Security

Fourth US Navy Collision This Year Raises Suspicion of Cyber-Attacks (thenextweb.com) 353

An anonymous reader quotes a report from The Next Web: Early Monday morning a U.S. Navy Destroyer collided with a merchant vessel off the coast of Singapore. The U.S. Navy initially reported that 10 sailors were missing, and today found "some of the remains" in flooded compartments. While Americans mourn the loss of our brave warriors, top brass is looking for answers. Monday's crash involving the USS John McCain is the fourth in the area, and possibly the most difficult to understand. So far this year 17 U.S. sailors have died in the Pacific southeast due to seemingly accidental collisions with civilian vessels.

Should four collisions in the same geographical area be chalked up to coincidence? Could a military vessel be hacked? In essence, what if GPS spoofing or administrative lockout caused personnel to be unaware of any imminent danger or unable to respond? The Chief of Naval Operations (CNO) says there's no reason to think it was a cyber-attack, but they're looking into it: "2 clarify Re: possibility of cyber intrusion or sabotage, no indications right now...but review will consider all possibilities," tweeted Adm. John Richardson. The obvious suspects -- if a sovereign nation is behind any alleged attacks -- would be Russia, China, and North Korea, all of whom have reasonable access to the location of all four incidents. It may be chilling to imagine such a bold risk, but it's not outlandish to think a government might be testing cyber-attack capabilities in the field.

China

China Relaunches World's Fastest Train (fortune.com) 113

China has decided to relaunch the world's fastest train service following a fatal crash in 2011, where the high speed train service reduced its upper limit from its then-record holding 350 km/h (217 miles/hour) to 250-300 km/h (155-186 miles/hour). Fortune reports: Government-controlled website Thepaper.cn reported that seven pairs of bullet trains will be operating under the name "Fuxing," meaning rejuvenation, according to the South China Morning Post. The trains will once again run at 350 km/h, with a maximum speed of 400 km/h (248 mph). It is reported that the train service will boast a monitoring system that will automatically slow the trains in case of emergency. The Beijing-Shanghai line will begin operating on 21 September and will shorten the nearly 820 mile journey by an hour, to four hours thirty minutes. Nearly 600 million people use this route each year, providing a reported $1 billion in profits . Other routes include Beijing-Tianjin-Hebei, which will begin operation today.
AI

Leading Chinese Bitcoin Miner Wants To Cash In On AI (qz.com) 23

hackingbear writes: Bitmain, the most influential company in the bitcoin economy by the sheer amount of processing power, or hash rate, that it controls, plans to unleash its bitcoin mining ASIC technology to AI applications. The company designed a new deep learning processor Sophon, named after a alien-made, proton-sized supercomputer in China's seminal science-fiction novel, The Three-Body Problem . The idea is to etch in silicon in some of the most common deep learning algorithms, thus greatly boosting efficiency. Users will be able to apply their own datasets and build their own models on these ASICs, allowing the resulting neural networks to generate results and learn from those results at a far quicker pace. The company hopes that thousands of Bitmain Sophon units soon could be training neural networks in vast data centers around the world.
AI

Elon Musk Backs Call For A Global Ban On Killer Robots (cnn.com) 214

An anonymous reader quotes CNN: Tesla boss Elon Musk is among a group of 116 founders of robotics and artificial intelligence companies who are calling on the United Nations to ban autonomous weapons. "Lethal autonomous weapons threaten to become the third revolution in warfare. Once developed, they will permit armed conflict to be fought at a scale greater than ever, and at timescales faster than humans can comprehend," the experts warn in an open letter released Monday...

"Unlike other potential manifestations of AI, which still remain in the realm of science fiction, autonomous weapons systems are on the cusp of development right now and have a very real potential to cause significant harm to innocent people along with global instability," said Ryan Gariepy, the founder of Clearpath Robotics and the first person to sign the letter. More than a dozen countries -- including the United States, China, Israel, South Korea, Russia and Britain -- are currently developing autonomous weapons systems, according to Human Rights Watch.

Yahoo!

Alleged Yahoo Hacker Will Be Extradited To The US (tucson.com) 45

An anonymous reader quotes the AP: A Canadian man accused in a massive hack of Yahoo emails agreed Friday to forgo his extradition hearing and go face the charges in the United States. Karim Baratov was arrested in Hamilton, Ontario, in March under the Extradition Act after U.S. authorities indicted him and three others, including two alleged officers of Russia's Federal Security Service. They are accused of computer hacking, economic espionage and other crimes.

An extradition hearing for the 22-year-old Baratov had been scheduled for early September, but he signed documents before a Canadian judge Friday agreeing to waive it. His lawyer, Amedeo DiCarlo, said that does not amount to an admission of guilt... U.S. law enforcement officials call Baratov a "hacker-for-hire" paid by members of the Federal Security Service, or FSB, considered the successor to the KGB of the former Soviet Union.

Yahoo also believes that attack -- which breached at least 500 million Yahoo accounts in 2014 -- was perpetrated by "a state-sponsored actor." The CBC reports that Baratov lives alone in a large, new house in an expensive subdivision. "His parents either bought him the house," one neighbor told the CBC, "or he's getting money somewhere else, because he doesn't seem to work all day; he just drives up and down the street."

The CBC also reports that Baratov's Facebook page links to a Russian-language site "which claims to offer a number of services, including servers for rent in Russia, protection from distributed denial of service (DDoS) attacks, and domain names in China."
The Military

A Global Fish War is Coming, Warns US Coast Guard (usni.org) 190

schwit1 shares an article from the U.S. Naval Institute's Proceedings magazine. It includes this warning from the Coast Guard's chief of fisheries law enforcement: Nearly two decades into the 21st Century, it has become clear the world has limited resources and the last area of expansion is the oceans. Battles over politics and ideologies may be supplanted by fights over resources as nations struggle for economic and food security. These new conflicts already have begun -- over fish... In 1996, Canada and Spain almost went to war over the Greenland turbot. Canada seized Spanish vessels it felt were fishing illegally, but Spain did not have the same interpretation of the law and sent gunboats to escort its ships. In 1999, a U.S. Coast Guard cutter intercepted a Russian trawler fishing in the U.S. exclusive economic zone. The lone cutter was promptly surrounded by 19 Russian trawlers. Fortunately, the Russian Border Guard and the Coast Guard drew on an existing relationship and were able to defuse the situation...

Japan protested 230 fishing vessels escorted by seven China Coast Guard ships entering the waters of the disputed Senkaku Islands. Incidents in the South China Sea between the Indonesian Navy and Chinese fishing vessels and China Coast Guard have escalated to arrests, ramming, and warning shots leading experts to suggest only navies and use of force can stop the IUU fishing... The United States needs to show it is serious about protecting sustainable fisheries and international rule of law. It needs a fleet that not only will provide a multilateral cooperation platform, but also take action against vessels and fleets that are unwilling to cooperate... If cooperation cannot be achieved, the United States should prepare for a global fish war.

When I read "fish war," I was imagining it more like this.
China

China Cracks Down on VPN Vendors (bbc.com) 39

An anonymous reader shares a BBC report: China's latest crackdown on those attempting to skirt state censorship controls has seen it warn e-commerce platforms over the sale of illegal virtual private networks (VPNs). Five websites, including shopping giant Alibaba, have been asked to remove vendors that sell VPNs. It is the latest in a series of measures from the Chinese government to maintain strict control over content. Apple has previously been asked to remove VPN apps. China's cyber-regulator the Cyberspace Administration of China (CAC) has ordered the websites to carry out immediate "self-examination and correction." "The CAC has ordered these five sites to immediately carry out a comprehensive clean-up of harmful information, close corresponding illegal account.. and submit a rectification report by a deadline," the regulator said in a statement.
Bitcoin

Australia Joins China and Japan in Trying To Regulate Digital Currency Exchanges (cnbc.com) 63

Following moves by China and Japan to regulate digital currencies, Australia is attempting to crackdown on money laundering and terrorism financing with plans to regulate bitcoin exchanges. From a report: "The threat of serious financial crime is constantly evolving, as new technologies emerge and criminals seek to nefariously exploit them. These measures ensure there is nowhere for criminals to hide," said Australia's Minister for Justice Michael Keenan in a press release. The Australian government proposed a set of reforms on Thursday which will close a gap in regulation and bring digital currency exchange providers under the remit of the Australian Transactions and Reporting Analysis Centre. These exchanges serve as marketplaces where traders can buy and sell digital currencies, such as bitcoin, using fiat currencies, such as the dollar. The reform bill is intended to strengthen the Anti-Money Laundering and Counter-Terrorism Financing Act and increase the powers of AUSTRAC.
The Courts

Developers File Antitrust Complaint Against Apple in China (reuters.com) 27

A Chinese law firm has filed a complaint against Apple on behalf of 28 local developers alleging the firm breached antitrust regulations. From a report: The complaint, lodged by Beijing-based Dare & Sure Law Firm, accuses Apple of charging excessive fees and removing apps from its local store without proper explanation, Lin Wei, an attorney at the firm told Reuters on Thursday. "During its localization process Apple has run into several antitrust issues ... after an initial investigation we consulted a number of enterprises and got a very strong response," said Lin. The law firm invited developers to join the complaint in April and on Tuesday filed it to China's State Administration for Industry and Commerce and the National Development and Reform Commission, which oversees antitrust matters in the country.
China

China Working On 'Repression Network' Which Lets Cameras Identify Cars With Unprecedented Accuracy (thesun.co.uk) 80

schwit1 shares a report from The Sun: Researchers at a Chinese university have revealed the results of an investigation aimed at creating a "repression network" which can identify cars from "customized paintings, decorations or even scratches" rather than by scanning its number plate. A team from Peking University said the technology they have developed to perform this task could also be used to recognize the faces of human beings. Essentially, it works by learning from what it sees, allowing it to differentiate between cars (or humans) by spotting small differences between them. "The growing explosion in the use of surveillance cameras in public security highlights the importance of vehicle search from large-scale image databases," the researcher wrote. "Precise vehicle search, aiming at finding out all instances for a given query vehicle image, is a challenging task as different vehicles will look very similar to each other if they share same visual attributes." They added: "We can extend our framework [software] into wider applications like face and person retrieval [identification] as well."
China

China's VPN Developers Face Crackdown (bbc.com) 55

China recently launched a crackdown on the use of software which allows users to get around its heavy internet censorship. Now as the BBC reports, developers are facing growing pressure. From the report: The three plain-clothes policemen tracked him down using a web address. They came to his house and demanded to see his computer. They told him to take down the app he was selling on Apple's App Store, and filmed it as it was happening. His crime was to develop and sell a piece of software that allows people to get round the tough restrictions that limit access to the internet in China. A virtual private network (VPN) uses servers abroad to provide a secure link to the internet. It's essential in China if you want to access parts of the outside world like Facebook, Gmail or YouTube, all of which are blocked on the mainland. "They insisted they needed to see my computer," the software developer, who didn't want us to use his name, told us during a phone interview. "I said this is my private stuff. How can you search as you please?" No warrant was produced and when he asked them what law he had violated they didn't say. Initially he refused to co-operate but, fearing detention, he relented. Then they told him what they wanted: "If you take the app off the shelf from Apple's App Store then this will be all over." 'Sorry, I can't help you with that'. Up until a few months ago his was a legal business. Then the government changed the regulations. VPN sellers need a licence now.
Businesses

China Built the World's Largest Telescope, But Has No One To Run It (arstechnica.com) 122

An anonymous reader shares a report: China has built a staggeringly large instrument in the remote southern, mountainous region of the country called the Five hundred-meter Aperture Spherical Telescope, or FAST. The telescope measures nearly twice as large as the closest comparable facility in the world, the US-operated Arecibo radio telescope in Puerto Rico. According to the South China Morning Post, the country is looking for a foreigner to run the observatory because no Chinese astronomer has the experience of running a facility of such size and complexity. The Chinese Academy of Sciences began advertising the position in western journals and job postings in May, but so far there have been no qualified applicants. One reason is that the requirements are fairly strict: The candidate must have at least 20 years of previous experience in the field, and he or she must have taken a leading role in large-scale radio telescope project with extensive managerial experience. The candidate must also hold a professorship, or equally senior position, in a world-class research institute or university. Nick Suntzeff, an astronomer at Texas A&M University who helped lead the discovery of dark energy and is involved with construction of the optical Giant Magellan Telescope in Chile, said there are probably about 40 or so astronomers in the world who would qualify for such a job. Compared to other astronomy disciplines, radio astronomy is a relatively small field. "I am sure they will find someone," he said. "But most astronomers in the United States do not like to work abroad. It was hard to get people to apply to work in La Serena, something I could never understand, considering how beautiful it is and how nice the Chilean people are." Among the western community of astronomers there are also questions about the scientific purpose of the FAST telescope. As part of a recent National Science Foundation review of its facilities, US officials placed the similar Arecibo radio telescope near the bottom of its priorities list.
Android

BLU Claims Innocence, Gets Phones Reinstated On Amazon (slashgear.com) 43

Earlier this week, Amazon suspended budget phone maker BLU from selling its phones on the site, citing a "potential security issue." A few days have passed and BLU has made its defense. SlashGear reports: AdUps, the Chinese company that provides affordable firmware update software to countless budget Android phones, is not spyware and not even Kryptowire, the security firm that broke the news last year, called it that, insists BLU. To be fair, Kryptowire really didn't. In its 2016 report, it simply described AdUps' OTA software as "FIRMWARE THAT TRANSMITTED PERSONALLY IDENTIFIABLE INFORMATION (PII) WITHOUT USER CONSENT OR DISCLOSURE." Curiously, that is more or less how the FTC defines spyware (PDF). In its 2017 follow-up, it did drop the second part of that phrase and simply reported on "mobile devices for Personally Identifiable Information (PII) collection and transmission to third parties." While BLU, and a few other OEMs, was caught unaware by the first report, it's insisting on its innocence in this second instance. Its defense stems from the argument that it is doing nothing that violates its Privacy Policy and, therefore, doesn't constitute any wrongdoing. Yes, that privacy policy that barely anyone reads, which can't legally be blamed on manufacturers anyway.

In other words, when you agreed to use BLU's devices, you basically agreed that such PII could possibly be transmitted to a third party outside the US. In this particular case, that does apply to the situation with AdUps. Interestingly, the policy's copyright dates back to 2016, when the AdUps issue first came up. The Internet Archives doesn't seem to have any version of that page before April this year. And so we come to BLU's second arguments: everybody's doing it. The data that AdUps collects is the same or even just a fraction of what other OEMs are collecting. Google is hardly the bastion of privacy and other OEMs are also collecting such data and sending it to servers in China, as is the case with Huawei and ZTE. Finally, BLU says that Kryptowire's new report really only identifies the Cubot X16S, from a Chinese OEM, as the only smartphone really spying on its users.
UPDATE: BLU has confirmed that its devices "are now back up for sale on Amazon."
Government

Apple Owns $52.6 Billion In US Treasury Securities, More Than Mexico, Turkey or Norway (cnbc.com) 93

randomErr shares a report from CNBC: If Apple were a foreign country, CEO Tim Cook might have considerable political clout in the United States. That's because the tech giant owns $52.6 billion in U.S. Treasury securities, which would rank it among the top 25 major foreign holders, according to estimates from the Treasury Department and Apple's SEC filings released Wednesday. Apple's stake in U.S. government securities as of June, up from $41.7 billion as of last September, puts it ahead of Israel, Mexico and the Netherlands, according to Treasury data released last month, which tracks up to May of this year. With $20.1 billion in short-term Treasury securities and $31.35 billion in long-term marketable Treasury securities, Apple still falls far below countries like China and Japan, which hold over a trillion dollars in U.S. government debt each -- which has caused considerable hand-wringing in Washington. Still, Apple is way above other big companies like Amazon, which owns less than $5 billion in U.S. government or agency securities combined, according to regulatory filings.
The Military

US Army Calls Halt On Use of Chinese-Made Drones By DJI (theverge.com) 45

Due to "an increased awareness of cyber vulnerabilities with DJI products," the U.S. Army is asking all units to discontinue the use of DJI drones. The news comes from an internal memo obtained by the editor of SUAS News. It notes that the Army had issued over 300 separate releases authorizing the use of DJI products for Army missions, meaning a lot of hardware may have been in active use prior to the memo, which is dated August 2nd, 2017. The Verge reports: SUAS News published a piece back in May of this year that made a number of serious accusations about data gathered by DJI drones. Author Kevin Pomaski starts out writing, "Using a simple Google search the data mined by DJI from your provided flights (imagery, position and flight logs) and your audio can be accessed without your knowing consent." However, he never follows up with evidence to demonstrate how this data becomes public or can be found through a Google search. Pomaski also point out, correctly, that when DJI users elect to upload data to their SkyPixel accounts through the DJI app, this data can be stored on servers in the U.S., Hong Kong, and China. This data can include videos, photos, and audio recorded by your phone's microphone, and telemetry data detailing the height, distance, and position of your recent flights. DJI provided the following statement to The Verge: "People, businesses and governments around the world rely on DJI's products and technology for a variety of uses including sensitive and mission critical operations. The Department of the Army memo even reports that they have 'issued over 300 separate Airworthiness Releases for DJI products in support of multiple organizations with a variety of mission sets.' We are surprised and disappointed to read reports of the U.S. Army's unprompted restriction on DJI drones as we were not consulted during their decision. We are happy to work directly with any organization, including the U.S. Army, that has concerns about our management of cyber issues. We'll be reaching out to the U.S. Army to confirm the memo and to understand what is specifically meant by 'cyber vulnerabilities.' Until then, we ask everyone to refrain from undue speculation."
AI

Chinese Chatbots Apparently Re-educated After Political Faux Pas (reuters.com) 80

A pair of 'chatbots' in China have been taken offline after appearing to stray off-script. In response to users' questions, one said its dream was to travel to the United States, while the other said it wasn't a huge fan of the Chinese Communist Party. From a report: The two chatbots, BabyQ and XiaoBing, are designed to use machine learning artificial intelligence (AI) to carry out conversations with humans online. Both had been installed onto Tencent Holdings Ltd's popular messaging service QQ. The indiscretions are similar to ones suffered by Facebook and Twitter, where chatbots used expletives and even created their own language. But they also highlight the pitfalls for nascent AI in China, where censors control online content seen as politically incorrect or harmful. Tencent confirmed it had taken the two robots offline from its QQ messaging service, but declined to elaborate on reasons.
China

China Is Perfecting a New Method For Suppressing Dissent On the Internet (vox.com) 151

An anonymous reader quotes a report from Vox: The art of suppressing dissent has been perfected over the years by authoritarian governments. For most of human history, the solution was simple: force. Punish people severely enough when they step out of line and you deter potential protesters. But in the age of the internet and "fake news," there are easier ways to tame dissent. A new study by Gary King of Harvard University, Jennifer Pan of Stanford University, and Margaret Roberts of the University of California San Diego suggests that China is the leading innovator on this front. Their paper, titled "How the Chinese Government Fabricates Social Media Posts for Strategic Distraction, Not Engaged Argument," shows how Beijing, with the help of a massive army of government-backed internet commentators, floods the web in China with pro-regime propaganda. What's different about China's approach is the content of the propaganda. The government doesn't refute critics or defend policies; instead, it overwhelms the population with positive news (what the researchers call "cheerleading" content) in order to eclipse bad news and divert attention away from actual problems. This has allowed the Chinese government to manipulate citizens without appearing to do so. It permits just enough criticism to maintain the illusion of dissent and only acts overtly when fears of mass protest or collective action arise.
Censorship

Joining Apple, Amazon's China Cloud Service Bows To Censors (nytimes.com) 51

Days after Apple yanked anti-censorship tools off its app store in China, another major American technology company is moving to implement the country's tough restrictions on online content. From a report: A Chinese company that operates Amazon's cloud-computing and online services business there said on Tuesday that it told local customers to cease using any software that would allow Chinese to circumvent the country's extensive system of internet blocks (Editor's note: the link could be paywalled; alternative source). The company, called Beijing Sinnet Technology and operator of the American company's Amazon Web Services operations in China, sent one round of emails to customers on Friday and another on Monday. "If users don't comply with the guidance, the offered services and their websites can be shut down," said a woman surnamed Wang who answered a Sinnet service hotline. "We the operators also check routinely if any of our users use these softwares or store illegal content." Ms. Wang said the letter was sent according to recent guidance from China's Ministry of Public Security and the country's telecom regulator. Amazon did not respond to emails and phone calls requesting comment. The emails are the latest sign of a widening push by China's government to block access to software that gets over the Great Firewall -- the nickname for the sophisticated internet filters that China uses to stop its people from gaining access to Facebook, Google and Twitter, as well as foreign news media outlets.
Android

Amazon Suspends Sales of Blu Android Phones Due To Privacy Concerns (cnet.com) 66

CNET reports: Amazon just put budget phone maker Blu in the penalty box. The online retailing giant told CNET that it was suspending sales of phones from Blu, known for making ultra-cheap Android handsets, due to a "potential security issue." The move comes after security firm Kryptowire demonstrated last week how software in Blu's phones collected data and sent it to servers in China without alerting people. Blu defended the software, created by a Chinese company called Shanghai Adups Technology, and denied any wrongdoing. A company spokeswoman said at the time it "has several policies in place which take customer privacy and security seriously." She added there had been no breaches. Blu said it was in a process of review to reinstate the phones at Amazon.
China

Apple Pulls Anti-Censorship Apps from China's App Store (fortune.com) 108

An anonymous reader quotes Fortune:Services helping Chinese users circumvent the "Great Firewall of China" have been pulled from Apple's Chinese App Store en masse. On Saturday morning, at least some software makers affected by the sweep received notification from Apple that their tools were removed for violating Chinese law. Internet censorship in China restricts communications about topics including democracy, Tibetan freedom, and the 1989 Tienanmen Square protests. The culling primarily seems to have affected virtual private networks, or VPNs, which mask users' Internet activity and data from outside monitoring. According to a report by the New York Times, many of the most popular such apps are now missing from the Chinese App Store.

Slashdot Top Deals