US removes Xiaomi’s designation as a Communist Chinese Military Company

Xiaomi, one of China’s high-profile tech firms that fell in the crosshairs of the Trump administration, has been removed from a U.S. government blacklist that designated it as a Communist Chinese Military Company.

The U.S. District Court for the District of Columbia has vacated the Department of Defence’s designation of Xiaomi as a CCMC in January, a document filed on May 25 shows.

In February, Xiaomi sued the U.S. government over its inclusion in the military blacklist. In March, the D.C. court granted Xiaomi a preliminary injunction against the DoD designation, which would have forbidden all U.S. persons from purchasing or possessing Xiaomi’s securities, saying the decision was “arbitrary and capricious.” The ruling was made to prevent “irreparable harm” to the Chinese phone maker.

Xiaomi has this to say about getting off the blacklist:

The Company is grateful for the trust and support of its global users, partners, employees and shareholders. The Company reiterates that it is an open, transparent, publicly traded, independently operated and managed corporation. The Company will continue to provide reliable consumer electronics products and services to users, and to relentlessly build amazing products with honest prices to let everyone in the world enjoy a better life through innovative technology.

Xiaomi’s domestic competitor Huawei is still struggling with its inclusion in the U.S. trade blacklist, which bans it from accessing critical U.S. technologies and has crippled its smartphone sales around the world.

#asia, #china, #gadgets, #government, #telecommunications, #trump-administration, #u-s-government, #united-states, #xiaomi

0

US towns are buying Chinese surveillance tech tied to Uighur abuses

At least a hundred U.S. counties, towns, and cities have bought China-made surveillance systems that the U.S. government has linked to human rights abuses, according to contract data seen by TechCrunch.

Some municipalities have spent tens of thousands of dollars or more to buy surveillance equipment made by two Chinese technology companies, Hikvision and Dahua, after the companies were added to the U.S. government’s economic backlist in 2019 after the companies were linked to China’s ongoing efforts to suppress ethnic minorities in Xinjiang, where most Uighur Muslims live. Congress also banned U.S. federal agencies from buying new Hikvision and Dahua technology or renewing contracts over fears that it could help the Chinese government to conduct espionage.

But those federal actions broadly do not apply at the state and city level, allowing local governments to buy these China-made surveillance systems — including video cameras and thermal imaging scanners — largely uninhibited, so long as federal funds are not used to buy the equipment.

Details of the contracts were provided by GovSpend, which tracks federal and state government spending, to TechCrunch via IPVM, a leading news publication on video surveillance, which has followed the Hikvision and Dahua bans closely.

The biggest spender, according to the data and as previously reported by IPVM, showed that the Board of Education in Fayette County, Georgia spent $490,000 in August 2020 on dozens of Hikvision thermal cameras, used for temperature checks at its public schools.

A statement provided by Fayette County Public Schools spokesperson Melinda Berry-Dreisbach said the cameras were purchased from its longtime security vendor, authorized dealer for Hikvision. The statement did not address whether the Board of Education was aware of Hikvision’s links to human rights abuses. Berry-Dreisbach did not respond to our follow-up questions.

IPVM research found many thermal scanners, including Hikvision and Dahua models, produced inaccurate readings, prompting the U.S. Food and Drug Administration to issue a public health alert warning that misreported readings could present “potentially serious public health risks.”

Nash County in North Carolina, which has a population of 95,000 residents, spent more than $45,000 between September and December 2020 to buy Dahua thermal cameras. County Manager Zee Lamb forwarded emails that confirmed the purchases and that the gear was deployed at the county’s public schools, but did not comment.

The data also shows that the Parish of Jefferson in Louisiana, which includes part of the city of New Orleans, spent $35,000 on Hikvision surveillance cameras and video storage between October 2019 and September 2020. A parish spokesperson did not comment.

Only one municipality we contacted addressed the links between the technology they bought and human rights abuses. Kern County in California spent more than $15,000 on Hikvision surveillance cameras and video recording equipment in June 2020 for its probation department offices. The contract data showed a local vendor, Tel Tec Security, supplied the Hikvision technology to the county.

Ryan Alsop, chief administrative officer for Kern County, said he was “not familiar at all with the issues you’re referencing with regard to Hikvision,” when asked about Hikvision’s links to human rights abuses.

“Again, we didn’t contract with Hikvision, we contracted with Tel Tec Security,” said Alsop.

Kern County spent more than $15,000 on Hikvision equipment at its county probation service offices. (Data: GovSpend/supplied)

A spokesperson for the City of Hollywood in Florida, which spent close to $30,000 on Hikvision thermal cameras, said the Chinese technology maker “was the only major manufacturer with a viable solution that was ready for delivery; would serve the defined project scope; and was within the project budget.” The cameras were used to take employees’ body temperatures to curb the spread of COVID-19. The spokesperson did not address the links to human rights abuses but noted that the federal ban did not apply to the city.

Maya Wang, a senior researcher at Human Rights Watch, said a lack of privacy regulations at the local level contributed to municipalities buying this technology.

“One of the problems is that these kinds of cameras, regardless of the country of origin and regardless of whether or not they’re even linked to human rights abuses, have been introduced to various parts of the country — especially at state and city levels — without any kind of regulation to ensure that they comply with privacy standards,” said Wang in a call. “There is, again, no kind of regulatory framework to vet the companies based on their track record, whether or not they have abused human rights in their practices, such that we can evaluate or choose better companies, and encourage the ones with better privacy protections to win, essentially.”

Chief among the U.S. government’s allegations are that Beijing has relied heavily on Hikvision, Dahua, and others to supply the surveillance technology it uses to monitor the Uighur population as part of the government’s ongoing efforts to suppress the ethnic group, which it has repeatedly denied.

United Nations watchdogs say Beijing has detained more than a million Uighurs in internment camps in recent years as part of these efforts, which led to the U.S. blacklisting of the two surveillance technology makers.

In adding the companies to the government’s economic blacklist, the Commerce Department said Hikvision and Dahua “have been implicated in human rights violations and abuses in the implementation of China’s campaign of repression, mass arbitrary detention, and high-technology surveillance against Uighurs, Kazakhs, and other members of Muslim minority groups.” The Biden administration called the human rights abuses a “genocide.”

IPVM has also reported extensively on how the companies’ surveillance technology has been used to suppress the Uighurs. Dahua was found to have race detection in its code for providing “real-time Uighur warnings” to police.

Earlier this year, the Thomson Reuters Foundation found half of London’s councils and the largest 20 U.K. cities were using the technology linked to Uighur abuses. The Guardian also found that Hikvision surveillance technology was used in U.K. schools.

When reached, Dahua pointed to a blog post with a statement, and claimed that “contrary to some reporting in the media, our company has never developed any technology or solution that seeks to target a specific ethnic group.” The statement added: “Claims to the contrary are simply false and we are aware of no evidence that has ever been put forward to support such claims.”

Hikvision did not respond to a request for comment.


Send tips securely over Signal and WhatsApp to +1 646-755-8849. You can also send files or documents using our SecureDrop. Learn more

#china, #dahua, #government, #hikvision, #human-rights, #privacy, #security, #surveillance, #u-s-government

0

UK gov’t triggers national security scrutiny of Nvidia-Arm deal

The UK government has intervened to trigger public interest scrutiny of chipmaker’s Nvidia’s planned to buy Arm Holdings.

The secretary of state for digital issues, Oliver Dowden, said today that the government wants to ensure that any national security implications of the semiconductor deal are explored.

Nvidia’s $40BN acquisition of UK-based Arm was announced last September but remains to be cleared by regulators.

The UK’s Competition and Markets Authority (CMA) began to solicit views on the proposed deal in January.

Domestic opposition to Nvidia’s plan has been swift, with one of the original Arm co-founders kicking off a campaign to ‘save Arm’ last year. Hermann Hauser warned that Arm’s acquisition by a U.S. entity would end its position as a company independent of U.S. interests — risking the U.K.’s economic sovereignty by surrendering its most powerful trade weapon.

The intervention by Department of Digital, Media, Culture and Sport (DCMS) — using statutory powers set out in the Enterprise Act 2002 — means the competition regulator has been instructed to begin a phase 1 investigation.

The CMA has a deadline of July 30 to submit its report to the secretary of state.

Commenting in a statement, Dowden said: “Following careful consideration of the proposed takeover of ARM, I have today issued an intervention notice on national security grounds. As a next step and to help me gather the relevant information, the UK’s independent competition authority will now prepare a report on the implications of the transaction, which will help inform any further decisions.”

“We want to support our thriving UK tech industry and welcome foreign investment but it is appropriate that we properly consider the national security implications of a transaction like this,” he added.

At the completion of the CMA’s phase 1 investigation Dowden will have an option to clear the deal, i.e. if no national security or competition concerns have been identified; or to clear it with remedies to address any identified concerns.

He could also refer the transaction for further scrutiny by instructing the CMA to carry out an in-depth phase 2 investigation.

After the phase 1 report has been submitted there is no set period when the secretary of state must make a decision on next steps — but DCMS notes that a decision should be made as soon as “reasonably practicable” to reduce uncertainty.

While Dowden’s intervention has been made on national security grounds, additional concerns have been raised about impact of an Nvidia take-over of Arm — specifically on U.K. jobs and on Arm’s open licensing model.

Nvidia sought to address those concerns last year, claiming it’s committed to Arm’s licensing model and pledging to expand the Cambridge, UK offices of Arm — saying it would create “a new global center of excellence in AI research” at the UK campus.

However it’s hard to see what commercial concessions could be offered to assuage concern over the ramifications of an Nvidia-owed Arm on the UK’s economic sovereignty. That’s because it’s a political risk, which would require a political solution to allay, such as at a treaty level — something which isn’t in Nvidia’s gift (alone) to give.

National security concerns are a rising operational risk for tech companies involved in the supply of cutting edge infrastructure, such as semiconductor design and next-gen networks — where a relative paucity of competitors not only limits market choice but amps up the political calculations.

Proposed mergers are one key flash point as market consolidation takes on an acute politico-economic dimension.

However tech companies’ operations are being more widely squeezed in the name of national security — such as, in recent years, the U.S. government’s attacks on China-based 5G infrastructure suppliers like Huawei, with former president Trump seeking to have the company barred from supplying next-gen networks not only within the U.S. but to national networks of Western allies.

Nor has (geo)political pressure been applied purely over key infrastructure companies in recent years; with Trump claiming a national security justification to try and shake down the Chinese-owned social networking company, TikTok — in another example that speaks to how tech tools are being coopted into wider geopolitical power-plays, fuelled by countries’ economic and political self-interest.

#arm-holdings, #artificial-intelligence, #cambridge, #cma, #competition-and-markets-authority, #computer-security, #europe, #huawei, #ma, #national-security, #nvidia, #oliver-dowden, #security, #semiconductor, #tiktok, #trump, #u-s-government, #uk-government, #united-kingdom, #united-states

0

China’s Xpeng in the race to automate EVs with lidar

Elon Musk famously said any company relying on lidar is “doomed.” Tesla instead believes automated driving functions are built on visual recognition and is even working to remove the radar. China’s Xpeng begs to differ.

Founded in 2014, Xpeng is one of China’s most celebrated electric vehicle startups and went public when it was just six years old. Like Tesla, Xpeng sees automation as an integral part of its strategy; unlike the American giant, Xpeng uses a combination of radar, cameras, high-precision maps powered by Alibaba, localization systems developed in-house, and most recently, lidar to detect and predict road conditions.

“Lidar will provide the 3D drivable space and precise depth estimation to small moving obstacles even like kids and pets, and obviously, other pedestrians and the motorbikes which are a nightmare for anybody who’s working on driving,” Xinzhou Wu, who oversees Xpeng’s autonomous driving R&D center, said in an interview with TechCrunch.

“On top of that, we have the usual radar which gives you location and speed. Then you have the camera which has very rich, basic semantic information.”

Xpeng is adding lidar to its mass-produced EV model P5, which will begin delivering in the second half of this year. The car, a family sedan, will later be able to drive from point A to B based on a navigation route set by the driver on highways and certain urban roads in China that are covered by Alibaba’s maps. An older model without lidar already enables assisted driving on highways.

The system, called Navigation Guided Pilot, is benchmarked against Tesla’s Navigate On Autopilot, said Wu. It can, for example, automatically change lanes, enter or exit ramps, overtake other vehicles, and maneuver another car’s sudden cut-in, a common sight in China’s complex road conditions.

“The city is super hard compared to the highway but with lidar and precise perception capability, we will have essentially three layers of redundancy for sensing,” said Wu.

By definition, NGP is an advanced driver-assistance system (ADAS) as drivers still need to keep their hands on the wheel and take control at any time (Chinese laws don’t allow drivers to be hands-off on the road). The carmaker’s ambition is to remove the driver, that is, reach Level 4 autonomy two to four years from now, but real-life implementation will hinge on regulations, said Wu.

“But I’m not worried about that too much. I understand the Chinese government is actually the most flexible in terms of technology regulation.”

The lidar camp

Musk’s disdain for lidar stems from the high costs of the remote sensing method that uses lasers. In the early days, a lidar unit spinning on top of a robotaxi could cost as much as $100,000, said Wu.

“Right now, [the cost] is at least two orders low,” said Wu. After 13 years with Qualcomm in the U.S., Wu joined Xpeng in late 2018 to work on automating the company’s electric cars. He currently leads a core autonomous driving R&D team of 500 staff and said the force will double in headcount by the end of this year.

“Our next vehicle is targeting the economy class. I would say it’s mid-range in terms of price,” he said, referring to the firm’s new lidar-powered sedan.

The lidar sensors powering Xpeng come from Livox, a firm touting more affordable lidar and an affiliate of DJI, the Shenzhen-based drone giant. Xpeng’s headquarters is in the adjacent city of Guangzhou about 1.5 hours’ drive away.

Xpeng isn’t the only one embracing lidar. Nio, a Chinese rival to Xpeng targeting a more premium market, unveiled a lidar-powered car in January but the model won’t start production until 2022. Arcfox, a new EV brand of Chinese state-owned carmaker BAIC, recently said it would be launching an electric car equipped with Huawei’s lidar.

Musk recently hinted that Tesla may remove radar from production outright as it inches closer to pure vision based on camera and machine learning. The billionaire founder isn’t particularly a fan of Xpeng, which he alleged owned a copy of Tesla’s old source code.

In 2019, Tesla filed a lawsuit against Cao Guangzhi alleging that the former Tesla engineer stole trade secrets and brought them to Xpeng. XPeng has repeatedly denied any wrongdoing. Cao no longer works at Xpeng.

Supply challenges

While Livox claims to be an independent entity “incubated” by DJI, a source told TechCrunch previously that it is just a “team within DJI” positioned as a separate company. The intention to distance from DJI comes as no one’s surprise as the drone maker is on the U.S. government’s Entity List, which has cut key suppliers off from a multitude of Chinese tech firms including Huawei.

Other critical parts that Xpeng uses include NVIDIA’s Xavier system-on-the-chip computing platform and Bosch’s iBooster brake system. Globally, the ongoing semiconductor shortage is pushing auto executives to ponder over future scenarios where self-driving cars become even more dependent on chips.

Xpeng is well aware of supply chain risks. “Basically, safety is very important,” said Wu. “It’s more than the tension between countries around the world right now. Covid-19 is also creating a lot of issues for some of the suppliers, so having redundancy in the suppliers is some strategy we are looking very closely at.”

Taking on robotaxis

Xpeng could have easily tapped the flurry of autonomous driving solution providers in China, including Pony.ai and WeRide in its backyard Guangzhou. Instead, Xpeng becomes their competitor, working on automation in-house and pledges to outrival the artificial intelligence startups.

“The availability of massive computing for cars at affordable costs and the fast dropping price of lidar is making the two camps really the same,” Wu said of the dynamics between EV makers and robotaxi startups.

“[The robotaxi companies] have to work very hard to find a path to a mass-production vehicle. If they don’t do that, two years from now, they will find the technology is already available in mass production and their value become will become much less than today’s,” he added.

“We know how to mass-produce a technology up to the safety requirement and the quarantine required of the auto industry. This is a super high bar for anybody wanting to survive.”

Xpeng has no plans of going visual-only. Options of automotive technologies like lidar are becoming cheaper and more abundant, so “why do we have to bind our hands right now and say camera only?” Wu asked.

“We have a lot of respect for Elon and his company. We wish them all the best. But we will, as Xiaopeng [founder of Xpeng] said in one of his famous speeches, compete in China and hopefully in the rest of the world as well with different technologies.”

5G, coupled with cloud computing and cabin intelligence, will accelerate Xpeng’s path to achieve full automation, though Wu couldn’t share much detail on how 5G is used. When unmanned driving is viable, Xpeng will explore “a lot of exciting features” that go into a car when the driver’s hands are freed. Xpeng’s electric SUV is already available in Norway, and the company is looking to further expand globally.

#alibaba, #artificial-intelligence, #asia, #automation, #automotive, #baic, #bosch, #cars, #china, #cloud-computing, #driver, #electric-car, #elon-musk, #emerging-technologies, #engineer, #founder, #huawei, #lasers, #li-auto, #lidar, #livox, #machine-learning, #nio, #norway, #nvidia, #qualcomm, #robotaxi, #robotics, #self-driving-cars, #semiconductor, #shenzhen, #tc, #tesla, #transport, #transportation, #u-s-government, #united-states, #wu, #xavier, #xiaopeng, #xpeng

0

US cuts trade ties to Myanmar, risking internet outages

The U.S. government has cut trade ties to Myanmar, two months after the country’s military staged a coup overthrowing the country’s president and also its de-facto leader, Aung San Suu Kyi, and killed at least 200 protesters resulting from its offensive.

In a statement, U.S. Trade Representative Katherine Tai said the trade suspension would be “effective immediately” and will remain in place “until the return of a democratically elected government.”

“The United States supports the people of Burma in their efforts to restore a democratically elected government, which has been the foundation of Burma’s economic growth and reform,” said Tai. “The United States strongly condemns the Burmese security forces’ brutal violence against civilians. The killing of peaceful protestors, students, workers, labor leaders, medics, and children has shocked the conscience of the international community. These actions are a direct assault on the country’s transition to democracy and the efforts of the Burmese people to achieve a peaceful and prosperous future,” the statement read.

Myanmar (also known as Burma) and the U.S. began trading in 2013 following the easing of U.S. sanctions a year earlier after elections saw Suu Kyi’s party win by a landslide.

The trade suspension is designed to target the ruling military junta, but leaves millions of internet users across Myanmar in uncertainty as U.S. cloud and internet companies wrangle with the U.S. government order, at a time where protesters are struggling to stay online amid government-ordered internet shutdowns across the country.

Myanmar already blocked Facebook, Twitter, and Instagram “until further notice.”

Sanctions are designed to prevent the shipping of goods, money and certain services to other countries. Companies operating in the U.S. have to follow U.S. sanctions or face heavy financial penalties. ZTE pleaded guilty in 2017 to violating U.S. sanctions against Iran by knowingly shipping products to the country, and agreed to pay a near-$1 billion fine.

But cloud companies fall into a gray area and have different interpretations of the rules. Quartz reported in 2016 that internet users across Syria, Cuba, and Iran — all subject to U.S. trade sanctions — couldn’t access sites hosted by IBM, because the U.S. cloud host blocked visitors from those countries from accessing its services. Rackspace and Linode, two other large cloud providers, do not block internet traffic to users in embargoed countries but instead prevented users from those countries from signing up for their service.

Myamnar has about 17 million internet users, some 30% of the wider population. A spokesperson for the Office of the U.S. Trade Representative did not immediately return a request for comment.

#asia, #countries, #cuba, #government, #ibm, #internet, #internet-traffic, #iran, #linode, #myanmar, #president, #rackspace, #security, #spokesperson, #syria, #u-s-government, #united-states

0

Microsoft says China-backed hackers are exploiting Exchange zero-days

Microsoft is warning customers that a new China state-sponsored threat actor is exploiting four previously undisclosed security flaws in Exchange Server, an enterprise email product built by the software giant.

The technology company said Tuesday that it believes the hacking group, which it calls Hafnium, tries to steal information from a broad range of U.S.-based organizations, including law firms and defense contractors, but also infectious disease researchers and policy think tanks.

Microsoft said Hafnium used the four newly discovered security vulnerabilities to break into Exchange email servers running on company networks, granting the attackers to steal data from a victim’s organization — such as email accounts and address books — and the ability to plant malware. When used together, the four vulnerabilities create an attack chain that can compromise vulnerable servers running on-premise Exchange 2013 and later.

Hafnium operates out of China, but uses servers located in the U.S. to launch its attacks, the company said. Microsoft said that Hafnium was the only threat group it has detected using these four new vulnerabilities.

Microsoft declined to say how many successful attacks it had seen, but described the number as “limited.”

Patches to fix those four security vulnerabilities are now out, a week earlier than the company’s typical patching schedule, usually reserved for the second Tuesday in each month.

“Even though we’ve worked quickly to deploy an update for the Hafnium exploits, we know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems,” said Tom Burt, Microsoft’s vice president for customer security.

The company said it has also briefed U.S. government agencies on its findings, but that the Hafnium attacks are not related to the SolarWinds-related espionage campaign against U.S. federal agencies. In the last days of the Trump administration, the National Security Agency and the FBI said that the SolarWinds campaign was “likely Russian in origin.”

#china, #computer-security, #computing, #cryptography, #cyberattack, #cybercrime, #cyberwarfare, #defense-contractors, #federal-bureau-of-investigation, #internet-security, #law-firms, #microsoft, #national-security-agency, #security, #software, #solarwinds, #technology, #threat, #trump-administration, #u-s-government, #united-states, #vulnerability

0

Rocket Lab to go public via SPAC at valuation of $4.1 billion

The SPAC run is on for space startups, which have been relatively slow in their overall exit pace before the current special purpose acquisitions company merger craze got underway. Rocket Lab is the latest, and likely the most notable to jump on the trend, with a deal that will see it combine with a SPAC called Vector and subsequently list on the NASDAQ under the ticker RKLB, with the transaction expected to close in the second quarter of this year.

Rocket Lab, which got its start in New Zealand, and which still launches rockets there with its HQ now shifted to LA, will have a pro forma enterprise value of $4.1 billion via the transaction, with a total cash balance of $750 million once the deal goes through thanks to a PIPE of $470 million with funds invested via Vector, BlackRock and others. At close, existing Rocket Lab shareholders will retain 82% of the total equity in the combined company.

The launch company was founded in 2006, and is led by founder Peter Beck. In 2013, it opened its California headquarters, and it has already completed its first U.S. launch facility at Wallops Island, Virginia. The company’s Electron launch vehicle can carry small payloads to orbit, and is designed to cater to the growing small satellite market, with a focus on responsive and flexible launch options.

Rocket Lab has performed launches on behalf of the U.S. government, including national security payloads, and that’s a key revenue opportunity for it gown forward. Currently, it says it has a backlog of customers, with a projection that it will be ‘EBITDA positive’ in 2023 after adjustments, and fully cash-flow positive by 2024, with a projected run rate of over $1 billion in revenue by 2026.

The company has focused on increasing its ability to launch more frequently in a number of ways. It’s been steadily improving its production capacity, with a focus on its large automated carbon fiber production capabilities. It has also established its U.S. launch site, as mentioned, and will soon open its second launch pad at its existing New Zealand launch site, which is fully privately-owned by Rocket Lab itself. It’s also working on making its Electron vehicle partially reusable, which founder Beck says will help it turn around launches more quickly.

Finally, it has just announced a new heavier-lift launch vehicle called Neutron, with a launch payload capacity of 8 tons – around 16,000 lbs.

#aerospace, #artemis-program, #blackrock, #california, #electron, #louisiana, #new-zealand, #outer-space, #peter-beck, #public, #rocket-lab, #spac, #space, #spaceflight, #spaceport, #tc, #u-s-government, #united-states, #virginia

0

SolarWinds hackers targeted NASA, Federal Aviation Administration networks

Hackers are said to have broken into the networks of U.S. space agency NASA and the Federal Aviation Administration as part of a wider espionage campaign targeting U.S. government agencies and private companies.

The two agencies were named by the Washington Post on Tuesday, hours ahead of a Senate Intelligence Committee hearing tasked with investigating the widespread cyberattack, which the previous Trump administration said was “likely Russian in origin.”

Spokespeople for the agencies did not immediately respond to a request for comment, but did not deny the breach in remarks to the Post.

It’s believed NASA and the FAA are the two remaining unnamed agencies of the nine government agencies confirmed to have been breached by the attack. The other seven include the Departments of Commerce, Energy, Homeland Security, Justice, and State, the Treasury, and the National Institutes of Health, though it’s not believed the attackers breached their classified networks.

FireEye, Microsoft, and Malwarebytes were among a number of cybersecurity companies also breached as part of the attacks.

The Biden administration is reportedly preparing sanctions against Russia, in large part because of the hacking campaign, the Post also reported.

The attacks were discovered last year after FireEye raised the alarm about the hacking campaign after its own network was breached. Each victim was a customer of the U.S. software firm SolarWinds, whose network management tools are used across the federal government and Fortune 500 companies. The hackers broke into SolarWinds’ network, planted a backdoor in its software, and pushed the backdoor to customer networks with a tainted software update.

It wasn’t the only way in. The hackers are also said to have targeted other companies by breaking into other devices and appliances on their victims’ networks, as well as targeting Microsoft vendors to breach other customers’ networks.

Last week, Anne Neuberger, the former NSA cybersecurity director who last month was elevated to the White House’s National Security Council to serve as the deputy national security adviser for cyber and emerging technology, said that the attack took “months to plan and execute,” and will “take us some time to uncover this layer by layer.”

#anne-neuberger, #biden-administration, #computer-security, #computing, #cyberattacks, #cybercrime, #cyberwarfare, #director, #federal-aviation-administration, #federal-government, #fireeye, #government, #information-technology, #malwarebytes, #microsoft, #russia, #security, #senate-intelligence-committee, #software, #solarwinds, #supply-chain-attack, #the-washington-post, #trump-administration, #u-s-government, #united-states

0

TikTok’s forced sale to Oracle is put on hold

The insane saga of a potential forced sale of TikTok’s US operations is reportedly ending — another victim of the transition to methodical and rational policymaking that appears to be the boring new normal under the Presidency of Joe Biden.

Last fall, the U.S. government under President Donald Trump took a stab at “gangster capitalism” by trying to force the sale of TikTok to a group of buyers including Oracle and Walmart.

While the effort was doomed from the start, with TikTok’s parent company ByteDance winning most of the legal challenges to the government effort, a Rubicon had effectively been crossed where the U.S. government appeared willing to spend political capital to stymie the growth of a successful foreign business on its shores for the flimsiest of security reasons.

Now, The Wall Street Journal is reporting that the efforts by the U.S. government to push the deal forward “have been shelved indefinitely”, citing sources familiar with the process.

However, discussions between TikTok and U.S. national security officials are continuing because there are valid concerns around TikTok’s data collection and the potential for manipulation and censorship of content on the app.

In the meantime, the U.S. is taking a look at all of the potential threats to data privacy and security from intrusions by foreign governments or using tech developed overseas, according to Emily Horne, the spokeswoman for the National Security Council.

“We plan to develop a comprehensive approach to securing U.S. data that addresses the full range of threats we face,” Horne told the WSJ. “This includes the risk posed by Chinese apps and other software that operate in the U.S. In the coming months, we expect to review specific cases in light of a comprehensive understanding of the risks we face.”

Last year, then-President Trump ordered a ban on TikTok intending to force the sale of the Chinese-owned, short form video distribution service to a U.S.-owned investment group.

As part of that process, the Committee on Foreign Investment in the U.S. ordered ByteDance to divest of its U.S. operations.

TikTok appealed that order in court in Washington last November as the U.S. was roiled by the presidential election and its aftermath.

That case is still pending, but separate federal court rulings have blocked the U.S. government from shutting TikTok down.

#bytedance, #donald-trump, #oracle, #oracle-corporation, #president, #tc, #tiktok, #u-s-government, #walmart

0

Battery companies are the latest SPAC target as EVs get a huge regulatory boost

Batteries are the latest landing pad for investors.

In the past week alone, two companies have announced plans to become publicly traded companies by merging with special purpose acquisition companies. European battery manufacturer FREYR said Friday it would become a publicly traded company through a special purpose acquisition vehicle with a valuation at $1.4 billion. Houston area startup Microvast announced Monday its own SPAC, at a $3 billion valuation.

A $4.4 billion combined valuation for two companies with a little over $100 million in revenue (FREYR has yet to manufacture a battery) would seem absurd were it not for the incredible demand for batteries that’s coming.

Legacy automakers like GM and Ford have committed billions of dollars to shifting their portfolios to electric models. GM said last year it will spend $27 billion over the next five years on the development of electric vehicles and automated technology. Meanwhile, a number of newer entrants are either preparing to begin production of their electric vehicles or scaling up. Rivian, for instance, will begin delivering its electric pickup truck this summer. The company has also been tapped by Amazon to build thousands of electric vans.

The U.S. government could end up driving some of that demand.  President Biden announced last week that the U.S. government would replace the entire federal fleet of cars, trucks and SUVs with electric vehicles manufactured in the U.S. That’s 645,047 vehicles. That’s going to mean a lot of new batteries need to be made to supply GM and Ford, but also U.S.-based upstarts like Fisker, Canoo, Rivian, Proterra, Lion Electric and Tesla.

Meanwhile, some of the largest cities in the world are planning their own electrification initiatives. Shanghai is hoping to have electric vehicles represent roughly half of all new vehicle purchases by 2025 and all public buses, taxis, delivery trucks, and government vehicles will be zero-emission by the same period, according to research from the Royal Bank of Canada.

The Chinese market for electric vehicles is one of the world’s largest and one where policy is significantly ahead of the rest of the world.

A potential windfall from China’s EV market is likely one reason for the significant investment into Microvast by investors including the Oshkosh Corp., a 100 year-old industrial vehicles manufacturer; the $8.67 trillion money management firm, BlackRock; Koch Strategic Platforms; and InterPrivate, a private equity fund manager. That’s because Microvast’s previous backers include CDH Investments and CITIC Securities, two of the most well-connected private equity and financial services firms in China.

So is the company’s focus on commercial and industrial vehicles. Microvast believes that the market for commercial electric vehicles could be $30 billion in the near term. Currently, commercial EV sales represent just 1.5% of the market, but that penetration is supposed to climb to 9% by 2025, according to the company.

“In 2008, we set out to power a mobility revolution by building disruptive battery technologies that would allow electric vehicles to compete with internal combustion engine vehicles,” said Microvast chief executive Yang Wu, in a statement. “Since that time we have launched three generations of battery technologies that have provided our customers with battery performance far superior to our competitors and that successfully satisfy, over many years of operation, the stringent requirements of commercial vehicle operators.”

Roughly 30,000 vehicles are using Microvast’s batteries and the investment in Microvast includes about $822 million in cash that will finance the expansion of its manufacturing capacity to hit 9 gigawatt hours by 2022. The money should help Microvast meet its contractual obligations which account for about $1.5 billion in total value, according to the company.

If Chinese investors stand to win big in the upcoming Microvast public offering, a clutch of American investors and one giant Japanese corporation are waiting expectantly for FREYR’s public offering. Northbridge Venture Partners, CRV, and Itochu Corp. are all going to see gains from FREYR’s exit — even if they’re not backers of the European company.

Those three firms, along with the International Finance Corp. are investors in 24m, the Boston-based startup licensing its technology to FREYR to make its batteries.

FREYR’s public offering will also be another win for Yet-Ming Chiang, a serial entrepreneur and professor who has a long and storied history of developing innovations in the battery and materials science industry.

The MIT professor has been working on sustainable technologies for the last two decades, first at the now-defunct battery startup A123 Systems and then with a slew of startups like the 3D printing company Desktop Metal; lithium-ion battery technology developer, 24m; the energy storage system designer, Form Energy; and Baseload Renewables, another early-stage energy storage startup.

Desktop Metal went public last year after it was acquired by a Special Purpose Acquisition Company, and now 24m is getting a potential boost from a big cash infusion into one of its European manufacturing partners, FREYR.

The Norwegian company, which has plans to build five modular battery manufacturing facilities around a site in its home country intends to develop up to 43 gigawatt hours of clean batteries over the next four years.

For FREYR chief executive Tom Jensen there were two main draws for the 24m technology. “It’s the production process itself,” said Jensen. “What they basically do is they mix the electrolyte with the active material, which allows them to make thicker electrodes and reduce the inactive materials in the battery. Beyond that, when you actually do that you remove the need fo a number of traditional production steps… Compared to conventional lithium battery production it reduces production from 15 steps to 5 steps.”

Those process efficiencies combined with the higher volumes of energy bearing material in the cell leads to a fundamental disruption in the battery production process.

Jensen said the company would need $2.5 billion to fully realize its plans, but that the float should get FREYR there. The company is merging with Alussa Energy Acquisition Corp. in a SPAC backed by investors including Koch Strategic Platforms, Glencore, Fidelity Management & Research Company LLC, Franklin Templeton, Sylebra Capital and Van Eck Associates.

All of these investments are necessary if the world is to meet targets for vehicle electrification on the timelines that have been established.

As the Royal Bank of Canada noted in a December report on the electric vehicle industry. “We estimate that globally, battery electric vehicles (BEVs) will represent ~3% of 2020 global demand, while plug-in hybrid-electric vehicles (PHEVs) will represent another ~1.3%,” according to RBC’s figures. “But we see robust growth off these low figures. By 2025, when growth is still primarily regulatory driven, we see ~11% BEV global penetration of new demand representing a ~40% CAGR from 2020’s levels and ~5% PHEV penetration representing a ~35% CAGR. By 2025, we see BEV penetration in Western Europe at ~20%, China at ~17.5%, and the US at 7%. Comparatively, we expect internal combustion engine (ICE) vehicles to grow (cyclically) at a 2% CAGR through 2025. On a pure unit basis, we see “peak ICE” in 2024.”

#3d-printing, #amazon, #automotive-industry, #biden, #blackrock, #boston, #cdh-investments, #china, #crv, #desktop-metal, #electric-vehicle, #electric-vehicles, #energy, #energy-storage, #ford, #franklin-templeton, #gm, #houston, #itochu-corp, #lithium-ion-battery, #mit, #northbridge-venture-partners, #plug-in-hybrid, #president, #proterra, #rivian, #royal-bank-of-canada, #shanghai, #sylebra-capital, #tc, #tesla, #u-s-government, #united-states

0

The biggest step the Biden administration took on climate yesterday wasn’t rejoining the Paris Agreement

While the Biden Administration is being celebrated for its decision to rejoin the Paris Agreement in one of its first executive orders after President Joe Biden was sworn in, it wasn’t the biggest step the administration took to advance its climate agenda.

Instead it was a move to get to the basics of monitoring and accounting, of metrics and dashboards. While companies track their revenues and expenses and monitor for all sorts of risks, impacts from climate change and emissions aren’t tracked in the same way. Now, in the same way there are general principals for accounting for finance, there will be principals for accounting for the impact of climate through what’s called the social cost of carbon.

Among the flurry of paperwork coming from Biden’s desk were Executive Orders calling for a review of Trump era rule-making around the environment and the reinstitution of strict standards for fuel economy, methane emissions, appliance and building efficiency, and overall emissions. But even these steps are likely to pale in significance to the fifth section of the ninth executive order to be announced by the new White House.

That’s the section addressing the accounting for the benefits of reducing climate pollution. Until now, the U.S. government hasn’t had a framework for accounting for what it calls the “full costs of greenhouse gas emissions” by taking “global damages into account”.

All of this is part of a broad commitment to let data and science inform policymaking across government, according to the Biden Administration.

Biden writes:

“It is, therefore, the policy of my Administration to listen to the science; to improve public health and protect our environment; to ensure access to clean air and water; to limit exposure to dangerous chemicals and pesticides; to hold polluters accountable, including those who disproportionately harm communities of color and low-income communities; to reduce greenhouse gas emissions; to bolster resilience to the impacts of climate change; to restore and expand our national treasures and monuments; and to prioritize both environmental justice and the creation of the well-paying union jobs necessary to deliver on these goals.”

The specific section of the order addressing accounting and accountability calls for a working group to come up with three metrics: the social cost of carbon (SCC), the social cost of nitrous oxide (SCN) and the social cost of methane (SCM) that will be used to estimate the monetized damages associated with increases in greenhouse gas emissions.

As the executive order notes, “[an] accurate social cost is essential for agencies to accurately determine the social benefits of reducing greenhouse gas emissions when conducting cost-benefit analyses of regulatory and other actions.” What the Administration is doing is attempting to provide a financial figure for the damages wrought by greenhouse gas emissions in terms of rising interest rates, and the destroyed farmland and infrastructure caused by natural disasters linked to global climate change.

These kinds of benchmarks aren’t flashy, but they are concrete ways to determine accountability. That accountability will become critical as the country takes steps to meet the targets set in the Paris Agreement. It also gives companies looking to address their emissions footprints an economic framework to point to as they talk to their investors and the public.

The initiative will include top leadership like the Chair of the Council of Economic Advisers, the director of the Office of Management and Budget and the Director of the Office of Science and Technology Policy (a position that Biden elevated to a cabinet level post).

Representatives from each of the major federal agencies overseeing the economy, national health, and the environment will be members of the working group along with the representatives or the National Climate Advisor and the Director of the National Economic Council.

While the rule-making is proceeding at the federal level, some startups are already developing services to help businesses monitor their emissions output.

These are companies like CarbonChainPersefoni, and SINAI Technologies. And their work compliments non-profits like CDP, which works with companies to assess carbon emissions.

Biden’s plan will have the various agencies and departments working quickly. The administration expects an interim SCC, SCN, and SCM within the next 30 days, which agencies will use when monetizing the value of changes in greenhouse gas emissions resulting from regulations and agency actions. The President wants final metrics will be published by January of next year.

The executive order also restored protections to national parks and lands that had been opened to oil and gas exploration and commercial activity under the Trump Administration and blocked the development of the Keystone Pipeline, which would have brought oil from Canadian tar sands into and through the U.S.

“The Keystone XL pipeline disserves the U.S. national interest. The United States and the world face a climate crisis. That crisis must be met with action on a scale and at a speed commensurate with the need to avoid setting the world on a dangerous, potentially catastrophic, climate trajectory. At home, we will combat the crisis with an ambitious plan to build back better, designed to both reduce harmful emissions and create good clean-energy jobs,” according to the text of the Executive Order. “The United States must be in a position to exercise vigorous climate leadership in order to achieve a significant increase in global climate action and put the world on a sustainable climate pathway. Leaving the Key`12stone XL pipeline permit in place would not be consistent with my Administration’s economic and climate imperatives.”

#articles, #biden-administration, #carbonchain, #chair, #director, #executive, #greenhouse-gas, #greenhouse-gas-emissions, #joe-biden, #office-of-management-and-budget, #oil, #persefoni, #president, #sinai-technologies, #tc, #trump, #trump-administration, #u-s-government, #united-states, #white-house

0

Chris Krebs and Alex Stamos have started a cyber consulting firm

Former U.S. cybersecurity official Chris Krebs and former Facebook chief security officer Alex Stamos have founded a new cybersecurity consultancy firm, which already has its first client: SolarWinds .

The two have been hired as consultants to help the Texas-based software maker recover from a devastating breach by suspected Russian hackers, which used the company’s software to set backdoors in thousands of organizations and to infiltrate at least 10 U.S. federal agencies and several Fortune 500 businesses.

At least the Treasury, State and the Department of Energy have been confirmed breached, in what has been described as likely the most significant espionage campaign against the U.S. government in years. And while the U.S. government has already pinned the blame on Russia, the scale of the intrusions are not likely to be known for some time.

Krebs was one of the most senior cybersecurity officials in the U.S. government, most recently serving as the director of Homeland Security’s CISA cybersecurity advisory agency from 2018, until he was fired by President Trump for his efforts to debunk false election claims — many of which came from the president himself. Stamos, meanwhile, joined the Stanford Internet Observatory after holding senior cybersecurity positions at Facebook and Yahoo. He also consulted for Zoom amid a spate of security problems.

In an interview with the Financial Times, which broke the story, Krebs said it could take years before the hackers are ejected from infiltrated systems.

SolarWinds chief executive Sudhakar Ramakrishna acknowledged in a blog post that it had brought on the consultants to help the embattled company to be “transparent with our customers, our government partners, and the general public in both the near-term and long-term about our security enhancements.”

#chris-krebs, #computer-security, #cybercrime, #cyberwarfare, #data-security, #department-of-energy, #president, #russia, #security, #solarwinds, #startups, #texas, #the-financial-times, #trump, #u-s-government, #united-states

0

FBI, NSA say ongoing hacks at US federal agencies ‘likely Russian in origin’

The U.S. government says hackers “likely Russian in origin” are responsible for breaching the networks of at least 10 U.S. federal agencies and several major tech companies, including FireEye and Microsoft.

In a joint statement published Tuesday, the FBI, the NSA, and Homeland Security’s cybersecurity advisory unit, CISA, said that the government was “still working to understand the scope” of the breach, but that the breaches are likely an “intelligence gathering effort.”

The compromises are “ongoing,” the statement said.

The statement didn’t name the breached agencies, but the Treasury, State, and the Department of Energy are among those reported to be affected.

“This is a serious compromise that will require a sustained and dedicated effort to remediate,” the statement said. “The [joint agency effort] will continue taking every necessary action to investigate, remediate, and share information with our partners and the American people,”

News of the widespread espionage campaign emerged in early December after cybersecurity giant FireEye, normally the first company that cyberattack victims will call, discovered its own network had been breached. Soon after, it was reported that several government agencies had also been infiltrated.

All of the victims are customers of U.S. software firm SolarWinds, whose Orion network management tools are used across the U.S. government and Fortune 500 companies. FireEye said that hackers broke into SolarWinds’ network and pushed a tainted software update to its customers, allowing the hackers to easily break into any one of thousands of companies and agencies that installed the backdoored update.

Some 18,000 customers downloaded the backdoored software update, but the government’s joint statement said that it believes only a “much smaller number have been compromised by follow-on activity on their systems.”

Several news outlets have previously reported that the hacks were carried out by a Russian intelligence group known as APT 29, or Cozy Bear, which has been linked to several espionage-driven attacks, including attempting to steal coronavirus vaccine research.

Tuesday’s joint statement would be the first time the government acknowledged the likely culprit behind the campaign.

Russia had previously denied involvement with the hacks.

 

#computer-security, #computing, #cyberattack, #cybercrime, #cyberwarfare, #department-of-energy, #fireeye, #government, #information-technology, #network-management, #security, #software, #solarwinds, #u-s-government, #united-states

0

The US wants startups to get a piece of the $16 billion spent on space tech

The U.S. government is one of the biggest spenders in the nascent space industry and the man who handles the money for the Air Force’s $16 billion checkbook wants startups to know that his door is open for them.

In all, Will Roper, the Assistant Secretary of the Air Force for Acquisition, Technology and Logistics, handles about $60 billion worth of budget for the Air Force — a mandate that includes spending money on the new tech initiatives the Air Force deems important.

Historically, the Department of Defense hasn’t been the greatest at working with startups — and many tech companies have been loath to work with the DoD. However, since much of modern civilian infrastructure is based on global positioning systems and other satellite technologies that fall under the Defense Department’s purview, those views on cooperation are changing on both sides.

“Space isn’t a quiet domain of communication and navigation and exploration anymore,” Roper told the audience at TechCrunch’s latest Sessions event, TC Sessions: Space 2020. “It’s increasingly becoming a hostile place… So we’re gearing up a new kind of competition the military side that could extend to space and that’s creating a lot of new space programs.”

Roper emphasized that the interest from the Air Force and the government more broadly extends well beyond offensive capabilities and military priorities. As space becomes an economic opportunity, Roper sees the Air Force as an engine for driving technology development forward in ways that have commercial benefits.

“It’s a great, great time for innovation in new technologies that could help the military, but we want to do more than just help the military. That’s the old thinking in the Pentagon . That’s all that would help us win the Cold War in the 20th Century, but it’s not going to help us in the 21st, where technology is globalized and accelerating,” Roper said.

“We want to find ways where our military mission and our funding can help accelerate commercial markets to so it’s competing on a much bigger stage. But we think it’s where we need to aspire to be, so that we’re playing the right catalyst role in this nation and with our partners around the world,” Roper said.

There are several programs that startups can tap to get those Federal dollars. Two of the easiest points of entry are through the AFWERX and its recently announced SpaceWERX arm focused entirely on space technology.

“These look like any tech company,” Roper told the audience at the TechCrunch event. “They’re outside our fence lines. They’re easy to walk into… Now you don’t have to know the mission, we will help you find the mission and the customer — the warfighter associated with it. It’s a great model because it keeps the company focuse don what they know best, which is their tech.”

Over the last three years, Roper estimated that the AFWERX program had brought 2300 companies into the Air Force and Space Force programs and most of them had never worked with the military before, he said.

Within AFWERX there are three programs that particularly relate to integrating startups into the procurement process, Roper said. One is the Spark program, which pairs military with private industry; one is the AFVentures program, which is designed to finance new innovations coming from private industry; and finally there’s the Prime program, which helps commercialize and certify technologies.

Roper pointed to the recent certification the Air Force gave to Joby Aviation for its flying cars. “So there’s a new military market that will hopefully generate a new commercial market,” Roper said.

In 2021, the Prime program will expand to space technologies, according to Roper.

As the demand for new tech grows, there’s no shortage of innovations Roper would like to see from private industry. From new autonomous innovations that could help co-pilot spacecraft to technology for refueling and in-space maneuverability, and reusable equipment from boosters to other components that can bring costs down.

Roper also acknowledged that the Pentagon has a long way to go to “hack the acquisition system” when it comes to dual use technologies.

Entrepreneurs have pointed out that one of the biggest obstacles to the growth of the commercial space industry has been the inability of the US government to open up the technology for use by private industry.

Roper hopes to change that. “We want to use our military dollars, our mission, and potentially our certifications to help get you there without changing your core product,” he said. “If you succeed as a commercial success, then then we succeed as well, because now we’ve got a great tech partner, that hopefully we can continue to come to to solve problems in future. The thing that we’ll want to understand early on is how our military market and all those benefits I just mentioned, how can they help you get to commercial success? And what is it that we not need to do to pull you off that trajectory?”

Contracts with AFWERX are fixed price and progress as companies hit certain milestones on the product roadmap. These orders increase incrementally as the technology proves itself, so a contract could start with the delivery of a prototype, then experimental usage, then a commercial contract, then broad adoption. “What we’re looking to do is see if you can move the ball forward on your technology, and if you do, then we do another contract. We step you up our process,” Roper said.

Roper sees the project as nothing less than the evolution of the aerospace and defense industry.

“We have a lot of amazing companies today that helped build stealth bombers and space planes and all sorts of awesome stuff. They’re defense companies and we still need them,” Roper said. “What we’re hoping to help build in this century is a set fo new companies that are just tech companies. They’re not defense, purely, and they’re not commercial purely. They’re just technology companies and they do a bit of business on both sides.”

#aerospace, #air-force, #department-of-defense, #military, #pentagon, #space-force, #space-technology, #tc, #tc-sessions-space-2020, #technology, #technology-development, #u-s-government, #united-states, #will-roper

0

Lockheed Martin acquires rocket engine maker Aerojet Rocketdyne for $4.4Bn as Space heats up

Lockheed Martin (LM), the US’s largest defence contractor will acquire Aerojet Rocketdyne (AR), a rocket engine and missile manufacturer, for $4.4 billion including debt and net cash, giving the company a larger stake in space and hypersonic technology. The move comes amid the context of increasing competition in the Space and Defence industries.

In a news release, the company said the proposed acquisition adds substantial expertise in propulsion to Lockheed Martin’s portfolio and that Aerojet Rocketdyne’s technologies were already ‘key components’ of Lockheed’s supply chain. It already uses Aerojet Rocketdyne’s propulsion systems in its aeronautics, missiles and fire control offerings.

Aerojet Rocketdyne’s 2019 revenues were approximately $2 billion. The company, headquartered in El Segundo, California, has nearly 5,000 employees and was formed in 2013 when GenCorp’s Aerojet and Pratt & Whitney Rocketdyne were merged. The company produces solid rocket motors as well as tactical and strategic missiles for the Defense Department.

AR makes the RL10 rocket engine that powers the upper stage of United Launch Alliance’s Delta 4 and Atlas 5 launch vehicles, and also produces the RS-25 engines for NASA’s Space Launch System.

The company’s move comes as it attempts to increase its propulsion capabilities to compete with new entrants such as SpaceX and Blue Origin for space contracts with the U.S. government. Meanwhile, rival Raytheon Co. is preparing to combine with United Technologies Corp to create an aerospace-and-defense giant.

Lockheed CEO James Taiclet said in a statement: “Acquiring Aerojet Rocketdyne will preserve and strengthen an essential component of the domestic defense industrial base and reduce costs for our customers and the American taxpayer.”

Aerojet’s CEO Eileen Drake said: “As part of Lockheed Martin, we will bring our advanced technologies together with their substantial expertise and resources to accelerate our shared purpose: enabling the defense of our nation and space exploration.”

The acquisition is expected to close in the second half of 2021 but will be subject to the usual requirement for approvals by regulators and Aerojet Rocketdyne’s stockholders.

#aerojet-rocketdyne, #blue-origin, #california, #ceo, #companies, #delta, #department-of-defense, #lockheed-martin, #space, #spacex, #supply-chain, #tc, #u-s-government, #united-launch-alliance, #united-states

0

2020 was a disaster, but the pandemic put security in the spotlight

Let’s preface this year’s predictions by acknowledging and admitting how hilariously wrong we were when this time last year we said that 2020 “showed promise.”

In fairness (almost) nobody saw a pandemic coming.

With 2020 wrapping up, much of the security headaches exposed by the pandemic will linger into the new year.

The pandemic is, and remains, a global disaster of epic proportions that’s forced billions of people into lockdown, left economies in tatters with companies (including startups) struggling to stay afloat. The mass shifting of people working from home brought security challenges with it, like how to protect your workforce when employees are working outside the security perimeter of their offices. But it’s forced us to find and solve solutions to some of the most complex challenges, like pulling off a secure election and securing the supply chain for the vaccines that will bring our lives back to some semblance of normality.

With 2020 wrapping up, much of the security headaches exposed by the pandemic will linger into the new year. This is what to expect.

Working from home has given hackers new avenues for attacks

The sudden lockdowns in March drove millions to work from home. But hackers quickly found new and interesting ways to target big companies by targeting the employees themselves. VPNs were a big target because of outstanding vulnerabilities that many companies didn’t bother to fix. Bugs in enterprise software left corporate networks open to attack. The flood of personal devices logging onto the network — and the influx of malware with it — introduced fresh havoc.

Sophos says that this mass decentralizing of the workforce has turned us all into our own IT departments. We have to patch our own computers, install security updates, and there’s no IT just down the hallway to ask if that’s a phishing email.

Companies are having to adjust to the cybersecurity challenges, since working from home is probably here to stay. Managed service providers, or outsourced IT departments, have a “huge opportunity to benefit from the work-from-home shift,” said Grayson Milbourne, security intelligence director at cybersecurity firm Webroot.

Ransomware has become more targeted and more difficult to escape

File-encrypting malware, or ransomware, is getting craftier and sneakier. Where traditional ransomware would encrypt and hold a victim’s files hostage in exchange for a ransom payout, the newer and more advanced strains first steal a victim’s files, encrypt the network and then threaten to publish the stolen files if the ransom isn’t paid.

This data-stealing ransomware makes escaping an attack far more difficult because a victim can’t just restore their systems from a backup (if there is one). CrowdStrike’s chief technology officer Michael Sentonas calls this new wave of ransomware “double extortion” because victims are forced to respond to the data breach as well.

The healthcare sector is under the closest guard because of the pandemic. Despite promises from some (but not all) ransomware groups that hospitals would not be deliberately targeted during the pandemic, medical practices were far from immune. 2020 saw several high profile attacks. A ransomware attack at Universal Health Services, one of the largest healthcare providers in the U.S., caused widespread disruption to its systems. Just last month U.S. Fertility confirmed a ransomware attack on its network.

These high-profile incidents are becoming more common because hackers are targeting their victims very carefully. These hyperfocused attacks require a lot more skill and effort but improve the hackers’ odds of landing a larger ransom — in some cases earning the hackers millions of dollars from a single attack.

“This coming year, these sophisticated cyberattacks will put enormous stress on the availability of services — in everything from rerouted healthcare services impacting patient care, to availability of online and mobile banking and finance platforms,” said Sentonas.

#computer-security, #cyberattacks, #encryption, #enterprise-software, #facial-recognition, #government, #law-enforcement, #malware, #privacy, #ransomware, #security, #u-s-government

0

FTC orders ByteDance, Facebook, Snap and others to explain what they do with user data

The FTC is ordering the companies behind many of the largest social and video platforms to explain how they use the treasure troves of data they harvest from users. Amazon, TikTok owner ByteDance, Facebook, WhatsApp, Discord, Reddit, Snap, Twitter and YouTube were all sent the order, with a deadline set 45 days from now.

The FTC’s focus is on how these companies “collect, use, and present personal information, their advertising and user engagement practices, and how their practices affect children and teens.” Four of the FTC’s commissioners voted in favor of the order, with Commissioner Noah Joshua Phillips dissenting.

“Despite their central role in our daily lives, the decisions that prominent online platforms make regarding consumers and consumer data remain shrouded in secrecy,” Commissioners Rohit Chopra, Rebecca Kelly Slaughter and Christine S. Wilson said in a joint statement.

“… Policymakers and the public are in the dark about what social media and video streaming services do to capture and sell users’ data and attention. It is alarming that we still know so little about companies that know so much about us.”

The FTC’s new fact-finding mission is the latest federal action to put tech in its crosshairs, following last week’s news that the agency would sue Facebook over antitrust violations. The new order was issued under Section 6(b) of the FTC Act as a study of tech industry practices. It isn’t coupled with any law enforcement action, but that doesn’t preclude the agency from pursuing enforcement options with what it finds.

Last year the FTC signaled a deeper interest in tech, particularly on antitrust issues. The agency launched a purpose-built tech task force to monitor acquisitions and other potential competition-crushing behavior that raises red flags. In early 2020, the FTC launched an extensive separate study examining nearly a decade’s worth of acquisitions made by Alphabet, Amazon, Apple, Facebook and Microsoft.

#amazon, #bytedance, #facebook, #ftc, #government, #privacy, #snap, #tc, #u-s-government

0

Decrypted: Google finds a devastating iPhone security flaw, FireEye hack sends alarm bells ringing

In case you missed it: A ransomware attack saw patient data stolen from one of the largest U.S. fertility networks; the Supreme Court began hearing a case that may change how millions of Americans use computers and the internet; and lawmakers in Massachusetts have voted to ban police from using facial recognition across the state.

In this week’s Decrypted, we’re deep-diving into two stories beyond the headlines, including why the breach at cybersecurity giant FireEye has the cybersecurity industry in shock.


THE BIG PICTURE

Google researcher finds a major iPhone security bug, now fixed

What happens when you leave one of the best security researchers alone for six months? You get one of the most devastating vulnerabilities ever found in an iPhone — a bug so damaging that it can be exploited over-the-air and requires no interaction on the user’s part.

The AWDL bug under attack using a proof-of-concept exploit developed by a Google researcher. Image Credits: Ian Beer/Google Project Zero

The vulnerability was found in Apple Wireless Direct Link (AWDL), an important part of the iPhone’s software that among other things allows users to share files and photos over Wi-Fi through Apple’s AirDrop feature.

“AWDL is enabled by default, exposing a large and complex attack surface to everyone in radio proximity,” wrote Google’s Ian Beer in a tweet, who found the vulnerability in November and disclosed it to Apple, which pushed out a fix for iPhones and Macs in January.

But exploiting the bug allowed Beer to gain access to the underlying iPhone software using Wi-Fi to gain control of a vulnerable device — including the messages, emails and photos — as well as the camera and microphone — without alerting the user. Beer said that the bug could be exploited over “hundreds of meters or more,” depending on the hardware used to carry out the attack. But the good news is that there’s no evidence that malicious hackers have actively tried to exploit the bug.

News of the bug drew immediate attention, though Apple didn’t comment. NSA’s Rob Joyce said the bug find is “quite an accomplishment,” given that most iOS bugs require chaining multiple vulnerabilities together in order to get access to the underlying software.

FireEye hacked by a nation-state, but the aftermath is unclear

#apple, #articles, #computer-security, #cyberattacks, #cyberwarfare, #decrypted, #dragos, #fireeye, #google, #government, #infrastructure, #iphone, #massachusetts, #national-security-agency, #online-platforms, #orca-security, #president, #ransomware, #ron-wyden, #security, #series-b, #supreme-court, #the-washington-post, #trump, #u-s-government, #white-house, #wi-fi

0

Second federal judge rules against Trump administration’s TikTok ban

Another federal judge has issued a preliminary injunction against U.S. government restrictions that would have effectively banned TikTok from operating in the United States.

The ruling (embedded below) was made by U.S. District Court Judge Carl Nichols in a lawsuit filed by TikTok and ByteDance against President Donald Trump, Secretary of Commerce Wilbur Ross and the Commerce Department. Judge Nichols wrote the government “likely exceeded IEEPA’s [the International Emergency Economic Powers Act] express limitations as part of an agency action that was arbitrary and capricious.”

This is the second time a federal judge has issued an injunction against Trump administration restrictions that would have prevented U.S. companies, including internet hosting services, from transactions with TikTok and ByteDance. The first injunction was granted in October by U.S. District Court Judge Wendy Beetlestone, in a separate lawsuit brought against the President Trump and the U.S. Commerce Department by three TikTok creators.

Both lawsuits challenge an executive order signed by President Trump on August 7, banning transactions with ByteDance. The order cited both the IEEPA and National Emergencies Act, claiming TikTok posed a national security threat because of its ownership by a Chinese company.

In today’s ruling, Judge Nichols wrote TikTok and ByteDance are likely to succeed in their claims that Secretary Ross’ prohibitions against TikTok and ByteDance, which were originally supposed to go into effect on November 12, violated limits in the IEEPA and the Administrative Procedures Act.

The Commerce Department already issued a notice last month saying it will comply with Judge Beetlestone’s injunction pending further legal developments.

ByteDance is also facing a divestiture order that would force it to sell TikTok’s U.S. operations. While it has reached a proposed agreement with Oracle and Walmart, ByteDance also asked the federal appeals court to vacate the order last month. On November 26, the Trump administration extended the order’s deadline to December 4, but allowed it to lapse without setting a new one.

In an email to TechCrunch, a TikTok spokesperson said, “We’re pleased that the court agreed with us and granted a preliminary injunction against all the prohibitions of the Executive Order. We’re focused on continuing to build TikTok as the home that 100 million Americans, including families and small businesses, rely upon for expression, connection, economic livelihood, and true joy.”

TechCrunch has also contacted the Commerce Department for comment.

To keep track of the often overlapping developments in ByteDance and TikTok’s fight with the U.S. government, we have compiled a comprehensive timeline and will keep it updated.

TikTok vs Trump Injunction by TechCrunch on Scribd

#apps, #bytedance, #commerce-department, #policy, #tc, #tiktok, #u-s-government

0

Space startup Aevum debuts world’s first fully autonomous orbital rocket launching drone

Launching things to space doesn’t have to mean firing a large rocket vertically using massive amounts of rocket-fuel powered thrust – startup Aevum breaks the mould in multiple ways, with an innovative launch vehicle design that combines uncrewed aircraft with horizontal take-off and landing capabilities, with a secondary stage that deploys at high altitude and can take small payloads the rest of the way to space.

Aevum’s model actually isn’t breaking much new ground in terms of its foundational technology, according to founder and CEO Jay Skylus, who I spoke to prior to today’s official unveiling of the startup’s Ravn X launch vehicle. Skylus, who previously worked for a range of space industry household names and startups including NASA, Boeing, Moon Express and Firefly, told me that the startup has focused primarily on making the most of existing available technologies to create a mostly reusable, fully automated small payload orbital delivery system.

To his point, Ravn X doesn’t look too dissimilar from existing jet aircraft, and bears obvious resemblance to the Predator line of UAVs already in use for terrestrial uncrewed flight. The vehicle is 80 feet long, and has a 60-foot wingspan, with a total max weight of 55,000 lbs including payload. 70% of the system is fully reusable today, and Skylus says that the goal is to iterate on that to the point where 95% of the launch system will be reusable in the relatively near future.

Image Credits: Aevum

Ravn X’s delivery system is design for rapid response delivery, and is able to get small satellites to orbit in as little as 180 minutes – with the capability of having it ready to fly and deliver another again fairly shortly after that. It uses traditional jet fuel, the same kind used on commercial airliners, and it can take off and land in “virtually any weather,” according to Skylus. It also takes off and lands on any 1-mile stretch of traditional aircraft runway, meaning it can theoretically use just about any active airport in the world as a launch and landing site.

One of they key defining differences of Aevum relative to other space launch startups is that what they’re presenting isn’t theoretical, or in development – the Ravn X already has paying customers, including over $1 billion in U.S. government contracts. It’s first mission is with the U.S. Space Force, the ASLON-45 small satellite launch mission (set for late 2021), and it also has a contract for 20 missions spanning 9 years with the U.S. Air Force Space and Missile Systems Center.  Deliveries of Aevum’s production launch vehicles to its customers have already begun, in fact, Skylus says.

The U.S. Department of Defense has been actively pursuing space launch options that provide it with responsive, short turnaround launch capabilities for quite some time now. That’s the same goal that companies like Astra, which was originally looking to win the DARPA challenge for such systems (since expired) with its Rocket small launcher. Aevum’s system has the added advantage of being essentially fully compatible with existing airfield infrastructure – and also of not requiring that human pilots be involved or at risk at all, as they are with the superficially similar launch model espoused by Virgin Orbit.

Aevum isn’t just providing the Ravn X launcher, either; its goal is to handle end-to-end logistics for launch services, including payload transportation and integration, which are parts of the process that Skylus says are often overlooked or underserved by existing launch providers, and that many companies creating payloads also don’t realize are costly, complicated and time-consuming parts of actually delivering a working small satellite to orbit. The startup also isn’t “re-inventing the wheel” when it comes to its integration services – Skylus says they’re working with a range of existing partners who all already have proven experience doing this work but who haven’t previously had the motivation or the need to provide these kinds of services to the customers that Skylum sees coming online, both in the public and private sector.

The need isn’t for another SpaceX, Skylus says; rather, thanks to SpaceX, there’s a wealth of aerospace companies who previously worked almost exclusively with large government contracts and the one or two massive legacy rocket companies to put missions together. They’re now open to working with the greatly expanded market for orbital payloads, including small satellites that aim to provide cost-effective solutions in communications, environmental monitor, shipping and defense.

Aevum’s solution definitely sounds like it addresses a clear and present need, in a way that offers benefits in terms of risk profile, reusability, cost and flexibility. The company’s first active missions will obviously be watched closely, by potential customers and competitors alike.

#aerospace, #artificial-intelligence, #boeing, #ceo, #elon-musk, #hyperloop, #jay, #launch-services, #launch-vehicle, #moon-express, #outer-space, #robotics, #small-satellite, #space, #spaceflight, #spacex, #tc, #transportation, #u-s-government, #u-s-space-force, #united-states

0

The Trump administration will add SMIC, China’s largest chipmaker, to its defense blacklist: report

SMIC, one of largest chip makers in the world, is among several companies that the Department of Defense plans to designate as being owned or controlled by the Chinese military, reports Reuters. Earlier this month, President Donald Trump signed an executive order, set to go into effect on January 11, that would bar U.S. investors from buying securities from companies on the defense blacklist.

In a statement to Reuters, SMIC said it continues “to engage constructively and openly with the U.S. government” and that it “has no relationship with the Chinese military and does not manufacture for military end-users or end-uses.”

The largest semiconductor maker in China, SMIC holds about 4% of the worldwide foundry market, estimates market research firm TrendForce. Its U.S. customers have included Qualcomm, Broadcom and Texas Instruments.

There are currently 31 companies on the defense blacklist. SMIC is one of four new companies that the Department of Defense plans to add, according to Reuters. The others are China Construction Technology, China International Engineering Consulting Corp and China National Offshore Oil Corp (CNOOC).

The company delisted from NYSE in May 2019, but it said that the decision was prompted by the limited trading volume and high administrative costs, not the U.S.-China trade war or the U.S. government’s blacklisting of Huawei and other Chinese tech companies.

SMIC has already been impacted by export restrictions that prevent them from purchasing key equipment from American suppliers. At the beginning of October, it told shareholders that export restrictions set by the U.S. Bureau of Industry and Security could have “material adverse effects” on its production.

The executive order, and the possible addition of new companies to the defense blacklist, is in-line with the Trump administration’s hard stance against Chinese tech companies, including Huawei, ZTE and ByteDance, that it claims are a potential national security threat through their alleged ties to the Chinese government and military. But the future of a lot of the current administration’s policies after the Joe Biden assumes the presidency on January 20 is uncertain.

TechCrunch has contacted SMIC for comment.

#asia, #china, #semiconductors, #smic, #tc, #u-s-government

0

The FCC rejects ZTE’s petition to stop designating it a “national security threat”

The Federal Communications Commission has rejected ZTE’s petition to remove its designation as a “national security threat.” This means that American companies will continue to be barred from using the FCC’s $8.3 billion Universal Service Fund to buy equipment and services from ZTE .

The Universal Service Fund includes subsidies to build telecommunication infrastructure across the United States, especially for low-income or high-cost areas, rural telehealth services, and schools and libraries. The FCC issued an order on June 30 banning U.S. companies from using the fund to buy technology from Huawei and ZTE, claiming that both companies have close ties with the Chinese Communist Party and military.

Many smaller carriers rely on Huawei and ZTE, two of the world’s biggest telecom equipment providers, for cost-efficient technology. After surveying carriers, the FCC estimated in September that replacing Huawei and ZTE equipment would cost more than $1.8 billion.

Under the Secure and Trusted Communications Networks Act, passed by Congress this year, most of that amount would be eligible for reimbursements under a program referred to as “rip and replace.” But the program has not been funded by Congress yet, despite bipartisan support.

In today’s announcement about ZTE, chairman Ajit Pai also said the FCC will vote on rules to implement the reimbursement program at its next Open Meeting, scheduled to take place on December 10.

The FCC passed its order barring companies deemed national security threats from receiving money from the Universal Service Fund in November 2019. Huawei fought back by suing the FCC over the ban, claiming it exceeded the agency’s authority and violated the Constitution.

TechCrunch has contacted ZTE for comment.

#asia, #china, #fcc, #federal-communications-commission, #huawei, #tc, #u-s-government, #zte

0

Relativity Space raises $500 million as its sets sights on the industrialization of Mars

3D-printed rocket startup Relativity Space has closed $500 million in Series D funding (making official the earlier reported raise), the company announced today. This funding was led by Tiger Global Management, and included participation by a host of new investors including Fidelity Management & Research Company, Baillie Gifford, Iconiq Capital, General Catalist and more. This brings the company’s total raised so far to nearly $700 million, as the startup is poised to launch its first ever fully 3D-printed orbital rocket next year.

LA-based Relativity had a big 2020, completing work on a new 120,000 square-foot manufacturing facility in Long Beach. Its rocket construction technology, which is grounded in its development and use of the largest metal 3D printers in existence, suffered relatively few setbacks due to COVID-19-related shutdowns and work stoppages since it involves relatively few actual people on the factory floor managing the 3D printing process, which is handled in large part by autonomous robotic systems and software developed by the company.

Relativity also locked in a first official contract from the U.S. government this year, to launch a new experimental cryogenic fluid management system on behalf of client Lockheed Martin, as part of NASA’s suite of Tipping Point contracts to fund the development of new technologies for space exploration. It also put into service its third-generation Stargate 3D metal printers – the largest on Earth, as mentioned.

The company’s ambitions are big, so this new large funding round should provide it with fuel to grow even more aggressively in 2021. It’s got new planned initiatives underway, both terrestrial and space-related, but CEO and founder Tim Ellis specifically referred to Mars and sustainable operations on the red planet as one possible application of Relativity’s tech down the road.

In prior conversations, Ellis has alluded to the potential for Relativity’s printers when applied to other large-scale metal manufacturing – noting that the cost curve as it stands makes most sense for rocketry, but could apply to other industries easily as the technology matures. Whether on Mars or on Earth, large-scale 3D printing definitely has a promising future, and it looks like Relativity is well-positioned to take advantage.

We’ll be talking to Ellis at our forthcoming TC Sessions: Space event, so we’ll ask him more about this round and his company’s aspirations live there, too.

#3d-printing, #aerospace, #articles, #baillie-gifford, #ceo, #emerging-technologies, #fundings-exits, #iconiq-capital, #industrial-design, #lockheed-martin, #long-beach, #printer, #relativity-space, #robotics, #science, #science-and-technology, #space, #tc, #tiger-global-management, #tim-ellis, #u-s-government, #united-states

0

Trump fires US cybersecurity official Chris Krebs for debunking false election claims

Chris Krebs, one of the most senior cybersecurity officials in the U.S. government, has been fired.

Krebs served as the director of the Cybersecurity and Infrastructure Security Agency (CISA) since its founding in November 2018 until he was removed from his position on Tuesday. It’s not immediately clear who is currently heading the agency. A spokesperson for CISA did not immediately comment.

President Trump fired Krebs in a tweet late on Tuesday, citing a statement published by CISA last week, which found there was “no evidence that any voting system deleted or lost votes, changed votes, or was in any way compromised.” Trump, who has repeatedly made claims of voter fraud without providing evidence, alleged that CISA’s statement was “highly inaccurate.”

Shortly after, Twitter labeled Trump’s tweet for making a “disputed” claim about election fraud.

Reuters first reported the news of Krebs’ potential firing last week.

Krebs was appointed by President Trump to head the newly created cybersecurity agency in November 2018, just days after the conclusion of the midterm elections. He previously served as an under secretary for CISA’s predecessor, the National Protection and Programs Directorate, and also held cybersecurity policy roles at Microsoft.

During his time in government, Krebs became one of the most vocal voices in election security, taking the lead during 2018 and in 2020, which largely escaped from disruptive cyberattacks, thanks to efforts to prepare for cyberattacks and misinformation that plagued the 2016 presidential election.

He was “one of the few people in this administration respected by everyone on both sides of the aisle,” said Sen. Mark Warner, a member of the Senate Intelligence Committee, in a tweet.

Krebs is the latest official to leave CISA in the past year. Brian Harrell, who oversaw infrastructure protection at the agency, resigned in August after less than a year on the job, and Jeanette Manfra, who left for a role at Google at the end of last year. Cyberscoop reported Thursday that Bryan Ware, CISA’s assistant director for cybersecurity, resigned for a position in the private sector.

#articles, #computer-security, #cryptography, #cybercrime, #cyberwarfare, #director, #government, #president, #presidential-election, #secretary, #security, #trump, #u-s-government, #united-states, #white-house

0

ByteDance asks federal appeals court to vacate U.S. order forcing it to sell TikTok

In a new filing, TikTok’s parent company ByteDance asked the federal appeals court to vacate the United States government order forcing it to sell the app’s American operations.

President Donald Trump issued an order in August requiring ByteDance to sell TikTok’s U.S. business by November 12, unless it was granted a 30-day extension by the Committee on Foreign Investment in the United States (CFIUS). In today’s filing (embedded below) with the federal appeals court in Washington D.C., ByteDance said it asked the CFIUS for an extension on November 6, but the order hasn’t been granted yet.

It added it remains committed to “reaching a negotiated mitigation solution with CFIUS satisfying its national security concerns” and will only file a motion to stay enforcement of the divestment order “if discussions reach an impasse.”

Security concerns about TikTok’s ownership by a Chinese company were at the center of the executive order Trump signed in August, banning transactions with Beijing-headquartered ByteDance.

The executive order claimed that TikTok posed a threat to national security, though ByteDance maintains that it does not. But in order to prevent the app, which has about 100 million users in the U.S., from being banned, ByteDance reached a deal in September to sell 20% of its stake in TikTok to Oracle and Walmart. With the Biden administration set to take office in January and ByteDance’s ongoing legal challenge against the divestment order, however, the future of the deal is now uncertain.

The new filing is part of a lawsuit TikTok filed against the Trump administration on September 18, seeking to stop the ban from going into effect.

In a statement to Bloomberg, TikTok said it has been working with the CFIUS to address its national security concerns.

“In the nearly two months since the President gave his preliminary approval to our proposal to satisfy those concerns, we have offered detailed solutions to finalize that agreement—but have received no substantive feedback on our extensive data privacy and security framework,” it said.

With the divestment order set to go into effect on Thursday unless the CFIUS grants an extension, TikTok said it made the filing “to defend our rights and those of our more than 1,500 employees in the U.S.”

TechCrunch has contacted ByteDance for comment.

TikTok asks U.S. federal appeals court to vacate U.S. divestment order by TechCrunch on Scribd

#apps, #asia, #bytedance, #china, #oracle, #tc, #tiktok, #u-s-government, #walmart

0

Joe Biden wins the 2020 US presidential election

Following a tense week of vote tallying, Joe Biden won the state of Pennsylvania and vaulted ahead in the race to become the next president of the United States. Biden’s win in the critical state put him over the threshold of 270 electoral votes, cutting off all avenues for his opponent.

Biden prevailed by flipping key states that went to Trump in 2016, including Wisconsin, Michigan and Pennsylvania. Trump again won in Florida and Ohio, but in the end was unable to chart a path to an electoral victory. Biden also leads by millions in the popular vote, with a record number of votes cast this year, many through the mail.

As his vice president, Kamala Harris will make history in myriad ways, becoming the first woman — and the first woman of color — to occupy the office. Harris, a California senator and the state’s former attorney general, built a career in the tech industry’s front yard.

Shattered barriers aside, this year’s election will likely go down in infamy for many in the U.S. The race was the strangest in recent years, characterized by rising storms of misinformation, fears over the fate of scaled-up vote-by-mail systems and a deadly virus that’s claimed well over 230,000 American lives. Biden’s campaign was forced to adapt to drive-up rallies and digital campaigning instead of relying on door-knocking and face-to-face interaction to mobilize the vote.

The circumstances of the election also created the perfect ecosystem for misinformation — a situation made worse by President Trump’s false claim of victory early Wednesday morning and ongoing claims of Democratic voter fraud. Trump appears to be in no mood to concede the election, but in the end the vote is what it is and Joe Biden will take office on January 20, 2021.

While a sitting president rejecting that unwritten democratic norm would be alarming, Trump’s decision will have little bearing on the ultimate political outcome. Whatever the coming days hold, the U.S. is entering into a new and unprecedented phase of uncertainty in which misinformation abounds and political tensions and fears of politically-motivated violence are running high.

The former vice president’s win brings a four year run of Trumpism to an abrupt end, though its effects will still reverberate throughout American politics, likely for decades. It also ushers in a new era in which Joe Biden plans to draw on the influence of an unlikely coalition of Democrats from across the political spectrum. The Senate still hangs in the balance with two tight races in Georgia headed to January runoffs.

Biden has laid out plans for sweeping climate action, and a healthcare extension that would cover more Americans and provide an opt-in Medicare-like public option. But his ability to enact most of those grand plans would hinge on a Democratic Senate. While either party was likely to continue pursuing more aggressive regulation for the technology industry, we’ll be watching closely for signals of what’s to come for tech policy.

But even without the Senate, the president-elect may be capable of making a swift and critical impact where it’s most needed: the coronavirus pandemic. In the continued absence of a national plan to fight the virus and a White House that downplays its deadliness and discourages mask-wearing, COVID-19 is raging out of control in states across the country, signaling a very deadly winter just around the corner.

#2020-election, #government, #tc, #u-s-government

0

DOJ says it seized over $1 billion in bitcoin from the Silk Road drugs marketplace

Two days ago, about $1 billion worth of bitcoin that had sat dormant since the seizure of the Silk Road marketplace in 2013, one of the biggest underground drug websites on the dark web, suddenly changed hands.

Who took it? Mystery over. It was the U.S. government.

In a statement Thursday, the Justice Department confirmed it had seized the 70,000 bitcoins generated in revenue from drug sales on the Silk Web marketplace. At the time of the seizure, the bitcoin was worth more than $1 billion.

“Silk Road was the most notorious online criminal marketplace of its day. The successful prosecution of Silk Road’s founder in 2015 left open a billion-dollar question. Where did the money go? Today’s forfeiture complaint answers this open question at least in part,” said U.S. Attorney David Anderson in remarks.

“$1 billion of these criminal proceeds are now in the United States’ possession,” he said.

Silk Road was for a time the “most sophisticated and extensive criminal marketplace on the Internet,” per the Justice Department statement. In 2013, its founder and administrator Ross Ulbricht was arrested and the site seized. Ulbricht was convicted in 2015 and sentenced to two life terms and an additional 40 years, for his role in the operation. Prosecutors said the site had close to 13,000 listings for drugs and other illegal services, and generated millions of bitcoin.

The Justice Department said Thursday that the seized bitcoin would be subject to forfeiture proceedings.

#computing, #cryptocurrency, #dark-web, #department-of-justice, #free-software, #internet, #ross-ulbricht, #security, #silk-road, #u-s-government, #united-states

0

AOC flagged ‘material risks’ to Palantir investors in letter to SEC

In a newly released letter, New York Rep. Alexandria Ocasio-Cortez issued words of warning to the SEC over Palantir’s efforts to take the company public, cautioning the regulatory body over details the progressive congresswoman says were “omitted” in the company’s disclosures. Illinois Rep. Jesús “Chuy” García co-authored the letter, embedded below, which was submitted to SEC Chairman Jay Clayton on September 17.

Palantir, a secretive data analytics company that provides its software to U.S. agencies, debuted on public markets Wednesday through a direct listing rather than a traditional IPO. The company debuted with an implied valuation of $16 billion.

“Palantir reports several pieces of information about its company – and omits others – that we believe require further disclosure and examination, as they present material risks of which potential investors should be aware and national security concerns of which the public should be aware,” Ocasio-Cortez and García wrote.

Among their concerns, the lawmakers asked for Palantir to disclose how much equity the CIA’s venture capital firm holds in the company.

“In-Q-Tel’s investment in Palantir is not classified information, and
Palantir is currently listed on In-Q-Tel’s website among its portfolio companies,” the representatives wrote. Palantir benefitted from an early investment from In-Q-Tel, but current information about the In-Q-Tel’s holdings is not public.

“Palantir reports that its ‘government work is central to defense and intelligence operations in the United States and its allies abroad,” but does not provide further information on the nature of its work for domestic or foreign intelligence agencies, despite recognizing that public perception of its government contracts represent a material risk to investors,” the representatives wrote.

Ocasio-Cortez and García also raised concerns about risks to investors over the company’s secretive work with foreign governments, including its relationship with Qatar, a nation with documented human rights concerns for migrants and its LGBTQ population.

As we previously reported, Palantir discussed its work with “organizations whose products or activities are or are perceived to be harmful” in the risks section of its S-1 filing. Palantir’s work with the notorious U.S. immigration enforcement agency ICE has attracted unwanted attention in recent years, and the company maintains contracts with ICE worth up to $92 million.

Palantir is currently powering the U.S. government’s COVID-19 tracking software platform HHS Protect Now, a controversial relationship that Democratic lawmakers demanded more transparency around in July.

Ocasio-Cortez and García also raise concerns around Palantir’s corporate governance — an issue we’ve reported on extensively as the company adjusted its S-1 filing.

As of a week ago, Palantir had already updated language in its S-1 five times, mostly making changes to an unusually centralized governance structure designed to ensure that a disproportionate amount of decision making power remains with the company’s three founders Alex Karp, Stephen Cohen and Peter Thiel.

In the letter to the SEC chairman, the representatives accuse Palantir’s board of “lacking the required majority of independent board members,” raising questions about Alexander Moore, who directed operations at the company for its first five years.

While today marks the end of Palantir’s journey to take itself public, the process hasn’t been completely smooth for a company so unused to public attention. Palantir already delayed its direct listing by a week as it reportedly navigated a “protracted back-and-forth” with the SEC and tweaked language over a still glaringly uneven voting structure designed to keep decision making in a few hands — including those of its controversial co-founder Peter Thiel.

Now, with its formal entrance into life as a public company, the public and lawmakers alike are set to learn more about Palantir’s work than ever before.

#aoc, #palantir, #tc, #u-s-government

0