Amazon must decide soon if it will protest the Pentagon's awarding of a $10 billion cloud computing contract to rival Microsoft, with one possible grievance being the unusual attention given the project by President Donald Trump. From a report: Amazon was long thought to be the front-runner in the competition for the huge military contract. Its Amazon Web Services division is far ahead of second-place Microsoft in cloud computing, and Amazon has experience handling highly classified government data. It survived earlier legal challenges after the Defense Department eliminated rival bidders Oracle and IBM and whittled the competition down to the two Seattle area tech giants before choosing Microsoft last week. And what else distinguishes the losing bidder? Amazon and its CEO Jeff Bezos, who also owns The Washington Post, have been frequent targets of Trump's criticism. The Pentagon was preparing to make its final decision when Trump publicly waded into the fray in July, saying he had heard complaints about the process and that the administration would "take a very long look." He said other companies told him that the contract "wasn't competitively bid." Oracle, in particular, had argued that Pentagon officials unfairly favored Amazon for the winner-take-all contract.

The skies of Syria, Yemen, and Libya swarm with armed and dangerous unmanned aerial vehicles. And the technology is spreading farther and farther afield. From a report: Three decades ago, drones were available to only the most technologically developed state military organizations. Today they're everywhere, being used by weaker states and small military forces, as well as many non-state actors, including Islamic State and al-Qaeda. "We're seeing a cycle of technological innovation regarding the use of drones and associated systems, and that cycle of techno-tactical adaptation and counter-adaptation will only hasten going forward," says Raphael Marcus, a research fellow in the department of war studies at King's College London.

The diffusion of such technology is leveling the playing field, says Marcus, author of Israel's Long War With Hezbollah: Military Innovation and Adaptation Under Fire. He says that because armies no longer have the monopoly on the use of drones, surveillance technology, precision capabilities, and long-range missiles, other actors in the region are able to impose their will on the international stage. "The parameters have changed," he says. That's already leading to greater instability. For example, Hezbollah's thwarted drone strike in August and increasingly sophisticated and more frequent drone attacks by Hamas raise the risk of another war with Israel; meanwhile, Yemen's Houthi rebels made an impact on the global price of oil with a strike on Saudi Arabia, using 25 drones and missiles.

The Defense Innovation Board, a panel of 16 prominent technologists advising the Pentagon, today voted to approve AI ethics principles for the Department of Defense. From a news article: The report includes 12 recommendations for how the U.S. military can apply ethics in the future for both combat and non-combat AI systems. The principles are broken into five main principles: responsible, equitable, traceable, reliable, and governable. The principles state that humans should remain responsible for "developments, deployments, use and outcomes," and AI systems used by the military should be free of bias that can lead to unintended human harm. AI deployed by the DoD should also be reliable, governable, and use "transparent and auditable methodologies, data sources, and design procedure and documentation." "You may see resonances of the word fairness in here [AI ethics principle document]. I will caution you that in many cases the Department of Defense should not be fair," DIB board member and Carnegie Mellon University VP of research Michael McQuade said today. "It should be a firm principle that ours is to not have unintended bias in our systems." Applied Inventions cofounder and computer theorist Danny Hillis and board members agreed to amend the draft document to say the governable principle should include "avoid unintended harm and disruption and for human disengagement of deployed systems." The report, Hillis said, should be explicit and unambiguous that AI systems used by the military should come with an off switch for a human to press in case things go wrong.

Senior government officials in multiple U.S.-allied countries were targeted earlier this year with hacking software that used Facebook's WhatsApp to take over users' phones, Reuters reported Thursday, citing people familiar with the messaging company's investigation. From a report: Sources familiar with WhatsApp's internal investigation into the breach said a "significant" portion of the known victims are high-profile government and military officials spread across at least 20 countries on five continents. The hacking of a wider group of top government officials' smartphones than previously reported suggests the WhatsApp cyber intrusion could have broad political and diplomatic consequences. WhatsApp filed a lawsuit on Tuesday against Israeli hacking tool developer NSO Group. The Facebook-owned software giant alleges that NSO Group built and sold a hacking platform that exploited a flaw in WhatsApp-owned servers to help clients hack into the cellphones of at least 1,400 users. While it is not clear who used the software to hack officials' phones, NSO says it sells its spyware exclusively to government customers.

A state-linked Chinese hacking group is using malware to steal SMS text messages from high-ranking military and government targets, according to cybersecurity company FireEye. From a report: The hacking technology, known as MESSAGETAP, "allows China to efficiently steal data from multitudes of sources from one location," Steven Stone, FireEye's director of advanced practices, said in a statement. "Espionage-related theft and intrusions have been long occurring, but what is new is the vast scale due to the use of this tool." The company's finding, released in a blog on Thursday, underscores the growing concerns about China's use of technology for espionage and the theft of intellectual property. Telecommunications pose a special concern, as the U.S. seeks to persuade its allies not to build their next-generation networks with tools from Chinese companies such as Huawei. But even in networks that China hasn't built, sophisticated hacking operations might allow access to data. In 2019 alone, FireEye observed eight attempts to target telecommunications entities by groups with suspected links to the Chinese government. Four of these hacking attempts were conducted by the group known as APT41 that is now using MESSAGETAP.

Microsoft said in a blog post today that it has tracked "significant" cyberattacks coming from a group it calls "Strontium" or "Fancy Bear," targeting anti-doping authorities and global sporting organizations. Reuters reports: The group, also called APT28, has been linked to the Russian government, Microsoft said in a blog post. At least 16 national and international sporting and anti-doping organizations across three continents were targeted in the attacks which began on Sept. 16, according to the company. The company said some of these attacks had been successful, but the majority had not. Microsoft has notified all customers targeted in these attacks.

Strontium, one of the world's oldest cyber espionage groups, has also been called Sofancy and Pawn Storm by a range of security firms and government officials. Security firm CrowdStrike has said the group may be associated with the Russian military intelligence agency GRU. Microsoft said Strontium reportedly released medical records and emails taken from sporting organizations and anti-doping officials in 2016 and 2018, resulting in an indictment in a federal court in the United States in 2018. Strontium's methods include spear-phishing, password spray, exploiting internet-connected devices and the use of both open-source and custom malware, it added.

"An unpiloted Air Force X-37B spaceplane, one of two winged orbiters used to carry out classified research, made a surprise landing at the Kennedy Space Center early Sunday to close out a record 780-day mission," reports CBS News: It was the fifth flight in the secretive Orbital Test Vehicle (OTV) program, pushing total time aloft to 2,865 days. "This program continues to push the envelope as the (Air Force's) only reusable space vehicle," Randy Walden, director of the Air Force's Rapid Capabilities Office, said in a statement. "With a successful landing today, the X-37B completed its longest flight to date and successfully completed all mission objectives."

The unpiloted orbiters, built by Boeing, are based on the same lifting body design used for the space shuttle and they fly a similar re-entry trajectory to a runway touchdown. The X-37B features a small 4-foot by 7-foot payload bay and uses a deployable solar array for power. The spacecraft are believed to fly as orbital test beds for advanced technology sensors and other systems but the program is classified, and the Air Force provides few details. Walden said the latest mission "successfully hosted Air Force Research Laboratory experiments, among others, as well as providing a ride for small satellites...."

The X-37B is one of only two operational spacecraft capable of multiple flights to and from orbit. SpaceX's unpiloted Dragon cargo ship also can be refurbished for additional flights... "This spacecraft is a key component of the space community," Lt. Col. Jonathan Keen, X-37B program manager, said in the Air Force statement. "This milestone demonstrates our commitment to conducting experiments for America's future space exploration. Congratulations to the X-37B team for a job well done."

Sparrowvsrevolution writes: In a lengthy article, Wired tells a newly detailed narrative of the cyberattack on the 2018 Winter Olympic games, which hit the Olympics network during the opening ceremony. The piece details how the malware used in that attack was designed to incorporate multiple sophisticated false flags, and how forensic analysts overcame those red herrings to eventually trace the attack to a specific unit of Russia's GRU military intelligence agency.
It's a good read. Wired calls it "perhaps the most deceptive hacking operation in history," but they finally get an answer from a 28-year-old former anarchist punk turned security researcher at the Reston, Virginia, office of the security and private intelligence firm FireEye. The tell-tale clue: the malware used "a certain common set of hacking tools called PowerShell Empire." He soon deduced that the source of that signal in the noise was a common tool used to create each one of the booby-trapped documents. It was an open source program, easily found online, called Malicious Macro Generator. Michael Matonis speculated that the hackers had chosen the program in order to blend in with a crowd of other malware authors, but it had ultimately had the opposite effect, setting them apart as a distinct set... When he looked at the command and control servers that the malware connected back to -- the strings that would control the puppetry of any successful infections -- all but a few of the IP addresses of those machines overlapped too...

Matonis began painstakingly checking every IP address his hackers had used as a command and control server in their campaign of malicious Word document phishing; he wanted to see what domains those IP addresses had hosted... At the end of his long chain of internet-address connections, Matonis had found a fingerprint that linked the Olympics attackers back to a hacking operation that directly targeted the 2016 US election. Not only had he solved the whodunit of Olympic Destroyer's origin, he'd gone further, showing that the culprit had been implicated in the most notorious hacking campaign ever to hit the American political system.

"First the first time, hundreds of watts of power were wirelessly transmitted hundreds of meters [video], with an integrated system that ensured the safety of operators and bystanders," writes an anonymous Slashdot reader -- sharing a new press release from the U.S. Naval Research Lab. "This could be the first step towards drones that never have to land..."

According to the Navy, the power transmitted came from "an electrical outlet in the building": On one end of the of the testing facility -- one of the largest test facilities for model ships in the world -- the receiver was converting the laser energy to DC power, which an inverter was turning into AC power to run lights, several laptops, and a coffeemaker that the organizers were using to make coffee for the attendees, or 'laser lattes'...

At NRL, Paul Jaffe, an electronics engineer with the U.S. Naval Research Laboratory has been conducting space-based solar energy research for more than a decade... According to Jaffe, power beaming could also make possible the transmission of power from solar-energy-collecting satellites in space to the ground, wherever it's needed... Imagine using it to send power to locations that are remote, hard to reach or lack infrastructure, he suggested.

An anonymous reader quotes a report from The Verge: The U.S. government has awarded a giant $10 billion cloud contract to Microsoft, the Department of Defense has confirmed. Known as Joint Enterprise Defense Infrastructure (JEDI), the contract will provide the Pentagon with cloud services for basic storage and power all the way up to artificial intelligence processing, machine learning, and the ability to process mission-critical workloads. It's a key contract for Microsoft as the company battles Amazon for cloud dominance, and for a while it was up in the air as to whether Microsoft or Amazon would win this particular one. IBM and Oracle were both eliminated for the bidding back in April, leaving just Microsoft and Amazon as the only companies that could meet the requirements. The contract has been controversial throughout the bidding process, and Oracle lost a legal challenge after it claimed the contract has conflicts of interest. The contract will last for 10 years and is likely to be resisted by employees, who have in the past have called on the company to drop its HoloLens U.S. Army contract and stop its work with ICE.

An anonymous reader quotes a report from Motherboard: According to a new U.S. Army report, Americans could face a horrifically grim future from climate change involving blackouts, disease, thirst, starvation and war. The study found that the U.S. military itself might also collapse. This could all happen over the next two decades, the report notes. The senior U.S. government officials who wrote the report are from several key agencies including the Army, Defense Intelligence Agency, and NASA. The study called on the Pentagon to urgently prepare for the possibility that domestic power, water, and food systems might collapse due to the impacts of climate change as we near mid-century. The report was commissioned by General Mark Milley, Trump's new chairman of the Joint Chiefs of Staff, making him the highest-ranking military officer in the country (the report also puts him at odds with Trump, who does not take climate change seriously.)

The report, titled Implications of Climate Change for the U.S. Army, was launched by the U.S. Army War College in partnership with NASA in May at the Wilson Center in Washington DC. The report was commissioned by Gen. Milley during his previous role as the Army's Chief of Staff. It was made publicly available in August via the Center for Climate and Security, but didn't get a lot of attention at the time. The two most prominent scenarios in the report focus on the risk of a collapse of the power grid within "the next 20 years," and the danger of disease epidemics. Both could be triggered by climate change in the near-term, it notes. The report also warns that the U.S. military should prepare for new foreign interventions in Syria-style conflicts, triggered due to climate-related impacts. Bangladesh in particular is highlighted as the most vulnerable country to climate collapse in the world. The report recommends the U.S. military should take advantage of the Arctic's hydrocarbon resources and new transit routes to repel Russian encroachment.

"But without urgent reforms, the report warns that the U.S. military itself could end up effectively collapsing as it tries to respond to climate collapse," adds Motherboard. "It could lose capacity to contain threats in the U.S. and could wilt into 'mission failure' abroad due to inadequate water supplies."

theodp writes: It'll be interesting to see how Microsoft employees wary of empowering the military react to Wednesday's news of an Intel and Microsoft-led alliance that aims to enlist an army of JROTC high school students to fight the war for CS talent, with support from U.S. lawmakers. From the press release: Today, at the 2019 CSforALL Summit, leaders representing CSforALL and Air Force Junior ROTC announced JROTC-CS, an innovative new initiative that could dramatically increase the number of U.S. high school students taking an Advanced Placement computer science course, particularly among underrepresented populations like minority and female students. This public-private partnership is supported by an Advisory Consortium of industry and education organizations including founding members Intel Corporation, Microsoft, Capital One, Lockheed Martin, Snap Inc., the Air Force Association's Cyberpatriot, and the College Board. More than 500,000 cadets at 3,400 high schools across the U.S. and abroad participate in JROTC programs administered by each of the military services. Only 32% of these cadets have access to Advanced Placement (AP) Computer Science Principles in their school, according to 2018-19 College Board data. The JROTC-CS initiative seeks to access this untapped human resource to address the national talent shortage in computing and cybersecurity and increase career opportunities for JROTC cadets, who are a highly diverse population — more than half are minority students and 40% are female. Additionally, JROTC is strongly represented in schools serving economically disadvantaged communities. [...] The JROTC-CS initiative is designed to complement the innovative, bi-partisan JROTC Cyber Training Act passed by the U.S. House of Representatives as part of the 2020 House National Defense Authorization Act (NDAA) on July 12.

An open database exposing records containing the sensitive data of hotel customers as well as US military personnel and officials has been disclosed by researchers. ZDNet reports: On Monday, vpnMentor's cybersecurity team, led by Noam Rotem and Ran Locar, said the database belonged to Autoclerk, a service owned by Best Western Hotels and Resorts group. Autoclerk is a reservations management system used by resorts to manage web bookings, revenue, loyalty programs, guest profiles, and payment processing.

In a report shared with ZDNet, the researchers said the open Elasticsearch database was discovered through vpnMentor's web mapping project. It was possible to access the database, given it had no encryption or security barriers whatsoever, and perform searches to examine the records contained within. The team says that "thousands" of individuals were impacted, although due to ethical reasons it was not possible to examine every record in the leaking database to come up with a specific number. Hundreds of thousands of booking reservations for guests were available to view and data including full names, dates of birth, home addresses, phone numbers, dates and travel costs, some check-in times and room numbers, and masked credit card details were also exposed. Some of the records were logs for U.S. Army generals visiting Russia and Israel, the report says. In total, the AWS-hosted database contained over 179GB of data.

Freshly Exhumed shares a report from Futurism: Canada's Hyperstealth Biotechnology already manufactures camouflage uniforms for militaries across the globe. But now, the company has patented a new "Quantum Stealth" material that disguises a military's soldiers -- or even its tanks, aircraft, and ships -- by making anything behind it seem invisible. Earlier in October, Hyperstealth filed a patent for the material, which doesn't require a power source and is both paper-thin and inexpensive -- all traits that could make it appealing for use on the battlefield. Alongside the news of the patent application, Hyperstealth released more than 100-minutes worth of footage describing and demonstrating the material.

Blink-182 singer Tom DeLonge's UFO research organization has signed an agreement with the U.S. Army in which it will help the military study and develop advanced materials for the purposes of develpoing "active camouflage, beamed energy propulsion, and quantum communication" for use on military vehicles. Motherboard reports: On October 17th, To the Stars joined forces with the Army's Combat Capabilities Development Command, a research and development body. While To the Stars has made recent headlines with its UFO themed content, such as its acquisition of "exotic" materials which it claims are not from Earth, and videos acquired from the Navy purporting to show unidentified anomalous phenomena, this recent deal with the military portrays a different side of To the Stars: as a potential technology company.

In recent months, DeLonge's organization has made a big deal out of obtaining those "exotic" metals that it believes may come from UFOs. Though the contract doesn't specifically mention the origin of any of those metals, it does say that To the Stars and the U.S. Army will use government labs to study "meta materials," which could refer to these alloys. "Government shall: Perform assessments, testing, and characterization of Collaborator-provided technologies. The Government is interested in a variety of the Collaborator's technologies, such as, but not limited to inertial mass reduction, mechanical/structural meta materials, electromagnetic meta material wave guides, quantum physics, quantum communications, and beamed energy propulsion," the contract states. The contract lasts for five years. The government isn't paying TTSA anything, rather, it is agreeing to collaborate with TTSA on researching new technologies and has committed to spend at least $750,000 on the research.

More than 40 of America's 50 states now use Amazon's technology infrastructure for their elections, according to this Reuters article shared by joeblog. And so do both of America's political parties:

While it does not handle voting on election day, AWS -- along with a broad network of partners -- now runs state and county election websites, stores voter registration rolls and ballot data, facilitates overseas voting by military personnel and helps provide live election-night results, according to company documents and interviews... Amazon pitches itself as a low-cost provider of secure election technology at a time when local officials and political campaigns are under intense pressure to prevent a repeat of 2016 presidential elections, which saw cyber-attacks on voting systems and election infrastructure....

Most security experts Reuters spoke to said that while Amazon's cloud is likely much harder to hack than systems it is replacing, putting data from many jurisdictions on a single system raises the prospect that a single major breach could prove damaging. "It makes Amazon a bigger target" for hackers, "and also increases the challenge of dealing with an insider attack," said Chris Vickery, director of cyber risk research at cybersecurity startup Upguard. A recent hack into Capital One Financial Corp's data stored on Amazon's cloud service was perpetrated by a former Amazon employee. The breach affected more than 100 million customers, underscoring how rogue employees or untrained workers can create security risks even if the underlying systems are secure...

Vickery uncovered at least three instances where voter data on Amazon's cloud servers was exposed to the internet, which have been reported previously. For example, in 2017, he found a Republican contractor's database for nearly every registered American voter hosted on AWS exposed on the internet for 12 days. In 2016, he found Mexico's entire voter database on AWS servers was leaked. Amazon said the breaches were caused by customer errors, adding that while AWS secures the cloud infrastructure, customers are responsible for security of what goes in the cloud.

Five years after CBS publicized the fact that the Air Force still used eight-inch floppy disks to store data critical to operating the Air Force's intercontinental ballistic missile command, the aerial and space warfare service branch decided it was time to officially retire them. Ars Technica reports: The system, once called the Strategic Air Command Digital Network (SACDIN), relied on IBM Series/1 computers installed by the Air Force at Minuteman II missile sites in the 1960s and 1970s. Despite the contention by the Air Force at the time of the 60 Minutes report that the archaic hardware offered a cybersecurity advantage, the service has completed an upgrade to what is now known as the Strategic Automated Command and Control System (SACCS), as Defense News reports. SAACS is an upgrade that swaps the floppy disk system for what Lt. Col. Jason Rossi, commander of the Air Force's 595th Strategic Communications Squadron, described as a "highly secure solid state digital storage solution." The floppy drives were fully retired in June.

But the IBM Series/1 computers remain, in part because of their reliability and security. And it's not clear whether other upgrades to "modernize" the system have been completed. Air Force officials have acknowledged network upgrades that have enhanced the speed and capacity of SACCS' communications systems, and a Government Accountability Office report in 2016 noted that the Air Force planned to "update its data storage solutions, port expansion processors, portable terminals, and desktop terminals by the end of fiscal year 2017." But it's not clear how much of that has been completed.

Current machine learning models aren't yet up to the task of distinguishing false news reports, two new papers by MIT researchers show. From a report: After different researchers showed that computers can convincingly generate made-up news stories without much human oversight, some experts hoped that the same machine-learning-based systems could be trained to detect such stories. But MIT doctoral student Tal Schuster's studies show that, while machines are great at detecting machine-generated text, they can't identify whether stories are true or false. Many automated fact-checking systems are trained using a database of true statements called Fact Extraction and Verification (FEVER). In one study, Schuster and team showed that machine learning-taught fact-checking systems struggled to handle negative statements ("Greg never said his car wasn't blue") even when they would know the positive statement was true ("Greg says his car is blue"). The problem, say the researchers, is that the database is filled with human bias. The people who created FEVER tended to write their false entries as negative statements and their true statements as positive statements -- so the computers learned to rate sentences with negative statements as false. That means the systems were solving a much easier problem than detecting fake news.

CNN has a story about a Chinese prototype helicopter that looks like a UFO. Slashdot reader ClickOnThis shares the report: China has been unveiling a lot of new weaponry lately, but one of their latest reveals looks really, well, out of this world. Called the "Super Great White Shark" by Chinese media, the aircraft conjures up images of 1950s sci-fi movies more than 21st century technology. But China says the "armed helicopter" was designed for the "future digital information battlefield." State-tabloid the Global Times published an image gallery of the aircraft, calling it a fusion of modern, proven helicopter designs -- such as the American AH-64 Apache and CH-53 Sea Stallion as well as the Russian Ka-52 and Mi-26 copters. It also has the blended-wing design employed by stealth aircraft, including the US B-2 bomber. [...] The prototype was displayed last week at the China Helicopter Exposition in Tianjin. It was a static display only. The aircraft is landbound -- at least for now.

The United States carried out a secret cyber operation against Iran in the wake of the Sept. 14 attacks on Saudi Arabia's oil facilities, which Washington and Riyadh blame on Tehran, two U.S. officials have told Reuters. From the report: The officials, who spoke on condition of anonymity, said the operation took place in late September and took aim at Tehran's ability to spread "propaganda." One of the officials said the strike affected physical hardware, but did not provide further details. The attack highlights how President Donald Trump's administration has been trying to counter what it sees as Iranian aggression without spiraling into a broader conflict.

Asked about Reuters reporting on Wednesday, Iran's Minister of Communications and Information Technology Mohammad Javad Azari-Jahromi said: "They must have dreamt it," Fars news agency reported. The U.S. strike appears more limited than other such operations against Iran this year after the downing of an American drone in June and an alleged attack by Iran's Revolutionary Guards on oil tankers in the Gulf in May. The United States, Saudi Arabia, Britain, France and Germany have publicly blamed the Sept. 14 attack on Iran, which denied involvement in the strike. The Iran-aligned Houthi militant group in Yemen claimed responsibility. Publicly, the Pentagon has responded by sending thousands of additional troops and equipment to bolster Saudi defenses -- the latest U.S. deployment to the region this year.