Jump to content

Search the Community

Showing results for tags 'usa'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station


  • Drivers
  • Filesharing
    • BitTorrent
    • eDonkey & Direct Connect (DC)
    • NewsReaders (Usenet)
    • Other P2P Clients & Tools
  • Internet
    • Download Managers & FTP Clients
    • Messengers
    • Web Browsers
    • Other Internet Tools
  • Multimedia
    • Codecs & Converters
    • Image Viewers & Editors
    • Media Players
    • Other Multimedia Software
  • Security
    • Anti-Malware
    • Firewalls
    • Other Security Tools
  • System
    • Benchmarking & System Info
    • Customization
    • Defrag Tools
    • Disc & Registry Cleaners
    • Management Suites
    • Other System Tools
  • Other Apps
    • Burning & Imaging
    • Document Viewers & Editors
    • File Managers & Archivers
    • Miscellaneous Applications
  • Linux Distributions


  • General News
  • File Sharing News
  • Mobile News
  • Software News
  • Security & Privacy News
  • Technology News

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...

  1. Trump moves could stop Huawei from buying US tech or from selling to US firms. Enlarge / Customers purchase mobile phones at the Huawei Experience Center on May 16, 2019 in Hangzhou, Zhejiang Province of China. Getty Images | VCG/Long Wei The Trump administration yesterday took two actions that could effectively prevent Huawei from buying US technology and prevent it from selling products to US companies. An executive order issued by President Trump and a separate action taken by the US Commerce Department could "cut the Chinese telecommunications giant off from American suppliers and ban it from doing business in the US," The Wall Street Journal wrote. The order doesn't mention Huawei or China by name, but it was widely seen as targeting Huawei and other Chinese companies such as ZTE. Huawei is the second-biggest smartphone vendor in the world, according to IDC, and it sells a large amount of network equipment to telecom providers and other companies. Trump's executive order "declar[ed] a national emergency and barr[ed] US companies from using telecommunications equipment made by firms posing a national security risk," Reuters wrote. The executive order applies to future transactions only. Shortly after Trump's executive order, "the Commerce Department said it had added Huawei and 70 affiliates to its so-called Entity List—a move that bans the telecom giant from buying parts and components from US companies without US government approval," Reuters also wrote. This will make it difficult for Huawei to sell some products because of its reliance on US-made parts, and could potentially put its use of the Google Play store and Google apps on Android devices in jeopardy. ZTE had to shut down temporarily last year after a similar ban prevented it from using Qualcomm chips and Google software. (Huawei makes its own smartphone chips.) However, the Commerce Department hasn't yet announced all the exact details of the new restrictions, so it's hard to make specific predictions of what products will be affected. The US agency said it "will issue regulations within 150 days to establish procedures for reviewing such transactions." US-China trade war expands The moves expand a trade war between the US and China. Trump's executive order said the actions are necessary to prevent "economic and industrial espionage against the United States and its people," as US enemies could "create and exploit vulnerabilities in information and communications technology or services, with potentially catastrophic effects." The US government hasn't been able to find hard evidence that Huawei spies on behalf of China, however. "Huawei has denied those charges, and its chief executive [Ren Zhengfei] has said he would shut down the company rather than obey Chinese government orders to intercept or divert Internet traffic," the New York Times wrote. "American officials say he would have no choice: Chinese law requires that the country's firms obey instructions from the nation's Ministry of State Security." Both Huawei and the Chinese government condemned the Trump administration moves. "Restricting Huawei from doing business in the US will not make the US more secure or stronger; instead, this will only serve to limit the US to inferior yet more expensive alternatives, leaving the US lagging behind in 5G deployment, and eventually harming the interests of US companies and consumers," Huawei told CNBC. "In addition, unreasonable restrictions will infringe upon Huawei's rights and raise other serious legal issues." A Chinese foreign ministry spokesperson called the US moves "abuse of export control measures," according to the Associated Press. Source: Trump tries to shut Huawei out of US market with executive order (Ars Technica)
  2. Americans aren’t interested in the Moon and Mars—and that’s understandable After 15 years and $50 billion, we haven't really gotten that far. Enlarge / Mars or the Moon? It’s a debate that has bedeviled NASA for decades. Aurich Lawson / Getty Images Nearly two years ago, Vice President Mike Pence made the administration's space policy official, saying NASA would re-focus its program around "establishing a renewed American presence on the Moon, a vital strategic goal." In December 2017, President Trump signed a space-policy document codifying this human-exploration plan. Under this space-policy directive, a sustainable presence on the Moon would then become a stepping stone to destinations further out in space, such as Mars. The president recently made clear his preference for getting to Mars quickly, tweeting a few weeks ago: "For all of the money we are spending, NASA should NOT be talking about going to the Moon—we did that 50 years ago. They should be focused on the much bigger things we are doing, including Mars." A new poll suggests this talk about sending humans back to the Moon or on to Mars is out of step with the views of most Americans. The survey of 1,137 US. adults by The Associated Press-NORC Center for Public Affairs Research suggests only about one-in-four Americans believe sending humans to the Moon or Mars is "very" or "extremely" important. AP-NORC poll results for is the following "extremely" or "very" important. AN-NORC By contrast, 59 percent of respondents found scientific research on Earth, the Solar System, and the universe to be very or extremely important for NASA. An even greater number, 68 percent, attached such importance to monitoring asteroids, comets, or other objects from space that could strike the planet. These findings are consistent with a Pew Research Center survey from about a year ago, which found large majorities of the public much more interested in protecting the Earth's climate and protecting the planet from asteroids than the human exploration of the Moon and Mars. Lots of money, few results So what is going on here? It has long—and correctly, we believe—been said the American support for space exploration is a mile wide and an inch deep. So Americans like the idea of a space program, and they appreciate robotic probes landing on Mars. But they don't want to dig too deeply into their pockets to pay for it. (The public isn't very well-informed about this, however, as most Americans seem to think NASA claims about one-quarter of the US budget. It is, in fact, less than one-half of one percent). On some fundamental level, perhaps, Americans also realize that they haven't exactly been getting high returns on their investments in human exploration—especially when it comes to deep space. During the last 15 years, for example, NASA has been engaged in building the "capabilities" for a deep-space exploration program (principally the Orion spacecraft and two large rockets, the Ares V and then the Space Launch System). This has cost nearly $50 billion. And for what? None of these vehicles is yet ready for human spaceflight, and realistically, humans are unlikely to use them to fly into deep space before the early or mid-2020s. The implications of these findings for the next president are intriguing. The Trump administration will likely continue the same, slow slog it appears to be on (promises of a 2024 lunar landing notwithstanding) that involves continuing to spend in excess of $3 billion annually on Orion and the SLS rocket. But a Democratic president might see the largesse in the NASA budget for deep-space exploration vehicles, observe the public's preference for protecting Earth, and rearrange the budget accordingly. Source: Americans aren’t interested in the Moon and Mars—and that’s understandable (Ars Technica)
  3. Ericsson announced on Wednesday its plans to build a 5G factory in the US sometime early next year. The factory will be the Swedish telco equipment maker's first fully-automated factory, the company said, and will be used to produce 5G radios designed for urban areas. It will also make Advanced Antenna System radios that it said are components for large-scale deployments of 4G and 5G networks for both rural and urban coverage. "With today's announcement, we conclude months of preparations and can move into execution also in the US," Ericsson executive vice president and head of networks Fredrik Jejdling said. "In addition, we are digitalising our entire global production landscape, including establishing this factory in the US. With 5G connectivity we're accelerating Industry 4.0, enabling automated factories for the future." Ericsson did not provide details about where the factory will be located, but the company has plans to initially employ around 100 people at the factory, which will have "highly automated operations". The race to launch 5G networks among telcos is already well underway, with telcos like Verizon having already rolled out a live 5G network. Ericsson's announcement to build a 5G factory in the US also follows US President Donald Trump in recent months banning companies from using telco equipment made by its competitor Huawei. Federal Communications Commission Chairman Ajit Pai applauded Ericsson's announcement. "Building 5G equipment in the United States is good for our economy, good for the supply chain, and good for the rapid rollout of the next generation of wireless connectivity in the United States," he said. Ericsson is currently signed on by T-Mobile, Verizon, Sprint, AT&T, US Cellular, and GCI to help build out their respective 5G mobile networks. According to the Ericsson's latest mobility report, North America is expected to lead in the adoption of 5G, with the company predicting that 63% of North American mobile subscriptions will be 5G-based in 2024. Source
  4. The company uses a severe efficiency metric called ‘the rate’ to surveil employees’ productivity, so workers in Minneapolis walked on Prime Day Ahead of the strike, an effort had been made to decorate the fulfillment center in Shakopee for Prime Day. There were silvered balloons spelling out MSP1, the name of the warehouse, visible through the glass visitor’s window in the lobby, and walls of smiling Amazon boxes festooned with Prime Day banners. Also in the window: a large, smiling man in a blazer, some sort of security person, but it was hard to say because his ID tag was tucked out of sight in his armpit. Above the turnstiles was written: Work Hard. Have fun. Make History. That sign was permanent. The week before, the Shakopee workers had announced their intention to strike on the first day of Prime Day, which this year lasts two days. It would be the first work stoppage at a US facility during a peak shopping time, the most ambitious in an escalating series of actions at the Shakopee fulfillment center. Shortly before 2PM, when the day-shift workers planned to walk out, Hibaq Mohamed and several other workers came into the lobby. Twenty-six years old, Mohamed is originally from Somalia but emigrated to Kenya, then won a visa lottery to come to the US three years ago. Her first job in the country was at Amazon. At first she liked it, but the pace of work had increased to grueling levels, and more and more workers were getting fired for not keeping up. “I’m new in the country, and I know we have rights,” she told me over the phone earlier. “That’s what America does: it makes things better, and if I see something isn’t right, and not fair, I just decided to become a strong person, and that I have the right to speak up.” As workers began filing through the turnstiles, Mohamed gave them high-fives, shouting their names and words of encouragement. It was hard to see past the walls of Amazon boxes onto the factory floor, but you could hear the oceanic roar of thousands of goods moving. An Amazon spokesperson, Ashley Robinson, met me just past the turnstiles. “It’s Prime Day. It’s high visibility, so we know that our critics — unions and politicians — are going to use it to raise their visibility, and we know from a business perspective, it works to the union’s favor because it will also increase their union dues,” she said. “There’s a business case to be made there.” (Amazon has opposed efforts by its workers to form a union, and the striking workers are not represented by one, though some representatives of the Teamsters and other unions had shown up in support.) “It’s very hot,” Robinson said. “It will be interesting to see how many people hang out out there.” She handed me a printout of Amazon’s position, which also accused the protesters of using Prime Day to increase membership dues. The protestors were “conjuring misinformation,” the statement said, and claimed that anyone attending the event was uninformed. “We already offer the things they purport to be their cause — industry-leading pay starting at $15 per hour, benefits, and a safe workplace for our employees,” the statement read. Back in the lobby, many of the workers had left and been replaced by police and Amazon employees with fluorescent vests that read “Loss Prevention.” Later I would learn that Mohamed and the others had been told to leave the property and gather on the public sidewalk on the other side of the parking lot. Two Loss Prevention people said I needed to do the same. When I tried to wait for the photographer I was working with, who was still somewhere inside, they insisted with increasing firmness that I needed to leave, and they would escort him out, too. The rushed show-and-tell period was over. “As a member of the media I’m going to ask you to come this way with me,” one said. Later, an employee sent me a photo of 15 police officers and managers lined up in front of the entrance to the facility. Several workers described the mood as “hostile.” As I was leaving, a former Amazon employee wearing two wrist protectors started asking the gathering crew why workers inside were being told the strike would be deducted from their unpaid time off. Workers say they are given 20 hours of unpaid time off per quarter, the equivalent of about two shifts, after which they lose their jobs. In an email, Amazon said full-time workers received 80 hours of unpaid time off per confirmed that it was their policy to deduct the walkout from unpaid time off, but did not respond to a question about whether workers lose their jobs for exceeding the limit. Awood, the East African workers’ advocacy group that has been helping organize the strike, filed a complaint with the National Labor Relations Board earlier this month over the policy. Reached via email, Ken Jacobs, the chair of the Labor Center at UC Berkeley, said the policy sounded like retaliation for protected concerted activity. “Everybody who’s organized in this strike, their [unpaid time off] is protected, under federal law. It should be protected,” said Kim Hatfield, before she too was escorted off the property. “These people are scared to do anything because you can get fired right here, if you go zero.” Hatfield never worked in the Shakopee warehouse. She was actually from Texas, and had flown into Minneapolis that morning to attend the strike. She said she’d lost her job after getting a repetitive stress injury opening “thousands of boxes a night” at a fulfillment center in Haslet, and had been unable to get workers compensation. Workers at her center were afraid to visit Amazon’s in-house clinic because it was seen as “the first step out the door.” The official name for her fulfillment center was DFW7, she said, but everyone called it “the meat grinder.” It’s true that Amazon pays its full-time fulfillment center employees at least $15 an hour, a change the company instituted in October after criticism from high-profile figures like Bernie Sanders, among others. The company also offers employees benefits, a 401K, and other amenities that make it, on paper, not a bad place to work. But pay and benefits are not the primary reason the Shakopee workers are striking. The problem, worker after worker said, is “the rate.” Every task in Amazon’s fulfillment centers has a rate. Workers say the two most demanding jobs are “stow” and “pick.” When goods come into the fulfillment center, they’re unboxed and sent to stowers, who scan and place the goods onto the shelves carried by the orange Roomba-like robots that roll along the floor. That item is now in stock. When an item is ordered, a robot rolls a shelf up to a “picker,” who grabs it, scans it, and puts it on a conveyor belt to be packaged and sent out. Depending on their station, workers are shown a range of graphics displaying whether they’re meeting their rate or falling behind. Some are shown the amount of time they’ve been working and the number of items they’ve scanned, along with a moving average, which drops if you take time to go to the bathroom or have a problem with your workstation. Others are shown a graph that rises and falls, and that turns green, yellow, or red depending on how fast they’re working. “You have to beat the machine,” said Faizal Dualeh, a Somali immigrant who worked at the facility as a temporary employee for three months. “It’s like a nightmare, all these machines telling you your rate is down.” If a worker falls behind, they receive a warning. Multiple workers in Shakopee said it was common for workers to be fired on their fourth warning, and that the process felt automatic, with managers deferring to the software. ”Oh, we didn’t fire you, the machine fired you because you are lower than the rate,” Dualeh said, recounting the process. Robinson, the Amazon spokesperson, said there was “no three strikes you’re out” rule, and that “it is a matter of conversations” managers have with workers. Employees said the conversations are often cursory at best, often amounting to exhortations to work faster. Documents previously obtained by The Verge found that Amazon fired roughly 300 employees over the course of a year at a Baltimore fulfillment center for failing to meet productivity quotas, representing more than 10 percent of the workforce. When Mohamed started working at the Shakopee fulfillment center three years ago, her rate in stow was 120 items per hour. Now it’s around 280. Workers say they were once permitted one error per 1,000 items. Now they are allowed one error per 2,200. When they make an error, workers say they must work twice as fast to get their ratio back in good standing. Robinson said the rate is “supposed to set a cadence of expectation” and that the goal is to have someone processing an order every 10 to 20 seconds. The pace, workers said, is unsustainable. They must constantly be moving, climbing on step ladders to retrieve or stow goods or stopping to grab them from low shelves, boxing and unboxing packages without pausing to rest. “If you’re doing that much more work, that wears you down and tires you out and you’re far more likely to make mistakes,” said Tyler Hamilton, 22, who has worked at the facility for a year and a half. “You’re going to have poor quality. You’re more likely to get injured. People can move faster, but you’re more likely to throw out your back or something.” “The Amazon experience is horrible,” said Mohamed. “We are like a machine, like robots. The rate keeps increasing and increasing and increasing.” Mohamed struggles to sleep, worrying about what the rate tomorrow might be. She said she was injured during a “power hour,” a period when managers entice employees to work faster by gifting the most productive ones with Amazon gift cards and other rewards. Some exercise equipment fell on her legs, and she had difficulty bending her knees the next day. She told her manager that she wouldn’t be able to make rate because of her injury, and her manager said that would be acceptable. But the next week, she received a warning just the same. (After several weeks of effort, she was able to have the warning removed.) The pressures of the rate are so intense, Mohamed and other workers said, that employees suffer from dehydration because they are afraid that if they drink too much water, then they’ll have to use the bathroom and their rate will drop. Spencer Cox, an economic geography PhD candidate and activist, took a job at the Shakopee sortation center in 2016, and was shocked by the intensity of the work. “Amazon essentially has developed factory-line technology for retail,” he said. The early 20th century saw manufacturing work reorganized around the assembly line, which set the pace for workers, each of whom endlessly repeated a single task in the production process. Amazon, Cox said, has managed to create something similar through its investments in automation and worker-monitoring technology. Instead of the speed of the factory line setting the pace of work, there’s the rate. “Imagine taking all of the workers that were spread across the mall, and the downtown shopping center, and Main Street, closing all of that down, and concentrating them in a single building, and putting them on a factory line where every single second of the day is watched,” Cox said. In economic terms, the result is a significant boost in worker productivity. In 2016, the Institute for Local Self-Reliance found that Amazon required about half the employees a traditional retailer needs per $10 million in sales. Stacy Mitchell, the institute’s director, said it appears that Amazon has employed even fewer workers relative to sales in the years since the study was conducted. This fits with a company-wide push toward increasing automation and efficiency after several years of rapid expansion and hiring. In the company’s earnings call last April, Brian Olsavsky, Amazon’s chief financial officer, touted the “really, really impressive gains and efficiencies in both the warehouses and also the data centers,” and announced that the company would now be pursuing ways to bring free two-day delivery down to one day. But the advent of assembly-line manufacturing also saw intense fights between workers and management over the pace of work. “So it should be no surprise that, as the factory line moves into retail work, that one of the primary demands would be the de-intensification of that work,” Cox said. While automation can alleviate some of the strain of physical labor, it’s often accompanied by an expectation that workers be more productive, said Beth Gutelius, the associate director of the Center for Urban Economic Development at the University of Illinois at Chicago, who studies how technology is implemented in warehouses. There’s an expectation that employees work at the pace of the robots, and the ability to precisely quantify their labor creates pressure to fill any gaps. “It’s a question of how much can the human body take,” said Gutelius. “And I think that with warehouse workers, and Amazon workers in particular because productivity rates are high, this is where some of the real struggle is.” “You’re a robot, because you’re working with a robot,” said Dualeh. “But we’re humans, not robots.” By midafternoon, around a hundred workers and their supporters had gathered on the sidewalk. Some clustered under tents, seeking shade in the 90-degree heat, while others picketed on the street, chanting “Amazon, hear our voice,” and cheering whenever a semi truck honked in support and turned away. The protests in Shakopee began in the East African Muslim community, which makes up a sizable chunk of the fulfillment center staff. When Amazon opened its fulfillment center in 2016, it recruited heavily from the Minneapolis neighborhood of Cedar-Riverside, sometimes called Little Mogadishu. Amazon put up billboards in the neighborhood, and initially ran a direct bus service to its warehouse. That bus became the first opportunity to organize. Amazon cut funding for it in late 2017, and frustrated workers circulated a petition to bring it back. Amazon didn’t bring back the bus, but the workers started pushing for other changes. By then they were aided by the Awood Center, a local nonprofit created in 2017 to advocate for East African workers. It’s backed by the Service Employees International Union and the Council on American-Islamic Relations. The group started hearing complaints from Amazon workers almost immediately after it was founded, and has helped workers craft their demands and organize protests and news conferences. In 2018, Prime Day coincided with Ramadan, and workers were concerned that Amazon’s heavy and fast-paced workload would make it impossible to fast or pray. In May, workers at the Shakopee center handed out flyers urging their co-workers to wear blue, the color of the Somali flag, in solidarity. The day before the scheduled protest, a manager said on-site prayer rooms would be set up and the workers would have their quotas temporarily lowered. “That was amazing, but it didn’t continue,” said Mohamed. The pressures of making rate were still too great. They could pray, but their rate would continue to drop as they did so, and they would have to work double afterward. The workers protested in June, and again in December. Amazon representatives began meeting with Awood and Minnesota workers, and said it would make some small changes: requiring a general manager and a Somali-speaking manager to agree on firings related to rates, and having a manager meet with workers quarterly. The New York Times described it at the time as the first known case of workers getting Amazon management to negotiate in the US, though the company said the meetings were not negotiations, but a form of community engagement. In any case, the concessions were insufficient for the workers, who say they continued to experience punishing workloads. By March, dissatisfaction at the warehouse began to spread. A group of night-shift workers decided to protest. Hamilton knew workers had been organizing and had won some small victories, but none of the actions had happened in his department while he was on. Under strain from the rate increases, Hamilton, Dualeh, and other workers reached out to the Awood Center and planned to walk off the job for three hours, starting at midnight. As he was walking out, Dualeh said a manager intercepted him in the lobby and told him he was fired for low productivity. He believes it was in retaliation for organizing, and that he was singled out as one of the few temporary workers walking out. Earlier this month, Awood filed a complaint with the National Labor Relations Board against the fulfillment center’s staffing agency, Integrity Staffing Solutions. During the walkout, workers convened at a nearby restaurant and drew up a list of demands on a legal pad, which Awood posted to Facebook. The top of the list was still the rate, followed by more support staff, an end to counting prayer and bathroom breaks against rate, more opportunities for promotion, and converting temporary workers to employees. After the walkout, workers say Amazon representatives flew in to meet with them, but didn’t acquiesce to their demands. They started planning the Prime Day strike. The workers had also begun making contact with allies outside of Minnesota. After last year’s protests, organizers in Europe, where unions are stronger and strikes on Prime Day and other peak shopping times are frequent, reached out to the Shakopee workers in support. (Several hundred workers in German fulfillment centers also went on strike yesterday, and there were protests in Spain and Poland.) In February, Mohamed and members of Awood flew to Seattle, where they met engineers and tech workers in Amazon Employees for Climate Justice, a group that has been pushing the company to stop using fossil fuels and aiding the oil and gas industry. Attendees said the meeting consisted of informal relationship-building and plans for future action were not discussed, but the groups stayed in contact over text. Before the Shakopee workers announced their strike, they reached out and asked if the tech workers would show solidarity. Three decided to fly out to attend, and over 200 others wrote letters of support. “We see these two struggles as very much related,” said Weston Fribley, an Amazon software engineer. “Amazon employees often don’t have a say in the decisions that affect their work and their communities, or how their work is used.” Tech workers, he said, are often atomized, and don’t spend a lot of time thinking about their common goals. He found the Shakopee protests inspiring, seeing how a close-knit community banded together to push for change. “We’re here to let them know that Seattle is not just this ominous cloud that hangs over their work life, but that there are people there paying attention to what they’re doing and will stand with them and support them.” In February, Mohamed and members of Awood flew to Seattle, where they met engineers and tech workers in Amazon Employees for Climate Justice, a group that has been pushing the company to stop using fossil fuels and aiding the oil and gas industry. Attendees said the meeting consisted of informal relationship-building and plans for future action were not discussed, but the groups stayed in contact over text. Before the Shakopee workers announced their strike, they reached out and asked if the tech workers would show solidarity. Three decided to fly out to attend, and over 200 others wrote letters of support. “We see these two struggles as very much related,” said Weston Fribley, an Amazon software engineer. “Amazon employees often don’t have a say in the decisions that affect their work and their communities, or how their work is used.” Tech workers, he said, are often atomized, and don’t spend a lot of time thinking about their common goals. He found the Shakopee protests inspiring, seeing how a close-knit community banded together to push for change. “We’re here to let them know that Seattle is not just this ominous cloud that hangs over their work life, but that there are people there paying attention to what they’re doing and will stand with them and support them.” Source
  5. (Reuters) - Alphabet Inc’s Google announced on Tuesday it would set aside $750 million in land and $250 million in financing to spur developers in the San Francisco Bay Area to build at least 20,000 homes and rehabilitate other housing over the next decade. Google, which told Reuters it has 45,000 employees in the region, has been the target of local activists who for several years have said the company’s growth and high salaries have contributed to rising rents and housing shortages. They have called on Google and other Silicon Valley tech companies to invest in affordable housing and rethink expansions. Google said housing had reached a “crisis point” in the Bay Area but declined to comment on whether its announcement in a blog post on Tuesday was a response to pressure from community activists, who plan to demonstrate Wednesday outside Alphabet’s annual shareholder meeting. Activist group Silicon Valley Rising called Google’s announcement “a great step in the right direction.” In January, Facebook Chief Executive Mark Zuckerberg’s philanthropy in partnership with other groups said they planned to raise $500 million to build or preserve more than 8,000 homes in the Bay Area over 10 years. And Microsoft Corp pledged $500 million toward addressing homelessness and developing affordable housing in the Seattle region. Google told Reuters it would lease land valued at $750 million, and largely zoned for offices or shops, to construct mostly apartments and some for-sale homes for a total of at least 15,000 units. It declined to elaborate on why the space is no longer needed for offices. The $250 million would go toward equity and debt investments in projects preserving existing affordable housing or constructing at least 5,000 new affordable units for people of various income levels. Google said it would prioritize developments near transportation hubs by its offices. Google has already proposed 5,700 new homes at one of its developments in Mountain View, California adding that it is also in discussions with the cities of Sunnyvale and San Jose. Source
  6. Round of devastating job cuts are deepest since the telecom giant said it would create jobs after the passage of the Tax Cuts and Jobs Act NATIONWIDE — AT&T Inc. (NYSE:T) plans to cut 1,880 American jobs over the next few months, continuing a pattern of drastic cuts to family-supporting jobs in communities across the country. The company began notifying employees that their jobs are at risk right before Father’s Day weekend, forcing thousands of working dads and families to spend the holiday figuring out what to do now that they are facing the loss of their paychecks. AT&T CEO Randall Stephenson was one of the most fervent proponents of the Tax Cuts and Jobs Act (TCJA) and said AT&T would use its tax dollars to create at least 7,000 jobs. But since the tax bill passed, the company has been aggressively eliminating tens of thousands of jobs. Meanwhile, AT&T has received a $21 billion windfall from the TCJA, slashed capital investments by $1.4 billion, given hefty pay increases to top executives and did not pay cash income taxes in 2018. These new cuts come just days after the Communications Workers of America (CWA) issued a series of reports showing AT&T’s network in the Midwest is in disrepair even as it is reducing the number of trained, career employees. “Instead of celebrating with my children on Father’s Day, I had to tell them that their dad may not have a job soon,” said Todd Menth, a father of two facing a job cut in Kent, Ohio. “I’ve worked hard at AT&T for nineteen years and I’m proud of my work. My message to AT&T is that it’s not too late to change course, to invest in next-generation networks and keep these good jobs in our community.” The job cut notifications began last Thursday, impacting technicians in the following states: Arkansas, California, Connecticut, Florida, Georgia, Illinois, Indiana, Kansas, Kentucky, Louisiana, Michigan, Missouri, Mississippi, North Carolina, New Jersey, Nevada, Ohio, Oklahoma, South Carolina, Tennessee, Texas, Virginia, and Wisconsin. The workers, members of CWA, are in a long-standing battle with the company to ensure that AT&T’s tax windfall is used as promised to create jobs and increase wages. Over 14,000 members of CWA in the Midwest, Puerto Rico and in AT&T’s national Legacy T unit are in contract negotiations with AT&T, and another 22,000 in the Southeast will begin negotiations this summer. In addition to this round of cuts, a CWA analysis from May 2019 showed the company has eliminated 23,328 jobs since the TCJA passed in late 2017, including nearly 6,000 in the first quarter of 2019. At the same time, the company continues to send work to low-wage contractors and overseas. AT&T has closed 44 call centers and eliminated 16,000 call center jobs in the last seven years, with the Midwest region being one of the hardest hit. Meanwhile, in Puerto Rico, where AT&T workers worked tirelessly to rebuild the AT&T network and help customers after Hurricane Maria, the company is refusing to ensure its two Puerto Rican call centers will stay open. Instead, AT&T recently opened Spanish-language call centers in Mexico that serve the U.S. market. “Hurricane Maria wreaked havoc on Puerto Rico, and the AT&T workers here played a critical role in making sure people could reach their loved ones,” said Daniel Borrero, an AT&T Mobility customer care representative in Puerto Rico. “Instead of acknowledging our dedication and investing in American jobs in the commonwealth, AT&T seems to be directing Spanish-language work to other countries. After today’s news about major job cuts, Puerto Rican workers like me are worried we’re next.” AT&T responds to criticism of its massive job cuts with boasts about hiring and by saying that workers have the option to relocate. But AT&T workers and their union note that hiring to address turnover is not the same as job creation, and relocation options are often hundreds of miles away from workers’ homes and families in communities with dramatically higher costs of living, making relocation unviable for the majority of employees. The facts in AT&T’s own reports are clear—they have 23,000 fewer people on their payroll than they did at the beginning of 2018. CWA has been leading the charge to hold AT&T accountable to the jobs promises the company made as part of its effort to pass the Tax Cut and Jobs Act. In March, CWA President Chris Shelton testified in front of the House Ways and Means Committee about the impact of the Tax Cut and Jobs Act on American workers, and called on Congress to probe AT&T on how it is spending its tax cut money, saying: “You may ask ‘what is AT&T doing with this money if it’s not being used to create jobs and invest in the U.S.?’ We’d like to know as well.” Economists too have been weighing in on how big employers like AT&T are using their increased profits from the tax windfall: “The strongest claim made by proponents of the 2017 Tax Cuts and Jobs Act was that it would trickle down to aid working families by boosting wages,” said Josh Bivens, director of research at the Economic Policy Institute (EPI). “This was never a convincing claim and we can see now just how cynical it was all along: after lobbying fiercely for a corporate tax cut that put literally billions in their coffers, AT&T is fighting tooth and nail to make sure that they don’t have to share any of this new profitability with their workers by committing to invest in good jobs.” Source
  7. You can watch a breakdown of the US broadband problem even if you can't stream it. The latest episode of Netflix variety talk show Patriot Act with Hasan Minhaj focuses on the digital divide. In it, Minhaj breaks down some of the many reasons why internet access is so terrible across much of the US, including the roles of carriers and the Federal Communications Commission. It's a topic we cover frequently on Engadget, and the episode, "Why Your Internet Sucks," is a compelling watch. It's a strong look at why millions of Americans are missing out on fixed broadband and why that's such a problem. For instance, "About three million kids across the country have trouble completing their homework because they don't have adequate internet," Minhaj said. He points out the irony that people who have a strong enough connection to stream the episode probably aren't affected by the problem. So, the Patriot Act team is putting the episode on DVD, which you can rent through Netflix's DVD mail rental service. Around 2.7 million people in the US still get Netflix's red DVD envelopes, so you can order the episode on a disc even if, say, you're struggling with a dial-up connection. Alternatively, the whole episode is on YouTube, so you can watch it even without a Netflix subscription. Source
  8. US report finds sky is the limit for geothermal energy beneath us US Dept. of Energy project estimates geothermal’s untapped potential. Enlarge / Sonoma Power Plant at The Geysers in California. Geothermal Resources Council/flickr With all attention focused on the plummeting prices and soaring popularity of solar and wind, geothermal energy is probably under-appreciated. Sure, you might think, it’s great where you can get it—in, say, Iceland or the Geysers area of California—but those are exceptions, right? Not entirely. Geothermal power sources come in many forms, and they're typically much more subtle than steam shooting out of the ground. In reality, geothermal energy could be a big player in our future mix. That is made clear by the US Department of Energy’s recently released “GeoVision” report. The report follows similar evaluations of wind, solar, and hydropower energy and leans on information from national labs and other science agencies. It summarizes what we know about the physical resources in the US and also examines the factors that have been limiting geothermal’s deployment. Overall, the report shows that we could do a whole lot more with geothermal energy—both for generating electricity and for heating and cooling—than we currently do. Heat and power Enlarge / The highest temperatures are found out West, but these aren't the only places where geothermal techniques can be applied. DOE There are opportunities to more than double the amount of electricity generated at conventional types of hydrothermal sites, where wells can easily tap into hot water underground. That's economical on the current grid. But the biggest growth potential, according to the report, is in so-called “enhanced geothermal systems.” These involve areas where the temperatures are hot but the bedrock lacks enough fractures and pathways for hot water to circulate freely—or simply lacks the water entirely. The technology used in natural gas fracking—injecting pressurized fluid underground to form fractures in the rock that released trapped gas into horizontally drilled wells—could be adapted to generate electricity in sites like these. Creating fractures and/or injecting water to get heated by these rocks eventually results in a similar geothermal plant setup, but it takes a lot more engineering than just jamming a straw into a source that's already sending hot water to the surface. Advancing enhanced geothermal techniques alone could produce 45 gigawatts of electricity by 2050. Add in the more conventional plants, and you’re at 60 gigawatts—26 times more than current geothermal generation. And in a scenario where natural gas prices go up, making geothermal even more competitive, we could double that to 120 gigawatts. That would be fully 16 percent of the total projected 2050 generation in the US. Additionally, that electricity can be generated around the clock and can even be flexibly ramped up or down, making it an excellent pairing with intermittent forms of renewable energy like wind and solar. Enlarge / The many flavors of geothermal. DOE On the heating (and cooling) side, there are two main areas of opportunity. Traditional ground-source heat pumps circulate fluid through loops in the ground to provide cooling in the summer and heating in the winter, and they could be much more widely adopted with minimal effort. The report estimates that installations could increase 14 times over, to 28 million homes by 2050, covering 23 percent of national residential demand. Accounting for limitations in how quickly the market could realistically change brings the number down to 19 million homes—still a massive increase. There’s even more potential for district heating systems, where a single, large geothermal installation pipes heat to all the buildings in an area. There are only a handful of such systems operating in the US today (Boise, Idaho, has an example), but the report finds more than 17,000 locations where it would make sense, covering heating needs for 45 million homes. Limited adoption The report focuses a great deal on the barriers that have so far prevented this eye-popping potential from being realized. Some barriers are indeed technological—those enhanced geothermal systems have yet to reach maturity, for example. Some barriers are simply down to a lack of awareness that things like ground-source heat pumps are already viable options. But the biggest barriers are financial. Geothermal power plant projects suffer from much higher capital costs (and therefore slower payback times) than other forms of renewable energy. Techniques for placing wells at traditional hydrothermal sites are surprisingly unsuccessful, with many wells failing to produce enough to go into use. With better maps and more advanced site characterization, the misses could be reduced, bringing down costs. The report also highlights permitting on federal lands as less than smooth. Between awkward overlaps when multiple agencies are involved and backlogs in understaffed departments, it points to approvals that could be consolidated to simplify the process. Streamlining, the report says, could shorten the time it takes to complete a project and reduce the financial risk of starting one. Separately, the constant uncertainty surrounding short-term tax credits for renewable projects also does geothermal no favors. The 2050 scenarios in the report are based on plausible improvements to these barriers combined with modeling of the economics and operation of the nation’s energy grid. To make the projected numbers a reality, a set of key steps are laid out. Those include the streamlining of permitting, continuing research into the engineering of “enhanced geothermal systems,” improving methods for reducing trial and error at new installations, and outreach to increase awareness of geothermal options. The other key is maximizing the value of each project. As flexibility is increasingly valued on the grid, compensating geothermal for that value would make it more profitable. There are also a variety of possible industrial uses for heat across the range of ground temperatures—everything from warming greenhouses to aiding cement production. A broader set of applications could help grow the geothermal industry, bringing costs down with scale. If you’re a geothermal fan and an optimist, the report lays out a tantalizing amount of potential, although it lists plenty of challenges between here and there. In an intro to the report, DOE Geothermal Technologies Office Director Susan Hamm writes, “[T]his report shows us how to move the geothermal dial from what we know exists to what we envision is possible over the next 30 years. The GeoVision analysis takes us beyond a declaration of resource potential by illustrating what is real today and painting a picture of what could be real tomorrow.” Source: US report finds sky is the limit for geothermal energy beneath us (Ars Technica)
  9. How many more will die in US heatwaves as world warms? The difference between 1.5°C and 3°C worlds can be thousands of lives. Enlarge Garrett Ziegler / Flickr One of the more obvious risks of climate change is an increased frequency of extreme heatwaves. Particularly in cities, heatwaves can be more than sticky and unpleasant—they can be deadly. The emissions cuts pledged so far in the international Paris Agreement in 2015—if followed through—would limit global warming to the neighborhood of 3°C. That won't prevent an increase in deaths due to heatwaves, but just how much worse is 3°C than the international goals of stopping warming at 2°C or event 1.5°C? To find out, a team led by Eunice Lo at the University of Bristol analyzed the relationship between extreme summer temperatures and deaths for 15 US cities with data: Atlanta, Boston, Chicago, Dallas, Detroit, Houston, Los Angeles, Miami, New York City, Philadelphia, Phoenix, San Francisco, Seattle, St. Louis, and Washington DC. Turning up the (simulated) heat Using climate model simulations, Lo and her team estimated the changes in summer temperatures for these cities at 1.5°C, 2°C, and 3°C of global warming. (The first two scenarios had already been done, but they added a 3°C scenario run by the volunteer [email protected] computing network.) The warmest days on land (as opposed to over the ocean) generally increase faster than the global average, so the difference between these scenarios is more than you might think. The half-degree difference between 1.5°C and 2°C, for example, translates to a 0.6°C to 1°C (about 1 to 2°F) increase in summer extremes for these cities. Using the simplifying assumptions that population doesn't change, vulnerability to heatwaves does not increase, and adaptations aren't undertaken (more on these later), the researchers were able to apply the past heatwave-death relationships to these higher temperatures. Because there is a threshold where temperature and humidity crosses into the danger zone, the differences in these scenarios can be stark. For example, San Francisco would see a month of additional days with an elevated risk of deaths in the 3°C scenario than it would in the 2°C scenario. By counting up the days above the threshold, you can compare the change in estimated heat-related deaths to the average number of deaths from all causes. The difference between a 1.5°C world and a 3 °C world is an increase in the fraction of heat-related deaths of 1 percent in Chicago or 3 percent in Philadelphia. That is, an additional 1 or 3 percent of all deaths would be heat-related. Extreme events For what is perhaps a more concrete comparison, the researchers also zeroed in on especially extreme heatwave events. From their model simulations (which generated 900 years of weather), they identified the magnitude of the once-in-30-years heatwave—the kind of weather event that makes news. Then they calculated the estimated number of deaths that would result from such a heatwave in each scenario. The biggest effects are found in the biggest cities. Take New York: going from a 1.5°C to 3°C global warming means an additional 2,700 deaths in a heatwave like that. The difference between 2°C to 3°C is 2,000 deaths. In LA, the lives saved in those scenarios are about 1,100 and 750, respectively. Enlarge / Numbers for a once-in-30-years heatwave for each city and scenario. Union of Concerned Scientists For Chicago, those numbers are about 875 and 640 lives. For context, the researchers point to the July 1995 Chicago heatwave that killed an estimated 514 people, a number smaller than the difference between the future scenarios. In a 3°C world, heatwaves as deadly as that 1995 event would occur every year or two. Of course, we don’t expect population to remain constant in these cities. Most are growing, which means more people experiencing future heatwaves. On top of that, demographics are shifting toward an aging population that is more vulnerable to the heat. On the flip side, there is a lot that could be done to reduce vulnerability. Access to air conditioning can save lives, and adaptations like shade cover and cool roofs can reduce the “urban heat island effect” that raises temperatures in the concrete jungle. But separate from those factors, the researchers note that one thing is clear: “Ratcheting up global mitigation ambition to achieve the Paris Agreement long-term temperature goal would significantly reduce these cities’ exposure to extreme heat[...] Our results demonstrate that strengthened mitigation ambition would result in substantial benefits to public health in the United States.” Science Advances, 2019. DOI: 10.1126/sciadv.aau4373 (About DOIs). Source: How many more will die in US heatwaves as world warms? (Ars Technica)
  10. U.S. Customs and Border Protection officials announced on Thursday that officers made a record-breaking seizure of fentanyl on the U.S.-Mexico border that was enough to kill tens of millions of Americans. "According to U.S. Customs and Border Protection, a canine officer alerted other officers to the presence of 254 pounds of fentanyl hidden inside an 18-wheeler carrying cucumbers, during a secondary inspection at the Mariposa port of entry just past noon on Saturday," The Arizona Republic reported. "This is the largest fentanyl seizure in any port of entry," CBP official Guadalupe Ramirez said. "In CBP, in the history of CBP, this is the largest fentanyl seizure." In addition to the record fentanyl seizure, agents also seized 395 pounds of methamphetamine from inside the 18-wheeler. CBP estimated the value of the fentanyl, which came in the form of powder and pills, to be approximately $3.5 million. CBP Arizona tweeted out photos from the press conference: "Authorities said it was driven by a 26-year-old man who was arrested and charged with possessing drugs with the intent to distribute them," NBC News reported. "His identity and nationality were not immediately available." The amount of fentanyl seized by agents was enough to kill well over 57,000,000 Americans, given that the DEA states that as little as 2 milligrams can be fatal. President Donald Trump weighed in on the bust, tweeting: "Our great U.S. Border Patrol Agents made the biggest Fentanyl bust in our Country’s history. Thanks, as always, for a job well done!" Fentanyl, developed in 1959, “is approximately 100 times more potent than morphine and 50 times more potent than heroin as an analgesic,” according to the DEA. "The occurrence of heroin mixed with fentanyl is also increasing," according to the DEA’s 2018 National Drug Threat Assessment. "Mexico remains the primary source of heroin available in the United States according to all available sources of intelligence, including law enforcement investigations and scientific data." The DEA further notes that "Illicit fentanyl and other synthetic opioids — primarily sourced from China and Mexico—are now the most lethal category of opioids used in the United States." The Centers for Disease Control estimated that "28,400 people died from overdoses involving synthetic opioids other than methadone in 2017," which is the latest year for which data is available. The announcement renewed calls from lawmakers about the crisis on the southern border. "Largest fentanyl bust in history. Border Patrol seized enough fentanyl to kill 57 MILLION people," Rep Jim Jordan tweeted. "That’s more than the population of Ohio, Michigan, Wisconsin, Pennsylvania, Indiana, Minnesota, and Iowa. COMBINED. We have a crisis on our southern border."
  11. 'Some that have smoked are saying no, because they're scared that they may be banned for life' The mayor of Estevan, Sask., says local residents have been turned away at the nearby U.S. border after admitting to past pot use. "It is a fairly serious concern," said Roy Ludwig, mayor of the 11,258-person city located just 16 kilometres north of a North Dakota border crossing. "Even people that might have smoked it 20, 30 years ago, they're being asked, 'Have you ever smoked cannabis?' when they get to the U.S. border. We understand some people have said yes, that they have, and have been turned back." Ludwig said several Estevan residents have undergone strict questioning at the U.S. border since recreational cannabis was legalized in Canada less than two weeks ago. He said he knows of two people who were turned away and not allowed to cross the border. Recreational cannabis use is not legal in North Dakota, and pot possession is still illegal under U.S. federal law. The Canadian government warned people pre-legalization that "previous use of cannabis, or any substance prohibited by U.S. federal laws, could mean that you are denied entry to the U.S." Not everyone who wants to cross the border is reacting the same way to those rules, according Ludwig. "Some are saying the truth, saying yes, they have smoked it, and then some that have smoked are saying no because they're scared that they may be banned for life," he said. Store opening soon Estevan is one of the 32 Saskatchewan communities that either has or will have a recreational cannabis store. It's the southernmost place people will be able to buy legal cannabis in Saskatchewan. The community was originally supposed to get two stores, but the city — after consulting Estevan Police Services — asked that the second permit be put off until factors like traffic could be reviewed after the first store opened. That store is being prepared by Prairie Sky Cannabis, the same company currently operating legal pot stores in Martensville and Battleford. They operate those stores under the name Jimmy's Cannabis. Everything, except a steady supply stream, is in place for the Estevan store to open soon, said John Thomas, the president of the company. But that store will create a new wrinkle for American travellers coming to Estevan. An American customs official recently told CBC News that those found at the border with cannabis on their person, or in their car, could face arrest and prosecution by U.S. officials. That's why the Jimmy's Cannabis store in Estevan might tweak its product line compared with its sister stores. "There might be more things like pre-rolls and things that are higher-convenience for short-term use [inside Saskatchewan]," said Thomas. Stay overnight for the 'fine hotels' Ludwig said city councillors have talked about whether the flow of cannabis-craving Americans into Estevan might present the community with a business opportunity that also discourages people from driving under the influence. "People advertising and saying, 'Stay at some of our fine hotels and enjoy some of our fine restaurants and indulge in cannabis if you want to try it out. And then stay overnight and go back sober.' "We haven't done that yet," said Ludwig, "but we've definitely talked a little bit about it." Source
  12. Two eighth grade students have been arrested after allegedly spreading a fake school shooting threat at a Maryland middle school. Earlier this month, a parent contacted Aberdeen Middle School to report seeing a social media post from a student, warning students not to come to classes the next day because another student was allegedly threatening a school shooting, the Aberdeen Police Department said in a statement Friday. After an investigation, police determined the student in question never made a threat and two eighth grade students were responsible for faking the report. One student was charged with make a false statement to a peace office and the other with disturbing school operations. False school shooting reports "will not be tolerated," the police department said. Source
  13. America is finally testing for coronavirus in significant volumes Testing in the US has soared to 100,000 tests, but shortages remain an issue. Enlarge / Patients wait in their cars for drive-through COVID-19 testing at Advocate Lutheran General Hospital in Park Ridge, IL on Thursday. The hospital suspended drive-through testing on Friday due to a shortage of test kits. Eric Bangeman / Ars Technica 260 with 118 posters participating, including story author America is finally starting to test for the coronavirus in significant volumes. On Thursday, the total number of coronavirus tests conducted in America topped 100,000, according to the COVID tracking project. That's a 10-fold increase from a week earlier. In the coming days, we can expect the pace of testing to continue increasing as more and more organizations—both academic labs and for-profit companies—ramp up testing efforts. This is important because America has a lot of catching up to do. A series of early missteps at the federal level hampered America's testing efforts in the early weeks of the coronavirus crisis. It wasn't until the end of February that the Food and Drug Administration opened the door for a wide range of organizations to offer coronavirus tests. In the last week, we've started to see the results of that change. Private companies are starting to ship hundreds of thousands of tests. Drive-through testing stations are sprouting up all over America. But the explosion of new testing efforts will create challenges of its own. Josh Sharfstein, a professor at the Johns Hopkins University School of Public Health, argues that coordination will be increasingly important as the volume of testing increases. A Thursday story in The Wall Street Journal painted a picture of chaos as patients struggled to get tested—even after they've gotten a referral from a doctor to get a test. Some drive-through testing facilities have had long lines and unpredictable hours, the Journal reports. To get maximum value out of all this testing, officials are going to need to rationalize and streamline these testing processes. Patients need predictable rules for when they are eligible to be tested and a predictable process for actually getting a test and getting results. And public health officials need standardized ways of gathering test results Some labs are also suffering from a shortage of supplies, Axios reports. As we detailed in our February explainer, testing for the virus behind COVID-19 is a multi-step process that involves a number of chemical reagents. These chemicals are mostly available off-the-shelf, but the system isn't designed to handle sudden, massive spikes in demand. "We are keeping redundancy very much on the back of our minds," Harvard's Michael Mina told Axios. "There is a concern that some item might become out of stock and so as soon as we are live with our test, we will start validating other modifications." We saw this first-hand. On Thursday, Ars Managing Editor Eric Bangeman drove to a drive-through testing site near his home in the Chicago area to get some photos for this story. On Friday, the hospital hosting those tests announced it was suspending its drive-through testing program due to a shortage of test kits. Still, there's every reason to expect that testing providers will work out these kinks. The number of coronavirus tests soared this week, and we should expect that progress to continue in the coming weeks. And that's important because America is going to do a lot more testing to get the coronavirus outbreak under control. Federal missteps meant America started out behind on testing America started out behind on testing capacity due to a series of early mistakes by federal agencies. The story starts on January 31, when the Secretary of Health and Human Services declared the novel coronavirus to be a public health emergency. Due to a quirk in federal law, this declaration meant that anyone wanting to test for the coronavirus first needed to seek approval from the Food and Drug Administration. The FDA has a lot of discretion in how it uses that authority. The agency could have set up a streamlined process to allow a wide variety of organizations to create their own tests. But it didn't do that. The Centers for Disease Control was working on a coronavirus test, and initially the FDA decided not to allow anyone else to develop tests of their own. Unfortunately, when the CDC sent out an early batch of coronavirus testing kits to state and local laboratories, many of the labs were unable to validate the results. The CDC's efforts to troubleshoot this flaw wasted valuable time.With a limited number of tests available, the CDC initially limited testing to those who had recently traveled to coronavirus hotspots or those who had come into contact with a known coronavirus carrier. That made it difficult to track early cases of community spread within the US. Coronavirus tests are growing exponentially Enlarge / A drive-through COVID-19 testing site at Advocate Lutheran General Hospital in Park Ridge, IL. Eric Bangeman / Ars Technica Finally, on February 29, the FDA opened the door to other labs developing their own tests. Under the FDA's new framework, labs that met certain prior regulatory requirements would be allowed to begin using their own tests before they'd gotten explicit approval from the FDA. Under the new guidance, labs had a 15-day grace period after they began testing to file the necessary paperwork with the FDA. "That changed everything," one lab director told the New Yorker. "We didn’t have to wait to get the forms in and then wait for the response.” That decision opened the floodgates. In the last three weeks, the volume of coronavirus testing has grown exponentially. Data from the COVID Tracking Project shows that the total number of coronavirus tests performed in the US grew from fewer than 1,000 on March 4 to almost 10,000 by March 12 and more than 100,000 by March 19. Enlarge Eric Bangeman / COVID Tracking Project These numbers are still far from sufficient to get the coronavirus under control. South Korea, with about 15 percent of the US population, has tested 270,000 people. But America's testing capacity has been growing fast, and we can expect continued growth in the coming days and weeks. On Wednesday, Abbott Labs announced FDA approval of its coronavirus test. The company said it was "deploying 150,000 laboratory tests immediately" and was aiming to reach a million tests a week before the end of March. Another major medical testing provider, Roche, announced on Monday that it was planning to ship out 400,000 tests. "The test kits are being sent to a network of more than 30 hospital and reference laboratories in the US that already have the required instrumentation in place and have the ability to implement high-volume testing immediately." These are just two of many examples of US providers working to ramp up coronavirus testing capacity. With their help, the US will soon have far more coronavirus testing capacity than it has today. Why testing is important Testing isn't only important because it helps individual patients understand their medical conditions and guide their treatment—though that's obviously important. In an epidemic, testing is also crucial to help public health officials effectively direct resources, get the spread of the virus under control, and ultimately enable people to return to normal lives. Until recently, health care professionals and public health officials have been flying blind. They could only test a small fraction of the patients who exhibited coronavirus-like symptoms, and so they've tended to reserve tests for patients who exhibited severe, potentially life-threatening symptoms. Other patients are typically told to go home and self-isolate—without knowing for sure if they have the coronavirus. That uncertainty makes it hard to take precautionary steps to prevent further spread of the virus. If a patient is able to confirm that they have the coronavirus, then they (or public health officials) can warn friends, family, and other close contacts about the potential infection. Ideally, those people can get tested as well. But without a testing, public health officials don't know which cases to focus on. And large-scale testing will ultimately allow public health efforts to become more targeted, allowing more Americans to return to normal lives. That won't happen immediately, Johns Hopkins expert Josh Sharfstein told Ars. There are now so many coronavirus cases that it will require additional weeks of widespread social distancing measures to bring the outbreak under control. But as these measures start to have an impact and infection rates fall, testing will allow public health officials to precisely target further suppression efforts. Officials will be able to identify areas where the coronavirus has been stamped out and people can safely resume normal activities. They'll identify other areas that remain coronavirus hotspots and require more public health resources. As infections become rare and testing becomes plentiful, officials will be able to test close contacts of newly afflicted individuals, making it less likely that a single new coronavirus case will turn into a cluster of them. Source: America is finally testing for coronavirus in significant volumes (Ars Technica)
  14. WASHINGTON (Reuters) - Alphabet Inc’s Google and the U.S. Justice Department have failed to reach agreement over a protective order for third parties like Microsoft that provided data to the government for its lawsuit against the search and advertising giant. Google is pressing for two in-house attorneys to have access to the confidential data while the Justice Department and state attorneys general involved in the lawsuit have disagreed, Google said in a court filing on Friday. Google stated it needed the information to prepare an effective defense. It offered to ensure that any confidential information would be made available solely to two in-house attorneys at the offices of Google’s outside counsel or in another secure manner, adding that it would promptly report any disclosure. The government said in a separate filing that allowing Google’s staff attorneys to review “strategic plans related to rival voice assistants, and other commercially sensitive information” was dangerous because they could misuse the information to squash potential competition. The government also said that highly confidential files in the last big technology antitrust case, which involved Microsoft Corp about 20 years ago, were only available to the company’s outside counsel. The companies whose documents are in dispute in the Google case also include Oracle Corp, AT&T Inc, Amazon.com, Comcast Corp and others. They have until next Friday to make their proposals for the terms of a protective order. Judge Amit Mehta of the U.S. District Court for the District of Columbia is hearing the Justice Department’s case against Google. The government sued Google in October, accusing the $1 trillion company of illegally using its market muscle to hobble rivals in the biggest challenge to the power and influence of Big Tech in decades. Source
  15. The U.S. Treasury signed sanctions against three hacking groups actively engaged in cyber operations meant to bring financial assets to the government of North Korea. The groups are Lazarus, Bluenoroff, and Andariel, well-known in the security industry for cyber operations aimed at cyberespionage, data theft, monetary reward, and data destruction. By signing the sanctions, the U.S. Treasury U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) puts a lock on all properties and financial assets owned by the three groups in the U.S. and prohibits all dealings involving these goods. The sanctions extend to "any foreign financial institution that knowingly facilitates a significant transaction or provides significant financial services for any of the entities," could become the target of sanctions. All three groups operate at the command of the Reconnaissance General Bureau (RGB), which is North Korea’s primary intelligence bureau. Old group Lazarus Lazarus Group (a.k.a. Hidden Cobra), which is the larger of the three hacking entities and considered an umbrella for the others, was created in early 2007 and it is coordinated by the 110th Research Center, 3rd Bureau of the RGB; this bureau is charged with technical surveillance and it is the architect of North Korea's cyber operations. Infamous incidents attributed to Lazarus Group include the attack on Sony Pictures - known as Operation Blockbuster, back in 2014 and the WannaCry ransomware global epidemic in 2017. The damage caused by these two attacks alone were considerable. Sony's internal data (employee emails, plans for future films, documents) were made public. WannaCry impacted hundreds of thousands of computers across the world and produced hundreds of millions of U.S. dollars in damages to companies in at least 150 countries. Money-grabbing Bluenoroff Treasury officials say that Bluenoroff, a sub-group of Lazarus, has been operating since at least 2014 with the purpose of earning revenue for the North Korean government. "Bluenoroff conducts malicious cyber activity in the form of cyber-enabled heists against foreign financial institutions on behalf of the North Korean regime to generate revenue, in part, for its growing nuclear weapons and ballistic missile programs." One of the most notable heists attempted by this group was against the Bangladesh Central Bank, which stood to lose about $1 billion, were it not for two mistakes from the hackers. One of them was a typo, the other misstep was choosing a recipient that had been flagged for evading U.S. sanctions against Iran. In total, Bluenoroff (APT38) hackers managed to steal $81 million from just four transfers out of a total of 35. Countries with financial institutions attacked by this group count India, Mexico, Pakistan, Philippines, South Korea, Taiwan, Turkey, Chile, and Vietnam. Andariel hacks for cash and secrets The third hacker group associated with the North Korean government is called Andariel. Operating since at least 2015, the outfit is known to focus on foreign businesses, government agencies, entities in the defense industry, financial services infrastructure, and private corporations. It appears that this unit's purpose oscillates between cyber espionage and financial reward. Andariel is blamed for breaking three years ago into the personal computer of the South Korean Defense Minister as well as into the Defense Ministry's intranet. At the same time, the group seems to be responsible for hacking into ATMs to steal cash or collect customer information and peddle it to specialized communities. Moreover, Andariel is known for compromising online poker sites to make money. Lucrative business North Korean hackers have a wide range of activities they engage in, and it seems that the scope of their operations changes with the Pyongyang government's needs at a certain point in time. John Hultquist, the Director of Intelligence Analysis for FireEye, told BleepingComputer that North Korea’s cyber-espionage apparatus has grown in the past four years into "a significant state-run criminal venture." "Though these operations may fund the hackers themselves, their sheer scale suggests that they are a financial lifeline for a regime that has long depended on illicit activities to fund itself." John Hultquist This is echoed by reports about these three groups hacking systems for huge piles of cash. The United Nations estimated in a confidential document that North Korea made as much as $2 billion from at least 35 cyberattacks directed at banks and cryptocurrency exchanges across in 17 countries. Another report from the U.N. earlier this year stated that North Korean hackers hitting cryptocurrency exchanges in Asia between January 2017 and September 2018 caused $571 million in losses. Hultquist says that these sanctions from the U.S. may not be a powerful deterrent from the cybercriminal activities of the Pyongyang regime. He points out that the lucrative aspect of these campaigns is a strong motivation to maintain the same path. "In the past they have remained obstinate in the face of other sanctions and international condemnation of their cyber capability. Even if they were to take a lighter hand to the US, much of their criminal activity takes place beyond the US in countries who may not have the same ability to change North Korea’s behavior." Source
  16. A cyberattack on a subcontractor for U.S. Customs and Border Protection (CBP) exposed surveillance plans and much more than was previously disclosed, according to a new report. Earlier this month, U.S. Customs and Border Protection said photos of travelers and license plates had been compromised during a cyberattack, adding that less than 100,000 people were affected. However, the Washington Post reported on Friday that the cyberattack also compromised documents including “detailed schematics, confidential agreements, equipment lists, budget spreadsheets, internal photos and hardware blueprints for security systems.” As the news outlet put it: The documents offer an unusually intimate glimpse of the machinery that U.S. officials depend on for the constant monitoring of legal immigration through the border. They also illuminate the government’s plans for expanding its use of license plate readers and facial-recognition cameras, including such details as how many cameras are focused on which traffic lanes at some of the busiest border crossings in the world. The hacked CBP subcontractor documents were put on the dark web and the subcontractor who appears to have been hacked was Tennessee-based Perceptics, according to the report. The available information taken was “hundreds of gigabytes,” the newspaper reported. You can read all of the Washington Post report here. Source
  17. President Donald Trump’s recent Executive Order on America’s Cybersecurity Workforce has created surprisingly little buzz within the cybersecurity training community. This is likely because, as exciting as it is to have the leader of the free world focused on our slice of the industry, the EO is extremely high-level. Unless the policy has some serious teeth in the form of enforceable sanctions, sufficient funds and manpower, an executive order is little more than a press statement. Still, I’m optimistic about this one. Given the scope of the cybersecurity talent shortage, I’m confident that the need for well-trained, experienced cybersecurity professionals will drive the market to produce them one way or another. But cybersecurity work is inherently tied into America’s national defense, economic durability and growth. Especially given the talent shortage, it’s highly appropriate for the federal government to give the country’s cybersecurity workforce the boost it needs. Moving the EO Forward Industry insiders are wondering out loud just how useful the EO will be. I think there’s a lot to like. However, as many others have noted, it’s light on details. And when it comes to executing an ambitious initiative at federal scale, the devil is most definitely in the details. Still, I believe it can make it off the page, and have a few ideas on how to take it a few steps down the road: Wide, Enforced Adoption of the NICE Cybersecurity Workforce Framework NICE a subset of NIST’s cybersecurity standard, stands for National Initiative for Cybersecurity Education. It includes a framework that “establishes a taxonomy and common lexicon that describes cybersecurity work and workers irrespective of where or for whom the work is performed…” and is … “intended to be applied in the public, private, and academic sectors.” In other words, NICE has already done the heavy lifting of codifying the wide spectrum of cybersecurity roles, tasks, skills, knowledge and abilities into a standard language. Many “Security-first” organizations I work with are already putting NICE into practice. Though many of them will admit it’s not an easy undertaking, NICE has already become the standard for top academic cybersecurity programs and the organizations eager to hire their graduates. But NICE is a standard, not a regulation. As a cornerstone of the EO, NICE framework adoption needs to be mandated, with clear, standardized enforcement and/or compliance mechanisms across public, private sector and academic institutions. And, to avoid a bureaucratic nightmare, it should be handled by a single government agency. Otherwise, adoption won’t happen fast enough to move the needle. … Starting with Managed Security Service Providers Managed security services providers (MSSPs) likely will be the first impacted by the new executive order, which requires any entity interested in pursuing government and public sector cybersecurity contracts to frame their qualifications in terms of NICE. This could translate into a fierce competitive advantage for MSSPs that have already developed an efficient way to verify their staff is up to muster with the NICE skills, knowledge and abilities. With that being the case, it makes sense to use the MSSP community as a test case for how to enforce NICE compliance. Once the kinks are worked out, the private sector can begin incorporating NICE as a benchmark for their managed security contracts. If the government agencies effectively enforce the NICE requirement with MSSPs, they can continue to scale incrementally. Higher Education Should Standardize on NICE-Aligned Experiential Learning The NICE framework advocates real-world, practical skills and abilities—a.k.a. experiential learning—and makes it clear that higher education institutions will need to make hands-on experience an integral focus of their cybersecurity programs. Many schools have already invested in on-campus cyber training and simulation facilities, called cyber ranges, that align with the guidelines outlined in NICE. The federal government can facilitate the construction of cyber ranges by offering colleges and universities government grants, no-interest loans and other financial assistance and incentives. Student work-study programs that allow students to undergo an initial, intense training phase, then work in cybersecurity roles and gain critical experience as they continue studies, would make the programs even more popular and accessible to a wider potential student population. Training the Trainers Setting up high-quality, experiential cybersecurity degree programs and cyber ranges is the easy part. The real challenge will be finding enough qualified instructors to teach cybersecurity coursework and lead simulation training sessions. The one chorus I hear loud and clear from customers across all industries—academia, large enterprises, FBSI and MSSPs—is the need for cybersecurity instructors. Workforce development programs are only as good as the instructors who teach them, and at the moment they are a painfully scarce resource. There isn’t much point in drumming up interest among students and mid-career pros in retraining if there aren’t enough teachers to lead the courses. Therefore, to support the EO, the government should take action to help establish a NICE instructor certification process for cybersecurity trainers. The NICE instructors’ course could be offered to military personnel who served in cybersecurity roles upon re-entry to civilian life. The government also could offer incentives to businesses and academic institutions that send faculty members to receive certified NICE cybersecurity instructor training. President’s Cup Cybersecurity Competition The competition included in the executive order, if it takes off, will introduce a fun, competitive, yet highly practical culture to cybersecurity skills development that is aligned with the kind of cyber range-based training we know is essential for developing skills needed for so many cyber defense roles. Ask any teacher, coach, commanding officer or anyone who has played Capture the Flag at Black Hat; competitions are an extremely effective way to motivate effort and mastery of skills. Public sector organizations can offer cash prizes, paid vacation days or any other legal incentive to employees who successfully exhibit excellent hands-on cyber defense skills. So, as validating as the EO is for an experiential learning-based approach to cybersecurity skills development and training—an approach that I evangelize on a daily basis—we’ll have to wait another three months (at least) for the secretary of Homeland Security to provide the president with a plan on how to execute the EO. My fingers are crossed. Source
  18. “The world should know that what they’re doing out here is crazy,” said a man who refused to share his passcode with police. As police now routinely seek access to people’s cellphones, privacy advocates see a dangerous erosion of Americans’ rights, with courts scrambling to keep up. William Montanez is used to getting stopped by the police in Tampa, Florida, for small-time traffic and marijuana violations; it’s happened more than a dozen times. When they pulled him over last June, he didn’t try to hide his pot, telling officers, "Yeah, I smoke it, there's a joint in the center console, you gonna arrest me for that?" They did arrest him, not only for the marijuana but also for two small bottles they believed contained THC oil — a felony — and for having a firearm while committing that felony (they found a handgun in the glove box). Then things got testy. As they confiscated his two iPhones, a text message popped up on the locked screen of one of them: “OMG, did they find it?” The officers demanded his passcodes, warning him they’d get warrants to search the cellphones. Montanez suspected that police were trying to fish for evidence of illegal activity. He also didn’t want them seeing more personal things, including intimate pictures of his girlfriend. So he refused, and was locked up on the drug and firearms charges. William Montanez Five days later, after Montanez was bailed out of jail, a deputy from the Hillsborough County Sheriff’s Office tracked him down, handed him the warrants and demanded the phone passcodes. Again, Montanez refused. Prosecutors went to a judge, who ordered him locked up again for contempt of court. “I felt like they were violating me. They can’t do that,” Montanez, 25, recalled recently. "F--- y’all. I ain’t done nothing wrong. They wanted to get in the phone for what?” He paid a steep price, spending 44 days behind bars before the THC and gun charges were dropped, the contempt order got tossed and he pleaded guilty to a misdemeanor pot charge. And yet he regrets nothing, because he now sees his defiance as taking a stand against the abuse of his rights. “The world should know that what they’re doing out here is crazy,” Montanez said. The police never got into his phones. While few would choose jail, Montanez’s decision reflects a growing resistance to law enforcement’s power to peer into Americans’ digital lives. The main portals into that activity are cellphones, which are protected from prying eyes by encryption, with passcodes the only way in. As police now routinely seek access to people’s cellphones, privacy advocates see a dangerous erosion of Americans’ rights, with courts scrambling to keep up. “It’s becoming harder to escape the reach of police using technology that didn’t exist before,” said Riana Pfefferkorn, the associate director of surveillance and cybersecurity at the Center for Internet and Society at Stanford Law School. “And now we are in the position of trying to walk that back and stem the tide.” While courts have determined that police need a warrant to search a cellphone, the question of whether police can force someone to share a passcode is far from settled, with no laws on the books and a confusing patchwork of differing judicial decisions. Last month, the Indiana Supreme Court heard arguments on the issue. The state supreme courts in Pennsylvania and New Jersey are considering similar cases. As this legal battle unfolds, police keep pursuing new ways of breaking into cellphones if the owners don’t cooperate — or are enlisting help from technology firms that can do it for them. This has put them at odds with cellphone makers, all of whom continually update their products to make them harder for hackers or anyone else to break into. But the hacking techniques are imperfect and expensive, and not all law enforcement agencies have them. That is why officials say compelling suspects to unlock their cellphones is essential to police work. Making the tactic more difficult, they say, would tilt justice in favor of criminals. “It would have an extreme chilling effect on our ability to thoroughly investigate and bring many, many cases, including violent offenses,” said Hillar Moore, the district attorney in East Baton Rouge, Louisiana, who got the FBI’s help in breaking into a cellphone belonging to a suspect in a deadly Louisiana State University fraternity hazing ritual. “It would basically shut the door.” Clashes over passcodes In the part of Florida where Montanez lives, authorities are guided by a case involving an upskirt photo. A young mother shopping at a Target store in Sarasota in July 2014 noticed a man taking a picture of her with his phone while crouching on the floor. She confronted him. He fled. Two days later, police arrested Aaron Stahl and charged him with video voyeurism. Authorities got a search warrant for Stahl’s iPhone, but he wouldn’t give them the passcode, citing his Fifth Amendment right not to incriminate himself. A trial judge ruled in his favor, but a state appellate court reversed the decision in December 2016, saying Stahl had to provide the code. Facing the possibility of getting convicted at trial and sentenced to prison, Stahl agreed to plead no contest in exchange for probation. While Stahl did not provide the passcode in the end, prosecutors still rely on the precedent established by the appellate ruling to compel others to turn over their passcodes under the threat of jail. “Up until that point you could be a pedophile or a child pornogropher and carry around the fruits of your crime in front of law enforcement officers, prosecutors and judges and taunt them with fact that they couldn’t get the passcode,” said Cynthia Meiners, who prosecuted Stahl at the 12th Judicial Circuit State’s Attorney’s Office. “You could say, ‘I’m a child pornographer and it’s on my phone but I’m not giving you my passcode because I would be incriminating myself.’” But that ruling only holds in a few counties of Florida. Elsewhere in the country, skirmishes remain unresolved. In Indiana, police officials are trying to force a woman to share her passcode as they investigate her for harassment, saying she was making it impossible for them to obtain key evidence. The woman’s lawyer says authorities haven’t said what evidence they think is in the phone, raising concerns about a limitless search. Her appeals reached the state Supreme Court, whose ruling could influence similar cases around the country. Attorneys general in eight other states filed a brief in support of the police, warning against a ruling that “drastically alters the balance of power between investigators and criminals.” The stakes are similar in New Jersey, where a sheriff’s deputy accused of tipping off drug dealers to police activities has refused to hand over passcodes to his iPhones. The state Supreme Court agreed in May to hear the case. These clashes aren’t limited to the use of passcodes. Police have also tried to force people to open phones through biometrics, such as thumbprints or facial recognition. Legal experts see the Fifth Amendment argument against self-incrimination as more of a stretch in those cases. The law has generally been interpreted as protecting data that someone possesses — including the contents of their mind, such as passcodes — but not necessarily their physical traits, such as thumbprints. Still, some judges have refused to sign warrants seeking permission to force someone to unlock their phone using their face or finger. The rules on compelled decryption are more lenient at the U.S. border, where federal agents have given themselves wide authority to search the phones of people entering the country ─ and have reportedly spent hundreds of thousands of dollars on third-party hacking tools. “Depending on where you are in the country, there is different case law on what police can do,” said Andrew Crocker, a senior staff attorney at the Electronic Frontier Foundation, a civil liberties nonprofit. In some states, there is no authoritative court ruling, leaving law enforcement authorities to decide for themselves. Virginia falls into that category. Bryan Porter, the prosecutor in the city of Alexandria, said he has told local police it’s OK to try to force someone under the threat of jail to open a cellphone by thumbprint or face. But demanding a password seems to go too far, he said. Criminals shouldn’t be able to inoculate themselves from investigations, Porter said. “But it kind of rubs me the wrong way to present a piece of paper to someone and say, ‘Give us your passcode.’” ‘What they were doing to me was illegal’ In Tampa, Florida, where Montanez was arrested last year, judges still rely on the 2016 ruling against Stahl by the Second District Court of Appeals. That is what prosecutors cited when they tried to force Montanez to give up his passcodes. But Montanez’s lawyer, Patrick Leduc, argued that, unlike Stahl’s case, police had no reason to search the phone, because it had no connection to the offenses he was charged with. The “OMG, did they find it?” text message — which turned out to be from Montanez’s mother, who owned the car and the gun in the glove box — was meaningless, Leduc said. He warned of a police “fishing expedition” in which authorities could search for anything potentially incriminating on his phone. While sitting in lockup for contempt, Montanez’s resolve not to give up his passcodes hardened. “What they were doing to me was illegal and I wasn’t going to give them their business like that,” he said. “They told me I got the key to my freedom,” he added. “But I was like, ‘F--- that.’” But the experience shook him. “I ain’t the toughest guy in the world, but I can protect myself. But it was crazy,” he said. “Bad food, fights here and there, people trying to take your food.” At the same time, the drugs and gun case against Montanez was crumbling. Laboratory tests on the suspected THC oil came back negative, voiding that felony charge and the gun charge related to it. That left prosecutors with only minor pot charges. But he remained in jail on the contempt charge while his lawyer and prosecutors negotiated a plea deal. In August 2018, after Montanez had spent more than five weeks in jail for refusing to provide the passcode, an appellate court dismissed the contempt case on a technicality. The court invited prosecutors to try again, but by then the passcode’s value had diminished. Instead, prosecutors allowed Montanez to plead no contest to misdemeanor drug charges and he was freed. When he was released, Montanez carried a notoriety that made him feel unwelcome in his own neighborhood. He noticed people looking at him differently. He was banned from his favorite bar. The police keep pulling him over, and he now fears them, he said. He finally left Tampa and lives in Pasco County, about an hour away. “Yeah, I took a stand against them,” he said. “But I lost all that time. I gotta deal with that, going to jail for no reason.” Source
  19. Techno-dem urges DHS, NSA and NIST to rid sites of buggy legacy media player content It's bug-ridden, eternally insecure, and on death row – yet Adobe Flash persists on too many US government webpages. Now Senator Ron Wyden (D-OR) wants to hear the sound of this deity-forsaken plugin torn from .gov websites, dragged behind a shed, and a single final gunshot. Regular Reg readers will remember that even Adobe has seen written the writing on the wall, and last year set 2020 as the end-of-support date for its beleaguered exploit magnet. In a letter [PDF] to NIST under-secretary Walter Copan, NSA director, US Cyber Command commander Paul Nakasone, and secretary of Homeland Security Kirstjen Neilsen, Wyden today asked the agencies to learn from Microsoft Windows XP: it's expensive to ask vendors continue fixing up out-of-support software. In other words, stop relying on it, get rid of it, and replace Flash files with HTML5. He has the NSA, DHS and NIST in his sights because those three government organizations carry “the majority of cybersecurity guidance” to the rest of Uncle Sam's agencies. Wyden wants government officials to stop creating new Flash content within 60 days, and also asks that: Agencies remove Flash content from their websites by August 2019; To aid in that effort, the DHS's “routine cyber-hygiene scans” should identify, and list for agencies, all Flash content found; and Agencies should pilot removing Flash from staff computers, starting in March 2019, ahead of expunging it by August 1, 2019. Wyden noted that US-CERT “has warned about the risks of using Flash since 2010” – making it a latecomer: the earliest Flash fsckup we can find in El Reg's archives seems to be this directory traversal horror from 2007. When the plugin falls out of support, Wyden wrote, “cybersecurity risks will only be compounded.” We couldn't agree more. Stop using Adobe Flash. Source
  20. AT&T already launched its initial mobile 5G network in parts of 12 U.S. cities last December, but it’s now preparing for full nationwide coverage — a dauntingly large task that its millimeter wave small cells won’t be able to handle alone. This morning, the carrier revealed that it will “offer nationwide 5G coverage with our lower band spectrum,” specifically the sub-6GHz frequencies discussed in our interview with AT&T VP Gordon Mansfield yesterday. Above: Netgear's Nighthawk 5G Mobile Hotspot is the first AT&T mobile 5G device, and already available for purchase. While the announcement isn’t entirely surprising given that AT&T began to distinguish between “5G” and “5G+” in December, noting that it planned to call high-speed millimeter wave service “5G+” and offer it only in select high-traffic areas, this is the first official confirmation that AT&T’s nationwide 5G network will rely upon aggregating lower-bandwidth radio signals, which spread more widely from larger towers. Rival T-Mobile has similarly said that it will use low-bandwidth towers for its nationwide 5G network, while Verizon has focused largely on “true 5G” using high-capacity millimeter wave spectrum. Even so, all of the carriers will eventually rely upon more than one radio band to provide 5G service. Each carrier is expected to convert some of its existing LTE spectrum into 5G spectrum, though there’s a substantial likelihood of a speed penalty for doing so — enough that there could be a noticeable performance gap between millimeter wave and sub-6GHz 5G networks. AT&T specifically says that it plans to “begin deploying that lower band spectrum in the second half of this year,” suggesting that the allocation of some existing LTE spectrum for 5G will happen sooner rather than later, supporting an already announced Samsung sub-6GHz smartphone. In the transition from 4G to 5G, AT&T says that it has brought two interim technologies into more markets than expected: 1Gbps LTE-LAA is now in parts of 55 cities, with its controversially named “5G Evolution” or “5G E” — actually just 4G LTE-Advanced — in over 400 markets, offering roughly 400Mbps speeds on select 4G devices. Towers with the 5G E hardware will be capable of flipping to actual 5G service in the near future, but until then will confuse 4G users into believing that they’re using 5G technologies. AT&T also said that it is expanding its agreement with AR purveyor Magic Leap to include business solutions, including manufacturing, retail, and health care applications. Magic Leap’s current-generation hardware has no cellular hardware, but the company is expected to offer a 5G version in the future, in partnership with AT&T. Source
  21. It'll only be available in Korea. Samsung is making 5G versions of both the Galaxy Note 10 and Galaxy Note 10 Plus, but only the latter version is coming to the US, according to a graphic spotted by The Verge. Meanwhile, a smaller 6.3-inch Galaxy Note 10 5G will definitely be built, but it will launch exclusively in Korea. It's not clear why Samsung is doing this, given that the Galaxy Note 10 Plus 5G model that is coming to the US will work on all the major carriers, starting with Verizon. It might come down to different components, as the Korean versions of the Note 10 will likely pack Exynos 9825 rather than Snapdragon 855 chips, which could affect the modem choices. More likely, Samsung is offering the phone as a perk to its home customers in a nation that already has well over two million 5G subscribers. In the US, meanwhile, the mmWave 5G rollout is proceeding glacially and only works well if you stand in very specific spots in major cities. Source
  22. The school district has been relying on virtual classes to teach students during the pandemic. But it decided to cancel classes today, citing a ransomware attack, which has shut down the district's IT systems. No school due to a ransomware attack? On Wednesday, a Maryland school district said it was canceling all classes precisely because of that. A ransomware strain has taken out the IT systems at Baltimore County Public Schools, which serves more than 11,500 students. “Due to issues with our network, all Baltimore County Public Schools and offices will be closed today,” the district said over Twitter. The school system has been relying on remote learning to teach students at home during the pandemic. However, the ransomware attack has shut down the district’s website, in addition to the email and grading system, according to The Baltimore Sun. “Everything was impacted,” the district’s chief of staff Mychael Dickerson told the newspaper. “It’s extensive enough that we made this decision. We knew it wouldn’t be a quick fix.” Ransomware attacks usually work by seeking out computers across the victim’s network and then encrypting all the information inside. So as a precaution, the local teacher’s association has been telling its educators to turn off all their computers. The goal of the attack is to then force the victim to pay up, usually in Bitcoin. And in some cases, the ransom demand can reach well into the six figures. However, it’s unclear whether Baltimore County Public Schools has received a ransom note yet, or if it’ll pay up. The Baltimore County Government also commented on the attack, saying it hasn't been affected. "We do not have any reason to believe that Baltimore County Government systems have been compromised, but the County’s Information Technology team is closely inspecting our network and all devices out of an abundance of caution, and has put in place additional security measures," the government said in a statement. In the meantime, the school district’s technology team is working to restore the affected systems. Baltimore County Public Schools says it’s the 25th largest school district in the country. Source
  23. More scrutiny for the Chinese company The United States has opened a national security review into TikTok’s parent company over its acquisition of social media app Musical.ly, Reuters reports. In 2017, China-based TikTok owner Beijing ByteDance Technology bought up the popular American lip-syncing app — and its user base — for $1 billion. Last year, the app was fully rebranded as part of TikTok. But in the time since the deal closed, TikTok has faced substantial pressure from US lawmakers who have questioned how the company moderates its political content and stores its user data. In a letter last month, Sen. Marco Rubio (R-FL) called for an investigation into the company, writing that “Chinese-owned apps are increasingly being used to censor content and silence open discussion on topics deemed sensitive by the Chinese Government and Community Party.” The letter followed reports that TikTok was censoring political content that was offensive to the Chinese government. (The company has said its moderation decisions are based in the US and “are not influenced by any foreign government.”) Rubio’s note was followed by one from Sens. Tom Cotton (R-AR) and Chuck Schumer (D-NY) also calling for a review. According to Reuters, the US has now launched such a review through the Committee on Foreign Investment in the United States, or CFIUS, which is responsible for reviewing deals with national security implications. The news service reports that TikTok did not go through a CFIUS review when it made the Musical.ly acquisition, and are in talks about national security concerns now. The investigation is the latest hurdle for the company, which has dealt with intense scrutiny as the tech industry as a whole faces renewed questions about Chinese censorship online. Last month, in one notable example, Apple was criticized for pulling an app used by pro-democracy protestors in Hong Kong. “While we cannot comment on ongoing regulatory processes, TikTok has made clear that we have no higher priority than earning the trust of users and regulators in the US,” a company spokesperson told The Verge in a statement. “Part of that effort includes working with Congress and we are committed to doing so.” Source: US launches national security review of TikTok, Reuters reports (via The Verge)
  24. Facebook tried to block the referral but today an influential advisor to Europe’s top court has issued a legal opinion that could have major implications for the future of the EU-US Privacy Shield personal data transfer mechanism. It’s a complex opinion, dealing with a fundamental clash of legal priorities around personal data in the EU and US, which does not resolve question marks hanging over the legality of Privacy Shield . The headline take-away is that a different data transfer mechanism which is also widely used by businesses to transfer personal data out of the EU — so called Standard Contractual Clauses (SCCs) — has been deemed legally valid by the court advisor. However the advocate general to the Court of Justice of the European Union (CJEU) is also at pains to emphasize the “obligation” of data protection authorities to step in and suspend such data transfers if they are being used to send EU citizens’ data to a place where their information cannot be adequately protected. So while SCCs look safe — as a data transfer mechanism — per this opinion, it’s a reminder that EU data protection agencies have a duty to be on top of regulating how such tools are used. The reason the case was referred to the CJEU was a result of Ireland’s Data Protection Commission not acting on a complaint to suspend Facebook’s use of SCCs. So one view that flows from the opinion is the DPC should have done so — instead of spending years on an expensive legal fight. The backstory to the legal referral is long and convoluted, involving a reformulated data protection complaint filed with the Irish DPC by privacy campaigner and lawyer Max Schrems challenging Facebook’s use of SCCs. His earlier legal action, in the wake of the 2013 disclosures of US government mass surveillance programs by NSA whistleblower Edward Snowden, led to Privacy Shield’s predecessor, Safe Harbor, being struck down by the CJEU in 2015. On the SCCs complaint Schrems prevailed in the Irish courts but instead of acting on his request to order Facebook to suspend its SCC data flows, Ireland’s data protection watchdog took the unusual step of filing a lawsuit pertaining to the validity of the entire mechanism. Irish courts then referred a number of legal questions to the CJEU — including looping in the wider issue of the legality of Privacy Shield. It’s on those questions that the AG has now opined. It’s worth noting that the advocate general’s opinion is not binding on the CJEU — which will issue a ruling on the case next year. Although the court does tend to follow such opinions so it’s a strong indicator of the likely direction of travel. The opinion, by advocate general Henrik Saugmandsgaard Øe, takes the view that the use of SCCs for the transfer of personal data to a third country — i.e. a country outside the EU that does not have a bilateral trade agreement with the bloc — is valid. However, as noted above, the AG puts the onus on data authorities to act in instances where obligations to protect EU citizens’ data under the mechanism come into conflict with privacy-hostile laws outside the EU, such as government mass surveillance programs. “[T[here is an obligation — placed on the data controllers and, where the latter fail to act, on the supervisory authorities — to suspend or prohibit a transfer when, because of a conflict between the obligations arising under the standard clauses and those imposed by the law of the third country of destination, those clauses cannot be complied with,” the CJEU writes in a press release on the opinion. In a first reaction, Schrems highlights this point — writing: “The advocate general is now telling the Irish Data Protection Authority again to just do its job… After all the Irish taxpayer may have to pay up to €10M in legal costs, for the DPC delaying this case in the interest of Facebook. “The opinion makes clear that DPC has the solution to this case in her own hands: She [Helen Dixon] can order Facebook to stop transfers tomorrow. Instead, she turned to the CJEU to invalidate the whole system. It’s like screaming for the European fire brigade, because you don’t know how to blow out a candle yourself.” We’ve reached out to the Irish DPC and to Facebook for comment on the AG’s opinion. “At the moment, many data protection authorities simply look the other way when they receive reports of infringements or simply do not deal with complaints. This is a huge step for the enforcement of the GDPR [the General Data Protection Regulation],” Schrems also argues. Luca Tosoni, a research fellow at the Norwegian Research Center for Computers and Law at the University of Oslo, suggests that the likelihood of EU DPAs suspending SCC personal data transfers to the US will “depend on the Court’s ultimate take on the safeguards surrounding the access to the transferred data by the United States intelligence authorities and the judicial protection available to the persons whose data are transferred”. “The disruptive effect of a suspension of SCCs, even if partial and just for the U.S., is likely to be substantial,” he argues. “SCCs are widely used for the transfer of personal data outside the EU. They are probably the most used data transfer mechanism, including for transfers to the U.S. Thus, even a partial suspension of the SCCs would force a significant number of organizations to explore alternative mechanisms for their transfers to the U.S. “However, the alternatives are limited and often difficult to apply to large-scale transfers, the main ones being the derogations allowing transfers with the consent of the data subject or necessary for the performance of a contract. These are unlikely to be suitable for all transfers currently taking place in accordance with SCCs.” “In practice, the degree of disruption is likely to depend on the timing and duration of the suspension,” he adds. “Any suspension or other finding that data transfers to the U.S. are problematic is likely to speed up the modernization of SCCs that the European Commission is already working on but it is unclear how long it would take for the Commission to issue new SCCs. “When the Court invalidated the Safe Harbor, it took several months for the Commission to adopt the Privacy Shield and amend the existing SCCs to take into account the Court’s judgment.” On Privacy Shield — a newer data transfer mechanism which the European Commission claims fixes the legal issues with its predecessor — Saugmandsgaard Øe’s opinion includes some lengthy reasoning that suggests otherwise and certainly does not clear up questions around the mechanism’s legality which arise as a result of US laws that allow the state to harvest personal data for national security purposes, thereby conflicting with EU privacy rights. Per the CJEU press release, the AG’s opinion sets out a number of reasons which it says “lead him to question the validity of the ‘privacy shield’ decision in the light of the right to respect for private life and the right to an effective remedy”. The flagship mechanism is now used by more than 5,000 entities to authorize EU-US personal data transfers. Should it be judged invalid by the court there would be a massive scramble for businesses to find alternatives. It remains to be seen how the court will handle these questions. But Privacy Shield remains subject to direct legal challenge — so there are other opportunities for it to weigh in, even if CJEU judges avoids doing so in this case. Schrems clearly hopes they will weigh in soon, skewering Privacy Shield in his statement — where he writes: “After the ‘Safe Harbor’ judgment the European Commission deliberately passed an invalid decision again — knowing that it will take two or three years until the Court will have a chance to invalidate it a second time. It will be very interesting to see if the Court will take this issue on board in the final decision or wait for another case to reach the court.” “I am also extremely happy that the AG has taken a clear view on the Privacy Shield Ombudsperson. A mere ‘postbox’ at the foreign ministry of the US cannot possibly replace a court, as required under the first judgement by the Court,” he adds. He does take issue with the AG’s opinion in one respect — specifically its reference to what he dubs “surveillance friendly case law” under the European Convention on Human Rights — instead of what he couches as “the clear case law of the Court of Justice”. “This is against any logic… I am doubtful that the [CJEU] judges will join that view,” he suggests. The court typically hands down a judgement between three and six months after an AG opinion — so privacy watchers will be readying their popcorn in 2020. Meanwhile, for thousands of businesses, the legal uncertainty and risk of future disruption should Privacy Shield come unstuck goes on. Update: The Irish DPC has now responded to the opinion saying it welcomes the “clarity and analysis”. Head of communications, Graham Doyle, sent us this statement: The DPC welcomes the publication of the AG’s opinion. The opinion illustrates the levels of complexity associated with the kinds of issues that arise when EU data protection laws interact with the laws of third countries, to include the laws of the United States. Equally, the opening section of the opinion recognises the significant tensions that arise between, on the one hand, the need to show pragmatism, and on the other, “the need to assert the fundamental values recognised in the legal orders of the Union and its member states, and in particular, the Charter”. Some of the points of complexity engaged here go to matters of substance. To take just three examples: does EU law apply at all when data subject’s personal data is processed by public authorities in a third country (the AG believes it does); do US laws and practices facilitate interferences with the data protection rights of individuals that are incompatible with EU law (they do, in the view of the AG); and are those problems cured by Privacy Shield (no, in the opinion of the AG). Separately, the opinion notes that, in individual cases, the standard contractual clauses likewise may not provide an answer to the problems that arise when data transfers bring EU citizens’ data within the remit of US public authorities. At this point, procedural complexities also come into view. Specifically, who should intervene when, in the context of an individual transfer, the level of protection demanded by EU law cannot be maintained? Here, whilst acknowledging its imperfections, and the practical difficulties it presents, and notwithstanding the risk of fragmentation amongst supervisory authorities within the member states, the AG concludes that the approach settled upon by the EU in the context of the SCCs strikes an appropriate balance between pragmatism and principle. That approach is one in which responsibility for ensuring the protection of the data protection rights of EU citizens rests with controllers in the first instance and, in the view of the AG, with national supervisory authorities where a controller fails to discharge its obligations. Whilst noting that these issues are yet to be determined by the Court, the DPC welcomes the clarity of the analysis contained in the AG’s opinion. Facebook has also now sent us a statement, attributed to associate general counsel, Jack Gilbert: We are grateful for the Advocate General’s opinion on these complex questions. Standard Contractual Clauses provide important safeguards to ensure that Europeans’ data are protected once transferred overseas. SCCs have been designed and endorsed by the European Commission and enable thousands of Europeans to do business worldwide. We look forward to the final decision from the CJEU. Source
  25. US may subsidize Huawei alternatives with proposed $1.25 billion fund Democrats and Republicans pitch $1.25 billion fund to boost non-Huawei 5G tech. Enlarge / Huawei sign displayed at CES 2020 in Las Vegas on Wednesday, Jan. 8, 2020. Getty Images | Bloomberg The US government should spend at least $1.25 billion "to invest in Western-based alternatives to Chinese equipment providers Huawei and ZTE," a bipartisan group of six US senators said yesterday. The senators submitted legislation called the Utilizing Strategic Allied (USA) Telecommunications Act to make that happen, arguing that the US must counter the Chinese government's investments in the telecom sector. The money would come from spectrum-auction proceeds, and the $1.25 billion in grants would be spread out over 10 years. The money would support development of new 5G technology, with a focus on equipment that complies with open standards to ensure "multi-vendor network equipment interoperability." The senators' announcement said: Heavily subsidized by the Chinese government, Huawei is poised to become the leading commercial provider of 5G, with far-reaching effects for US economic and national security. With close ties to the Communist Party of China, Chinese state-directed technology companies present unacceptable risks to our national security and to the integrity of information networks globally. However, US efforts to convince foreign partners to ban Huawei from their networks have stalled amid concerns about a lack of viable, affordable alternatives. The senators who sponsored the legislation are Mark R. Warner (D-Va.); Richard Burr (R-N.C.); Bob Menendez (D-N.J.); Marco Rubio (R-Fla.); Michael Bennet (D-Colo.); and John Cornyn (R-Texas). Burr and Warner are the chair and vice chair of the Senate Select Committee on Intelligence, while Cornyn, Rubio, and Bennet are members of that committee. Menendez is ranking member of the Senate Foreign Relations Committee, and Rubio is also a member of the Foreign Relations Committee. "Every month that the US does nothing, Huawei stands poised to become the cheapest, fastest, most ubiquitous global provider of 5G, while US and Western companies and workers lose out on market share and jobs," Warner said. Burr said it would be "disastrous if Huawei, a company that operates at the behest of the Chinese government, military, and intelligence services, is allowed to take over the 5G market unchecked." Two funds The senators' bill would create a Public Wireless Supply Chain Innovation Fund of at least $750 million and a Multilateral Telecommunications Security Fund of at least $500 million. The $750 million fund would be administered by the National Telecommunications and Information Administration (NTIA), but the Federal Communications Commission and other agencies would help establish criteria for awarding grants. Those grants would pay for research into software, hardware, and microprocessor technology "that will enhance competitiveness" in 5G "and successor wireless technology supply chains." This fund would also support "development and deployment of open interface standards-based compatible, interoperable equipment," including equipment that meets the Open Radio Access Network standard (O-RAN). Individual grants could be as high as $20 million each. The senators said they want to support O-RAN to "allow for alternative vendors to enter the market for specific network components, rather than having to compete with Huawei end-to-end." The $500 million multilateral fund would be administered by the Secretary of State and focus on projects involving the United States and other countries. The Secretary of State would have to strike "agreement(s) with foreign government partners" to fund projects that "support the development and adoption of secure and trusted telecommunications technologies." Under this plan, the US would try to get funding commitments from countries involved in the proposed joint projects. “Race” to 5G? The senators said these funds will help the US win "the race for 5G." The Federal Communications Commission's Republican majority has repeatedly cited the "race to 5G" as justification for eliminating federal rules and preempting municipal regulations that cover deployment of wireless equipment in US cities and towns. Whether there is actually a "race" between the US and China when it comes to deploying 5G to each country's residents is debatable. The US switching from 4G to 5G slightly later than China wouldn't prevent the US from getting the benefits of 5G, such as they are: carriers admit that 5G networks based on millimeter-wave frequencies won't come close to covering the whole US and that 5G on lower-frequency bands will only be slightly faster than 4G. Moreover, the US faces more pressing problems because many rural areas don't even have consistent 4G access, and most US homes lack fiber broadband. Fiber, in addition to providing high-speed home Internet, is crucial for supplying bandwidth to 5G networks. But ISPs don't want to spend the money to deploy nationwide fiber, and the FCC's planned $20 billion rural-broadband fund will pay ISPs to deploy either fiber or services that are much slower and come with restrictive data caps. But for both mobile and home broadband networks, expanding alternatives to Huawei and ZTE network gear is important for meeting the US government's goal of phasing out Chinese telecom equipment. That's particularly true for small, rural ISPs that have relied on the Chinese companies' offerings. The FCC in November voted unanimously to ban Huawei and ZTE equipment in projects paid for by the FCC's Universal Service Fund (USF), saying the equipment could have backdoors installed at the behest of the Chinese government. This ban affects only future projects and the use of federal funding to maintain existing equipment, but the FCC may also eventually require removal of Huawei and ZTE gear from networks that have already been built. Huawei has sued the FCC in an attempt to overturn the ban, saying the commission "fail[ed] to substantiate its arbitrary findings with evidence or sound reasoning or analysis." How carriers, particularly small carriers, will pay for a move away from Chinese equipment is an open question. The FCC is seeking public comment on how to pay for removing and replacing the equipment. The new bill for 5G research doesn't allocate funding directly toward replacing Chinese equipment in current networks, but senators said the bill "create(s) a transition plan for the purchase of new equipment by carriers that will be forward-compatible with forthcoming O-RAN equipment so small and rural carriers are not left behind." If the bill passes, recipients of FCC grants for replacing Chinese equipment with new 5G technology would have to submit plans outlining how they will switch to standards-based equipment. Source: US may subsidize Huawei alternatives with proposed $1.25 billion fund (Ars Technica)
  • Create New...