Spam

FCC Cracks Down On Spam 'Auto Warranty' Robocalls (axios.com) 111

An anonymous reader quotes a report from Axios: The Federal Communications Commission on Thursday told carriers to stop delivering those annoying auto warranty robocalls and said it has launched a formal investigation. The scam has resulted in more than 8 billion unwanted and possibly illegal phone calls. It has been the top consumer robocall complaint for the past two years.

The FCC said it is working with a number of other agencies, including the Ohio attorney general, which is suing Roy Cox, Jr., Aaron Michael Jones, their Sumco Panama companies and other international associates said to be a part of the scam. The agency's enforcement bureau said it sent cease-and-desist letters to Call Pipe, Fugle Telecom, Geist Telecom, Global Lynks, Mobi Telecom, South Dakota Telecom, SipKonnect and Virtual Telecom to warn them to stop carrying this suspicious robocall traffic within 48 hours. The FCC said that its inquiry shows that the operation is still generating millions of apparently unlawful calls to consumers on a daily basis.

The Almighty Buck

Man Set Up Fake ISP To Scam Low-Income People Seeking Gov't Discounts, FCC Says (arstechnica.com) 24

An anonymous reader quotes a report from Ars Technica: An Ohio man created a fake broadband provider in order to scam low-income consumers who thought they were getting government-funded discounts on Internet service and devices, according to the Federal Communications Commission. In a Notice of Apparent Liability for Forfeiture released Friday, the FCC proposed a fine of $220,210 against alleged scammer Kyle Traxler. Traxler created an entity called Cleo Communications that sought authorization to be a provider in the FCC's Emergency Broadband Benefit (EBB) program, which provided $50 monthly discounts on Internet service and discounts for devices. "Cleo apparently existed for the sole purpose of taking financial advantage of customers under the disguise of being a legitimate EBB Program provider," the FCC notice said. "Cleo Communications has had no business activity outside of the EBB Program and no other business purpose."

The FCC began investigating after receiving complaints from consumers in at least eight states who ordered devices and/or "hotspot service." In some cases, consumers said that Cleo threatened to sue them after they asked for refunds for items and service they didn't receive. Cleo's terms of service stated that it never issues refunds and that attempting to get refunds via bank chargebacks is a "breach of contract," according to the FCC. The FCC said it got no response to a subpoena it issued to Traxler and Cleo in December 2021. The now-discontinued EBB program and its replacement, the $30-per-month Affordable Connectivity Program, have provided money directly to participating broadband providers that offer monthly discounts. Some forms of telecom fraud involve the use of fictitious, ineligible, or duplicate customers to obtain payments from FCC programs, but the FCC said Traxler instead scammed consumers directly...

Communications

FCC Gets 90K+ Comments From Starlink Users Protesting Dish Mobile Service (arstechnica.com) 47

An anonymous reader quotes a report from Ars Technica: The Federal Communications Commission has received more than 90,000 comments from Starlink users urging the agency to side with SpaceX in a spectrum battle against Dish Network. The comments were all submitted since last week when SpaceX asked Starlink customers to weigh in on an FCC proceeding that seeks public input on the "feasibility of allowing mobile services in the 12.2-12.7 GHz band while protecting incumbents from harmful interference." Dish wants to use the 12 GHz band for mobile service and says that sharing the spectrum wouldn't significantly degrade satellite broadband. SpaceX says the plan would cause "harmful interference [to Starlink users] more than 77 percent of the time and total outage of service 74 percent of the time, rendering Starlink unusable for most Americans." The satellite downlink band used by Starlink extends from 10.7 GHz to 12.7 GHz. SpaceX says it uses most of that but not the 10.7-10.95 GHz portion because it's adjacent to radio astronomy systems.

The Starlink email was sent to users on June 28. There were a little more than 200 comments in the 18-month-old proceeding's docket at that time, mostly from satellite or telecom companies and lobbyist or advocacy groups. Since then, the comments appear to come almost entirely from people submitting SpaceX's pre-written message, in some cases unaltered and in others with the commenter's opinions or personal experiences using Starlink added in. Many Starlink users told the FCC they live in rural parts of the US and have no other viable broadband options. It's possible a single person can file multiple comments under different names, but it's clear that the SpaceX plea resulted in an outpouring of support from people who use Starlink.

The pace of commenting hasn't slowed down in recent days. PCMag reported on Tuesday that the "SpaceX petition protesting Dish Network has resulted in 70,000 Starlink users bombarding the FCC with messages urging the US regulator to protect the satellite Internet system." There are now more than 95,700 comments in the docket. The official comment period on the 12 GHz question came and went last year, but the agency hasn't ruled on the proceeding yet.
Starlink users can send comments to the FCC via this webpage set up by SpaceX.
Technology

The Code the FBI Used To Wiretap the World (vice.com) 39

The FBI operation in which the agency intercepted messages from thousands of encrypted phones around the world was powered by cobbled together code. From a report: Motherboard has obtained that code and is now publishing sections of it that show how the FBI was able to create its honeypot. The code shows that the messages were secretly duplicated and sent to a "ghost" contact that was hidden from the users' contact lists. This ghost user, in a way, was the FBI and its law enforcement partners, reading over the shoulder of organized criminals as they talked to each other.

Last year, the FBI and its international partners announced Operation Trojan Shield, in which the FBI secretly ran an encrypted phone company called Anom for years and used it to hoover up tens of millions of messages from Anom users. Anom was marketed to criminals, and ended up in the hands of over 300 criminal syndicates worldwide. The landmark operation has led to more than 1,000 arrests including alleged top tier drug traffickers and massive seizures of weapons, cash, narcotics, and luxury cars. Motherboard has obtained this underlying code of the Anom app and is now publishing sections of it due to the public interest in understanding how law enforcement agencies are tackling the so-called Going Dark problem, where criminals use encryption to keep their communications out of the hands of the authorities. The code provides greater insight into the hurried nature of its development, the freely available online tools that Anom's developers copied for their own purposes, and how the relevant section of code copied the messages as part of one of the largest law enforcement operations ever.

Science

Cloned Mice Created From Freeze Dried Skin Cells In World First (theguardian.com) 42

An anonymous reader quotes a report from The Guardian: Researchers have created cloned mice from freeze dried skin cells in a world first that aims to help conservationists revive populations of endangered species. The breakthrough paves the way for countries to store skin cells from animals as an insurance policy, as the cells can be used to create clones that boost the species' genetic diversity if they become threatened with extinction in the future. While scientists have used frozen cells to produce clones for conservation projects, the cells are kept in liquid nitrogen which is expensive and risky: if there are power outages or the liquid nitrogen is not regularly topped up, the cells melt and become unusable. Freeze dried sperm can also be used to create clones, but cannot be obtained from all animals.

In the latest work, researchers froze dried skin cells from mouse tails and stored them for up to nine months before trying to create clones from them. The freeze-drying processes killed the cells, but the scientists found they could still create early stage cloned embryos by inserting the dead cells into mouse eggs that had their own nuclei removed. These early stage mouse embryos, known as blastocysts, were used to create stocks of stem cells that were put through another round of cloning. The stem cells were inserted into mouse eggs emptied of their own nuclei, leading to embryos that surrogate mice carried to term. The first cloned mouse, named Dorami after a melon bread-loving robot in the Doraemon Manga series, was followed by 74 more. To check whether the clones had healthy fertility, nine females and three males were bred with normal mice. All the females went on to have litters.

Despite the achievement, the process is inefficient -- freeze drying damaged DNA in the skin cells -- and the success rate for creating healthy female and male mouse pups was only 0.2 to 5.4%. In some of the cells, the Y chromosome was lost, leading to female mice being born from cells obtained from male animals. "If the same treatment could be performed in endangered species where only males survived, it would be possible to produce females and naturally preserve the species, the authors write in Nature Communications.

Social Networks

As TikTok Promises US Servers, FCC Commissioner Remains Critical of Data Privacy (cnn.com) 28

On Tuesday Brendan Carr, a commissioner on America's Federal Communications Commission,warned on Twitter that TikTok, owned by China-based company ByteDance, "doesn't just see its users dance videos: It collects search and browsing histories, keystroke patterns, biometric identifiers, draft messages and metadata, plus it has collected the text, images, and videos that are stored on a device's clipboard. Tiktok's pattern of misrepresentations coupled with its ownership by an entity beholden to the Chinese Community Party has resulted in U.S. military branches and national security agencies banning it from government devices.... The CCP has a track record longer than a CVS receipt of conducting business & industrial espionage as well as other actions contrary to U.S. national security, which is what makes it so troubling that personnel in Beijing are accessing this sensitive and personnel data.
Today CNN interviewed Carr, while also bringing viewers an update. TikTok's China-based employees accessed data on U.S. TikTok users, BuzzFeed had reported — after which TikTok announced it intends to move backup data to servers in the U.S., allowing them to eventually delete U.S. data from their servers. But days later Republican Senator Blackburn was still arguing to Bloomberg that "Americans need to know if they are on TikTok, communist China has their information."

And FCC commissioner Carr told CNN he remains suspicious too: Carr: For years TikTok has been asked directly by U.S. lawmakers, 'Is any information, any data, being accessed by personnel back in Beijing?' And rather than being forthright and saying 'Yes, and here's the extent of it and here's why we don't think it's a problem,' they've repeatedly said 'All U.S. user data is stored in the U.S.," leaving people with the impression that there's no access.... This recent bombshell reporting from BuzzFeed shows at least some of the extent to which massive amounts of data has allegedy been going back to Beijing.

And that's a problem, and not just a national security problem. But to me it looks like a violation of the terms of the app store, and that's why I wrote a letter to Google and Apple saying that they should remove TikTok and boot them out of the app store... I've left them until July 8th to give me a response, so we'll see what they say. I look forward to hearing from them. But there's precedence for this. Before when applications have taken data surreptitiously and put it in servers in China or otherwise been used for reasons other than servicing the application itself, they have booted them from the app store. And so I would hope that they would just apply the plain terms of their policy here.

When CNN points out the FCC doesn't have jurisdiction over social media, Carr notes "speaking for myself as one member" they've developed "expertise in terms of understanding how the CCP can effectively take data and infiltrate U.S. communications' networks. And he points out that the issue is also being raised by Congressional hearings and by Republican and Democrat Senators signing joint letters together, so "I'm just one piece of a broader federal effort that's looking at the very serious risks that come from TikTok." Carr: At the end of the day, it functions as sophisticated surveillance tool that is harvesting vast amounts of data on U.S. users. And I think TikTok should answer point-blank, has any CCP member obtained non-public user data or viewed it. Not to answer with a dodge, and say they've never been asked for it or never received a request. Can they say no, no CCP member has ever seen non-public U.S. user data.
Carr's appearance was followed by an appearance by TikTok's VP and head of public policy for the Americas. But this afternoon Carr said on Twitter that TikTok's response contradicted its own past statements: Today, a TikTok exec said it was "simply false" for me to say that they collect faceprints, browsing history, & keystroke patterns.

Except, I was quoting directly from TikTok's own disclosures.

TikTok's concerning pattern of misrepresentations about U.S. user data continues.

Science

Objective Reality May Not Exist At All, Quantum Physicists Say (popularmechanics.com) 157

Long-time Slashdot reader waspleg shares a thought-provoking article from Popular Mechanics: Does reality exist, or does it take shape when an observer measures it? Akin to the age-old conundrum of whether a tree makes a sound if it falls in a forest with no one around to hear it, the above question remains one of the most tantalizing in the field of quantum mechanics, the branch of science dealing with the behavior of subatomic particles on the microscopic level.... Now, scientists from the Federal University of ABC (UFABC) in the São Paulo metropolitan area in Brazil are adding fuel to the suggestion that reality might be "in the eye of the observer."

In their new research, published in the journal Communications Physics in April, the scientists in Brazil attempted to verify the "complementarity principle" the famous Danish physicist Niels Bohr proposed in 1928. It states that objects come with certain pairs of complementary properties, which are impossible to observe or measure at the same time, like energy and duration, or position and momentum. For example, no matter how you set up an experiment involving a pair of electrons, there's no way you can study the position of both quantities at the same time: the test will illustrate the position of the first electron, but obscure the position of the second particle (the complementary particle) at the same time....

"We used nuclear magnetic resonance techniques similar to those used in medical imaging," Roberto M. Serra, a quantum information science and technology researcher at UFABC, who led the experiment, tells Popular Mechanics. Particles like protons, neutrons, and electrons all have a nuclear spin, which is a magnetic property analogous to the orientation of a needle in a compass. "We manipulated these nuclear spins of different atoms in a molecule employing a type of electromagnetic radiation. In this setup, we created a new interference device for a proton nuclear spin to investigate its wave and particle reality in the quantum realm," Serra explains. "This new arrangement produced exactly the same observed statistics as previous quantum delayed-choice experiments," Pedro Ruas Dieguez, now a postdoctoral research fellow at the International Centre for Theory of Quantum Technologies (ICTQT) in Poland, who was part of the study, tells Popular Mechanics. "However, in the new configuration, we were able to connect the result of the experiment with the way waves and particles behave in a way that verifies Bohr's complementarity principle," Dieguez continues.

The main takeaway from the April 2022 study is that physical reality in the quantum world is made of mutually exclusive entities that, nonetheless, do not contradict but complete each other.

Stephen Holler, an associate professor of physics at Fordham University, tells Popular Mechanics that the study underscores a famous observation by Richard Feynman: "If you think you understand quantum mechanics, you don't understand quantum mechanics."
Crime

Reuters: 'How Mercenary Hackers Sway Litigation Battles' (reuters.com) 7

Reuters shares the results of its investigation into what it calls "mercenary hackers": Reuters identified 35 legal cases since 2013 in which Indian hackers attempted to obtain documents from one side or another of a courtroom battle by sending them password-stealing emails. The messages were often camouflaged as innocuous communications from clients, colleagues, friends or family. They were aimed at giving the hackers access to targets' inboxes and, ultimately, private or attorney-client privileged information.

At least 75 U.S. and European companies, three dozen advocacy and media groups and numerous Western business executives were the subjects of these hacking attempts, Reuters found.

The Reuters report is based on interviews with victims, researchers, investigators, former U.S. government officials, lawyers and hackers, plus a review of court records from seven countries. It also draws on a unique database of more than 80,000 emails sent by Indian hackers to 13,000 targets over a seven-year period. The database is effectively the hackers' hit list, and it reveals a down-to-the-second look at who the cyber mercenaries sent phishing emails to between 2013 and 2020.... The targets' lawyers were often hit, too. The Indian hackers tried to break into the inboxes of some 1,000 attorneys at 108 different law firms, Reuters found....

"It is an open secret that there are some private investigators who use Indian hacker groups to target opposition in litigation battles," said Anthony Upward, managing director of Cognition Intelligence, a UK-based countersurveillance firm.

The legal cases identified by Reuters varied in profile and importance. Some involved obscure personal disputes. Others featured multinational companies with fortunes at stake. From London to Lagos, at least 11 separate groups of victims had their emails leaked publicly or suddenly entered into evidence in the middle of their trials. In several cases, stolen documents shaped the verdict, court records show.

Reuters spoke to email experts including Linkedin, Microsoft and Google to help confirm the authenticity of the data they'd received, and reports that one high-profile victim was WeWork co-founder Adam Neumann. (After Reuters told him he'd been targetted starting in 2017, Neumann hired a law firm.) "Reuters reached out to every person in the database — sending requests for comment to each email address — and spoke to more than 250 individuals. Most of the respondents said the attempted hacks revealed in the email database occurred either ahead of anticipated lawsuits or as litigation was under way."

America's FBI has been investigating the breachers since at least early 2018, Reuters reports, adding that pressure is now increasing on private eyes who acted as go-betweens for interested clients.

Meanwhile, Reuters found former employees of the mercenary firms, who told them that the firms employed dozens of workers — though "a month's salary could be as low as 25,000 rupees (then worth about $370), according to two former workers and company salary records...

"Asked about the hacker-for-hire industry, an official with India's Ministry of Justice referred Reuters to a cybercrime hotline, which did not respond to a request for comment."
Communications

FCC Authorizes SpaceX To Provide Starlink Internet Service To Vehicles In Motion (cnbc.com) 26

The Federal Communications Commission authorized SpaceX to provide Starlink satellite internet to vehicles in motion, a key step for Elon Musk's company to further expand the service. CNBC reports: "Authorizing a new class of [customer] terminals for SpaceX's satellite system will expand the range of broadband capabilities to meet the growing user demands that now require connectivity while on the move, whether driving an RV across the country, moving a freighter from Europe to a U.S. port, or while on a domestic or international flight," FCC international bureau chief Tom Sullivan wrote in the authorization posted Thursday.

The FCC's authorization also includes connecting to ships and vehicles like semitrucks and RVs, with SpaceX having last year requested to expand from servicing stationary customers. SpaceX had already deployed a version of its service called "Starlink for RVs," with an additional "portability" fee. But portability is not the same as mobility, which the FCC's decision now allows. The FCC imposed conditions on in-motion Starlink service. SpaceX is required to "accept any interference received from both current and future services authorized," and further investment in Starlink will "assume the risk that operations may be subject to additional conditions or requirements" from the FCC.
The report notes that the ruling "did not resolve a broader SpaceX regulatory dispute with Dish Network and RS Access, an entity backed by billionaire Michael Dell, over the use of 12-gigahertz band -- a range of frequency used for broadband communications." SpaceX is pushing for the regulator to make a ruling, saying the mobile service "would cause harmful interference to SpaceX's Starlink terminals in the 12.2-12.7 GHz band more than 77% of the time."
Privacy

FCC Commissioner Wants Apple, Google To Remove TikTok From App Stores (cnbc.com) 40

A leader of the U.S. Federal Communications Commission said he has asked Apple and Google to remove TikTok from their app stores over China-related data security concerns. CNBC reports: The wildly popular short video app is owned by Chinese company ByteDance, which faced U.S. scrutiny under President Donald Trump. Brendan Carr, one of the FCC's commissioners, shared via Twitter a letter to Apple CEO Tim Cook and Alphabet CEO Sundar Pichai. The letter pointed to reports and other developments that made TikTok non-compliant with the two companies' app store policies.

"TikTok is not what it appears to be on the surface. It is not just an app for sharing funny videos or meme. That's the sheep's clothing," he said in the letter. "At its core, TikTok functions as a sophisticated surveillance tool that harvests extensive amounts of personal and sensitive data." Carr's letter, dated June 24 on FCC letterhead, said if the Apple and Alphabet do not remove TikTok from their app stores, they should provide statements to him by July 8. The statements should explain "the basis for your company's conclusion that the surreptitious access of private and sensitive U.S. user data by persons located in Beijing, coupled with TikTok's pattern of misleading representations and conduct, does not run afoul of any of your app store policies," he said.
A TikTok spokesperson told BuzzFeed News in a statement: "We know we're among the most scrutinized platforms from a security standpoint, and we aim to remove any doubt about the security of US user data. That's why we hire experts in their fields, continually work to validate our security standards, and bring in reputable, independent third parties to test our defenses."
Social Networks

Company Behind Trump's Truth Social Under Investigation By Federal Prosecutors (independent.co.uk) 170

An anonymous reader quotes a report from the Independent: The so-called "blank check" company behind former president Donald Trump's Truth Social platform now appears to be the subject of an investigation by federal prosecutors who are looking into whether the company or its executives violated federal securities laws. Shares of the Special Purpose Acquisition Company, known as Digital World Acquisition Corporation, fell nine percent in early trading on Monday after CEO Patrick Orlando filed a statement with the Securities and Exchange Commission to report that the company, which is pursuing a merger with the former president's Trump Media and Technology Group, was issued a subpoena by a federal grand jury in the Southern District of New York.

Mr Orlando also wrote that each member of DWAC's board of directors has also been issued a subpoena by the same grand jury. The grand jury subpoenas, he said, appear to be "seeking various documents and information" that are substantially similar to subpoenas issued to the company by the SEC earlier this year, as well as documents relating to the company's previous SEC filings, "communications with or about multiple individuals, and information regarding Rocket One Capital," a venture capital and private equity firm. The US securities regulator is probing whether DWAC executives violated laws which ban negotiations between the company and Mr Trump's tech firm before DWAC went public in late 2021. After Mr Trump announced his company's pending deal with DWAC, shares in the public company skyrocketed by over 400 per cent.

A previous filing by Mr Orlando stated that the SEC subpoena sought documents concerning "among other things, Digital World's due diligence regarding TMTG, communications regarding and due diligence of potential targets other than TMTG, relationships between and among Digital World (and/or certain of Digital World's officers and directors) and other entities (including ARC Global Investments II LLC, Digital World's sponsor, and certain advisors, including Digital World's underwriter and financial advisor in its initial public offering)." Additionally, the pending merger is also the subject of an investigation by the Financial Industry Regulatory Authority, a commercial entity that acts as a self-regulator for brokerage firms and securities exchange markets.

Communications

Google Hangouts is Shutting Down in November 24

After sunsetting Google Hangouts for Workspace users in February, Google's now beginning the process of migrating free, personal Hangouts users to Chat. In an announcement posted to its blog, Google says people who still use the Hangouts mobile app will see a prompt to move to Chat. From a report: As for users who use Hangouts in Gmail on the web, Google says it won't start prompting users to make the switch to Chat until July. Hangouts will remain usable on its desktop site until November, and Google says it will warn users "at least one month" in advance before it starts pointing the Hangouts site to Chat.
Games

Popular Game Valorant Will Start Listening To Your Voice Chat Next Month (pcgamer.com) 28

Riot Games will begin background evaluation of recorded in-game voice communications on July 13th in North America, in English. In a brief statement(opens in new tab) Riot said that the purpose of the recording is ultimately to "collect clear evidence that could verify any violations of behavioral policies." From a report: For now, however, recordings will be used to develop the evaluation system that may eventually be implemented. That means training some kind of language model using the recordings, says Riot, to "get the tech in a good enough place for a beta launch later this year." Riot also makes clear that voice evaluation from this test will not be used for reports.
Government

Russia's Cyberattacks Thwarted by Ukraine, Microsoft, Google, and Western Intelligence (nytimes.com) 37

Russia's invasion of Ukraine is "the first full-scale battle in which traditional and cyberweapons have been used side by side," reports the New York Times. But the biggest surprise is that "many of the attacks were thwarted, or there was enough redundancy built into the Ukrainian networks that the efforts did little damage... more than two-thirds of them failed, echoing its poor performance on the physical battlefield."

Microsoft president Brad Smith says the ultimate result is Russia's attempted cyberatacks get underreported, according to the Times: [A study published by Microsoft Wednesday] indicated that Ukraine was well prepared to fend off cyberattacks, after having endured them for many years. That was at least in part because of a well-established system of warnings from private-sector companies, including Microsoft and Google, and preparations that included moving much of Ukraine's most important systems to the cloud, onto servers outside Ukraine....

In many instances, Russia coordinated its use of cyberweapons with conventional attacks, including taking down the computer network of a nuclear power plant before moving in its troops to take it over, Mr. Smith said. Microsoft officials declined to identify which plant Mr. Smith was referring to. While much of Russia's cyberactivity has focused on Ukraine, Microsoft has detected 128 network intrusions in 42 countries. Of the 29 percent of Russian attacks that have successfully penetrated a network, Microsoft concluded, only a quarter of those resulted in data being stolen. Outside Ukraine, Russia has concentrated its attacks on the United States, Poland and two aspiring members of NATO, Sweden and Finland...

But Microsoft, other technology companies and government officials have said that Russia has paired those infiltration attempts with a broad effort to deliver propaganda around the world. Microsoft tracked the growth in consumption of Russian propaganda in the United States in the first weeks of the year. It peaked at 82 percent right before the Feb. 24 invasion of Ukraine, with 60 million to 80 million monthly page views. That figure, Microsoft said, rivaled page views on the biggest traditional media sites in the United States. One example Mr. Smith cited was that of Russian propaganda inside Russia pushing its citizens to get vaccinated, while its English-language messaging spread anti-vaccine content. Microsoft also tracked the rise in Russian propaganda in Canada in the weeks before a trucker convoy protesting vaccine mandates tried to shut down Ottawa, and that in New Zealand before protests there against public health measures meant to fight the pandemic.

Russians successfully "sabotaged a satellite communications network called Viasat in the opening days of the war," notes the Washington Post, "with the damage spilling over into other European countries. But Ukraine, working with private tech companies, Western intelligence and its own expert software engineers, has quickly fixed most of the damage..."

"The close partnerships that have emerged between U.S. technology companies and Western cybersecurity agencies is one of the unheralded stories of the war...." "Cyber responses must rely on greater public and private collaboration," argues Brad Smith, Microsoft's president, in a new study... published Wednesday on Microsoft's "lessons learned" from cyber conflict in Ukraine. A White House cyber official explains the new cooperative approach this way: "Where companies see destructive attacks, that has driven partnerships with the intelligence community and other government agencies to see how best we can share information to protect infrastructure around the world." The tech world's sympathies lie with the underdog, Ukraine. That applies to giant firms such as Microsoft and Google....

Ukraine's cybersecurity defense benefited from an early start. U.S. Cyber Command experts went to Ukraine months before the war started, according to its commander, Gen. Paul Nakasone. Microsoft and Google became involved even earlier. Microsoft began monitoring Russian phishing attacks against Ukrainian military networks in early 2021, and through the rest of last year observed increasingly aggressive hacks by six different attackers linked to Russia's three intelligence services, the GRU, SVR and FSB, according to a Microsoft report released in April. Microsoft has spent a total of $239 million on financial and technical assistance to Ukraine, a company official said....

Google, a part of Alphabet, has also helped Ukraine fend off threats. Back in 2014, prompted by Russia's use of DDOS ("distributed denial-of-service") malware in its seizure of Crimea and eastern Ukraine, Google began what it called "Project Shield." Software protected news sites, human rights groups and election sites against crippling DDOS floods of junk internet messages. Today, Project Shield is used by 200 sites in Ukraine and 2,300 others in 140 countries around the world, according to Jared Cohen, the chief executive of Google's Jigsaw unit.

Communications

SpaceX Asserts 5G Would 'Blow Out' Satellite Users In 12 GHz Band (fiercewireless.com) 53

Monica Alleven writes via Fierce Wireless: So much for the "win-win-win" scenario that Dish Network envisioned for the 12 GHz band. Dish and fellow MVDDS licensee RS Access have argued that the 12 GHz band can be used by both satellite players like SpaceX's Starlink and by companies like Dish that want to use it for 5G, all for the public's benefit. SpaceX on Tuesday submitted its own analysis (PDF) of the effect of terrestrial mobile deployment on non-geostationary orbit fixed satellite service (NGSO FSS) downlink operations. The upshot: The SpaceX study shows terrestrial mobile service would cause harmful interference to SpaceX's Starlink terminals in the 12.2-12.7 GHz band more than 77% of the time, resulting in full outages 74% of the time.

Although entities like RS Access note that SpaceX has access to plenty of other spectrum to accomplish its broadband mission, SpaceX insists that the 12 GHz band has become one of the most important and intensely used spectrum bands for Americans who depend on satellite services. In fact, SpaceX said it depends on the 12 GHz band for the workhorse frequencies in critical downlink services to serve Americans "in every corner of the nation." [...] SpaceX would like the FCC to drop the 12 GHz proceeding, but Dish and RS Access have been urging the FCC for years to change the rules so that their MVDDS licenses can be used for two-way 5G services.
In response to SpaceX's submission, the 5G for 12 GHz Coalition, issued the following statement: "We understand that SpaceX has -- after 18 months and both a robust comment and reply period -- just filed its own in-house technical submission to the 12 GHz proceeding. Our engineers and technical experts are reviewing the filing in depth and remain committed to working in good faith with the FCC and stakeholders to ensure that the American public is able to reap the immense benefits of 5G services in this band."
AI

Wimbledon Hoping Big Data Will Improve Fan Experience (theguardian.com) 30

Wimbledon is turning to big data to help improve fans' tennis knowledge, after discovering even ticket holders at the Championships were not aware of most of the players in the game. From a report: Crowds at this year's tournament -- expected to return to sold-out levels with easing of coronavirus restrictions -- are to be exposed to more facts and figures organisers hope will help get them "closer to the sport." AI-powered stats will seek to better explain the strengths and weaknesses in players' games but also predict upsets and rising stars, with data built in part from trawling newspaper headlines.

Alexandra Willis, the All England Club's director of communications and marketing, said the idea had come about before Covid. "We found that most fans didn't watch tennis the rest of the year," she said. "They also hadn't heard of most of the players [and] this was a specific barrier to engagement." Spectators at Wimbledon fortnight, as well as television viewers and app users, will have access to Win Factor, a tool that will aggregate data from a number of sources to better predict a player's chances of victory in a given match. Fans will be able to input their own match predictions while being encouraged to scour more information on some of the game's lesser-known players.

Communications

FAA: Airlines Must Retrofit Faulty Altimeters 'As Soon As Possible' (arstechnica.com) 127

An anonymous reader quotes a report from Ars Technica: The Federal Aviation Administration says it finally has a plan for the industry to replace or retrofit airplane altimeters that can't filter out transmissions from outside their allotted frequencies. The altimeter problem has prevented AT&T and Verizon from fully deploying 5G on the C-Band spectrum licenses the wireless carriers purchased for a combined $69 billion. The FAA was urging airlines to retrofit or replace altimeters in recent months and now says it has finalized a plan. An FAA statement on Friday said that "airlines and other operators of aircraft equipped with the affected radio altimeters must install filters or other enhancements as soon as possible."

AT&T and Verizon said they will be able to accelerate 5G deployments near airports in the coming months, but the carriers agreed to continue some level of "voluntary mitigations" in the airport areas until July 2023. Altimeters are used by airplanes to measure altitude. The FAA said a new "phased approach requires operators of regional aircraft with radio altimeters most susceptible to interference to retrofit them with radio frequency filters by the end of 2022. This work has already begun and will continue on an expedited basis."

Additionally, "filters and replacement units for the mainline commercial fleet should be available on a schedule that would permit the work to be largely completed by July 2023," the FAA said, continuing: "The radio-altimeter manufacturers have worked at an unprecedented pace with Embraer, Boeing, Airbus and Mitsubishi Heavy Industries to develop and test filters and installation kits for these aircraft. Customers are receiving the first kits now. In most cases, the kits can be installed in a few hours at airline maintenance facilities. Throughout this process, the FAA will work with both industries to track the pace of the radio altimeter retrofits while also working with the wireless companies to relax mitigations around key airports in carefully considered phases."

Communications

Did Telegram's Founder Lose a Million Dollar Bet Over a Prediction for Signal? (pcmag.com) 36

While he couldn't even ethically accept the million dollars, PC Magazine's senior security analyst Max Eddy writes that "how this happened in the first place is indicative of some of the information security industry's worst impulses. It doesn't have to be this way." Back in 2017, Telegram founder Pavel Durov and I had a disagreement... Durov tweeted about how the Signal secure messaging app had received money from the U.S. government. This is true; Signal received funds from the Open Technology Fund (OTF) — a nonprofit that previously was part of the US-backed Radio Free Asia. According to the OTF's website, it gave nearly $3 million to between 2013 and 2016. It's entirely legitimate to be suspicious of government funding (even if TOR, OpenVPN, and WireGuard also received OTF money), and even take a moral stand against recipients of money from governments you disagree with.

But Durov went far beyond that. He seemed to think this meant Signal was bought off by the feds and predicted that a backdoor would be found within five years.

That's quite an accusation to make, especially without real proof, and it made me mad. Not because people were mouthing off on Twitter — that seems to be that platform's primary function. It made me mad that companies ostensibly working to better people's lives by protecting their security and privacy were trying to drag each other down publicly. This is not new; the VPN industry is full of whisper campaigns and counter-accusations. I can't tell you how many conversations I've had with VPN vendors that start with "first off, everything you heard is a lie...." But generally the message from companies in this industry is one of cooperation and protecting everyone. It's a common theme to keynotes at the RSA Conference and Black Hat that the people who work in infosec have a higher calling to protect other people first and do business second.

And then this happened (on Twitter):


Max Eddy: It's one thing to point out funding and another to say that a "backdoor will be found within five years."

Pavel Durov: I am certain of what I'm saying and am willing to bet $1M (1:1) on it.



While Eddy didn't have a million dollars, "I knew there was no way I would lose. This would be the easiest million-dollar bet I ever make." I was confident Durov was wrong because Signal, like many companies, has made an effort toward transparency that I can have some confidence in. Signal has made its code available, has registered as a nonprofit, has a fairly comprehensive privacy policy, and has made abundantly clear that it has no information to provide in response to law enforcement requests. Signal's protocol is also used by competitors, such as WhatsApp and Facebook Messenger, which have surely done their homework when selecting a method for encrypting messages. Most recently, a document revealed that even the FBI has been frustrated in its attempts to get data from Signal (and Telegram, too).
It's been five years, and Eddy now writes that Signal "continues to be recommended by advocacy groups of all kinds as a safe and secure way to communicate..."

"Neither Durov nor Telegram responded to my attempts to contact them for this story."
Communications

Discord Adds a Twitch-like Auto-Moderating Feature (engadget.com) 74

On Thursday, Discord introduced AutoMod, "a feature that can automatically detect and block harmful messages before they're posted," reports Engadget: Accessible through Discord's "Server Settings" menu, the tool allows admins and moderators to create a list of words and phrases they want Discord to look for, along with a set of repercussions for those who use them... Discord has put together three starting lists that cover "certain categories of not-nice words or phrases." Moderators can add up to three additional custom filter lists to suit the needs of their users. At launch, AutoMod is only available to Community servers.
"Moderating your growing community should feel rewarding and fulfilling, not add constant stress from dealing with bad actors or unruly members," Discord said in a blog post Thursday.

To introduce the feature, Discord created a cartoon where chicken superheroes thank AutoMod for patrolling their egg server.

Edgadget notes that Discord also has created "a dedicated admin community server run by Discord staff. Here, the company says moderators can gather to chat and learn from one another. Discord also plans to run educational events and share news through the space." Gizmodo adds that Discord also announced this summer's expansion of premium memberships, "a feature that allows a community's creators and owners to put their server behind a paid subscription."
United States

US Probes How American Electronics Wound Up in Russian Military Equipment in Ukraine (msn.com) 174

America's federal agents "have begun questioning U.S. technology companies on how their computer chips ended up in Russian military equipment recovered in Ukraine," reports the Washington Post: Commerce Department agents who enforce export controls are conducting the inquiries together with the FBI, paying joint visits to companies to ask about Western chips and components found in Russian radar systems, drones, tanks, ground-control equipment and littoral ships, according to people familiar with the matter, who spoke on the condition of anonymity to discuss sensitive investigations. "Our goal is to actually try to track that back, all the way back to the U.S. supplier" to determine "how did it find its way into that weapons system," one Commerce Department official said of the probes....

It isn't clear which specific components are being probed. But investigators from a variety of countries have identified Western electronics in Russian weaponry found in Ukraine. Many of those components appear to have been manufactured years ago, before the United States tightened export restrictions after Russia seized Crimea in 2014. But others were manufactured as recently as 2020, according to Conflict Armament Research (CAR), a research group in London that has examined some of the parts....

CAR last month sent investigators to Ukraine to examine Russian weaponry and communications equipment, and reported finding components from 70 companies based in the United States and Europe. They found the parts in military radios, airborne defense systems and in remnants of cruise missiles that the Ukrainians recovered in various towns and villages, Damien Spleeters, one of the CAR investigators, said in an interview.

An associate professor of electrical/computer engineering at Purdue tells the Post "Most of the items they are listing are available through any commercial computer parts supplier or digital parts supplier."

But the Post spoke to a lawyer representing one of the contacted technology companies. "Among the questions federal agents are asking: whether tech companies sold their products to a specific list of companies, including middlemen, that may have been involved in the supply chain."

Slashdot Top Deals