In many ways, we’re right back to where we were during the last major monopolization case against Microsoft in the late 1990s. From the time Microsoft first lost in 2000 to when it struck a settlement in 2001, legal challenges, tech lobbying, and the turnover of presidential administrations into more tech-friendly hands all watered down the ultimate result, despite a historic defeat. Even greater challenges are facing regulators this time around with Google.

With its many tentacles in power centers in Washington, Google still has plenty of tools at its disposal to try to undermine the case and save its own skin.

The main lesson that Silicon Valley took away from the Microsoft case was that Bill Gates didn’t treat the threat of government action seriously, and thus had an ill-equipped ragtag lobbying operation. Google decided it would not make the same mistake and built up one of the most robust influence-peddling operations in the District, as documented in the recent book The Wolves of K Street. High-powered lobbyists like Tony Podesta and others came up with a new playbook to brush back regulatory oversight by paying outside researchers to launder industry talking points through the guise of neutral “expertise.” In particular, Google’s team deployed this to help tamp down an FTC investigation during the Obama administration. From Google’s early days, Eric Schmidt and Adam Kovacevich, a former Google executive now at a Google-funded organization called the Chamber of Progress, were tasked to develop this machine in Washington in the hopes of preemptively averting a case like the one they’re facing now.

Any ideas?

Archived version

• Earlier in 2024, Sygnia observed ‘Velvet Ant’ leveraging a zero-day exploit (CVE-2024-20399) to compromise and control on-premises Cisco Switch appliances. These types of vulnerabilities are used by threat actor to operate on compromised devices in a way that is completely hidden to the enterprise security stack.
• As part of the ‘Velvet Ant’ multi-year intrusion, the transition to operating from internal network devices marks yet another escalation in the evasion techniques used in order to ensure the continuation of the espionage campaign.
• The zero-day exploit allows an attacker with valid administrator credentials to the Switch management console to escape the NX-OS command line interface (CLI) and execute arbitrary commands on the Linux underlying operating system. Following the exploitation, ‘Velvet Ant’ deploy tailored malware, which runs on the underlying OS and is invisible to common security tools.
• The modus-operandi of ‘Velvet Ant’ highlights risks and questions regarding third-party appliances and applications that organizations onboard. Due to the ’black box‘ nature of many appliances, each piece of hardware or software has the potential to turn into the attack surface that an adversary is able to exploit.
• By enhancing logging, implementing continuous monitoring, and conducting systematic threat hunts on key organizational choke points, organizations can better detect and counteract advanced persistent threats such as ‘Velvet Ant’.

Archived link

The 2024 Paris Olympic Games have also turned into a game field for rumors. Though there are some similarities, the rumors circulating in Chinese and English are somewhat different.

[...]

As pro-Kremlin and far-right sources promoted disinformation about potential terrorist attacks on the Paris Olympics and soaring street crime in Paris, Chinese social media echoed the Russian narratives with false stories of frightening crimes and attacks on Olympic athletes in Paris. For example, multiple clips on the Chinese short-video platforms Kuaishou and Douyin conveyed the same story: a boxing coach from an Olympic team was robbed and beaten to death. In a separate incident, the US team's portable air conditioners were stolen, causing an American athlete to suffer from heat stroke and eventually die in the Olympic Village.

As a matter of fact, no American athlete died from heat stroke, nor did a boxing coach have a violent encounter and lose his life to the robbery incident. During the Paris Olympics, a boxing coach from Samoa passed away, but the cause of death was due to natural causes.

[...]

According to the unfounded stories, French President Emmanuel Macron asked China to assist France with Chinese anti-terrorism technology and maintain security during the Olympic games. For the benefit of the entire world, the Chinese government dispatched 1160 anti-terrorism professionals and equipped the Olympic Games with satellite surveillance systems and facial recognition technology based on China's big data system. Due to the superior Chinese anti-terrorism team and technology, 120 terrorists were arrested in Paris. The French police were extremely impressed by China's advanced surveillance and facial recognition technologies. Even Thomas Bach, President of the International Olympic Committee, acknowledged China's assistance in keeping the Paris Olympic Games safe.

In reality, the Chinese police did not participate in the multi-national police team at the Paris Olympic Games. According to the Taiwan FactCheck Center's investigation, almost 1,800 foreign police officers from 40 countries were in France to help maintain security. However, China was not one of the 40 countries. As for the arrest of terrorists, the French authorities did arrest one Russian man for plotting an assault on the Olympic Games. However, there was no mention of more than 120 terrorists being arrested in France thanks to China's facial recognition technology.

[...]

The Chinese state media has also broken its silence in recent months, publishing articles questioning whether US swimmers used drugs during the Olympics. For example, CCTV produced an article asking "six shocking questions" about "US doping scandals." One of the questions concerned American swimmers' purple faces. The story stated that American media outlets purposefully changed the color of photos and made American swimmers' faces appear white (the original text is "美媒特意调了色，把自己运动员的紫脸P白了"). The piece then contrasted an "adjusted picture" from AP with one from Reuters.

[...]

In addition to Chinese-language coverage, the English edition of Global Times, China's state media famed for its tabloid-style reporting, published an article about the widespread suspicion caused by American swimmers' purple faces. Later, the Global Times published another item stating that the US Embassy in China had posted a color-adjusted photo on Weibo to congratulate US swimmers.

Until August 17, when this analysis was written, the US Embassy's Weibo account had posted a statement that the Embassy did not post photoshopped images. (The Taiwan FactCheck Center is still investigating the claim that the US media intentionally made American swimmers’ faces “look white.” [...]) However, social media posts written in English questioning whether the purple faces could be the result of doping appeared on websites such as Reddit, Quora, and TikTok. Some YouTube influencers interviewed experts to explain the causes of purple faces, but others disputed the explanation and argued certain drugs could cause purple faces. The statement from English-speaking YouTubers claiming the purple faces were caused by drugs was again translated into Chinese and quoted by Chinese netizens.

[...]

This is a battery manufacturer with shoddy QC and that overstates Amp-hour ratings.

As someone who relies on batteries to survive, this is personally offensive. My entire solar setup is largely thanks to Will Prowse, so when he says to avoid something, I tend to listen. Thankfully, I already have 600Ah of battery that appears to be functioning within normal parameters.

I'm glad to see Rossmann calling this bullshit out.

On Tuesday the co-founders announced that they have successfully raised $40 million in Series A funding and shared plans for their next two missions. AstroForge has now raised a total of $55 million to date.

...

However, Gialich said AstroForge learned a lot from this mission and is working toward launching a second spacecraft named Odin. This will be a rideshare payload on the Intuitive Machines-2 mission, which is due to launch during the fourth quarter of this year. If successful, the Odin mission would be spectacular. About seven months after launching, Odin will attempt to fly by a near-Earth, metallic-rich asteroid while capturing images and taking data—truly visiting terra incognita. Odin would also be the first private mission to fly by a body in the Solar System beyond the Moon.

...

On Tuesday, the company also announced plans for its third mission, Vestri (the company is naming its missions after Norse deities). This spacecraft will be about twice as large as Odin and is intended to return to the targeted metallic asteroid and dock with it. The docking mechanism is simple—since the asteroid is likely to be iron-rich, Vestri will use magnets to attach itself.

This is hilarious!

AM4 is still alive somehow XD!

The Electronic Frontier Foundation (EFF) filed an amicus brief in the U.S. Court of Appeals for the Ninth Circuit supporting a group of journalists in their lawsuit against Israeli spyware company NSO Group. In our amicus brief backing the plaintiffs’ appeal, we argued that victims of human rights abuses enabled by powerful surveillance technologies must be able to seek redress through U.S. courts against both foreign and domestic corporations.

NSO Group notoriously manufactures “Pegasus” spyware, which enables full remote control of a target’s smartphone. Pegasus attacks are stealthy and sophisticated: the spyware embeds itself into phones without an owner having to click anything (such as an email or text message). A Pegasus-infected phone allows government operatives to intercept personal data on a device as well as cloud-based data connected to the device.

[...]

The U.S. government has endorsed the Guiding Principles as applied to U.S. companies selling surveillance technologies to foreign governments, but also sought to address the issue of spyware facilitating state-sponsored human rights violations. In 2021, for example, the Biden Administration recognized NSO Group as engaging in such practices by placing it on a list of entities prohibited from receiving U.S. exports of hardware or software.

Dana Mattioli speaks about her new book, The Everything War, which examines how Amazon came to dominate the U.S. economy through its “scorched-earth” tactics.

“I found just a ton of business practices driven by this toxic culture at Amazon, where the company lied, spied, cheated its way to the top,” she says. Mattioli also discusses the threat of antitrust lawsuits to Amazon and other Big Tech firms, political pressure on U.S. Federal Trade Commission Chair Lina Khan and more.

[...] Amazon has had a really bumpy history with both the [U.S.} Republicans, specifically Donald Trump, and also the [U.S.] Democrats. You know, [U.S. President Joe] Biden has been really tough on Amazon. He put in place Lina Khan, the head of the Federal Trade Commission, the agency overseeing them. And she brought forward this historic monopoly lawsuit against the company last year.

[...]

Two major Democratic donors, media mogul Barry Diller and LinkedIn co-founder Reid Hoffman, have publicly called for Kamala Harris to fire FTC Chair Lina Khan, who has led Biden’s antitrust efforts — that’s if Kamela Harris becomes president. Hoffman sits on the board of Microsoft, which was sued by the FTC.

[...]

Lina Khan has become this lightning rod in CEO circles, but specifically in tech circles. We’ve seen CEOs and VCs become very frustrated with the FTC under Lina Khan, because she’s been very critical of them. She’s taken a very close look at their companies. They’ve brought lawsuits against all Big Four tech companies, between the DOJ and the FTC, as well as other companies. So it’s not surprising. But Biden has been a staunch advocate of hers.

[...]

Archive link

Citing the EFF blog:

In 2022, [Electronic Frontier Foundation] EFF fought along with other privacy groups, domestic violence organizations, and LGBTQ+ rights organizations in the U.S. to prevent the use of GPS-enabled technology in digital license plates. A.B. 984, authored by State Assembly member Lori Wilson and sponsored by digital license plate company Reviver, originally would have allowed for GPS trackers to be placed in the digital license plates of personal vehicles.

As we have said many times, location data is very sensitive information, because where we go can also reveal things we'd rather keep private even from others in our household. Ultimately, advocates struck a deal with the author to prohibit location tracking in passenger cars, and this troubling flaw was removed. Governor Newsom signed A.B. 984 into law.

Now, not even two years later, the state's digital license plate vendor, Reviver, and Assemblymember Wilson have filed A.B. 3138, which directly undoes the deal from 2022 and explicitly calls for location tracking in digital license plates for passenger cars.

This campaign, which Canada's Citizen Lab has investigated in collaboration with Access Now and with the participation of numerous civil society organizations including First Department, Arjuna Team, and RESIDENT.ngo, engages targets with personalized and highly-plausible social engineering in an attempt to gain access to their online accounts.

The researchers attribute this campaign to COLDRIVER (also known as Star Blizzard, Callisto and other designations). This threat actor is attributed to the Russian Federal Security Service (FSB) by multiple governments.

They identified a second threat actor targeting similar communities, whom we name COLDWASTREL. We assess that this actor is distinct from COLDRIVER, and that the targeting that we have observed aligns with the interests of the Russian government.

by Rodney July 12th, 2024

(Except there is no profit, only pain)

In OBS 30.2 I introduced the new "Hybrid MP4" output format which solves a number of complaints our users have had for pretty much all of OBS's existence; It's resilient against data loss like MKV, but widely compatible like regular MP4.

Getting here was quite a journey, and involved fixing several other bugs in OBS that were only apparent once diving this deep into how the audio and video data is stored.

In this post I'll try to explain how MP4 works, what the drawbacks were to regular/fragmented MP4, and how I tried to solve them with a hybrid approach.

And at the end of the document:

Thanks & Acknowledgements

NOT the ISO for paywalling these specs and making it a god damn paperchase where every time you get one document it references three others that are also paywalled

Archived link

5,000 AI-Controlled Fake X Accounts Linked to China Disinformation Campaign

Researchers have uncovered a network of at least 5,000 fake X (formerly Twitter) accounts that appear to be controlled by AI in a disinformation campaign linked to China – and the activity appears to be heating up as the U.S. election approaches.

The X disinformation network, dubbed “Green Cicada” by researchers, “primarily engages with divisive U.S. political issues and may plausibly be staged to interfere in the upcoming presidential election.”

The network has also amplified divisive political issues in other democracies, including Australia, western Europe, India, Japan and other democratic countries.

The finding is the latest example of attempted interference in the U.S. presidential election, which just this month has seen reports of increasing activity by Iran.

[...]

The researchers, from CyberCX. [...] said the network is unlikely to be very effective in its current state, but they added that it “is plausible that the network operators are preparing to increase activities in the lead up to the U.S. presidential election.”

Most accounts on the network are currently dormant, but activity increased sharply in July. The network has been rectifying operational errors over time – including reducing malformed outputs – which could make its activities more effective and harder to detect over time.

The network uses a Chinese-language LLM system and links to an AI researcher affiliated with Tsinghua University and Zhipu AI, a prominent Chinese AI company. So far the actors haven’t had specific political leanings, but instead have focused on amplification of divisive content, “consistent with China’s information operation playbook,” the researchers said.

[...]

The researchers said [that] "our findings also indicate** key gaps in X’s willingness and ability to detect inauthentic content. **While we have observed X taking sporadic action against Green Cicada Network accounts during our period of monitoring, we have observed a failure to take systemic action against overtly linked accounts."

“We note that X has reversed initiatives put in place by Twitter to combat inauthentic activity, including efforts to detect, label and/or ban inauthentic accounts.”

The researchers said the network is a sign of things to come, with generative AI able to produce “a significant scale of malicious output with limited human oversight, at low cost and with low barriers to entry. It is possible that the system underpinning the network is operated by high-end consumer-grade hardware and is developed by just one individual.

“We assess that a more mature, future version of the system underlying the Green Cicada Network would be extremely difficult for parties other than X to detect.”