Webtagr - Technology News Summarizer

RedNote's Dilemma: A Flood of 'TikTok Refugees' and the Threat of US Influence

2025-01-17

The impending US ban on TikTok has sent millions of users flocking to RedNote, a Chinese social media platform. However, this influx presents a challenge. To prevent US users from influencing its Chinese user base, RedNote may soon segregate users, sparking controversy. This move risks cutting off Chinese-Americans from Chinese culture and information, while simultaneously highlighting China's long-standing concerns about Western social media influence – a situation ironically mirroring the US's planned TikTok ban. RedNote's unexpected popularity has caught it off guard, forcing it to scramble to moderate English content and build translation tools.

(arstechnica.com)

Tech

US Sanctions Chinese Hacker and Firm Behind Treasury and Telecom Hacks

2025-01-17

The US Treasury Department sanctioned Yin Kecheng, a Shanghai-based hacker, and Sichuan Juxinhe Network Technology Co., Ltd. for their roles in the recent breach of the Treasury Department and attacks on US telecommunication companies. Yin Kecheng, linked to China's Ministry of State Security (MSS), was involved in the Treasury Department breach, exploiting a zero-day vulnerability. Sichuan Juxinhe is associated with the Salt Typhoon hacking group, responsible for spying on high-profile targets through compromised telecom providers. The sanctions freeze their US assets and prohibit transactions with US entities. This action underscores the US commitment to combating Chinese cyber espionage.

(www.bleepingcomputer.com)

Tech sanctions hacking Sanctions Chinese Hackers

Massive Fire at World's Largest Battery Plant Forces Evacuations in California

2025-01-17

A massive fire erupted at one of the world's largest battery storage plants in Moss Landing, California, forcing hundreds to evacuate and prompting the closure of a section of Highway 1. The blaze, which started Thursday afternoon, sent plumes of black smoke into the air. While firefighters worked to contain the flames, the fire was still burning Friday morning. This is the third fire at the Vistra Energy plant in three years, raising concerns about the safety of large-scale battery storage.

(www.gpb.org)

Tech battery storage fire

Railway's Journey: Building a Data Center from Scratch

2025-01-17

Constrained by hyperscaler limitations, Railway embarked on Project Metal, building its own data center in just nine months. The blog post details the entire process, from site selection, power and network infrastructure, to server installation, highlighting challenges and solutions encountered along the way. This included power and network redundancy, rack layout, cable management, and more. The result? A software-defined network and internal tools automating the entire data center build process, from design to deployment.

(blog.railway.com)

Tech

Mystery Solved: The 'Evil' RJ45 Dongle Was Just Old Tech

2025-01-17

A tech blogger investigates a Chinese-made RJ45-to-USB dongle accused on social media of containing malware. Through reverse engineering, the author discovers the dongle uses a publicly available, signed driver for a clone of the Realtek RTL8152B chip. The onboard flash memory stores the driver, essentially acting as a 'software-defined' CD-ROM. The conclusion? The dongle itself is harmless, just employing an outdated method of driver delivery. The article, written in a lighthearted tone, highlights misinterpretations and overreactions in cybersecurity, emphasizing the importance of security, particularly for critical infrastructure and strategic businesses.

(lcamtuf.substack.com)

Tech hardware reverse engineering

FBI Warns of Hacked Agent Phone Logs

2025-01-17

Bloomberg reports that an internal FBI document reveals hackers breached AT&T's system last year, stealing months of call and text logs from FBI agents. While the content of communications wasn't compromised, the data—potentially millions of records—could link agents to confidential informants, jeopardizing national security and ongoing investigations. The FBI is working to protect informant identities and is investigating the breach. This highlights the vulnerability of telecom data and the challenges in safeguarding sensitive information.

(uk.news.yahoo.com)

Tech

Microsoft Forces Windows 11 24H2 Update

2025-01-17

Microsoft has begun forcefully pushing the Windows 11 2024 Update (version 24H2), a significant update that can take up to two hours to install. This affects devices running Home and Pro editions of Windows 11, versions 23H2 and 22H2, excluding those managed by IT departments. The update includes support for features like USB4 80Gbps and Bluetooth LE Audio, but users should schedule ample time to avoid interruptions.

(www.pcworld.com)

Tech Windows 11 update forced update

LightCell: A Revolutionary Light-Powered Engine

2025-01-17

LightSail Energy is developing a revolutionary engine called LightCell that generates electricity using monochromatic light emitted from hot sodium produced by burning hydrogen or other fuels. This engine cleverly combines thermophotovoltaics, an optical cavity, and a ceramic heat exchanger to recycle waste heat, achieving up to 40% energy conversion efficiency. The core technology utilizes 2.1eV photons from sodium atomic transitions, captured efficiently by precisely designed bandgap-tuned photovoltaic cells. LightCell boasts high energy density, low noise, and modularity, promising a breakthrough in future energy.

(www.lightcellenergy.com)

Tech light-powered energy thermophotovoltaics

DoubleClickjacking: Bypassing All Clickjacking Protections

2025-01-17

DoubleClickjacking is a novel attack exploiting the timing of double-click events to bypass all known clickjacking protections, including X-Frame-Options, CSP's frame-ancestors, and SameSite cookies. Attackers trick users into double-clicking a seemingly benign button, rapidly switching windows in milliseconds to hijack actions like authorizing malicious apps or changing account settings. It leverages the subtle timing difference between `mousedown` and `onclick` events, making it effective regardless of double-click speed. While some sites mitigate this by disabling buttons until user interaction (mouse movement or keyboard input) is detected, this requires client-side protection. Long-term solutions require new browser standards to defend against this.

(www.paulosyibelo.com)

Tech clickjacking doubleclickjacking

Google Search Now Requires JavaScript: Security or Something Else?

2025-01-17

Google has announced that its search engine now mandates JavaScript for use. The stated reason is to better protect against malicious activity like bots and spam, improving the overall user experience. However, this move may inconvenience users relying on accessibility tools and has sparked speculation about Google's intent to limit third-party search trend analysis tools. While Google claims the affected user percentage is minuscule, the sheer volume of daily Google searches means millions are still impacted, leading to widespread discussion.

(techcrunch.com)

Tech Malicious Activity

Medicare to Negotiate Prices for 15 Popular Drugs

2025-01-17

The Biden administration announced that 15 commonly used drugs, including Ozempic and Wegovy, will be included in Medicare's price negotiation program. This marks the first time the U.S. government will directly negotiate drug prices with manufacturers, and is expected to save taxpayers billions of dollars. While Ozempic and Wegovy have drawn scrutiny for their high costs, Medicare currently only covers them for diabetes treatment, not weight loss. The incoming Trump administration will decide whether to implement a proposed rule to cover these medications for obesity. This brings the total number of drugs subject to Medicare price negotiations to 25, covering a third of prescription drug spending. The pharmaceutical industry has sued over the program, but groups like the AARP say they will fight to uphold the law.

(apnews.com)

Tech Drug Price Negotiation

Nonlinear Optics Sandbox: AI-Powered Control of Complex Optical Systems

2025-01-17

WestonCB's Nonlinear Optics Sandbox is an interactive platform for studying controlled nonlinear dynamics through the simulation of coupled optical fields. The project uses a specific optical configuration—coupled fundamental/harmonic fields interacting with an adaptive medium—as an idealized model to explore how optimization processes can guide complex nonlinear systems towards desired states. It combines real-time visualization, GPU-accelerated physics simulation, and gradient-based optimization, offering a novel tool for researching nonlinear dynamics and the control of complex systems.

(github.com)

Tech Nonlinear Optics AI Optimization Complex Systems

AI vs. End-to-End Encryption: A Privacy Showdown

2025-01-17

This article explores the clash between AI and end-to-end encryption. The rise of AI assistants necessitates off-device processing of increasingly sensitive data, challenging the privacy protections offered by end-to-end encryption. While companies like Apple are attempting to mitigate this with 'Private Cloud Compute' and trusted hardware, this approach relies on complex software and hardware security, falling short of a perfect solution. A deeper concern lies in the control of powerful AI agents; once deployed, access becomes paramount, raising the specter of government or corporate access compromising personal privacy.

(blog.cryptographyengineering.com)

Tech AI privacy end-to-end encryption

Supreme Court Upholds TikTok Ban: National Security Trumps Free Speech

2025-01-17

The Supreme Court unanimously upheld a federal law banning TikTok unless its Chinese parent company sells it. The ruling prioritizes national security concerns over free speech arguments, citing risks posed by TikTok's ties to China. While President-elect Trump suggested a negotiated solution and the Biden administration indicated it wouldn't enforce the ban immediately, the decision leaves TikTok's future in the US uncertain. The court found the law did not violate petitioners' First Amendment rights.

(apnews.com)

Tech US-China Tech Rivalry

GM Banned from Selling Driver Data to Insurers

2025-01-17

The Federal Trade Commission (FTC) alleges that General Motors (GM) and OnStar collected, used, and sold drivers' precise geolocation data and driving behavior without adequate notification or consent. The FTC issued a proposed order banning GM from selling this data to consumer reporting agencies for five years. This follows a New York Times investigation revealing GM's sale of driving data—including instances of hard braking and speeding—to insurers, leading to increased premiums for drivers. GM claims it has already taken steps to address these issues, including ending its Smart Driver program and ceasing data sales to analytics firms. The FTC's order is subject to a 30-day public comment period.

(techcrunch.com)

Tech

GM Settles FTC Charges Over Secret Sharing of Driver Location Data

2025-01-17

General Motors (GM) has settled with the FTC over privacy concerns related to its discontinued Smart Driver program. The FTC alleged that GM collected and shared precise geolocation data from millions of vehicles without informed consent, providing this data to insurance companies and impacting drivers' premiums. The settlement prohibits GM from sharing such data for five years and mandates obtaining affirmative consent for data collection, along with data access and deletion options for users. This case highlights the ongoing debate surrounding the privacy of automotive data and consumer protection.

(www.theregister.com)

Tech

GM Banned from Selling Driver Data for Five Years

2025-01-17

General Motors and its subsidiary OnStar are banned from selling customer geolocation and driving behavior data for five years following an FTC settlement. A New York Times investigation revealed GM collected detailed driving data, including acceleration, braking, and trip length, and sold it to insurers and third-party brokers without consent. The FTC accused GM of a misleading enrollment process for its OnStar service, failing to disclose data collection and sale to third parties. The settlement requires GM to obtain consent before collecting driving data and allow data deletion upon request.

(www.theverge.com)

Tech General Motors

Canon Wants $5/Month to Use Your Expensive Camera as a Webcam

2025-01-17

A blogger recounts his frustration with Canon's software requiring a $4.99 monthly or $49.99 annual subscription to fully utilize his Canon camera as a webcam. Despite the headline's $6299 price tag, his camera cost significantly less. Even with the paid subscription, features like brightness and color correction are limited, and only 720p video is available. The author argues that this subscription model is unjustified for a hardware company with nearly $30 billion in profit.

(romanzipp.com)

Tech Canon Webcam Subscription Model

Oldest Alphabet Unearthed: 4,400-Year-Old Clay Cylinders Rewrite History

2025-01-17

UC Santa Cruz history professor Elaine Sullivan discovered four small clay cylinders inscribed with mysterious symbols at an Early Bronze Age burial site in Umm el-Marra, Syria. Initially overlooked, these artifacts were later identified as an early Semitic alphabet predating previously known examples by at least 500 years. This discovery challenges our understanding of the alphabet's origins, shifting its location from Egypt and the Southern Levant to Northern Syria. The research highlights the importance of meticulous fieldwork and interdisciplinary collaboration in archaeology, emphasizing that artifacts often hold secrets only later generations can unlock.

(www.universityofcalifornia.edu)

Tech archaeology alphabet origins Bronze Age

Bypassing Disk Encryption with Automatic TPM2 Unlock: A Critical Vulnerability

2025-01-17

This article exposes a critical vulnerability in systems using TPM2 for automatic disk encryption unlocking. An attacker with brief physical access can decrypt the disk without altering the TPM's state. The vulnerability stems from most setups failing to verify the LUKS identity of the decrypted partition. The attacker can use the initrd image in the unencrypted boot partition to create a fake LUKS partition with a known key, tricking the system into executing a malicious init program, thereby obtaining the original disk key. Solutions include using a TPM PIN or properly verifying the LUKS identity within the initrd.

(oddlama.org)

Tech Disk Encryption

Is the World Becoming Uninsurable? Climate Change and Systemic Risk

2025-01-17

This article explores the increasing possibility of the world becoming uninsurable due to rising global risks. The author begins with their personal experience of being unable to obtain hurricane insurance, highlighting the increasing frequency of extreme weather events due to climate change, forcing insurance companies to withdraw from high-risk areas or raise premiums dramatically. The article criticizes the reliance on solely political or technological solutions, arguing that government mandates forcing insurers to provide coverage are unsustainable and will ultimately lead to taxpayers bearing massive losses. Historical precedents of climate-driven societal upheaval are reviewed, emphasizing how the current 'limitless possibilities' mindset ignores the constraints imposed by nature. The article concludes that the world is becoming uninsurable because many things taken for granted are no longer financially viable, and rising systemic risks are beyond the reach of purely political or technological solutions.

(charleshughsmith.substack.com)

Tech systemic risk

AT&T Pulls 5G Home Internet from NY Over Affordable Broadband Law

2025-01-17

AT&T has ceased offering its 5G home internet service in New York State in response to a new law mandating affordable broadband plans for low-income residents. The Affordable Broadband Act, implemented after a lengthy legal battle, requires ISPs to offer $15/25Mbps or $20/200Mbps plans to eligible households. AT&T argues the price regulations make further investment in the state uneconomical. Existing customers will have a 45-day grace period. This decision highlights the ongoing tension between telecom companies' profitability and the need for accessible broadband access.

(arstechnica.com)

Tech New York

SpaceX Dragon Docks with ISS: A Mission Breakdown

2025-01-16

SpaceX's Dragon capsule successfully docked with the International Space Station. The mission involved several phases: first, a Falcon 9 rocket launched Dragon into orbit; then, Dragon performed orbital adjustments to gradually approach the ISS; finally, Dragon docked with the ISS, completing pressurization and crew ingress. The entire process involved a series of precise thruster burns and orbital maneuvers, showcasing SpaceX's advanced aerospace technology.

(www.spacex.com)

Tech

OpenAI Whistleblower's Death: From Suicide to Active Investigation

2025-01-16

The death of Suchir Balaji, a former OpenAI researcher, has taken a dramatic turn. Initially ruled a suicide, the San Francisco Police Department has reopened the case as an 'active and open investigation' following allegations from Balaji's family and inconsistencies in the initial autopsy. Balaji publicly criticized OpenAI's practices before his death, sparking speculation about foul play, even drawing comment from Elon Musk. This case highlights the risks faced by whistleblowers in the tech industry and raises crucial questions about ethics and accountability in the rapidly evolving AI landscape.

(www.republicbiz.com)

Tech whistleblower death investigation

AI-Powered News Aggregation: Ranking Global Headlines by Significance

2025-01-16

News Minimalist uses AI to score and rank global news by significance. The site curates a daily selection of news articles with scores above 5.5, offering concise summaries. Recent coverage spans diverse fields, from quantum computing breakthroughs and AI in medicine to geopolitical conflicts, showcasing AI's power in information filtering and news aggregation. It provides readers with an efficient way to access important news.

(www.newsminimalist.com)

Tech News Aggregation AI Applications

Laser Technique Achieves Nanometer Precision Over Vast Distances

2025-01-16

Scientists have developed a new laser-based technique capable of measuring distances exceeding 100 kilometers with nanometer precision. This breakthrough promises significant improvements in the accuracy of space telescopes and other long-range measurement applications. Previously, long-distance laser measurements were limited to millimeter precision, highlighting the revolutionary nature of this advancement.

(www.newscientist.com)

Tech laser ranging nanometer precision space telescopes

Bird Tongues: A Surprisingly Diverse World

2025-01-16

This blog post explores the amazing diversity of bird tongues and their adaptations to different diets. From the hummingbird's forked tongue to the woodpecker's sharp, spiky tongue, and the penguin's incredibly barbed tongue, each species' tongue is uniquely evolved to suit its feeding habits. Hummingbirds, for example, use their tongues like tiny straws to lap up nectar, while woodpeckers use theirs to spear insects from tree holes. The post is richly illustrated, showcasing the variety and wonder of bird tongues and highlighting nature's ingenious designs.

(toughlittlebirds.com)

Tech birds tongues

Washington Post Drops 'Democracy Dies in Darkness' Slogan

2025-01-16

The Washington Post has abandoned its iconic 'Democracy Dies in Darkness' slogan, replacing it with 'Riveting Storytelling for All of America.' This shift has sparked internal controversy and is linked to owner Jeff Bezos' refusal to endorse Kamala Harris and a pursuit of aggressive growth targets. The new strategy emphasizes an AI-powered platform to deliver news to all Americans, aiming for 200 million paying users. This move is seen as a strategic pivot driven by commercial pressures, raising concerns about the Post's journalistic independence and values.

(www.avclub.com)

Tech Washington Post Journalism Business Strategy

Penn Station Expansion Unnecessary: NYC Ready for Through-Running

2025-01-16

A new report by the Effective Transit Alliance New York (ETA) refutes Amtrak's claim that a $16.7 billion Penn Station expansion is needed to handle increased ridership from the Gateway Program. ETA argues that the existing Penn Station can accommodate increased ridership through operational changes, eliminating the need for massive expansion. The report analyzes international examples and uses modeling to demonstrate that through-running allows Penn Station to handle 48 trans-Hudson trains per hour, doubling its current peak capacity. ETA urges Amtrak, the MTA, and NJ Transit to abandon the costly expansion plan and instead adopt a more cost-effective operational model.

(www.etany.org)

Tech transit

Let's Encrypt to Offer 6-Day Certificates and IP Address Support in 2025

2025-01-16

Let's Encrypt announced plans to introduce two new certificate options in 2025: short-lived certificates with a six-day lifetime and support for IP addresses. Six-day certificates significantly enhance security by minimizing the window of vulnerability. IP address support enables secure TLS connections for IP-accessible services using publicly trusted certificates, eliminating the need for domain names. The rollout will be phased, with general availability expected by the end of 2025. Users will need an ACME client supporting certificate profiles to obtain the short-lived certificates.

(letsencrypt.org)

Tech SSL Certificates

Category: Tech