has been periodic volcanic activity in the region about every thousand years, and this most recent fissure was preceded by more than a year of earthquakes. Olafur Flovenz, director of the Iceland GeoSurvey, recently published a paper with colleagues that suggests this activity was not caused by a body of magma accumulating in the crust, but from carbon dioxide released by deeper magma pooling between the mantle and the crust, in a region called the Mohorovicic discontinuity, or moho. Usually, volcanic eruptions occur when lots of small magma flows mix together. "This mixing process is an essential geologic process, but it's never been directly observed," said Dr. Marshall. It occurs so deep under the surface and many of the chemical signatures of individual flows are lost as the magma moves up through the crust. But when Fagradalsfjall erupted in 2021, the molten rock and crystals that shot up to the surface came directly from the moho.

An anonymous reader quotes a report from Ars Technica: Federal Communications Commission Chairwoman Jessica Rosenworcel has ordered mobile carriers to explain what geolocation data they collect from customers and how they use it. Rosenworcel's probe could be the first step toward stronger action -- but the agency's authority in this area is in peril because Congress is debating a data privacy law that could preempt the FCC from regulating carriers' privacy practices.

Rosenworcel sent letters of inquiry Tuesday "to the top 15 mobile providers," the FCC announced. The chairwoman's letters asked carriers "about their policies around geolocation data, such as how long geolocation data is retained and why and what the current safeguards are to protect this sensitive information," the FCC said. The letters also "probe carriers about their processes for sharing subscriber geolocation data with law enforcement and other third parties' data-sharing agreements. Finally, the letters ask whether and how consumers are notified when their geolocation information is shared with third parties," the FCC said. "Mobile Internet service providers are uniquely situated to capture a trove of data about their own subscribers, including the subscriber's actual identity and personal characteristics, geolocation data, app usage, and web browsing data and habits," the letters say. Under US communications law, carriers are prohibited from using or sharing private information except under specific circumstances. Rosenworcel told carriers to answer the questions by August 3.

[...] Among other things, Rosenworcel's letters ask carriers to describe in detail the geolocation data they collect and retain from customers, to explain why such data is retained for current and former subscribers, how long the data is retained for, a description of safeguards used to protect the data, and what country or countries the geolocation data is stored in. The letters also ask for details regarding how data retention policies are disclosed to subscribers, data deletion policies, and whether subscribers can opt out of data retention. A second list of questions focused on data sharing asks for each carrier's "process and policies for sharing subscriber geolocation data with law enforcement;" for descriptions of "the arrangements, agreements, and circumstances in which [the carrier] shares subscriber geolocation data with third parties that are not law enforcement;" and whether subscribers are "notified of the sharing of their geolocation information with third parties that are not law enforcement." The data-sharing section also probes whether the carriers let customers opt out of programs that share data with third parties. Because geolocation data is highly sensitive and can be combined with other types of data, "the ways in which this data is stored and shared with third parties is of utmost importance to consumer safety and privacy," Rosenworcel told carriers in the letters. Further reading: Homeland Security Records Show 'Shocking' Use of Phone Data, ACLU Says

An anonymous reader quotes a report from Ars Technica: A security firm and the US government are advising the public to immediately stop using a popular GPS tracking device or to at least minimize exposure to it, citing a host of vulnerabilities that make it possible for hackers to remotely disable cars while they're moving, track location histories, disarm alarms, and cut off fuel. An assessment from security firm BitSight found six vulnerabilities in the Micodus MV720, a GPS tracker that sells for about $20 and is widely available. The researchers who performed the assessment believe the same critical vulnerabilities are present in other Micodus tracker models. The China-based manufacturer says 1.5 million of its tracking devices are deployed across 420,000 customers. BitSight found the device in use in 169 countries, with customers including governments, militaries, law enforcement agencies, and aerospace, shipping, and manufacturing companies.

BitSight discovered (PDF) what it said were six "severe" vulnerabilities in the device that allow for a host of possible attacks. One flaw is the use of unencrypted HTTP communications that makes it possible for remote hackers to conduct adversary-in-the-middle attacks that intercept or change requests sent between the mobile application and supporting servers. Other vulnerabilities include a flawed authentication mechanism in the mobile app that can allow attackers to access the hardcoded key for locking down the trackers and the ability to use a custom IP address that makes it possible for hackers to monitor and control all communications to and from the device.

The vulnerabilities include one tracked as CVE-2022-2107, a hardcoded password that carries a severity rating of 9.8 out of a possible 10. Micodus trackers use it as a master password. Hackers who obtain this passcode can use it to log in to the web server, impersonate the legitimate user, and send commands to the tracker through SMS communications that appear to come from the GPS user's mobile number. With this control, hackers can: Gain complete control of any GPS tracker; Access location information, routes, geofences, and track locations in real time; Cut off fuel to vehicles; and Disarm alarms and other features. A separate vulnerability, CVE-2022-2141, leads to a broken authentication state in the protocol the Micodus server and the GPS tracker use to communicate. Other vulnerabilities include a hardcoded password used by the Micodus server, a reflected cross-site scripting error in the Web server, and an insecure direct object reference in the Web server. The other tracking designations include CVE-2022-2199, CVE-2022-34150, CVE-2022-33944. The U.S. Cybersecurity and Infrastructure Security Administration is also warning about the risks posed by the critical security bugs. "Successful exploitation of these vulnerabilities could allow an attacker control over any MV720 GPS tracker, granting access to location, routes, fuel cutoff commands, and the disarming of various features (e.g., alarms)," agency officials wrote.