Kategorie

The U.S. Department of Justice (DoJ) on Wednesday announced the arrest of two co-founders of a cryptocurrency mixer called Samourai and seized the service for allegedly facilitating over $2 billion in illegal transactions and for laundering more than $100 million in criminal proceeds. To that end, Keonne Rodriguez, 35, and William Lonergan Hill, 65, have been charged Newsroomhttp://www.blogger.com/profile/[email protected]

Frankly, I didn’t think the Federal Trade Commission (FTC) had the guts to ban non-compete agreements that prevent many workers from joining rival companies. I was wrong. On Tuesday, by a 3-2 party-line vote, the agency’s Democratic majority decided to do just that.

Though they’ve long been called “agreements,” anyone who’s ever had to sign one knows that would-be employees seldom have any choice in the matter. You agree and get the job, or you don’t and stay on the unemployment line. And, oh, by the way, 30% to 40% of workers are required to sign non-competes after they’ve already accepted a job. 

That’s why labor unions, liberal think tanks, and millions of employees hate them. 

You might think non-competes are only an issue for top tech engineers, software developers, and executives. Wrong — so, so wrong. 

Sure, historically, companies used these agreements to lock down highly skilled workers and executives with access to trade secrets or proprietary information. But that hasn’t been the case for decades. According to the Economic Policy Institute, a third of companies now require all their workers to sign non-competes. That includes “valued” employees such as hourly workers in minimum wage jobs doing janitorial duties or food service. 

Couldn’t this be fought in the courts? Technically, sure it can. But as the Trembly law firm put it, “Non-compete litigation is typically fast-paced and expensive.” The key word in that sentence is “expensive.” If you’re an employee seeking to get free of a non-compete, unless the company you’re moving to will fight for you, you won’t be able to afford the lawsuit. 

The FTC argues that while requiring workers in low-end jobs to sign non-competes is an overstretch, valuable employees shouldn’t be restricted either. After all, the agency claims, “Trade secret laws and non-disclosure agreements (NDAs) both provide employers with well-established means to protect proprietary and other sensitive information. Researchers estimate that over 95% of workers with a non-compete already have an NDA.”

In addition, as FTC Chair Lina M. Khan said: “Non-compete clauses keep wages low, suppress new ideas, and rob the American economy of dynamism, including from the more than 8,500 new startups that would be created a year once non-competes are banned.”

I don’t know if the end of non-competes would do all that. But I do know that in the decades I’ve been writing about technology, I’ve seen non-competes become iron collars around the necks of tech’s best and brightest workers, help desk staffers and even the people who keep the offices clean. 

I understand businesses want to reduce competition and prevent their workers from easily jumping ship, but I’ve never thought non-compete agreements were the right way to do so. Want to keep your best staffers? Pay them, let them work from home, and give them a pathway to promotion. This isn’t rocket science. 

Nevertheless, my attorney friends tell me that their corporate employers or clients had fits when word of the FTC ruling came out. You would have thought a lightning bolt had fried their stock prices out of the blue sky. 

Really? While I was surprised by the FTC action, anyone who’s been paying attention knew that non-compete agreements were getting walloped left, right, and sideways. 

True, as Republican Commissioner Andrew Ferguson said, the ruling “nullifies more than 30 million existing contracts and forecloses tens of millions of future contracts.” That’s a big deal. But, again, the writing was on the wall. 

That’s why, while way too many CEOs are having conniptions at the moment, business and law-savvy groups such as the US Chamber of Commerce  immediately sued the FTC, seeking to overturn the decision. They were ready. 

Their lawyers are arguing that the ban applies to a host of contracts that could not harm competition in any way. Besides, the FTC didn’t have the power to issue such a ban. And, in any case, such a categorical ban wasn’t legal. Those are the arguments, at least.

Who’s right? Who’s wrong? Stick around and find out. I have every expectation that this will grind its way through the court system all the way to the Supreme Court sometime in the late 2020s. (I expect, by the way, that the issue that will decide the case won’t have anything directly to do with the FTC’s ruling; it’ll revolve around whether the FTC has the power to make such a fundamental legal policy change.)

In the meantime, you have about four months to decide what to do about your non-compete agreements before the FTC ruling goes into effect. Once it hits, all existing non-compete agreements will be nullified, except for those applying to executives in “policy-making positions” who make at least $151,164 a year. And the ruling won’t let your company impose any new non-competes, even on executives.

Personally, I’d dump any non-compete agreements immediately and rewrite my employment contracts to use NDAs and trade secrets in their place. No matter what the courts decide, employees hate non-compete agreements — that won’t change.

And what does all this mean for top tech talent that’s been feeling trapped? It’s time to talk to your bosses about whether they really want to keep you around and explain that the carrot of a better deal will be a whole lot sweeter than the threat of a non-compete clause. If they don’t hear you? Get ready to walk. The doors are opening.

Careers, Government, IT Jobs, IT Skills, Regulation

Google has once again pushed its plans to deprecate third-party tracking cookies in its Chrome web browser as it works to address outstanding competition concerns from U.K. regulators over its Privacy Sandbox initiative. The tech giant said it's working closely with the U.K. Competition and Markets Authority (CMA) and hopes to achieve an agreement by the end of the year. As part of theNewsroomhttp://www.blogger.com/profile/[email protected]

A new malware campaign leveraged two zero-day flaws in Cisco networking gear to deliver custom malware and facilitate covert data collection on target environments. Cisco Talos, which dubbed the activity ArcaneDoor, attributed it as the handiwork of a previously undocumented sophisticated state-sponsored actor it tracks under the name UAT4356 (aka Storm-1849 by Microsoft). "UAT4356 Newsroomhttp://www.blogger.com/profile/[email protected]

Meta will license the software underpinning its Quest headsets to third-party hardware manufacturers in a bid to spur wider adoption of mixed-reality technology. 

Access to Horizon OS — the operating system used in Quest devices — should reduce barriers to market for hardware makers seeking to create new products, Meta said. And software developers will benefit from a larger audience for mixed-reality apps that can be sold in Meta’s Horizon app store (formerly Quest Store). 

“Developers will have a much larger range of hardware that can run their apps, and more device makers will expand their market to a wider range of users, much like we’ve seen with PCs and smartphones,” Meta said in a blog post Monday.

​The push for an open ecosystem offers Meta a chance to build on its early dominance in the AR/VR market, say analysts, while lowering the barrier for entry to hardware makers. 

“This is a smart move for Meta to diversify their hardware ecosystem, while also working to make Meta Horizon OS the standard mixed-reality headset OS,” said Will McKeon-White, senior analyst at Forrester.“Before, they were effectively dependent on Oculus sales — this decouples their OS from their headset and hardware efforts.”

What is Horizon OS — and who will use it?

Based on a modified version of Google’s Android operating system, Meta’s Horizon OS is the result of a decade of work to build virtual and mixed reality products, the company said. Meta has spent billions of dollars in recent years to create devices such as the Quest 3 and Quest Pro. This includes adding features such as real-time video pass-through, “inside-out” tracking that tracks a user’s movements and position, and spatial anchors that allow digital objects to be fixed in physical space. 

Several companies have already lined up to incorporate Horizon OS into their hardware: Lenovo, Asus, and Microsoft’s Xbox gaming business. 

Asus and Xbox will focus on gaming, while Lenovo — which previously partnered with Meta to produce the Oculus Rift S — will develop headsets targeted at “productivity, learning and development,” Meta said. It may take a couple of years before the devices are available, Meta CEO Mark Zuckerberg said in an Instagram video message Monday.  

By opening its OS to others in the market, Meta is “taking a page out of the Google playbook,” said Ramon Llamas, research director with IDC’s devices and displays team, referencing Android’s position in the smartphone and smartwatch markets. 

“Google put together the platform and a bunch of vendors ran with it,” he said, noting that Google’s own hardware competes with partners such as Samsung and others that rely on Android.

As with Android on smartphones, access to a pre-existing software ecosystem is a big draw for mixed-reality headset vendors, particularly at an early stage of the market when demand remains low.

Eliminating barriers for hardware makers

Creating a mixed-reality headset is a significant engineering challenge for hardware makers, Llamas said, and the need to also build the underlying software compounds the issue. “Especially if you’re a small player, that’s a terrific hurdle to cross,” he said.

Some of those issues are now being removed, however. Headset vendors can now get specialized VR chipsets from Qualcomm, with a software platform available from Meta. “That’s an attractive value proposition — this is going to remove a lot of barriers for a lot of companies,” said Llamas.

A more mature ecosystem could help drive customer adoption. By incorporating Meta’s Horizon OS, hardware vendors could find it easier to convince customers they have the requisite apps and ecosystem to support their product, said Anshel Sag, principal analyst at Moor Insights and Strategy. 

Despite the potential benefits, hardware vendors need to consider whether partnering with Meta is the right strategy. “It remains to be seen who else is going to jump on board,” he said. “There’s a lot to like, but do your due diligence and make sure this is a good fit for you.”

Competition from Apple, Google                         

Meta is the dominant player in AR/VR market, accounting for over 60% of units sold in Q4 of 2023, according to IDC data. It’s a large chunk of a relatively small market, with IDC forecasting 9.7 million devices will be sold globally this year. 

Though demand for mixed-reality devices has not yet taken off, Meta faces competition on several fronts. The launch of Apple’s Vision Pro earlier this year provided a new rival (alongside validation of the device category), though Apple’s costly device is only expected to sell a few hundred thousand units this year.

Google is also expected to provide the operating system for Samsung’s mixed-reality headset that’s due to launch later this year. While Google is the major challenger to Apple’s mobile ecosystem with Android, the extent of its ambitions in the AR/VR market remain aren’t clear at this stage.

Meta, which has made the biggest investment in mixed-reality technologies in recent years, has an early advantage, said Sag, with a relatively strong library of 3D apps compared to Google and Apple; the latter two are effectively starting from scratch with their own software efforts. 

The decision to provide access to its OS could provide another advantage going forward. “Meta has the headstart here…, opening their ecosystem and making development easier will be a challenge to Apple and Google and will ultimately benefit everyone, with more competition among ecosystems,” said Sag.

For mixed-reality device customers, increased competition in the market should be good news. 

“The real winner in all this is going to be the end user,” said Llamas. “It’s going to be the consumer for now, and it’s going to be the enterprise user shortly thereafter.”

Augmented Reality, Google, Virtual Reality

The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Monday sanctioned two firms and four individuals for their involvement in malicious cyber activities on behalf of the Iranian Islamic Revolutionary Guard Corps Cyber Electronic Command (IRGC-CEC) from at least 2016 to April 2021. This includes the front companies Mehrsam Andisheh Saz Nik (MASN) and Dadeh Newsroomhttp://www.blogger.com/profile/[email protected]

Cybersecurity researchers have discovered an ongoing attack campaign that's leveraging phishing emails to deliver a malware called SSLoad. The campaign, codenamed FROZEN#SHADOW by Securonix, also involves the deployment of Cobalt Strike and the ConnectWise ScreenConnect remote desktop software. "SSLoad is designed to stealthily infiltrate systems, gather sensitive Newsroomhttp://www.blogger.com/profile/[email protected]

Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a Debian-based operating system that enables users to remain incognito online and securely browse the web.

In Complete Guide to Keylogging in Linux: Part 1 , we discussed how to write keyloggers for Linux by reading keyboard device events. This article will continue to discuss keyboard event capture so you have more techniques to use for keylogger attacks in network security.

Fedora 40 , the newest version of the Fedora operating system, is an efficient and lightning-fast release with various new and useful features. Compared to its previous releases, Fedora 40 is lightning-fast and offers maximum efficiency to users.

Keylogger attacks in network security have become more popular over time. Therefore, businesses must implement procedures and tactics to prevent these network security issues from harming a server.

High-end APT groups perform highly interesting social engineering campaigns in order to penetrate well-protected targets. For example, carefully constructed forum responses on precision targeted accounts and follow-up “out-of-band” interactions regarding underground rail system simulator software helped deliver Green Lambert implants in the Middle East. And, in what seems to be a learned approach, the XZ Utils project penetration was likely a patient, multi-year approach, both planned in advance but somewhat clumsily executed.

This recently exposed offensive effort slowly introduced a small cast of remote characters, communications, and malicious code to the more than decade old open-source project XZ Utils and its maintainer, Lasse Collin. The backdoor code was inserted in February and March 2024, mostly by Jia Cheong Tan, likely a fictitious identity. The end goal was to covertly implement an exclusive use backdoor in sshd by targeting the XZ Utils build process, and push the backdoored code to the major Linux distributions as a part of a large-scale supply chain attack.

While this highly targeted and interactive social engineering approach might not be completely novel, it is extraordinary. Also extraordinary is the stunningly subtle insertion of malicious code leveraging the build process in plain sight. This build process focus during a major supply chain attack is comparable only to the CozyDuke/DarkHalo/APT29/NOBELIUM Solarwinds compromise and the SUNSPOT implant’s cunning and persistent presence – its monitoring capability for the execution of a Solarwinds build, and its malicious code insertion during any Solarwinds build execution. Only this time, it’s human involvement in the build process.

It’s notable that one of the key differentiators of the Solarwinds incident from prior supply chain attacks was the adversary’s covert, prolonged access to the source/development environment. In this XZ Utils incident, this prolonged access was obtained via social engineering and extended with fictitious human identity interactions in plain sight.

One of the best publicly available chronological timelines on the social engineering side of the XZ Utils incident is posted by Russ Cox, currently a Google researcher. It’s highly recommended reading. Notably, Cox writes: “This post is a detailed timeline that I have constructed of the social engineering aspect of the attack, which appears to date back to late 2021.”

A Singaporean guy, an Indian guy, and a German guy walk into a bar…

Three identities pressure XZ Utils creator and maintainer Lasse Collin in summer 2022 to provoke an open-source code project handover: Jia Tan/Jia Cheong Tan, Dennis Ens, and Jigar Kumar. These identities are made up of a GitHub account, three free email accounts with similar name schemes, an IRC and Ubuntu One account, email communications on XZ Utils developer mailing lists and downstream maintainers, and code. Their goal was to grant full access to XZ Utils source code to Jia Tan and subtly introduce malicious code into XZ Utils – the identities even interact with one another on mail threads, complaining about the need to replace Lasse Collin as the XZ Utils maintainer.

Note that the geographic dispersion of fictitious identities is a bit forced here, perhaps to dispel hints of coordination: Singaporean or Malaysian (possibly of a Hokkien dialect), northern European, and Indian. Misspellings and grammar mistakes are similar across the three identities’ communications. The “Jia Tan” identity seems a bit forced as well – the only public geolocation data is a Singaporean VPN exit node that the identity may have used on March 29 to access the XZ Utils Libera IRC chat. If constructing a fictitious identity, using that particular exit node would definitely be a selected resource.

Our pDNS confirms this IP as a Witopia VPN exit. While we might expect a “jiat75” or “jiatan018” username for the “Jia Tan” Libera IRC account, this one in the screenshot above may have been used on March 29, 2024 by the “JiaT75” actor.

One additional identity, Hans Jansen, introduced a June 2023 performance optimization into the XZ Utils source, committed by Collin, and later leveraged by jiaT75’s backdoor code. Jia Tan gleefully accepted the proposed IFUNC additions: “Thanks for the PR and the helpful links! Overall this seems like a nice improvement to our function-picking strategy for CRC64. It will likely be useful when we implement CRC32 CLMUL too :)”.

This pull request is the Jansen identity’s only interaction with the XZ Utils project itself. And, unlike the other two identities, the Jansen account is not used to pressure Collin to turn over XZ Utils maintenance. Instead, the Hans Jansen identity provided the code and then disappeared. Nine months later, following the backdoor code insertion, Jansen urged a major Linux vendor in the supply chain to incorporate the backdoored XZ Utils code in their distribution. The identity resurfaced on a Debian bug report on March 24, 2024, creating an opportunity to generate urgency in including the backdoored code in the Debian distribution.

Jia Tan Identity and Activity

The Jia Cheong Tan (JiaT75) GitHub account, eventually promoted to co-maintainer of XZ Utils, which inserted the malicious backdoor code, was created January 26, 2021. JiaT75 was not exclusively involved in XZ Utils, having authored over 500 patches to multiple GitHub projects going back to early 2022.

• oss-fuzz
• cpp-docs
• wasmtime
• xz

These innocuous patches helped to build the identity of JiaT75 as a legitimate open source contributor and potential maintainer for the XZ Utils project. The patch efforts helped to establish a relationship with Lasse Collin as well.

The first JiaT75 code contribution to XZ Utils occurred on October 29, 2021. It was sent to the xz-devel mailing list. It was a very simple editor config file introduction. Following this initial innocuous addition, over the next two years, JiaT75 authored hundreds of changes for the XZ project.

Yes, JiaT75 contributed code on both weekends and what appear to be workdays. However, an interesting anomaly is that the 2024 malicious commits occur out of sync with many previous commits. A Huntress researcher going by the alias “Alden” posted a visualization of the malicious Jia Tan commits to XZ Utils. JiaT75 commits the malicious code completely out of sync with prior work times on Feb 23–26, and March 8 and 9, 2024.

The time differences for the malicious commits is noticeable. What might this anomaly suggest? We speculate on several possibilities:

• the JiaT75 account was used by a second party to insert the malicious code, either known or unknown to the individual contributor.
• the JiaT75 individual contributor was rushed to commit the malicious backdoor code.
• the JiaT75 account was run by a team of individuals and one part of the team needed to work without interruption outside of the usual constructed work day.

Especially devious is the manner in which the obfuscated backdoor code is introduced in multiple separate pieces by JiaT75. Even though it was open-source, the bulk of the backdoor does not show up in the XZ source-code tree, is not human readable, and was not recognized.

Summer 2022 Pressure to Add a Maintainer

Multiple identities of interest pressured Lasse Collin to add a maintainer over the summer of 2022. The intensity of pressure on Collin varies per account, but they all create opportunities to pressure Collin and interact.

Name GitHub Account Email Creation Jia Tan/Jia Cheong Tan JiaT75 [email protected] January 26, 2021 Dennis Ens – [email protected] – Jigar Kumar – [email protected] –

If we take the first interaction on the xz-devel mailing list as the start of the campaign, Jia Tan sent a superficial code patch on September 29, 2021. This timestamp is eight months after the github account creation date. This initial contribution is harmless, but establishes this identity within the open-source project.

A year later, Jigar Kumar pressured Lasse Collin to hand over access to Jia Tan over the spring and summer of 2022 in six chiding comments over two different threads.

Wed, 27 Apr 2022 11:42:57 -0700 Re: [xz-devel] [PATCH] String to filter and filter to string Your efforts are good but based on the slow release schedule it will unfortunatly be years until the community actually gets this quality of life feature. Thu, 28 Apr 2022 10:10:48 -0700 Re: [xz-devel] [PATCH] String to filter and filter to string Patches spend years on this mailing list. 5.2.0 release was 7 years ago. There
is no reason to think anything is coming soon. Fri, 27 May 2022 10:49:47 -0700 Re: [xz-devel] [PATCH] String to filter and filter to string Over 1 month and no closer to being merged. Not a suprise. Tue, 07 Jun 2022 09:00:18 -0700 Re: [xz-devel] XZ for Java Progress will not happen until there is new maintainer. XZ for C has sparse
commit log too. Dennis you are better off waiting until new maintainer happens
or fork yourself. Submitting patches here has no purpose these days. The
current maintainer lost interest or doesn’t care to maintain anymore. It is sad
to see for a repo like this. Tue, 14 Jun 2022 11:16:07 -0700 Re: [xz-devel] XZ for Java With your current rate, I very doubt to see 5.4.0 release this year. The only
progress since april has been small changes to test code. You ignore the many
patches bit rotting away on this mailing list. Right now you choke your repo.
Why wait until 5.4.0 to change maintainer? Why delay what your repo needs? Wed, 22 Jun 2022 10:05:06 -0700 Re: [xz-devel] [PATCH] String to filter and filter to string “Is there any progress on this? Jia I see you have recent commits. Why can’t you
commit this yourself?”

The Dennis Ens identity sets up a thread of their own, and follows up by pressuring maintainer Collin in one particularly forceful and obnoxious message to the list. The identity leverages a personal vulnerability that Collin shared on this thread. The Jigar Kumar identity responds twice to this thread, bitterly complaining about the maintainer: “Dennis you are better off waiting until new maintainer happens or fork yourself.”

Thu, 19 May 2022 12:26:03 -0700 XZ for Java Is XZ for Java still maintained? I asked a question here a week ago
and have not heard back. When I view the git log I can see it has not
updated in over a year. I am looking for things like multithreaded
encoding / decoding and a few updates that Brett Okken had submitted
(but are still waiting for merge). Should I add these things to only
my local version, or is there a plan for these things in the future? Tue, 21 Jun 2022 13:24:47 -0700 Re: [xz-devel] XZ for Java I am sorry about your mental health issues, but its important to be
aware of your own limits. I get that this is a hobby project for all
contributors, but the community desires more. Why not pass on
maintainership for XZ for C so you can give XZ for Java more
attention? Or pass on XZ for Java to someone else to focus on XZ for
C? Trying to maintain both means that neither are maintained well.

Reflecting on these data points still leads us to shaky ground. Until more details are publicized, we are left with speculation:

• In a three-year project, a small team successfully penetrated the XZ Utils codebase with a slow and low-pressure campaign. They manipulated the introduction of a malicious actor into the trusted position of code co-maintainer. They then initiated and attempted to speed up the process of distributing malicious code targeting sshd to major vendor Linux distributions
• In a three-year project, an individual successfully penetrated the XZ Utils codebase with a slow and low-pressure campaign. The one individual managed several identities to manipulate their own introduction into the trusted position of open source co-maintainer. They then initiated and attempted to speed up the process of distributing malicious code targeting sshd to major vendor Linux distributions
• In an extremely short timeframe in early 2024, a small team successfully manipulated an individual (Jia Tan) that legitimately earned access to an interesting open-source project as code maintainer. Two other individuals (Jigar Kumar, Dennis Ens) may have coincidentally complained and pressured Collin to hand over the maintainer role. That leveraged individual began inserting malicious code into the project over the course of a couple of weeks.

Spring 2024 Pressure to Import Backdoored Code to Debian

Several identities attempted to pressure Debian maintainers to import the backdoored upstream XZ Utils code to their distribution in March 2024. The Hans Jansen identity created a Debian report log on March 25, 2024 to raise urgency to include the backdoored code: “Dear mentors, I am looking for a sponsor for my package “xz-utils”.”

Name Email address Hans Jansen [email protected] krygorin4545 [email protected] [email protected] [email protected]

The thread was responded to within a day by additional identities using the email address scheme name-number@freeservice[.]com:

Date: Tue, 26 Mar 2024 19:27:47 +0000 From: krygorin4545 <[email protected]> Subject: Re: RFS: xz-utils/5.6.1-0.1 [NMU] — XZ-format compression utilities Also seeing this bug. Extra valgrind output causes some failed tests for me. Looks like the new version will resolve it. Would like this new version so I can continue work Date: Tue, 26 Mar 2024 22:50:54 +0100 (CET) From: [email protected] Subject: Re: RFS: xz-utils/5.6.1-0.1 [NMU] — XZ-format compression I noticed this last week and almost made a valgrind bug. Glad to see it being fixed. Thanks Hans!

The code changes received pushback from Debian contributors:

Date: Tue, 26 Mar 2024 22:11:19 +0000 (UTC) From: Thorsten Glaser <[email protected]> Subject: new upstream versions as NMU vs. xz maintenance Very much *not* a fan of NMUs doing large changes such as
new upstream versions.But this does give us the question, what’s up with the
maintenance of xz-utils? Same as with the lack of security
uploads of git, which you also maintain, are you active? Are you well?

To which one of these likely sock puppet accounts almost immediately responded, in order to counteract any distraction from pushing the changes:

Date: Wed, 27 Mar 2024 12:46:32 +0000 From: krygorin4545 <[email protected]> Subject: Re: Bug#1067708: new upstream versions as NMU vs. xz maintenance Instead of having a policy debate over who is proper to do this upload, can this just be fixed? The named maintainer hasn’t done an upload in 5 years. Fedora considered this a serious bug and fixed it weeks ago (). Fixing a valgrind break across many apps throughout Debian is the priority here. What NeXZt?

Clearly social engineering techniques have much lower technical requirements to gain full access to development environments than what we saw with prior supply chain attacks like the Solarwinds, M.E.Doc ExPetya, and ASUS ShadowHammer incidents. We have presented and compared these particular supply chain attacks, their techniques, and their complexities, at prior SAS events [registration required], distilling an assessment into a manageable table.

Unfortunately, we expect more open-source project incidents like XZ Utils compromise to be exposed in the months to come. As a matter of fact, at the time of this writing, the Open Source Security Foundation (OSSF) has identified similar social engineering-driven incidents in other open-source projects, and claims that the XZ Utils social engineering effort is highly likely not an isolated incident.

Back in the 19th century, if the United States or some other military power wanted to bend a smaller country to its will, it would often display its might with a show of force, sending a fearsome display of gunboats just offshore its target. The naval display usually made its point: not a single shell had to be fired for the smaller nation to accede to the demands of the day. 

It was known as gunboat diplomacy.

Today, gunboats no longer rule the world. Tech (and, increasingly, generative AI) do. And Microsoft is now working hand in glove with the federal government to use its considerable genAI might to win what is being called a “tech Cold War” the US is waging against China.

The cooperation has just begun, but it’s already bearing fruit, getting a powerful genAI company based in the United Arab Emirates to cut its ties to China and align with the US. At first blush, it sounds like a win-win: What can possibly be bad about boxing out China from the Middle East, increasing US cooperation with Arab states, and showering profits on a US company for its help?

As it turns out, a lot could wrong. There are significant dangers when the most powerful (and wealthiest) nation on the planet works so closely and secretly with the world leader in AI. The biggest danger: by cooperating so closely with Microsoft, is the US giving up on ever trying to reign in genAI, which researchers have already warned could represent an existential threat to humanity if not regulated properly?

Let’s look at the how the federal government and Microsoft worked together to outmaneuver China and push it out of G42, the most influential AI company in the Middle East, and what that means for emerging plans to regulate genAI tools and platforms.

Boxing China out of the Middle East’s Best AI Company

The immediate target of this round of tech diplomacy is the United Arab Emirates-based G42, which is about as well-connected as any company can be. The New York Times describes it as “a crown jewel for the UAE, which is building an artificial intelligence industry as an alternative to oil income.” It’s controlled by Sheikh Tahnoon bin Zayed, the UAE’s national security adviser, who is among the most powerful members of Abu Dhabi’s royal family, according to Forbes.

The Times says G42 is right in the middle of US efforts to blunt  “China’s ambitions to gain supremacy in the world’s cutting-edge technologies, including artificial intelligence, big data, quantum computing, cloud computing, surveillance infrastructure and genomic research.”

Before the Microsoft deal, the US was especially concerned about G42’s connections to large Chinese tech firms, including telecommunications giant Huawei — which is under US sanctions — and possibly even the Chinese government.

According to the Times, US officials worried G42 was being used to siphon off advanced American technology to Chinese tech firms or to the Chinese government. “Intelligence reports have also warned that G42’s dealings with Chinese firms could be a pipeline to get the genetic data of millions of Americans and others into the hands of the Chinese government,” the Times reported.

Enter Washington’s most powerful officials and the point of its sharp spear, Microsoft. We don’t know exactly what happened behind the scenes. But we do know a deal was “largely orchestrated by the Biden administration to box out China as Washington and Beijing battle over who will exercise technological influence in the Persian Gulf region and beyond,” according to the Times.

US Commerce Secretary Gina Raimondo traveled twice to the Emirates to get the complex agreement done. It gave the US — and Microsoft — exactly what they wanted. Microsoft will invest $1.5 billion in G42, which will sell Microsoft services to train and tune genAI models. G42 will also use Microsoft’s Azure cloud services, and it agreed to a secret security arrangement, of which no details have been made public. 

Chinese technology, including from Huawei and others, will be stripped out of the company. Microsoft President Brad Smith will join G42’s board, and Microsoft will audit the company’s use of its technology. (It wouldn’t be a surprise if that auditing is designed in part to ensure the connection between G42 and Chinese companies and government has been completely severed.)

So, in essence, the US pushed China out of the most influential genAI company in the Middle East and Microsoft now has a significant foothold in a region that will be spending countless billions on AI as it pivots away from an oil economy. In the words of the Times, the deal could become “a model for how US firms leverage their technological leadership in AI to lure countries away from Chinese tech, while reaping huge financial awards.”

What happens next?

The G42 deal has largely flown under the radar, while much more public skirmishes have been fought in the tech Cold War between the US and China — including the battle over banning TikTok in the US and China’s decision to force Apple to pull WhatsApp, Threads and Signal from its Chinese App Store. But TikTok and the others are just a side show. The future is AI, not tweens watching 30-second videos about silly pranks and makeup tips.

That means Microsoft will have an increasingly close relationship with the US government, as will other genAI leaders, including Alphabet, OpenAI, Meta and Amazon. If the US is to thwart China’s AI and tech ambitions, it desperately needs those companies’ cooperation.

But that kind of cooperation comes at a price. The US has a terrible track record in reigning in tech. The Biden administration has been willing to use anti-trust laws to go after Big Tech, even though Congress has been unwilling to act. But it’s hard to imagine the government will continue to wield the Big Stick of anti-trust investigations and lawsuits if, at the same time, it’s asking Microsoft and others to do its bidding against China. 

The first victim of the tech Cold War against China might well be serious government oversight over the dangers of AI.

Generative AI, Government, Microsoft, Regulation, Technology Industry

Has there ever been something as simultaneously invaluable and irritating as our modern-day device notifications?

All the beeps, bloops, and blorps our various gadgets send our way serve an important purpose, of course — at least in theory. They keep us attuned to our professional and personal networks and everything around ’em to make sure we never miss anything important.

But they also demand our attention, interrupt what we’re doing, and annoy us endlessly, often with stuff that really doesn’t require any immediate acknowledgment or reaction.

And while Android’s notification systems offer plenty of nuanced control over how different alerts do and don’t reach you, it still seems virtually impossible to avoid swimming in a sprawling sea of stuff in your phone’s notification panel at the end of each day.

So what if there were a better way — a smarter system that could monitor your incoming Android notifications for you, condense all the less pressing noise down into a single alert, and make sure you see only the messages, meetings, and reminders that really matter?

[Get fresh practical knowledge in your inbox with my free Android Intelligence newsletter. Three new things to try every Friday!]

My friend and fellow Android-appreciating organism, have I got just the thing for you.

Meet your Android notification nanny

Brace yourself, dear biped: I’m about to draw your attention to one of the best and most powerful Android productivity tools out there — and one shockingly few mortal beings seem to be aware of.

Much like the Android app drawer enhancement we talked about the other day, it’s a perfect example of the type of advanced customization and efficiency-enhancing intelligence that’s possible only on Android. But you really have to be in the know to know about it.

Allow me to introduce you to a brilliant little somethin’ called BuzzKill.

BuzzKill is an Android app that, in the simplest possible terms, lets you create custom filters for your Android phone’s notifications — almost like Gmail filters, only for Android alerts instead of emails.

I’ve talked about BuzzKill before and shown you all the basics of how it works and what kinds of simple, insanely helpful things it can do for you. Today, I want to zone in on a specific new “experimental” feature the app recently started offering and why it might be worth your attention.

The feature is called Summarize. And it does exactly what you’d expect, from that name: It takes clusters of incoming notifications that meet certain conditions and then combines ’em together into a single, far less overwhelming and distraction-creating alert.

You might, for instance, ask BuzzKill to intercept all incoming notifications from your Android Messages app during the workday and combine ’em into one notification you can easily see at a glance when you’re ready to catch up. Or maybe you’d want it to collect all your incoming Slack alerts in the evenings and group those together to avoid a freeway-style backup at the top of your screen.

Heck, maybe you want it to watch for all notifications from Messages, Slack, and Gmail on the weekends, keep ’em all together in a single summarized notification, and then ding your phone incessantly if any of the incoming messages has a specific word or phrase indicating a need for immediate attention — something like, say, “urgent,” “broken,” or “holy humbuggery, what in the name of codswallop just happened?!”

Whatever the specifics, you’ll only have to think through and set up those parameters once. And from that moment forward, anytime notifications meeting your conditions come in, you’ll see something like this:

Android notifications, summarized — with minimal clutter and distraction.

JR Raphael, IDG

Just a single combined alert for all that activity — not bad, right?

If there’s nothing particularly important, you can swipe it away in one swift gesture, using any finger you like (hint, hint; choose carefully). If you want to explore any of the summarized contents further, you can tap the “Expand” command in the notification’s corner to — well, y’know…

My Android notifications expanded back into their standard, split-apart state.

JR Raphael, IDG

Kinda handy, wouldn’t ya say?

Where BuzzKill’s powers really come into play are with all the extenuating circumstances you can set up — and how impossibly easy the app makes it to manage it all. All I did to get the above going was create a super-simple “if this, then that”-style rule within BuzzKill, like so:

The behind-the-scenes magic that makes my Android notification summarizing happen.

JR Raphael, IDG

And then, to build in a supplementary rule that makes sure certain high-priority notifications stand out from that summary and grab my immediate attention, I created a second “if this, then that” guideline:

BuzzKill understands that there’s an exception to every rule.

JR Raphael, IDG

See? Told ya it was easy!

And make no mistake about it: All of this all just scratching the surface of what BuzzKill can accomplish. One of my favorite ways to use it, for instance, is to keep low-priority notifications from interrupting me at all during the workday and instead have ’em batched together into a single evening-time delivery.

All my Photos alerts arrive in one batch daily, thanks to this nifty notification rule.

JR Raphael, IDG

I also rely on it to prevent rapid-fire back-to-back messages from buzzing my phone 7,000 times in seven seconds — a problem Android 15 appears poised to address, too, albeit in a much less nuanced and customizable way.

Take that, rapid-fire short-message texters!

JR Raphael, IDG

The app’s new experimental notification summarization option is so interesting and packed with potential, though, I just had to share it with you once I really started exploring it and thinking through all the ways it could be helpful.

BuzzKill costs four bucks, as a one-time up-front payment. The app doesn’t require any unusual permissions, doesn’t collect any form of data from your phone, and doesn’t have any manner of access to the internet — meaning it’d have no way of sharing your information even if it wanted to.

It’s yet another illuminating illustration of the incredible productivity power Android provides us — a power anyone can embrace, with the right set of know-how.

And now, you have it. Happy filtering!

Learn all sorts of useful tech tricks with my free Android Intelligence newsletter. Three new things try every Friday — straight from me to you.

Android, Google, Mobile Apps, Productivity Software

Security vulnerabilities uncovered in cloud-based pinyin keyboard apps could be exploited to reveal users' keystrokes to nefarious actors. The findings come from the Citizen Lab, which discovered weaknesses in eight of nine apps from vendors like Baidu, Honor, iFlytek, OPPO, Samsung, Tencent, Vivo, and Xiaomi. The only vendor whose keyboard app did not have any security Newsroomhttp://www.blogger.com/profile/[email protected]

Compliance requirements are meant to increase cybersecurity transparency and accountability. As cyber threats increase, so do the number of compliance frameworks and the specificity of the security controls, policies, and activities they include. For CISOs and their teams, that means compliance is a time-consuming, high-stakes process that demands strong organizational and The Hacker Newshttp://www.blogger.com/profile/[email protected]

A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like XMRig through a long-standing threat codenamed GuptiMiner targeting large corporate networks. Cybersecurity firm Avast said the activity is the work of a threat actor with possible connections to a North Korean hacking group dubbed Newsroomhttp://www.blogger.com/profile/[email protected]

A new ongoing malware campaign has been observed distributing three different stealers, such as CryptBot, LummaC2, and Rhadamanthys hosted on Content Delivery Network (CDN) cache domains since at least February 2024. Cisco Talos has attributed the activity with moderate confidence to a threat actor tracked as CoralRaider, a suspected Vietnamese-origin Newsroomhttp://www.blogger.com/profile/[email protected]

What is iCloud Drive?

In the simplest terms, iCloud Drive is Apple’s cross-platform cloud storage system that allows users to sync and store files, photos, videos, calendar events, contacts and other important data. iCloud Drive has been around since 2014, and while the platform is much more robust that it was in the early days, sometimes devices that rely on it don’t sync properly.

What is iCloud sync?

iCloud sync allows all of your devices to access the same updated data (or photos, videos, contacts, etc.), regardless of device. It’s usually reliable, but sometimes you’ll find content fails to sync between devices in the few seconds it should take. If this seems to be happening to you, these simple tricks can help get things running smoothly again.

Is iCloud sync on by default?

Yes, iCloud should be syncing your data automatically. But if there are some things you don’t want synced across devices, you can specify what gets shared via iCloud in System Settings (macOS) and Settings (iOS). You can even turn it off completely if for some reason you don’t want your data to sync.

Is everything up-to-date?

First, check to make sure you are running the latest version of macOS on your Mac, iOS on your iPad or iPhone, or Windows on a PC.

Check that iCloud is working

It also makes sense to double-check that iCloud services are working correctly before running through any other changes. You can visit Apple’s System Status page to make sure things are indeed up and running.

One of the first things to do is check Apple’s system status page for any outages.

Make sure you are properly logged in

Step two is to ensure you are logged into iCloud using the same Apple ID on all your devices. Go to icloud.com, login with your Apple ID and then tap iCloud Settings (either the gear-shaped box icon or by selecting it in the drop-down menu underneath your name at the top right of the iCloud browser window).

In the next window, you should see your storage space status and a row called My Devices. Are all the devices you want to sync included on the list? If not, it is possible they are not using the same Apple ID. (You can do quite a lot of useful things through iCloud’s online service).

Check dates and time

Next, check all the devices that should be syncing. You must ensure these are configured to set time and date automatically and have iCloud Drive/Documents & Data enabled. Follow these steps:

iOS: Settings>Apple ID>iCloud>iCloud Drive. Toggle to On

Mac: System Preferences>iCloud>ensure all the iCloud services you want to sync are checked.

Make sure iCloud is enabled for specific apps

If you have a particularly balky app that isn’t syncing as it should, you’ll want to check System Settings (in macOS) or Settings (in iOS). Click on your Apple ID account, scroll down to iCloud, and check there to see which apps are using iCloud. If your iCloud access for the app isn’t on, you’ll want to enable it. If it’s there, toggle iCloud access off, then on again to (hopefully) get things in sync again.

Check that cellular access is enabled

If everything is syncing okay while you’re using Wi-Fi networks, but you run into problems while on a cellular network, you’ll want to make sure cellular access is turned on. You can check this in Settings (in iOS); scroll down to Cellular and check to make sure it’s enabled for the apps you use. Also, scroll all the way down to make sure iCloud Drive is enabled over cellular.

Force Sync

Once you know your system(s) are set up correctly, you can use this simple trick to force iCloud Contacts and Calendars to sync:

To refresh your iCloud Calendars, launch the app on your iOS device and tap the “Calendars” button at the bottom of the page. When you get to the next page just tap and hold your finger on the screen and drag the list down until the activity icon appears and release the page. The activity icon will spin briefly, and you should find iCloud has synced your calendars for you.

This also works with Contacts. Launch the app and select “Groups” on the All Contacts page. Once you are in Groups, just tap and hold your finger and drag the page down as you did for Calendars. The activity icon will appear, and your Contacts will be synced.

Log out of iCloud and log in again

If you regularly experience sync problems with your iOS device(s) and you know your network is stable, then you should try logging out of your iCloud account on your iOS device or Mac, then log back in.

IMPORTANT: Before doing this, be certain to follow Apple’s extensive instructions to back up your iCloud data.

Sometimes, logging out of iCloud and then logging back in will clear up syncing problems.

Jonny Evans

At icloud.com you can see all of your devices in one place.

To log out, go to iCloud Settings/System Preferences and click Sign Out. You’ll have to respond to a series of prompts before this completes.

Restart your device, return to iCloud’s controls and sign back in. (Please make certain to use the same email address for your Apple ID across all your systems.)

Now you should re-enable all the iCloud features you want to use.

This process usually solves any sync problems you may have, though you may find it necessary to repeat this sequence on all your devices.

Restart your device(s)

If problems persist then close and restart the relevant iCloud-enabled app: Contacts or Calendar, for example. Double-click the Home button (or swipe up to about halfway up the screen and hold for a second or so on iPhone X), swipe through your active apps and swipe up to close the app. (You can long press the app icon and then tap the X that appears on iPhone X.) Return to the Home screen and wait a few moments before launching the app again.

Another approach that sometimes works is to turn off iCloud Contacts and turn it on again. Go to Settings>Apple ID>iCloud, then turn off Contacts.  Unless you have a copy of your contacts stored elsewhere, you should then choose Keep on My iPhone/iPad.

Wait a few moments and turn Contacts on again in Settings.

Reset your device(s)

Never underestimate the power of a hard reset to resolve many iOS problems. To achieve a hard reset on iOS devices simply hold down the Power and Home buttons until the device turns off and the Apple logo appears. The device will restart and system processes will be refreshed, which sometimes fixes iCloud sync problems.

Google+? If you use social media and happen to be a Google+ user, why not join AppleHolic’s Kool Aid Corner community and join the conversation as we pursue the spirit of the New Model Apple?

Got a story? Drop me a line via Twitter or in comments below and let me know. I’d like it if you chose to follow me on Twitter so I can let you know when fresh items are published here first on Computerworld.

Apple, Cloud Storage, iCloud

Toxic work environments and a lack of internal upward mobility are adding to employee dissatisfaction, and many workers believe a primary cause of the problem stems from the behavior of their managers, according to a new study by career development and outplacement firm Intoo.

The survey, conducted in partnership with research firm Workplace Intelligence, also found Gen Z employees are engaging more in “AI Career Coaching” and claim to get their best career advice from ChatGPT. Around 47% of Gen Zers say they get better advice from a chatbot than from their manager. More broadly, 77% of employees and 79% of human resource leaders said they’d experienced at least one characteristic of a toxic workplace in their jobs.

Lydia Frank, vice president of marketing at Chronus, a career development platform, said because Gen Zers were the first generation to grow up with the internet as a part of daily life, they’are accustomed to everything being a click away. “Which is why we’ve seen them heavily adopt and make use of generative AI for everything and anything. Career advice is no exception,” she said.

“Often, Gen Zers are turning to ChatGPT for career advice because they are not satisfied with their current company’s learning and development programs or lack the professional networks earlier generations were able to build when hybrid workplaces were the exception, not the rule,” she said. “We’re seeing a lot of Gen Zers that lack mentorship — especially when working remotely — which is why they’re either trying to learn a new skill or navigate a workplace situation through consulting ChatGPT,” Frank said.

Poor treatment at work and a lack of career advancement have also led to a growing number of workers to actively seeking employment elsewhere, according to the Intoo survey of 800 employees and 800 human resource leaders. The survey data, collected between Nov. 19 and Dec. 2, 2023, was originally published in February, then updated and re-released Tuesday. 

The survey focused on what makes a workplace toxic and what would create a positive work environment that leads to greater job satisfaction, better performance, and higher retention.

The top factor contributing to toxic workplaces is managers showing favoritism towards certain employees, according to 46% of employees surveyed by Intoo and Workplace Intelligence. And 42% cited managers or leaders who ignore employee feedback as contributing to poor work environments.

Adding to the problem: bad advice from managers, according to the survey data. More than a third (39%) of workers said they’d received bad career advice from managers. In fact, employees said they get better career advice from their friends and family (62%), Google (44%), social media (36%), and genAI (34% overall) than they get from their boss.

According to Intoo’s survey, 63% of respondents felt their employer cares more about productivity than career development, and 54% said they feel completely on their own at their organization when it comes to career development. Forty-four percent said their employer does not value their career development.

In tandem with those sentiments, HR leaders in the survey predict that 25% of employees (and 44% of Gen Z employees) are likely to quit their jobs within the next six months due to a lack of support for career development.

Career path confusion

A separate workplace study done by recruitment and outplacement firm LHH found that nearly half of 30,000 full-time employees in 27 countries (46%) want to change careers — but don’t know which path to take. And 72% of workers contemplate future plans — such as their next job, reskilling, and upskilling — at least once a quarter.

A majority of workers (86%) are confident that they could find a new job within six months up, from 61% in 2022, whether it’s through their own networks (74%), independent job search (71%), or a staffing agency (68%), according to the LHH survey. But nearly half (46%) don’t feel their managers would support them in moving to another role within the organization.

Additionally, 47% are keeping up to date with open job opportunities, yet not applying for them, according to LHH data. However, another 18% are actively applying for jobs and 19% indicated they’re interviewing with prospective employers. Only 8% are looking for new opportunities internal to their company.

Among other big takeaway from LHH’s report? Organizations need to invest in their employees in order to attract skilled talent, especially from tech. “Workers in tech are the most confident that their skills can transfer to another industry or to another role within the tech field,” the report said.

The broader sense of unease is shared across geographies and industries, especially in Australia (65%), China (62%), Turkey (59%), and the US (57%), where workers feel strongest that external factors affect their careers more than they do themselves. In these countries, employees are less likely to quit for salary reasons than because they want to start their own businesses, showing they want to feel empowered.

Many younger employees make career decisions based on their values and want to be able to drive change within their organizations, but feel powerless to do that, according to a recent survey by Deloitte. Over half of respondents (58% of Gen Zs and 55% of millennials) say their organization currently seeks input from employees and incorporates their feedback, but roughly a third (32% of Gen Zs and 35% of millennials) say decisions are still made from the top and employee feedback is not often acted upon.

Careers, IT Leadership, Technology Industry