The degradation of the world's soils and landscapes is threatening human life, and must be addressed as a matter of urgency, the government of Saudi Arabia has said. The Guardian: Neglect of the land is wiping trillions of dollars from global economies, hampering agricultural production, disrupting water supplies, threatening children with poor nutrition, and destroying vital ecosystems, according to the country's deputy environment minister. Land degradation, and ways to combat the problem, will come into sharp focus at a global summit to be held in the nation's capital, Riyadh, in December.

The conference of the parties (Cop) to the UN convention on combating desertification (CCD), which takes place every two years, is often an overlooked international meeting, sparsely attended compared with the Cops on climate and on biodiversity. But as this year's host, Saudi Arabia is planning to put the issue of land management in the spotlight, inviting senior ministers and heads of government from around the world, in an attempt to bring in some financial muscle. In so doing, the country, often accused of obstructive behaviour at climate Cops, will offer an unusual glimpse of its own environmental priorities, in a world increasingly imperilled by global heating and related water shortages. Osama Faqeeha, deputy environment minister in the kingdom's government, said people should not be misled by the term desertification, which could appear a narrow concern limited to arid countries. In fact, the CCD should be understood to cover all of the globe's vulnerable lands, and efforts to rescue and protect them.

India's government challenged Wikipedia's legal immunity as a tech platform on Tuesday, issuing a notice questioning whether the online encyclopedia should be reclassified as a publisher. The move follows Delhi High Court warnings to suspend Wikipedia's India operations over a defamation case filed by Asian News International. The news agency seeks to unmask contributors who labeled it a "government propaganda tool." Justice Navin Chawla threatened contempt proceedings after Wikipedia cited its lack of physical presence in India to request more time for disclosing user information. The court deemed the site's open editing feature "dangerous."

An anonymous reader quotes a report from the New York Times: Meta will allow U.S. government agencies and contractors working on national security to use its artificial intelligence models for military purposes, the company said on Monday, in a shift from its policy that prohibited the use of its technology for such efforts. Meta said that it would make its A.I. models, called Llama, available to federal agencies and that it was working with defense contractors such as Lockheed Martin and Booz Allen as well as defense-focused tech companies including Palantir and Anduril. The Llama models are "open source," which means the technology can be freely copied and distributed by other developers, companies and governments.

Meta's move is an exception to its "acceptable use policy," which forbade the use of the company's A.I. software for "military, warfare, nuclear industries," among other purposes. In a blog post on Monday, Nick Clegg, Meta's president of global affairs, said the company now backed "responsible and ethical uses" of the technology that supported the United States and "democratic values" in a global race for A.I. supremacy. "Meta wants to play its part to support the safety, security and economic prosperity of America -- and of its closest allies too," Mr. Clegg wrote. He added that "widespread adoption of American open source A.I. models serves both economic and security interests." The company said it would also share its technology with members of the Five Eyes intelligence alliance: Canada, Britain, Australia and New Zealand in addition to the United States.

An anonymous reader quotes a report from The Guardian: Sweden has vetoed plans for 13 offshore windfarms in the Baltic Sea, citing unacceptable security risks. The country's defence minister, Pal Jonson, said on Monday that the government had rejected plans for all but one of 14 windfarms planned along the east coast. The decision comes after the Swedish armed forces concluded last week that the projects would make it more difficult to defend Nato's newest member.

The proposed windfarms would have been located between Aland, the autonomous Finnish region between Sweden and Finland, and the Sound, the strait between southern Sweden and Denmark. The Russian exclave of Kaliningrad is only about 310 miles (500km) from Stockholm. Wind power could affect Sweden's defence capabilities across sensors and radars and make it harder to detect submarines and possible attacks from the air if war broke out, Jonson said. The only project to receive the green light to was Poseidon, which will include as many as 81 wind turbines to produce 5.5 terawatt hours a year off Stenungsund on Sweden's west coast. "Both ballistic robots and also cruise robots are a big problem if you have offshore wind power," Jonson said. "If you have a strong signal detection capability and a radar system that is important, we use the Patriot system for example, there would be negative consequences if there were offshore wind power in the way of the sensors."

Singapore plans to boost road capacity by 20,000 vehicles through a new satellite-based road pricing system, the Land Transport Authority (LTA) announced last week. The city-state will replace its current gantry-based Electronic Road Pricing (ERP) system with GPS tracking technology, enabling more precise congestion management without physical toll stations. The Register adds: "ERP 2.0 will provide more comprehensive aggregated traffic information and will be able to operate without physical gantries. We will be able to introduce new 'virtual gantries,' which allow for more flexible and responsive congestion management," explained the LTA.

But the island's government doesn't just control inflow into urban areas through toll-like charging -- it also aggressively controls the total number of cars operating within its borders. Singapore requires vehicle owners to bid for a set number of Certificates of Entitlement -- costly operating permits valid for only ten years. The result is an increase of around SG$100,000 ($75,500) every ten years, depending on that year's COE price, on top of a car's usual price. The high total price disincentivizes mass car ownership, which helps the government manage traffic and emissions.

A former teacher has filed a federal lawsuit against PowerSchool, alleging the education technology giant illegally sells student data to third parties without proper consent. Emily Cherkin, lead plaintiff in the class action suit filed in San Francisco, claims PowerSchool has amassed 345 terabytes of data from 440 school districts, including sensitive information about students' health, behavior, and academic records. The company provides software services to more than 60 million students across 90 of the largest U.S. school districts.

The lawsuit alleges PowerSchool sells anonymized student data to over 100 partners, including educational consultants and government agencies, while marketing its analytics for workforce and policy planning. The company's Naviance college-planning software alone tracks 6 million high school students. PowerSchool has denied the allegations.

An anonymous reader shared this report from the Los Angeles Times: Los Angeles County has filed suit against the world's largest beverage companies — Coca-Cola and Pepsi — claiming the soda and drink makers lied to the public about the effectiveness of plastic recycling and, as a result, left county residents and ecosystems choking in discarded plastic... The Los Angeles County suit alleges — in a vein similar to that of [California attorney general] Bonta's suit against Exxon Mobil — that the global beverage companies misrepresented the environmental impact of their plastic bottles, "despite knowing that plastics cannot be readily disposed of without associated environmental impacts."

"Coke and Pepsi need to stop the deception and take responsibility for the plastic pollution problems" their products are causing, said Los Angeles County Board of Supervisors Chair Lindsey P. Horvath... Currently, just 9% of the world's plastics are recycled. The rest ends up being incinerated, sent to landfills, or discarded on the landscape, where they are often flushed into rivers or out to sea. At the same time, there is growing concern about the health and environmental consequences of microplastics — the bits of degraded plastic that slough off as the product ages, or is used, or washed. The tiny particles have been detected in every ecosystem on the planet that has been surveyed, as well as nearly every living organism examined... According to the county's statement, the two companies have consistently ranked as the world's "top plastic polluters...."

The beverage maker lawsuit was filed in Los Angeles Superior Court by County Counsel Dawyn R. Harrison on behalf of the people of the state of California... "The goal of this lawsuit is to stop the unfair and illegal conduct, to address the marketing practices that deceive consumers, and to force these businesses to change their practices to reduce the plastic pollution problem in the County and in California," Harrison said in a statement. "My office is committed to protecting the public from deceptive business practices and holding these companies accountable for their role in the plastic pollution crisis."

Millions of U.S. cellphone users could be vulnerable to Chinese government surveillance, warns a Washington Post columnist, "on the networks of at least three major U.S. carriers."

They cite six current or former senior U.S. officials, all of whom were briefed about the attack by the U.S. intelligence community. The Chinese hackers, who the United States believes are linked to Beijing's Ministry of State Security, have burrowed inside the private wiretapping and surveillance system that American telecom companies built for the exclusive use of U.S. federal law enforcement agencies — and the U.S. government believes they likely continue to have access to the system.... The U.S. government and the telecom companies that are dealing with the breach have said very little publicly about it since it was first detected in August, leaving the public to rely on details trickling out through leaks...

The so-called lawful-access system breached by the Salt Typhoon hackers was established by telecom carriers after the terrorist attacks of Sept. 11, 2001, to allow federal law enforcement officials to execute legal warrants for records of Americans' phone activity or to wiretap them in real time, depending on the warrant. Many of these cases are authorized under the Foreign Intelligence Surveillance Act (FISA), which is used to investigate foreign spying that involves contact with U.S. citizens. The system is also used for legal wiretaps related to domestic crimes.

It is unknown whether hackers were able to access records about classified wiretapping operations, which could compromise federal criminal investigations and U.S. intelligence operations around the world, multiple officials told me. But they confirmed the previous reporting that hackers were able to both listen in on phone calls and monitor text messages. "Right now, China has the ability to listen to any phone call in the United States, whether you are the president or a regular Joe, it makes no difference," one of the hack victims briefed by the FBI told me. "This has compromised the entire telecommunications infrastructure of this country."

The Wall Street Journal first reported on Oct. 5 that China-based hackers had penetrated the networks of U.S. telecom providers and might have penetrated the system that telecom companies operate to allow lawful access to wiretapping capabilities by federal agencies... [After releasing a short statement], the FBI notified 40 victims of Salt Typhoon, according to multiple officials. The FBI informed one person who had been compromised that the initial group of identified targets included six affiliated with the Trump campaign, this person said, and that the hackers had been monitoring them as recently as last week... "They had live audio from the president, from JD, from Jared," the person told me. "There were no device compromises, these were all real-time interceptions...." [T]he duration of the surveillance is believed to date back to last year.
Several officials told the columnist that the cyberattack also targetted senior U.S. government officials and top business leaders — and that even more compromised targets are being discovered. At this point, "Multiple officials briefed by the investigators told me the U.S. government does not know how many people were targeted, how many were actively surveilled, how long the Chinese hackers have been in the system, or how to get them out."

But the article does include this quote from U.S. Senate Intelligence Committee chairman Mark Warner. "It is much more serious and much worse than even what you all presume at this point."

One U.S. representative suggested Americans rely more on encrypted apps. The U.S. is already investigating — but while researching the article, the columnist writes, "The National Security Council declined to comment, and the FBI did not respond to a request for comment..." They end with this recommendation.

"If millions of Americans are vulnerable to Chinese surveillance, they have a right to know now."

"One technology critical to fighting climate change is lagging," reports the Washington Post, "thanks to a combination of high interest rates, rising costs, misinformation and the cycle of home construction. Adoption of heat pumps, one of the primary ways to cut emissions from buildings, has slowed in the United States and stalled in Europe, endangering the switch to clean energy.

"Heat pump investment in the United States has dropped by 4 percent in the past two years, even as sales of EVs have almost doubled, according to data from MIT and the Rhodium Group. In 13 European countries, heat pump sales dropped nearly in half in the first half of 2024, putting the European Union off-track for its climate goals." "Many many markets are falling," said Paul Kenny, the director general of the European Heat Pump Association. "It takes time to change people's minds about a heating system." Heat pumps — essentially air conditioners that can also work in reverse, heating a space as well as cooling it — are crucial to making buildings more climate-friendly. Around 60 percent of American homes are still heated with furnaces running on oil, natural gas, or even propane; to cut emissions from homes, all American houses and apartments will need to be powered by electricity...

In the United States, experts point to lags in construction, high interest rates, and general belt-tightening from inflation... [Cora Wyent, director of research for the electrification advocacy group Rewiring America] added, heat pumps are still growing as a share of overall heating systems, gaining ground on gas furnaces. In 2023, heat pumps made up 55 percent of all heating systems sold, while gas furnaces made up just 45 percent. "Heat pumps are continuing to increase their total market share," she said.

Homeowners may also run into trouble when trying to find contractors to install heat pumps. Barton James, the president and CEO of the Air Conditioning Contractors of America, says many contractors don't have training on how to properly install heat pumps; if they install them incorrectly, the ensuing problems can sour consumers on the technology... In the United States, low gas prices also make the economics of heat pumps more challenging. Gas is around three times cheaper than electricity — while heat pumps make up most of that ground with efficiency, they aren't the most cost-effective option for every household.
The Post also spoke to the manager for the carbon-free buildings team at the clean energy think tank RMI. They pointed out that heating systems need to be replaced roughly every 15 years — and the next cycle doesn't start until 2035.

The article concludes that "even with government policies and subsidies, many parts of the move to clean energy will require individual people to make changes to their lives. According to the International Energy Agency, the number of heat pumps will have to triple by 2030 to stay on track with climate goals. The only way to do that, experts say, is if incentives, personal beliefs, and technology all align."

"It's that time again," writes USA Today, noting that Sunday morning millions of Americans (along with millions more in Canada, Europe, parts of Australia, and Chile) "will set their clocks back an hour, and many will renew their twice-yearly calls to put an end to the practice altogether..." Experts say the time changes are detrimental to health and safety, but agree that the answer isn't permanent DST. "The medical and scientific communities are unified ... that permanent standard time is better for human health," said Erik Herzog, a professor of biology and neuroscience at Washington University in St. Louis and the former president of the Society for Research on Biological Rhythms...

Springing forward an hour in March is harder on us than falling back in November. The shift in spring is associated with an increase in heart attacks, and car accident rates also go up for a few days after, he said. But the answer isn't permanent daylight saving time, according to Herzog, who said that could be even worse for human health than the twice-yearly changes. By looking at studies of people who live at the easternmost edge of time zones (whose experience is closest to standard time) and people who live at the westernmost edge (more like daylight saving time), scientists can tell that health impacts of earlier sunrises and sunsets are much better. Waking up naturally with the sun is far better for our bodies than having to rely on alarm clocks to wake up in the dark, he said.

Herzog said Florida, where [Senator Marco] Rubio has championed the Sunlight Protection Act, is much less impacted by the negative impacts of daylight saving time because it's as far east and south as you can get in the U.S., while people in a state like Minnesota would have much more time in the dark in the morning.
The article also reminds U.S. readers that "No state can adopt permanent daylight saving time unless U.S. Congress passes a law to authorize it first." Nevertheless... Oklahoma became the most recent state to pass a measure authorizing permanent daylight saving time, pending Congressional approval, in April. Nineteen other states have passed laws or resolutions to move toward daylight saving time year-round, if Congress were ever to allow it, according to the National Conference of State Legislatures...

Only two states and some territories never have to set their clocks forward or backward... [Hawaii and Arizona, except for the Navajo Nation.]

Former FTX executive Nishad Singh was ordered to forfeit $11 billion, reports CNBC — and is subject to three years of supervised release, making him "the fourth ex-employee of the collapsed crypto exchange to be punished."

But while he'd faced a maximum sentence of 75 years, he'll serve no time, according to this report from the Associated Press: Singh, the company's former engineering director, was sentenced in Manhattan by Judge Lewis A. Kaplan, who said his cooperation was "remarkable." The judge noted that Singh did not learn of the billions of dollars that were misappropriated from FTX customer accounts and investors until two months before the fraud unraveled... Singh, 29, testified a year ago at Bankman-Fried's trial, saying he was "blindsided and horrified" when he saw the extent of the fraud behind the once-celebrated and seemingly pioneering firm. At sentencing, Singh said he was "overwhelmed with remorse" for his role in the fraud. "I strayed so far from my values, and words can't express how sorry I am," he said....

The sentencing came a month after Caroline Ellison, another key witness at Bankman-Fried's trial and a former top executive in his cryptocurrency empire, was sentenced to two years in prison. At the time, Kaplan praised her cooperation but said it wasn't a get-out-of-jail-free card. On Wednesday, Kaplan drew a distinction between the cooperation by Ellison and Singh's work with prosecutors, saying Ellison had participated in the fraud "from the beginning" and had been aware of all the wrongdoing for years... [Defense attorney Andrew Goldstein] said leniency would encourage future cooperators in other criminal cases to come forward.

Assistant U.S. Attorney Nicolas Roos credited Singh with providing information within weeks of the fraud being publicly revealed, saying he helped prosecutors learn about crimes they might otherwise have never discovered, including his own. Roos said, for instance, that Singh told prosecutors about campaign finance violations that occurred as FTX executives made tens of millions of dollars in donations to political candidates. The prosecutor also said Singh revealed private conversations with Bankman-Fried that strengthened the government's case and enabled it to bring charges more quickly against multiple people. Singh gave prosecutors "documentary evidence the government did not have and likely never would have had," Roos said.
Bankman-Fried, of course, began a 25-year sentence last November. And three weeks ago FTX executive Ryan Salame made an update on his LinkedIn profile. "I'm happy to share that I'm starting a new position as Inmate at FCI Cumberland!"

"His post quickly went viral," notes CNN, "prompting Salame to joke on X: "Today I learned people still use LinkedIn."

The Washington Post reports that America's Consumer Financial Protection Bureau (or CFPB) "is considering legal action against Meta over allegations that it improperly used financial data obtained from third parties in its highly-lucrative advertising business..."

The article says a Meta securities filing Thursday revealed it had received a formal notification about the federal investigation last month. The filing said only that the inquiry relates to "advertising for financial products and services on our platform." A spokesperson for Meta declined to comment on the investigation. "We disagree with the claims," the company's filing said, "and believe an enforcement action is unwarranted...."

The CFPB's probe underscores its aggressive recent focus on Big Tech. In recent years, major companies including Apple, Amazon, Facebook and Google have launched a wave of new financial services, including credit cards and apps that help users send money to friends... Under its current director, Rohit Chopra, the CFPB has also sought to ensure that tech giants adhere to the same safeguards that have long applied to their brick-and-mortar banking predecessors. The bureau formalized its tech crackdown in 2021, when Chopra ordered companies including Facebook to turn over records related to their payment apps and other financial service offerings.

At the time, he expressed fear that these giants already possessed troves of customer data and could solidify their dominance if they gained greater insight into users' purchasing and spending habits. "This data can be monetized by companies that seek to profit from behavioral targeting, particularly around advertising and e-commerce," Chopra said in a statement announcing the review. "That many Big Tech companies aspire to grow in this space only heightens these concerns." Since then, the watchdog agency has proposed new rules that could treat Apple, Google and PayPal-owned Venmo more like banks, opening the door for federal regulators to inspect some of their operations in a bid to protect users' deposits.

The rules, which have not been finalized, have sparked fierce lobbying opposition from major tech companies.

While Amazon, Google, and other companies build new data centers — sometimes for their AI projects — parts of America "are facing higher electric bills," reports the Washington Post: The facilities' extraordinary demand for electricity to power and cool computers inside can drive up the price local utilities pay for energy and require significant improvements to electric grid transmission systems. As a result, costs have already begun going up for customers — or are about to in the near future, according to utility planning documents and energy industry analysts. Some regulators are concerned that the tech companies aren't paying their fair share, while leaving customers from homeowners to small businesses on the hook. In Oregon, electric utilities are warning regulators that consumers need protections from rising rates caused by data centers. From Virginia to Ohio and South Carolina, companies are battling over the extent of their responsibility for increases, attempting to fend off anger from customers. In the Mid-Atlantic, the regional power grid's energy costs shot up dramatically, and data centers are cited as among root causes of rate increases of up to 20 percent expected in 2025...

The tech firms and several of the power companies serving them strongly deny they are burdening others. They say higher utility bills are paying for overdue improvements to the power grid that benefit all customers. In some cases, they said in response to criticism from consumer and business advocates that they are committed to covering additional costs. But regulators — and even some utilities — are growing skeptical.

A jarring example of fallout on consumers is playing out on the Mid-Atlantic regional power grid, called PJM Interconnection, which serves 13 states and D.C. The recent auction to secure power for the grid during periods of extreme weather and high demand resulted in an 800 percent jump in the price that the grid's member utilities had to pay. The impact will be felt by millions by the spring, according to public records. Power bills will increase as much as 20 percent for customers of a dozen utilities in Maryland, Ohio, Pennsylvania, New Jersey and West Virginia, regulatory filings show. That includes households in the Baltimore area, where annual bills will increase an average of $192, said Maryland People's Counsel David Lapp, a state appointee who monitors utilities. The next auction, in 2025, could be more painful, Lapp said, leaving customers potentially "looking at increases of as much as $40 to $50 a month...."

Advocates cite another source of cost-shifting onto consumers: discounted rates that power companies and local government officials use to entice tech companies to build data centers... Google worked out a deal with Dominion Energy, blessed by regulators, to pay 6 cents per kilowatt hour for its power. That is less than half of what residential customers pay, as well as substantially less than is paid by businesses...
The article points out that in Pennsylvania, "Amazon's novel plan to fuel a data center from a reactor at the nearby Susquehanna nuclear plant is now in jeopardy, after regulators blocked it Friday. They cited potential impact on consumers as among their concerns. The plan threatens to leave other ratepayers stuck with a bill of $50 million to $140 million, according to testimony from [power utility] AEP and utility conglomerate Exelon."

And meanwhile, one Virginia retiree complained about a proposed $54 million transmission line and substation for an Amazon data center. "They are already making money hand over fist, and now they want us to pay for this?

An anonymous reader shared this report from the Washington Post: A few weeks ago, analysts at a specialized technological lab put a microchip from China under a powerful microscope. Something didn't look right... The microscopic proof was there that a chunk of the electronic components from Chinese high-tech champion Huawei Technologies had been produced by the world's most advanced chipmaker, Taiwan Semiconductor Manufacturing Company.

That was a problem because two U.S. administrations in succession had taken actions to assure that didn't happen. The news of the breach of U.S. export controls, first reported in October by the tech news site the Information, has sent a wave of concern through Washington... The chips were routed to Huawei through Sophgo Technologies, the AI venture of a Chinese cryptocurrency billionaire, according to two people familiar with the matter, speaking on the condition of anonymity to discuss a sensitive topic... "It raises some fundamental questions about how well we can actually enforce these rules," said Emily Kilcrease, a senior fellow at the Center for a New American Security in Washington... Taiwan's Ministry of Economic Affairs confirmed that TSMC recently halted shipments to a "certain customer" and notified the United States after suspecting that customer might have directed its products to Huawei...

There's been much intrigue in recent days in the industry over how the crypto billionaire's TSMC-made chips reportedly ended up at Huawei. Critics accuse Sophgo of working to help Huawei evade the export controls, but it is also possible that they were sold through an intermediary, which would align with Sophgo's denial of having any business relationship with Huawei... While export controls are often hard to enforce, semiconductors are especially hard to manage due to the large and open nature of the global chip trade. Since the Biden administration implemented sweeping controls in 2022, there have been reports of widespread chip smuggling and semiconductor black markets allowing Chinese companies to access necessary chips...

Paul Triolo, technology policy lead at Albright Stonebridge Group, said companies were trying to figure out what lengths they had to go to for due diligence: "The guidelines are murky."

California signed an agreement with major airlines to increase the use of sustainable aviation fuels, aiming to reach 200 million gallons by 2035 or about 40% of the state's air travel demand. The Hill reports: The California Air Resources Board (CARB) and Airlines for America (A4A) -- an industry trade group representing almost a dozen airlines -- pledged to increase the availability of sustainable aviation fuels statewide. Sustainable aviation fuels -- lower-carbon alternatives to petroleum-based jet fuels -- are typically made from nonpetroleum feedstocks, such as biomass or waste. At a San Francisco International Airport ceremony Wednesday, the partners committed (PDF) to using 200 million gallons of such fuels by 2035 -- an amount estimated to meet about 40 percent of travel demand within the state at that point, according to CARB. That quantity also represents a more than tenfold increase from current usage levels of these fuels, the agency added.

Among A4A member airlines are Alaska Airlines, American Airlines, Atlas Air Worldwide, Delta Air Lines, FedEx, Hawaiian Airlines, JetBlue Airways, Southwest Airlines, United Airlines and UPS, while Air Canada is an associate member. To achieve the 2035 goals, CARB and A4A said they plan to work together to identify, assess and prioritize necessary policy measures, such as incentivizing relevant investments and streamlining the permitting processes. A Sustainable Aviation Fuel Working Group, which will include government and industry stakeholders, will meet annually to both discuss progress and address barriers toward meeting these goals, the partners added. A public website will display updated information about the availability and use of conventional and sustainable fuels across California, while also providing details about state policies, according to the agreement.

The Biden administration is investing $825 million in a new semiconductor research and development facility in Albany, New York. Reuters reports: The New York facility will be expected to drive innovation in EUV technology, a complex process necessary to make semiconductors, the U.S. Department of Commerce and Natcast, operator of the National Semiconductor Technology Center (NTSC) said. The launch of the facility "represents a key milestone in ensuring the United States remains a global leader in innovation and semiconductor research and development," Commerce Secretary Gina Raimondo said. From the U.S. Department of Commerce press release: EUV Lithography is essential for manufacturing smaller, faster, and more efficient microchips. As the semiconductor industry pushes the limits of Moore's Law, EUV lithography has emerged as a critical technology to enable the high-volume production of transistors beyond 7nm, previously unattainable. As the NSTC develops capabilities and programs, access to EUV lithography R&D is essential to meet its three primary goals 1) extend U.S. technology leadership, 2) reduce the time and cost to prototype, and 3) build and sustain a semiconductor workforce ecosystem.

British cybersecurity firm Sophos revealed this week that it waged a five-year battle against Chinese hackers who repeatedly targeted its firewall products to breach organizations worldwide, including nuclear facilities, military sites and critical infrastructure. The company told Wired that it traced the attacks to researchers in Chengdu, China, linked to Sichuan Silence Information Technology and the University of Electronic Science and Technology.

Sophos planted surveillance code on its own devices used by the hackers, allowing it to monitor their development of sophisticated intrusion tools, including previously unseen "bootkit" malware designed to hide in the firewalls' boot code. The hackers' campaigns evolved from mass exploitation in 2020 to precise attacks on government agencies and infrastructure across Asia, Europe and the United States. Wired story adds: Sophos' report also warns, however, that in the most recent phase of its long-running conflict with the Chinese hackers, they appear more than ever before to have shifted from finding new vulnerabilities in firewalls to exploiting outdated, years-old installations of its products that are no longer receiving updates. That means, company CEO Joe Levy writes in an accompanying document, that device owners need to get rid of unsupported "end-of-life" devices, and security vendors need to be clear with customers about the end-of-life dates of those machines to avoid letting them become unpatched points of entry onto their network. Sophos says it's seen more than a thousand end-of-life devices targeted in just the past 18 months.

"The only problem now isn't the zero-day vulnerability," says Levy, using the term "zero-day" to mean a newly discovered hackable flaw in software that has no patch. "The problem is the 365-day vulnerability, or the 1,500-day vulnerability, where you've got devices that are on the internet that have lapsed into a state of neglect."

An anonymous reader quotes a report from The Guardian: Complaints about the brightness of modern headlights have become commonplace. On X, thousands of users have tweeted about headlights being too bright. The subreddit r/fuckyourheadlights has over 35,000 members who post blurry photos of offending high beams and LED headlights. Outlets like the New York Times and NBC News have written about the risks of headlight glare. Advocacy groups have called for bans on LED headlights. And the UK government launched a review into the dangers of headlight glare earlier this year, after many driver complaints. And yet, according to many experts, the problem with headlights is not that they're too bright -- it's that they're not bright enough. "We actually need more light on the road than what we have," says Greg Bannon, director of automotive engineering at the American Automobile Association (AAA). Only a minority of US roadways have overhead street lighting, as one 2019 AAA report noted. As a result, in many areas, headlights are the sole method of illumination when driving at night. But which is the safety bigger risk: inadequate illumination, or headlights that impair the vision of other drivers? The report notes that the U.S. standards set by the National Highway Traffic Safety Administration (NHTSA) haven't changed in decades and are much weaker than Europe's. Adaptive headlights, which automatically adjust brightness to avoid blinding other drivers, have been approved by NHTSA since 2022 but are still relatively rare due to differing standards and costs.

Former Google chief Eric Schmidt thinks the US Army should expunge "useless" tanks and replace them with AI-powered drones instead. From a report: Speaking at the Future Investment Initiative in Saudi Arabia this week, he said: "I read somewhere that the US had thousands and thousands of tanks stored somewhere," adding, "Give them away. Buy a drone instead."

The former Google supremo's argument is that recent conflicts, such as the war in Ukraine, have demonstrated how "a $5,000 drone can destroy a $5 million tank." In fact, even cheaper drones, similar to those commercially available for consumers, have been shown in footage on social media dropping grenades through the open turret hatch of tanks. Schmidt, who was CEO of Google from 2001 to 2011, then executive chairman to 2015, and executive chairman of Alphabet to 2018, founded White Stork with the aim of supporting Ukraine's war effort. It hopes to achieve this by developing a low-cost drone that can use AI to acquire its target rather than being guided by an operator and can function in environments where GPS jamming is in operation.

Notably, Schmidt also served as chair of the US government's National Security Commission on Artificial Intelligence (NSCAI), which advised the President and Congress about national security and defense issues with regard to AI. "The cost of autonomy is falling so quickly that the drone war, which is the future of conflict, will get rid of eventually tanks, artillery, mortars," Schmidt predicted.

Canada's Communications Security Establishment (CSE) revealed a sustained cyber campaign by the People's Republic of China, targeting Canadian government and private sector networks over the past five years. The report also flagged India, alongside Russia and Iran, as emerging cyber threats. The Register reports: The biennial National Cyber Threat Assessment described the People's Republic of China's (PRC) cyber operations against Canada as "second to none." Their purpose is to "serve high-level political and commercial objectives, including espionage, intellectual property (IP) theft, malign influence, and transnational repression." Over the past four years, at least 20 networks within Canadian government agencies and departments were compromised by PRC cyber threat actors. The CSE assured citizens that all known federal government compromises have been resolved, but warned that "the actors responsible for these intrusions dedicated significant time and resources to learn about the target networks."

The report also alleges that government officials -- particularly those perceived as being critical of the Chinese Communist Party (CCP) -- were attacked. One of those attacks includes an email operation against members of Interparliamentary Alliance on China. The purpose of the cyber attacks is mainly to gain information that would lead to strategic, economic, and diplomatic advantages. The activity appears to have intensified following incidents of bilateral tension between Canada and the PRC, after which Beijing apparently wanted to gather timely intelligence on official reactions and unfolding developments, according to the report. Canada's private sector is also in the firing line, with the CSE suggesting "PRC cyber threat actors have very likely stolen commercially sensitive data from Canadian firms and institutions." Operations that collect information that could support the PRC's economic and military interests are priority targets.