An anonymous reader quotes a report from the Associated Press: Pennsylvania cannot enforce a regulation to make power plant owners pay for their planet-warming greenhouse gas emissions, a state court ruled Wednesday, dealing another setback to the centerpiece of former Gov. Tom Wolf's plan to fight global warming. The Commonwealth Court last year temporarily blocked Pennsylvania from becoming the first major fossil fuel-producing state to adopt a carbon-pricing program, and the new ruling makes that decision permanent. The ruling is a victory for Republican lawmakers and coal-related interests that argued that the carbon-pricing plan amounted to a tax, and therefore would have required legislative approval. Wolf, a Democrat, had sought to get around legislative opposition by unconstitutionally imposing the requirement through a regulation, they said. The court agreed in a 4-1 decision.

The regulation written by Wolf's administration had authorized Pennsylvania to join the multistate Regional Greenhouse Gas Initiative, which imposes a price and declining cap on carbon dioxide emissions from power plants. It would be up to Wolf's successor, Democratic Gov. Josh Shapiro, to decide whether to appeal the decision to the state Supreme Court. Shapiro's administration had no comment Wednesday on whether it would appeal, and Shapiro himself hasn't said publicly whether he would follow through on the plan to join the consortium, should the courts allow it. Still, Shapiro is "focused on addressing climate change, reducing emissions, and protecting public health while creating jobs and protecting consumers," Shapiro's administration said in a statement.

Thomas Claburn reports via The Register: For a period of two years between September 2019 and September 2021, two Americans and two Russians allegedly compromised the taxi dispatch system at John F. Kennedy International Airport in New York to sell cabbies a place at the front of the dispatch line. The two Russian nationals, Aleksandr Derebenetc and Kirill Shipulin, were indicted by a grand jury for conspiring to commit computer intrusions, the US Justice Department said on Tuesday. They remain at large. In early October, the two American nationals, Daniel Abayev and Peter Leyman, who were indicted last year, pleaded guilty, each to one count of conspiring to commit computer intrusions.

The scheme represented an attempt to monetize the demand among taxi drivers for lucrative airport fares -- the current flat rate for JFK to Manhattan is $70 plus additional charges. As described in the indictment (PDF), taxi drivers are required to wait in a holding lot at JFK, often for several hours, before being dispatched in the order of their arrival to airport terminals. And because time spent waiting in line is not paid, drivers have a financial incentive to avoid waiting in line. The conspirators allegedly developed a plan to hack the dispatch system around September 2019. The indictment describes several approaches that were tried, "including bribing someone to insert a flash drive containing malware into computers connected to the dispatch system, obtaining unauthorized access to the dispatch system via a Wi-Fi connect, and stealing computer tablets connected to the dispatch system."

The government's filing suggests that the group gained and lost access to the dispatch system several times. When they did have access, the alleged conspirators offered to move drivers to the front of the dispatch queue for a $10 fee, and waived the fee for those who found other drivers willing to pay to play. Many drivers took advantage of the service. According to the Justice Department, the group booked 2,463 queue cuts in a single week around December 2019. The scheme allegedly enabled as many as 1,000 trips per day that skipped the queue at JFK. The American conspirators are said to have collected the money from participating drivers and to have sent payments to the alleged Russian conspirators, describing the money transfers as "payment for software development" or "payment for services rendered." The indictment indicates that the Russians received more than $100,000 for their work. If apprehended -- which appears unlikely given current US relations with Russia -- the Russians face charges that carry a maximum sentence of ten years in prison. Abayev and Leyman each face up to five years in prison. They're scheduled to be sentenced early next year.

An anonymous reader quotes a report from TorrentFreak: The head of the Russian department responsible for identifying threats to the "stability, security and integrity" of the internet, has revealed the extent of the Kremlin's VPN crackdown. Former FSO officer Sergei Khutortsev, a central figure in Russia's 'sovereign internet' project, confirmed that 167 VPN services are now blocked along with over 200 email services. Russia is also reported as stepping up measures against protocols such as OpenVPN, IKEv2 and WireGuard. [...]

An in-depth report published by TheIns.ru has details of the monitoring/blocking system reportedly deployed in Russia, how much it costs (4.3 billion rubles/$43 million in 2020, 24.7 billion rubles/$247 million for 2022-2024), and the names of the companies supplying the components. The publication also obtained original documents that apparently show some of the protocols Russia initially intended to block. They include older VPN protocols IPSec, L2TP, and PPTP, plus the BitTorrent protocol still widely used today. The full report on the system, which reveals the use of Intel chips/chipsets in 965 servers manufactured by Huawei and already purchased by Russia, plus another 2400+ servers for 2023/24, is available here.

China's popular social media platforms are requiring "self-media" accounts with over 500,000 followers to disclose real-name information, prompting concerns over increased doxxing and privacy among some users. Reuters reports: China's most popular social media platforms on Tuesday announced that "self-media" accounts with more than 500,000 followers will be asked to display real-name information, a controversial measure that has prompted concerns over doxxing and privacy among some users. "Self-media" includes news and information not necessarily approved by the government, a genre of online content regulators have cracked down on in recent years to "purify" China's cyberspace. [...]

Rumors of the new policy had prompted lively debate among users. Some, like former state media editor Hu Xijin, have defended the measure as necessary in order to force influential accounts to use more responsible speech. Others, however, have expressed concerns that the measure would make doxxing easier and platforms would further remove online users' anonymity in the future.

The new measures will remove the anonymity of thousands of influencers on social media platforms that are used daily by hundreds of millions of Chinese. Several of the platforms said that accounts with over 1 million followers would be affected first and those that do not comply would face restrictions in their online traffic and income as a consequence.

Apple could be forced to scale back its App Store fees for developers after one of the European Union's antitrust watchdogs said its commissions violate the bloc's rules. From a report: In the latest twist in a long-running clash between the Dutch Authority for Consumers & Markets and the US tech giant, officials ruled that Apple's commission on certain app subscriptions are an abuse of the company's market power. In a confidential decision seen by Bloomberg, the Dutch regulator said Apple's rules unfairly target companies that offer subscription services, such as Match Group's dating app Tinder, which has to pay high commission rates on app sales, unlike ones that don't have paid digital content.

Apple harms such companies "by charging them an additional and inexplicably higher fee," according to the Dutch decision, which was sent in July. Apple had earlier offered to reduce app sale commission in the Netherlands from 30% to 27%, but the ACM's confidential findings state this offer doesn't go far enough. The decision could pave the wave for greater antitrust scrutiny across the 27-nation EU on the fairness of Apple's fee structure for different apps. The European Commission in Brussels is already investigating how Apple restricts apps from informing users of cheaper subscriptions outside the app store.

Nokia sued Amazon in courts across three continents, alleging the e-commerce giant uses its technologies in streaming services and devices without authorization. From a report: The suits were filed in the US, Germany, India, the UK, and the European Unified Patent Court, Arvin Patel, Nokia's Chief Licensing Officer said in a statement on the company's website. Separately, a suit was also filed against HP in the US over video-related technologies, he said.

Apple has warned over a half dozen Indian lawmakers from Prime Minister Narendra Modi's main opposition of their iPhones being targets of state-sponsored attacks, these people said Tuesday, in a remarkable turn of events just months before the general elections in the South Asian nation. From a report: Rahul Gandhi, Indian opposition leader, said in a media briefing Tuesday that his team had received the said alert from Apple. Shashi Tharoor, a key figure from the Congress party; Akhilesh Yadav, the head of the Samajwadi Party; Mahua Moitra, a national representative from the All India Trinamool Congress; Priyanka Chaturvedi of Shiv Sena, a party with notable influence in Maharashtra reported that they too had been notified by Apple regarding a potential security attack on their iPhones. Asaduddin Owaisi, the leader of the All-India Majlis-e-Ittehadul Muslimeen (AIMIM); Raghav Chadha from AAP, originating from an anti-corruption crusade a decade prior and later securing a political foothold in the national capital region; Sitaram Yechury, the General Secretary of the Communist Party of India; alongside Congress spokesperson Pawan Khera were also impacted, they said. Journalists Siddharth Varadarajan and Sriram Karri, along with Observer Research Foundation (ORF) India President Samir Saran shared that they had been served with identical warnings from Apple.

wiredmikey shares a report from SecurityWeek: In a surprising development on Monday that is spooking the cybersecurity community, the SEC filed charges against SolarWinds and its Chief Information Security Officer (CISO), Timothy G. Brown, alleging that the software company misled investors about its cybersecurity practices and known risks. The charges stem from alleged fraud and internal control failures related to known cybersecurity weaknesses that took place between the company's October 2018 initial public offering (IPO) and its December 2020 revelation of the infamous supply chain cyberattack dubbed "SUNBURST." [...] The SEC's complaint also points to internal communications among SolarWinds employees, including Brown, in 2019 and 2020, which raised questions about the company's ability to protect its critical assets from cyberattacks.

An anonymous reader quotes a report from Bloomberg: GSK will pay 23andMe $20 million for access to the genetic-testing company's vast trove of consumer DNA data, extending a five-year collaboration that's allowed the drugmaker to mine genetic data as it researches new medications. Under the new agreement, 23andMe will provide GSK with one year of access to anonymized DNA data from the approximately 80% of gene-testing customers who have agreed to share their information for research, 23andMe said in a statement Monday. The genetic-testing company will also provide data-analysis services to GSK.

23andMe is best known for its DNA-testing kits that give customers ancestry and health information. But the DNA it collects is also valuable, including for scientific research. With information from more than 14 million customers, the only data sets that rival the size of the 23andMe library belong to Ancestry.com and the Chinese government. The idea for drugmakers is to comb the data for hints about genetic pathways that might be at the root of disease, which could significantly speed up the long, slow process of drug development. GSK and 23andMe have already taken one potential medication to clinical trials: a cancer drug that works to block CD96, a protein that helps modulate the body's immune responses. It entered that testing phase in four years, compared to an industry average of about seven years. Overall, the partnership between GSK and 23andMe has produced more than 50 new drug targets, according to the statement.

The new agreement changes some components of the collaboration. Any discoveries GSK makes with the 23andMe data will now be solely owned by the British pharmaceutical giant, while the genetic-testing company will be eligible for royalties on some projects. In the past, the two companies pursued new drug targets jointly. GSK's new deal with 23andMe is also non-exclusive, leaving the genetic-testing company free to license its database to other drugmakers.

Blake Brittain reports via Reuters: A judge in California federal court on Monday trimmed a lawsuit by visual artists who accuse Stability AI, Midjourney and DeviantArt of misusing their copyrighted work in connection with the companies' generative artificial intelligence systems. U.S. District Judge William Orrick dismissed some claims from the proposed class action brought by Sarah Andersen, Kelly McKernan and Karla Ortiz, including all of the allegations against Midjourney and DeviantArt. The judge said (PDF) the artists could file an amended complaint against the two companies, whose systems utilize Stability's Stable Diffusion text-to-image technology.

Orrick also dismissed McKernan and Ortiz's copyright infringement claims entirely. The judge allowed Andersen to continue pursuing her key claim that Stability's alleged use of her work to train Stable Diffusion infringed her copyrights. "Even Stability recognizes that determination of the truth of these allegations -- whether copying in violation of the Copyright Act occurred in the context of training Stable Diffusion or occurs when Stable Diffusion is run -- cannot be resolved at this juncture," Orrick said.

Orrick agreed with all three companies that the images the systems actually created likely did not infringe the artists' copyrights. He allowed the claims to be amended but said he was "not convinced" that allegations based on the systems' output could survive without showing that the images were substantially similar to the artists' work. The judge also dismissed other claims from the artists, including that the companies violated their publicity rights and competed with them unfairly, with permission to refile. Orrick dismissed McKernan and Ortiz's copyright claims because they had not registered their images with the U.S. Copyright Office, a requirement for bringing a copyright lawsuit.

An anonymous reader quotes a report from TorrentFreak: Brazil's telecoms regulator Anatel claims that during an operation last week, it successfully blocked around 80% of pirate 'TV boxes' in the country. Estimates from early 2023 suggest that seven million were active in Brazil. The operation, claimed to be the most significant ever carried out, arrives just weeks after Google & Cisco were criticized for "turning a blind eye" to the IPTV piracy problem. [...] Whatever the approach, if Anatel had somehow managed to prevent 80% of all TV boxes receiving pirated content in the space of a year, that would be an extraordinary achievement. Even a week would be astonishing but the claim of millions in a day seems either incredible, non-credible, or entirely dependent on more important information or nuance that isn't being reported. Another angle is that disruption on a large scale tends to register in search results and Google data on various related search terms doesn't seem to reflect millions of TV boxes suddenly going dark in Brazil last week. At least, not for any significant length of time.

Pete Syme reports via Insider: A British software company is giving Meta 30 days to stop using the name Threads in the UK because it owns the trademark. Threads Software Limited says its lawyers wrote to the Facebook and Instagram parent company on Monday. If Meta doesn't stop using the name Threads, Threads Software Limited says it will seek an injunction from the courts.

The British company trademarked Threads in 2012 for its intelligent messaging hub, which can store a company's emails, tweets, and voice over internet protocol phone calls in a cloud database. In a press release, it said it had declined the four offers that Meta's lawyers made to purchase its domain name "threads.app." Then when Meta launched Threads, its social media app designed to compete with Elon Musk's X, the British company says it was removed from Facebook. John Yardley, the managing director of Threads Software Limited, said the business "faces a serious threat from one of the largest technology companies in the world."

"We recognize that this is a classic 'David and Goliath' battle with Meta," said Yardley. "And whilst they may think they can use whatever name they want, that does not give them the right to use the Threads brand name."

Citing an "unacceptable level of risk to privacy and security," Canada banned Chinese messaging application WeChat and Russian antivirus program Kaspersky on government-issued mobile devices. Reuters reports: The ban was announced after an assessment by Canada's chief information officer that Tencent-owned WeChat and applications made by Moscow-based Kaspersky "present an unacceptable level of risk to privacy and security," the Treasury Board of Canada, which oversees public administration, said in a statement. Kaspersky said it was surprised and disappointed, and that the decision was made without warning or an opportunity for the firm to address the government's concerns. "As there has been no evidence or due process to otherwise justify these actions, they are highly unsupported and a response to the geopolitical climate rather than a comprehensive evaluation of the integrity of Kaspersky's products and services," the company said in a statement.

The Treasury Board said it has no evidence that government information has been compromised, but the collection methods of the applications provide considerable access to a device's contents, and risks of using them were "clear." "The decision to remove and block the WeChat and the Kaspersky applications was made to ensure that government of Canada networks and data remain secure and protected and are in line with the approach of our international partners," the statement said. The applications will be removed from government-issued mobile devices on Monday, and users will be blocked from downloading them in the future.

President Joe Biden signed a wide-ranging executive order on artificial intelligence Monday, setting the stage for some industry regulations and funding for the U.S. government to further invest in the technology. From a report: The order is broad, and its focuses range from civil rights and industry regulations to a government hiring spree. In a media call previewing the order Sunday, a senior White House official, who asked to not be named as part of the terms of the call, said AI has so many facets that effective regulations have to cast a wide net. "AI policy is like running into a decathlon, and there's 10 different events here," the official said. "And we don't have the luxury of just picking 'we're just going to do safety' or "we're just going to do equity' or 'we're just going to do privacy.' You have to do all of these things."

The official also called for "significant bipartisan legislation" to further advance the country's interests with AI. Senate Majority Leader Chuck Schumer, D-N.Y., held a private forum in September with industry leaders but has yet to introduce significant AI legislation. Some of the order builds on a previous nonbinding agreement that seven of the top U.S. tech companies developing AI agreed to in July, like hiring outside experts to probe their systems for weaknesses and sharing their critical findings. The order leverages the Defense Production Act to legally require those companies to share safety test results with the federal government.

The Wall Street Journal reports that more than three million Americans have now had a total of $127 billion in student loans flagged for cancellation. (Which for 3 million would average out to over $40,000 apiece).

Interestingly, the article notes this happened despite a set back for forgiveness in America's highest court this June: The high court ruled that the Biden administration couldn't cancel hundreds of billions of dollars for tens millions of student-loan holders, reasoning that the authority for such a broad-based policy doesn't exist under the law. While that closed one path, Biden tapped a variety of different tools that no previous president had ever used to this extent. Since taking office in 2021, the Biden administration has arranged to cancel loans equal to around 30% of the total projected cost of its blocked mass cancellation plan.

The seven industrial countries known as the "G7" — America, Canada, Japan, Germany, France, Italy, and Britain — will agree on a code of conduct Monday for companies developing advanced AI systems, reports Reuters.

The news comes "as governments seek to mitigate the risks and potential misuse of the technology," Reuters reports — citing a G7 document. The 11-point code "aims to promote safe, secure, and trustworthy AI worldwide and will provide voluntary guidance for actions by organizations developing the most advanced AI systems, including the most advanced foundation models and generative AI systems", the G7 document said. It "is meant to help seize the benefits and address the risks and challenges brought by these technologies".

The code urges companies to take appropriate measures to identify, evaluate and mitigate risks across the AI lifecycle, as well as tackle incidents and patterns of misuse after AI products have been placed on the market. Companies should post public reports on the capabilities, limitations and the use and misuse of AI systems, and also invest in robust security controls.

The Washington Post's editorial board looks at America's "net neutrality" debate.

But first they note that America's communications-regulating FCC has "limited authority to regulate unless broadband is considered a 'common carrier' under the Telecommunications Act of 1996." The FCC under President Barack Obama moved to reclassify broadband so it could regulate broadband companies; the FCC under President Donald Trump reversed the change. Dismayed advocates warned the world that, without the protections in place, the internet would break. You'll never guess what happened next: nothing. Or, at least, almost nothing. The internet did not break, and internet service providers for the most part did not block and they did not throttle.

All the same, today's FCC, under Chairwoman Jessica Rosenworcel, has just moved to re-reclassify broadband. The interesting part is that her strongest argument doesn't have much to do with net neutrality, but with some of the other benefits the country could see from having a federal watchdog keeping an eye on the broadband business... Broadband is an essential service... Yet there isn't a single government agency with sufficient authority to oversee this vital tool. Asserting federal authority over broadband would empower regulation of any blocking, throttling or anti-competitive paid traffic prioritization that they might engage in. But it could also help ensure the safety and security of U.S. networks.

The FCC has, on national security grounds, removed authorization for companies affiliated with adversary states, such as China's Huawei, from participating in U.S. telecommunications markets. The agency can do this for phone carriers. But it can't do it for broadband, because it isn't allowed to. Or consider public safety during a crisis. The FCC doesn't have the ability to access the data it needs to know when and where there are broadband outages — much less the ability to do anything about those outages if they are identified. Similarly, it can't impose requirements for network resiliency to help prevent those outages from occurring in the first place — during, say, a natural disaster or a cyberattack.

The agency has ample power to police the types of services that are becoming less relevant in American life, such as landline telephones, and little power to police those that are becoming more important every day.
The FCC acknowledges this power would also allow them to prohibit "throttling" of content. But the Post's editorial also makes the argument that here in 2023 that's "unlikely to have any major effect on the broadband industry in either direction... Substantial consequences have only become less likely as high-speed bandwidth has become less limited."

The SF Standard reports that a San Francisco man whose car was stolen in the middle of the night "managed to track down the vehicle using his car insurance app and retrieve the stolen vehicle the following morning within half an hour of noticing it was gone." Harris realized he could track his phone using his app from MetroMile, a San Francisco-based digital pay-per-mile car insurance company that tracks a car's location and charges a rate based on how much it's driven. "I opened the app and found it was in Mission Bay," he said, adding that the person who stole it drove it all night before parking. "I rode my bike down there and picked it up...."

Before picking up his car, Harris didn't consult with the San Francisco Police Department and said officers were confused about why he wanted to report a stolen car that was already back in his possession. He said his driver's side window had been smashed, but there wasn't any other damage, just a mess of marijuana paraphernalia and blunt wraps inside... "If a vehicle owner locates their stolen vehicle prior to the police locating it, we highly recommend that they alert us to the vehicle's location and do not move the car prior to reporting it recovered," Sgt. Kathryn Winters wrote in an email. "Additionally, if they locate the vehicle occupied, they should not approach the vehicle or suspects and should call law enforcement immediately."

There were 274 motor vehicle theft reports in the Western Addition neighborhood, which includes Alamo Square, in the 12 months leading up to Oct. 21 compared with 219 during the same period the previous year, according to police data. Citywide, the problem has also gotten worse in recent years. The number of car thefts has risen from 60 incidents per 10,000 residents in 2019 to 101 incidents this year.

To explore America's "transition to a post-quantum world," the Washington Post interviewed U.S. federal official Nick Polk, who is focused on national security issues including quantum computing and is also a senior advisor to a White House federal chief information security officer): The Washington Post: The U.S. is in the early stages of a major shift focused on bolstering government network defenses, pushing federal agencies to adopt a new encryption standard known as post-quantum cryptography that aims to prevent systems from being vulnerable to advanced decryption techniques enabled by quantum computers in the near future...

Nick Polk: We've been using asymmetric encryption for a very long time now, and it's been ubiquitous since about 2014, when the U.S. government and some of the large tech companies decided that they're going to make it a default on most web browsers... Interestingly enough, regarding the post-quantum cryptographic standards being developed, the only thing that's quantum about them is that it has "quantum" in the name. It's really just a different type of math that's much more difficult for a quantum computer to be able to reverse-engineer. The National Institute of Standards and Technology is looking at different mathematical models to cover all their bases. The interesting thing is that these post-quantum standards are actually being used to protect classical computers that we have now, like laptops...

Given the breadth of the U.S. government and the amount of computing power we use, we really see ourselves and our role as a steward of the tech ecosystem. One of the things that came out of [this week's Inside Quantum Technology conference in New York City] was that we are very quickly moving along with the private sector to migrate to post-quantum cryptography. I think you're gonna see very shortly a lot of very sensitive private sector industries start to migrate or start to advertise that they're going to migrate. Banks are a perfect example. That means meeting with vendors regularly, and testing their algorithms to ensure that we can accurately and effectively implement them on federal systems...

The administration and national security memorandum set 2035 as our deadline as a government to migrate our [national security] systems to post-quantum cryptography. That's supposed to time with the development of operational quantum computers. We need to ensure that we start now, so that we don't end up not meeting the deadline before computers are operational... This is a prioritized migration for the U.S. government. We're going to start with our most critical systems — that includes what we call high-value assets, and high-impact systems. So for example, we're gonna prioritize systems that have personal health information.

That's our biggest emphasis — both when we talk to private industry and when we encourage agencies when they talk to their contractors and vendors — to really think about where your most sensitive data is and then prioritize those systems for migration.

Bloomberg thinks they've identified the source of the advanced chips in Huawei's newest smartphone, citing to "people familiar with the matter". In a suggestion that export restrictions on Europe's most valuable tech company may have come too late to stem China's advances in chipmaking, ASML's so-called immersion deep ultraviolet machines were used in combination with tools from other companies to make the Huawei Technologies Co. chip, the people said, asking not to be identified discussing information that's not public. ASML declined to comment.

There is no suggestion that their sales violated export restrictions... ASML has never been able to sell its EUV machines to China because of export restrictions. But less advanced DUV models can be retooled with deposition and etching gear to produce 7-nanometer and possibly even more advanced chips, according to industry analysts. The process is much more expensive than using EUV, making it very difficult to scale production in a competitive market environment. In China, however, the government is willing to shoulder a significant portion of chipmaking costs.

Chinese companies have been legally stockpiling DUV gear for years — especially after the U.S. introduced its initial export controls last year before getting Japan and the Netherlands on board... According to an investor presentation published by the company last week, ASML experienced a jump in business from China this year as chipmakers there boosted orders ahead of the export controls taking full effect in 2024. China accounted for 46% of ASML's sales in the third quarter, compared with 24% in the previous quarter and 8% in the three months ending in March.
Another article from Bloomberg includes this prediction: The U.S. won't be able to stop Huawei and SMIC from making progress in chip technology, Burn J. Lin, a former Taiwan Semiconductor Manufacturing Co. vice president, told Bloomberg News. Semiconductor Manufacturing International Corp should be able to advance to the next generation at 5 nanometers with machines from ASML Holding NV that it already operates, said Lin, who at TSMC championed the lithography technology that transformed chipmaking.
The end result is that Huawei's profit "more than doubled during the quarter it revealed its biggest achievement in chip technology," the article reports, "adding to signs the Chinese tech leader is steadying a business rocked by US sanctions." The Shenzhen company reported a 118% surge in net profit to 26.4 billion yuan ($3.6 billion) in the September quarter, and a slight rise in sales to 145.7 billion yuan, according to Bloomberg News calculations from nine-month results released Friday. Those numbers included initial sales of the vastly popular Mate 60 Pro, which began shipping in late August... The gadget sold out almost instantly, spurring expectations it could rejuvenate Huawei's fortunes and potentially cut into Apple Inc.'s lead in China, given signs of a disappointing debut for the iPhone 15...

A resurgent Huawei would pose problems not just for Apple but also local brands from Xiaomi Corp. to Oppo and Vivo, all of which are fighting for sales in a shrinking market.