The French government is building its own encrypted messenger service to ease fears that foreign entities could spy on private conversations between top officials, the digital ministry said on Monday. From a report: None of the world's major encrypted messaging apps, including Facebook's WhatsApp and Telegram -- a favorite of President Emmanuel Macron -- are based in France, raising the risk of data breaches at servers outside the country.

About 20 officials and top civil servants are testing the new app which a state-employed developer has designed, a ministry spokeswoman said, with the aim that its use will become mandatory for the whole government by the summer. "We need to find a way to have an encrypted messaging service that is not encrypted by the United States or Russia," the spokeswoman said. "You start thinking about the potential breaches that could happen, as we saw with Facebook, so we should take the lead."

State-sponsored Russian hackers are actively seeking to hijack essential internet hardware, US and UK intelligence agencies say. BBC reports: The UK's National Cyber Security Centre (NCSC), the FBI and the US Department of Homeland Security issued a joint alert warning of a global campaign. The alert details methods used to take over essential network hardware. The attacks could be an attempt by Russia to gain a foothold for use in a future offensive, it said. "Russia is our most capable hostile adversary in cyber-space, so dealing with their attacks is a major priority for the National Cyber Security Centre and our US allies," said Ciaran Martin, head of the NCSC in a statement. The alert said attacks were aimed at routers and switches that directed traffic around the net. Compromised devices were used to look at data passing through them, so Russia could scoop up valuable intellectual property, business information and other intelligence.

An anonymous reader shares a report: The U.S. Department of Commerce is banning American companies from selling components to leading Chinese telecom equipment maker ZTE Corp for seven years for violating the terms of a sanctions violation case, U.S. officials said on Monday. The Chinese company, which sells smartphones in the United States, pleaded guilty last year in federal court in Texas for conspiring to violate U.S. sanctions by illegally shipping U.S. goods and technology to Iran. It paid $890 million in fines and penalties, with an additional penalty of $300 million that could be imposed. As part of the agreement, Shenzhen-based ZTE Corp promised to dismiss four senior employees and discipline 35 others by either reducing their bonuses or reprimanding them, senior Commerce Department officials told Reuters. Update: The UK's cyber security watchdog has warned the UK telecoms sector not to use network equipment or services from Chinese supplier ZTE as it would have a "long term negative effect on the security of the UK."

According to The New York Times, "President Trump told a gathering of farm state lawmakers and governors on Thursday morning that he was directing his advisers to look into rejoining the multicountry trade deal known as the Trans-Pacific Partnership (Warning: source may be paywalled; alternative source)." The TPP was a contentious issue during the 2016 presidential election as both Democrats and Republicans attacked it. After signaling during the election that he would pull out of the trade deal "on day one" of his presidency, Trump followed through with his plans. From the report: Rejoining the 11-country pact could be a significant change in fortune for many American industries that stood to benefit from the trade agreement's favorable terms and Republican lawmakers who supported the pact. The deal, which was negotiated by the Obama administration, was largely viewed as a tool to prod China into making the type of economic reforms that the United States and others have long wanted. Both Democrats and Republicans attacked the deal during the president campaign, but many business leaders were disappointed when Mr. Trump withdrew from the agreement, arguing that the United States would end up with less favorable terms attempting to broker an array of individual trade pacts and that scrapping the deal would empower China.

Mr. Trump's decision to reconsider the deal comes as the White House tries to find ways to protect the agriculture sector, which could be badly damaged by the president's trade approach. The risk of an escalating trade war with China has panicked American farmers and ranchers, who send many of their products abroad. China has responded to Mr. Trump's threat of tariffs on as much as $150 billion worth of Chinese goods by placing its own tariffs on American pork, and threatening taxes on soybeans, sorghum, corn and beef. Many American agriculturalists maintain that the easiest way to help them is to avoid a trade war with China in the first place. And many economists say the best way to combat a rising China and pressure it to open its market is through multilateral trade deals like the Trans-Pacific Partnership, which create favorable trading terms for participants.

President Donald Trump has signed a new law aimed at curbing sex trafficking. From a report: The bill -- a mashup of the Fight Online Sex Trafficking Act (FOSTA) and the Stop Enabling Sex Traffickers Act (SESTA), which is commonly referred to as the latter -- passed Congress in March. It makes websites liable for what users say and do on their platforms, and many advocacy groups have come out against the bill, saying that it undermines essential internet freedoms.

It could be months -- or as late as January 2019 -- before FOSTA is enacted and anyone could be charged under the law. But even in the days immediately after the bill passed in Congress, platforms started scrambling to proactively shut down forums or whole sites where sex trafficking could feasibly happen. Fringe dating websites, sex trade and advertising forums, and even portions of Craigslist were taken down in the weeks following, while companies like Google started strictly enforcing terms of service around sexual speech. Commenting on the development, EFF said, "As we've already seen, this bill silences online speech by forcing Internet platforms to censor their users."

Democratic Senators Edward J. Markey (D-Mass.) and Richard Blumenthal (D-Conn.) today proposed a "privacy bill of rights" that would prevent Facebook and other websites from sharing or selling sensitive information without a customer's opt-in consent. The proposed law would protect customers' web browsing and application usage history, private messages, and any sensitive personal data such as financial and health information. Ars Technica reports: Markey teamed with Sen. Richard Blumenthal (D-Conn.) to propose the Customer Online Notification for Stopping Edge-provider Network Transgressions (CONSENT) Act. You can read the full legislation here. "Edge providers" refers to websites and other online services that distribute content over consumer broadband networks. Facebook and Google are the dominant edge providers when it comes to advertising and the use of customer data to serve targeted ads. No current law requires edge providers to seek customers' permission before using their browsing histories to serve personalized ads. The online advertising industry uses self-regulatory mechanisms in which websites let visitors opt out of personalized advertising based on browsing history, and websites can be punished by the Federal Trade Commission (FTC) if they break their privacy promises.

The Markey/Blumenthal bill's stricter opt-in standard would require edge providers to "obtain opt-in consent from a customer to use, share, or sell the sensitive customer proprietary information of the customer." Edge providers would not be allowed to impose "take-it-or-leave-it" offers that require customers to consent in order to use the service. The FTC and state attorneys general would be empowered to enforce the new opt-in requirements. The bill would require edge providers to notify users about all collection, use, and sharing of their information. The bill also requires edge providers "to develop reasonable data security practices" and to notify customers about data breaches that affect them.

The mobile apps for four popular news apps in China, including the most popular aggregator, Jinri Toutiao, were removed from a number of Chinese smartphone app stores following reports of a crackdown by the country's media watchdog, local media reported on Monday. From the report: Toutiao, with about 120 million daily active users, was not available on the app stores of smartphone manufacturers Xiaomi and Meizu on Monday afternoon. The apps for Tiantian Kuaibao, Netease News and Ifeng News were also not found on Xiaomi. China's authorities have asked several of the country's smartphone app stores to remove the four apps by 3pm on Monday as part of efforts to "regulate order in the broadcasting environment," according to Chinese news portal Sohu.com. The apps will be removed for between three days to three weeks, with Toutiao being offline for the longest period, according to the Sohu report. [...] China has shut down more than 13,000 websites in the last three years as Beijing sought to tighten its grip on the internet.

Facebook CEO Mark Zuckerberg will be questioned about user privacy protections next week by members of the House and Senate committees, but as USA Today notes, many of these members were also "some of the biggest recipients of campaign contributions from Facebook employees directly and the political action committee funded by employees." An anonymous reader shares the report: The congressional panel that got the most Facebook contributions is the House Energy and Commerce Committee, which announced Wednesday morning it would question Zuckerberg on April 11. Members of the committee, whose jurisdiction gives it regulatory power over Internet companies, received nearly $381,000 in contributions tied to Facebook since 2007, according to the Center for Responsive Politics. The center is a non-partisan, non-profit group that compiles and analyzes disclosures made to the Federal Election Commission.

The second-highest total, $369,000, went to members of the Senate Commerce, Science and Transportation Committee, which announced later that it would have a joint hearing with the Senate Judiciary Committee to question Zuckerberg on Tuesday. Judiciary Committee members have received $235,000 in Facebook contributions. On the House committee, Republicans got roughly twice as much as Democrats, counter to the broader trend in Facebook campaign gifts. Of the $7 million in contributions to all federal candidates tied to the Menlo Park, Calif.-based social network, Democrats got 65% to Republicans' 33%. Of the 55 members on the Energy and Commerce Committee this year, all but nine have received Facebook contributions in the past decade. The average Republican got $6,800, while the average Democrat got $6,750.

Russia's state communications watchdog, Roskomnadzor, has filed a lawsuit to block Telegram in the country because the instant messaging company has refused to hand over the encryption keys that would allow Russian authorities to read messages sent using the service. From a report: Ranked as the world's ninth most popular mobile messaging app, Telegram is widely used in countries across the former Soviet Union and Middle East. Active users of the app reached 200 million in March. As part of its services, Telegram allows users to communicate via encrypted messages which cannot be read by third parties, including government authorities. But Russia's FSB Federal Security service has said it needs access to some messages for its work, including guarding against terrorist attacks. Telegram has refused to comply with its demands, citing respect for user privacy.

An anonymous reader writes: Seoul-born Wendy Hui Kyong Chun, a professor at Brown University known for her work on fake news, is moving to Canada. So is Alan Aspuru-Guzik, a Harvard chemistry professor working on quantum computing and artificial intelligence. They are among 24 top academic minds around the world wooed to Canada by an aggressive recruitment effort offering ultra-attractive sinecures, seven-year funding arrangements -- and, Chun and Aspuru-Guzik said in separate interviews with Axios, a different political environment from the U.S. The "Canada 150 Research Chairs Program" is spending $117 million on seven-year grants of either $350,000 a year or $1 million a year. It's part of a campaign by numerous countries to attract scholars unhappy with Brexit, the election of Donald Trump, and other political trends, sweetened with unusually generous research conditions.

For the first time, the U.S. government has publicly acknowledged the existence in Washington of what appear to be rogue devices that foreign spies and criminal could be using to track individual cellphones and intercept calls and messages. From a report: The use of what are known as cellphone-site simulators by foreign powers has long been a concern, but American intelligence and law enforcement agencies -- which use such eavesdropping equipment themselves -- have been silent on the issue until now. In a March 26 letter to Oregon Sen. Ron Wyden, the Department of Homeland Security acknowledged that last year it identified suspected unauthorized cell-site simulators in the nation's capital. The agency said it had not determined the type of devices in use or who might have been operating them. Nor did it say how many it detected or where.

The agency's response, obtained by The Associated Press from Wyden's office, suggests little has been done about such equipment, known popularly as Stingrays after a brand common among U.S. police departments. The Federal Communications Commission, which regulates the nation's airwaves, formed a task force on the subject four years ago, but it never produced a report and no longer meets regularly. The devices work by tricking mobile devices into locking onto them instead of legitimate cell towers, revealing the exact location of a particular cellphone. More sophisticated versions can eavesdrop on calls by forcing phones to step down to older, unencrypted 2G wireless technology. Some attempt to plant malware.

An anonymous reader quotes a report from Vox: Facebook's fake news problems extend far beyond Russian trolls interfering in U.S. elections. Overseas, false stories have turned into tools of political warfare -- most notably in Myanmar, where government forces have carried out a campaign of ethnic cleansing against the Rohingya, the country's Muslim minority group. In an interview with Vox's Ezra Klein, Facebook CEO Mark Zuckerberg addressed Facebook's role in fueling and inciting anti-Muslim and anti-Rohingya sentiment. "The Myanmar issues have, I think, gotten a lot of focus inside the company," Zuckerberg said. "And they're real issues and we take this really seriously."

He recalled one incident where Facebook detected that people were trying to spread "sensational messages" through Facebook Messenger to incite violence on both sides of the conflict. He acknowledged that in such instances, it's clear that people are using Facebook "to incite real-world harm." But in this case, at least, the messages were detected and stopped from going through. "This is certainly something that we're paying a lot of attention to," Zuckerberg continued. "It's a real issue, and we want to make sure that all of the tools that we're bringing to bear on eliminating hate speech, inciting violence, and basically protecting the integrity of civil discussions that we're doing in places like Myanmar, as well as places like the U.S. that do get a disproportionate amount of the attention."

An anonymous reader shares an Associated Press report: It may be a while before President Donald Trump gets another chance at creating a new, "merit-based" immigration system, a keystone of his four-part plan that Congress rejected last month. In the meantime, his administration is busy making it harder, not easier, for skilled migrants to come work in the United States. The State Department has ended an Obama-era program to grant visas to foreign entrepreneurs who want to start companies in the United States. It is more aggressively scrutinizing visas to skilled workers from other countries. And it is contemplating ending a provision that allows spouses of those skilled workers to be employed in the U.S.

The administration and its backers contend it's trying to fix flaws in the existing, employer-centric skilled immigration system while advocating for a complete overhaul of America's immigration system. "The stuff that they're actually doing is not so much restricting skilled immigration as enforcing the law," said Mark Krikorian of the Center for Immigration Studies, which supports reducing immigration. "They're rolling back some of the extralegal measures that other administrations have taken." A primary avenue for skilled immigrants to enter the United States is the H1B visa for specialty workers, which is heavily used by the technology industry. About 85,000 visas are issued annually in a lottery system. Some critics argue they are a way for companies to avoid hiring U.S. citizens; Trump himself has said H1B recipients shouldn't even be considered skilled. Further reading: On Easter Sunday, Trump threatens to end DACA and 'stop' NAFTA.

Coral Davenport and Hiroko Tabuchi, reporting for The New York Times: The Trump administration is expected to launch an effort in coming days to weaken greenhouse gas emissions and fuel economy standards for automobiles, handing a victory to car manufacturers and giving them ammunition to potentially roll back industry standards worldwide. The move -- which undercuts one of President Barack Obama's signature efforts to fight climate change -- would also propel the Trump administration toward a courtroom clash with California, which has vowed to stick with the stricter rules even if Washington rolls back federal standards. That fight could end up creating one set of rules for cars sold in California and the 12 states that follow its lead, and weaker rules for the rest of the states, in effect splitting the nation into two markets.

Scott Pruitt, the head of the Environmental Protection Agency, is expected to frame the initiative as eliminating a regulatory burden on automakers that will result in more affordable trucks, vans and sport utility vehicles for buyers, according to people familiar with the plan. An E.P.A. spokeswoman confirmed that Mr. Pruitt had sent a draft of the 16-page plan to the White House for approval. Further reading: EPA to its employees: Ignore science when talking about climate change (ArsTechnica)

President Trump escalated his attack on Amazon on Thursday, saying that the e-commerce giant does not pay enough taxes, and strongly suggested that he may try to rein in the e-commerce business. From a report: The president took aim at Amazon's tax contributions, its use of the US Postal Service and practices that put "many thousands of retailers out of business!" The accusations aren't new. The tweet was likely prompted by an Axios story on Wednesday that claimed Trump was weighing "going after" Amazon over alleged antitrust activities or violations of competition laws. The Axios story appeared to contribute to a selloff of Amazon stock Wednesday, with Amazon shares dropping 4.4 percent, even though Trump's disdain for Amazon and its CEO, Jeff Bezos, was already well-known. Bezos owns The Washington Post, whose coverage has been less than glowing about the new president, which may be a factor in Trump's attacks. Trump's tweet, in full: I have stated my concerns with Amazon long before the Election. Unlike others, they pay little or no taxes to state & local governments, use our Postal System as their Delivery Boy (causing tremendous loss to the U.S.), and are putting many thousands of retailers out of business!

"FBI and Justice Department officials have been quietly meeting with security researchers who have been working on approaches to provide such 'extraordinary access' to encrypted devices," reports The New York Times (alternative source), citing people familiar with the matter. Justice Department officials believe that these "mechanisms allowing access to the data" exist without weakening the devices' security against hacking. Slashdot reader schwit1 shares the report: Against that backdrop, law enforcement officials have revived talks inside the executive branch over whether to ask Congress to enact legislation mandating the access mechanisms. The Trump White House circulated a memo last month among security and economic agencies outlining ways to think about solving the problem, officials said. The FBI has been agitating for versions of such a mandate since 2010, complaining that the spreading use of encryption is eroding investigators' ability to carry out wiretap orders and search warrants -- a problem it calls "going dark." The issue repeatedly flared without resolution under the Obama administration, peaking in 2016, when the government tried to force Apple to help it break into the iPhone of one of the attackers in the terrorist assault in San Bernardino, Calif. The debate receded when the Trump administration took office, but in recent months top officials like Rod J. Rosenstein, the deputy attorney general, and Christopher A. Wray, the FBI director, have begun talking publicly about the "going dark" problem. The National Security Council and the Justice Department declined to comment about the internal deliberations. The people familiar with the talks spoke on the condition of anonymity, cautioning that they were at a preliminary stage and that no request for legislation was imminent. But the renewed push is certain to be met with resistance.

An anonymous reader quotes a report from Ars Technica: In the wake of this week's passage of the Allow States and Victims to Fight Online Sex Trafficking Act (FOSTA) bill in both houses of Congress on Wednesday, Craigslist has removed its "Personals" section entirely, and Reddit has removed some related subreddits, likely out of fear of future lawsuits. FOSTA, which awaits the signature of President Donald Trump before becoming law, removes some portions of Section 230 of the Communications Decency Act. The landmark 1996 law shields website operators that host third-party content (such as commenters, for example) from civil liability. The new bill is aimed squarely at Backpage, a notorious website that continues to allow prostitution advertisements and has been under federal scrutiny for years. In a bizarre turn of events, the Department of Justice also warned the House in February 2018 that the bill "raises a serious constitutional concern," as it would apply retroactively -- a seeming violation of the Constitution's ex post facto clause. Congress passed it anyway. The Electronic Frontier Foundation wrote in a blog post: "It's easy to see the impact that this ramp-up in liability will have on online speech: facing the risk of ruinous litigation, online platforms will have little choice but to become much more restrictive in what sorts of discussion -- and what sorts of users -- they allow, censoring innocent people in the process."

An anonymous reader shares a report: It may be a while since you've heard the handle "Guccifer 2.0," the hacker who took responsibility for the infamous DNC hack of 2016. Reports from the intelligence community at the time, as well as common sense, pegged Guccifer 2.0 not as the Romanian activist he claimed to be, but a Russian operative. Evidence has been scarce, but one slip-up may have given the game away. An anonymous source close to the U.S. government investigation of the hacker told the Daily Beast that on one single occasion, Guccifer 2.0 failed to log into the usual VPN that disguised their traffic. As a result, they left one honest IP trace at an unnamed social media site.

That IP address, "identified Guccifer 2.0 as a particular GRU officer working out of the agency's headquarters on Grizodubovoy Street in Moscow," the Daily Beast reported. (The GRU is one of the Russia's security and intelligence organs.) Previous work by security researchers had suggested this, but it's the first I've heard of evidence this direct. Assuming it's genuine, it's a sobering reminder of how fragile anonymity is on the internet -- one click and the whole thing comes crashing down.

The National Electoral Commission Sierra Leone is denying the news that theirs was one of the first elections recorded to the blockchain. "While the blockchain voting company Agora claimed to have run the first blockchain-based election, it appears that the company did little more than observe the voting and store some of the results," reports TechCrunch. From the report: "The NEC [National Electoral Commission] has not used and is not using blockchain technology in any part of the electoral process," said NEC head Mohamed Conteh. Why he is adamant about this fact is unclear -- questions I asked went unanswered -- but he and his team have created a set of machine readable election results and posted [a] clarification. "Anonymized votes/ballots are being recorded on Agora's blockchain, which will be publicly available for any interested party to review, count and validate," said Agora's Leonardo Gammar. "This is the first time a government election is using blockchain technology." In Africa the reactions were mixed. "It would be like me showing up to the UK election with my computer and saying, 'let me enter your counting room, let me plug-in and count your results,'" said Morris Marah to RFI. "Agora's results for the two districts they tallied differed considerably from the official results, according to an analysis of the two sets of statistics carried out by RFI," wrote RFI's Daniel Finnan.

An anonymous reader quotes a report from CNBC: President Donald Trump issued an executive order Monday banning any transactions within the United States involving any digital currency issued by, for, or on behalf of the Government of Venezuela. The order applies to U.S. citizens as well as anyone within the United States, and includes cryptocurrency issued on or after January 9. President Trump's order is in response to recent attempts by Venezuelan President Nicolas Maduro's regime to "circumvent U.S. sanctions by issuing a digital currency," the White House said in a statement. Venezuela launched its oil-backed cryptocurrency in February to help pull the country out of a continuing economic crisis. President Maduro said each petro token will be backed by one barrel of the state's national petroleum. Maduro also said roughly 100 million tokens would be issued -- estimated to be worth around $6 billion. Bitcoin prices dropped about $200 to around $8,388, according to Coinbase, following the order.