Chinese government-linked hackers have burrowed into U.S. critical infrastructure and are waiting “for just the right moment to deal a devastating blow,” FBI Director Christopher Wray said on Thursday. An ongoing Chinese hacking campaign known as Volt Typhoon has successfully gained access to numerous American companies in telecommunications, energy, water and other critical sectors, with 23 pipeline operators targeted, Wray said in a speech at Vanderbilt University.

China is developing the “ability to physically wreak havoc on our critical infrastructure at a time of its choosing,” Wray said at the 2024 Vanderbilt Summit on Modern Conflict and Emerging Threats. “Its plan is to land low blows against civilian infrastructure to try to induce panic.” Wray said it was difficult to determine the intent of this cyber pre-positioning which was aligned with China’s broader intent to deter the U.S. from defending Taiwan. […] Wray said China’s hackers operated a series of botnets - constellations of compromised personal computers and servers around the globe - to conceal their malicious cyber activities. Private sector American technology and cybersecurity companies previously attributed Volt Typhoon to China, including reports by security researchers with Microsoft and Google.

Aerospace and defense company Northrop Grumman is working with SpaceX […] on a classified spy satellite project already capturing high-resolution imagery of the Earth, according to people familiar with the program. The program, details of which were first reported by Reuters last month, is meant to enhance the U.S. government’s ability to track military and intelligence targets from low-Earth orbits, providing high-resolution imagery of a kind that had traditionally been captured mostly by drones and reconnaissance aircraft. The inclusion of Northrop Grumman, which has not been previously reported, reflects a desire among government officials to avoid putting too much control of a highly-sensitive intelligence program in the hands of one contractor, four people familiar with the project told Reuters. ‘It is in the government’s interest to not be totally invested in one company run by one person,’ one of the people said.

It’s unclear whether other contractors are involved at present or could join the project as it develops. Northrop Grumman is providing sensors for some of the SpaceX satellites, the people familiar with the project told Reuters. Northrop Grumman, two of the people added, will test those satellites at its own facilities before they are launched. At least 50 of the SpaceX satellites are expected at Northrop Grumman facilities for procedures including testing and the installation of sensors in coming years, one of the people said. In March, Reuters reported that the National Reconnaissance Office, or NRO, in 2021 awarded a $1.8 billion contract to SpaceX for the classified project, a planned network of hundreds of satellites. So far, the people familiar with the project said, SpaceX has launched roughly a dozen prototypes and is already providing test imagery to the NRO, an intelligence agency that oversees development of U.S. spy satellites.

If you think you’ve been seeing an awful lot more Reddit results lately when you search on Google, you’re not imagining things. The internet is in upheaval, and for website owners the rules of “winning” Google Search have never been murkier. Google’s generative AI search engine is coming from one direction. It’s creeping closer to mainstream deployment and bringing an existential crisis for SEOs and website makers everywhere. Coming from the other direction is an influx of posts from Reddit, Quora, and other internet forums that have climbed up through the traditional set of Google links. Data analysis from Semrush, which predicts traffic based on search ranking, shows that traffic to Reddit has climbed at an impressive clip since August. Semrush estimated that Reddit had over 132 million visitors in August 2023. At the time of publishing, it was projected to have over 346 million visitors in April 2024.

None of this is accidental. For years, Google has been watching users tack on “Reddit” to the end of search queries and finally decided to do something about it. Google started dropping hints in 2022 when it promised to do a better job of promoting sites that weren’t just chasing the top of search but were more helpful and human. Last August, Google rolled out a big update to Search that seemed to kick this into action. Reddit, Quora, and other forum sites started getting more visibility in Google, both within the traditional links and within a new “discussions and forums” section, which you may have spotted if you’re US-based. The timing of this Reddit bump has led to some conspiracy theories. In February, Google and Reddit announced a blockbuster deal that would let Google train its AI models on Reddit content. Google said the deal, reportedly worth $60 million, would “facilitate more content-forward displays of Reddit information,” leading to some speculation that Google promised Reddit better visibility in exchange for the valuable training data. A few weeks later, Reddit also went public.

Steve Paine, marketing manager at Sistrix, called the rise of Reddit “unprecedented.” “There hasn’t been a website that’s grown so much search visibility so quickly in the US in at least the last five years,” he told Business Insider. Right now, Reddit ranks high for product searches. Reddit’s main competitors are Wikipedia, YouTube, and Fandom, Paine said, and it also competes in “high-value commercial searches,” putting it up against Amazon. The “real competitors,” he said, are the subreddits that compete with brands on the web.

With the Framework 16 laptop one of the performance pieces I’ve been meaning to carry out has been seeing out Linux performs against Microsoft Windows 11 for this AMD Ryzen 7 7840HS powered modular/upgradeable laptop. Recently getting around to it in my benchmarking queue, I also compared the performance of Ubuntu 23.10 to the near final Ubuntu 24.04 LTS on this laptop up against a fully-updated Microsoft Windows 11 installation. The Framework 16 review unit as a reminder was configured with the 8-core / 16-thread AMD Ryzen 7 7840HS Zen 4 SoC with Radeon RX 7700S graphics, a 512GB SN810 NVMe SSD, MediaTek MT7922 WiFi, and a 2560 x 1600 display.

In the few months of testing out the Framework 16 predominantly under Linux it’s been working out very well. With also having a Windows 11 partition as shipped by Framework, after updating that install it made for an interesting comparison against the Ubuntu 23.10 and Ubuntu 24.04 performance. The same Framework 16 AMD laptop was used throughout all of the testing for looking at the out-of-the-box performance across Microsoft Windows 11, Ubuntu 23.10, and the near-final state of Ubuntu 24.04. […]

Out of 101 benchmarks carried out on all three operating systems with the Framework 16 laptop, Ubuntu 24.04 was the fastest in 67% of those tests, the prior Ubuntu 23.10 led in 22% (typically with slim margins to 24.04), and then Microsoft Windows 11 was the front-runner just 10% of the time… If taking the geomean of all 101 benchmark results, Ubuntu 23.10 was 16% faster than Microsoft Windows 11 while Ubuntu 24.04 enhanced the Ubuntu Linux performance by 3% to yield a 20% advantage over Windows 11 on this AMD Ryzen 7 7840HS laptop. Ubuntu 24.04 is looking very good in the performance department and will see its stable release next week.

“As we’ve noted in previous letters, we’re focused on revenue and operating margin as our primary financial metrics — and engagement (i.e. time spent) as our best proxy for customer satisfaction,” the company said in its quarterly letter to shareholders. “In our early days, when we had little revenue or profit, membership growth was a strong indicator of our future potential.” Netflix said now that it is generating substantial profit and free cash flow — as well as developing new revenue streams like advertising and a password-sharing crackdown — its membership numbers are not the only factor in the company’s growth. It said the metric lost significance after it started to offer multiple price points for memberships. The company said it would still announce “major subscriber milestones as we cross them.”

Netflix also noted that it expects paid net additions to be lower in the second quarter compared to the first quarter “due to typical seasonality.” Its second-quarter revenue forecast of $9.49 billion was just shy of Wall Street’s estimate of $9.54 billion Shares of the company fell around 4% in extended trading. Netflix reported first-quarter net income of $2.33 billion, or $5.28 per share, versus $1.30 billion, or $2.88 per share, in the prior-year period. The company posted revenue of $9.37 billion for the quarter, up from $8.16 billion in the year-ago quarter.

Frontier is a leading U.S. communications provider that provides gigabit Internet speeds over a fiber-optic network to millions of consumers and businesses across 25 states. After discovering the incident, the company was forced to partially shut down some systems to prevent the threat actors from laterally moving through the network, which also led to some operational disruptions. Despite this, Frontier says the attackers could access some PII data, although it didn’t disclose if it belonged to customers, employees, or both.

“On April 14, 2024, Frontier Communications Parent, Inc. [..] detected that a third party had gained unauthorized access to portions of its information technology environment,” the company revealed in a filing with the U.S. Securities and Exchange Commission on Thursday. “Based on the Company’s investigation, it has determined that the third party was likely a cybercrime group, which gained access to, among other information, personally identifiable information.” Frontier now believes that it has contained the breach, has since restored its core IT systems affected during the incident, and is working on restoring normal business operations.

The US Constitution’s Fifth Amendment protection against self-incrimination does not prohibit police officers from forcing a suspect to unlock a phone with a thumbprint scan, a federal appeals court ruled yesterday. The ruling does not apply to all cases in which biometrics are used to unlock an electronic device but is a significant decision in an unsettled area of the law. The US Court of Appeals for the 9th Circuit had to grapple with the question of “whether the compelled use of Payne’s thumb to unlock his phone was testimonial,” the ruling (PDF) in United States v. Jeremy Travis Payne said. “To date, neither the Supreme Court nor any of our sister circuits have addressed whether the compelled use of a biometric to unlock an electronic device is testimonial.”

A three-judge panel at the 9th Circuit ruled unanimously against Payne, affirming a US District Court’s denial of Payne’s motion to suppress evidence. Payne was a California parolee who was arrested by California Highway Patrol (CHP) after a 2021 traffic stop and charged with possession with intent to distribute fentanyl, fluorofentanyl, and cocaine. There was a dispute in District Court over whether a CHP officer “forcibly used Payne’s thumb to unlock the phone.” But for the purposes of Payne’s appeal, the government “accepted the defendant’s version of the facts, i.e., ‘that defendant’s thumbprint was compelled.’" Payne’s Fifth Amendment claim “rests entirely on whether the use of his thumb implicitly related certain facts to officers such that he can avail himself of the privilege against self-incrimination,” the ruling said. Judges rejected his claim, holding “that the compelled use of Payne’s thumb to unlock his phone (which he had already identified for the officers) required no cognitive exertion, placing it firmly in the same category as a blood draw or fingerprint taken at booking.” “When Officer Coddington used Payne’s thumb to unlock his phone — which he could have accomplished even if Payne had been unconscious — he did not intrude on the contents of Payne’s mind,” the court also said.

News of the giveaway emerged on Monday at an independent inquiry into the casino, which has had years of compliance troubles that led to a finding that its operators were unsuitable to hold a license. In testimony [PDF] given on Monday to the inquiry, casino manager Nicholas Weeks explained that it is possible to insert two receipts into TICO machines. That was a feature, not a bug, and allowed gamblers to redeem two receipts and be paid the aggregate amount. But a software glitch meant that the machines would return one of those tickets and allow it to be re-used — the barcode it bore was not recognized as having been paid.

“What occurred was small additional amounts of cash were being provided to customers in circumstances when they shouldn’t have received it because of that defect,” Weeks told the inquiry. Local media reported that news of the free cash got around and 43 people used the TICO machines to withdraw money to which they were not entitled — at least one of them a recovering gambling addict who fell off the wagon as the “free” money allowed them to fund their activities. Known abusers of the TICO machines have been charged, and one of those set to face the courts is accused of association with a criminal group. (The first inquiry into The Star, two years ago, found it may have been targeted by organized crime groups.)

As soon as you start typing a text-to-image prompt in a chat with Meta AI, you’ll see how the image changes as you add more detail about what you want to create. In the example shared by Meta, a user types in the prompt, “Imagine a soccer game on mars.” The generated image quickly changes from a typical soccer player to showing an entire soccer field on a Martian landscape. If you have access to the beta, you can try out the feature for yourself by opening a chat with Meta AI and then start a prompt with the word “Imagine.”

Additionally, Meta says its Meta Llama 3 model can now produce “sharper and higher quality” images and is better at showing text. You can also ask Meta AI to animate any images you provide, allowing you to turn them into a GIF to share with friends. Along with availability on WhatsApp, real-time image generation is also available to US users through Meta AI for the web.

Consumers have grown accustomed to the prospect that their personal data, such as email addresses, social contacts, browsing history and genetic ancestry, are being collected and often resold by the apps and the digital services they use. With the advent of consumer neurotechnologies, the data being collected is becoming ever more intimate. One headband serves as a personal meditation coach by monitoring the user’s brain activity. Another purports to help treat anxiety and symptoms of depression. Another reads and interprets brain signals while the user scrolls through dating apps, presumably to provide better matches. ("‘Listen to your heart’ is not enough,” the manufacturer says on its website.) The companies behind such technologies have access to the records of the users’ brain activity — the electrical signals underlying our thoughts, feelings and intentions.

On Wednesday, Governor Jared Polis of Colorado signed a bill that, for the first time in the United States, tries to ensure that such data remains truly private. The new law, which passed by a 61-to-1 vote in the Colorado House and a 34-to-0 vote in the Senate, expands the definition of “sensitive data” in the state’s current personal privacy law to include biological and “neural data” generated by the brain, the spinal cord and the network of nerves that relays messages throughout the body. “Everything that we are is within our mind,” said Jared Genser, general counsel and co-founder of the Neurorights Foundation, a science group that advocated the bill’s passage. “What we think and feel, and the ability to decode that from the human brain, couldn’t be any more intrusive or personal to us.” “We are really excited to have an actual bill signed into law that will protect people’s biological and neurological data,” said Representative Cathy Kipp, Democrat of Colorado, who introduced the bill.

The business, which claims on its site it will help students land their “dream job” in tech at companies like Amazon, Cisco, and Google, accepted the consent order without admitting or denying any wrongdoing. In an announcement yesterday, the CFPB said it had taken action against BloomTech and its CEO Austen Allred for allegedly not disclosing the true cost of its loans to students and allegedly claiming overoptimistic hiring rates for BloomTech graduates. BloomTech, formerly Lambda School, has operated since 2017 and offers six- to nine-month vocational programs in science and engineering, with a focus on computer technology.

“BloomTech and its CEO sought to drive students toward income share loans that were marketed as risk-free, but in fact carried significant finance charges and many of the same risks as other credit products,” said Rohit Chopra, director of the CFPB. With income share loans or income share agreements, BloomTech allowed students to pay tuition later but in exchange had to pay a percentage of their future income, CFPB claimed. The agency alleged that BloomTech explicitly told students that its income share loans (which cost an average of $4k “finance charge” to use) weren’t actually loans at all. The CFPB claimed in the settlement order a “significant majority” of students used these loans to finance their education, and alleged each student could end up paying up to $30k of their income to BloomTech to settle the loans.

BloomTech advertised on its website that 71 to 86 percent of students were placed in jobs within six months of graduation, when its non-public reporting to investors consistently showed placement rates closer to 50 percent. Allred tweeted that the school achieved a 100 percent job-placement rate in one of its cohorts, and later acknowledged in a private message that the sample size was just one student.

The case was the first known test for a jury to decide whether existing U.S. laws governing fraud and market manipulation apply to the world of decentralized finance (DeFi). The 28-year-old Eisenberg will be held to account for his actions on Oct. 11, 2022, when a series of trades he made intentionally boosted the price of Mango Markets’ native token, MNGO, as well as the price of futures contracts.

He used the inflated futures holdings as collateral to borrow other cryptocurrencies on the platform, then quickly withdrew those assets and walked away from his collateral. Eisenberg never disputed the facts of the strategy but contended that what he did was legal and permitted by the DeFi protocol, a principle in the industry known as “code is law.” U.S. laws apply to DeFi: “Avraham Eisenberg ran a con,” prosecutors said Wednesday, during closing arguments, continuing its momentum from last week. The word “con” was used at least six more times in those remarks.

Boeing Chief Technology Officer Todd Citron revealed the plans in an interview with Nikkei. The company is developing electric vertical take-off and landing (eVTOL) craft at subsidiary Wisk Aero. The aircraft will adopt autonomous technology, rare among eVTOL craft. The plan is to first obtain certification in the U.S. before expanding into Asia. Details of the Asia business will be finalized in the future, including whether Boeing will sell the aircraft to companies aiming to provide eVTOL transportation services or operate the services itself.

Boeing is currently considering which country in Asia to enter first, including Japan. In Japan, domestic startup SkyDrive and Germany’s Volocopter are scheduled to operate air taxi services at the 2025 Osaka World Expo. Boeing opened a research and development base in Nagoya on Thursday. It first established R&D operations in Japan in 2022 but had been renting space from other companies until now.

Nigeria’s works ministry, which supervises federal road constructors, is finalizing the regulation that will be signed as an executive order by President Bola Tinubu, said the people, asking not to be identified as they weren’t authorized to comment. While there are presently laws against vandalism, the authorities are aiming to regulate construction firms more closely. The order will enforce stiff penalties on offenders, said the people, declining to provide more details or say when it will be signed. “Telecom assets are critical backbone that supports the economy across sectors,” said Temitope Ajayi, a senior presidential aide, who noted that the Association of Telecommunications Companies has been demanding the classification for years. New rules will provide “further assurance that the Nigerian government will protect their investments against vandals and criminal elements.”