San Francisco will vote next week on a divisive ballot measure that would authorize police to use surveillance cameras, drones and AI-powered facial recognition as the city struggles to restore a reputation tarnished by street crime and drugs. From a report: The Safer San Francisco initiative, formally called Proposition E, is championed by Mayor London Breed who believes disgruntled citizens will approve the proposal on Tuesday. Although technology fueled the Silicon Valley-adjacent city's decades-long boom, residents have a history of being deeply suspicious. In 2019, San Francisco, known for its progressive politics, became the first large U.S. city to ban government use of facial recognition due to concerns about privacy and misuse.

Breed, who is running for re-election in November, played down the potential for abuse under the ballot measure, saying safeguards are in place. "I get that people are concerned about privacy rights and other things, but technology is all around us," she said in an interview. "It's coming whether we want it to or not. And everyone is walking around with AI in their hands with their phones, recording, videotaping," Breed said. Critics of the proposal contend it could hurt disadvantaged communities and lead to false arrests, arguing surveillance technology requires greater oversight.

"If you drive a car in California, you may be in for a payday thanks to a lawsuit alleging privacy violations by a Texas company," report SFGate: The 2021 lawsuit, given class-action status in September, alleges that Digital Recognition Network is breaking a California law meant to regulate the use of automatic license plate readers. DRN, a Fort Worth-based company, uses plate-scanning cameras to create location data for people's vehicles, then sells that data to marketers, car repossessors and insurers.

What's particularly notable about the case is the size of the class. The court has established that if you're a California resident whose license plate data was collected by DRN at least 15 times since June 2017, you're a class member. The plaintiff's legal team estimates that the tally includes about 23 million people, alleging that DRN cameras were mounted to cars on public roads. The case website lets Californians check whether their plates were scanned.

Barring a settlement or delay, the trial to decide whether DRN must pay a penalty to those class members will begin on May 17 in San Diego County Superior Court... The company's cameras scan 220 million plates a month, its website says, and customers can use plate data to "create comprehensive vehicle stories."
A lawyer for the firm representing class members told SFGATE Friday that his team will try to show DRN's business is a "mass surveillance program."

The Guardian reports: The Covid death toll in the U.S. is likely at least 16% higher than the official tally, according to a new study, and researchers believe the cause of the undercounting goes beyond overloaded health systems to a lack of awareness of Covid and low levels of testing.

The second year of the pandemic also had nearly as many uncounted excess deaths as the first, the study found.

More than 1.1 million Americans have died from Covid, according to official records. But the actual number is assuredly higher, given the high rates of excess deaths. Demographers wanted to know how many could be attributed to Covid, and they drilled down to data at the county level to discover patterns in geography and time. There were 1.2 million excess deaths from natural causes — excluding deaths from accidents, firearms, suicide and overdoses — between March 2020 and August 2022, the researchers estimated, and about 163,000 of those deaths were not attributed to Covid in any way — but most of them should have been, the researchers say... "The mortality that's not considered Covid starts a little bit before the Covid surges officially start and crests a little bit sooner," said Elizabeth Wrigley-Field, associate professor in the department of sociology and the Minnesota Population Center at the University of Minnesota and one of the study's authors. That indicates some people didn't realize their illness was Covid, due to a lack of awareness about its prevalence and low levels of testing. There was also a rise in out-of-hospital deaths — in homes and nursing homes, for instance — which makes ascertaining the cause of death more difficult...

"[W]e find over the first 30 months of the pandemic that serious gaps remained in surveillance," said Andrew Stokes, associate professor of global health and sociology at Boston University and one of the study's authors. "Even though we got a lot better at testing for Covid, we were still missing a lot of official Covid deaths" in the U.S., said Jennifer Dowd, professor of demography and population health at University of Oxford, who was not involved in this research. The phenomenon "underscores how badly the U.S. fared as the pandemic continued," Wrigley-Field said. "It does profoundly reflect failures in the public health system."
One of the study's authors told the Guardian that the hardest-hit areas were non-metropolitan counties, especially in the west and the south, with fewer resources for investigating deaths (and lower testing levels) — as well as different methodologies for assembling the official numbers.

On Wednesday afternoon "a European Space Agency satellite reentered Earth's atmosphere over the North Pacific Ocean..." reports CNN, "and there have been no reports of damage, according to the agency." The agency's Space Debris Office, along with an international surveillance network, monitored and tracked the Earth-observing ERS-2 satellite throughout February to make predictions about the reentry, which occurred at 12:17 p.m. ET Wednesday. The ESA provided continuous live updates on its website. At around 50 miles (80 kilometers) above Earth's surface, the satellite broke apart due to atmospheric drag, and the majority of the fragments were expected to burn up in the atmosphere.

The agency said it was possible that some fragments could reach the planet's surface, but the pieces didn't contain any harmful substances and likely fell into the ocean... The ERS-2 satellite had an estimated mass of 5,057 pounds (2,294 kilograms) after depleting its fuel, according to the agency. "Uncontrolled Atmospheric reentry has long been a common method for disposing of space objects at the end of their mission," said Tim Flohrer, head of the agency's Space Debris Office, in a statement. "We see objects similar in size or larger to ERS-2 reentering the atmosphere multiple times each year."

The Earth-observing ERS-2 satellite first launched on April 21, 1995, and it was the most sophisticated satellite of its kind at the time to be developed and launched by Europe... In 2011, the agency decided to end the satellite's operations and deorbit it, rather than adding to the swirl of space junk orbiting the planet. The satellite executed 66 deorbiting maneuvers in July and August of 2011 before the mission officially concluded later that year on September 11. The maneuvers burned through the rest of the satellite's fuel and decreased its altitude, setting ERS-2's orbit on a trajectory to slowly spiral closer to Earth and reenter the atmosphere within 15 years.

The chances of an individual person being injured by space debris each year are less than 1 in 100 billion, about 1.5 million times lower than the risk of being killed in an accident at home, according to the agency.

An anonymous reader quotes a report from Ars Technica: The European Court of Human Rights (ECHR) has ruled that weakening end-to-end encryption disproportionately risks undermining human rights. The international court's decision could potentially disrupt the European Commission's proposed plans to require email and messaging service providers to create backdoors that would allow law enforcement to easily decrypt users' messages. This ruling came after Russia's intelligence agency, the Federal Security Service (FSS), began requiring Telegram to share users' encrypted messages to deter "terrorism-related activities" in 2017, ECHR's ruling said. [...] In the end, the ECHR concluded that the Telegram user's rights had been violated, partly due to privacy advocates and international reports that corroborated Telegram's position that complying with the FSB's disclosure order would force changes impacting all its users.

The "confidentiality of communications is an essential element of the right to respect for private life and correspondence," the ECHR's ruling said. Thus, requiring messages to be decrypted by law enforcement "cannot be regarded as necessary in a democratic society." [...] "Weakening encryption by creating backdoors would apparently make it technically possible to perform routine, general, and indiscriminate surveillance of personal electronic communications," the ECHR's ruling said. "Backdoors may also be exploited by criminal networks and would seriously compromise the security of all users' electronic communications. The Court takes note of the dangers of restricting encryption described by many experts in the field."

Martin Husovec, a law professor who helped to draft EISI's testimony, told Ars that EISI is "obviously pleased that the Court has recognized the value of encryption and agreed with us that state-imposed weakening of encryption is a form of indiscriminate surveillance because it affects everyone's privacy." [...] EISI's Husovec told Ars that ECHR's ruling is "indeed very important," because "it clearly signals to the EU legislature that weakening encryption is a huge problem and that the states must explore alternatives." If the Court of Justice of the European Union endorses this ruling, which Husovec said is likely, the consequences for the EU's legislation proposing scanning messages to stop illegal content like CSAM from spreading "could be significant," Husovec told Ars. During negotiations this spring, lawmakers may have to make "major concessions" to ensure the proposed rule isn't invalidated in light of the ECHR ruling, Husovec told Ars. Europol and the European Union Agency for Cybersecurity (ENISA) said in a statement: "Solutions that intentionally weaken technical protection mechanisms to support law enforcement will intrinsically weaken the protection against criminals as well, which makes an easy solution impossible."

Thousands of people using the London Underground had their movements, behavior, and body language watched by AI surveillance software designed to see if they were committing crimes or were in unsafe situations, new documents obtained by WIRED reveal. From the report: The machine-learning software was combined with live CCTV footage to try to detect aggressive behavior and guns or knives being brandished, as well as looking for people falling onto Tube tracks or dodging fares. From October 2022 until the end of September 2023, Transport for London (TfL), which operates the city's Tube and bus network, tested 11 algorithms to monitor people passing through Willesden Green Tube station, in the northwest of the city. The proof of concept trial is the first time the transport body has combined AI and live video footage to generate alerts that are sent to frontline staff. More than 44,000 alerts were issued during the test, with 19,000 being delivered to station staff in real time.

Documents sent to WIRED in response to a Freedom of Information Act request detail how TfL used a wide range of computer vision algorithms to track people's behavior while they were at the station. It is the first time the full details of the trial have been reported, and it follows TfL saying, in December, that it will expand its use of AI to detect fare dodging to more stations across the British capital. In the trial at Willesden Green -- a station that had 25,000 visitors per day before the Covid-19 pandemic -- the AI system was set up to detect potential safety incidents to allow staff to help people in need, but it also targeted criminal and antisocial behavior. Three documents provided to WIRED detail how AI models were used to detect wheelchairs, prams, vaping, people accessing unauthorized areas, or putting themselves in danger by getting close to the edge of the train platforms.

A radio station in Alabama has been forced to temporarily shut down after thieves stole a 200ft radio tower. The Guardian reports: WJLX, a station in Jasper, Alabama, was ordered to go off air by the Federal Communications Commission (FCC) after thieves took the station's AM tower last week, the Guardian first learned. "In all my years of being in the business, around the business, everything like that, I have never seen anything like this," WJLX's general manager, Brett Elmore, told the Guardian. "You don't hear of a 200ft tower being stolen," he added.

Elmore said the theft was first discovered last week by a landscaping crew that regularly manages the area nearby the tower, WBRC reported. "They called me and said the tower was gone. And I said, 'What do you mean, the tower is gone?'" Elmore said. The radio tower was previously located in a wooded area, behind a local poultry plant. Elmore said that thieves had cut the tower's wires and somehow removed it. Thieves also stole the station's AM transmitter from a nearby building.

For the small radio station, the theft has had a significant impact. Elmore said the station's property was not insured. Replacing the tower could cost the station anywhere between $100,000 to $150,000, which is "more money than we have," Elmore said. The FCC also notified WJLX on Thursday morning that the station would have to go off the air because of the theft. While WJLX still has its FM transmitter and tower, it is not allowed to operate its FM transmitter while the AM station is off the air. "I had a guy from Virginia call yesterday and say, 'You know, I think a helicopter grabbed [the tower],'" Elmore said. He's hoping that surveillance video from the nearby poultry plant or witnesses nearby can help figure out who stole the station's tower.

An anonymous reader quotes a report from Tom's Hardware: According to a recent report published by the Aargauer Zeitung (h/t Golem.de), around three million smart toothbrushes have been infected by hackers and enslaved into botnets. The source report says this sizable army of connected dental cleansing tools was used in a DDoS attack on a Swiss company's website. The firm's site collapsed under the strain of the attack, reportedly resulting in the loss of millions of Euros of business. In this particular case, the toothbrush botnet was thought to have been vulnerable due to its Java-based OS. No particular toothbrush brand was mentioned in the source report. Normally, the toothbrushes would have used their connectivity for tracking and improving user oral hygiene habits, but after a malware infection, these toothbrushes were press-ganged into a botnet.

Stefan Zuger from the Swiss branch of the global cybersecurity firm Fortinet provided the publication with a few tips on what people could do to protect their own toothbrushes -- or other connected gadgetry like routers, set-top boxes, surveillance cameras, doorbells, baby monitors, washing machines, and so on. "Every device that is connected to the Internet is a potential target -- or can be misused for an attack," Zuger told the Swiss newspaper. The security expert also explained that every connected device was being continually probed for vulnerabilities by hackers, so there is a real arms race between device software/firmware makers and cyber criminals. Fortinet recently connected an 'unprotected' PC to the internet and found it took only 20 minutes before it became malware-ridden. UPDATE 1/7/24: This attack "didn't actually happen," writes Jason Koebler via 404 Media. "There are no additional details about this apparent attack, and most of the article cites general research by a publicly traded cybersecurity company called Fortinet which has detected malicious, hijacked internet of things devices over the years. A search on Fortinet's website shows no recent published research about hacked smart toothbrushes."

The cybersecurity firm Fortinet said in a statement: "To clarify, the topic of toothbrushes being used for DDoS attacks was presented during an interview as an illustration of a given type of attack, and it is not based on research from Fortinet or FortiGuard Labs. It appears that due to translations the narrative on this topic has been stretched to the point where hypothetical and actual scenarios are blurred. FortiGuard Labs has not observed Mirai or other IoT botnets target toothbrushes or similar embedded devices."

Government hackers last year exploited three unknown vulnerabilities in Apple's iPhone operating system to target victims with spyware developed by a European startup, according to Google. TechCrunch: On Tuesday, Google's Threat Analysis Group, the company's team that investigates nation-backed hacking, published a report analyzing several government campaigns conducted with hacking tools developed by several spyware and exploit sellers, including Barcelona-based startup Variston. In one of the campaigns, according to Google, government hackers took advantage of three iPhone "zero-days," which are vulnerabilities not known to Apple at the time they were exploited. In this case, the hacking tools were developed by Variston, a surveillance and hacking technology startup whose malware has already been analyzed twice by Google in 2022 and 2023.

Google said it discovered the unknown Variston customer using these zero-days in March 2023 to target iPhones in Indonesia. The hackers delivered an SMS text message containing a malicious link that infected the target's phone with spyware, and then redirected the victim to a news article by the Indonesian newspaper Pikiran Rakyat. Google did not say who was Variston's government customer in this case.

Spying used to be all about secrets. Increasingly, it's about what's hiding in plain sight [non-paywalled link] . From a report: A staggering amount of data, from Facebook posts and YouTube clips to location pings from mobile phones and car apps, sits in the open internet, available to anyone who looks. US intelligence agencies have struggled for years to tap into such data, which they refer to as open-source intelligence, or OSINT. But that's starting to change. In October the Office of the Director of National Intelligence, which oversees all the nation's intelligence agencies, brought in longtime analyst and cyber expert Jason Barrett to help with the US intelligence community's approach to OSINT. His immediate task will be to help develop the intelligence community's national OSINT strategy, which will focus on coordination, data acquisition and the development of tools to improve its approach to this type of intelligence work. ODNI expects to implement the plan in the coming months, according to a spokesperson.

Barrett's appointment, which hasn't previously been reported publicly, comes after more than a year of work on the strategy led by the Central Intelligence Agency, which has for years headed up the government's efforts on OSINT. The challenge with other forms of intelligence-gathering, such as electronic surveillance or human intelligence, can be secretly collecting enough information in the first place. With OSINT, the issue is sifting useful insights out of the unthinkable amount of information available digitally. "Our greatest weakness in OSINT has been the vast scale of how much we collect," says Randy Nixon, director of the CIA's Open Source Enterprise division. Nixon's office has developed a tool similar to ChatGPT that uses AI to sift the ever-growing flood of data. Now available to thousands of users within the federal government, the tool points analysts to the most important information and auto-summarizes content. Government task forces have warned since the 1990s that the US was at risk of falling behind on OSINT. But the federal intelligence community has generally prioritized information it gathers itself, stymying progress.

A wide-spanning investigation by 404 Media reveals more details about a secretive spy tool that can tracks billions of phone profiles through the advertising industry called Patternz. From the report: Hundreds of thousands of ordinary apps, including popular ones such as 9gag, Kik, and a series of caller ID apps, are part of a global surveillance capability that starts with ads inside each app, and ends with the apps' users being swept up into a powerful mass monitoring tool advertised to national security agencies that can track the physical location, hobbies, and family members of people to build billions of profiles, according to a 404 Media investigation.

404 Media's investigation, based on now deleted marketing materials and videos, technical forensic analysis, and research from privacy activists, provides one of the clearest examinations yet of how advertisements in ordinary mobile apps can ultimately lead to surveillance by spy firms and their government clients through the real time bidding data supply chain. The pipeline involves smaller, obscure advertising firms and advertising industry giants like Google. In response to queries from 404 Media, Google and PubMatic, another ad firm, have already cut-off a company linked to the surveillance firm.

Amazon's Ring home doorbell unit says it will stop letting police departments request footage from users' video doorbells and surveillance cameras, retreating from a practice that was criticized by civil liberties groups and some elected officials. Bloomberg: Next week, the company will disable its Request For Assistance tool (non-paywalled link), the program that had allowed law enforcement to seek footage from users on a voluntary basis, Eric Kuhn, who runs Ring's Neighbors app, said in a blog post on Wednesday. Police and fire departments will have to seek a warrant to request footage from users or show the company evidence of an ongoing emergency.

Kuhn didn't say why Ring was disabling the tool. Yassi Yarger, a spokesperson, said Ring had decided to devote its resources to new products and experiences in the Neighbors app that better fit with the company's vision. The aim is to make Neighbors, which had been focused on crime and safety, into more of a community hub, she said. New features announced on Wednesday -- one called Ring Moments that lets users post clips and a company-produced Best of Ring -- highlight that push.

An anonymous reader quotes a report from The Register: For a country that prides itself on being free, America does seem to have an awful lot of spying going on, as the new Street Surveillance Hub from the Electronic Frontier Foundation shows. The Hub contains detailed breakdowns of the type of surveillance systems used, from bodycams to biometrics, predictive policing software to gunshot detection microphones and drone-equipped law enforcement. It also has a full news feed so that concerned citizens can keep up with the latest US surveillance news; they can also contribute to the Atlas of Surveillance on the site.

The Atlas, started in 2019, allows anyone to check what law enforcement is being used in their local area -- be it license plate readers, drones, or gunshot detection microphones. It can also let you know if local law enforcement is collaborating with third parties like home security vendor Ring to get extra information. EFF policy analyst Matthew Guariglia told The Register that once people look into what's being deployed using their tax dollars, a lot of red flags are raised. Over the last few years America's thin blue line have not only been harvesting huge amounts of data themselves, but also buying it in from commercial operators. The result is a perfect storm on privacy -- with police, homeowners, and our personal technology proving to be a goldmine of intrusive information that's often misused.

"Would you pay $15 a month so Android doesn't track you and send all of that data back to Google?" asks Stuff South Africa: A new Swiss-based privacy company thinks $15 is a fair fee for that peace of mind. "A person's data is the original digital currency," argues Apostrophy, which has created its own operating system, called Apostrophy OS.

It's based on Android — don't panic — but the version that has already been stripped of Google's intrusiveness by another privacy project called GrapheneOS, which used to be known as CopperheadOS. Launched in 2014, it which was briefly known as the Android Hardening project, before being rebranded as GrapheneOS in 2019. Apostrophy OS is "focused on empowering our users, not leveraging them," it says and is "purposely Swiss-based, so we can be champions of data sovereignty".

What it does, they say, is separate the apps from the underlying architecture of the operating system and therefore prevent apps from accessing miscellaneous personal data, especially the all-important location data so beloved of surveillance capitalism... Apostrophy OS has its own app store, but also cleverly allows users to access the Google Play Store. If you think that is defeating the point, Apostrophy argues that those apps can't get to the vitals of your digital life. Apostrophy OS has "partitioned segments prioritising application integrity and personal data privacy".
The service is free for one year with the purchase of the new MC02 phone from Swiss manufacturer Punkt, according to PC Magazine. "The phone costs $749 and is available for preorder now. It will ship at the end of January." Additional features include a built-in VPN called Digital Nomad based on the open-source Wireguard framework to secure your activity against outside snooping, which includes "exit addresses" in the US, Germany, and Japan with the base subscription.

A federal criminal complaint has revealed that state and local agencies in New Jersey bought millions of dollars worth of banned Chinese surveillance cameras. The cameras were purchased from a local company that rebranded the banned equipment made by Dahua Technology, a company that has been implicated in the surveillance of the Uyghur people in Xinjiang. According to 404 Media, "At least $15 million of the equipment was bought using federal COVID relief funds." From the report: The feds charged Tamer Zakhary, the CEO of the New Jersey-based surveillance company Packetalk, with three counts of wire fraud and a separate count of false statements for repeatedly lying to state and local agencies about the provenance of his company's surveillance cameras. Some of the cameras Packetalk sold to local agencies were Dahua cameras that had the Dahua logo removed and the colors of the camera changed, according to the criminal complaint.

Dahua Technology is the second largest surveillance camera company in the world. In 2019, the U.S. government banned the purchase of Dahua cameras using federal funds because their cameras have "been implicated in human rights violations and abuses in the implementation of China's campaign of repression, mass arbitrary detention, and high-technology surveillance against Uyghurs, Kazakhs, and other members of Muslim minority groups in Xingjiang." The FCC later said that Dahua cameras "pose an unacceptable risk to U.S. national security." Dahua is not named in the federal complaint, but [404 Media's Jason Koebler] was able to cross-reference details in the complaint with Dahua and was able to identify specific cameras sold by Packetalk to Dahua's product.

According to the FBI, Zakhary sold millions of dollars of surveillance equipment, including rebranded Dahua cameras, to agencies all over New Jersey despite knowing that the cameras were illegal to sell to public agencies. Zakhary also specifically helped two specific agencies in New Jersey (called "Victim Agency-1" and "Victim Agency-2" in the complaint) justify their purchases using federal COVID relief money from the CARES Act, according to the criminal complaint. The feds allege, essentially, that Zakhary tricked local agencies into buying banned cameras using COVID funds: "Zakhary fraudulently misrepresented to the Public Safety Customers that [Packetalk's] products were compliant with Section 889 of the John S. McCain National Defense Authorization Act for 2019 [which banned Dahua cameras], when, in fact, they were not," the complaint reads. "As a result of Zakhary's fraudulent misrepresentations, the Public Safety Customers purchased at least $35 million in surveillance cameras and equipment from [Packetalk], over $15 million of which was federal funds and grants."

Retired officers and departing defense officials are flocking to investment firms that are pushing the government to provide more money to defense-technology startups. The New York Times: When Defense Secretary Lloyd J. Austin III and other top officials assembled for an event this month at the Ronald Reagan Presidential Library, they walked into a lesson in how the high-stakes world of Pentagon lobbying is being altered by the rise of defense technology startups. Inside, at this elite gathering near Los Angeles of senior leaders from government and the arms industry, was a rapidly growing group of participants: former Pentagon officials and military officers who have joined venture capital firms and are trying to use their connections in Washington to cash in on the potential to sell a new generation of weapons.

They represent a new path through the revolving door that has always connected the Defense Department and the military contracting business. Retiring generals and departing top Pentagon officials once migrated regularly to the big established weapons makers like Lockheed Martin and Boeing. Now they are increasingly flocking to venture capital firms that have collectively pumped billions of dollars into Silicon Valley-style startups offering the Pentagon new war-fighting tools like autonomous killer drones, hypersonic jets and space surveillance equipment.

This new route to the private sector is one indicator of the ways in which the United States is trying to become more agile in harnessing technological advances to maintain military superiority over China and other rivals. But the close ties between venture capital firms and Defense Department decision makers have also put a new twist on long-running questions about industry access and influence at a time when the Pentagon is under pressure to rethink how it allocates its huge procurement budget.

Long-time tech entrepreneur Anil Dash predicts a big shift in the digital landscape in 2024. And "regular internet users — not just the world's tech tycoons — may be the ones who decide how it goes." The first thing to understand about this new era of the internet is that power is, undoubtedly, shifting. For example, regulators are now part of the story — an ironic shift for anyone who was around in the dot com days. In the E.U., tech giants like Apple are being forced to hold their noses and embrace mandated changes like opening up their devices to allow alternate app stores to provide apps to consumers. This could be good news, increasing consumer choice and possibly enabling different business models — how about mobile games that aren't constantly pestering gamers for in-app purchases? Back in the U.S., a shocking judgment in Epic Games' (that's the Fortnite folks') lawsuit against Google leaves us with the promise that Android phones might open up in a similar way.

That's not just good news for the billions of people who own smartphones. It's part of a sea change for the coders and designers who build the apps, sites, and games we all use. For an entire generation, the imagination of people making the web has been hemmed in by the control of a handful of giant companies that have had enormous control over things like search results, or app stores, or ad platforms, or payment systems. Going back to the more free-for-all nature of the Nineties internet could mean we see a proliferation of unexpected, strange new products and services. Back then, a lot of technology was created by local communities or people with a shared interest, and it was as likely that cool things would be invented by universities and non-profits and eccentric lone creators as they were to be made by giant corporations....

In that era, people could even make their own little social networks, so the conversations and content you found on an online forum or discussion were as likely to have been hosted by the efforts of one lone creator than to have come from some giant corporate conglomerate. It was a more democratized internet, and while the world can't return to that level of simplicity, we're seeing signs of a modern revisiting of some of those ideas.
Dash's article (published in Rolling Stone) ends with examples of "people who had been quietly keeping the spirit of the human, personal, creative internet alive...seeing a resurgence now that the web is up for grabs again. "

• Digital artist Everest Pipkin

• The School for Poetic Computation (which Dash describes as "an eccentric, deeply charming, self-organized school for people who want to combine art and technology and a social conscience.")

• Mask On Zone, "a collaboration with the artist and coder Ritu Ghiya, which gives demonstrators and protesters in-context guidance on how to avoid surveillance."

• There's projects and tools from makers like Stefan Bohacek, Darius Kazemi, and Elan Kiderman Ullendorff (including Youtune ("a stream of relatively unviewed original songs posted to YouTube.")

Dash concludes that "We're seeing the biggest return to that human-run, personal-scale web that we've witnessed since the turn of the millennium, with enough momentum that it's likely that 2024 is the first year since then that many people have the experience of making a new connection or seeing something go viral on a platform that's being run by a regular person instead of a commercial entity.

"It's going to make a lot of new things possible..."

A big thank-you for submitting the article to long-time Slashdot reader, DrunkenTerror.

TechCrunch reports: Apple's warnings in late October that Indian journalists and opposition figures may have been targeted by state-sponsored attacks prompted a forceful counterattack from Prime Minister Narendra Modi's government. Officials publicly doubted Apple's findings and announced a probe into device security.

India has never confirmed nor denied using the Pegasus tool, but nonprofit advocacy group Amnesty International reported Thursday that it found NSO Group's invasive spyware on the iPhones of prominent journalists in India, lending more credibility to Apple's early warnings. "Our latest findings show that increasingly, journalists in India face the threat of unlawful surveillance simply for doing their jobs, alongside other tools of repression including imprisonment under draconian laws, smear campaigns, harassment, and intimidation," said Donncha Ã" Cearbhaill, head of Amnesty International's Security Lab, in the blog post.
Cloud security company Lookout has also published "an in-depth technical look" at Pegasus, calling its use "a targeted espionage attack being actively leveraged against an undetermined number of mobile users around the world." It uses sophisticated function hooking to subvert OS- and application-layer security in voice/audio calls and apps including Gmail, Facebook, WhatsApp, Facetime, Viber, WeChat, Telegram, Apple's built-in messaging and email apps, and others. It steals the victim's contact list and GPS location, as well as personal, Wi-Fi, and router passwords stored on the device...

According to news reports, NSO Group sells weaponized software that targets mobile phones to governments and has been operating since 2010, according to its LinkedIn page. The Pegasus spyware has existed for a significant amount of time, and is advertised and sold for use on high-value targets for multiple purposes, including high-level espionage on iOS, Android, and Blackberry.
Thanks to Slashdodt reader Mirnotoriety for sharing the news.

NBC News reports that the Chinese spy balloon that flew across the U.S. in February "used an American internet service provider to communicate, according to two current and one former U.S. official familiar with the assessment."

it used the American ISP connection "to send and receive communications from China, primarily related to its navigation." Officials familiar with the assessment said it found that the connection allowed the balloon to send burst transmissions, or high-bandwidth collections of data over short periods of time.

The Biden administration sought a highly secretive court order from the federal Foreign Intelligence Surveillance Court to collect intelligence about it while it was over the U.S., according to multiple current and former U.S. officials. How the court ruled has not been disclosed. Such a court order would have allowed U.S. intelligence agencies to conduct electronic surveillance on the balloon as it flew over the U.S. and as it sent and received messages to and from China, the officials said, including communications sent via the American internet service provider...

The previously unreported U.S. effort to monitor the balloon's communications could be one reason Biden administration officials have insisted that they got more intelligence out of the device than it got as it flew over the U.S. Senior administration officials have said the U.S. was able to protect sensitive sites on the ground because they closely tracked the balloon's projected flight path. The U.S. military moved or obscured sensitive equipment so the balloon could not collect images or video while it was overhead.
NBC News is not naming the internet service provider, but says it denied that the Chinese balloon had used its network, "a determination it said was based on its own investigation and discussions it had with U.S. officials." The balloon contained "multiple antennas, including an array most likely able to collect and geolocate communications," according to reports from a U.S. State Depratment official cited by NBC News in February. "It was also powered by enormous solar panels that generated enough power to operate intelligence collection sensors, the official said.

Reached for comment this week, a spokesperson for the Chinese Embassy in Washington told NBC News that the balloon was just a weather balloon that had accidentally drifted into American airspace.

In October, Apple issued notifications warning over a half dozen India lawmakers of their iPhones being targets of state-sponsored attacks. According to a new report from the Washington Post, the Modi government responded by criticizing Apple's security and demanding explanations to mitigate political impact (Warning: source may be paywalled; alternative source). From the report: Officials from the ruling Bharatiya Janata Party (BJP) publicly questioned whether the Silicon Valley company's internal threat algorithms were faulty and announced an investigation into the security of Apple devices. In private, according to three people with knowledge of the matter, senior Modi administration officials called Apple's India representatives to demand that the company help soften the political impact of the warnings. They also summoned an Apple security expert from outside the country to a meeting in New Delhi, where government representatives pressed the Apple official to come up with alternative explanations for the warnings to users, the people said. They spoke on the condition of anonymity to discuss sensitive matters. "They were really angry," one of those people said.

The visiting Apple official stood by the company's warnings. But the intensity of the Indian government effort to discredit and strong-arm Apple disturbed executives at the company's headquarters, in Cupertino, Calif., and illustrated how even Silicon Valley's most powerful tech companies can face pressure from the increasingly assertive leadership of the world's most populous country -- and one of the most critical technology markets of the coming decade. The recent episode also exemplified the dangers facing government critics in India and the lengths to which the Modi administration will go to deflect suspicions that it has engaged in hacking against its perceived enemies, according to digital rights groups, industry workers and Indian journalists. Many of the more than 20 people who received Apple's warnings at the end of October have been publicly critical of Modi or his longtime ally, Gautam Adani, an Indian energy and infrastructure tycoon. They included a firebrand politician from West Bengal state, a Communist leader from southern India and a New Delhi-based spokesman for the nation's largest opposition party. [...] Gopal Krishna Agarwal, a national spokesman for the BJP, said any evidence of hacking should be presented to the Indian government for investigation.

The Modi government has never confirmed or denied using spyware, and it has refused to cooperate with a committee appointed by India's Supreme Court to investigate whether it had. But two years ago, the Forbidden Stories journalism consortium, which included The Post, found that phones belonging to Indian journalists and political figures were infected with Pegasus, which grants attackers access to a device's encrypted messages, camera and microphone. In recent weeks, The Post, in collaboration with Amnesty, found fresh cases of infections among Indian journalists. Additional work by The Post and New York security firm iVerify found that opposition politicians had been targeted, adding to the evidence suggesting the Indian government's use of powerful surveillance tools. In addition, Amnesty showed The Post evidence it found in June that suggested a Pegasus customer was preparing to hack people in India. Amnesty asked that the evidence not be detailed to avoid teaching Pegasus users how to cover their tracks. "These findings show that spyware abuse continues unabated in India," said Donncha O Cearbhaill, head of Amnesty International's Security Lab. "Journalists, activists and opposition politicians in India can neither protect themselves against being targeted by highly invasive spyware nor expect meaningful accountability."