Social Networks

TikTok, Facing a US Ban, Is Also Waging Legal Battles Around the World (msn.com) 38

An anonymous reader shared this report from the New York Times: Russia fined TikTok for not removing prohibited content. The results of a presidential election in Romania were thrown out over concerns the app had been used to spread foreign influence. Albania banned TikTok for a year following the stabbing death of a teenager by another one after the two quarreled online... That was all in just the last month...

TikTok has confronted legal and political scrutiny around the world in recent years, facing outright or partial bans in at least 20 countries, as governments have grown alarmed by its ties to China and its wide influence, especially among young people... [A]s TikTok's algorithm captured attention spans around the world, it alarmed lawmakers, who say TikTok has quickly turned from a domain of cat videos and dance trends into a potentially disruptive social, political and economic force. Officials from Montana to New Zealand have warned that TikTok could be used to incite violence, spread false information and worsen mental health. Lawmakers also worry TikTok could share user data like location and browsing history with the Chinese government. Young people need to be protected from "the frightening pitfalls of the algorithm," [Albania prime minister Edi] Rama said.

TikTok lost its largest audience (India) "after India's simmering geopolitical conflict with China boiled over into hand-to-hand combat along their shared border" — resulting in a total ban in the world's single most-populous country. And the article notes TikTok is also blocked on government devices in Taiwan, Britain, Australia, France, and Canada, "as well as the executive arm of the European Union and New Zealand's Parliament..."

But "Despite the mounting scrutiny, TikTok remains incredibly popular worldwide. More than a billion people use the app every month."
United States

Should In-Game Currency Receive Federal Government Banking Protections? (yahoo.com) 91

Friday America's consumer watchdog agency "proposed a rule to give virtual video game currencies protections similar to those of real-world bank accounts..." reports the Washington Post, "so players can receive refunds or compensation for unauthorized transactions, similar to how banks are required to respond to claims of fraudulent activity." The Consumer Financial Protection Bureau is seeking public input on a rule interpretation to clarify which rights are protected and available to video game consumers under the Electronic Fund Transfer Act. It would hold video game companies subject to violations of federal consumer financial law if they fail to address financial issues reported by customers. The public comment period lasts from Friday through March 31. In particular, the independent federal agency wants to hear from gamers about the types of transactions they make, any issues with in-game currencies, and stories about how companies helped or denied help.

The effort is in response to complaints to the bureau and the Federal Trade Commission about unauthorized transactions, scams, hacking attempts and account theft, outlined in an April bureau report that covered banking in video games and virtual worlds. The complaints said consumers "received limited recourse from gaming companies." Companies may ban or lock accounts or shut down a service, according to the report, but they don't generally guarantee refunds to people who lost property... The April report says the bureau and FTC received numerous complaints from players who contacted their banks regarding unauthorized charges on Roblox. "These complaints note that while they received refunds through their financial institutions, Roblox then terminated or locked their account," the report says.

Youtube

CES 'Worst In Show' Devices Mocked In IFixit Video - While YouTube Inserts Ads For Them (worstinshowces.com) 55

While CES wraps up this week, "Not all innovation is good innovation," warns Elizabeth Chamberlain, iFixit's Director of Sustainability (heading their Right to Repair advocacy team). So this year the group held its fourth annual "anti-awards ceremony" to call out CES's "least repairable, least private, and least sustainable products..." (iFixit co-founder Kyle Wiens mocked a $2,200 "smart ring" with a battery that only lasts for 500 charges. "Wanna open it up and change the battery? Well you can't! Trying to open it will completely destroy this device...") There's also a category for the worst in security — plus a special award titled "Who asked for this?" — and then a final inglorious prize declaring "the Overall Worst in Show..."

Thursday their "panel of dystopia experts" livestreamed to iFixit's feed of over 1 million subscribers on YouTube, with the video's description warning about manufacturers "hoping to convince us that they have invented the future. But will their vision make our lives better, or lead humanity down a dark and twisted path?" The video "is a fun and rollicking romp that tries to forestall a future clogged with power-hungry AI and data-collecting sensors," writes The New Stack — though noting one final irony.

"While the ceremony criticized these products, YouTube was displaying ads for them..."

UPDATE: Slashdot reached out to iFixit co-founder Kyle Wiens, who says this teaches us all a lesson. "The gadget industry is insidious and has their tentacles everywhere."

"Of course they injected ads into our video. The beast can't stop feeding, and will keep growing until we knife it in the heart."

Long-time Slashdot reader destinyland summarizes the article: "We're seeing more and more of these things that have basically surveillance technology built into them," iFixit's Chamberlain told The Associated Press... Proving this point was EFF executive director Cindy Cohn, who gave a truly impassioned takedown for "smart" infant products that "end up traumatizing new parents with false reports that their baby has stopped breathing." But worst for privacy was the $1,200 "Revol" baby bassinet — equipped with a camera, a microphone, and a radar sensor. The video also mocks Samsung's "AI Home" initiative which let you answer phone calls with your washing machine, oven, or refrigerator. (And LG's overpowered "smart" refrigerator won the "Overall Worst in Show" award.)

One of the scariest presentations came from Paul Roberts, founder of SecuRepairs, a group advocating both cybersecurity and the right to repair. Roberts notes that about 65% of the routers sold in the U.S. are from a Chinese company named TP-Link — both wifi routers and the wifi/ethernet routers sold for homes and small offices.Roberts reminded viewers that in October, Microsoft reported "thousands" of compromised routers — most of them manufactured by TP-Link — were found working together in a malicious network trying to crack passwords and penetrate "think tanks, government organizations, non-governmental organizations, law firms, defense industrial base, and others" in North America and in Europe. The U.S. Justice Department soon launched an investigation (as did the U.S. Commerce Department) into TP-Link's ties to China's government and military, according to a SecuRepairs blog post.

The reason? "As a China-based company, TP-Link is required by law to disclose flaws it discovers in its software to China's Ministry of Industry and Information Technology before making them public." Inevitably, this creates a window "to exploit the publicly undisclosed flaw... That fact, and the coincidence of TP-Link devices playing a role in state-sponsored hacking campaigns, raises the prospects of the U.S. government declaring a ban on the sale of TP-Link technology at some point in the next year."

TP-Link won the award for the worst in security.

Government

'Havana Syndrome' Debate Rises Again in US Government (cnn.com) 24

An anonymous reader shared this report from CNN: New intelligence has led two US intelligence agencies to conclude that it's possible a small number of mysterious health ailments colloquially termed as Havana Syndrome impacting spies, soldiers and diplomats around the world may have been caused by a "novel weapon" wielded by a foreign actor, according to intelligence officials and a new unclassified summary report released on Friday. However, the two agencies are in the minority and the broader intelligence community assessment remains that it is very unlikely that the symptoms were caused by a foreign actor, according to the unclassified report summary issued Friday — even as an official with the Office of the Director of National Intelligence [ODNI] emphasized that analysts cannot "rule out" the possibility in some small number of cases.

The subtle, technocratic shift in the assessment over the cause of Havana Syndrome has reignited a bitter debate that has split US officials, Capitol Hill and victims over the likelihood that the bizarre injuries were caused by a weapon or a host of disparate, natural causes. Sometime in the last two years, the US received new intelligence that indicated a foreign nation's directed energy research programs had been "making progress," according to the official. That led one unnamed intelligence agency to assess that there was a "roughly even chance" that a foreign country has used some kind of novel weapon against a small group of victims, causing the symptoms that the government officially calls "anomalous health incidents" — headaches, vertigo and even, in some cases, signs of traumatic brain injury. A second intelligence agency assessed a "roughly even" chance that a foreign actor possessed such a weapon but is unlikely to have deployed it against US personnel...

But both judgments were made with low confidence, according to the ODNI official. And critically, possessing a capability is not the same as proof that it has been used.

The article notes that U.S. intelligence and administration officials "do not doubt that the injuries are real and deserving of government compensation." But one official in the Office of the Director of National Intelligence told CNN "The intelligence does not link a foreign actor to these events. Indeed, it points away from their involvement." And they added that all U.S. Intelligence Community components "agree that years of Intelligence Community collection, targeting and analytic efforts have not surfaced compelling intelligence reporting that ties a foreign actor to any specific event reported" as a possible anomalous health incident.

CNN adds that "the official said some evidence directly contradicts the notion that a foreign government was involved." The White House emphasized that research to determine the causes of the incidents is ongoing... On Friday, officials emphasized that the intelligence community is now supporting lab work on whether radio frequencies can cause "bioeffects" in line with what victims have reported. The latest findings from limited studies have shown mixed results, while previously most results had shown no effects, officials said. A panel of experts assembled by the intelligence community that studied a smaller set of incidents previously found that the symptoms might be explained by "pulsed electromagnetic or acoustic energy," as opposed to environmental or medical conditions. "There was unanimous judgment by the panel that the most plausible explanation for a subset of cases was exposure to directed energy," a second senior administration official said.

But complicating matters for victims and analysts is the fact that not all of those reporting Anomalous Health Incidents have the same set of symptoms — and the vast majority of cases have been explained by other causes, officials have previously said...

Social Networks

'What If They Ban TikTok and People Keep Using It Anyway?' (yahoo.com) 101

"What if they ban TikTok and people keep using it anyway?" asks the New York Times, saying a pending ban in America "is vague on how it would be enforced" Some experts say that even if TikTok is actually banned this month or soon, there may be so many legal and technical loopholes that millions of Americans could find ways to keep TikTok'ing. The law is "Swiss cheese with lots of holes in it," said Glenn Gerstell, a former top lawyer at the National Security Agency and a senior adviser at the Center for Strategic and International Studies, a policy research organization. "There are obviously ways around it...." When other countries ban apps, the government typically orders internet providers and mobile carriers to block web traffic to and from the blocked website or app. That's probably not how a ban on TikTok in the United States would work. Two lawyers who reviewed the law said the text as written doesn't appear to order internet and mobile carriers to stop people from using TikTok.

There may not be unanimity on this point. Some lawyers who spoke to Bloomberg News said internet providers would be in legal hot water if they let their customers continue to use a banned TikTok. Alan Rozenshtein, a University of Minnesota associate law professor, said he suspected internet providers aren't obligated to stop TikTok use "because Congress wanted to allow the most dedicated TikTok users to be able to access the app, so as to limit the First Amendment infringement." The law also doesn't order Americans to stop using TikTok if it's banned or to delete the app from our phones....

Odds are that if the Supreme Court declares the TikTok law constitutional and if a ban goes into effect, blacklisting the app from the Apple and Google app stores will be enough to stop most people from using TikTok... If a ban goes into effect and Apple and Google block TikTok from pushing updates to the app on your phone, it may become buggy or broken over time. But no one is quite sure how long it would take for the TikTok app to become unusable or compromised in this situation.

Users could just sideload the app after downloading it outside a phone's official app store, the article points out. (More than 10 million people sideloaded Fortnite within six weeks of its removal from Apple and Google's app stores.) And there's also the option of just using a VPN — or watching TikTok's web site.

(I've never understood why all apps haven't already been replaced with phone-optimized web sites...)
Facebook

Zuckerberg On Rogan: Facebook's Censorship Was 'Something Out of 1984' (axios.com) 198

An anonymous reader quotes a report from Axios: Meta's Mark Zuckerberg, in an appearance on the "Joe Rogan Experience" podcast, criticized the Biden administration for pushing for censorship around COVID-19 vaccines, the media for hounding Facebook to clamp down on misinformation after the 2016 election, and his own company for complying. Zuckerberg's three-hour interview with Rogan gives a clear window into his thinking during a remarkable week in which Meta loosened its content moderation policies and shut down its DEI programs.

The Meta CEO said a turning point for his approach to censorship came after Biden publicly said social media companies were "killing people" by allowing COVID misinformation to spread, and politicians started coming after the company from all angles. Zuckerberg told Rogan, who was a prominent skeptic of the COVID-19 vaccine, that the Biden administration would "call up the guys on our team and yell at them and cursing and threatening repercussions if we don't take down things that are true."

Zuckerberg said that Biden officials wanted Meta to take down a meme of Leonardo DiCaprio pointing at a TV, with a joke at the expense of people who were vaccinated. Zuckerberg said his company drew the line at removing "humor and satire." But he also said his company had gone too far in complying with such requests, and acknowledged that he and others at the company wrongly bought into the idea -- which he said the traditional media had been pushing -- that misinformation spreading on social media swung the 2016 election to Donald Trump.
Zuckerberg likened his company's fact-checking process to a George Orwell novel, saying it was "something out of 1984" and led to a broad belief that Meta fact-checkers "were too biased."

"It really is a slippery slope, and it just got to a point where it's just, OK, this is destroying so much trust, especially in the United States, to have this program." He said he was "worried" from the beginning about "becoming this sort of decider of what is true in the world."

Later in the interview, Zuckerberg praised X's "community notes" program and suggested that social media creators were replacing the government and traditional media as arbiters of truth, becoming "a new kind of cultural elite that people look up to."

Further reading: Meta Is Ushering In a 'World Without Facts,' Says Nobel Peace Prize Winner
Bitcoin

DOJ Cleared To Sell $6.5 Billion In Bitcoin Seized From Silk Road (cryptobriefing.com) 71

An anonymous reader quotes a report from Crypto Briefing: The US Department of Justice (DOJ) has been authorized to sell approximately 69,370 Bitcoin seized in connection with the Silk Road darknet marketplace, a haul currently valued at around $6.5 billion, DB News reported Wednesday. The decision is set to end a years-long legal dispute over the BTC stash's ownership. On December 30, a federal judge ruled in favor of the DOJ's request to liquidate the crypto assets, the report said. Battle Born Investments, which had asserted a claim to the Bitcoin stash through a bankruptcy estate, ultimately failed in its bid to delay the sale.

As noted, the group had pursued a Freedom of Information Act (FOIA) request seeking the identity of "Individual X," who initially surrendered Bitcoin, but the effort also proved unsuccessful. Battle Born's legal counsel criticized the DOJ's handling of the case, alleging the department employed "procedural trickery" in its use of civil asset forfeiture to avoid scrutiny. The DOJ, in its arguments before the court, cited Bitcoin's price volatility as motivation for seeking a quick sale of the seized assets. A DOJ spokesperson, when contacted, stated, "The Government will proceed further consistent with the judgment in this case."

The update comes after the US Supreme Court refused to hear an appeal challenging the seizure of the Bitcoin stash, which was brought by Battle Born last October. The decision likely paved the way for the US government to sell Bitcoin, which was valued at $4.4 billion at the time. The US Marshals Service is expected to manage the liquidation process, which, if confirmed, will be one of the largest sales of seized crypto in history.
Further reading: Judge Rejects Man From Retrieving $750 Million of Bitcoin From Landfill
Privacy

See the Thousands of Apps Hijacked To Spy On Your Location (404media.co) 49

An anonymous reader quotes a report from 404 Media: Some of the world's most popular apps are likely being co-opted by rogue members of the advertising industry to harvest sensitive location data on a massive scale, with that data ending up with a location data company whose subsidiary has previously sold global location data to US law enforcement. The thousands of apps, included in hacked files from location data company Gravy Analytics, include everything from games likeCandy Crushand dating apps like Tinder to pregnancy tracking and religious prayer apps across both Android and iOS. Because much of the collection is occurring through the advertising ecosystem -- not code developed by the app creators themselves -- this data collection is likely happening without users' or even app developers' knowledge.

"For the first time publicly, we seem to have proof that one of the largest data brokers selling to both commercial and government clients appears to be acquiring their data from the online advertising 'bid stream,'" rather than code embedded into the apps themselves, Zach Edwards, senior threat analyst at cybersecurity firm Silent Push and who has followed the location data industry closely, tells 404 Media after reviewing some of the data. The data provides a rare glimpse inside the world of real-time bidding (RTB). Historically, location data firms paid app developers to include bundles of code that collected the location data of their users. Many companies have turned instead to sourcing location information through the advertising ecosystem, where companies bid to place ads inside apps. But a side effect is that data brokers can listen in on that process and harvest the location of peoples' mobile phones.

"This is a nightmare scenario for privacy, because not only does this data breach contain data scraped from the RTB systems, but there's some company out there acting like a global honey badger, doing whatever it pleases with every piece of data that comes its way," Edwards says. Included in the hacked Gravy data are tens of millions of mobile phone coordinates of devices inside the US, Russia, and Europe. Some of those files also reference an app next to each piece of location data. 404 Media extracted the app names and built a list of mentioned apps. The list includes dating sites Tinder and Grindr; massive games such asCandy Crush,Temple Run,Subway Surfers, andHarry Potter: Puzzles & Spells; transit app Moovit; My Period Calendar & Tracker, a period-tracking app with more than 10 million downloads; popular fitness app MyFitnessPal; social network Tumblr; Yahoo's email client; Microsoft's 365 office app; and flight tracker Flightradar24. The list also mentions multiple religious-focused apps such as Muslim prayer and Christian Bible apps, various pregnancy trackers, and many VPN apps, which some users may download, ironically, in an attempt to protect their privacy.
404 Media's full list of apps included in the data can be found here. There are also other lists available from other security researchers.
Government

Biden To Further Limit AI Chip Exports In Final Push (yahoo.com) 29

The Biden administration plans one additional round of restrictions on the export of AI chips before leaving office, "a final push in his effort to keep advanced technologies out of the hands of China and Russia," reports Bloomberg. From the report: The US wants to curb the sale of AI chips used in data centers on both a country and company basis, with the goal of concentrating AI development in friendly nations and getting businesses around the world to align with American standards, according to people familiar with the matter. The result would be an expansion of semiconductor caps to most of the world -- an attempt to control the spread of AI technology at a time of soaring demand. The regulations, which could be issued as soon as Friday, would create three tiers of chip trade restrictions, said the people, who asked not to be identified because the discussions are private.

At the top level, a small number of US allies would maintain essentially unmitigated access to American chips. A group of adversaries, meanwhile, would be effectively blocked from importing the semiconductors. And the vast majority of the world would face limits on the total computing power that can go to one country. Countries in the last group would be able to bypass their national limits -- and get their own, significantly higher caps -- by agreeing to a set of US government security requirements and human rights standards, one of the people said. That type of designation -- called a validated end user, or VEU -- aims to create a set of trusted entities that develop and deploy AI in secure environments around the world.

Communications

Italy Plans $1.6 Billion SpaceX Telecom Security Deal (yahoo.com) 27

An anonymous reader quotes a report from Bloomberg: Italy is in advanced talks with Elon Musk's SpaceX for a deal to provide secure telecommunications for the nation's government -- the largest such project in Europe, people with knowledge of the matter said Sunday. Discussions are ongoing, and a final agreement on the five-year contract hasn't been reached, said the people, who asked not to be identified citing confidential discussions. The project has already been approved by Italy's Intelligence Services as well as Italy's Defense Ministry, they said. Italy on Monday confirmed discussions are ongoing, saying no deal had yet been reached. "The talks with SpaceX are part of normal government business," the government said.

The negotiations, which had stalled until recently, appeared to move forward after Italian Prime Minister Giorgia Meloni visited President-elect Donald Trump in Florida on Saturday. The Italian government said the two didn't discuss the issue during their meeting. Italian officials have been negotiating on a $1.6 billion deal aimed at supplying Italy with a full range of top-level encryption for telephone and Internet services used by the government, the people said. The plan also includes communications services for the Italian military in the Mediterranean area as well as the rollout of so-called direct-to-cell satellite services in Italy for use in emergencies like terror attacks or natural disasters, they said. The possible deal has been under review since mid-2023. It's been opposed by some Italian officials concerned about how the services may detract from local carriers.

Social Networks

TikTok Pushes Users To Lemon8 As Ban Looms (axios.com) 71

TikTok has been pushing the platform's sister app, Lemon8, encouraging users to migrate via sponsored posts amid a looming ban. Axios reports: In the last few weeks, Lemon8 has been promoting its app to TikTok users through sponsored TikTok videos. In one sponsored post, TikTok user @miller.dailylife shares a video with a creator saying, "TikTok actually has another backup app. It's called Lemon8 ... and it automatically signs you in with your TikTok so you can still keep the same TikTok name and things like that. And it's supposed to transfer your followers over. ... Once you add Lemon8, it automatically pops up on your TikTok bio, so that people can just click on it. So, just so you guys know, now that they're trying to do this ban, if you want to have somewhere else to go where the government is not 100% controlling what we see, what we consume ... Just go ahead and go on to Lemon8."

In November, TikTok began informing users of its sister app, Lemon8, that beginning late that month Lemon8 would be powered by TikTok, and their TikTok usernames would also be used on Lemon8. "Some of your data on TikTok will be used to power services on lemon8," the notice says. "Your Lemon8 profile link will be shown to your TikTok profile publicly by default," it continues. "You can choose not to show it by editing your TikTok profile."
Last March, Lemon8 jumped into the U.S. App Store's Top 10 list shortly after it launched in the U.S. It currently ranks as one of the top-ranking free apps on Apple's app store.

The report notes that the TikTok ban law also applies to other apps owned by TikTok's Chinese parent ByteDance, like Lemon8. "ByteDance could be betting that regulators and app store companies are so focused on TikTok that they won't pay attention to its other apps," says Axios.
Government

White House Launches 'Cyber Trust' Safety Label For Smart Devices 32

BleepingComputer's Sergiu Gatlan reports: "Today, the White House announced the launch of the U.S. Cyber Trust Mark, a new cybersecurity safety label for internet-connected consumer devices. The Cyber Trust Mark label, which will appear on smart products sold in the United States later this year, will help American consumers determine whether the devices they want to buy are safe to install in their homes. It's designed for consumer smart devices, such as home security cameras, TVs, internet-connected appliances, fitness trackers, climate control systems, and baby monitors, and it signals that the internet-connected device comes with a set of security features approved by NIST.

Vendors will label their products with the Cyber Trust Mark logo if they meet the National Institute of Standards and Technology (NIST) cybersecurity criteria. These criteria include using unique and strong default passwords, software updates, data protection, and incident detection capabilities. Consumers can scan the QR code included next to the Cyber Trust Mark labels for additional security information, such as instructions on changing the default password, steps for securely configuring the device, details on automatic updates (including how to access them if they are not automatic), the product's minimum support period, and a notification if the manufacturer does not offer updates for the device.
"Americans are worried about the rise of criminals remotely hacking into home security systems to unlock doors, or malicious attackers tapping into insecure home cameras to illicitly record conversations," the Biden administration said on Tuesday.

"The White House launched this bipartisan effort to educate American consumers and give them an easy way to assess the cybersecurity of such products, as well as incentivize companies to produce more cybersecure devise [sic], much as EnergyStar labels did for energy efficiency.
Privacy

Telegram Hands US Authorities Data On Thousands of Users (404media.co) 13

Telegram's Transparency Report reveals a sharp increase in U.S. government data requests, with 900 fulfilled requests affecting 2,253 users. "The news shows a massive spike in the number of data requests fulfilled by Telegram after French authorities arrested Telegram CEO Pavel Durov in August, in part because of the company's unwillingness to provide user data in a child abuse investigation," notes 404 Media. From the report: Between January 1 and September 30, 2024, Telegram fulfilled 14 requests "for IP addresses and/or phone numbers" from the United States, which affected a total of 108 users, according to Telegram's Transparency Reports bot. But for the entire year of 2024, it fulfilled 900 requests from the U.S. affecting a total of 2,253 users, meaning that the number of fulfilled requests skyrocketed between October and December, according to the newly released data. "Fulfilled requests from the United States of America for IP address and/or phone number: 900," Telegram's Transparency Reports bot said when prompted for the latest report by 404 Media. "Affected users: 2253," it added.

A month after Durov's arrest in August, Telegram updated its privacy policy to say that the company will provide user data, including IP addresses and phone numbers, to law enforcement agencies in response to valid legal orders. Up until then, the privacy policy only mentioned it would do so when concerning terror cases, and said that such a disclosure had never happened anyway. Even though the data technically covers the entire of 2024, the jump from a total of 108 affected users in October to 2253 as of now, indicates that the vast majority of fulfilled data requests were in the last quarter of 2024, showing a huge increase in the number of law enforcement requests that Telegram completed.
You can access the platform's transparency reports here.
Japan

Japan Says Chinese Hackers Targeted Its Government and Tech Companies For Years 8

The Japanese government published an alert on Wednesday accusing a Chinese hacking group of targeting and breaching dozens of government organizations, companies, and individuals in the country since 2019. From a report: Japan's National Police Agency and the National Center of Incident Readiness and Strategy for Cybersecurity attributed the years-long hacking spree to a group called MirrorFace.

"The MirrorFace attack campaign is an organized cyber attack suspected to be linked to China, with the primary objective of stealing information related to Japan's national security and advanced technology," the authorities wrote in the alert, according to a machine translation. A longer version of the alert said the targets included Japan's Foreign and Defense ministries, the country's space agency, as well as politicians, journalists, private companies and tech think tanks, according to the Associated Press. In July 2024 Japan's Computer Emergency Response Team Coordination Center (JPCERT/CC) wrote in a blog post that MirrorFace's "targets were initially media, political organisations, think tanks and universities, but it has shifted to manufacturers and research institutions since 2023."
Government

Big Landlord Settles With US, Will Cooperate In Price-Fixing Investigation (arstechnica.com) 76

An anonymous reader quotes a report from Ars Technica: The US Justice Department today announced it filed an antitrust lawsuit against "six of the nation's largest landlords for participating in algorithmic pricing schemes that harmed renters." One of the landlords, Cortland Management, agreed to a settlement "that requires it to cooperate with the government, stop using its competitors' sensitive data to set rents and stop using the same algorithm as its competitors without a corporate monitor," the DOJ said. The pending settlement requires Cortland to "cooperate fully and truthfully... in any civil investigation or civil litigation the United States brings or has brought" on this subject matter.

The US previously sued RealPage, a software maker accused of helping landlords collectively set prices by giving them access to competitors' nonpublic pricing and occupancy information. The original version of the lawsuit described actions by landlords but did not name any as defendants. The Justice Department filed an amended complaint (PDF) today in order to add the landlords as defendants. The landlord defendants are Greystar, LivCor, Camden, Cushman, Willow Bridge, and Cortland, which collectively "operate more than 1.3 million units in 43 states and the District of Columbia," the DOJ said. "The amended complaint alleges that the six landlords actively participated in a scheme to set their rents using each other's competitively sensitive information through common pricing algorithms," the DOJ said.
The phrase "price fixing" came up in discussions between landlords, the amended complaint said: "For example, in Minnesota, property managers from Cushman & Wakefield, Greystar, and other landlords regularly discussed competitively sensitive topics, including their future pricing. When a property manager from Greystar remarked that another property manager had declined to fully participate due to 'price fixing laws,' the Cushman & Wakefield property manager replied to Greystar, 'Hmm... Price fixing laws huh? That's a new one! Well, I'm happy to keep sharing so ask away. Hoping we can kick these concessions soon or at least only have you guys be the only ones with big concessions! It's so frustrating to have to offer so much.'"

The Justice Department is joined in the case by the attorneys general of California, Colorado, Connecticut, Illinois, Massachusetts, Minnesota, North Carolina, Oregon, Tennessee, and Washington. The case is in US District Court for the Middle District of North Carolina.

Further reading: Are We Entering an AI Price-Fixing Dystopia?
Security

Hackers Claim Massive Breach of Location Data Giant, Threaten To Leak Data (404media.co) 42

Hackers claim to have compromised Gravy Analytics, the parent company of Venntel which has sold masses of smartphone location data to the U.S. government. 404 Media: The hackers said they have stolen a massive amount of data, including customer lists, information on the broader industry, and even location data harvested from smartphones which show peoples' precise movements, and they are threatening to publish the data publicly.

The news is a crystalizing moment for the location data industry. For years, companies have harvested location information from smartphones, either through ordinary apps or the advertising ecosystem, and then built products based on that data or sold it to others. In many cases, those customers include the U.S. government, with arms of the military, DHS, the IRS, and FBI using it for various purposes. But collecting that data presents an attractive target to hackers.

China

US Adds Tencent, CATL To List of Chinese Firms Aiding Beijing's Military (reuters.com) 29

An anonymous reader quotes a report from Reuters: The U.S. Defense Department said on Monday it has added Chinese tech giants including gaming and social media leader Tencent Holdings and battery maker CATL to a list of firms it says work with China's military. The list also included chip maker Changxin Memory Technologies, Quectel Wireless and drone maker Autel Robotics, according to a document published on Monday. The annually updated list (PDF) of Chinese military companies, formally mandated under U.S. law as the "Section 1260H list," designated 134 companies, according to a notice posted to the Federal Register.

U.S.-traded shares of Tencent, which is also the parent of Chinese instant messaging app WeChat, fell 8% in over-the-counter trading. Tencent said in a statement that its inclusion on the list was "clearly a mistake." It added: "We are not a military company or supplier. Unlike sanctions or export controls, this listing has no impact on our business." CATL called the designation a mistake, saying it "is not engaged in any military related activities." A Quectel spokesperson said the company "does not work with the military in any country and will ask the Pentagon to reconsider its designation, which clearly has been made in error."

While the designation does not involve immediate bans, it can be a blow to the reputations of affected companies and represents a stark warning to U.S. entities and firms about the risks of conducting business with them. It could also add pressure on the Treasury Department to sanction the companies. Two previously listed companies, drone maker DJI and Lidar-maker Hesai Technologies, both sued the Pentagon last year over their previous designations, but remain on the updated list. The Pentagon also removed six companies it said no longer met the requirements for the designation, including AI firm Beijing Megvii Technology, China Railway Construction Corporation Limited, China State Construction Group Co and China Telecommunications Corporation.

China

Ahead of SCOTUS Hearing, Study Finds TikTok Is Likely Vehicle For Chinese Propaganda (gizmodo.com) 95

A forthcoming peer-reviewed study (PDF) from Rutgers University's Network Contagion Research Institute argues that TikTok surfaces fewer anti-CCP posts compared to Instagram and YouTube, despite higher user engagement with such content. It also found that heavy TikTok usage correlates with more favorable views of China's human rights record. The findings come a Supreme Court hearing later this week on whether the federal government can ban TikTok. Gizmodo reports: The new peer-reviewed paper, which was first reported by The Free Press, begins by examining whether content on TikTok, Instagram, and YouTube related to the keywords "Tiananmen," "Tibet," "Uyghur," and "Xinjiang" tends to display pro- or anti-CCP sentiment. The researchers found that TikTok's algorithm didn't necessarily surface more pro-CCP content in response to searches for those terms, but it delivered fewer anti-CCP posts than did Instagram or YouTube and significantly more posts that were irrelevant to the subject.

In the second stage of their study, the NCRI team tested whether the lower performance of anti-CCP content was a result of less user engagement (likes and comments) with those posts. They found that TikTok users "liked or commented on anti-CCP content nearly four times as much as they liked or commented on pro-CCP content, yet the search algorithm produced nearly three times as much pro-CCP content" while there was no similar discrepancy on Instagram or YouTube.

Finally, the researchers surveyed 1,214 Americans about their social media usage and their views on China's human rights record. The more time users spent on any social media platform, the more likely they were to have favorable views of China's human rights record, the survey showed. Users were particularly more likely to have favorable views if they spent more than three hours a day using TikTok. The researchers wrote that they could not definitively conclude that spending more time on TikTok resulted in more positive views of China, but "taken together, the findings from these three studies raise the distinct possibility that TikTok is a vehicle for CCP propaganda."

Businesses

Unemployed Office Workers Are Having a Harder Time Finding New Jobs (msn.com) 232

More than 1.6 million Americans have been jobless for at least six months, up 50% since late 2022, despite the economy adding over two million jobs last year, Labor Department data shows.

The average job search now takes six months, primarily affecting high-paying sectors like tech, law, and media. While the 4.2% unemployment rate remains below pre-pandemic averages, job postings have dropped to one per unemployed worker from two in early 2022.

Software development, data science, and marketing roles are 20% below pre-pandemic levels, while healthcare and government sectors account for half of recent job creation. The number of Americans receiving unemployment benefits reached 1.8 million in late December, approaching post-pandemic highs, as wage growth declined to 4% from 6% during the early 2020s hiring peak.
The Internet

America Still Has Net Neutrality Laws - In States Like California and New York (yahoo.com) 47

A U.S. Appeals Court ruled this week that net neutrality couldn't be reinstated by America's Federal Communications Commission. But "Despite the dismantling of the FCC's efforts to regulate broadband internet service, state laws in California, New York and elsewhere remain intact," notes the Los Angeles Times: This week's decision by the 6th U.S. Circuit Court of Appeals, striking down the FCC's open internet rules, has little bearing on state laws enacted during the years-long tug-of-war over the government's power to regulate internet service providers, telecommunications experts said. In fact, some suggested that the Cincinnati-based 6th Circuit's decision — along with other rulings and the U.S. Supreme Court's posture on a separate New York case — has effectively fortified state regulators' efforts to fill the gap. "Absent an act of Congress, the FCC has virtually no role in broadband any more," Ernesto Falcon, a program manager for the California Public Utilities Commission, said in an interview. "The result of this decision is that states like California, New York and others will have to govern and regulate broadband carriers on our own."

California has one of the nation's strongest laws on net neutrality, the principle that internet traffic must be treated equally to ensure a free and open network. Former Gov. Jerry Brown signed the measure into law in 2018, months after federal regulators in President elect-Donald Trump's first administration repealed the net neutrality rules put in place under President Obama. Colorado, Oregon and other states also adopted their own standards.

The Golden State's law has already survived legal challenges. It also prompted changes in the way internet service providers offered plans and services. "California's net neutrality law, which is seen as the gold standard by consumer advocates, carries national impact," Falcon said.... "The state's authority and role in broadband access has grown dramatically now," Falcon said.

California's net neutrality rules prohibit "throttling" data speeds, according to the article.

Slashdot Top Deals