In a potential U.S.-China conflict, cyberattackers are military weapons. That's the thrust of a new article from the Wall Street Journal: The message from President Biden's national security adviser was startling. Chinese hackers had gained the ability to shut down dozens of U.S. ports, power grids and other infrastructure targets at will, Jake Sullivan told telecommunications and technology executives at a secret meeting at the White House in the fall of 2023, according to people familiar with it. The attack could threaten lives, and the government needed the companies' help to root out the intruders.

What no one at the briefing knew, including Sullivan: China's hackers were already working their way deep inside U.S. telecom networks, too. The two massive hacking operations have upended the West's understanding of what Beijing wants, while revealing the astonishing skill level and stealth of its keyboard warriors — once seen as the cyber equivalent of noisy, drunken burglars. China's hackers were once thought to be interested chiefly in business secrets and huge sets of private consumer data. But the latest hacks make clear they are now soldiers on the front lines of potential geopolitical conflict between the U.S. and China, in which cyberwarfare tools are expected to be powerful weapons. U.S. computer networks are a "key battlefield in any future conflict" with China, said Brandon Wales, a former top U.S. cybersecurity official at the Department of Homeland Security, who closely tracked China's hacking operations against American infrastructure. He said prepositioning and intelligence collection by the hackers "are designed to ensure they prevail by keeping the U.S. from projecting power, and inducing chaos at home."

As China increasingly threatens Taiwan, working toward what Western intelligence officials see as a target of being ready to invade by 2027, the U.S. could be pulled into the fray as the island's most important backer... Top U.S. officials in both parties have warned that China is the greatest danger to American security.

In the infrastructure attacks, which began at least as early as 2019 and are still taking place, hackers connected to China's military embedded themselves in arenas that spies usually ignored, including a water utility in Hawaii, a port in Houston and an oil-and-gas processing facility. Investigators, both at the Federal Bureau of Investigation and in the private sector, found the hackers lurked, sometimes for years, periodically testing access. At a regional airport, investigators found the hackers had secured access, and then returned every six months to make sure they could still get in. Hackers spent at least nine months in the network of a water-treatment system, moving into an adjacent server to study the operations of the plant. At a utility in Los Angeles, the hackers searched for material about how the utility would respond in the event of an emergency or crisis. The precise location and other details of the infrastructure victims are closely guarded secrets, and couldn't be fully determined.

American security officials said they believe the infrastructure intrusions — carried out by a group dubbed Volt Typhoon — are at least in part aimed at disrupting Pacific military supply lines and otherwise impeding America's ability to respond to a future conflict with China, including over a potential invasion of Taiwan... The focus on Guam and West Coast targets suggested to many senior national-security officials across several Biden administration agencies that the hackers were focused on Taiwan, and doing everything they could to slow a U.S. response in a potential Chinese invasion, buying Beijing precious days to complete a takeover even before U.S. support could arrive.
The telecom breachers "were also able to swipe from Verizon and AT&T a list of individuals the U.S. government was surveilling in recent months under court order, which included suspected Chinese agents. The intruders used known software flaws that had been publicly warned about but hadn't been patched."

And ultimately nine U.S. telecoms were breached, according to America's deputy national security adviser for cybersecurity — including what appears to have been a preventable breach at AT&T (according to "one personal familiar with the matter"): [T]hey took control of a high-level network management account that wasn't protected by multifactor authentication, a basic safeguard. That granted them access to more than 100,000 routers from which they could further their attack — a serious lapse that may have allowed the hackers to copy traffic back to China and delete their own digital tracks.
The details of the various breaches are stunning: Chinese hackers gained a foothold in the digital underpinnings of one of America's largest ports in just 31 seconds. At the Port of Houston, an intruder acting like an engineer from one of the port's software vendors entered a server designed to let employees reset their passwords from home. The hackers managed to download an encrypted set of passwords from all the port's staff before the port recognized the threat and cut off the password server from its network...

Brazil ended daylight saving time in 2019, reports the Washington Post, adding that some Brazilians loved the change, "particularly those who commute long distances and are no longer forced to leave their houses in pitch blackness." But "In the heavily populated southeast, the sky begins to brighten at the unconscionable hour of 4:30 a.m. during the summer, and by 8 a.m., it feels like high noon... Polls showed it ultimately lost majority support..."

And then "After several energy emergencies, and with the prospect of more to come as the effects of climate change intensify, the vanquished daylight saving time is suddenly looking a whole lot better than it once did to some in the Brazilian government." Authorities almost mandated the return of daylight saving — a portion of the calendar when clocks are turned forward to maximize seasonal daylight — late last year to conserve energy amid a historic drought that had threatened hydroelectric power generation and drove up light bills. The government is already laying the political groundwork to restore it as soon as this year...

Latin America's largest country is a global leader in green energy. An astounding 93 percent of its electricity comes from renewable sources, according to Brazil's Electric Energy Commercialization Chamber, the majority of which is hydropower. This strength, however, has also left it vulnerable to global warming. As temperatures have warmed and punishing droughts have grown more frequent, the country's water reserves have dropped precariously low at times, jeopardizing its primary source of energy. In 2021, an extended drought depleted the country's water stores, driving up light bills by an estimated 20 percent, according to the National Chamber of Electric Energy. Then came last year's drought, the worst in 70 years, and government officials started to look more seriously at daylight saving.

Alexandre Silveira [Brazil's mining and energy minister] said that month that the decision to eliminate daylight saving had been extravagance Brazil could scarcely afford. "It was massively irresponsible, without any basis in science," the energy official said. "We're living in a period of denial in Brazil in all aspects." José Sidnei Colombo Martini, an electrical engineer at the University of São Paulo, told The Washington Post that decision to end daylight saving amounted to a "national bet on whether it is going to rain." And the bet is expected to become increasingly risky as the years pass. "Brazil has always had a massive amount of available water compared to other countries — storing 12 percent of the planet's surface — but this is being altered," said Suely Araújo, public policy coordinator at the Climate Observatory. Estimates show "we could have a 40 percent reduction in our water availability in Brazil's principal hydro regions by 2040. Brazil has entered a new reality... "
Should other countries end Daylight Saving Time? "People and governments all over the world are having the same debate," the article points out, "often coming to conflicting conclusions." Countries including Azerbaijan, Mexico and Samoa have done away with daylight saving time. Meanwhile, Jordan, Namibia and Turkey have gone the opposite direction, opting for permanent daylight saving time. And Russia, discovering there's no way to tell time that pleases everyone, first tried permanent daylight saving time, then scuttled it.

"Private space stations have been raising billions of dollars in an effort to build future hubs — and even one day cities — in orbit," according to a recent report from the U.K. newspaper, the Telegraph: Axiom Space, a US business aiming to build its own station, has raised more than $500m (£400m). Vast, a space business backed by crypto billionaire Jed McCaleb, is plotting two stations before the end of the decade. Gravitics, meanwhile, has raised tens of millions of dollars for its modular space "real estate". Nasa itself, along with other space agencies, is planning a further station, Lunar Gateway, which will orbit the Moon. Jeff Bezos's Blue Origin has also announced plans to build a space station by 2027, called Orbital Reef, which it has described as an orbital "mixed-use business park". Working with US aerospace business Sierra Space, Orbital Reef will be made up of inflatable pods, which can be launched on a regular rocket before being "blown up" in space. Sierra Space says these modules could house in-space manufacturing or pharmaceutical technology...

Since 2021, Nasa has also offered to pay hundreds of millions of dollars to private companies to develop commercial space stations that could succeed the ISS. So far, it has handed $400m to companies including Axiom, Blue Origin (which is working with Sierra Space), and Northrop Grumman... Vast hopes to launch its first space station, Haven-1, as soon as 2025. This simple module will be the first privately-run space station and will be occupied by a crew of four over four two week expeditions... While Vast was not one of the businesses to secure funding from Nasa, it hopes by launching the first proof-of-concept space station as soon as next year it can leapfrog rival efforts and claim the agency as an anchor customer. From there, it can target other space agencies or companies looking to conduct research.
Some interesting perspectives from the article:

• Chris Quilty, an analyst at Quilty Space: "If China were not building its own space station it is arguable whether Nasa would have felt enjoined to maintain a human presence in low Earth orbit."

• Tim Farrar, founder of TMF Associates, which advises some of the world's top space companies: "Unless they either secure government funding or focus on space tourism, they will inevitably have to rely on the largess of either billionaires or gullible investors who are space enthusiasts."

Thanks to Slashdot reader fjo3 for sharing the news.

"Electric vehicles are expected to outsell cars with internal combustion engines in China for the first time next year," reports the Financial Times, calling it "a historic inflection point that puts the world's biggest car market years ahead of western rivals." China is set to smash international forecasts and Beijing's official targets with domestic EV sales — including pure battery and plug-in hybrids — growing about 20 per cent year on year to more than 12mn cars in 2025, according to the latest estimates supplied to the Financial Times by four investment banks and research groups. The figure would be more than double the 5.9mn sold in 2022. At the same time, sales of traditionally powered cars are expected to fall by more than 10 per cent next year to less than 11 million, reflecting a near 30 per cent plunge from 14.8 million in 2022...

Robert Liew, director of Asia-Pacific renewables research at Wood Mackenzie, said China's EV milestone signalled its success in domestic technology development and securing global supply chains for critical resources needed for EVs and their batteries. The industry's scale meant steep manufacturing cost reductions and lower prices for consumers. "They want to electrify everything," said Liew. "No other country comes close to China." While the pace of Chinese EV sales growth has eased from a post-pandemic frenzy, the forecasts suggest Beijing's official target, set in 2020, for EVs to account for 50 per cent of car sales by 2035, will be achieved 10 years in advance of schedule...

As China's EV market tracked towards year-on-year growth of near 40 per cent in 2024, the market share of foreign-branded cars fell to a record low of 37 per cent — a sharp decline from 64 per cent in 2020, according to data from Automobility, a Shanghai-based consultancy. In this month alone, GM wrote down more than $5 billion (€4.8 billion) of its business value in China; the holding company behind Porsche warned of a writedown in its Volkswagen stake of up to €20 billion; and arch rivals Nissan and Honda said they were responding to a "drastically changing business environment" with a merger.
"Meanwhile, EV sales growth has slowed in Europe and the US, reflecting the legacy car industry's slow embrace of new technology, uncertainty over government subsidies and rising protectionism against imports from China..."

Thanks to long-time Slashdot reader AmiMoJo for sharing the news.

Politico asked an "array of thinkers — futurists, scientists, foreign policy analysts and others — to lay out some of the possible 'Black Swan' events that could await us in the new year: What are the unpredictable, unlikely episodes that aren't yet on the radar but would completely upend American life as we know it?"

Here's one from Gary Marcus, a cognitive scientist and author of the book Taming Silicon Valley: How We Can Ensure That AI Works For Us: 2025 could easily see the largest cyberattack in history, taking down, at least for a little while, some sizeable piece of the world's infrastructure, whether for deliberate ransom or to manipulate people to make money off a short on global markets. Cybercrime is already a huge, multi-trillion dollar problem, and one that most victims don't like to talk about. It is said to be bigger than the entire global drug trade. Four things could make it much worse in 2025.

First, generative AI, rising in popularity and declining in price, is a perfect tool for cyberattackers. Although it is unreliable and prone to hallucinations, it is terrific at making plausible sounding text (e.g., phishing attacks to trick people into revealing credentials) and deepfaked videos at virtually zero cost, allowing attackers to broaden their attacks. Already, a cybercrew bilked a Hong Kong bank out of $25 million. Second, large language models are notoriously susceptible to jailbreaking and things like "prompt-injection attacks," for which no known solution exists. Third, generative AI tools are increasingly being used to create code; in some cases those coders don't fully understand the code written, and the autogenerated code has already been shown in some cases to introduce new security holes.
And finally 2025 may see a U.S. government "determined to deregulate as much as possible, slashing costs," Marus speculates, a scenario where "enforcement and investigations will almost certainly decline in both quality and quantity, leaving the world quite vulnerable to ever more audacious attacks."

Elsewhere in Politico's article there's other even less-cheery predictions for 2025. The executive director of an advocacy group for public health professionals describes the possibility of an epidemic "that we had the tools to control" which "winds up killing thousands" (while also "sending the economy back into a Covid-like downward spiral.")

And a law professor predicts 2025 will see a decisive breakthrough in quantum computing. "Those little padlocks you see beside URLs? They would, overnight, become a fiction."

Remember that massive botnet run by Chinese government hackers? Flax Typhoon "compromised computer networks in North America, Europe, Africa, and across Asia, with a particular focus on Taiwan," according to the U.S. Treasury Department. (The group's botnet breaching this autumn affected "at least 260,000 internet-connected devices," reports the Washington Post, "roughly half of which were located in the United States.")

Friday America's Treasury Department sanctioned "a Beijing-based cybersecurity company for its role in multiple computer intrusion incidents against U.S. victims..." according to an announcement from the department's Office of Foreign Assets Control. "Between summer 2022 and fall 2023, Flax Typhoon actors used infrastructure tied to Integrity Tech during their computer network exploitation activities against multiple victims. During that time, Flax Typhoon routinely sent and received information from Integrity Tech infrastructure."

From the Washington Post: The group behind the attacks was active since at least 2021, but U.S. authorities only managed to wrest control of the devices from the hackers in September, after the FBI won a court order that allowed the agency to send commands to the infected devices...

Treasury's designation follows sanctions announced last month on Sichuan Silence Information Technology Company, in which U.S. officials accused the company of exploiting technology flaws to install malware in more than 80,000 firewalls, including those protecting U.S. critical infrastructure. The new sanctions on Beijing Integrity Technology are notable due to the company's public profile and outsize role in servicing China's police and intelligence services via state-run hacking competitions. The company, which is listed in Shanghai and has a market capitalization of more than $327 million, plays a central role in providing state agencies "cyber ranges" — technology that allows them to simulate cyberattacks and defenses...

In September, FBI Director Christopher A. Wray said the Flax Typhoon attack successfully infiltrated universities, media organizations, corporations and government agencies, and in some cases caused significant financial losses as groups raced to replace the infected hardware. He said at the time that the operation to shut down the network was "one round in a much longer fight...." A 2024 assessment by the Office of the Director of National Intelligence said China is the most "active and persistent" cyberthreat and that actors under Beijing's direction have made efforts to breach U.S. critical infrastructure with the intention of lying in wait to be able to launch attacks in the event of major conflict.
"The Treasury sanctions bar Beijing Integrity Technology from access to U.S. financial systems and freeze any assets the company might hold in the United States," according to the article, "but the moves are unlikely to have a significant effect on the company," (according to Dakota Cary, a fellow at the Atlantic Council who has studied the company's role in state-sponsored hacking).

An anonymous reader quotes a report from TechCrunch: A U.S. online gift card store has secured an online storage server that was publicly exposing hundreds of thousands of customer government-issued identity documents to the internet. A security researcher, who goes by the online handle JayeLTee, found the publicly exposed storage server late last year containing driving licenses, passports, and other identity documents belonging to MyGiftCardSupply, a company that sells digital gift cards for customers to redeem at popular brands and online services.

MyGiftCardSupply's website says it requires customers to upload a copy of their identity documents as part of its compliance efforts with U.S. anti-money laundering rules, often known as "know your customer" checks, or KYC. But the storage server containing the files had no password, allowing anyone on the internet to access the data stored inside. JayeLTee alerted TechCrunch to the exposure last week after MyGiftCardSupply did not respond to the researcher's email about the exposed data. [...]

According to JayeLTee, the exposed data -- hosted on Microsoft's Azure cloud -- contained over 600,000 front and back images of identity documents and selfie photos of around 200,000 customers. It's not uncommon for companies subject to KYC checks to ask their customers to take a selfie while holding a copy of their identity documents to verify that the customer is who they say they are, and to weed out forgeries. MyGiftCardSupply founder Sam Gastro told TechCrunch: "The files are now secure, and we are doing a full audit of the KYC verification procedure. Going forward, we are going to delete the files promptly after doing the identity verification." It's not known how long the data was exposed or if the company would commit to notifying affected individuals.

More than half-a-dozen VPN apps, including Cloudflare's widely-used 1.1.1.1, have been pulled from India's Apple App Store and Google Play Store following intervention from government authorities, TechCrunch reported Friday. From the report: The Indian Ministry of Home Affairs issued removal orders for the apps, according to a document reviewed by TechCrunch and a disclosure made by Google to Lumen, Harvard University's database that tracks government takedown requests globally.

An anonymous reader quotes a report from Reuters: Constellation Energy has been awarded a record $1 billion in contracts to supply nuclear power to the U.S. government over the next decade, the company said on Thursday. Constellation, the country's largest operator of nuclear power plants, will deliver electricity to more than 13 federal agencies as part of the agreements with the U.S. General Services Administration. The deal is the biggest energy purchase in the history of the GSA, which constructs and manages federal buildings, and is among the first major climate-focused energy agreement by the U.S. government to include electricity generated from existing nuclear reactors.

The GSA estimated that the contracts, set to begin on April 25, will comprise over 10 million megawatt-hours over 10 years and provide electricity equivalent to powering more than 1 million homes annually. The procurement will deliver electricity to 80 federal facilities located throughout the PJM Interconnection, a regional transmission operator with service covering more than 65 million people. The U.S. Department of Transportation, the Federal Reserve Board of Governors and the Army Corps of Engineers are some of the facilities that will receive the power. [...] Constellation said the deal will enable it to extend the licenses of existing nuclear plants and invest in new equipment and technology that will increase output by about 135 megawatts. "The investments we make as a result of this contract will keep these plants operating reliably for decades to come and put new, clean nuclear energy on the grid while making the best use of taxpayer dollars," Constellation CEO Joe Dominguez said in a release.

President Vladimir Putin has directed Russia's government and the country's biggest bank, Sberbank, to strengthen AI cooperation with China, aiming to overcome Western sanctions and challenge U.S. dominance in AI innovation. Reuters reports: Putin's instructions were published on the Kremlin's website on Wednesday, three weeks after he announced that Russia would team up with BRICS partners and other countries to develop AI. He told the government and Sberbank, which is spearheading Russia's AI efforts, to "ensure further co-operation with the People's Republic of China in technological research and development in the field of artificial intelligence."

Western sanctions intended to restrict Moscow's access to the technologies it needs to sustain its war against Ukraine have resulted in the world's major producers of microchips halting exports to Russia, severely limiting its AI ambitions. Sberbank CEO German Gref acknowledged in 2023 that graphics processing units (GPUs), the microchips that underpin AI development, were the trickiest hardware for Russia to replace.

By partnering with non-Western countries, Russia is seeking to challenge the dominance of the United States in one of the most promising and crucial technologies of the 21st century. Putin said on Dec. 11 that a new AI Alliance Network would bring together specialists from BRICS countries and other interested states.

A U.S. appeals court ruled on Thursday the Federal Communications Commission did not have legal authority to reinstate landmark net neutrality rules. From a report: The decision is a blow to the outgoing Biden administration that had made restoring the open internet rules a priority. President Joe Biden signed a 2021 executive order encouraging the FCC to reinstate the rules.

A three-judge panel of the Cincinnati-based 6th U.S. Circuit Court of Appeals said the FCC lacked authority to reinstate the rules initially implemented in 2015 by the agency under Democratic former President Barack Obama, but then repealed by the commission in 2017 under Republican former President Donald Trump.

The rules also forbid special arrangements in which ISPs give improved network speeds or access to favored users. The court cited the Supreme Court's June decision in a case known as Loper Bright to overturn a 1984 precedent that had given deference to government agencies in interpreting laws they administer, in the latest decision to curb the authority of federal agencies. "Applying Loper Bright means we can end the FCC's vacillations," the court ruled.

Britain's Defence Science and Technology Laboratory has developed a quantum atomic clock that will lose less than one second over billions of years, the Ministry of Defence announced on Thursday.

The UK-built device aims to reduce military reliance on GPS technology, which can be disrupted by adversaries. It will be deployable in military operations within five years, supporting navigation systems, encrypted communications, and advanced weapons systems. The $34.6 million project involves partners including Infleqtion UK, Aquark Technologies, and Imperial College London. The clock was tested outside laboratory conditions for the first time in collaboration with the Royal Navy and Army Futures team.

Earlier this year, Russia President Vladimir Putin called on the government to develop its own domestically produced gaming consoles with proprietary operating systems and cloud-based platforms. "With Russia heavily sanctioned and looking to promote its own products, one of its in-development consoles is powered by the Elbrus processor," notes TechSpot. However, the processor is "designed primarily for domestic applications in critical infrastructure, defense, and other sensitive areas" and "can't match high-end CPUs from Intel, AMD, and Arm." From the report: The Russian government admits that this device isn't going to be on the same level as current-gen machines. "I hope my colleagues will approach this task with full responsibility and come up with something truly groundbreaking," said Anton Gorelkin, Deputy Chairman of the State Duma Committee on Information Policy. "It is obvious to everyone: Elbrus processors are not yet at the level required to compete equally with the PS5 and Xbox, which means the solution must be unconventional." Gorelkin said that Russian consoles aren't being designed only to play ports of hundreds of old, less-demanding games. He added that they should primarily serve the purpose of promoting and popularizing domestic video game products.

Another organization following Putin's instructions is Russian telecommunications firm MTS. Its console (above) will use the company's cloud-based gaming platform, called Fog Play. It allows owners of high-end PCs to rent out their computing power to those with less-powerful equipment, charging an hourly price. Those with more powerful PCs can access games on the service and use their own hardware to play them. MTS' device is expected to cost no more than $45 and come with an Xbox-like controller, suggesting it's unlikely to appeal to those who enjoy current-gen console games.

An anonymous reader quotes a report from KrebsOnSecurity: Federal authorities have arrested and indicted a 20-year-old U.S. Army soldier on suspicion of being Kiberphant0m, a cybercriminal who has been selling and leaking sensitive customer call records stolen earlier this year from AT&T and Verizon. As first reported by KrebsOnSecurity last month, the accused is a communications specialist who was recently stationed in South Korea. Cameron John Wagenius was arrested near the Army base in Fort Hood, Texas on Dec. 20, after being indicted on two criminal counts of unlawful transfer of confidential phone records. The sparse, two-page indictment (PDF) doesn't reference specific victims or hacking activity, nor does it include any personal details about the accused. But a conversation with Wagenius' mother -- Minnesota native Alicia Roen -- filled in the gaps.

Roen said that prior to her son's arrest he'd acknowledged being associated with Connor Riley Moucka, a.k.a. "Judische," a prolific cybercriminal from Canada who was arrested in late October for stealing data from and extorting dozens of companies that stored data at the cloud service Snowflake. In an interview with KrebsOnSecurity, Judische said he had no interest in selling the data he'd stolen from Snowflake customers and telecom providers, and that he preferred to outsource that to Kiberphant0m and others. Meanwhile, Kiberphant0m claimed in posts on Telegram that he was responsible for hacking into at least 15 telecommunications firms, including AT&T and Verizon. On November 26, KrebsOnSecurity published a story that followed a trail of clues left behind by Kiberphantom indicating he was a U.S. Army soldier stationed in South Korea.

[...] Immediately after news broke of Moucka's arrest, Kiberphant0m posted on the hacker community BreachForums what they claimed were the AT&T call logs for President-elect Donald J. Trump and for Vice President Kamala Harris. [...] On that same day, Kiberphant0m posted what they claimed was the "data schema" from the U.S. National Security Agency. On Nov. 5, Kiberphant0m offered call logs stolen from Verizon's push-to-talk (PTT) customers -- mainly U.S. government agencies and emergency first responders. On Nov. 9, Kiberphant0m posted a sales thread on BreachForums offering a "SIM-swapping" service targeting Verizon PTT customers. In a SIM-swap, fraudsters use credentials that are phished or stolen from mobile phone company employees to divert a target's phone calls and text messages to a device they control.

The U.S. Justice Department has filed a complaint and announced a civil enforcement action against financial technology company Dave and its CEO Jason Wilk for alleged violations of federal law. From a report: The Justice Department and the Federal Trade Commission alleged the company lured users to its personal finance app by advertising cash advances of up to $500 that many never receive.

The complaint, filed by the Justice Department, seeks unspecified amounts of consumer redress and monetary civil penalties from the defendants and a permanent injunction to prohibit them from engaging in future violations, the Justice Department said. The government alleges that Dave misled consumers by deceptively advertising its cash advances, charging hidden fees, misrepresenting how Dave uses customers' tips and charging recurring monthly fees without providing a simple mechanism to cancel them.

South Korean officials said Monday they will conduct safety inspections of all Boeing 737-800 aircraft operated by the country's airlines, as they struggle to determine what caused a plane crash that killed 179 people a day earlier. From a report: Sunday's crash, the country's worst aviation disaster in decades, triggered an outpouring of national sympathy. Many people worry how effectively the South Korean government will handle the disaster as it grapples with a leadership vacuum following the recent successive impeachments of President Yoon Suk Yeol and Prime Minister Han Duck-soo, the country's top two officials, amid political tumult caused by Yoon's brief imposition of martial law earlier this month.

New acting President Choi Sang-mok on Monday presided over a task force meeting on the crash and instructed authorities to conduct an emergency review of the country's aircraft operation systems. "The essence of a responsible response would be renovating the aviation safety systems on the whole to prevent recurrences of similar incidents and building a safer Republic of South Korea," said Choi, who is also deputy prime minister and finance minister.

America's aerospace industry is overseen by the Federal Aviation Administration (or FAA) — which also handles safety warnings from the industry's whistleblowers. But the Seattle Times says an analysis of reports to Congress found "an overwhelmed system delivering underwhelming results for whistleblowers... More than 90% of safety complaints from 2020 through 2023 ended with no violation found by the FAA, while whistleblowers reported them at great personal and professional risk." Aside from the FAA's in-house program, employees of Boeing, Spirit and the FAA can report safety hazards to the Office of Special Counsel, which has no FAA ties, or through internal employer complaint programs, such as Boeing's Speak Up and Spirit's Quality 360, to trigger company reviews... In the aftermath of the door-plug blowout over Portland, Boeing specifically asked its employees to use the Speak Up program or the FAA's internal process to report any concerns, according to Boeing spokesperson Jessica Kowal. Both have done a poor job protecting whistleblowers from retaliation, according to a congressionally appointed expert panel... While both were designed to guard against retaliation, critics say they have instead become enablers of it...

A panel of aviation safety experts in February rebuked Boeing's Speak Up program in a report to Congress. Whistleblower advocates criticized Speak Up for commonly outing whistleblowers to the supervisors they're complaining about, exposing them to retaliation. Managers sometimes investigated complaints against themselves. Employees mistrusted the program's promise of anonymity. Collectively, the befuddling maze of whistleblower options sowed "confusion about reporting systems that may discourage employees from submitting safety concerns," according to the expert panel's report....

[Boeing quality inspector Sam Mohawk, who alleged the 737 MAX line in Renton was losing track of subpar aircraft parts], continues to pursue his FAA claim, originally submitted through Boeing's Speak Up program. Months passed before Boeing addressed Mohawk's complaint. When it did, Mohawk's report was passed to the managers he was complaining about, according to Brian Knowles, Mohawk's South Carolina-based lawyer. "If you do Speak Up, just know that your report is going to go straight to the guys you're accusing of wrongdoing. They aren't going to say, 'Thanks for speaking up against us,'" Knowles said.
The article includes this quote about the FAA's in-house whistleblower program from Tom Devine, a whistleblower attorney with nearly a half-century of experience across a spectrum of federal agencies, and legal director of the nonprofit Government Accountability Project, which helps whistleblowers navigate the federal system. "It's been a disaster from the beginning. We tell everyone to avoid it because it's a trap... We've warned whistleblowers not to entrust their rights there."

When it comes to the possibility of a bird flu outbreak, America's Centers for Disease Control recently issued a statement that the risk to the public "remains low."

But even in the event of a worst-case scenario, New York magazine believes "We may be more equipped for another pandemic than you think..." In 2023, more than half of people surveyed said that their lives had not returned to normal since the COVID outbreak, and a surprising number — 47 percent — said they now believe their lives will never return to normal.

But do we really know how a new pandemic would go and how we would handle it? Things are different this time — and in ways that aren't all bad. Unlike with COVID in the spring of 2020, millions of doses of bird-flu vaccines at various stages of testing sit in government stockpiles, and more are on the way. There are also already tests that work, though these are not broadly available to the public... Recent research suggests that we might actually manage a second pandemic better than we would believe. Despite all the noise to the contrary, a June poll by Harvard's School of Public Health says that Americans overall think the government responses to COVID — asking people to wear masks, pausing indoor dining, requiring health-care workers to get vaccinated — were all good ideas. Although the media tends to paint school closures as radically unpopular, only 44 percent of respondents said they currently think the shutdowns were a mistake.

A growing body of research also suggests that many Americans feel stronger for what we endured during the most extreme days of COVID. Counter to what we like to say about our friends and neighbors and children, the challenge of the pandemic may have benefited some people's mental health. One study found that "children entering the pandemic with clinically meaningful mental-health problems experienced notable improvements in their mental health." (Turns out there's one thing worse than shutting down an American school and that's having to attend it.)
The article also points out that "There is no real information" on the likelihood of a bird-flu virus even crossing over into humans.

And of course, "COVID still kills, with a body count just shy of 50,000 Americans in 2024, and it feels like a stretch to say that Americans are particularly concerned."

Valerie Warner is 71 years old — and owes $268,000 in student loans.

Roughly 40 years ago she went to law school, but was only able to find work as a legal aid and later work in the public school system, which the Washington Post calls "a rewarding job but one that didn't pay enough to wipe out her loans." Later she earned a masters of education degree: All told, Warner borrowed a total of about $60,000 for her two advanced degrees. The amount seemed reasonable given the career trajectory that both credentials promised, but that path never materialized. Working a series of low-wage jobs, she went in and out of forbearance before ultimately defaulting. The balance ballooned to the current $268,000 total over the years due to collection fees and interest capitalization.
And she's not the only one in debt. "On a dreary December afternoon, a group of senior citizens stood in the rain outside the Education Department pleading for relief from a debt that many fear will burden them for the rest of their lives..." Some sat in rocking chairs, cross-stitching their debt number in a pattern. Others held signs that read, "Time is running out, sunset our debt." Or wore T-shirts saying, "Debt relief before we die...."

[A]ctivists are urging the U.S. Education Department to discharge the student debt of older borrowers who they say are in no position to repay. They say the department could use a little-known federal statute that considers a person's ability to pay within a reasonable time and the inability of the government to collect the debt in full. There are 2.8 million federal student loan borrowers aged 62 and older with a total of $121.5 billion in debt, more than 726,300 of them over the age of 71, according to the Education Department. Older borrowers are one of the fastest-growing segments of the government's student loan portfolio, and their Social Security benefits are subject to garnishment...

The Education Department would only acknowledge receiving a memo from the Debt Collective, the group organizing the campaign, outlining the agency's authority to cancel the debt of older borrowers. The activist organization said it has been meeting with members of Congress, White House committees and Education Department officials about the matter since September. "Many of these folks have been borrowers for 20 or 30 years, with punishingly high interest rates. Their balances and the way they have dragged on for decades is just an indictment of the broken system and the failure of past relief efforts," said Eleni Schirmer, an organizer with the Debt Collective... According to the think tank New America, the number of Americans approaching retirement age with student loan debt has skyrocketed over 500 percent in the last two decades. Some have loans they took out to finance their college educations, while others took out federal Parent Plus loans or co-signed private loans for their children.
The article points out that the U.S. government will garnish up to 15 percent of the Social Security income to recoup student loan debt, even if it means leaving recipients below the poverty line.

But it also includes this quote from Adam Minsky, an attorney who specializes in student debt, about the prospects for federal action that survives challenges in the U.S. court system. "[A]s a practical matter, I don't think that judges and courts that have been hostile to mass debt relief would treat this differently from other programs that have been blocked or struck down."

The implementation of the Corporate Transparency Act -- a law aimed at getting shell companies to disclose their true ownership -- was paused again just days before a reporting deadline was set to take effect, as a federal appeals court handed the case to a panel for further consideration. From a report: In a court filing late Thursday, the Fifth Circuit Court of Appeals vacated a stay on a national injunction the court had issued Monday that reinstated the Jan. 1 reporting deadline for millions of companies. The lifting of the stay means the January filing deadline will be postponed once again and bars the government and the Treasury Department from enforcing the law, pending oral arguments before the court's so-called merits panel, a group of judges tasked with considering appeals.

The Corporate Transparency Act, a bipartisan law passed in 2021 to curtail the use of anonymous shell companies and help track flows of illicit money, would require companies to file beneficial ownership information with the Treasury's Financial Crimes Enforcement Network or face the possibility of penalties such as fines and jail time. The law could cover more than 32 million small businesses nationwide.