The FBI is "laser focused" on Chinese efforts to insert malicious software code into computer networks in ways that could disrupt critical US infrastructure, according to the agency's director Christopher Wray. From a report: Wray said he was acutely concerned about "pre-positioning" of malware. He said the US recently disrupted a Chinese hacking network known as Volt Typhoon that targeted American infrastructure including the electricity grid and water supply, and other targets around the world. "We're laser focused on this as a real threat and we're working with a lot of partners to try to identify it, anticipate it and disrupt it," Wray said on Sunday after attending the Munich Security Conference.

"I'm sober and clear minded about what we're up against...We're always going to have to be kind of on the balls of our feet." Wray said Volt Typhoon was just the tip of the iceberg and was one of many such efforts by the Chinese government. The US has been tracking Chinese pre-positioning operations for well over a decade, but Wray told the security conference that they had reached "fever pitch." He said China was increasingly inserting "offensive weapons within our critical infrastructure poised to attack whenever Beijing decides the time is right."

His comments are the latest FBI effort to raise awareness about Chinese espionage that ranges from traditional spying and intellectual property theft to hacking designed to prepare for possible future conflict. Last October, Wray and his counterparts from the Five Eyes intelligence-sharing network that includes the US, UK, Canada, Australia and New Zealand held their first public meeting in an effort to focus the spotlight on Chinese espionage. Wray said the US campaign was having an impact and that people were increasingly attuned to the threat, particularly compared with several years ago when he sometimes met scepticism.

"After years of rapid expansion, California's booming EV market may be showing signs of fatigue," reports the Los Angeles Times, "as high vehicle prices, unreliable charging networks and other consumer headaches appear to dampen enthusiasm for zero-emission vehicles.

"For the first time in more than a decade, electric vehicle sales dropped significantly in the last half of 2023..." Sales of all-electric cars and light trucks in California had started off strong in 2023, rising 48% in the first half of the year compared with a year earlier. By that time, California EV sales numbered roughly 190,807 — or slightly more than a quarter of all EV sales in the nation, according to the California New Car Dealers Assn. But it's what happened in the second half of last year though that's generating jitters. Sales in the third quarter fell by 2,840 from the previous period — the first quarterly drop for EVs in California since the Tesla Model S was introduced in 2012. And the fourth quarter was even worse: Sales dropped 10.2%, from 100,151 to 89,933...

Propelled by the sales success of Tesla, and boosted by electric vehicles from other automakers entering the market, consumer acceptance of EVs had seemed like a given until recently. In fact, robust sales growth is a key assumption in the state's zero-emission vehicle plan... Under the no-gas mandate, zero-emission vehicles must account for 35% of all new vehicle sales by model year 2026.... Nationally, EV sales growth also has slowed as automakers such as Ford and General Motors cut back — at least temporarily — on EV and battery production plans. Hertz, the rental car giant, is also pulling back on plans to shift heavily toward EVs. Hertz several years ago announced plans to buy 100,000 Teslas but is now selling off its EV fleet.

Corey Cantor, EV analyst at Bloomberg BNEF, an energy research firm, said that although recent sales figures are worrisome, there's plenty of momentum behind the EV transition, as evidenced by government mandates around the globe and massive investments by motor vehicle manufacturers and their suppliers. Those investments total $616 billion globally over five years, according to consulting firm AlixPartners.
But EVs haven't reached "price parity" with gas-powered engines, the article points out, so just 7.6% of the vehicles sold last year in the U.S. were electric — while in California, the market share for EVS was 20.1%.

The article also quantifies concerns about reliability of California's public charging system, which "according to studies from academic researchers and market analysts, can be counted on to malfunction at least 20% of the time." After $1 billion in state money for charger companies, the state's Energy Commission will now also start collecting reliability statistics, according to the article. But the article also cites wait times at the chargers. "Even if they were reliable, there aren't enough chargers to go around. EV sales have outpaced public charger installation."

Some good news? The federal government is spending $5 billion nationally to put fast chargers on major highways at 50-mile intervals. California will receive $384 million. Seven major automakers have also teamed up to build a North American charging network of their own, called Ionna. The joint venture plans to install at least 30,000 chargers — which would be open to any EV brand — at stations that will provide restrooms, food service and retail stores on site or nearby.

Tech workers are accused of driving up rents in America's major cities — but in fact, the problem may be everywhere. Half of America's renters "are paying more than a third of their salary in housing costs," reports NPR's Weekend Edition, "and for those looking to buy, scant few homes on the market are affordable for a typical household.

"To ramp up supply, cities are taking a fresh look at their zoning rules and the regulations that spell out what can be built where and what can't." And many are finding that their old rules are too rigid, making it too hard and too expensive to build many new homes. So these cities, as well as some states, are undertaking a process called zoning reform. They're crafting new rules that do things like allow multifamily homes in more neighborhoods, encourage more density near transit and streamline permitting processes for those trying to build... Minneapolis was ahead of the pack as it made a series of changes to its zoning rules in recent years: allowing more density downtown and along transit corridors, getting rid of parking requirements, permitting construction of accessory dwelling units, which are secondary dwellings on the same lot. And one change in particular made national news: The city ended single-family zoning, allowing two- and three-unit homes to be built in every neighborhood.

Researchers at The Pew Charitable Trusts examined the effects of the changes between 2017 and 2022, as many of the city's most significant zoning reforms came into effect. They found what they call a "blueprint for housing affordability." "We saw Minneapolis add 12% to its housing stock in just that five-year period, far more than other cities," Alex Horowitz, director of housing policy initiatives at Pew, told NPR... "The zoning reforms made apartments feasible. They made them less expensive to build. And they were saying yes when builders submitted applications to build apartment buildings. So they got a lot of new housing in a short period of time," says Horowitz. That supply increase appears to have helped keep rents down too. Rents in Minneapolis rose just 1% during this time, while they increased 14% in the rest of Minnesota.

Horowitz says cities such as Minneapolis, Houston and Tysons, Va., have built a lot of housing in the last few years and, accordingly, have seen rents stabilize while wages continue to rise, in contrast with much of the country... Now, these sorts of changes are happening in cities and towns around the country. Researchers at the University of California, Berkeley built a zoning reform tracker and identified zoning reform efforts in more than 100 municipal jurisdictions in the U.S. in recent years.
Other cities reforming their codes include Milwaukee, Columbus, New York City, Walla Walla, and South Bend, Indiana, according to the article — which also includes this quote from Nolan Gray, the urban planner who wrote the book Arbitrary Lines: How Zoning Broke the American City and How to Fix It.

"Most American cities and most American states have rules on the books that make it really, really hard to build more infill housing. So if you want a California-style housing crisis, don't do anything. But if you want to avoid the fate of states like California, learn some of the lessons of what we've been doing over the last few years and allow for more of that infill, mixed-income housing."

Although interestingly, the article points out that California in recent years has been pushing zoning reform at the state level, "passing lots of legislation to address the state's housing crisis, including a law that requires cities and counties to permit accessory dwelling units. Now, construction of ADUs is booming, with more than 28,000 of the units permitted in California in 2022."

Modern U.S. farming is being transformed by precision agriculture, writes Paul Roberts, the founder of securepairs.org and Editor in Chief at Security Ledger.

Theres autonomous tractors and "smart spraying" systems that use AI-powered cameras to identify weeds, just for starters. "Among the critical components of precision agriculture: Internet- and GPS connected agricultural equipment, highly accurate remote sensors, 'big data' analytics and cloud computing..." As with any technological revolution, however, there are both "winners" and "losers" in the emerging age of precision agriculture... Precision agriculture, once broadly adopted, promises to further reduce the need for human labor to run farms. (Autonomous equipment means you no longer even need drivers!) However, the risks it poses go well beyond a reduction in the agricultural work force. First, as the USDA notes on its website: the scale and high capital costs of precision agriculture technology tend to favor large, corporate producers over smaller farms. Then there are the systemic risks to U.S. agriculture of an increasingly connected and consolidated agriculture sector, with a few major OEMs having the ability to remotely control and manage vital equipment on millions of U.S. farms... (Listen to my podcast interview with the hacker Sick Codes, who reverse engineered a John Deere display to run the Doom video game for insights into the company's internal struggles with cybersecurity.)

Finally, there are the reams of valuable and proprietary environmental and operational data that farmers collect, store and leverage to squeeze the maximum productivity out of their land. For centuries, such information resided in farmers' heads, or on written or (more recently) digital records that they owned and controlled exclusively, typically passing that knowledge and data down to succeeding generation of farm owners. Precision agriculture technology greatly expands the scope, and granularity, of that data. But in doing so, it also wrests it from the farmer's control and shares it with equipment manufacturers and service providers — often without the explicit understanding of the farmers themselves, and almost always without monetary compensation to the farmer for the data itself. In fact, the Federal Government is so concerned about farm data they included a section (1619) on "information gathering" into the latest farm bill.

Over time, this massive transfer of knowledge from individual farmers or collectives to multinational corporations risks beggaring farmers by robbing them of one of their most vital assets: data, and turning them into little more than passive caretakers of automated equipment managed, controlled and accountable to distant corporate masters.
Weighing in is Kevin Kenney, a vocal advocate for the "right to repair" agricultural equipment (and also an alternative fuel systems engineer at Grassroots Energy LLC). In the interview, he warns about the dangers of tying repairs to factory-installed firmware, and argues that its the long-time farmer's "trade secrets" that are really being harvested today. The ultimate beneficiary could end up being the current "cabal" of tractor manufacturers.

"While we can all agree that it's coming...the question is who will own these robots?" First, we need to acknowledge that there are existing laws on the books which for whatever reason, are not being enforced. The FTC should immediately start an investigation into John Deere and the rest of the 'Tractor Cabal' to see to what extent farmers' farm data security and privacy are being compromised. This directly affects national food security because if thousands- or tens of thousands of tractors' are hacked and disabled or their data is lost, crops left to rot in the fields would lead to bare shelves at the grocery store... I think our universities have also been delinquent in grasping and warning farmers about the data-theft being perpetrated on farmers' operations throughout the United States and other countries by makers of precision agricultural equipment.
Thanks to long-time Slashdot reader chicksdaddy for sharing the article.

An anonymous reader quotes a report from the San Francisco Chronicle: San Francisco's leaders have spent the past few years desperately trying to figure out how to deal with a glut of empty offices, shuttered retail and public safety concerns plaguing the city's once vibrant downtown. Now, a California lawmaker wants to try a sweeping plan to revive the city's core by exempting most new real estate projects from environmental review, potentially quickening development by months or even years. State Sen. Scott Wiener, D-San Francisco, introduced SB1227 on Friday as a proposal to exempt downtown projects from the California Environmental Quality Act, or CEQA, for a decade. The 1970 landmark law requires studies of a project's expected impact on air, water, noise and other areas, but Wiener said it has been abused to slow down or kill infill development near public transit.

"Downtown San Francisco matters to our city's future, and it's struggling -- to bring people back, we need to make big changes and have open minds," Wiener said in a statement. "That starts with remodeling, converting, or even replacing buildings that may have become outdated and that simply aren't going to succeed going forward." Eligible projects would include academic institutions, sports facilities, mixed-use projects including housing, biotech labs, offices, public works and even smaller changes such as modifying an existing building's exterior. The city's existing zoning and permit requirements would remain intact. "We're not taking away any local control," Wiener said in an interview with the Chronicle on Friday.

California Sen. Scott Wiener is proposing a bill that, he said, would make it easier for San Francisco's downtown area to recover from the pandemic. However, it's not clear how much of an impact the bill would have if it's eventually passed since other factors are at play. New construction has been nearly frozen in San Francisco since the pandemic, amid consistently high labor costs, elevated interest rates and weakening demand for both apartments and commercial space.Major developers have reiterated that they have no plans to start work on significant new projects any time soon. Last week, Kilroy Realty, which has approval for a massive 2.3 million-square-foot redevelopment ofSouth of Market's Flower Mart, said no groundbreakings are planned this year -- anywhere.

A paper (PDF) from researchers at the University of Cambridge, supported by voices from numerous academic institutions including OpenAI, proposes remote kill switches and lockouts as methods to mitigate risks associated with advanced AI technologies. It also recommends tracking AI chip sales globally. The Register reports: The paper highlights numerous ways policymakers might approach AI hardware regulation. Many of the suggestions -- including those designed to improve visibility and limit the sale of AI accelerators -- are already playing out at a national level. Last year US president Joe Biden put forward an executive order aimed at identifying companies developing large dual-use AI models as well as the infrastructure vendors capable of training them. If you're not familiar, "dual-use" refers to technologies that can serve double duty in civilian and military applications. More recently, the US Commerce Department proposed regulation that would require American cloud providers to implement more stringent "know-your-customer" policies to prevent persons or countries of concern from getting around export restrictions. This kind of visibility is valuable, researchers note, as it could help to avoid another arms race, like the one triggered by the missile gap controversy, where erroneous reports led to massive build up of ballistic missiles. While valuable, they warn that executing on these reporting requirements risks invading customer privacy and even lead to sensitive data being leaked.

Meanwhile, on the trade front, the Commerce Department has continued to step up restrictions, limiting the performance of accelerators sold to China. But, as we've previously reported, while these efforts have made it harder for countries like China to get their hands on American chips, they are far from perfect. To address these limitations, the researchers have proposed implementing a global registry for AI chip sales that would track them over the course of their lifecycle, even after they've left their country of origin. Such a registry, they suggest, could incorporate a unique identifier into each chip, which could help to combat smuggling of components.

At the more extreme end of the spectrum, researchers have suggested that kill switches could be baked into the silicon to prevent their use in malicious applications. [...] The academics are clearer elsewhere in their study, proposing that processor functionality could be switched off or dialed down by regulators remotely using digital licensing: "Specialized co-processors that sit on the chip could hold a cryptographically signed digital "certificate," and updates to the use-case policy could be delivered remotely via firmware updates. The authorization for the on-chip license could be periodically renewed by the regulator, while the chip producer could administer it. An expired or illegitimate license would cause the chip to not work, or reduce its performance." In theory, this could allow watchdogs to respond faster to abuses of sensitive technologies by cutting off access to chips remotely, but the authors warn that doing so isn't without risk. The implication being, if implemented incorrectly, that such a kill switch could become a target for cybercriminals to exploit.

Another proposal would require multiple parties to sign off on potentially risky AI training tasks before they can be deployed at scale. "Nuclear weapons use similar mechanisms called permissive action links," they wrote. For nuclear weapons, these security locks are designed to prevent one person from going rogue and launching a first strike. For AI however, the idea is that if an individual or company wanted to train a model over a certain threshold in the cloud, they'd first need to get authorization to do so. Though a potent tool, the researchers observe that this could backfire by preventing the development of desirable AI. The argument seems to be that while the use of nuclear weapons has a pretty clear-cut outcome, AI isn't always so black and white. But if this feels a little too dystopian for your tastes, the paper dedicates an entire section to reallocating AI resources for the betterment of society as a whole. The idea being that policymakers could come together to make AI compute more accessible to groups unlikely to use it for evil, a concept described as "allocation."

An anonymous reader quotes a report from BleepingComputer: A new iOS and Android trojan named 'GoldPickaxe' employs a social engineering scheme to trick victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access. The new malware, spotted by Group-IB, is part of a malware suite developed by the Chinese threat group known as 'GoldFactory,' which is responsible for other malware strains such as 'GoldDigger', 'GoldDiggerPlus,' and 'GoldKefu.' Group-IB says its analysts observed attacks primarily targeting the Asia-Pacific region, mainly Thailand and Vietnam. However, the techniques employed could be effective globally, and there's a danger of them getting adopted by other malware strains. [...]

For iOS (iPhone) users, the threat actors initially directed targets to a TestFlight URL to install the malicious app, allowing them to bypass the normal security review process. When Apple remove the TestFlight app, the attackers switched to luring targets into downloading a malicious Mobile Device Management (MDM) profile that allows the threat actors to take control over devices. Once the trojan has been installed onto a mobile device in the form of a fake government app, it operates semi-autonomously, manipulating functions in the background, capturing the victim's face, intercepting incoming SMS, requesting ID documents, and proxying network traffic through the infected device using 'MicroSocks.'

Group-IB says the Android version of the trojan performs more malicious activities than in iOS due to Apple's higher security restrictions. Also, on Android, the trojan uses over 20 different bogus apps as cover. For example, GoldPickaxe can also run commands on Android to access SMS, navigate the filesystem, perform clicks on the screen, upload the 100 most recent photos from the victim's album, download and install additional packages, and serve fake notifications. The use of the victims' faces for bank fraud is an assumption by Group-IB, also corroborated by the Thai police, based on the fact that many financial institutes added biometric checks last year for transactions above a certain amount.

schwit1 writes: Robert F. Kennedy Jr. won a preliminary injunction against the White House and other federal defendants in his suit alleging government censorship of his statements against vaccines on social media. The injunction, however, will be stayed until the US Supreme Court rules in a related case brought by Missouri and Louisiana. An injunction is warranted because Kennedy showed he is likely to succeed on the merits of his claims, Judge Terry A. Doughty of the US District Court for the Western District of Louisiana said Wednesday.

The White House defendants, the Surgeon General defendants, the Centers for Disease Control and Prevention defendants, the Federal Bureau of Investigation defendants, and the Cybersecurity & Infrastructure Security Agency defendants likely violated the Free Speech Clause of the First Amendment, Doughty said. Kennedy's class action complaint, brought with health care professional Connie Sampognaro and Kennedy's nonprofit, Children's Health Defense, alleges that the federal government, beginning in early 2020, began a campaign to induce Facebook, Google (YouTube), and X, formerly known as Twitter, to censor constitutionally protected speech.

Specifically, Kennedy said, the government suppressed "facts and opinions about the COVID vaccines that might lead people to become 'hesitant' about COVID vaccine mandates." Kennedy has sufficiently shown that these defendants "jointly participated in the actions of the social media" platforms by '"insinuating' themselves into the social-media companies' private affairs and blurring the line between public and private action," Doughty said.

samleecole shares a report from 404 Media: A trove of leaked emails shows how administrators of one of the most prestigious awards in science fiction censored themselves because the awards ceremony was being held in China. Earlier this month, the Hugo Awards came under fire with accusations of censorship when several authors were excluded from the awards, including Neil Gaiman, R. F. Kuang, Xiran Jay Zhao, and Paul Weimer. These authors' works had earned enough votes to make them finalists, but were deemed "ineligible" for reasons not disclosed by Hugo administrators. The Hugo Awards are one of the largest and most important science fiction awards. [...]

The emails, which show the process of compiling spreadsheets of the top 10 works in each category and checking them for "sensitive political nature" to see if they were "an issue in China," were obtained by fan writer Chris M. Barkley and author Jason Sanford, and published on fandom news site File 770 and Sanford's Patreon, where they uploaded the full PDF of the emails. They were provided to them by Hugo Awards administrator Diane Lacey. Lacey confirmed in an email to 404 Media that she was the source of the emails. "In addition to the regular technical review, as we are happening in China and the *laws* we operate under are different...we need to highlight anything of a sensitive political nature in the work," Dave McCarty, head of the 2023 awards jury, directed administrators in an email. "It's not necessary to read everything, but if the work focuses on China, taiwan, tibet, or other topics that may be an issue *in* China...that needs to be highlighted so that we can determine if it is safe to put it on the ballot of if the law will require us to make an administrative decision about it."

The email replies to this directive show administrators combing through authors' social media presences and public travel histories, including from before they were nominated for the 2023 awards, and their writing and bodies of work beyond just what they were nominated for. Among dozens of other posts and writings, they note Weimer's negative comments about the Chinese government in a Patreon post and misspell Zhao's name and work (calling their novel Iron Widow "The Iron Giant"). About author Naseem Jamnia, an administrator allegedly wrote, "Author openly describes themselves as queer, nonbinary, trans, (And again, good for them), and frequently writes about gender, particularly non-binary. The cited work also relies on these themes. I include them because I don't know how that will play in China. (I suspect less than well.)"

"As far as our investigation is concerned there was no reason to exclude the works of Kuang, Gaiman, Weimer or Xiran Jay Zhao, save for being viewed as being undesirable in the view of the Hugo Award admins which had the effect of being the proxies Chinese government," Sanford and Barkley wrote. In conjunction with the email trove, Sanford and Barkley also released an apology letter from Lacey, in which she explains some of her role in the awards vetting process and also blames McCarty for his role in the debacle. McCarty, along with board chair Kevin Standlee, resigned earlier this month.

Following a hoax bomb threat sent via ProtonMail to schools in Chennai, India, police in the state of Tamil Nadu put in a request to block the encrypted email service in the region since they have been unable to identify the sender. According to Hindustan Times, that request was granted today. From the report: The decision to block Proton Mail was taken at a meeting of the 69A blocking committee on Wednesday afternoon. Under Section 69A of the IT Act, the designated officer, on approval by the IT Secretary and at the recommendation of the 69A blocking committee, can issue orders to any intermediary or a government agency to block any content for national security, public order and allied reasons. HT could not ascertain if a blocking order will be issued to Apple and Google to block the Proton Mail app. The final order to block the website has not yet been sent to the Department of Telecommunications but the MeitY has flagged the issue with the DoT.

During the meeting, the nodal officer representing the Tamil Nadu government submitted that a bomb threat was sent to multiple schools using ProtonMail, HT has learnt. The police attempted to trace the IP address of the sender but to no avail. They also tried to seek help from the Interpol but that did not materialise either, the nodal officer said. During the meeting, HT has learnt, MeitY representatives noted that getting information from Proton Mail, on other criminal matters, not necessarily linked to Section 69A related issues, is a recurrent problem.

Although Proton Mail is end-to-end encrypted, which means the content of the emails cannot be intercepted and can only be seen by the sender and recipient if both are using Proton Mail, its privacy policy states that due to the nature of the SMTP protocol, certain email metadata -- including sender and recipient email addresses, the IP address incoming messages originated from, attachment name, message subject, and message sent and received times -- is available with the company. "We condemn a potential block as a misguided measure that only serves to harm ordinary people. Blocking access to Proton is an ineffective and inappropriate response to the reported threats. It will not prevent cybercriminals from sending threats with another email service and will not be effective if the perpetrators are located outside of India," said ProtonMail in a statement.

"We are currently working to resolve this situation and are investigating how we can best work together with the Indian authorities to do so. We understand the urgency of the situation and are completely clear that our services are not to be used for illegal purposes. We routinely remove users who are found to be doing so and are willing to cooperate wherever possible within international cooperation agreements."

Texas-based Intuitive Machines' inaugural moon mission began early Thursday morning, heading toward what could be the first U.S. lunar landing in more than 50 years. From a report: Intuitive Machines' Nova-C lander launched from Florida on SpaceX's Falcon 9 rocket, beginning the IM-1 mission. "It is a profoundly humbling moment for all of us at Intuitive Machines. The opportunity to return the United States to the moon for the first time since 1972 is a feat of engineering that demands a hunger to explore," Intuitive Machines vice president of space systems Trent Martin said during a press conference.

The IM-1 lander, named "Odysseus" after the mythological Greek hero, is carrying 12 government and commercial payloads -- six of which are for NASA under an $118 million contract. NASA leadership emphasized before the launch that "IM-1 is an Intuitive Machines' mission, it's not a NASA mission." But it marks the second mission under NASA's Commercial Lunar Payload Services (CLPS) initiative, which aims to deliver science projects and cargo to the moon with increasing regularity in support of the agency's Artemis crew program. The agency views CLPS missions as "a learning experience," NASA's deputy associate administrator for exploration in the science mission directorate, Joel Kearns, told press before the launch.
UPDATE: See their first images transmitted from space....

Dumping chemicals in the ocean? Spraying saltwater into clouds? Injecting reflective particles into the sky? Scientists are resorting to once unthinkable techniques to cool the planet because global efforts to check greenhouse gas emissions are failing. From a report: These geoengineering approaches were once considered taboo by scientists and regulators who feared that tinkering with the environment could have unintended consequences, but now researchers are receiving taxpayer funds and private investments to get out of the lab and test these methods outdoors. The shift reflects growing concern that efforts to reduce greenhouse gas emissions aren't moving fast enough to prevent the destructive effects of heat waves, storms and floods made worse by climate change. Geoengineering isn't a substitute for reducing emissions, according to scientists and business leaders involved in the projects. Rather, it is a way to slow climate warming in the next few years while buying time to switch to a carbon-free economy in the longer term.

Three field experiments are under way in the U.S. and overseas. This month, researchers aboard a ship off the northeastern coast of Australia near the Whitsunday Islands are spraying a briny mixture through high-pressure nozzles into the air in an attempt to brighten low-altitude clouds that form over the ocean. Scientists hope bigger, brighter clouds will reflect sunlight away from the Earth, shade the ocean surface and cool the waters around the Great Barrier Reef, where warming ocean temperatures have contributed to massive coral die-offs. The research project, known as marine cloud brightening, is led by Southern Cross University as part of the $64.55 million, or 100 million Australian dollars, Reef Restoration and Adaptation Program. The program is funded by the partnership between the Australian government's Reef Trust and the Great Barrier Reef Foundation and includes conservation organizations and several academic institutions.

An anonymous reader quotes a report from TechCrunch: The U.S. Department of Defense is notifying tens of thousands of individuals that their personal information was exposed in an email data spill last year. According to the breach notification letter sent out to affected individuals on February 1, the Defense Intelligence Agency -- the DOD's military intelligence agency -- said, "numerous email messages were inadvertently exposed to the Internet by a service provider," between February 3 and February 20, 2023. TechCrunch has learned that the breach disclosure letters relate to an unsecured U.S. government cloud email server that was spilling sensitive emails to the open internet. The cloud email server, hosted on Microsoft's cloud for government customers, was accessible from the internet without a password, likely due to a misconfiguration.

The DOD is sending breach notification letters to around 20,600 individuals whose information was affected. "As a matter of practice and operations security, we do not comment on the status of our networks and systems. The affected server was identified and removed from public access on February 20, 2023, and the vendor has resolved the issues that resulted in the exposure. DOD continues to engage with the service provider on improving cyber event prevention and detection. Notification to affected individuals is ongoing," said DOD spokesperson Cdr. Tim Gorman in an email to TechCrunch.

An anonymous reader quotes a report from The Verge: The US government has committed $42 million to further the development of the 5G Open RAN (O-RAN) standard that would allow wireless providers to mix and match cellular hardware and software, opening up a bigger market for third-party equipment that's cheaper and interoperable. The National Telecommunications and Information Administration (NTIA) grant would establish a Dallas O-RAN testing center to prove the standard's viability as a way to head off Huawei's steady cruise toward a global cellular network hardware monopoly.

Verizon global network and technology president Joe Russo promoted the funding as a way to achieve "faster innovation in an open environment." To achieve the standard's goals, AT&T vice president of RAN technology Robert Soni says that AT&T and Verizon have formed the Acceleration of Compatibility and Commercialization for Open RAN Deployments Consortium (ACCoRD), which includes a grab bag of wireless technology companies like Ericsson, Nokia, Samsung, Dell, Intel, Broadcom, and Rakuten. Japanese wireless carrier Rakuten formed as the first O-RAN network in 2020. The company's then CEO, Tareq Amin, told The Verge's Nilay Patel in 2022 that Open RAN would enable low-cost network build-outs using smaller equipment rather than massive towers -- which has long been part of the promise of 5G.

But O-RAN is about more than that; establishing interoperability means companies like Verizon and AT&T wouldn't be forced to buy all of their hardware from a single company to create a functional network. For the rest of us, that means faster build-outs and "more agile networks," according to Rakuten. In the US, Dish has been working on its own O-RAN network, under the name Project Genesis. The 5G network was creaky and unreliable when former Verge staffer Mitchell Clarke tried it out in Las Vegas in 2022, but the company said in June last year that it had made its goal of covering 70 percent of the US population. Dish has struggled to become the next big cell provider in the US, though -- leading satellite communications company EchoStar, which spun off from Dish in 2008, to purchase the company in January. The Washington Post writes that O-RAN "is Washington's anointed champion to try to unseat the Chinese tech giant Huawei Technologies" as the world's biggest supplier of cellular infrastructure gear.

According to the Post, Biden has emphasized the importance of O-RAN in conversations with international leaders over the past few years. Additionally, it notes that Congress along with the NTIA have dedicated approximately $2 billion to support the development of this standard.

Martin Hellman "achieved legendary status as co-inventor of the Diffie-Hellman public key exchange algorithm, a breakthrough in software and computer cryptography," notes a new interview in InfoWorld.

Nine years after winning the Turing award, the 78-year-old cryptologist shared his perspective on some other issues: What do you think about the state of digital spying today?

Hellman: There's a need for greater international cooperation. How can we have true cyber security when nations are planning — and implementing — cyber attacks on one another? How can we ensure that AI is used only for good when nations are building it into their weapons systems? Then, there's the grandaddy of all technological threats, nuclear weapons. If we keep fighting wars, it's only a matter of time before one blows up.

The highly unacceptable level of nuclear risk highlights the need to look at the choices we make around critical decisions, including cyber security. We have to take into consideration all participants' needs for our strategies to be effective....

Your battle with the government to make private communication available to the general public in the digital age has the status of folklore. But, in your recent book (co-authored with your wife Dorothie [and freely available as a PDF]), you describe a meeting of minds with Admiral Bobby Ray Inman, former head of the NSA. Until I read your book, I saw the National Security Agency as bad and Diffie-Hellman as good, plain and simple. You describe how you came to see the NSA and its people as sincere actors rather than as a cynical cabal bent on repression. What changed your perspective?

Hellman: This is a great, real-life example of how taking a holistic view in a conflict, instead of just a one-sided one, resolved an apparently intractable impasse. Those insights were part of a major change in my approach to life. As we say in our book, "Get curious, not furious." These ideas are effective not just in highly visible conflicts like ours with the NSA, but in every aspect of life.
Hellman also had an interesting answer when asked if math, game theory, and software development teach any lessons applicable to issues like nuclear non-proliferation or national defense.

"The main thing to learn is that the narrative we (and other nations) tell ourselves is overly simplified and tends to make us look good and our adversaries bad."

America's Federal Aviation Administration "is midway through a review of manufacturing at Boeing," reports the Associated Press, but "already knows that changes must be made in how the government oversees the aircraft manufacturer." FAA Administrator Michael Whitaker suggested that Boeing — under pressure from airlines to produce large numbers of planes — is not paying enough attention to safety.

Whitaker said that FAA has had two challenges since January 5, when an emergency door panel blew off a Boeing 737 Max 9 jetliner over Oregon. "One, what is wrong with this airplane? But two, what's going on with the production at Boeing?" Whitaker told a House subcommittee. "There have been issues in the past. They don't seem to be getting resolved, so we feel like we need to have a heightened level of oversight."

Whitaker, who took over the FAA about three months ago, was making his first appearance on Capitol Hill since the blowout over Oregon.... Whitaker said the FAA is halfway through a six-week audit that has involved placing "about two dozen" inspectors in Boeing's 737 plant in Renton, Washington, and "maybe half a dozen" at a Wichita, Kansas, plant where supplier Spirit AeroSystems makes the fuselages for 737s. The inspectors are looking for gaps in the quality of work during the manufacturing process that might have contributed to a door plug blowing off an Alaska Airlines Max 9 at 16,000 feet over Oregon. Whitaker said he expects the FAA will keep people in the Boeing and Spirit factories after the audit is done, but he said the numbers haven't been determined.

For many years, the FAA has relied on employees of aircraft manufacturers to perform some safety-related work on planes being built by their companies. That saves money for the government, and in theory taps the expertise of industry employees, but it was criticized after two deadly crashes involving Boeing Max 8 planes in 2018 and 2019. "In order to have a truly safe system, it seems to me that we can't rely on the manufacturers themselves to be their own watchdogs," Rep. Colin Allred, D-Texas, said during Tuesday's hearing. Whitaker has said that the self-checking practice — in theory, overseen by FAA inspectors — should be reconsidered, but he again stopped short of saying it should be scrapped. But he said closer monitoring of Boeing is needed.

"The current system is not working because it is not delivering safe aircraft," Whitaker said. "Maybe we need to look at the incentives to make sure safety is getting the appropriate first rung of consideration that it deserves."

An anonymous reader shared this report from the Washington Post: A California state lawmaker introduced a bill on Thursday aiming to force companies to test the most powerful artificial intelligence models before releasing them — a landmark proposal that could inspire regulation around the country as state legislatures increasingly tackle the swiftly evolving technology.

The new bill, sponsored by state Sen. Scott Wiener, a Democrat who represents San Francisco, would require companies training new AI models to test their tools for "unsafe" behavior, institute hacking protections and develop the tech in such a way that it can be shut down completely, according to a copy of the bill. AI companies would have to disclose testing protocols and what guardrails they put in place to the California Department of Technology. If the tech causes "critical harm," the state's attorney general can sue the company.

Wiener's bill comes amid an explosion of state bills addressing artificial intelligence, as policymakers across the country grow wary that years of inaction in Congress have created a regulatory vacuum that benefits the tech industry. But California, home to many of the world's largest technology companies, plays a singular role in setting precedent for tech industry guardrails. "You can't work in software development and ignore what California is saying or doing," said Lawrence Norden, the senior director of the Brennan Center's Elections and Government Program... Wiener says he thinks the bill can be passed by the fall.
The article notes there's now 407 AI-related bills "active in 44 U.S. states (according to an analysis by an industry group called BSA the Software Alliance) — with several already signed into law. "The proliferation of state-level bills could lead to greater industry pressure on Congress to pass AI legislation, because complying with a federal law may be easier than responding to a patchwork of different state laws."

Even the proposed California law "largely builds off an October executive order by President Biden," according to the article, "that uses emergency powers to require companies to perform safety tests on powerful AI systems and share those results with the federal government. The California measure goes further than the executive order, to explicitly require hacking protections, protect AI-related whistleblowers and force companies to conduct testing."

They also add that as America's most populous U.S. state, "California has unique power to set standards that have impact across the country." And the group behind last year's statement on AI risk helped draft the legislation, according to the article, though Weiner says he also consulted tech workers, CEOs, and activists. "We've done enormous stakeholder outreach over the past year."

An anonymous reader quotes a report from the San Francisco Standard: California would ban all plastic shopping bags in 2026 under a new bill announced Thursday in the state Legislature. California already bans thin plastic shopping bags at grocery stores and other shops, but shoppers at checkout can purchase bags made with a thicker plastic that purportedly makes them reusable and recyclable. Democratic state Sen. Catherine Blakespear said people are not reusing or recycling those bags. She points to a state study that found the amount of plastic shopping bags trashed per person grew from 8 pounds per year in 2004 to 11 pounds per year in 2021. "It shows that the plastic bag ban that we passed in this state in 2014 did not reduce the overall use of plastic. It actually resulted in a substantial increase in plastic," Blakespear, a Democrat from Encinitas, said Thursday. "We are literally choking our planet with plastic waste."

While California's bag ban would apply statewide, it would only end up impacting about half the state's population, according to Mark Murray, lead advocate for the environmental advocacy group Californians Against Waste. That's because most of the state's major cities already ban these types of thicker plastic bags. But a state law passed in 2014 and approved by voters in a 2016 referendum bans cities from passing new laws restricting plastic bag use. If the Legislature passes this bill, it would be up to Democratic Gov. Gavin Newsom to decide whether to sign it into law. As San Francisco's mayor in 2007, Newsom signed the nation's first plastic bag ban.

It appears that the government of Canada is going to ban the Flipper Zero, the tiny, modular hacking device that's become popular with techies for its deviant digital powers. From a report: On Thursday, following a summit that focused on "the growing challenge of auto theft in Canada," the country's Minister of Innovation, Science and Industry posted a statement on X, saying "Criminals have been using sophisticated tools to steal cars...Today, I announced we are banning the importation, sale and use of consumer hacking devices, like flippers, used to commit these crimes.

In a press release issued on Thursday, the Canadian government confirmed that it will be pursuing "all avenues to ban devices used to steal vehicles by copying the wireless signals for remote keyless entry, such as the Flipper Zero." The Flipper, which is technically a penetration testing device, has been controversial due to its ability to hack droves of smart products. Alex Kulagin, the COO of Flipper Devices, said in a statement shared with Gizmodo that the device couldn't be used to "hijack any car" and that certain circumstances would have to be met for it to happen:

Commerce Secretary Gina Raimondo said she is "very worried" about AI being used nefariously in the 2024 election, she told reporters at a press conference in Washington, D.C. on Thursday. From a report: "AI can do amazing things and AI can disrupt our elections, here and around the world," she said. "We're already starting to see it." Raimondo was asked by ABC News about the robocall sent on the day of the New Hampshire primary purporting to be from President Biden and spreading misinformation about voting times.

She said the government is going to work "extensively" to start putting out AI framework that helps people -- including journalists -- be able to decipher what is real and what is fake. The Commerce Secretary added that AI companies want to do the right thing based on her conversations with them. "Am I worried? Yes," she said. "Do I think we have the tools to protect our election and our democracy? Yes. Do I feel based on my interactions with the private sector that they want to do the right thing? By and large, Yes. It's a big threat."