Encryption

Debunking Hype: China Hasn't Broken Military Encryption with Quantum (forbes.com) 43

An anonymous reader shared this report from Forbes: Recent headlines have proclaimed that Chinese scientists have hacked "military-grade encryption" using quantum computers, sparking concern and speculation about the future of cybersecurity. The claims, largely stemming from a recent South China Morning Post article about a Chinese academic paper published in May, was picked up by many more serious publications.

However, a closer examination reveals that while Chinese researchers have made incremental advances in quantum computing, the news reports are a huge overstatement. "Factoring a 50-bit number using a hybrid quantum-classical approach is a far cry from breaking 'military-grade encryption'," said Dr. Erik Garcell, Head of Technical Marketing at Classiq, a quantum algorithm design company. While advancements have indeed been made, the progress represents incremental steps rather than a paradigm-shifting breakthrough that renders current cryptographic systems obsolete. "This kind of overstatement does more harm than good," Dr. Garcell said. "Misrepresenting current capabilities as 'breaking military-grade encryption' is not just inaccurate — it's potentially damaging to the field's credibility...."

In fact, the Chinese paper in question, titled Quantum Annealing Public Key Cryptographic Attack Algorithm Based on D-Wave Advantage, does not mention military-grade encryption, which typically involves algorithms like the Advanced Encryption Standard (AES). Instead, the paper is about attacking RSA encryption (RSA stands for Rivest-Shamir-Adleman, named after its creators)... While factoring a 50-bit integer is an impressive technical achievement, it's important to note that RSA encryption commonly uses key sizes of 2048 bits or higher. The difficulty of factoring increases exponentially with the size of the number, meaning that the gap between 50-bit and 2048-bit integers is astronomically large.

Moreover, the methods used involve a hybrid approach that combines quantum annealing with classical computation. This means that the quantum annealer handles part of the problem, but significant processing is still performed by classical algorithms. The advances do not equate to a scalable method for breaking RSA encryption as it is used in practical applications today.

Duncan Jones, Head of Cybersecurity at Quantinuum, tells Forbes that if China had actually broken AES — they'd be keeping it secret (rather than publicizing it in newspapers).
Space

SpaceX Secures New Contracts Worth $733.5 Million For National Security Space Missions (spacenews.com) 39

An anonymous reader quotes a report from Space News: SpaceX has been awarded contracts for eight launches under the National Security Space Launch (NSSL) Phase 3 Lane 1 program, the U.S. Space Force's Space Systems Command announced Oct. 18. The contracts worth $733.5 million span seven missions for the Space Development Agency (SDA) and one for the National Reconnaissance Office (NRO) projected to launch in 2026. These are part of the NSSL Phase 3 procurement of launch services for U.S. defense and intelligence agencies.

The NSSL Phase 3 Lane 1 program is structured as an Indefinite Delivery, Indefinite Quantity (IDIQ) contract, a flexible procurement method often used in government contracting. The total value of the Lane 1 contract is estimated at $5.6 billion over five years, with Blue Origin, SpaceX, and United Launch Alliance (ULA) selected as the primary vendors to compete for individual task orders. The Space Development Agency is utilizing SpaceX's Falcon 9 rocket to launch small satellites into a low-Earth orbit (LEO) constellation, a network of satellites designed to enhance military communications and intelligence capabilities. SpaceX has already completed two successful launches for the Tranche 0 portion of SDA's constellation.

"The Phase 3 Lane 1 construct allows us to execute launch services more quickly for risk-tolerant payloads, putting more capabilities in orbit faster to support national security," said Brig. Gen. Kristin Panzenhagen, program executive officer for Assured Access to Space at the Space Force. Blue Origin's New Glenn rocket has yet to perform its first launch and will need to complete at least two successful flights to qualify for NSSL certification, while ULA's Vulcan Centaur, which has completed two flights, is still awaiting final certification for the program.

United States

The Pentagon Wants To Use AI To Create Deepfake Internet Users (theintercept.com) 83

schwit1 writes: The Department of Defense wants technology so it can fabricate online personas that are indistinguishable from real people.

The United States' secretive Special Operations Command is looking for companies to help create deepfake internet users so convincing that neither humans nor computers will be able to detect they are fake, according to a procurement document reviewed by The Intercept.

The plan, mentioned in a new 76-page wish list by the Department of Defense's Joint Special Operations Command, or JSOC, outlines advanced technologies desired for country's most elite, clandestine military efforts. "Special Operations Forces (SOF) are interested in technologies that can generate convincing online personas for use on social media platforms, social networking sites, and other online content," the entry reads.

Encryption

Chinese Scientists Report Using Quantum Computer To Hack Military-grade Encryption (thequantuminsider.com) 52

UPDATE: Forbes writes that China hasn't broken military encryption. While factoring a 50-bit integer is an impressive technical achievement, it's important to note that RSA encryption commonly uses key sizes of 2048 bits or higher. The difficulty of factoring increases exponentially with the size of the number, meaning that the gap between 50-bit and 2048-bit integers is astronomically large...

The advances do not equate to a scalable method for breaking RSA encryption as it is used in practical applications today."

Long-time Slashdot schwit1 originally wrote: Chinese scientists have mounted what they say is the world's first effective attack on a widely used encryption method using a quantum computer. The breakthrough poses a "real and substantial threat" to the long-standing password-protection mechanism employed across critical sectors, including banking and the military, according to the researchers.

Despite the slow progress in general-purpose quantum computing, which currently poses no threat to modern cryptography, scientists have been exploring various attack approaches on specialised quantum computers. In the latest work led by Wang Chao, of Shanghai University, the team said it used a quantum computer produced by Canada's D-Wave Systems to successfully breach cryptographic algorithms.

Using the D-Wave Advantage, they successfully attacked the Present, Gift-64 and Rectangle algorithms -- all representative of the SPN (Substitution-Permutation Network) structure, which forms part of the foundation for advanced encryption standard (AES) widely used in the military and finance. AES-256, for instance, is considered the best encryption available and often referred to as military-grade encryption. While the exact passcode is not immediately available yet, it is closer than ever before, according to the study. "This is the first time that a real quantum computer has posed a real and substantial threat to multiple full-scale SPN structured algorithms in use today," they said in the peer-reviewed paper.

The Military

Mystery Drones Swarmed a US Military Base for 17 Days. Investigators are Stumped (msn.com) 133

The Wall Street Journal reports on a "suspicious fleet of unidentified aircraft... as many as a dozen or more" that appeared in Virginia 10 months ago "over an area that includes the home base for the Navy's SEAL Team Six and Naval Station Norfolk, the world's largest naval port." The article notes this was just 10 months after the U.S. shot down a Chinese spy balloon...

After watching the drones — some "roughly 20 feet long and flying at more than 100 miles an hour" — there were weeks of meetings where "Officials from agencies including the Defense Department, Federal Bureau of Investigation and the Pentagon's UFO office joined outside experts to throw out possible explanations as well as ideas about how to respond..." Federal law prohibits the military from shooting down drones near military bases in the U.S. unless they pose an imminent threat. Aerial snooping doesn't qualify, though some lawmakers hope to give the military greater leeway...

Drone incursions into restricted airspace was already worrying national-security officials. Two months earlier, in October 2023, five drones flew over a government site used for nuclear-weapons experiments. The Energy Department's Nevada Nuclear Security Site outside Las Vegas detected four of the drones over three days. Employees spotted a fifth. U.S. officials said they didn't know who operated the drones in Nevada, a previously unreported incursion, or for what reason. A spokeswoman said the facility has since upgraded a system to detect and counter drones...

Over 17 days, the [Virginia] drones arrived at dusk, flew off and circled back... They also were nearly impossible to track, vanishing each night despite a wealth of resources deployed to catch them. Gen. Glen VanHerck, at the time commander of the U.S. Northern Command and the North American Aerospace Defense Command, said drones had for years been spotted flying around defense installations. But the nightly drone swarms over Langley [Air Force base], he said, were unlike any past incursion...

Analysts learned that the smaller quadcopters didn't use the usual frequency band available for off-the-shelf commercial drones — more evidence that the drone operators weren't hobbyists.

"Langley officials canceled nighttime training missions, worried about potential collisions with the drone swarm, and moved the F-22 jet fighters to another base... On December 23, the drones made their last visit."

But toward the end of the article, it notes that "In January, authorities found a clue they hoped would crack the case." It was a student at the University of Minnesota named Fengyun Shi — who was reported flying a drone on a rainy morning near a Virginia shipyard that builds nuclear submarines and aircraft carriers. Their drone got stuck in a tree, and ended up with federal investigators who found "Shi had photographed Navy vessels in dry dock, including shots taken around midnight. Some were under construction at the nearby shipyard." On Jan. 18, federal agents arrested Shi as he was about to board a flight to China on a one-way ticket. Shi told FBI agents he was a ship enthusiast and hadn't realized his drone crossed into restricted airspace. Investigators weren't convinced. but found no evidence linking him to the Chinese government. They learned he had bought the drone on sale at a Costco in San Francisco the day before he traveled to Norfolk. U.S. prosecutors charged Shi with unlawfully taking photos of classified naval installations, the first case involving a drone under a provision of U.S. espionage law. The 26-year-old Chinese national pleaded guilty and appeared in federal court in Norfolk on Oct. 2 for sentencing. Magistrate Judge Lawrence Leonard said he didn't believe Shi's story — that he had been on vacation and was flying drones in the middle of the night for fun. "There's significant holes," the judge said in court.

"If he was a foreign agent, he would be the worst spy ever known," said Shi's attorney, Shaoming Cheng. "I'm sorry about what happened in Norfolk," Shi said before he was sentenced to six months in federal prison.

But "U.S. officials have yet to determine who flew the Langley drones or why..."

"U.S. officials confirmed this month that more unidentified drone swarms were spotted in recent months near Edwards Air Force Base, north of Los Angeles."
Microsoft

Microsoft's Take On Kernel Access and Safe Deployment After CrowdStrike Incident (securityweek.com) 45

wiredmikey writes: As the dust settles following the massive Windows BSOD tech outages caused by CrowdStrike in July 2024, the question is now, how do we prevent this happening again? While there was no current way Microsoft could have prevented this incident, the OS firm is obviously keen to prevent anything similar happening in the future. SecurityWeek talked to David Weston, VP enterprise and OS security at Microsoft, to discuss Windows kernel access and safe deployment practices (or SDP).
Former Ukranian officer Serhii "Flash" Beskrestnov created a Signal channel where military communications specialists could talk with civilian radio experts, reports MIT's Technology Review. But radio communications are crucial for drones, so... About once a month, he drives hundreds of kilometers east in a homemade mobile intelligence center: a black VW van in which stacks of radio hardware connect to an array of antennas on the roof that stand like porcupine quills when in use. Two small devices on the dash monitor for nearby drones. Over several days at a time, Flash studies the skies for Russian radio transmissions and tries to learn about the problems facing troops in the fields and in the trenches.

He is, at least in an unofficial capacity, a spy. But unlike other spies, Flash does not keep his work secret. In fact, he shares the results of these missions with more than 127,000 followers — including many soldiers and government officials — on several public social media channels. Earlier this year, for instance, he described how he had recorded five different Russian reconnaissance drones in a single night — one of which was flying directly above his van... Drones have come to define the brutal conflict that has now dragged on for more than two and a half years. And most rely on radio communications — a technology that Flash has obsessed over since childhood. So while Flash is now a civilian, the former officer has still taken it upon himself to inform his country's defense in all matters related to radio...

Flash has also become a source of some controversy among the upper echelons of Ukraine's military, he tells me. The Armed Forces of Ukraine declined multiple requests for comment, but Flash and his colleagues claim that some high-ranking officials perceive him as a security threat, worrying that he shares too much information and doesn't do enough to secure sensitive intel... [But] His work has become greatly important to those fighting on the ground, and he recently received formal recognition from the military for his contributions to the fight, with two medals of commendation — one from the commander of Ukraine's ground forces, the other from the Ministry of Defense...

And given the mounting evidence that both militaries and militant groups in other parts of the world are now adopting drone tactics developed in Ukraine, it's not only his country's fate that Flash may help to determine — but also the ways that armies wage war for years to come.

He's also written guides on building cheap anti-drone equipment...
China

Who's Winning America's 'Tech War' With China? (wired.com) 78

In mid-2021 Ameria's National Security Advisor set up a new directorate focused on "advanced chips, quantum computing, and other cutting-edge tech," reports Wired. And the next year as Congress was working on boosting America's semiconductor sector, he was "closing in on a plan to cripple China's... In October 2022, the Commerce Department forged ahead with its new export controls."

So what happened next? In a phone call with President Biden this past spring, Xi Jinping warned that if the US continued trying to stall China's technological development, he would not "sit back and watch." And he hasn't. Already, China has answered the US export controls — and its corresponding deals with other countries — by imposing its own restrictions on critical minerals used to make semiconductors and by hoovering up older chips and manufacturing equipment it is still allowed to buy. For the past several quarters, in fact, China was the top customer for ASML and a number of Japanese chip companies. A robust black market for banned chips has also emerged in China. According to a recent New York Times investigation, some of the Chinese companies that have been barred from accessing American chips through US export controls have set up new corporations to evade those bans. (These companies have claimed no connection to the ones who've been banned.) This has reportedly enabled Chinese entities with ties to the military to obtain small amounts of Nvidia's high-powered chips.

Nvidia, meanwhile, has responded to the US actions by developing new China-specific chips that don't run afoul of the US controls but don't exactly thrill the Biden administration either. For the White House and Commerce Department, keeping pace with all of these workarounds has been a constant game of cat and mouse. In 2023, the US introduced the first round of updates to its export controls. This September, it released another — an announcement that was quickly followed by a similar expansion of controls by the Dutch. Some observers have speculated that the Biden administration's actions have only made China more determined to invest in its advanced tech sector.

And there's clearly some truth to that. But it's also true that China has been trying to become self-sufficient since long before Biden entered office. Since 2014, it has plowed nearly $100 billion into its domestic chip sector. "That was the world we walked into," [NSA Advisor Jake] Sullivan said. "Not the world we created through our export controls." The United States' actions, he argues, have only made accomplishing that mission that much tougher and costlier for Beijing. Intel CEO Pat Gelsinger estimated earlier this year that there's a "10-year gap" between the most powerful chips being made by Chinese chipmakers like SMIC and the ones Intel and Nvidia are working on, thanks in part to the export controls.

If the measure of Sullivan's success is how effectively the United States has constrained China's advancement, it's hard to argue with the evidence. "It's probably one of the biggest achievements of the entire Biden administration," said Martijn Rasser, managing director of Datenna, a leading intelligence firm focused on China. Rasser said the impact of the US export controls alone "will endure for decades." But if you're judging Sullivan's success by his more idealistic promises regarding the future of technology — the idea that the US can usher in an era of progress dominated by democratic values — well, that's a far tougher test. In many ways, the world, and the way advanced technologies are poised to shape it, feels more unsettled than ever.

Four years was always going to be too short for Sullivan to deliver on that promise. The question is whether whoever's sitting in Sullivan's seat next will pick up where he left off.

The Military

The Radio-Obsessed Civilian Shaping Ukraine's Drone Defense (technologyreview.com) 42

Former Ukranian officer Serhii "Flash" Beskrestnov created a Signal channel where military communications specialists could talk with civilian radio experts, reports MIT's Technology Review. But radio communications are crucial for drones, so... About once a month, he drives hundreds of kilometers east in a homemade mobile intelligence center: a black VW van in which stacks of radio hardware connect to an array of antennas on the roof that stand like porcupine quills when in use. Two small devices on the dash monitor for nearby drones. Over several days at a time, Flash studies the skies for Russian radio transmissions and tries to learn about the problems facing troops in the fields and in the trenches.

He is, at least in an unofficial capacity, a spy. But unlike other spies, Flash does not keep his work secret. In fact, he shares the results of these missions with more than 127,000 followers — including many soldiers and government officials — on several public social media channels. Earlier this year, for instance, he described how he had recorded five different Russian reconnaissance drones in a single night — one of which was flying directly above his van... Drones have come to define the brutal conflict that has now dragged on for more than two and a half years. And most rely on radio communications — a technology that Flash has obsessed over since childhood. So while Flash is now a civilian, the former officer has still taken it upon himself to inform his country's defense in all matters related to radio...

Flash has also become a source of some controversy among the upper echelons of Ukraine's military, he tells me. The Armed Forces of Ukraine declined multiple requests for comment, but Flash and his colleagues claim that some high-ranking officials perceive him as a security threat, worrying that he shares too much information and doesn't do enough to secure sensitive intel... [But] His work has become greatly important to those fighting on the ground, and he recently received formal recognition from the military for his contributions to the fight, with two medals of commendation — one from the commander of Ukraine's ground forces, the other from the Ministry of Defense...

And given the mounting evidence that both militaries and militant groups in other parts of the world are now adopting drone tactics developed in Ukraine, it's not only his country's fate that Flash may help to determine — but also the ways that armies wage war for years to come.

He's also written guides on building cheap anti-drone equipment...
AI

Silicon Valley Is Debating If AI Weapons Should Be Allowed To Decide To Kill (techcrunch.com) 99

An anonymous reader quotes a report from TechCrunch: In late September, Shield AI cofounder Brandon Tseng swore that weapons in the U.S. would never be fully autonomous -- meaning an AI algorithm would make the final decision to kill someone. "Congress doesn't want that," the defense tech founder told TechCrunch. "No one wants that." But Tseng spoke too soon. Five days later, Anduril cofounder Palmer Luckey expressed an openness to autonomous weapons -- or at least a heavy skepticism of arguments against them. The U.S.'s adversaries "use phrases that sound really good in a sound bite: Well, can't you agree that a robot should never be able to decide who lives and dies?" Luckey said during a talk earlier this month at Pepperdine University. "And my point to them is, where's the moral high ground in a landmine that can't tell the difference between a school bus full of kids and a Russian tank?"

When asked for further comment, Shannon Prior, a spokesperson for Anduril said that Luckey didn't mean that robots should be programmed to kill people on their own, just that he was concerned about "bad people using bad AI." In the past, Silicon Valley has erred on the side of caution. Take it from Luckey's cofounder, Trae Stephens. "I think the technologies that we're building are making it possible for humans to make the right decisions about these things," he told Kara Swisher last year. "So that there is an accountable, responsible party in the loop for all decisions that could involve lethality, obviously." The Anduril spokesperson denied any dissonance between Luckey (pictured above) and Stephens' perspectives, and said that Stephens didn't mean that a human should always make the call, but just that someone is accountable.

Last month, Palantir co-founder and Anduril investor Joe Lonsdale also showed a willingness to consider fully autonomous weapons. At an event hosted by the think tank Hudson Institute, Lonsdale expressed frustration that this question is being framed as a yes-or-no at all. He instead presented a hypothetical where China has embraced AI weapons, but the U.S. has to "press the button every time it fires." He encouraged policymakers to embrace a more flexible approach to how much AI is in weapons. "You very quickly realize, well, my assumptions were wrong if I just put a stupid top-down rule, because I'm a staffer who's never played this game before," he said. "I could destroy us in the battle."

When TC asked Lonsdale for further comment, he emphasized that defense tech companies shouldn't be the ones setting the agenda on lethal AI. "The key context to what I was saying is that our companies don't make the policy, and don't want to make the policy: it's the job of elected officials to make the policy," he said. "But they do need to educate themselves on the nuance to do a good job." He also reiterated a willingness to consider more autonomy in weapons. "It's not a binary as you suggest -- 'fully autonomous or not' isn't the correct policy question. There's a sophisticated dial along a few different dimensions for what you might have a soldier do and what you have the weapons system do," he said. "Before policymakers put these rules in place and decide where the dials need to be set in what circumstance, they need to learn the game and learn what the bad guys might be doing, and what's necessary to win with American lives on the line." [...]
"For many in Silicon Valley and D.C., the biggest fear is that China or Russia rolls out fully autonomous weapons first, forcing the U.S.'s hand," reports TechCrunch. "At the Hudson Institute event, Lonsdale said that the tech sector needs to take it upon itself to 'teach the Navy, teach the DoD, teach Congress' about the potential of AI to 'hopefully get us ahead of China.' Lonsdale's and Luckey's affiliated companies are working on getting Congress to listen to them. Anduril and Palantir have cumulatively spent over $4 million in lobbying this year, according to OpenSecrets."
The Military

US Military Spaceplane To Perform Orbital Maneuvers (spacenews.com) 18

In a rare disclosure, the U.S. Space Force announced that its secretive X-37B spaceplane will execute a series of maneuvers before returning back to Earth. SpaceNews reports: The reusable spacecraft, which has been in orbit since December 28, 2023, will perform aerobraking maneuvers to alter its trajectory around Earth, the Space Force said Oct. 10. This technique involves making multiple passes through the planet's upper atmosphere, using atmospheric drag to modify the vehicle's orbit while conserving fuel. These maneuvers also are intended to showcase responsible space operations, the Space Force said. The aerobraking enables the spaceplane to change orbits and comply with space debris mitigation rules by safely discarding the service module.

The X-37B, manufactured by Boeing, is jointly operated by the U.S. Space Force and the Air Force Rapid Capabilities Office. Since its launch aboard a SpaceX Falcon Heavy rocket from NASA's Kennedy Space Center in Florida, the spaceplane has been conducting radiation effect experiments and testing space domain awareness technologies in a highly elliptical orbit. [...] After completing its aerobraking maneuvers, the X-37B will resume its testing and experimentation objectives. Once these are accomplished, the vehicle will de-orbit and return to Earth, utilizing its autonomous landing system to touch down horizontally like a conventional aircraft. The Space Force has not disclosed the expected duration of the current mission.

Piracy

Kim Dotcom Fends Off Arrest Before Conspiracy Theories and Reality Collide (torrentfreak.com) 119

TorrentFreak's Andy Maxwell reports: In August, New Zealand's Justice Minister authorized Kim Dotcom's immediate arrest and extradition. Dotcom's response to his followers on X was simple: "I'm not leaving." Another post mid-September -- "we are very close to disaster" -- led to Dotcom disappearing for three weeks. On his return, Dotcom said X had suspended his account, based on an extremely serious allegation. After accusing Elon Musk of failing to help, yesterday Dotcom warned that a Trump loss would see Musk indicted and "fighting for his life." Dotcom has a plan to avoid extradition; chaos like this provides the fuel.

The details of Dotcom's "plan" to stay in New Zealand are yet to be revealed. Given Dotcom's history, exhausting the judiciary with every possible avenue of appeal is pretty much guaranteed, no matter how unlikely the prospects of success. At the same time, it's likely that Dotcom will use social media to preach to the existing choir. He will also try to appeal to those who loathe him, and those who merely hate him, by focusing on a common grievance. "People keep suggesting that I should leave this corrupt US colony like a fugitive on the run. Hell no," he told 1.7 million X followers recently. "Corrupt US colony" and the interchangeable "obedient" variant are clearly derogatory, catering to theories of joint complicity and sniveling weakness. This rhetoric has been visible on Dotcom's social media accounts for some time, but the main theme is Dotcom's belligerent, out-of-the-blue support for Russia's invasion of Ukraine. [...]

Some people believe that Dotcom genuinely supports Russia and, with his quotes regularly appearing on state-run news channels, arguing otherwise is a pretty tough ask. A different assessment starts with the things Dotcom values most -- his family, his wealth, and his freedom -- and applies that to a reputation of doing whatever it takes to protect and maintain those three, non-negotiable aspects of his life. Right now, his best chance is to tilt the chess board via a change at the White House, and then carefully exploit a change in policy. Dotcom's colleagues took a plea deal from the U.S. and New Zealand that Dotcom insists he would never accept; certainly not if Biden was in power. A Donald Trump win, on the other hand, would introduce an administration Dotcom could be seen to negotiate with, on previously unthinkable terms, without losing face. Previous reluctance to admit any wrongdoing could suddenly seem trivial after the prevention of World War 3.

[Since 2022, Dotcom supported narratives more closely aligned with those of the Kremlin, in particular the claim that United States policy is the root cause of the current conflict. The amplification of anti-Ukraine rumors in the United States, strategically links alleged U.S. policy failures to billions of dollars in military aid, all at taxpayers' expense. This toxic mix, Dotcom insists, heralds the collapse of the dollar, the dismantling of the "US Empire," and ultimately a global human catastrophe; World War 3, no holds barred.]

The Military

How Mossad Planned Its Exploding Pager Operation: Inside Israel's Penetration of Hezbollah (msn.com) 402

The Washington Post interviewed Lebanese officials, people close to Hezbollah, and Israeli, Arab and U.S. security officials and politicians about a years-long plan (originated at Mossad headquarters) that ultimately killed or maimed "as many as 3,000 Hezbollah officers and members — most of them rear-echelon figures... along with an unknown number of civilians... when Israel's Mossad intelligence service triggered the devices remotely on September 17." In the initial sales pitch to Hezbollah two years ago, the new line of Apollo pagers seemed precisely suited to the needs of a militia group with a sprawling network of fighters and a hard-earned reputation for paranoia... Best of all, there was no risk that the pagers could ever be tracked by Israel's intelligence services. Hezbollah's leaders were so impressed they bought 5,000 of them and began handing them out to mid-level fighters and support personnel in February. None of the users suspected they were wearing an ingeniously crafted Israeli bomb...

Israeli officials had watched with increasing anxiety as the Lebanese group added new weapons to an arsenal already capable of striking Israeli cities with tens of thousands of precision-guided missiles. Mossad, the Israeli intelligence service responsible for combating foreign threats to the Jewish state, had worked for years to penetrate the group with electronic monitoring and human informants. Over time, Hezbollah leaders learned to worry about the group's vulnerability to Israeli surveillance and hacking, fearing that even ordinary cellphones could be turned into Israeli-controlled eavesdropping and tracking devices. Thus was born the idea of creating a kind of communications Trojan horse, the officials said. Hezbollah was looking for hack-proof electronic networks for relaying messages, and Mossad came up with a pair of ruses that would lead the militia group to purchase devices that seemed perfect for the job — equipment that Mossad designed and had assembled in Israel.

The first part of the plan, booby-trapped walkie-talkies, began being inserted into Lebanon by Mossad nearly a decade ago, in 2015. The mobile two-way radios contained oversized battery packs, a hidden explosive and a transmission system that gave Israel complete access to Hezbollah communications. For nine years, the Israelis contented themselves with eavesdropping on Hezbollah, the officials said, while reserving the option to turn the walkie-talkies into bombs in a future crisis. But then came a new opportunity and a glitzy new product: a small pager equipped with a powerful explosive. In an irony that would not become clear for many months, Hezbollah would end up indirectly paying the Israelis for the tiny bombs that would kill or wound many of its operatives.

Because Hezbollah leaders were alert to possible sabotage, the pagers could not originate in Israel, the United States or any other Israeli ally. So, in 2023, the group began receiving solicitations for the bulk purchase of Taiwanese-branded Apollo pagers, a well-recognized trademark and product line with a worldwide distribution and no discernible links to Israeli or Jewish interests. The Taiwanese company had no knowledge of the plan, officials said... The marketing official had no knowledge of the operation and was unaware that the pagers were physically assembled in Israel under Mossad oversight, officials said... In a feat of engineering, the bomb component was so carefully hidden as to be virtually undetectable, even if the device was taken apart, the officials said. Israeli officials believe that Hezbollah did disassemble some of the pagers and may have even X-rayed them.

"Thousands of Apollo-branded pagers rang or vibrated at once, all across Lebanon and Syria," according to the article, with a short sentence in Arabic that said "You received an encrypted message." The two-button de-encryption procedure "ensured most users would be holding the pager with both hands when it detonated," according to the article, although "Less than a minute later, thousands of other pagers exploded by remote command, regardless of whether the user ever touched his device. The following day, on September 18, hundreds of walkie-talkies blew up in the same way, killing and maiming users and bystanders..."

"As Hezbollah reeled, Israel struck again, pounding the group's headquarters, arsenals and logistic centers with 2,000-pound bombs," the article concludes. And the strike "convinced the country's political leaders that Hezbollah could be put on the ropes, susceptible to a systematic dismantling using airstrikes and, eventually a ground invasion..."
United States

Anduril Founder Luckey: Every Country Needs a 'Warrior Class' Excited To Enact 'Violence on Others in Pursuit of Good Aims' 268

Anduril founder Palmer Luckey advocated for a "warrior class" and autonomous weapons during a talk at Pepperdine University. The defense tech entrepreneur, known for his Hawaiian shirts and mullet, argued that societies need people "excited about enacting violence on others in pursuit of good aims."

Luckey revealed that Anduril supplied weapons to Ukraine two weeks into the Russian invasion, lamenting that earlier involvement could have made "a really big difference." He criticized Western hesitancy on AI development, claiming adversaries are waging a "shadow campaign" against it in the United Nations. Contradicting his co-founder's stance, Luckey endorsed fully autonomous weapons, comparing them favorably to indiscriminate landmines.
China

China-Linked Hackers Breach US Internet Providers in New 'Salt Typhoon' Cyberattack (msn.com) 16

Hackers linked to the Chinese government have broken into a handful of U.S. internet-service providers in recent months in pursuit of sensitive information, WSJ reported Wednesday, citing people familiar with the matter. From the report: The hacking campaign, called Salt Typhoon by investigators, hasn't previously been publicly disclosed and is the latest in a series of incursions that U.S. investigators have linked to China in recent years. The intrusion is a sign of the stealthy success Beijing's massive digital army of cyberspies has had breaking into valuable computer networks in the U.S. and around the globe.

In Salt Typhoon, the actors linked to China burrowed into America's broadband networks. In this type of intrusion, bad actors aim to establish a foothold within the infrastructure of cable and broadband providers that would allow them to access data stored by telecommunications companies or launch a damaging cyberattack. Last week, U.S. officials said they had disrupted a network of more than 200,000 routers, cameras and other internet-connected consumer devices that served as an entry point into U.S. networks for a China-based hacking group called Flax Typhoon. And in January, federal officials disrupted Volt Typhoon, yet another China-linked campaign that has sought to quietly infiltrate a swath of U.S. critical infrastructure.

"The cyber threat posed by the Chinese government is massive," said Christopher Wray, the Federal Bureau of Investigation's director, speaking earlier this year at a security conference in Germany. "China's hacking program is larger than that of every other major nation, combined." U.S. security officials allege that Beijing has tried and at times succeeded in burrowing deep into U.S. critical infrastructure networks ranging from water-treatment systems to airports and oil and gas pipelines. Top Biden administration officials have issued public warnings over the past year that China's actions could threaten American lives and are intended to cause societal panic. The hackers could also disrupt the U.S.'s ability to mobilize support for Taiwan in the event that Chinese leader Xi Jinping orders his military to invade the island.

Facebook

Meta and YouTube Ban Russian State Media for 'Foreign Interference' (cnn.com) 58

Meta (the parent company of Facebook, Instagram, and Threads) announced Monday that Russian state media outlets like RT are now "banned from our apps globally for foreign interference activity," reports CNN.

CNN adds that Meta is alleging that the "Kremlin-controlled networks" have "engaged in deceptive influence operations and attempted to evade detection... Prior to Monday's ban, RT had 7.2 million followers on Facebook and 1 million followers on Instagram." The move comes days after the US Justice Department announced charges against two RT employees for funneling nearly $10 million into a US company, identified by CNN as Tenet Media, to create and amplify content that aligned with Russian interests. The covert influence campaign was aimed at the American public ahead of the 2024 US presidential election, US officials said.
Last week the U.S. State department "revealed declassified U.S. intelligence findings that suggest RT is fully integrated into Russia's intelligence operations around the world," CNN reported earlier" In addition to its covert influence operations, the leaders of RT also administered an online crowdfunding effort to supply military equipment to Russian soldiers in Ukraine, Blinken alleged. The crowdfunding effort supplied "sniper rifles, suppressors, body armor, night vision equipment, drones, radio equipment, personal weapon sights, diesel generators" to Russian soldiers fighting in Ukraine, according to Blinken.

The goal of the U.S. announcement — and private discussions with allied diplomats — is to make sure that countries know that RT and Russian intelligence agencies are working together to sow division and harm democratic processes, while simultaneously making it much more difficult for RT to operate globally, a senior administration official said...

Asked for comment by CNN, RT responded with a mocking email that read in part: "We've been broadcasting straight out of the KGB headquarters all this time."

More from Reuters: U.S. Secretary of State Antony Blinken said on Friday that countries should treat RT's activities as they do covert intelligence operations... In briefing materials shared with Reuters, Meta said it had seen Russian state-controlled media try to evade detection in their online activities in the past and expected them to continue trying to engage in deceptive practices going forward.
A YouTube spokesperson told Reuters they've also terminated over 230 channels affiliated with Kremlin-controlled outlets — channels which were previously only blocked from viewers.

YouTube "began blocking Russian state-sponsored news channels globally in 2022," reports NBC News, "including those tied to RT and Sputnik. Over the years, according to YouTube, the platform has blocked thousands of channels and millions of videos." James Rubin, coordinator for the State Department's Global Engagement Center, said RT is "where propaganda, disinformation and lies are spread to millions, if not billions, of people around the world."
Privacy

Ukraine Bans Official Use of Telegram App Over Fears of Russian Spying (reuters.com) 49

Ukraine has banned use of Telegram on official devices used by state officials, military personnel and critical workers because it believes its enemy Russia can spy on both messages and users, a top security body said on Friday. Reuters: The National Security and Defence Council announced the restrictions after Kyrylo Budanov, head of Ukraine's GUR military intelligence agency, presented the Council with evidence of Russian special services' ability to snoop on the platform, it said in a statement. But Andriy Kovalenko, head of the security council's centre on countering disinformation, posted on Telegram that the restrictions apply only to official devices, not personal phones.

Telegram is heavily used in both Ukraine and Russia and has become a critical source of information since the Russian invasion of Ukraine in February 2022. But Ukrainian security officials had repeatedly voiced concerns about its use during the war. Based in Dubai, Telegram was founded by Russian-born Pavel Durov, who left Russia in 2014 after refusing to comply with demands to shut down opposition communities on his social media platform VKontakte, which he has sold.

Microsoft

Palmer Luckey Is Bringing Anduril Smarts To Microsoft's Military Headset (wired.com) 15

Anduril Industries, a defense startup founded by Palmer Luckey, will integrate its Lattice suite of software into Microsoft's Integrated Visual Augmentation System headset for the U.S. Army. The deal aims to enhance soldiers' battlefield awareness by displaying real-time data from drones, vehicles, and defense systems.

Luckey, who sold virtual reality company Oculus to Facebook for $2 billion, launched Anduril in 2017 to challenge traditional defense contractors. The firm recently secured a contract to develop an experimental robotic fighter jet, beating out industry giants. While Microsoft's IVAS faced initial user complaints of nausea and headaches, the Army plans to invest $21.9 billion in the project.
News

Exploding Pagers Injure Thousands Across Lebanon 751

Wireless communication pagers, carried by thousands, exploded around the same time across Lebanon on Tuesday, injuring over 2,700 people and killing eight, in what security experts suspect was a sophisticated Israeli intelligence operation. New York Times: Hundreds of pagers blew up at the same time across Lebanon on Tuesday in an apparently coordinated attack that killed eight people and injured more than 2,700, health officials said on Tuesday. [...] Hezbollah said that pagers belonging to its members had exploded and accused Israel of being behind the attack. The Israeli military declined to comment.

[...] Three officials briefed on the attack said that it had targeted hundreds of pagers belonging to Hezbollah operatives who have used such devices for years to make it harder for their messages to be intercepted. The devices were programmed to beep for several seconds before exploding, according to the officials, who spoke on the condition of anonymity because of the sensitivity of the matter.
Further reading: Reuters; CNN; NPR; Fox News; and WSJ.

Edward Snowden said, "If it were iPhones that were leaving the factory with explosives inside, the media would be a hell of a lot faster to cotton on to what a horrific precedent has been set today. Nothing can justify this. It's a crime. A crime. And everyone in the world is less safe for it."
United States

RTX's Long-Delayed $7 Billion GPS-Tracking Network Is Still Troubled, GAO Says (msn.com) 19

A month before its planned delivery after years of delay and cost growth, RTX's $7.6 billion ground network to control GPS satellites is still marred by problems that may further stall its acceptance by the US Space Force, congressional auditors said Monday. From a report: RTX's system of 17 ground stations for current and improved GPS satellites was supposed to be ready by October, when it would undergo a series of intense Space Force tests to assess whether it can be declared operational by December 2025. The system continues to draw the ire of lawmakers because it's running more than seven years late in a development phase that's about 73% costlier than initial projections.

Two rounds of testing by the company have been "marked by significant challenges that drove delays to the program's schedule," the Government Accountability Office said Monday in a broad review of the US military's GPS program, including improvements intended to block jamming by adversaries.

The Next Generation Operational Control System, known as OCX, is intended to provide improvements, including access to more secure, jam-resistant software for the military's use of the GPS navigation system, which is also depended on by civilians worldwide. "The program faces challenges from product deficiencies" that "create a risk of further delay," the Pentagon's Defense Contract Management Agency told the GAO, adding that it expects RTX at the earliest to deliver OCX by December.

Government

Is the Tech World Now 'Central' to Foreign Policy? (wired.com) 41

Wired interviews America's foreign policy chief, Secretary of State Antony Blinken, about U.S. digital polices, starting with a new "cybersecurity bureau" created in 2022 (which Wired previously reported includes "a crash course in cybersecurity, telecommunications, privacy, surveillance, and other digital issues.") Look, what I've seen since coming back to the State Department three and a half years ago is that everything happening in the technological world and in cyberspace is increasingly central to our foreign policy. There's almost a perfect storm that's come together over the last few years, several major developments that have really brought this to the forefront of what we're doing and what we need to do. First, we have a new generation of foundational technologies that are literally changing the world all at the same time — whether it's AI, quantum, microelectronics, biotech, telecommunications. They're having a profound impact, and increasingly they're converging and feeding off of each other.

Second, we're seeing that the line between the digital and physical worlds is evaporating, erasing. We have cars, ports, hospitals that are, in effect, huge data centers. They're big vulnerabilities. At the same time, we have increasingly rare materials that are critical to technology and fragile supply chains. In each of these areas, the State Department is taking action. We have to look at everything in terms of "stacks" — the hardware, the software, the talent, and the norms, the rules, the standards by which this technology is used.

Besides setting up an entire new Bureau of Cyberspace and Digital Policy — and the bureaus are really the building blocks in our department — we've now trained more than 200 cybersecurity and digital officers, people who are genuinely expert. Every one of our embassies around the world will have at least one person who is truly fluent in tech and digital policy. My goal is to make sure that across the entire department we have basic literacy — ideally fluency — and even, eventually, mastery. All of this to make sure that, as I said, this department is fit for purpose across the entire information and digital space.

Wired notes it was Blinken's Department that discovered China's 2023 breach of Microsoft systems. And on the emerging issue of AI, Blinken cites "incredible work done by the White House to develop basic principles with the foundational companies." The voluntary commitments that they made, the State Department has worked to internationalize those commitments. We have a G7 code of conduct — the leading democratic economies in the world — all agreeing to basic principles with a focus on safety. We managed to get the very first resolution ever on artificial intelligence through the United Nations General Assembly — 192 countries also signing up to basic principles on safety and a focus on using AI to advance sustainable development goals on things like health, education, climate. We also have more than 50 countries that have signed on to basic principles on the responsible military use of AI. The goal here is not to have a world that is bifurcated in any way. It's to try to bring everyone together.

Slashdot Top Deals