The head of America's FCC "has drafted plans to regulate the cybersecurity of telecommunications companies," reports the Washington Post, and the plans could include financial penalties phone network operators with insufficient security — "the first time the agency has asserted such powers under federal wiretapping law." Rosenworcel said the FCC's authority in this matter comes from Section 105 of the Communications Assistance for Law Enforcement Act [passed in 1994] — a single sentence that stipulates, without elaboration, that telecommunications carriers should ensure systems security "in accordance with regulations prescribed by the Commission." As one of the measures, she is seeking to require network providers to submit an annual certification to the FCC that they are implementing a cybersecurity risk management plan. In addition to imposing fines, the FCC could coordinate with other agencies to pursue criminal penalties against carriers deemed too careless on cybersecurity...

Biden administration officials said voluntary efforts to protect against aggressive Chinese hacking activity have fallen short. "We've had for the last decade voluntary public-private partnership efforts," Neuberger told The Post in a recent interview. "But we continue to see successful breaches, and in many cases, as with ransomware attacks, we continue to see pretty basic cybersecurity practices not being followed." With China's hackers becoming more brazen, pre-positioning themselves in U.S. critical networks, "we need to lock our digital doors," Neuberger said...

Cyber requirements can make a difference, she said. After the Colonial Pipeline ransomware attack in 2021 shut down one of the nation's largest energy pipelines for several days, creating a national security scare, the Transportation Security Administration issued several security directives, and today, all of the country's several dozen critical pipeline companies are in compliance, she said. Similar directives were subsequently issued for rail and aviation sectors, and the compliance rates in those industries are now at 68 and 57 percent respectively, she said.

China-linked spies may still be lurking in U.S. telecommunications networks — but the breach could be much, much wider. In fact, a "couple dozen" countries were hit by the attack, the Wall Street Journal reported this week, citing a top U.S. national security adviser. "Chinese government hackers have compromised telecommunications infrastructure across the globe as part of a massive espionage campaign..." Speaking during a press briefing Wednesday, Anne Neuberger, President Biden's deputy national security adviser for cyber and emerging technology, said the so-called Salt Typhoon campaign is ongoing and that at least eight telecommunications firms in the U.S. had been breached... The Journal previously identified Verizon, AT&T, T-Mobile and Lumen Technologies among the victims... [M]etadata grabs appeared to be "regional" in focus, and were likely a means to identify phone lines of valuable senior government officials, which the hackers then targeted to steal encrypted text messages and listen in on some phone calls, the official said... President-elect Donald Trump, Vice President-elect JD Vance, senior congressional staffers and an array of U.S. security officials were among scores of individuals to have their calls and texts directly targeted, an intelligence-collection coup that likely ensnared their private communications with thousands of Americans, the Journal has reported.

The senior administration official said the global tally of countries victimized was currently believed to be in the "low, couple dozen" but didn't give a precise figure. The global campaign of hacking activity dates back at least a year or two, the official said.
"Neuberger, on the press briefing, said that it wasn't believed that classified communications were accessed in the breaches."

"SpaceX has launched 20 of its Starlink satellites up into Earth's orbit, enabling direct-to-cellphone connectivity for subscribers anywhere on the planet," reports the tech blog New Atlas. That completes the constellation's first orbital shell, following a launch of an initial batch of six satellites for testing back in January. The satellites were launched with a Falcon 9 rocket from California's Vandenberg Space Force Base on December 5 at 10 PM EST; they were then deployed in low Earth orbit. SpaceX founder Elon Musk noted on X that the effort will "enable unmodified cellphones to have internet connectivity in remote areas." He added a caveat for the first orbital shell — "Bandwidth per beam is only ~10 Mb, but future constellations will be much more capable...."

The big deal with this new venture is that unlike previous attempts at providing satellite-to-phone service, you don't need a special handset or even a specific app to get access anywhere in the world. Starlink uses standard LTE/4G protocols that most phones are compatible with, partners with mobile operators like T-Mobile in the U.S. and Rogers in Canada, and has devised a system to make its service work seamlessly with your phone when it's connecting to satellites 340 miles (540 km) above the Earth's surface. The SpaceX division noted it's also worked out latency constraints, ideal altitudes and elevation angles for its satellites, along with several other parameters, to achieve reliable connectivity. Each satellite has an LTE modem on board, and these satellites plug into the massive constellation of 6,799 existing Starlink spacecraft, according to Space.com.

Connecting to that larger constellation happens via laser backhaul, where laser-based optical communication systems transmit data between satellites. This method leverages the advantages of lasers over traditional radio frequency communications, enabling data rates up to 100 times faster, increased bandwidth, and improved security.
The direct-to-cell program was approved last month, the article points out — but it's ready to ramp up. "You'll currently get only text service through the end of 2024; voice and data will become available sometime next year, as will support for IoT devices (such as smart home gadgets). The company hasn't said how much its service will cost. " (They also note there's already competing services from Lynk, "which has satellites in orbit and launched in the island nation of Palau back in 2023, and AST SpaceMobile, which also has commercial satellites in orbit and contracts with the U.S. government, Europe, and Japan.")

Elon Musk's announcement on X.com prompted this interesting exchange:

X.com User: You've stated that purchasing Starlink goes toward funding the journey to Mars, yes?

Elon Musk: Yes.

Primarily used by law enforcement, Graykey unlocks mobile devices to extract data from both Android and iOS systems, according to the blog AppleInsider, "though its effectiveness varies depending on the specific hardware and software involved." But while its capabilities are rarely disclosed, "a leak of some Grayshift's internal documents was recently reported on by 404 Media." According to the data, Graykey can only perform "partial" data retrieval from iPhones running iOS 18 and iOS 18.0.1. These versions were released in September and early October, respectively. A partial extraction likely includes unencrypted files and metadata, such as folder structures and file sizes, according to past reports. Notably, Graykey struggles with beta versions of iOS 18.1. Under the latest update, the tool fails to extract any data, as per the documents.

Meanwhile, Graykey's performance with Android phones varies, largely due to the diversity of devices and manufacturers. On Google's Pixel lineup, Graykey can only partially access data from the latest Pixel 9 when in an "After First Unlock" (AFU) state — where the phone has been unlocked at least once since being powered on.
Thanks to long-time Slashdot reader AmiMoJo for sharing the article.

An anonymous reader quotes a report from The Verge: Huawei has announced its new Mate 70 series smartphone lineup, which will be the first offered with the company's new HarmonyOS Next operating system that doesn't rely on Google's Android services and won't run any Android apps, according to a report by Reuters. The four models of the Mate 70 also don't feature any US hardware following a half decade of US sanctions.

The Mate 70, Mate 70 Pro, Mate 70 Pro Plus, and Mate 70 RS will also be offered with Huawei's HarmonyOS 4.3, which first launched in August 2019 as an alternative to Google's Android OS and is still compatible with Android's extensive app library. Users who decide to opt for Huawei's new Android-free HarmonyOS Next will have less choice when it comes to the apps they can install. Huawei says it has "secured more than 15,000 applications for its HarmonyOS ecosystem, with plans to expand to 100,000 apps in the coming months," according to Reuters.

Starting next year, Huawei also says all the new phones and tablets it launches in 2025 will run HarmonyOS Next. [...] Huawei hasn't confirmed what processors are being used in the Mate 70 lineup, but the company has previously used chips made by China's SMIC for last year's Mate 60 series and other smartphones.

U.S. Cellular has agreed to sell $1.02 billion worth of spectrum licenses to AT&T as part of its strategy to monetize its spectrum assets that were not included in an earlier $4.4 billion deal with T-Mobile. Reuters reports: Last month, U.S. Cellular agreed to sell select spectrum licenses for $1 billion to Verizon. It also signed deals with two other mobile network operators, but did not disclose the details. The latest agreement "adds a fourth mobile network operator, in addition to T-Mobile, to the list of those whose subscribers will benefit from the sale of our spectrum licenses," U.S. Cellular CEO Laurent Therivel said on Thursday. From a press release: Following this transaction, as well as those previously announced, UScellular will have reached definitive agreements to monetize approximately 55%, measured on a MHz-Pops basis, of the spectrum holdings (excluding mmWave) that were excluded from the proposed sale to T-Mobile, for a total consideration of approximately $2.02 billion. Including the proposed T-Mobile transaction, UScellular will have reached agreements to monetize approximately 70% of its total spectrum holdings (excluding mmWave), measured on a MHz-Pops basis.

"After our proposed sales, we will be left with 1.86 billion MHz-Pops of low and mid-band spectrum, as well as 17.2 billion MHz-Pops of mmWave spectrum, with the substantial majority of retained value in the C-band spectrum," [said Laurent C. Therivel, President and CEO]. "The C-band licenses have a number of attributes that we believe are favorable to their long-term value. First, our C-band licenses are positioned in an attractive mid-band frequency that can deliver outstanding speed and capacity. Second, there is a substantial 5G ecosystem of equipment vendors and existing infrastructure that uses C-band. Finally, they have a lengthy build-out timeline, with first and second build-out dates of 2029 and 2033, respectively. This provides ample time and optionality for us to either monetize or deploy the spectrum in the future. We will continue to look for ways to opportunistically monetize the C-band, as well as the other remaining spectrum."

The Atlantic complains that our chaos of different plug types "was supposed to end, with USB-C as our savior." But part of the problem is what they call "the second circle of our cable hell: My USB-C may not be the same as yours. And the USB-C you bought two years ago may not be the same as the one you got today. And that means it might not do what you now assume it can." A lack of standardization is not the problem here. The industry has designed, named, and rolled out a parade of standards that pertain to USB and all its cousins. Some of those standards live inside other standards. For example, USB 3.2 Gen 1 is also known as USB 3.0, even though it's numbered 3.2. (What? Yes.) And both of these might be applied to cables with USB-A connectors, or USB-B, or USB-Micro B, or — why not? — USB-C. The variations stretch on and on toward the horizon.

Hope persists that someday, eventually, this hell can be escaped — and that, given sufficient standardization, regulatory intervention, and consumer demand, a winner will emerge in the battle of the plugs. But the dream of having a universal cable is always and forever doomed, because cables, like humankind itself, are subject to the curse of time, the most brutal standard of them all. At any given moment, people use devices they bought last week alongside those they've owned for years; they use the old plugs in rental cars or airport-gate-lounge seats; they buy new gadgets with even better capabilities that demand new and different (if similar-looking) cables. Even if Apple puts a USB-C port in every new device, and so does every other manufacturer, that doesn't mean that they will do everything you will expect cables to do in the future. Inevitably, you will find yourself needing new ones.

Back in 1998, the New York Times told me, "If you make your move to U.S.B. now, you can be sure that your new devices will have a port to plug into." I was ready! I'm still ready. But alas, a port to plug into has never been enough.
Obligatory XKCD.

Millions of U.S. cellphone users could be vulnerable to Chinese government surveillance, warns a Washington Post columnist, "on the networks of at least three major U.S. carriers."

They cite six current or former senior U.S. officials, all of whom were briefed about the attack by the U.S. intelligence community. The Chinese hackers, who the United States believes are linked to Beijing's Ministry of State Security, have burrowed inside the private wiretapping and surveillance system that American telecom companies built for the exclusive use of U.S. federal law enforcement agencies — and the U.S. government believes they likely continue to have access to the system.... The U.S. government and the telecom companies that are dealing with the breach have said very little publicly about it since it was first detected in August, leaving the public to rely on details trickling out through leaks...

The so-called lawful-access system breached by the Salt Typhoon hackers was established by telecom carriers after the terrorist attacks of Sept. 11, 2001, to allow federal law enforcement officials to execute legal warrants for records of Americans' phone activity or to wiretap them in real time, depending on the warrant. Many of these cases are authorized under the Foreign Intelligence Surveillance Act (FISA), which is used to investigate foreign spying that involves contact with U.S. citizens. The system is also used for legal wiretaps related to domestic crimes.

It is unknown whether hackers were able to access records about classified wiretapping operations, which could compromise federal criminal investigations and U.S. intelligence operations around the world, multiple officials told me. But they confirmed the previous reporting that hackers were able to both listen in on phone calls and monitor text messages. "Right now, China has the ability to listen to any phone call in the United States, whether you are the president or a regular Joe, it makes no difference," one of the hack victims briefed by the FBI told me. "This has compromised the entire telecommunications infrastructure of this country."

The Wall Street Journal first reported on Oct. 5 that China-based hackers had penetrated the networks of U.S. telecom providers and might have penetrated the system that telecom companies operate to allow lawful access to wiretapping capabilities by federal agencies... [After releasing a short statement], the FBI notified 40 victims of Salt Typhoon, according to multiple officials. The FBI informed one person who had been compromised that the initial group of identified targets included six affiliated with the Trump campaign, this person said, and that the hackers had been monitoring them as recently as last week... "They had live audio from the president, from JD, from Jared," the person told me. "There were no device compromises, these were all real-time interceptions...." [T]he duration of the surveillance is believed to date back to last year.
Several officials told the columnist that the cyberattack also targetted senior U.S. government officials and top business leaders — and that even more compromised targets are being discovered. At this point, "Multiple officials briefed by the investigators told me the U.S. government does not know how many people were targeted, how many were actively surveilled, how long the Chinese hackers have been in the system, or how to get them out."

But the article does include this quote from U.S. Senate Intelligence Committee chairman Mark Warner. "It is much more serious and much worse than even what you all presume at this point."

One U.S. representative suggested Americans rely more on encrypted apps. The U.S. is already investigating — but while researching the article, the columnist writes, "The National Security Council declined to comment, and the FBI did not respond to a request for comment..." They end with this recommendation.

"If millions of Americans are vulnerable to Chinese surveillance, they have a right to know now."

An anonymous reader shared this report from the Washington Post: A few weeks ago, analysts at a specialized technological lab put a microchip from China under a powerful microscope. Something didn't look right... The microscopic proof was there that a chunk of the electronic components from Chinese high-tech champion Huawei Technologies had been produced by the world's most advanced chipmaker, Taiwan Semiconductor Manufacturing Company.

That was a problem because two U.S. administrations in succession had taken actions to assure that didn't happen. The news of the breach of U.S. export controls, first reported in October by the tech news site the Information, has sent a wave of concern through Washington... The chips were routed to Huawei through Sophgo Technologies, the AI venture of a Chinese cryptocurrency billionaire, according to two people familiar with the matter, speaking on the condition of anonymity to discuss a sensitive topic... "It raises some fundamental questions about how well we can actually enforce these rules," said Emily Kilcrease, a senior fellow at the Center for a New American Security in Washington... Taiwan's Ministry of Economic Affairs confirmed that TSMC recently halted shipments to a "certain customer" and notified the United States after suspecting that customer might have directed its products to Huawei...

There's been much intrigue in recent days in the industry over how the crypto billionaire's TSMC-made chips reportedly ended up at Huawei. Critics accuse Sophgo of working to help Huawei evade the export controls, but it is also possible that they were sold through an intermediary, which would align with Sophgo's denial of having any business relationship with Huawei... While export controls are often hard to enforce, semiconductors are especially hard to manage due to the large and open nature of the global chip trade. Since the Biden administration implemented sweeping controls in 2022, there have been reports of widespread chip smuggling and semiconductor black markets allowing Chinese companies to access necessary chips...

Paul Triolo, technology policy lead at Albright Stonebridge Group, said companies were trying to figure out what lengths they had to go to for due diligence: "The guidelines are murky."

Google is rolling out a dedicated weather app on Pixel phones (model 6 and newer with Android 15) that integrates AI-generated summaries and customizable widgets. Ars Technica reports: There's a prominent "AI generated weather report" on top of the weather stack, which is a combination of summary and familiarity. "Cold and rainy day, bring your umbrella and hold onto your hat!" is Google's example; I can't provide another one, because an update to "Gemini Nano" is pending. You can see weather radar for your location, along with forecasted precipitation movement. The app offers "Nowcasting" precipitation guesses, like "Rain continuing for 2 hours" or "Light rain in 10 minutes."

The best feature, one seen on the version of Weather that shipped to the Pixel Tablet and Fold, is that you can rearrange the order of data shown on your weather screen. I moved the UV index, humidity, sunrise/sunset, and wind conditions as high as they could go on my setup. It's a trade-off, because the Weather app's data widgets are so big as to require scrolling to get the full picture of a day, and you can't move the AI summary or 10-day forecast off the top. But if you only need a few numbers and like a verbal summary, it's handy. Sadly, if you're an allergy sufferer and you're not in the UK, Germany, France, or Italy, Google can't offer you any pollen data or forecasts. There is also, I am sad to say, no frog. You can download the app here.

Slashdot reader samleecole writes: Privacy advocates gained access to a powerful tool bought by U.S. law enforcement agencies that can track smartphone locations around the world. Abortion clinics, places of worship, and individual people can all be monitored without a warrant.

An investigation into tracking tool Locate X shows in the starkest terms yet how it and others — based on smartphone location data sold to various U.S. government law enforcement agencies, including state entities — could be used to monitor abortion clinic patients. This comes as more states contemplate stricter or outright bans on abortion...

Joe Biden's administration is investigating alleged Chinese efforts to hack US telecoms infrastructure amid reports hackers had targeted the phones of former president Donald Trump and his running mate JD Vance. Financial Times: The FBI and the Cybersecurity and Infrastructure Security Agency said they were investigating "unauthorised access to commercial telecommunications infrastructure by actors affiliated with the People's Republic of China."

The statement followed a report in the New York Times that Chinese hackers had accessed US telecoms networks and targeted data on Trump and Vance's phones. The FBI declined to say if the hackers had targeted their phones.

Steven Cheung, Trump's campaign spokesperson, blamed the alleged attack on Kamala Harris, the US vice-president and Democratic presidential nominee. But he declined to say if US authorities had informed the campaign about the hacking effort.

Cheung said: "This is the continuation of election interference by Kamala Harris and Democrats who will stop at nothing, including emboldening China and Iran attacking critical American infrastructure, to prevent president Trump from returning to the White House. Their dangerous and violent rhetoric has given permission to those who wish to harm president Trump." Further reading:
Chinese Hackers Targeted Trump and Vance's Phone Data (CNN);

China Sought To Hack Trump, Vance and Campaign Phones, Officials Say (Washington Post);

Chinese Hackers Targeted Phones of Trump, Vance, and Harris Campaign (Wall Street Journal);

US Investigating Breach of Telecoms by China-Linked Hackers (Bloomberg);

Trump, Vance Potential Targets in Broad China-Backed Hacking Operation (CBS News);

Chinese Hackers Attempted To Breach Trump, Vance Cellphone Data: Report (Fox News);

Chinese Hackers Believed To Have Targeted Trump, Vance Cellphones: Sources (ABC News);

Chinese Hackers Targeted Cellphones Used by Trump, Vance (Associated Press).

An anonymous reader writes: T-Mobile and AT&T say US regulators should drop a plan to require unlocking of phones within 60 days of activation, claiming that locking phones to a carrier's network makes it possible to provide cheaper handsets to consumers. "If the Commission mandates a uniform unlocking policy, it is consumers -- not providers -- who stand to lose the most," T-Mobile alleged in an October 17 filing with the Federal Communications Commission. The proposed rule has support from consumer advocacy groups who say it will give users more choice and lower their costs.

T-Mobile has been criticized for locking phones for up to a year, which makes it impossible to use a phone on a rival's network. T-Mobile claims that with a 60-day unlocking rule, "consumers risk losing access to the benefits of free or heavily subsidized handsets because the proposal would force providers to reduce the line-up of their most compelling handset offers." If the proposed rule is enacted, "T-Mobile estimates that its prepaid customers, for example, would see subsidies reduced by 40 percent to 70 percent for both its lower and higher-end devices, such as the Moto G, Samsung A15, and iPhone 12," the carrier said. "A handset unlocking mandate would also leave providers little choice but to limit their handset offers to lower cost and often lesser performing handsets." In July, the FCC approved a Notice of Proposed Rulemaking (NPRM) for the unlocking policy in a 5-0 vote.

The FCC is proposing "to require all mobile wireless service providers to unlock handsets 60 days after a consumer's handset is activated with the provider, unless within the 60-day period the service provider determines the handset was purchased through fraud."

An anonymous reader quotes a report from the Washington Post: Brandon Barrett arrived here two weeks ago, sick but hopeful, like dozens before him. Just a few years back, he could dead lift 660 pounds. After an injury while training to be a professional dirt-bike rider, he opened a motorcycle shop just north of Buffalo. When he wasn't working, he would cleanse his mind through rigorous meditation. In 2019, he began getting sick. And then sicker. Brain fog. Memory issues. Difficulty focusing. Depression. Anxiety. Fatigue. Brandon was pretty sure he knew why: the cell tower a quarter-mile behind his shop and all the electromagnetic radiation it produces, that cellphones produce, that WiFi routers produce, that Bluetooth produces, that the whole damn world produces. He thought about the invisible waves that zip through our airspace -- maybe they pollute our bodies, somehow? [...]

Then Brandon read about Green Bank, an unincorporated speck on the West Virginia map, hidden in the Allegheny Mountains, about a four-hour drive southwest of D.C. There are no cell towers there, by design. He read that other sick people had moved here and gotten better, that the area's electromagnetic quietude is protected by the federal government. Perhaps it could protect Brandon. It's quiet here so that scientists can listen to corners of the universe, billions of light-years away. In the 1950s, the federal government snatched up farmland to build the Green Bank Observatory. It's now home to the Robert C. Byrd Green Bank Radio Telescope, the largest steerable telescope in the world at 7,600 metric tons and a height of 485 feet. Its 2.3-acre dish can study quasars and pulsars, map asteroids and planets, and search for evidence of extraterrestrial life.

The observatory's machines are so sensitive that terrestrial radio waves would interfere with their astronomical exploration, like a shout (a bunch of WiFi signals) drowning out a whisper (signals from the clouds of hydrogen hanging out between galaxies). So in 1958, the Federal Communications Commission created the National Radio Quiet Zone, a 13,000-square-mile area encompassing wedges of both Virginia and West Virginia, where radio transmissions are restricted to varying degrees. At its center is a 10-mile zone around the observatory where WiFi, cellphones and cordless phones -- among many other types of wave-emitting equipment -- are outlawed. Wired internet is okay, as are televisions -- though you must have a cable or satellite provider. It's not a place out of 100 years ago. More like 30. If you want to make plans to meet someone, you make them in person. Some people move here to work at the observatory. Others come because they feel like they have to. These are the 'electrosensitives,' as they often refer to themselves. They are ill, and Green Bank is their Lourdes. The electrosensitives guess that they number at least 75 in Pocahontas County, which has a population of roughly 7,500. Literary Hub, the BBC, Slate, and the Washingtonian have non-paywalled articles about Green Bank and the "wi-fi refugees" that shelter there.

In a press release today, the FCC said it is requiring all mobile phones sold in the U.S. to be compatible with hearing aids. TechCrunch reports: The FCC has not yet issued a specific timeline for compliance, only noting that the rules will be fully in effect "after a transition period." The rules discourage handset makers from instituting proprietary Bluetooth coupling, which could limit device compatibility with over-the-counter hearing aids. Under the new rules, companies will be required to note on their website if a given handset is compatible with hearing aids. Two years ago, the FDA announced that hearing aids would no longer require a prescription. The agency also recently approved Apple AirPods as hearing aids.

An anonymous reader quotes a report from Ars Technica: The Federal Communications Commission gave Starlink and T-Mobile emergency authority to provide satellite-to-phone coverage in areas hit by Hurricane Helene. "SpaceX and T-Mobile have been given emergency special temporary authority by the FCC to enable Starlink satellites with direct-to-cell capability to provide coverage for cell phones in the affected areas of Hurricane Helene," SpaceX said yesterday. "The satellites have already been enabled and started broadcasting emergency alerts to cell phones on all networks in North Carolina. In addition, we may test basic texting (SMS) capabilities for most cell phones on the T-Mobile network in North Carolina."

SpaceX warned of limits since the service isn't ready for a commercial rollout. "SpaceX's direct-to-cell constellation has not been fully deployed, so all services will be delivered on a best-effort basis," the company said. Starlink is being used to provide wireless emergency alerts to cell phones from all carriers in North Carolina, according to Ben Longmier, senior director of satellite engineering for SpaceX. "We are also closely monitoring Hurricane Milton and standing by ready to take action in Florida," he wrote.

The FCC said (PDF) the approval "enabl[es] SpaceX to operate Supplemental Coverage from Space (SCS) in the 1910-1915 MHz and 1990-1995 MHz frequency bands leased from T-Mobile in areas affected by the Hurricane Helene." An FCC spokesperson told Ars that the approval is for all areas affected by Hurricane Helene, although it's only active in North Carolina so far. The FCC also said (PDF) that it is granting "special temporary authorities to licensees and issuing rule waivers to help communications providers maintain and restore service, support emergency operations, and assist public safety, including search and rescue efforts." Separately, the FCC last week waived (PDF) certain Lifeline program eligibility rules to help people in disaster areas (PDF) apply for discounted phone and broadband service.

The Washington Post interviewed Lebanese officials, people close to Hezbollah, and Israeli, Arab and U.S. security officials and politicians about a years-long plan (originated at Mossad headquarters) that ultimately killed or maimed "as many as 3,000 Hezbollah officers and members — most of them rear-echelon figures... along with an unknown number of civilians... when Israel's Mossad intelligence service triggered the devices remotely on September 17." In the initial sales pitch to Hezbollah two years ago, the new line of Apollo pagers seemed precisely suited to the needs of a militia group with a sprawling network of fighters and a hard-earned reputation for paranoia... Best of all, there was no risk that the pagers could ever be tracked by Israel's intelligence services. Hezbollah's leaders were so impressed they bought 5,000 of them and began handing them out to mid-level fighters and support personnel in February. None of the users suspected they were wearing an ingeniously crafted Israeli bomb...

Israeli officials had watched with increasing anxiety as the Lebanese group added new weapons to an arsenal already capable of striking Israeli cities with tens of thousands of precision-guided missiles. Mossad, the Israeli intelligence service responsible for combating foreign threats to the Jewish state, had worked for years to penetrate the group with electronic monitoring and human informants. Over time, Hezbollah leaders learned to worry about the group's vulnerability to Israeli surveillance and hacking, fearing that even ordinary cellphones could be turned into Israeli-controlled eavesdropping and tracking devices. Thus was born the idea of creating a kind of communications Trojan horse, the officials said. Hezbollah was looking for hack-proof electronic networks for relaying messages, and Mossad came up with a pair of ruses that would lead the militia group to purchase devices that seemed perfect for the job — equipment that Mossad designed and had assembled in Israel.

The first part of the plan, booby-trapped walkie-talkies, began being inserted into Lebanon by Mossad nearly a decade ago, in 2015. The mobile two-way radios contained oversized battery packs, a hidden explosive and a transmission system that gave Israel complete access to Hezbollah communications. For nine years, the Israelis contented themselves with eavesdropping on Hezbollah, the officials said, while reserving the option to turn the walkie-talkies into bombs in a future crisis. But then came a new opportunity and a glitzy new product: a small pager equipped with a powerful explosive. In an irony that would not become clear for many months, Hezbollah would end up indirectly paying the Israelis for the tiny bombs that would kill or wound many of its operatives.

Because Hezbollah leaders were alert to possible sabotage, the pagers could not originate in Israel, the United States or any other Israeli ally. So, in 2023, the group began receiving solicitations for the bulk purchase of Taiwanese-branded Apollo pagers, a well-recognized trademark and product line with a worldwide distribution and no discernible links to Israeli or Jewish interests. The Taiwanese company had no knowledge of the plan, officials said... The marketing official had no knowledge of the operation and was unaware that the pagers were physically assembled in Israel under Mossad oversight, officials said... In a feat of engineering, the bomb component was so carefully hidden as to be virtually undetectable, even if the device was taken apart, the officials said. Israeli officials believe that Hezbollah did disassemble some of the pagers and may have even X-rayed them.
"Thousands of Apollo-branded pagers rang or vibrated at once, all across Lebanon and Syria," according to the article, with a short sentence in Arabic that said "You received an encrypted message." The two-button de-encryption procedure "ensured most users would be holding the pager with both hands when it detonated," according to the article, although "Less than a minute later, thousands of other pagers exploded by remote command, regardless of whether the user ever touched his device. The following day, on September 18, hundreds of walkie-talkies blew up in the same way, killing and maiming users and bystanders..."

"As Hezbollah reeled, Israel struck again, pounding the group's headquarters, arsenals and logistic centers with 2,000-pound bombs," the article concludes. And the strike "convinced the country's political leaders that Hezbollah could be put on the ropes, susceptible to a systematic dismantling using airstrikes and, eventually a ground invasion..."

T-Mobile experienced three major data breaches in 2021, 2022, and 2023, according to CSO Online, "which impacted millions of its customers."

After a series of investigations by America's Federal Communications Commission, T-Mobile agreed in court to a number of settlement conditions, including moving toward a "modern zero-trust architecture," designating a Chief Information Security Office, implementing phishing-resistant multifactor authentication, and adopting data minimization, data inventory, and data disposal processes designed to limit its collection and retention of customer information.

Slashdot reader itwbennett writes: According to a consent decree published on Monday by the U.S. Federal Communications Commission, T-Mobile must pay a $15.75 million penalty and invest an equal amount "to strengthen its cybersecurity program, and develop and implement a compliance plan to protect consumers against similar data breaches in the future."

"Implementing these practices will require significant — and long overdue — investments. To do so at T-Mobile's scale will likely require expenditures an order of magnitude greater than the civil penalty here,' the consent decree said.
The article points out that order of magnitude greater than $15.75 million would be $157.5 million...

The small town of Spruce Pine, North Carolina, which supplies high-purity quartz essential for semiconductor production, is reeling from the damage caused by Tropical Storm Helene. An anonymous reader quotes a report from Axios: Spruce Pine is one of the only places in the world to mine high-purity quartz. The mineral is an essential ingredient of chips in countless products, including medical devices, solar panels, cellphones and the chips powering the latest tech craze: artificial intelligence. It's difficult to underscore the significance of Spruce Pine -- a town of about 2,000 people, known for its charming downtown and blossoming arts scene -- to the global economy. Economics editor Ed Conway put it best in his 2023 book "Material World," writing: "It is rare, unheard of almost, for a single site to control the global supply of a crucial material. Yet if you want to get high-purity quartz -- the kind you need to make those crucibles without which you can't make silicon wafers -- it has to come from Spruce Pine."

The Quartz Corp and Sibelco both export high-purity quartz from Spruce Pine. While there are other places to find the material, such as Russia and Brazil, this mountain town has the highest quantity of the highest purity, says Conway. A few weeks of shutdown is not the end of the world, Conway tells Axios. However, longer than that could put the industry into "another crisis." The semiconductor industry would need to find alternatives. [...] The mines in Spruce Pine are still accounting for their workers and families, the international companies stated. The level of destruction at the sites is unknown. However, even if the facilities are intact, the railroads that move the quartz will likely need drastic repairs. The Quartz Corp and Sibelco temporarily halted operations on Sept. 26 and haven't said when they might reopen. "This is second order of priority," The Quartz Corp said in a statement. "Our top priority remains the health and safety of our employees and their families."

Thousands of Verizon users across the United States reported having little or no cellphone service on Monday morning in major cities, including in Atlanta, Chicago, Denver, New York and Phoenix. From a report: According to the website Downdetector, which tracks user reports of internet disruptions, more than 104,000 cases of Verizon outages were reported across the country as of 11:20 a.m. Eastern, more than an hour after the first issues were reported.

A map posted on the site showed cities with the most reports. On the site, many users said their cellphones were intermittently displaying SOS mode and that they could not place calls or send or receive text messages. "We're aware of the issue affecting service for some customers," a spokesman for Verizon, Ilya Hemlin, said in a telephone interview at 11:30 a.m. "Our engineers are engaged and we are working quickly to solve the issue," he added.