Facebook

French and Russian Trolls Wrestle For Influence In Africa, Facebook Says (reuters.com) 34

Rival French and Russian disinformation campaigns have sought to deceive and influence Internet users in the Central African Republic ahead of an election later this month, Facebook said on Tuesday. Reuters reports: Facebook said it was the first time it had seen foreign influence operations directly engage on its platforms, with fake accounts denouncing each other as "fake news." The company said it had suspended three networks totaling almost 500 accounts and pages for so-called "coordinated inauthentic behavior." One network was linked to "individuals associated with French military," it said, while the other two had connections to "individuals associated with past activity by the Russian Internet Research Agency" as well as Russian businessman Evgeny Prigozhin.

France and Russia are both keen to assert influence in Africa. Paris has ties with many French-speaking African countries, which it sees as vital to preventing the spread of violent Islamisation, and Moscow is jockeying for position in a lucrative market. Facebook said the two campaigns largely focused on the Central African Republic (CAR), which votes on Dec. 27, but also targeted users in 13 other African countries including Algeria, Cameroon, Libya and Sudan. Ben Nimmo, head of investigations at social media analytics firm Graphika, said both campaigns used fake accounts to pose as local people, sometimes sharing doctored photos. [...] But neither side built a significant audience in CAR, he added. "They looked like two troll teams arm wrestling, with nobody else really paying attention."

Books

John le Carre, Author of Spy Novels, Dies at Age 89 (nbcnewyork.com) 29

"This terrible year has claimed a literary giant and a humanitarian spirit," tweeted novelist Stephen King, adding later that "The Little Drummer Girl was one of the best novels I've ever read." Margaret Atwood tweeted "His Smiley novels are key to understanding the mid-20th century."

And the Associated Press tells the story of how spy-novel writer John le Carré was "drawn to espionage by an upbringing that was superficially conventional but secretly tumultuous." Born David John Moore Cornwell in Poole, southwest England on Oct. 19, 1931, he appeared to have a standard upper-middle-class education: the private Sherborne School, a year studying German literature at the University of Bern, compulsory military service in Austria — where he interrogated Eastern Bloc defectors — and a degree in modern languages at Oxford University. But his ostensibly ordinary upbringing was an illusion. His father, Ronnie Cornwell, was a con man who was an associate of gangsters and spent time in jail for insurance fraud. His mother left the family when David was 5; he didn't meet her again until he was 21.

It was a childhood of uncertainty and extremes: one minute limousines and champagne, the next eviction from the family's latest accommodation. It bred insecurity, an acute awareness of the gap between surface and reality — and a familiarity with secrecy that would serve him well in his future profession. "These were very early experiences, actually, of clandestine survival," le Carré said in 1996. "The whole world was enemy territory."

After university, which was interrupted by his father's bankruptcy, he taught at the prestigious boarding school Eton before joining the foreign service. Officially a diplomat, he was in fact a "lowly" operative with the domestic intelligence service MI5 — he'd started as a student at Oxford — and then its overseas counterpart MI6, serving in Germany, on the Cold War front line, under the cover of second secretary at the British Embassy. His first three novels were written while he was a spy, and his employers required him to publish under a pseudonym. He remained "le Carré" for his entire career. He said he chose the name — square in French — simply because he liked the vaguely mysterious, European sound of it...

Le Carré said in 1990 that the fall of the Berlin Wall had come as a relief. "For me, it was absolutely wonderful. I was sick of writing about the Cold War."

His 1963 novel The Spy Who Came in from the Cold "was immediately hailed as a classic and allowed him to quit the intelligence service to become a full-time writer," the AP writes, adding that he ultimately won a critical respect that "eluded" James Bond's creator Ian Fleming.

And they note that le Carré ultimately described himself as a not-particularly-optimistic believer in humanity. "If only we could see it expressed in our institutional forms, we would have hope then," he told the AP. "I think the humanity will always be there. I think it will always be defeated."
Government

Russia Breached Update Server Used by 300,000 Organizations, Including the NSA (seattletimes.com) 115

Sunday Reuters reported that "a sophisticated hacking group" backed by "a foreign government" has stolen information from America's Treasury Department, and also from "a U.S. agency responsible for deciding policy around the internet and telecommunications."

The Washington Post has since attributed the breach to "Russian government hackers," and discovered it's "part of a global espionage campaign that stretches back months, according to people familiar with the matter." Officials were scrambling over the weekend to assess the extent of the intrusions and implement effective countermeasures, but initial signs suggested the breach was long-running and significant, the people familiar with the matter said. The Russian hackers, known by the nicknames APT29 or Cozy Bear, are part of that nation's foreign intelligence service and breached email systems in some cases, said the people familiar with the intrusions, who spoke on the condition of anonymity because of the sensitivity of the matter. The same Russian group hacked the State Department and the White House email servers during the Obama administration... [The Washington Post has also reported this is the group responsible for the FireEye breach. -Ed]

All of the organizations were breached through the update server of a network management system called SolarWinds, according to four people familiar with the matter. The company said Sunday in a statement that monitoring products it released in March and June of this year may have been surreptitiously weaponized with in a "highly-sophisticated, targeted...attack by a nation state." The scale of the Russian espionage operation is potentially vast and appears to be large, said several individuals familiar with the matter. "This is looking very, very bad," said one person. SolarWinds products are used by more than 300,000 organizations across the world. They include all five branches of the U.S. military, the Pentagon, State Department, Justice Department, NASA, the Executive Office of the President and the National Security Agency, the world's top electronic spy agency, according to the firm's website. SolarWinds is also used by the top 10 U.S. telecommunications companies...

APT29 compromised the SolarWinds server that sends updates so that any time a customer checks in to request an update, the Russians could hitch a ride on that update to get into a victim's system, according to a person familiar with the matter. "Monday may be a bad day for lots of security teams," tweeted Dmitri Alperovitch, a cybersecurity expert and founder of the Silverado Policy Accelerator think tank.

Reuters described the breach as "so serious it led to a National Security Council meeting at the White House."
Education

U.S. Schools are Buying Phone-Hacking Tech That the FBI Uses to Investigate Terrorists (gizmodo.com) 115

Pig Hogger (Slashdot reader #10,379) writes: Everywhere, every day, thousands of phones are plugged-into forensic tools that will pull out everything a phone has to offer an investigator. The thing is, investigators are not always working for police departments, but for school districts, who have been increasinly buying various phone hacking tools.
Gizmodo writes: Public documents reviewed by Gizmodo indicate that school districts have been quietly purchasing these surveillance tools of their own for years... Known as mobile device forensic tools (MDFTs), this type of tech is able to siphon text messages, photos, and application data from student's devices. Together, the districts encompass hundreds of schools, potentially exposing hundreds of thousands of students to invasive cell phone searches.

While companies like Cellebrite have partnered with federal and local police for years, that the controversial equipment is also available for school district employees to search students' personal devices has gone relatively unnoticed — and serves as a frightening reminder of how technology originally developed for use by the military or intelligence services, ranging from blast-armored trucks designed for use in war zones to invasive surveillance tools, keeps trickling down to domestic police and even the institutions where our kids go to learn. "Cellebrites and Stingrays started out in the provenance of the U.S. military or federal law enforcement, and then made their way into state and local law enforcement, and also eventually make their way into the hands of criminals or petty tyrants like school administrators," Cooper Quentin, senior staff technologist at the Electronic Frontier Foundation, said in a video interview. "This is the inevitable trajectory of any sort of surveillance technology or any sort of weapon...."

Gizmodo analyzed a random sample of 5,000 public school or school district websites across the United States and found that eight district websites mention Cellebrite or another MDFT technology. Because our sample is a relatively small portion of the total number of high schools in the United States — and the ones that stood out did so because they published the purchases as line items in public budget reports — many other school districts may have access to this technology. The Los Angeles Unified School District, the second-largest school district in the country with over 630,000 students enrolled in over 1,000 institutions in the 2018-2019 school year, has a Cellebrite device it says is used by a team that investigates complaints of employee misconduct against students...

Ultimately, Gizmodo's investigation turned up more questions than answers about why school districts have sought these devices and how they use them. Who is subject to these searches, and who is carrying them out? How many students have had their devices searched and what were the circumstances? Were students or their parents ever asked to give any kind of meaningful consent, or even notified of the phone searches in the first place? What is done with the data afterward? Can officials retain it for use in future investigations?

Most of the school districts did not respond to our inquiries.

The Military

French Army Gets Ethical Go-Ahead For Bionic Soldiers (cnn.com) 121

The French armed forces now have permission to develop "augmented soldiers" following a report from a military ethics committee. CNN reports: The report, released to the public on Tuesday, considers medical treatments, prosthetics and implants that improve "physical, cognitive, perceptive and psychological capacities," and could allow for location tracking or connectivity with weapons systems and other soldiers. Other possible interventions considered by the armed forces ethics committee include medical treatments to prevent pain, stress and fatigue, and substances that would improve mental resilience if a soldier were taken prisoner.

The committee said that France needs to maintain "operational superiority of its armed forces in a challenging strategic context" while respecting the rules governing the military, humanitarian law and the "fundamental values of our society." As a result, it has forbidden any modification that would affect a soldier's ability to manage the use of force or affect their sense of "humanity." Further examples of banned modifications include cognitive implants that would affect the exercise of a soldier's free will, or changes that would affect their reintegration into civilian life.

The Military

France To Build New Nuclear-Powered Aircraft Carrier (apnews.com) 244

France will build a new, nuclear-powered aircraft carrier to replace its Charles de Gaulle carrier by 2038, French President Emmanuel Macron announced Tuesday. The Associated Press reports: Macron framed the decision to use nuclear reactors to propel the future warship as part of France's climate strategy, stressing its lower emissions compared to diesel fuel. Speaking at a nuclear facility in the Burgundy town of Le Creusot, he called France's nuclear weapons and atomic energy industry "the cornerstone of our strategic autonomy," and said the nuclear sector plays a role in France's "status as a great power." One of his advisers noted that having an aircraft carrier also helps France project its global influence. Only a few countries in the world maintain the huge, costly vessels.

The new French aircraft carrier will be about 70,000 tons and 300 meters long, roughly 1.5 times the size of the Charles de Gaulle, which has been deployed for international military operations in Iraq and Syria in recent years, according to French presidential advisers. Its catapults will be electro-magnetic, and American-made, and the ship will be designed to accommodate next-generation warplanes and serve until around 2080, the advisers said. They didn't provide a price tag but French media estimate it will cost around 7 billion euros ($8.5 billion).

News

Divers Discover Nazi WW2 Enigma Machine in Baltic Sea (reuters.com) 48

German divers searching the Baltic Sea for discarded fishing nets have stumbled upon a rare Enigma cipher machine used by the Nazi military during World War Two which they believe was thrown overboard from a scuttled submarine. From a report: Thinking they had discovered a typewriter entangled in a net on the seabed of Gelting Bay, underwater archaeologist Florian Huber quickly realised the historical significance of the find. "I've made many exciting and strange discoveries in the past 20 years. But I never dreamt that we would one day find one of the legendary Enigma machines," said Huber. The Nazi military used the machines to send and receive secret messages during World War Two but British cryptographers cracked the code, helping the Allies gain an advantage in the naval struggle to control the Atlantic. At Bletchley Park codebreaking centre, a British team led by Alan Turing is credited with unravelling the code, shortening the war and saving many thousands of lives.
Government

Trump To Congress: Repeal Section 230 Or I'll Veto Military Funding (arstechnica.com) 511

An anonymous reader quotes a report from Ars Technica: President Donald Trump has long been an outspoken foe of big technology companies. And in recent months, he has focused his ire on Section 230, a provision of the 1996 Communications Decency Act that shields online platforms from liability for content posted by their users. In May, Trump called on the Federal Communications Commission to reinterpret the law -- though it's not clear the agency has the power to do that. Since then, he has tweeted about the issue incessantly. On Tuesday evening, Trump ratcheted up his campaign against Section 230. In a tweet, he called the law "a serious threat to our National Security & Election Integrity." He warned that "if the very dangerous & unfair Section 230 is not completely terminated as part of the National Defense Authorization Act (NDAA), I will be forced to unequivocally VETO the Bill."

The NDAA is a massive spending bill that Congress passes each year to authorize funding for the military. This year's version, now under active discussion on Capitol Hill, is expected to cost around $740 billion. The NDAA is seen as a "must pass" bill because no one wants to be blamed for holding up funding for the troops. So inserting language into it can be a way to pass proposals that might not stand on their own. But there's also a risk of a backlash -- especially if a measure is seen as unrelated to the military. This may be why Trump has started claiming that Section 230 is a "threat to our national security," since that would theoretically make it germane to a defense funding bill. Trump's campaign to repeal Section 230 appears to go beyond mere tweets. The White House is reportedly telling members of Congress the same thing in private that the president is telling his 88 million Twitter followers: that he will veto the NDAA if it doesn't repeal or at least overhaul Section 230.

Australia

Australia Demands Apology From China After Fake Image of Soldier Posted On Social Media (theglobeandmail.com) 145

hackingbear writes: Australian Prime Minister Scott Morrison demanded an apology after a senior Chinese official posted a "fake image" of an Australian soldier holding a knife with blood on it to the throat of an Afghan child, calling it "truly repugnant" and demanding it be taken down. The Australian government has asked Twitter to remove the image, posted on Monday by China's foreign ministry spokesman Zhao Lijian on his official Twitter account, Morrison said. "It is utterly outrageous and cannot be justified on any basis," Morrison said. "The Chinese government should be utterly ashamed of this post. It diminishes them in the world's eyes."

The image is actually an art work, originally posted on Weibo by online artist Wuhe Qilin, based on the recently uncovered war crimes committed by Australian special forces in the Afghan War. On Friday, Australia has told 13 special forces soldiers they face dismissal in relation to an independent report on alleged unlawful killings in Afghanistan, the head of the country's army said on Friday. "It is the Australian government who should feel ashamed for their soldiers killing innocent Afghan civilians," said Hua Chunying, China's foreign ministry spokeswoman, when asked about Morrison's comments. Wuhe Qilin praised Zhao's re-posting [translation: "Deputy Zhao's strong. Go for it!"] of his work.

Social Networks

Conspiracy Theorists Who'd First Popularized QAnon Now Accused of Financial Motives (nbcnews.com) 152

QAnon "was first championed by a handful of people who worked together to stir discussion of the 'Q' posts, eventually pushing the theory on to bigger platforms and gaining followers — a strategy that proved to be the key to Qanon's spread and the originators' financial gain..." reports NBC News, in an article shared by long-time Slashdot reader AmiMoJo .

"NBC News has found that the theory can be traced back to three people who sparked some of the first conversation about Qanon and, in doing so, attracted followers who they then asked to help fund Qanon 'research.'" In November 2017, a small-time YouTube video creator and two moderators of the 4chan website, one of the most extreme message boards on the internet, banded together and plucked out of obscurity an anonymous and cryptic post from the many conspiracy theories that populated the website's message board. Over the next several months, they would create videos, a Reddit community, a business and an entire mythology based off the 4chan posts of "Q," the pseudonym of a person claiming to be a high-ranking military officer. The theory they espoused would become Qanon, and it would eventually make its way from those message boards to national media stories and the rallies of President Donald Trump.

Now, the people behind that effort are at the center of a fractious debate among conspiracy enthusiasts, some of whom believe the three people who first popularized the Qanon theory are promoting it in order to make a living. Others suggest that these original followers actually wrote Q's mysterious posts...

Qanon was just another unremarkable part of the "anon" genre until November 2017, when two moderators of the 4chan board where Q posted predictions, who went by the usernames Pamphlet Anon [real name: Coleman Rogers] and BaruchtheScribe, reached out to Tracy Diaz, according to Diaz's blogs and YouTube videos. BaruchtheScribe, in reality a self-identified web programmer from South Africa named Paul Furber, confirmed that account to NBC News. "A bunch of us decided that the message needed to go wider so we contacted Youtubers who had been commenting on the Q drops," Furber said in an email... As Diaz tells it in a blog post detailing her role in the early days of Qanon, she banded together with the two moderators. Their goal, according to Diaz, was to build a following for Qanon — which would mean bigger followings for them as well... Diaz followed with dozens more Q-themed videos, each containing a call for viewers to donate through links to her Patreon and PayPal accounts. Diaz's YouTube channel now boasts more than 90,000 subscribers and her videos have been watched over 8 million times. More than 97,000 people follow her on Twitter.

Diaz, who emerged from bankruptcy in 2009, says in her YouTube videos that she now relies on donations from patrons funding her YouTube "research" as her sole source of income. Diaz declined to comment on this story. "Because I cover Q, I got an audience," Diaz acknowledged in a video that NBC News reviewed last week before she deleted it.

To reach a more mainstream audience (older people and "normies," who on their own would have trouble navigating the fringe message boards), Diaz said in her blog post she recommended they move to the more user-friendly Reddit. Archives listing the three as the original posters and moderators show they created a new Reddit community... Their move to Reddit was key to Qanon's eventual spread. There, they were able to tap into a larger audience of conspiracy theorists, and drive discussion with their analysis of each Q post. From there, Qanon crept to Facebook where it found a new, older audience via dozens of public and private groups...

As Qanon picked up steam, growing skepticism over the motives of Diaz, Rogers, and the other early Qanon supporters led some in the internet's conspiracy circles to turn their paranoia on the group. Recently, some Qanon followers have accused Diaz and Rogers of profiting from the movement by soliciting donations from their followers. Other pro-Trump online groups have questioned the roles that Diaz and Rogers have played in promoting Q, pointing to a series of slip-ups that they say show Rogers and Diaz may have been involved in the theory from the start.

Those accusations have led Diaz and Rogers to both deny that they are Q and say they don't know who Q is.

Science

Culled Mink Rise From the Dead To Denmark's Horror (theguardian.com) 108

Dead mink are rising from their graves in Denmark after a rushed cull over fears of a coronavirus mutation led to thousands being slaughtered and buried in shallow pits -- from which some are now emerging. From a report: "As the bodies decay, gases can be formed," Thomas Kristensen, a national police spokesman, told the state broadcaster DR. "This causes the whole thing to expand a little. In this way, in the worst cases, the mink get pushed out of the ground." Police in West Jutland, where several thousand mink were buried in a mass grave on a military training field, have tried to counter the macabre phenomenon by shovelling extra soil on top of the corpses, which are in a 1 metre-deep trench. "This is a natural process," Kristensen said. "Unfortunately, one metre of soil is not just one metre of soil -- it depends on what type of soil it is. The problem is that the sandy soil in West Jutland is too light. So we have had to lay more soil on top." Adding to the popular concern, local media reported that the animals may also have been buried too close to lakes and underground water reserves, prompting fears of possible contamination of ground and drinking water supplies.
Businesses

Foxconn Plant Championed By Trump Lands Google Server Contract (bloomberg.com) 65

Foxconn plans to assemble key components for Google servers from its plant in Wisconsin, people familiar with the matter said, finally breathing life into a factory Donald Trump hailed as crucial to bringing manufacturing back to the U.S. Bloomberg reports: The Taiwanese company has decided to locate production for this new contract at the existing complex rather than make the components at home or in China, the people said, asking not to be identified discussing a sensitive move. The under-utilized factory should start mass production in the first quarter, timed with the release of Intel Corp.'s Ice Lake server chips, they said. Foxconn is setting up surface-mount technology assembly lines that it will use to place semiconductors onto circuit boards, they added. A Foxconn representative confirmed it's developing data center infrastructure and high-performance computing "capabilities" in Wisconsin, but declined to name any customers.

Taiwan counts Washington as an essential diplomatic, economic and military ally amid rising tensions with Beijing. Foxconn, which operates most of its factories in central and southern China, won Google's business because it was the only contract manufacturer capable of establishing a surface-mount technology line on American soil, one of the people said. Shanghai-listed Foxconn Industrial Internet Co., its cloud business unit, will oversee the server business in Wisconsin, another person familiar with Foxconn's operations said.

The Military

In Historic Test, US Navy Shoots Down an Intercontinental Ballastic Missile (popularmechanics.com) 175

"In a historic test, a U.S. Navy guided missile destroyer shot down an intercontinental ballistic missile (ICBM) warhead aimed at a patch of ocean off the Hawaiian Islands," reports Popular Mechanics: Once the missile launched, a network of sensors picked it up. The data was then handed off to the guided missile destroyer USS John Finn, which launched a SM-3 Block IIA interceptor. Just as the ICBM released a [simulated] nuclear warhead, the SM-3 released an Exoatmospheric Kill Vehicle (EKV) designed to smash itself into the incoming warhead. Infrared cameras recorded a visible explosion as the EKV took out the simulated nuclear warhead.

Most types of ballistic missiles are basically small payload space rockets designed to boost nuclear warheads into low-Earth orbit. Once in space, the warhead coasts through orbit at several thousand miles per hour — the so-called midcourse phase when the warhead is midway between its launch point and target. The warhead then de-orbits into a trajectory that sends it plunging toward its target.

Meanwhile, space-based infrared sensors pick up the hot launch plume of the ballistic missile. A launch alert is passed on to ground-based long range radars, which search the skies for the incoming threat. As the missile falls away and the warhead continues on to its target, missile defense radars track the target, plot its trajectory, and alert any "shooters" in the flight path capable of shooting down the warhead. The shooter then launches an interceptor, and the EKV steers itself into the warhead path...

The article includes video of the test, and concludes that the ability to shoot down missiles is "terrible news for China" — while adding this "could very well cause Beijing to increase its nuclear arsenal."
Government

FAA Chief '100% Confident' of 737 MAX Safety As Flights To Resume (yahoo.com) 170

Hmmmmmm shares a report: U.S. Federal Aviation Administration (FAA) chief Steve Dickson is "100% confident" in the safety of the Boeing 737 MAX but says the airplane maker has more to do as it works to improve its safety culture. Dickson on Wednesday signed an order to allow the best-selling plane to resume flights after it was grounded worldwide in March 2019 following two crashes that killed 346 people and led to Boeing's biggest crisis in decades. The order will end the longest grounding in commercial aviation history and paves the way for Boeing to resume U.S. deliveries and commercial flights by the end of the year. "We've done everything humanly possible to make sure" these types of crashes do not happen again," FAA Administrator Dickson told Reuters in a 30-minute telephone interview, adding the design changes "have eliminated what caused these particular accidents." The FAA is requiring new training to deal with a key safety system called MCAS that is faulted for the two fatal crashes as well as significant new safeguards and other software changes. "I feel 100% confident," said Dickson, a former airline and military pilot, who took over as FAA administration in August 2019 and took the controls for a 737 MAX test flight in September. In a video message released on Wednesday, he said that the 20-month review was "long and grueling, but we said from the start that we would take the time necessary to get this right." Dickson said he emphasized to Boeing the importance of safety. "I understand they have a business to run but they don't have anything if they don't have a safe product," Dickson said. Dickson suggested Boeing has more to do to improve safety.
Privacy

How the US Military Buys Location Data from Ordinary Apps (vice.com) 40

Joseph Cox, reporting for Motherboard at Vice: The U.S. military is buying the granular movement data of people around the world, harvested from innocuous-seeming apps, Motherboard has learned. The most popular app among a group Motherboard analyzed connected to this sort of data sale is a Muslim prayer and Quran app that has more than 98 million downloads worldwide. Others include a Muslim dating app, a popular Craigslist app, an app for following storms, and a "level" app that can be used to help, for example, install shelves in a bedroom. Through public records, interviews with developers, and technical analysis, Motherboard uncovered two separate, parallel data streams that the U.S. military uses, or has used, to obtain location data. One relies on a company called Babel Street, which creates a product called Locate X. U.S. Special Operations Command (USSOCOM), a branch of the military tasked with counterterrorism, counterinsurgency, and special reconnaissance, bought access to Locate X to assist on overseas special forces operations. The other stream is through a company called X-Mode, which obtains location data directly from apps, then sells that data to contractors, and by extension, the military.

The news highlights the opaque location data industry and the fact that the U.S. military, which has infamously used other location data to target drone strikes, is purchasing access to sensitive data. Many of the users of apps involved in the data supply chain are Muslim, which is notable considering that the United States has waged a decades-long war on predominantly Muslim terror groups in the Middle East, and has killed hundreds of thousands of civilians during its military operations in Pakistan, Afghanistan, and Iraq. Motherboard does not know of any specific operations in which this type of app-based location data has been used by the U.S. military. The apps sending data to X-Mode include Muslim Pro, an app that reminds users when to pray and what direction Mecca is in relation to the user's current location. The app has been downloaded over 50 million times on Android according to the Google Play Store, and over 98 million in total across other platforms including iOS, according to Muslim Pro's website.

Privacy

Your Computer Isn't Yours (sneak.berlin) 345

Security researcher Jeffrey Paul, writes in a blog post: On modern versions of macOS, you simply can't power on your computer, launch a text editor or eBook reader, and write or read, without a log of your activity being transmitted and stored. It turns out that in the current version of the macOS, the OS sends to Apple a hash (unique identifier) of each and every program you run, when you run it. Lots of people didn't realize this, because it's silent and invisible and it fails instantly and gracefully when you're offline, but today the server got really slow and it didn't hit the fail-fast code path, and everyone's apps failed to open if they were connected to the internet. Because it does this using the internet, the server sees your IP, of course, and knows what time the request came in. An IP address allows for coarse, city-level and ISP-level geolocation, and allows for a table that has the following headings: Date, Time, Computer, ISP, City, State, Application Hash; Apple (or anyone else) can, of course, calculate these hashes for common programs: everything in the App Store, the Creative Cloud, Tor Browser, cracking or reverse engineering tools, whatever.

This means that Apple knows when you're at home. When you're at work. What apps you open there, and how often. They know when you open Premiere over at a friend's house on their Wi-Fi, and they know when you open Tor Browser in a hotel on a trip to another city. "Who cares?" I hear you asking. Well, it's not just Apple. This information doesn't stay with them: These OCSP requests are transmitted unencrypted. Everyone who can see the network can see these, including your ISP and anyone who has tapped their cables. These requests go to a third-party CDN run by another company, Akamai. Since October of 2012, Apple is a partner in the US military intelligence community's PRISM spying program, which grants the US federal police and military unfettered access to this data without a warrant, any time they ask for it. In the first half of 2019 they did this over 18,000 times, and another 17,500+ times in the second half of 2019.

This data amounts to a tremendous trove of data about your life and habits, and allows someone possessing all of it to identify your movement and activity patterns. For some people, this can even pose a physical danger to them. Now, it's been possible up until today to block this sort of stuff on your Mac using a program called Little Snitch (really, the only thing keeping me using macOS at this point). In the default configuration, it blanket allows all of this computer-to-Apple communication, but you can disable those default rules and go on to approve or deny each of these connections, and your computer will continue to work fine without snitching on you to Apple. The version of macOS that was released today, 11.0, also known as Big Sur, has new APIs that prevent Little Snitch from working the same way. The new APIs don't permit Little Snitch to inspect or block any OS level processes. Additionally, the new rules in macOS 11 even hobble VPNs so that Apple apps will simply bypass them.

United Kingdom

As UK Military Begins Mass Coronavirus Testing, Head of Armed Forces Ponders Robot Soldiers (sky.com) 47

Remembrance Sunday is the day of commemoration for British and Commonwealth servicemen, and the head of the British Armed Forces marked the occasion with a special interview on Sky News.

And he shared a thoughtful answer when asked whether the army might try to recruit fewer soldiers. "[W]hat I'm hinting at is that we need to be thinking about how we measure effects in a different way. I mean I suspect we can have an army of 120,000 of which 30,000 might be robots, who knows. But the answer is we need to open our minds to perhaps numbers not determining what we should be doing but rather the effect that we can achieve, is really what we should be looking for."

The armed forces are playing a key role in the government's response to the pandemic, with some 2,000 personnel deployed to Liverpool to help with a mass coronavirus testing programme for the city. "I suspect if that works successfully we might find there are other areas where we need to help in a similar sort of fashion," General Carter said. He said using the military to take over the entire coronavirus testing programme was an option but added that he had confidence in the current set-up at the moment.

The Guardian focused on the robots: Thirty thousand "robot soldiers" could form an integral part of the British army in the 2030s, working alongside humans in and around the frontline, the head of the armed forces said in a television interview on Sunday...

All Britain's armed forces have been engaged in a string of research projects involving small drones or remotely powered land or underwater vehicles, some of which are armed and others for reconnaissance. The Ministry of Defence says its policy is that only humans will be able to fire weapons, although there is growing concern about the potential danger of unrestricted robot warfare, led by the Campaign to Stop Killer Robots.

Technology under development includes the i9 drone, which is powered by six rotors and carries two shotguns. Remotely operated, it is intended to be used to storm buildings, typically an urban warfare situation that generates some of the highest casualties.

Earth

A Biden Victory Positions America For a 180-Degree Turn On Climate Change (seattletimes.com) 251

"Joe Biden, the projected winner of the U.S. presidency, will move to restore dozens of environmental safeguards President Donald Trump abolished," reports the Washington Post, "and launch the boldest climate change plan of any president in history."

destinyland shares their report: While some of Biden's most sweeping programs will encounter stiff resistance from Senate Republicans and conservative attorneys general, the United States is poised to make a 180-degree turn on climate change and conservation policy. Biden's team already has plans on how it will restrict oil and gas drilling on public lands and waters; ratchet up federal mileage standards for cars and SUVs; block pipelines that transport fossil fuels across the country; provide federal incentives to develop renewable power; and mobilize other nations to make deeper cuts in their own carbon emissions... Biden has vowed to eliminate carbon emissions from the electric sector by 2035 and spend $2 trillion on investments ranging from weatherizing homes to developing a nationwide network of charging stations for electric vehicles.

That massive investment plan stands a chance only if his party wins two Senate runoff races in Georgia in January; otherwise, he would have to rely on a combination of executive actions and more-modest congressional deals to advance his agenda.

Still, a number of factors make it easier to enact more-ambitious climate policies than even four years ago. Roughly 10% of the globe has warmed by 2 degrees Celsius (3.6 degrees Fahrenheit), a temperature rise the world has pledged to avoid. The price of solar and wind power has dropped, the coal industry has shrunk, and Americans increasingly connect the disasters they're experiencing in real time — including more-intense wildfires, hurricanes and droughts — with global warming. Biden has made the argument that curbing carbon will produce high-paying jobs while protecting the planet...

Some of the new administration's rules could be challenged in federal court, which have a number of Trump appointees on the bench. But even some conservative activists said that Biden could enact enduring policies, whether by partnering with Congress or through regulation... The new administration may be able to broker compromises with key industries that have experienced regulatory whiplash in the past decade, including the auto industry and power sector, while offering tax breaks for renewable energy that remain popular with both parties. And Biden can rebuild diplomatic alliances that will spur foreign countries to pursue more-ambitious carbon reductions...

Biden's advisers have said that they plan to elevate climate change as a priority in departments that have not always treated it as one, including the Transportation, State and Treasury departments. It will influence key appointments, affecting everything from overseas banking and military bases to domestic roads and farms.... Biden's pledge to achieve a carbon-free U.S. power sector within 15 years would mean the closing or revamping of nearly every coal- and gas-fired power plant around the country, and the construction of an unprecedented number of new wind turbines and solar farms. On top of that, engineers still need to devise a better way of storing energy when the sun is not shining or the wind is not blowing.

"If I were advising Biden on energy, my first three priorities would be storage, storage and storage," said Sen. Angus King, I-Maine, who worked in the alternative energy businesses before running for office.

Social Networks

A Nameless Hiker and the Case the Internet Can't Crack (wired.com) 93

The man on the trail went by "Mostly Harmless." He was friendly and said he worked in tech. After he died in his tent, no one could figure out who he was. Wired: It's usually easy to to put a name to a corpse. There's an ID or a credit card. There's been a missing persons report in the area. There's a DNA match. But the investigators in Collier County couldn't find a thing. Mostly Harmless' fingerprints didn't show up in any law enforcement database. He hadn't served in the military, and his fingerprints didn't match those of anyone else on file. His DNA didn't match any in the Department of Justice's missing person database or in CODIS, the national DNA database run by the FBI. A picture of his face didn't turn up anything in a facial recognition database. The body had no distinguishing tattoos.

Nor could investigators understand how or why he died. There were no indications of foul play, and he had more than $3,500 cash in the tent. He had food nearby, but he was hollowed out, weighing just 83 pounds on a 5'8" frame. Investigators put his age in the vague range between 35 and 50, and they couldn't point to any abnormalities. The only substances he tested positive for were ibuprofen and an antihistamine. His cause of death, according to the autopsy report, was "undetermined." He had, in some sense, just wasted away. But why hadn't he tried to find help? Almost immediately, people compared Mostly Harmless to Chris McCandless, whose story was the subject of Into the Wild. McCandless, though, had been stranded in the Alaska bush, trapped by a raging river as he ran out of food. He died on a school bus, starving, desperate for help, 22 miles of wilderness separating him from a road. Mostly Harmless was just 5 miles from a major highway. He left no note, and there was no evidence that he had spent his last days calling out for help.

The investigators were stumped. To find out what had happened, they needed to learn who he was. So the Florida Department of Law Enforcement drew up an image of Mostly Harmless, and the Collier County investigators shared it with the public. In the sketch, his mouth is open wide, and his eyes too. He has a gray and black beard, with a bare patch of skin right below the mouth. His teeth, as noted in the autopsy, are perfect, suggesting he had good dental care as a child. He looks startled but also oddly pleased, as if he's just seen a clown jump out from behind a curtain. The image started to circulate online along with other pictures from his campsite, including his tent and his hiking poles.

United States

The US Military Has Experienced 55,443 COVID-19 Cases - Including Vice Chief of Space Force (upi.com) 45

UPI reports: Space Force's vice chief of space operations tested positive for COVID-19 Wednesday, Space Force announced.

According to a press release issued jointly by the Space Force and the Air Force, Gen. David D. Thompson took a test for the virus after learning that a close family member had tested positive. Air Force spokeswoman Ann Stefanek said Thompson has not shown symptoms of COVID-19 so far and was on leave last week, but returned to the Pentagon for work on Monday and Tuesday to address a virtual symposium for the National Defense Industrial Association and Texas A&M University. He is now self-isolating and working from home...

As of Thursday morning a total of 55,443 COVID-19 cases had been reported in the [U.S.] military since the beginning of the pandemic, with 8,839 of those reported among Air Force personnel.

Slashdot Top Deals