aggregator

An anonymous reader quotes a report from The New York Times: China's Communist Party emerged from four days of meetings behind closed doors in Beijing declaring the country's leader, Xi Jinping, a "helmsman" who would lead "the ship of socialism sailing into the wind and waves with determination." At a time when other world leaders remain consumed by the coronavirus pandemic, China promised an economic revival, greater technological self-reliance and a stronger military to protect the country's economic and political interests. The meeting underscored Mr. Xi's seemingly boundless political control, as well as his ambitions to propel China out of the current crisis into a new phase of growth, less vulnerable to external risks. Here are the main outcomes from the meeting, which outlined policy priorities for the coming years. Economic revival: After the shock from the coronavirus crisis of the first months of this year, China's economy returned to4.9 percent growth in the July-to-September quarter, and exports have revived strongly. In its five-year plan, China aims to expand domestic markets and encourage innovation across the economy -- from cutting-edge technology to more efficient farming -- the party leaders said in an official summary of their meeting. That summary did not offer specific growth projections from 2021. Homegrown technology: The meeting of the party's Central Committee declared that China would make enhanced technological self-reliance a priority over the next 15 years. "Insist on the core status of innovation across all of our national modernization," the leaders said. "Make technological self-sufficiency a strategic pillar of national development." Military modernization and security: The Central Committee declared that China's military -- one of Mr. Xi's core priorities since taking office in 2012 -- had improved greatly, even as it promised to make still more "major steps" to enhance the country's security. The committee did not detail any new programs but called for "comprehensively strengthening military training and preparedness."

Read more of this story at Slashdot.

Two restaurants have initiated a potential class-action lawsuit against GrubHub for allegedly listing 150,000 restaurants to its site without the businesses' permission. From a report: The Farmer's Wife in Sebastopol, California and Antonia's Restaurant in Hillsborough, NC filed the suit with Gibbs Law Group, accusing Grubhub of adding their restaurants to its site despite not entering into a partnership, which causes "significant damage to their hard-earned reputations, loss of control over their customers' dining experiences, loss of control over their online presence, and reduced consumer demand for their services." Grubhub has explicitly made this false partnership part of their business strategy. Last October, CEO Matt Maloney said the company would be piloting a new initiative of adding more restaurants to its searchable database without entering into an official partnership with them, so customers would believe they had more delivery options with Grubhub, and wouldn't switch to competitors. It works like this: if you happened to order from a non-partnered restaurant, "the order doesn't go directly to the restaurant," says the lawsuit. "It goes instead to a Grubhub driver, who must first figure out how to contact the restaurant and place the order. Sometimes it's possible to place orders with the restaurant by phone, but other times the restaurant will only accept orders in person. The extra steps often lead to mistakes in customers' orders and often the restaurant won't receive the order at all." Grubhub also wouldn't warn restaurants before they were listed, which led to restaurants suddenly being inundated with Grubhub orders they never expected. Often, Grubhub would list outdated menus with the wrong prices, or include restaurants that don't even offer take-out, leading to canceled orders. The lawsuit includes screenshots from the pages Grubhub created for The Farmer's Wife and Antonia's, using their respective names and logos. The Farmer's Wife alleges the pages are "inaccurate and suggests that The Farmer's Wife is offering to make food that it does not actually make and has never made," which the lawsuit claims hurts the restaurant's reputation, and leads customers to become frustrated with service the restaurant never agreed to provide in the first place. And both restaurants say the language Grubhub uses suggests a partnership that doesn't exist, and in Antonia's case, was actively declined when Grubhub approached them. Further reading: Even If You're Trying To Avoid Grubhub By Calling Your Favorite Restaurant Directly, Grubhub Could Still Be Charging It A Fee; Meal-Delivery Company GrubHub is Buying Thousands of Restaurant Web Addresses, Preventing Mom and Pop From Owning Their Slice of Internet.

Read more of this story at Slashdot.

An anonymous reader shares a report from the BBC: Facebook is being sued for failing to protect users' personal data in the Cambridge Analytica breach. The scandal involved harvested Facebook data of 87 million people being used for advertising during elections. Mass legal action is being launched against Facebook for misuse of information from almost one million users in England and Wales. Facebook said it has not received any documents regarding this claim. The group taking action -- Facebook You Owe Us -- follows a similar mass action law suit against Google. Google You Owe Us, led by former Which? director Richard Lloyd, is also active for another alleged mass data breach. Both represented by law firm Millberg London, the Google case is being heard in the Supreme Court in April next year. The Facebook case will argue that by taking data without consent, the firm failed to meet their legal obligations under the Data Protection Act 1998. Representative claimant in the case Alvin Carpio said: "When we use Facebook, we expect that our personal data is being used responsibly, transparently, and legally. By failing to protect our personal information from abuse, we believe that Facebook broke the law. Paying less than 0.01% of your annual revenue in fines -- pocket change to Facebook -- is clearly a punishment that does not fit the crime. Apologizing for breaking the law is simply not enough. Facebook, you owe us honesty, responsibility and redress. We will fight to hold Facebook to account."

Read more of this story at Slashdot.

tsa shares a report from MacRumors: Starting early next year, iOS 14 will require apps to get opt-in permission from users to collect their random advertising identifier, which advertisers use to deliver personalized ads and track how effective their campaigns were. Ahead of this change, The Wall Street Journal reports that advertising companies and publishers have filed a complaint against Apple with France's competition authority, arguing that the enhanced privacy measures would be anticompetitive. According to the report, the complaint alleges that the wording of Apple's permission prompt will lead most users to decline tracking of their device's advertising identifier, which could result in lost revenue. In August, Facebook warned advertisers that the prompt could lead to a more than 50 percent drop in Audience Network publisher revenue. In a statement, Apple reiterated its belief that "privacy is a fundamental right," adding that "a user's data belongs to them and they should get to decide whether to share their data and with whom." Apple said that its own data collection doesn't count as tracking because it doesn't share the data with other companies.

Read more of this story at Slashdot.

The U.S. National Security Agency is rebuffing efforts by a leading Congressional critic to determine whether it is continuing to place so-called back doors into commercial technology products, in a controversial practice that critics say damages both U.S. industry and national security. Reuters reports: The NSA has long sought agreements with technology companies under which they would build special access for the spy agency into their products, according to disclosures by former NSA contractor Edward Snowden and reporting by Reuters and others. These so-called back doors enable the NSA and other agencies to scan large amounts of traffic without a warrant. Agency advocates say the practice has eased collection of vital intelligence in other countries, including interception of terrorist communications. The agency developed new rules for such practices after the Snowden leaks in order to reduce the chances of exposure and compromise, three former intelligence officials told Reuters. But aides to Senator Ron Wyden, a leading Democrat on the Senate Intelligence Committee, say the NSA has stonewalled on providing even the gist of the new guidelines. The agency declined to say how it had updated its policies on obtaining special access to commercial products. NSA officials said the agency has been rebuilding trust with the private sector through such measures as offering warnings about software flaws. "At NSA, it's common practice to constantly assess processes to identify and determine best practices," said Anne Neuberger, who heads NSA's year-old Cybersecurity Directorate. "We don't share specific processes and procedures." Three former senior intelligence agency figures told Reuters that the NSA now requires that before a back door is sought, the agency must weigh the potential fallout and arrange for some kind of warning if the back door gets discovered and manipulated by adversaries.

Read more of this story at Slashdot.

The White House science office listed "ending the COVID-19 pandemic" as the top accomplishment of President Trump's first term, even as the U.S. has set records for new daily infections and numerous hospitals across the country are stretched to their breaking points. From a report: According to a press release intended to highlight the administration's science accomplishments, the Trump administration said it "has taken decisive actions to engage scientists and health professionals in academia, industry, and government to understand, treat, and defeat the disease." The rosy outlook flies in the face of reality and underscores Trump's efforts to continuously downplay the severity of the pandemic that continues to rage nearly uncontrolled across the country. As of Tuesday, more than 226,000 people in the U.S. have died from COVID-19. The seven-day average of new cases is nearly 70,000, a record number that is only expected to get worse. Hospitalizations and deaths are also climbing steadily upward. According to the COVID Tracking Project, there are more than 42,000 people hospitalized with COVID-19, up from about 30,000 just a month ago.

Read more of this story at Slashdot.

President Trump's campaign website was briefly and partially hacked Tuesday afternoon as unknown adversaries took over the "About" page and replaced it with what appeared to be a scam to collect cryptocurrency. TechCrunch reports: There is no indication, despite the hackers' claims, that "full access to trump and relatives" was achieved or "most internal and secret conversations strictly classified information" were exposed. The hack seemingly took place shortly after 4 PM Pacific time. The culprits likely gained access to the donaldjtrump.com web server backend and replaced the "About" page with a long stretch of obfuscated javascript producing a parody of the FBI "this site has been seized" message. "the world has had enough of the fake-news spreaded daily by president donald j trump," the new site read. "it is time to allow the world to know truth." Claiming to have inside information on the "origin of the corona virus" and other information discrediting Trump, the hackers provided two Monero addresses. Monero is a cryptocurrency that's easy to send but quite difficult to track. For this reason it has become associated with unsavory operations such as this hack. One address was for people that wanted the "strictly classified information" released, the other for those who would prefer to keep it secret. After an unspecified deadline the totals of cryptocurrency would be compared and the higher total would determine what was done with the data. "The website was reverted to its original content within a few minutes of the hack taking place," the report adds. "There is no evidence to suggest that any sensitive data, such as donator information, was accessed, but until the site administrators investigate the event thoroughly it is a remote possibility."

Read more of this story at Slashdot.

couchslug shares a report from The Register: Facebook has ordered the end to an academic monitoring project that has repeatedly exposed failures by the internet giant to clearly label political advertising on its platform. The social media goliath informed New York University (NYU) that research by its Tandon School of Engineering's Online Transparency Project's Ad Observatory violates Facebook's terms of service on bulk data collection and demanded it end the program immediately. The project recruited 6,500 volunteers to install its AdObserver browser extension that collects data on the ads that Facebook shows them personally. It sends the information to the American university, allowing it to perform a real-time check that Facebook is living up its promise to clearly disclose not only who paid for political ads shown on the platform but also how much and when the adverts would be shown. The Facebook Ad Library is a public collection of all adverts running on Facebook, and any not suitably labeled are flagged up by the university project using data obtained via the AdObserver extension. Facebook didn't like this one bit, and responded with a warning letter on October 16, the Wall Street Journal first reported. The Silicon Valley titan wants the academic project shut down and all data deleted by November 30. It seems the researchers aren't backing down. On October 22, they published the latest research showing 12 political ads that had slipped under the radar as non-political on Facebook, some of which are still running.

Read more of this story at Slashdot.

In an effort to curb the second wave of COVID-19, the Russian government on Tuesday implemented a nationwide mask mandate, as coronavirus cases spike worldwide. CBS News reports: Under the new mandate, effective Wednesday, masks will be mandatory in crowded public spaces, such as public transportation, parking lots and elevators, according to the order published on the website for the federal health watchdog agency Rospotrebnadzor, also known as the Federal Service for Surveillance on Consumer Rights Protection and Human Wellbeing. The department has also advised local authorities to ban all entertainment activities, including bars and restaurants, between 11 p.m. and 6 a.m. It recommended strengthening safety protocols on public transport, taxis, shops, restaurants and theaters. People not wearing masks will be refused service in these establishments. However, Moscow authorities said that they are not planning to close nightclubs and bars overnight. Russia has had over 1,520,000 cases of COVID-19 and over 26,000 deaths since the pandemic began, according to Johns Hopkins University. It recorded a record-high number of new cases on Monday, with 17,148, and October has seen more confirmed cases in the country overall than any other month. [...] The country has the fourth-highest number of COVID-19 cases in the world, behind the United States, India and Brazil.

Read more of this story at Slashdot.

An RIAA takedown request, which removed the YouTube-DL repository from GitHub, has ticked off developers and GitHub's CEO. Numerous people responded by copying and republishing the contested code, including in some quite clever ways. Meanwhile, GitHub's CEO is "annoyed" as well, offering help to get the repo reinstated. TorrentFreak reports: Soon after the RIAA notice took YouTube-DL offline many developers spoke out in protest. They believe that the music industry group went too far and started to republish copies of the code everywhere. Over the past several days, we have seen hundreds of new forks and copies appear online. These were also posted to GitHub, where YouTube-DL forks remain easy to find and continue to be uploaded. The code was also posted in some places one wouldn't expect. For example, there's still a copy in GitHub's DMCA notice repository, which some people find quite amusing. And the list of pull requests can be quite entertaining in themselves. One of the most creative responses we've seen was posted to Twitter by @GalacticFurball who encoded YouTube-DL into images that can be easily shared, encouraging others to share these as well. "I would also suggest that you save and repost the images, as one single source kind of defeats the point. Maybe start a hashtag trend or something. Make songs, and poetry. Get that data out there." This triggered even more creativity, with people finding alternative means to share the code online, all to counter the RIAA's takedown request. Meanwhile, GitHub's CEO Nat Friedman wasn't sitting still either. While the Microsoft-owned developer platform had to respond to the takedown notice, Friedman himself actively reached out to YouTube-DL's developers to help them get their project reinstated. The CEO joined YouTube-DL's IRC channel hoping to connect with the owner of the repository so he can help to get it unsuspended. "GitHub exists to help developers. We never want to interfere with their work. We want to help the youtube-dl maintainers defeat the DMCA claim so that we can restore the repo," Friedman told TorrentFreak, explaining his actions. GitHub's CEO suggested that YouTube-DL won't be reinstated in its original form. But, the software may be able to return without the rolling cipher circumvention code and the examples of how to download copyrighted material.

Read more of this story at Slashdot.

The U.S. Federal Communications Commission voted 3-2 on Tuesday to maintain its 2017 repeal of Obama-era net neutrality rules, even after a federal court directed a review of some provisions of the repeal. From a report: The 2015 net neutrality rules barred internet service providers (ISPs) from blocking or slowing internet content or offering paid "fast lanes." Under President Donald Trump, the 2017 FCC order granted ISPs sweeping powers to recast how Americans use the internet, as long as they disclose changes. A federal appeals court in October 2019 largely upheld the FCC's repeal of the rules, but ordered the agency to reconsider the repeal's impact on public safety; regulations on attachments to utility poles; and the FCC's ability to provide subsidies for broadband service. The FCC majority opted to leave the order unchanged.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Motherboard: U.S. Customs and Border Protection is refusing to tell Congress what legal authority the agency is following to use commercially bought location data to track Americans without a warrant, according to the office of Senator Ron Wyden. The agency is buying location data from Americans all over the country, not just in border areas. The lack of disclosure around why CBP believes it does not need a warrant to use the data, as well as the Department of Homeland Security not publishing a Privacy Impact Assessment on the use of such location information, has spurred Wyden and Senators Elizabeth Warren, Sherrod Brown, Ed Markey, and Brian Schatz on Friday to ask the DHS Office of the Inspector General (DHS OIG) to investigate CBP's warrantless domestic surveillance of phones, and determine if CBP is breaking the law or engaging in abusive practices. The news highlights the increased use of app location data by U.S. government agencies. Various services take location data which is harvested from ordinary apps installed on peoples' phones around the world, repackages that, and sells access to law enforcement agencies so they can try to track groups of people or individuals. In this case, CBP has bought the location data from a firm called Venntel. "CBP officials confirmed to Senate staff that the agency is using Venntel's location database to search for information collected from phones in the United States without any kind of court order," the letter signed by Wyden and Warren, and addressed to the DHS OIG, reads. "CBP outrageously asserted that its legal analysis is privileged and therefore does not have to be shared with Congress. We disagree." As well as not obtaining court orders to query the data, CBP said it's not restricting its personnel to only using it near the border, the Wyden aide added. CBP is unable to tell what nationality a particular person is based only on the information provided by Venntel; but what the agency does know is that the Venntel data the agency is using includes the movements of people inside the United States, the Wyden aide said.

Read more of this story at Slashdot.

An anonymous reader shares a report: Verkada, a fast-growing Silicon Valley surveillance startup, equips its offices in downtown San Mateo, California, with its own state-of-the-art security cameras. Last year, a sales director on the company's sales team abused their access to these cameras to take and post photos of colleagues in a Slack channel called #RawVerkadawgz where they made sexually explicit jokes about women who worked at the company, according to a report in IPVM, which Motherboard independently verified and obtained more information about. "Face match... find me a squirt," the sales director wrote in the company Slack channel in August 2019, according to one screenshot obtained by Motherboard. The comment was posted along with a series of photos of employees' faces captured with the office's surveillance system which were patched together using a Verkada facial recognition feature. "Face search," as it's called, can pinpoint an individual in a sea of faces. The pinpointed face, in this instance, belonged to a Verkada employee, her mouth wide open. In addition to verifying the incident with three sources who worked at Verkada at the time, Motherboard compared the format of the images posted to those included in Verkada's publicly available demo videos to verify that they were indeed captured by the company's surveillance cameras.

Read more of this story at Slashdot.

Zoom shut down a series of events meant to discuss what organizers called "censorship" by the company. From a report: The events were planned for Oct. 23 and were organized in response to a previous cancellation by Zoom of a San Francisco State University talk by Leila Khaled, a member of the Popular Front for the Liberation of Palestine, a designated terror organization in the US. Khaled is best known for highjacking two planes, one in 1969 and one in 1970. Zoom told the Verge at the time that the Sept. 23 talk was in violation of the company's terms of service. The Verge also reported that the action was in response to pressure by Jewish and Israel lobby groups, such as the Lawfare Project. Following the Sept. 23 cancellation, a group of academics organized a series of events across the country, as well as in Canada and the UK, which were meant to highlight the issue. "Campuses across North America are joining in the campaign to resist corporate and university silencing of Palestinian narratives and Palestinian voices," said the day of action's event description, which was meant to be held on Oct. 23. The follow-up events did not include Khaled presenting. The event held in part by New York University, which was canceled the day of, included a compilation of her previous statements, according to a blog post on the incident.

Read more of this story at Slashdot.

"Police often frame facial recognition as a necessary tool to solve the most heinous crimes, like terrorist attacks and violent assaults, but researchers have found that the technology is more frequently used for low-level offenses," reports CNET: In a recent court filing, the New York police department noted that it's turned to facial recognition in more than 22,000 cases in the last three years. "Even though the NYPD claims facial recognition is only used for serious crimes, the numbers tell a different story," said Albert Fox Cahn, the executive director of the Surveillance Technology Oversight Project. "As facial recognition continues to grow, it's being routinely deployed for everything from shoplifting to graffiti." Asked for comment, an NYPD spokeswoman pointed to a 2019 opinion article by police commissioner James O'Neill titled "How Facial Recognition Makes You Safer." In the piece, O'Neill talked about how facial recognition had been used to make arrests in murder, robbery and rape cases, but he didn't disclose how often it was used for low-level crimes. The department's facial recognition policy, established in March, allows the technology to be used for any crime, no matter the severity. Without any limits, police have more frequently used the technology for petty thefts than the dangerous crimes, privacy advocates say. Before Amazon put a moratorium on police use of its Rekognition face-identifying software, the program was used in a $12 shoplifting case in Oregon in 2018... Without any limits, police can use facial recognition however they please, and in many cases, arrested suspects don't even know that the flawed technology was used... Attorneys representing protesters in Miami didn't know that police used facial recognition in their arrests, according to an NBC Miami report. Police used facial recognition software in a $50 drug dealing case in Florida in 2016 but made no mention of it in the arrest report. The article also notes that as recently as this Tuesday, Hoan Ton-That, the CEO of facial recognition startup Clearview AI "said it isn't the company's responsibility to make sure its technology is being properly used by its thousands of police partners. "Though the company has its own guidelines, Ton-That said Clearview AI wouldn't be enforcing them, saying that 'it's not our job to set the policy as a tech company...'"

Read more of this story at Slashdot.

After the U.S. unveiled charges against six members of the Sandworm unit in Russia's military intelligence agency, Wired re-visited "a secret experiment in 2007 proved that hackers could devastate power grid equipment beyond repair — with a file no bigger than a gif." It's an excerpt from the new book SANDWORM: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers which also remembers the late industrial control systems security pioneer Mike Assante: Among [Sandworm's] acts of cyberwar was an unprecedented attack on Ukraine's power grid in 2016, one that appeared designed to not merely cause a blackout, but to inflict physical damage on electric equipment. And when one cybersecurity researcher named Mike Assante dug into the details of that attack, he recognized a grid-hacking idea invented not by Russian hackers, but by the United State government, and tested a decade earlier... [S]creens showed live footage from several angles of a massive diesel generator. The machine was the size of a school bus, a mint green, gargantuan mass of steel weighing 27 tons, about as much as an M3 Bradley tank. It sat a mile away from its audience in an electrical substation, producing enough electricity to power a hospital or a navy ship and emitting a steady roar. Waves of heat coming off its surface rippled the horizon in the video feed's image. Assante and his fellow Idaho National Laboratory researchers had bought the generator for $300,000 from an oil field in Alaska. They'd shipped it thousands of miles to the Idaho test site, an 890-square-mile piece of land where the national lab maintained a sizable power grid for testing purposes, complete with 61 miles of transmission lines and seven electrical substations. Now, if Assante had done his job properly, they were going to destroy it. And the assembled researchers planned to kill that very expensive and resilient piece of machinery not with any physical tool or weapon but with about 140 kilobytes of data, a file smaller than the average cat GIF shared today on Twitter.... Protective relays are designed to function as a safety mechanism to guard against dangerous physical conditions in electric systems. If lines overheat or a generator goes out of sync, it's those protective relays that detect the anomaly and open a circuit breaker, disconnecting the trouble spot, saving precious hardware, even preventing fires... But what if that protective relay could be paralyzed — or worse, corrupted so that it became the vehicle for an attacker's payload...? Black chunks began to fly out of an access panel on the generator, which the researchers had left open to watch its internals. Inside, the black rubber grommet that linked the two halves of the generator's shaft was tearing itself apart. A few seconds later, the machine shook again as the protective relay code repeated its sabotage cycle, disconnecting the machine and reconnecting it out of sync. This time a cloud of gray smoke began to spill out of the generator, perhaps the result of the rubber debris burning inside it... The engineers had just proven without a doubt that hackers who attacked an electric utility could go beyond a temporary disruption of the victim's operations: They could damage its most critical equipment beyond repair... Assante also remembers feeling something weightier in the moments after the Aurora experiment. It was a sense that, like Robert Oppenheimer watching the first atomic bomb test at another U.S. national lab six decades earlier, he was witnessing the birth of something historic and immensely powerful. "I had a very real pit in my stomach," Assante says. "It was like a glimpse of the future."

Read more of this story at Slashdot.

The New York Times' looks at "a deal that controls the internet" — Apple's agreement to feature Google as the preselected search engine for iPhones, saying America's Justice Department views it "as a prime example of what prosecutors say are Google's illegal tactics to protect its monopoly and choke off competition..." The scrutiny of the pact, which was first inked 15 years ago and has rarely been discussed by either company, has highlighted the special relationship between Silicon Valley's two most valuable companies — an unlikely union of rivals that regulators say is unfairly preventing smaller companies from flourishing. "We have this sort of strange term in Silicon Valley: co-opetition," said Bruce Sewell, Apple's general counsel from 2009 to 2017. "You have brutal competition, but at the same time, you have necessary cooperation." Apple and Google are joined at the hip even though Mr. Cook has said internet advertising, Google's bread and butter, engages in "surveillance" of consumers and even though Steve Jobs, Apple's co-founder, once promised "thermonuclear war" on his Silicon Valley neighbor when he learned it was working on a rival to the iPhone. Apple and Google's parent company, Alphabet, worth more than $3 trillion combined, do compete on plenty of fronts, like smartphones, digital maps and laptops. But they also know how to make nice when it suits their interests. And few deals have been nicer to both sides of the table than the iPhone search deal. Nearly half of Google's search traffic now comes from Apple devices, according to the Justice Department, and the prospect of losing the Apple deal has been described as a "code red" scenario inside the company. When iPhone users search on Google, they see the search ads that drive Google's business. They can also find their way to other Google products, like YouTube. A former Google executive, who asked not to be identified because he was not permitted to talk about the deal, said the prospect of losing Apple's traffic was "terrifying" to the company. The Justice Department, which is asking for a court injunction preventing Google from entering into deals like the one it made with Apple, argues that the arrangement has unfairly helped make Google, which handles 92 percent of the world's internet searches, the center of consumers' online lives... [C]ompetitors like DuckDuckGo, a small search engine that sells itself as a privacy-focused alternative to Google, could never match Google's tab with Apple. Apple now receives an estimated $8 billion to $12 billion in annual payments — up from $1 billion a year in 2014 — in exchange for building Google's search engine into its products. It is probably the single biggest payment that Google makes to anyone and accounts for 14 to 21 percent of Apple's annual profits. That's not money Apple would be eager to walk away from. In fact, Mr. Cook and Mr. Pichai met again in 2018 to discuss how they could increase revenue from search. After the meeting, a senior Apple employee wrote to a Google counterpart that "our vision is that we work as if we are one company," according to the Justice Department's complaint. The article remembers Steve Jobs unveiling the iPhone in 2007 — and then inviting Google CEO Eric Schmidt onto the stage. Schmidt, who was also on Apple's board of directors, joked "If we just sort of merged the two companies, we could just call them AppleGoo." He'd also added that with Google search on the iPhone, "you can actually merge without merging."

Read more of this story at Slashdot.

"A movement known as 'right to repair' is starting to make progress in pushing for laws that prohibit restrictions..." reports the New York Times: This August, Democrats introduced a bill in Congress to block manufacturers' limits on medical devices, spurred by the pandemic. In Europe, the European Commission announced plans in March for new right-to-repair rules that would cover phones, tablets, and laptops by 2021. In less than two weeks, Massachusetts voters will consider a measure that would make it easier for local garages to work on cars. And in more than 20 statehouses nationwide, right-to-repair legislation has been introduced in recent years by both Republicans and Democrats. Over the summer, the House advanced a funding bill that includes a requirement that the FTC complete a report on anticompetitive practices in the repair market and present its findings to Congress and the public. And in a letter to the Federal Trade Commission, Marine Captain Elle Ekman and former Marine Lucas Kunce last year detailed how mechanics in the American armed forces have run into similar obstacles... Manufacturers argue that their products are repairable, and that they are protecting consumers' safety, privacy and security by restricting who does the repairs. Apple, for instance, limits consumers from repairing their devices by requiring specific tools or authorized parts. "When a repair is needed, a customer should have confidence the repair is done right," Jeff Williams, Apple's chief operating officer, said in a release last year. "We believe the safest and most reliable repair is one handled by a trained technician using genuine parts that have been properly engineered and rigorously tested."

Read more of this story at Slashdot.

"We're in a new world where governments are more concerned about the security of their digital infrastructure and the resiliency of their supply chains," Jimmy Goodrich, vice president of global policy with the Washington-based Semiconductor Industry Association, tells Bloomberg. "The techno-nationalist trends gaining traction in multiple capitals around the world are a challenge to the semiconductor industry." At once highly globalized and yet concentrated in the hands of a few countries, the industry has choke points that the U.S. under the presidency of Donald Trump has sought to exploit in order to thwart China's plans to become a world leader in chip production. Washington says Beijing can only achieve that goal through state subvention [funding] at the expense of U.S. industry, while furthering Communist Party access to high-tech tools for surveillance and repression. China rejects the allegations, accusing the U.S. of hypocrisy and acting out of political motivation. For both sides, Taiwan, which is responsible for some 70% of chips manufactured to order, is the new front line... Citing the need to promote "digital sovereignty," the European Commission is exploring a 30 billion-euro ($35 billion) drive to raise Europe's share of the world chip market to 20%, from less than 10% now. Japan is also looking to bolster its domestic capacity. At least one Japanese delegation traveled to Taiwan in May and June this year in the hope of convincing TSMC to invest in Japan, a person with knowledge of the visit said. But TSMC announced in May that it was building a $12 billion facility in Arizona, and the company declined to receive any foreign visitors seeking to woo it, said another person familiar with the company's thinking.... A focus of Beijing is to accelerate research into so-called third-generation semiconductors — circuits made of materials such as silicon carbide and gallium nitride, a fledgling technology where no country dominates. Yet without silicon capabilities it will be difficult for China to build a proper semiconductor industry, said a senior TSMC official. Another person from a company involved in third-generation chip production said designing them is an art, and even poaching a team of designers won't necessarily guarantee success. The consensus is it won't be easy for China to catch up, especially at the cutting-edge where TSMC and Samsung are producing chips whose circuits are measured in single-digit nanometers, or billionths of a meter. SMIC [a partially state-owned Chinese semiconductor foundry] would have to double annual research spending in the next two-to-three years just to prevent its technology gap with those companies widening, says Bloomberg Intelligence analyst Charles Shum. The tussle raises the prospect of a broader decoupling of the global industry with two distinct supply chains.

Read more of this story at Slashdot.

The New York Times reports: Cybersecurity officials watched with growing alarm in September as Russian state hackers started prowling around dozens of American state and local government computer systems just two months before the election. The act itself did not worry them so much — officials anticipated that the Russians who interfered in the 2016 election would be back — but the actor did. The group, known to researchers as "Dragonfly" or "Energetic Bear" for its hackings of the energy sector, was not involved in 2016 election hacking. But it has in the past five years breached the power grid, water treatment facilities and even nuclear power plants, including one in Kansas... September's intrusions marked the first time that researchers caught the group, a unit of Russia's Federal Security Service, or F.S.B., targeting states and counties. The timing of the attacks so close to the election and the potential for disruption set off concern inside private security firms, law enforcement and intelligence agencies... American officials described the hackings in an advisory on Thursday as "opportunistic," rather than a clear attack on election infrastructure, but conceded the group had targeted dozens of state and local systems and stolen data from at least two targets' servers. "They're broadly looking to scan for vulnerabilities and they're working opportunistically," said Christopher C. Krebs, the director of the Cybersecurity and Infrastructure Security Agency, which issued the warning along with the F.B.I. That hardly reassured researchers who have tracked Energetic Bear for years. "This appears to be preparatory, to ensure access when they decide they need it," said Adam Meyers, the head of threat intelligence at CrowdStrike, a security firm that has monitored the group... A disturbing screenshot in a 2018 Department of Homeland Security advisory showed the groups' hackers with their fingers on the switches of the computers that controlled the industrial systems at a power plant. The group has thus far stopped short of sabotage, but appears to be preparing for some future attack. The hackings so unnerved officials that starting in 2018, the United States Cyber Command, the arm of the Pentagon that conducts offensive cyberattacks, hit back with retaliatory strikes on the Russian grid.

Read more of this story at Slashdot.