Technology

cross-posted from: https://lemmy.sdf.org/post/32848522

Archived

Though less well-known than groups like Volt Typhoon and Salt Typhoon, Brass Typhoon, or APT 41, is an infamous, longtime espionage actor that foreshadowed recent telecom hacks.

As China continues its digital gambit around the world, researchers are warning that hacking activity from long-tracked groups is evolving and blending together. On top of that, attackers are hiding their campaigns more effectively and blurring the lines between cybercriminals and state-backed hacking.

Last year, revelations rocked the United States federal government that the Chinese hacking group known as “Salt Typhoon” had breached at least nine major US telecoms. And the group’s rampage even continued into this year in the US and other countries around the world. Meanwhile, the Beijing-linked hacking group “Volt Typhoon” has continued to lurk in US critical infrastructure and utilities around the world. Meanwhile, the notoriously versatile syndicate known as Brass Typhoon—also called APT 41 or Barium—has been operating in the shadows.

[...]

Brass Typhoon is known for having carried out a notable string of software supply chain attacks in the late 2010s and for brazen attacks on telecoms around the same time in which the group specifically targeted call record data. The gang is also known for its hybrid activity, carrying out hacks that align with Chinese state-sponsored espionage by the Chinese Ministry of State Security, but also moonlighting on seemingly cybercriminal projects, particularly focused on the video game industry and in-game currency scams.

Research indicates that Brass Typhoon has continued to be active in recent months with financial crimes targeting online gambling platforms as well as espionage targeting manufacturing and energy firms. Its sustained activity has run in parallel to Salt and Volt Typhoon’s recent, attention-grabbing campaigns, and analysis increasingly shows that China’s state-backed hacking operations must be viewed comprehensively, not just in terms of individual actors.

[...]

cross-posted from: https://lemmy.sdf.org/post/32836649

Archived

A Chinese state-owned company that was previously sanctioned by the U.S. for facilitating human rights abuses against Uyghurs is now training police officers in Tibet on hacking techniques and digital forensics, according to a watchdog organization.

SDIC Intelligence Xiamen Information Co Ltd, a digital forensics company better known as Meiya Pico, won a contract in mid-2023 to build two labs at the Tibet Police College: one on offensive and defensive cyber techniques and the other on electronic evidence collection and analysis. Details of the approximately $1.32 million contract were analyzed and released on Wednesday by Turquoise Roof, a research network focused on Tibet.

The contracts include “servers for the cyber range, network switches, intrusion simulation software, forensic workstations and] evidence storage systems,” the researchers said.

Founded in 1999 as an independent company, Meiya Pico is now state-owned, and as of 2019 it reportedly had a 45% market share of China’s digital forensics market. Its products have raised controversy globally for their invasiveness, including a spyware app called MFSocket that police have allegedly installed on phones throughout the country during inspections of smartphones.

[...]

According to the company, it has conducted training courses in 30 countries as part of China’s Belt and Road Initiative.

[...]

cross-posted from: https://lemmy.sdf.org/post/32835964

Archived

[...]

In one [Tiktok] video that has nearly 10 million views, a creator claims to be able to sell yoga pants from the same manufacturer that supplies Lululemon for $5-$6, instead of the $100 they sell for in the United States.

“The material and the craftsmanship are basically the same because they come from the same production line,” she says, standing in front of what appears to be a factory.

In another, a man standing on a factory floor claims to have access to manufacturers that produce Louis Vuitton bags, which he says can be sold directly to customers for $50.

But both companies deny their products are finished in China, and experts told The Independent the videos are likely an effort by counterfeit or “dupe” manufacturers to take advantage of the chaos over the tariffs to boost their sales.

“They're trying to conflate the fake manufacturers in China with the real manufacturers,” said Conrad Quilty-Harper, author of Dark Luxury, a newsletter about the luxury goods industry.

“They're very clever with their social media, and they’re very effective at driving demand in the West,” he added.

[...]

Louis Vuitton has said repeatedly that it does not manufacture products in China.

[...]

TikTok users have reported seeing the videos appear in their feeds in recent days as the trade war between the U.S. and China continues to heat up.

[...]

The counterfeit market in China is the largest in the world. U.S. Customs seized counterfeit items worth some $1.8 billion in recommended retail price in 2023.

Quilty-Harper said the counterfeit industry in China has been a concern for Western companies for years. And the enforcement of trademark and intellectual property rights internally has tended to depend on the geopolitical climate.

“In the past, the Chinese authorities have been stricter on it, and sometimes they've been looser on it, and often that's to do with the relationship with the US and previous presidents,” he said.

“This is part of a huge geopolitical battle between America and China over intellectual property. And it's just fascinating to see this sort of propaganda fight happening on these very high-traffic TikTok videos,” he added.

cross-posted from: https://lemmy.sdf.org/post/32830658

[This is an op-ed by Valentin Weber, senior research fellow with the German Council on Foreign Relations. He is the author of the International Forum for Democratic Studies report “Data-Centric Authoritarianism: How China’s Development of Frontier Technologies Could Globalize Repression.” His research covers the intersection of cybersecurity, artificial intelligence, quantum technologies, and technological spheres of influence.]

[...]

While the financial, economic, technological, and national-security implications of DeepSeek’s achievement have been widely covered, there has been little discussion of its significance for authoritarian governance. DeepSeek has massive potential to enhance China’s already pervasive surveillance state, and it will bring the Chinese Communist Party (CCP) closer than ever to its goal of possessing an automated, autonomous, and scientific tool for repressing its people.

[...]

With the world’s largest public AI-surveillance networks — “smart cities” — Chinese police started to amass vast amounts of data. But some Chinese experts lamented that smart cities were not actually that smart: They could track and find pedestrians and vehicles but could not offer concrete guidance to authorities — such as providing police officers with different options for handling specific situations.

[...]

China’s surveillance-industrial complex took a big leap in the mid-2010s. Now, AI-powered surveillance networks could do more than help the CCP to track the whereabouts of citizens (the chess pawns). It could also suggest to the party which moves to make, which figures to use, and what strategies to take.

[...]

Inside China, such a network of large-scale AGI [Artificial General Intelligence] systems could autonomously improve repression in real time, rooting out the possibility of civic action in urban metropolises. Outside the country, if cities such as Kuala Lumpur, Malaysia — where China first exported Alibaba’s City Brain system in 2018 — were either run by a Chinese-developed city brain that had reached AGI or plugged into a Chinese city-brain network, they would quietly lose their governance autonomy to these highly complex systems that were devised to achieve CCP urban-governance goals.

[...]

As China’s surveillance state begins its third evolution, the technology is beginning to shift from merely providing decision-making support to actually acting on the CCP’s behalf.

[...]

The next step in the evolution of China’s surveillance state will be to integrate generative-AI models like DeepSeek into urban surveillance infrastructures. Lenovo, a Hong Kong corporation with headquarters in Beijing, is already rolling out programs that fuse LLMs with public-surveillance systems. In [the Spanish city of] Barcelona, the company is administering its Visual Insights Network for AI (VINA), which allows law enforcement and city-management personnel to search and summarize large amounts of video footage instantaneously.

[...]

The CCP, with its vast access to the data of China-based companies, could use DeepSeek to enforce laws and intimidate adversaries in myriad ways — for example, deploying AI police agents to cancel a Lunar New Year holiday trip planned by someone required by the state to stay within a geofenced area; or telephoning activists after a protest to warn of the consequences of joining future demonstrations. It could also save police officers’ time. Rather than issuing “invitations to tea” (a euphemism for questioning), AI agents could conduct phone interviews and analyze suspects’ voices and emotional cues for signs of repentance. Police operators would, however, still need to confirm any action taken by AI agents.

[...]

DeepSeek and similar generative-AI tools make surveillance technology smarter and cheaper. This will likely allow the CCP to stay in power longer, and propel the export of Chinese AI surveillance systems across the world — to the detriment of global freedom.

[Edit typo.]

cross-posted from: https://lemmy.sdf.org/post/32709886

Big Tech have mastered the art of delay and deflection. Under the GDPR’s ‘one-stop-shop’ mechanism, cases are often handled by regulators in the country where a company is based, rather than where harm occurs. This means that when someone in France, Poland, or Spain suffers from unlawful data misuse by a company based in Ireland or Luxembourg, their complaint can get stuck in an enforcement black hole.

[...]

Right now, EU policymakers have a chance to fix this. The GDPR Procedural Regulation—currently in negotiations—could finally close these enforcement loopholes. It could ensure faster, more efficient investigations, remove barriers to redress, and empower DPAs to take meaningful action. The regulation is not just about bureaucratic processes; it is about making GDPR enforcement a reality, ensuring that cross-border cases are handled fairly and efficiently, rather than getting lost in the complexity of the one-stop-shop mechanism.

Yet, despite its significance, this file has not received the attention it deserves. Too often, procedural law is dismissed as ‘boring’ or ‘too technical’—just another set of legal rules that seem far removed from everyday life. But this perception is dangerously misguided. In reality, this regulation underpins the very foundation of human rights online. It determines whether people [...] can seek justice when their data is misused, whether harmful algorithmic profiling can be stopped, and whether the EU’s much-celebrated digital rights framework has real teeth. Many of the harms EU institutions claim to be concerned about – from misinformation to AI-driven discrimination – are exacerbated by the enforcement failures this regulation seeks to address.

Data protection is not just about privacy—it’s about power, and about many other fundamental rights. If we allow enforcement failures to persist, we allow gigantic corporations and other bad actors to control, distort, and weaponise our identities and deepen vulnerabilities. The EU must act now to ensure that GDPR enforcement becomes a reality, not just a promise.

[...]

cross-posted from: https://lemmy.sdf.org/post/32431077

Two spyware variants are targeting Uyghur, Taiwanese and Tibetan groups and individuals, the U.K.’s National Cyber Security Centre warned in a joint alert (opens pdf) Wednesday with Western allies.

[...]

Cybersecurity researchers have previously linked the BADBAZAAR and MOONSHINE spyware to the Chinese government. The variants mentioned in Wednesday’s alert trojanize apps that are of interest to the target communities, such as a Uyghur language Quran app, and have appeared in official app stores.

“BADBAZAAR and MOONSHINE collect data which would almost certainly be of value to the Chinese state,” the alert reads. Agencies in Australia, Canada, Germany, New Zealand and the United States, namely the FBI and National Security Agency, collaborated on it.

Groups most at risk include those focused on Taiwanese independence, Tibetan rights, Uyghur Muslims, democracy advocacy and Falun Gong, according to the alert. The espionage tools can access and download information like location data or messages and photos, and can access microphones and cameras on a phone.

BADBAZAAR is mobile malware with both iOS and Android variants, while MOONSHINE is Android-only. MOONSHINE has been shared through Telegram channels and links sent via WhatsApp.

[...]

Beyond official app stores, BADBAZAAR also spreads through social media platforms. It’s been drawing its own attention from cybersecurity researchers since at least 2022 when Lookout identified it.

cross-posted from: https://lemmy.sdf.org/post/32330527

At a time when reducing imports and building national capacity is become ever more important, Ukraine has achieved what seemed impossible: producing drones using entirely locally made components. This gives them an unrivalled ability to develop and mass produce drones to their exact requirements. More surprising is the cost. Rather than adding a premium, by building locally the Ukrainians are actually undercutting Chinese makers.

[...]

cross-posted from: https://lemmy.sdf.org/post/32323159

Archived

The Russian disinformation network “Matryoshka” is spreading fake videos on X, posing as Western media and quoting “relatives of Nikola Tesla” who glorify Elon Musk and criticize Ukrainians, the Bot Blocker project told The Insider. The videos, bearing the logos of Euronews, Deutsche Welle, and Car&Driver, show photos of Nikola Tesla, Musk, and Ukrainian protesters, with a voiceover reading the script.

One of the videos asserts that Tesla's heirs are receiving threats from Ukrainians because of Musk and Tesla's company name. Another video claims the grandnephew of the famous scientist accuses Ukrainians of setting Tesla cars on fire.

“Nikola Tesla's nephew Dusan Kosanovic has endorsed Musk and his company. Kosanovich says he is proud to have the name of his illustrious ancestor associated with such a company. And he is sick of Ukrainians around the world protesting Musk and Tesla. 'All the negativity around Tesla has to do with a small group of people no one has to worry about. Ukrainians can only destroy what others have created with hard work.' Earlier, a wave of arson attacks on Tesla cars swept across the U.S. and Europe.”

Meanwhile, open sources do not contain any reference to a Tesla descendant named Dusan Kosanovic. The famous scientist did have a nephew — his younger sister's son, Sava Kosanovic, but he died in 1956. No data on the existence of Sava Kosanovic's son could be found — to say nothing of any quotes regarding Musk or Ukrainians. Elon Musk himself has yet to repost these videos.

[...]

The disinformation campaign known as Matryoshka (“Russian doll”) began as early as September 2023. It was first described by the Bot Blocker project. Most frequently, bots use videos denigrating Ukrainians, bearing the logos of reputable Western media outlets in order to create an appearance of credibility. Earlier, the campaign organizers used Twitter to appeal to Western journalists with the request that they “verify the information” — namely, the network’s own fake materials and anti-Ukrainian propaganda. These posts were then shared en masse by stolen accounts, ensuring a broad circulation.

[...]

Three young children huddle in front of a camera, cross-legged and cupping their hands. “Please support me. We are very poor,” says a boy, staring down the lens.

They appear to be in a mud-brick hut in Afghanistan, living in extreme poverty. But their live stream is reaching viewers in the UK and worldwide – via TikTok Live.

For hours, they beg for virtual “gifts” that can later be exchanged for money. When they get one, they clap politely. On another live stream, a girl jumps up and shouts: “Thank you, we love you!” after receiving a digital rose from a woman in the US, who bought it from TikTok for about 1p. By the time it’s cashed out it could be worth less than a third of a penny.

TikTok says it bans child begging and other forms of begging it considers exploitative, and says it has strict policies on users who go live.

But an Observer investigation has found the practice widespread. Begging live streams are actively promoted by the algorithm and TikTok profits from the content, taking fees and commission of up to 70%.

Olivier de Schutter, the UN special rapporteur on extreme poverty and human rights, called the trend a “shocking development” and accused TikTok and middlemen of “profiting from people’s misery”. “Taking a cut of people’s suffering is nothing short of digital predation. I urge TikTok to take immediate action and enforce its own policies on exploitative begging and seriously question the ‘commission’ it is taking from the world’s most vulnerable people,” he said.

Jeffrey DeMarco, digital harm expert at Save the Children, said: “The documented practices represent significant abuses and immediate action must be taken to ensure platforms no longer allow, or benefit directly or indirectly, from content such as this.”

[...]

cross-posted from: https://lemmy.sdf.org/post/32113472

Archived

As a 7.7 magnitude earthquake struck Myanmar and Thailand last Friday, the temblor rattled buildings across the sprawling Thai capital of Bangkok, home to an incredible 142 skyscrapers. When the shaking ceased all were standing strong — with one very notable exception. The State Audit Office (SAO) building in Chatuchak district, a 30-story skyscraper still under construction by a subsidiary of a Chinese state-owned enterprise, collapsed into a heap of rubble, trapping nearly 100 people inside.

As of this week, 15 have been confirmed dead in the collapse, and a further 72 remain missing. Thailand announced over the weekend that it was launching an investigation to determine the cause of the collapse, and the prime minister said the tragedy had seriously damaged the country’s image.

As emergency teams sifted through the wreckage in the immediate aftermath, the building’s primary contractor, China Railway No. 10 Engineering Group, came under intense public anger and scrutiny. Anger was further fueled by clear efforts by the company, and by Chinese authorities, to sweep the project and the tragedy under the rug.

Shortly after the collapse, the China Railway No. 10 Engineering Group removed a post from its WeChat account that had celebrated the recent capping of the building, praising the project as the company’s first “super high-rise building overseas,” and “a calling card for CR No. 10’s development in Thailand.” Archived versions of this and other posts were shared by Thais on social media, including one academic who re-posted a deleted promo video to his Facebook account — noting with bitter irony that it boasted of the building’s tensile strength and earthquake resistance.

Trying to access news of the building collapse inside China [...] queries on domestic search engines returned only deleted articles from Shanghai-based outlets such as The Paper (澎湃新闻) and Guancha (观察网). In a post to Weibo, former Global Times editor Hu Xijin (胡锡进) confessed that the building “probably had quality issues.” Even this post was rapidly deleted, making clear that the authorities were coming down hard on the story.

Meanwhile, the machinery of propaganda continued to turn out feel-good news on China’s response to the quake. The Global Times reported that emergency assistance for Myanmar embodied Xi Jinping’s foreign policy vision of a “community of shared future for mankind.” In Hong Kong, the Ta Kung Pao (大公報) newspaper, run by the Liaison Office of China’s central government, twisted the knife into the United States as it reported on the earthquake response, noting the absence of USAID, recently dismantled by the Trump administration. Behind the news, the paper declared, “China’s selfless response demonstrates the responsibility of a great power.”

cross-posted from: https://lemmy.sdf.org/post/32102322

Archived

TikTok owner ByteDance is set to be hit by a privacy fine of more than €500 million for illegally shipping European users’ data to China, adding to the growing global backlash over the video-sharing app.

Ireland’s data protection commission, the company’s main regulator in Europe, will issue the penalty against TikTok before the end of the month, according to people familiar with the matter.

The move comes after a lengthy investigation found the Chinese business fell foul of the European Union’s General Data Protection Regulation in sending the information to China to be accessed by engineers, added the people, who spoke under condition of anonymity.

[...]

As part of the decision from Ireland’s data protection commission, the regulator will order TikTok to suspend the unlawful data processing in China within a set time frame. China has long provoked the ire of privacy activists, who claim that the nation’s mass surveillance regime violates fundamental rights.

TikTok has been in the crosshairs of the Irish data protection commission before. In September 2023, it was fined €345 million for alleged lapses in the way it cares for children’s personal data. The watchdog has also sounded the alarm over Big Tech firms shipping the personal data of European citizens outside of the 27-member bloc, slapping a record €1.2 billion fine against Facebook owner Meta Platforms Inc. for failing to protect personal information from the American security services.

The Irish probe into TikTok started in 2021, when the regulator’s then head Helen Dixon claimed that EU user data could be accessed by “maintenance and AI engineers in China.”

[...]

cross-posted from: https://slrpnk.net/post/20327401

Archived

We have all been sucked in by those videos circulating online of “My $200 Shein Haul” or “Everything I bought for less than $5 from TEMU Review”, but who actually are the two new giants on the ultra fast fashion scene?

In a world where it seemed the general consensus had shifted towards more environmental and ethical consumption, how have these two brands established a global network reaching 150 countries worldwide, and what is at stake if they continue to grow unchecked?

...

How Are They So Cheap?

• Labour: The general rule is if you are paying an unbelievably low price for a product, the person making it has been paid an unfair wage for their labour. Often this means involvement of forced, child or penal labour and workers are subjected to awful conditions and chemicals. US lawmakers have previously warned of an ‘extremely high risk’ that Temu and Shein were using forced labour – for Shein this would look like as part of their supply chain manufacturing and Temu for offering products on their e-commerce site.

• Materials: Another huge sacrifice Shein and Temu make in a bid to keep prices extremely low yet profits up is with the quality, in particular the materials they use. The low-quality materials used and assemblage of items with little attention to longevity means the products often deteriorate and/or break quickly. But this is good news for Shein and Temu! Throwaway culture is how these platforms thrive, as they rely on our constant need to consume.

• Mode of production: Both Shein and Temy rely on high levels of consumption, to drive high levels of production, with a streamlined mode of production. This requirement for overconsumption is evident in marketing efforts on both brands’ platforms. Users are constantly bombarded with micro-advertisements on social media outlets such as Tiktok and Instagram, and even on their individual apps, there are offers, games and gambling opportunities to keep users addicted to buying.

What Are the real costs?

• Carbon Emissions: It is no secret that the fast fashion industry is one of the biggest contributors to carbon emissions, responsible for approximately 10% of all global emissions every year. Global supply chains, manufacturing of textiles, assembling of garments and transportation all add up towards a brands carbon footprint. Shein and Temu, more than ever, prioritize and even encourage throwaway culture (buy, throwing away, buying again) for profit.

• Toxic Chemicals and Pollution: Dying and treating textiles in the fashion industry is a huge contributor to water pollution globally, especially when regulation is poor/poorly enforced by authorities. This affects the quality of water for people locally and also for aquatic life. Furthermore, a recent investigation carried out by authorities in South Korea found carcinogenic substances (promoting the development of cancer) hundreds of times over the legal limit in Shein clothing. Similarly, a European investigation into toys, baby products, electronics and cosmetics sold on Temu that breach European regulation, with one toy tested containing phthalates 240 times above the legal limit. (Phthalates can affect the function of organs and long-term can affect pregnancy, child growth and development and affect reproductive systems in both children and adolescents).

• Excessive Demand for Raw Materials and Textile Waste: The world consumes approximately 80 billion new clothing items every year – that is a lot of new clothes! Brands like Shein and Temu rely on this constant consumption to continue to make a profit, however there is only so much resource on Earth, and everything has to go somewhere. Estimates predict Shein alone produces nearly 200,000 new items each day. One of the ways countries have dealt with ultra fast fashion consumption is by shipping textiles overseas. Ghana receives 150,000 tonnes of used clothes dumped every year, with approximately half of these unusable. The clothing is commonly dumped and burnt, polluting local ecosystems with dangerous industrial chemicals, and damaging freshwater sources for local people. This exportation of textile waste is a new wave of ‘clothing colonization’, in which exponential consumption in the ‘Global North’ flows to the ‘Global South’.

...

Archived

Unveiling Trae: ByteDance's AI IDE and Its Extensive Data Collection System

Trae - the coding assistant of China's ByteDance - has rapidly emerged as a formidable competitor to established AI coding assistants like Cursor and GitHub Copilot. Its main selling point? It's completely free - offering Claude 3.7 Sonnet and GPT-4o without any subscription fees. Unit 221B's technical analysis, using network traffic interception, binary analysis, and runtime monitoring, has identified a sophisticated telemetry framework that continuously transmits data to multiple ByteDance servers. From a cybersecurity perspective, this represents a complex data collection operation with significant security and privacy implications.

[...]

Key Findings:

• Persistent connections to minimum 5 unique ByteDance domains, creating multiple data transmission vectors
• Continuous telemetry transmission even during idle periods, indicating an always-on monitoring system
• Regular update checks and configuration pulls from ByteDance servers, allowing for dynamic control
• Permanent device identification via machineId parameter, which appears to be derived from hardware identifiers, enabling long-term tracking capabilities
• Local WebSocket channels observed collecting full file content, with portions potentially transmitted to remote servers
• Complex local microservice architecture with redundant pathways for code data, suggesting a deliberate system design
• JWT tokens and authentication data observed in multiple communication channels, presenting potential credential exposure concerns
• Use of binary MessagePack format observed in data transfers, adding complexity to security analysis
• Extensive behavioral tracking mechanisms capable of building detailed user activity profiles
• Sophisticated data segregation across multiple endpoints, consistent with enterprise-grade telemetry systems

[...]

Millions of Americans have downloaded apps that secretly route their internet traffic through Chinese companies, according to an investigation by the Tech Transparency Project (TTP), including several that were recently owned by a sanctioned firm with links to China’s military.

TTP’s investigation found that one in five of the top 100 free virtual private networks in the U.S. App Store during 2024 were surreptitiously owned by Chinese companies, which are obliged to hand over their users’ browsing data to the Chinese government under the country’s national security laws. Several of the apps traced back to Qihoo 360, a firm declared by the Defense Department to be a “Chinese Military Company." Qihoo did not respond to questions about its app-related holdings.

[...]

VPNs allow users to mask the IP address that can identify them, and, in theory, keep their internet browsing private. For that reason, they have been used by people around the world to sidestep government censorship or surveillance, or because they believe it will improve their online security. In the U.S., kids often download free VPNs to play games or access social media during school hours.

However, VPNs can themselves pose serious risks because the companies that provide them can read all the internet traffic routed through them. That risk is compounded in the case of Chinese apps, given China’s strict laws that can force companies in that country to secretly share access to their users’ data with the government.

[...]

The VPN apps identified by TTP have been downloaded more than 70 million times from U.S. app stores, according to data from AppMagic, a mobile apps market intelligence firm.

[...]

The findings raise questions about Apple’s carefully cultivated reputation for protecting user privacy. The company has repeatedly sought to fend off antitrust legislation designed to loosen its control of the App Store by arguing such efforts could compromise user privacy and security. But TTP’s investigation suggests that Apple is not taking adequate steps to determine who owns the apps it offers its users and what they do with the data they collect. More than a dozen of the Chinese VPNs were also available in Apple’s App Store in France in late February, showing that the issue extends to other Western markets.

[...]

Archived

TLDR:

• China has developed an Artificial Intelligence (AI) system that adds to its already powerful censorship machine, scanning content for all kinds of topics like corruption, military issues, Taiwan politics, satire
• The discovery was accidental, security researchers found an Elasticsearch database unsecured on the web, hosted by Chinese company Baidu
• Experts highlight that AI-driven censorship is evolving to make state control over public discourse even more sophisticated, especially after recent releases like China's AI model DeepSeek

A complaint about poverty in rural China. A news report about a corrupt Communist Party member. A cry for help about corrupt cops shaking down entrepreneurs.

These are just a few of the 133,000 examples fed into a sophisticated large language model that’s designed to automatically flag any piece of content considered sensitive by the Chinese government.

A leaked database seen by TechCrunch reveals China has developed an AI system that supercharges its already formidable censorship machine, extending far beyond traditional taboos like the Tiananmen Square massacre.

The system appears primarily geared toward censoring Chinese citizens online but could be used for other purposes, like improving Chinese AI models’ already extensive censorship.

Xiao Qiang, a researcher at UC Berkeley who studies Chinese censorship and who also examined the dataset, told TechCrunch that it was “clear evidence” that the Chinese government or its affiliates want to use LLMs to improve repression.

“Unlike traditional censorship mechanisms, which rely on human labor for keyword-based filtering and manual review, an LLM trained on such instructions would significantly improve the efficiency and granularity of state-led information control,” Qiang said.

[...]

The dataset was discovered by security researcher NetAskari, who shared a sample with TechCrunch after finding it stored in an unsecured Elasticsearch database hosted on a Baidu server [...] There’s no indication of who, exactly, built the dataset, but records show that the data is recent, with its latest entries dating from December 2024.

[...]

An LLM for detecting dissent

In language eerily reminiscent of how people prompt ChatGPT, the system’s creator tasks an unnamed LLM to figure out if a piece of content has anything to do with sensitive topics related to politics, social life, and the military. Such content is deemed “highest priority” and needs to be immediately flagged.

Top-priority topics include pollution and food safety scandals, financial fraud, and labor disputes, which are hot-button issues in China that sometimes lead to public protests — for example, the Shifang anti-pollution protests of 2012.

Any form of “political satire” is explicitly targeted. For example, if someone uses historical analogies to make a point about “current political figures,” that must be flagged instantly, and so must anything related to “Taiwan politics.” Military matters are extensively targeted, including reports of military movements, exercises, and weaponry.

[...]

Inside the training data

From this huge collection of 133,000 examples that the LLM must evaluate for censorship, TechCrunch gathered 10 representative pieces of content.

Topics likely to stir up social unrest are a recurring theme. One snippet, for example, is a post by a business owner complaining about corrupt local police officers shaking down entrepreneurs, a rising issue in China as its economy struggles.

Another piece of content laments rural poverty in China, describing run-down towns that only have elderly people and children left in them. There’s also a news report about the Chinese Communist Party (CCP) expelling a local official for severe corruption and believing in “superstitions” instead of Marxism.

There’s extensive material related to Taiwan and military matters, such as commentary about Taiwan’s military capabilities and details about a new Chinese jet fighter. The Chinese word for Taiwan (台湾) alone is mentioned over 15,000 times in the data.

[...]

The dataset [...] say that it’s intended for “public opinion work,” which offers a strong clue that it’s meant to serve Chinese government goals [...] Michael Caster, the Asia program manager of rights organization Article 19, explained that “public opinion work” is overseen by a powerful Chinese government regulator, the Cyberspace Administration of China (CAC), and typically refers to censorship and propaganda efforts.

[...]

Repression is getting smarter

[...]

Traditionally, China’s censorship methods rely on more basic algorithms that automatically block content mentioning blacklisted terms, like “Tiananmen massacre” or “Xi Jinping,” as many users experienced using DeepSeek for the first time.

But newer AI tech, like LLMs, can make censorship more efficient by finding even subtle criticism at a vast scale. Some AI systems can also keep improving as they gobble up more and more data.

“I think it’s crucial to highlight how AI-driven censorship is evolving, making state control over public discourse even more sophisticated, especially at a time when Chinese AI models such as DeepSeek are making headwaves,” Xiao, the Berkeley researcher, said.

There's nothing like retro gaming on the Raspberry Pi but we haven't quite seen a gaming rig like this. Leave it to the Pi community to blow our minds and expectations out of the water. This project, created by maker and developer John Park is using our favorite SBC — the Raspberry Pi 5 — to drive a cool wall arcade featuring RGB LED matrix panels as the main display.

According to Park, this setup doesn't just look the part. You can actually play games on the system like a real arcade using wired USB controllers. That said, you're limited by the display capabilities of the matrix panel display. It can run demos with cool retro-style animations but also play a few homebrew games that are created using the PICO-8 Fantasy console.

Archived

Elon Musk’s aerospace giant SpaceX allows investors from China to buy stakes in the company as long as the funds are routed through the Cayman Islands or other offshore secrecy hubs, according to previously unreported court records.

The rare picture of SpaceX’s approach recently emerged in an under-the-radar corporate dispute in [the U.S. state of] Delaware. Both SpaceX’s chief financial officer and Iqbaljit Kahlon, a major investor, were forced to testify in the case.

In December, Kahlon testified that SpaceX prefers to avoid investors from China because it is a defense contractor. There is a major exception though, he said: SpaceX finds it “acceptable” for Chinese investors to buy into the company through offshore vehicles.

“The primary mechanism is that those investors would come through intermediate entities that they would create or others would create,” Kahlon said. “Typically they would set up BVI structures or Cayman structures or Hong Kong structures and various other ones,” he added, using the acronym for the British Virgin Islands. Offshore vehicles are often used to keep investors anonymous.

Experts called SpaceX’s approach unusual, saying they were troubled by the possibility that a defense contractor would take active steps to conceal foreign ownership interests.

Kahlon, who has long been close to the company’s leadership, has said he owns billions of dollars of SpaceX stock. His investment firm also acts as a middleman, raising money from investors to buy highly sought SpaceX shares. He has routed money from China through the Caribbean to buy stakes in SpaceX multiple times, according to the court filings.

[...]

Federal law [in the U.S.] gives regulators broad power to oversee foreign investments in tech companies and defense contractors. Companies only have to proactively report Chinese investments in limited circumstances, and there aren’t hard and fast rules for how much is too much. However, the government can initiate investigations and then block or reverse transactions they deem a national security threat. That authority typically does not apply to purely passive investments in which a foreign investor is buying only a small slice of a company. But experts said that federal officials regularly ask companies to add up Chinese investments into an aggregate total.

The U.S. government charges that China has a systematic strategy of using even minority investments to secure leverage over companies in sensitive industries, as well as to gain privileged access to information about cutting-edge technology. U.S. regulators view even private investors in China as potential agents of the country’s government, experts said.

[...]

It’s not uncommon for foreigners to buy U.S. stock through a vehicle in the Cayman Islands, often to save money on taxes. But experts said it was strange for the party on the other side of a deal — the U.S. company — to prefer such an arrangement.

ProPublica spoke to 13 national security lawyers, corporate attorneys and experts in Chinese finance about the SpaceX testimony. Twelve said they had never heard of a U.S. company with such a requirement and could not think of a purpose for it besides concealing Chinese ownership in SpaceX. The 13th said they had heard of companies adopting the practice as a way to hide foreign investment.

[...]

The new material adds to the questions surrounding Musk’s extensive ties with China, which have taken a new urgency since the world’s richest man joined the Trump White House. Musk has regularly met with Communist Party officials in China to discuss his business interests in the country, which is where about half of Tesla cars are built.

[...]

The Delaware court records reveal SpaceX insiders’ intense preoccupation with secrecy when it comes to China and detail a network of independent middlemen peddling SpaceX shares to eager Chinese investors. (Unlike a public company, SpaceX exercises significant control over who can buy into the company, with the ability to block sales even between outside parties.)

[...]

The experts said the court testimony is puzzling enough that it raises the possibility that SpaceX has more substantial ties to China than are publicly known and is working to mask them from U.S. regulators. A more innocent explanation, they said, is that SpaceX is seeking to avoid scrutiny of perfectly legal investments by the media or Congress.

[...]

Musk’s business interests in China extend far beyond SpaceX’s ownership structure — a fact that has drawn criticism from Republican lawmakers over the years. In 2022, after Tesla opened a showroom in the Chinese region where the government runs Uyghur internment camps, then-Sen. Marco Rubio tweeted, “Nationless corporations are helping the Chinese Communist Party cover up genocide.”

[...]

In recent years, the billionaire has offered sympathetic remarks about China’s desire to reclaim Taiwan and lavished praise on the government. “My experience with the government of China is that they actually are very responsive to the people,” Musk said toward the end of Trump’s first term. “In fact, possibly more responsive to the happiness of people than in the U.S.”

Archived

Security researcher Tenable successfully used DeepSeek to create a keylogger that could hide an encrypted log file on disk as well as develop a simple ransomware executable.

At its core, DeepSeek can create the basic structure for malware. However, it is not capable of doing so without additional prompt engineering as well as manual code editing for more advanced features. For instance, DeepSeek struggled with implementing process hiding. "We got the DLL injection code it had generated working, but it required lots of manual intervention," Tenable writes in its report.

"Nonetheless, DeepSeek provides a useful compilation of techniques and search terms that can help someone with no prior experience in writing malicious code the ability to quickly familiarize themselves with the relevant concepts."

"Based on this analysis, we believe that DeepSeek is likely to fuel further development of malicious AI-generated code by cybercriminals in the near future."

cross-posted from: https://lemmy.sdf.org/post/31552333

A Trust Report for DeepSeek R1 by VIJIL, a security resercher company, indicates critical levels of risk with security and ethics, high levels of risk with privacy, stereotype, toxicity, hallucination, and fairness, a moderate level of risk with performance, and a low level of risk with robustness.

cross-posted from: https://lemmy.sdf.org/post/31525284

Archived

[...]

While the financial, economic, technological, and national-security implications of DeepSeek’s achievement have been widely covered, there has been little discussion of its significance for authoritarian governance. DeepSeek has massive potential to enhance China’s already pervasive surveillance state, and it will bring the Chinese Communist Party (CCP) closer than ever to its goal of possessing an automated, autonomous, and scientific tool for repressing its people.

Since its inception in the early 2000s, the Chinese surveillance state has undergone three evolutions. In the first, which lasted until the early 2010s, the CCP obtained situational awareness — knowledge of its citizens’ locations and behaviors — via intelligent-monitoring technology. In the second evolution, from the mid-2010s till now, AI systems began offering authorities some decision-making support. Today, we are on the cusp of a third transformation that will allow the CCP to use generative AI’s emerging reasoning capabilities to automate surveillance and hone repression.

[...]

China’s surveillance-industrial complex took a big leap in the mid-2010s. Now, AI-powered surveillance networks could do more than help the CCP to track the whereabouts of citizens (the chess pawns). It could also suggest to the party which moves to make, which figures to use, and what strategies to take.

[...]

Inside China, such a network of large-scale AGI [artificial general intelligence] systems could autonomously improve repression in real time, rooting out the possibility of civic action in urban metropolises. Outside the country, if cities such as Kuala Lumpur, Malaysia — where China first exported Alibaba’s City Brain system in 2018 — were either run by a Chinese-developed city brain that had reached AGI or plugged into a Chinese city-brain network, they would quietly lose their governance autonomy to these highly complex systems that were devised to achieve CCP urban-governance goals.

[...]

As China’s surveillance state begins its third evolution, the technology is beginning to shift from merely providing decision-making support to actually acting on the CCP’s behalf.

[...]

DeepSeek [...] is this technology that would, for example, allow a self-driving car to recognize road signs even on a street it had never traveled before. [...] The advent of DeepSeek has already impelled tech experts in the United States to take similar approaches. Researchers at Stanford University managed to produce a powerful AI system for under US$50, training it on Google’s Gemini 2.0 Flash Thinking Experimental. By driving down the cost of LLMs, including for security purposes, DeepSeek will thus enable the proliferation of advanced AI and accelerate the rollout of Chinese surveillance infrastructure globally.

[...]

The next step in the evolution of China’s surveillance state will be to integrate generative-AI models like DeepSeek into urban surveillance infrastructures. Lenovo, a Hong Kong corporation with headquarters in Beijing, is already rolling out programs that fuse LLMs with public-surveillance systems. In Barcelona, the company is administering its Visual Insights Network for AI (VINA), which allows law enforcement and city-management personnel to search and summarize large amounts of video footage instantaneously.

[...]

The CCP, with its vast access to the data of China-based companies, could use DeepSeek to enforce laws and intimidate adversaries in myriad ways — for example, deploying AI police agents to cancel a Lunar New Year holiday trip planned by someone required by the state to stay within a geofenced area; or telephoning activists after a protest to warn of the consequences of joining future demonstrations. It could also save police officers’ time. Rather than issuing “invitations to tea” (a euphemism for questioning), AI agents could conduct phone interviews and analyze suspects’ voices and emotional cues for signs of repentance.

[...]

cross-posted from: https://lemmy.sdf.org/post/31373501

Today, EDRi filed a DSA complaint against social media giant ‘X’ in the EU, together with our member ApTI Romania. Our investigation found that X is likely in breach of its obligations towards Trusted Flaggers by misleading them—in all tested languages except English—to submit illegal content notices on a wrong, non-functional online form.

cross-posted from: https://lemmy.sdf.org/post/31339721

• Cyber security firm ESET discovered a cyberespionage operation by the China-aligned MirrorFace advanced persistent threat (APT) group against a Central European diplomatic institute in relation to upcoming Expo 2025 in Japan.
• MirrorFace has refreshed both its tooling and tactics, techniques, and procedures (TTPs).
• To our knowledge, this represents the first time that MirrorFace has targeted a European entity.
• MirrorFace has started using ANEL, a backdoor previously associated exclusively with APT10, and deployed a heavily customized variant of AsyncRAT, using a complex execution chain to run it inside Windows Sandbox.

"Known primarily for its cyberespionage activities against organizations in Japan, to the best of our knowledge, this is the first time MirrorFace has shown intent to infiltrate a European entity," Eset says in the report.

The campaign was uncovered in Q2 and Q3 of 2024 and named Operation AkaiRyū (Japanese for RedDragon) by ESET; it showcases refreshed TTPs that ESET Research observed throughout last year.

“MirrorFace targeted a Central European diplomatic institute. To our knowledge, this is the first, and, to date, only time MirrorFace has targeted an entity in Europe,” says ESET researcher Dominik Breitenbacher, who investigated the AkaiRyū campaign.

MirrorFace operators set up their spearphishing attack by crafting an email message that references a previous, legitimate interaction between the institute and a Japanese NGO. During this attack, the threat actor used the upcoming World Expo 2025 – to be held in Osaka, Japan – as a lure. This further shows that even considering this new broader geographic targeting, MirrorFace remains focused on Japan and events related to it. Before the attack on this European diplomatic institute, MirrorFace targeted two employees at a Japanese research institute, using a malicious, password-protected Word document delivered in an unknown manner.

[...]

Archive

An exploitation avenue found by Trend Micro in Windows has been used in an eight-year-long spying campaign, but there's no sign of a fix from Microsoft, which apparently considers this a low priority.

The attack method is low-tech but effective, relying on malicious .LNK shortcut files rigged with commands to download malware. While appearing to point to legitimate files or executables, these shortcuts quietly include extra instructions to fetch or unpack and attempt to run malicious payloads.

Ordinarily, the shortcut's target and command-line arguments would be clearly visible in Windows, making suspicious commands easy to spot. But Trend's Zero Day Initiative said it observed North Korea-backed crews padding out the command-line arguments with megabytes of whitespace, burying the actual commands deep out of sight in the user interface.

Trend reported this to Microsoft in September last year and estimates that it has been used since 2017. It said it had found nearly 1,000 tampered .LNK files in circulation but estimates the actual number of attacks could have been higher.

"This is one of many bugs that the attackers are using, but this is one that is not patched and that's why we reported it as a zero day," Dustin Childs, head of threat awareness at the Zero Day Initiative, [said].

"We told Microsoft but they consider it a UI issue, not a security issue. So it doesn't meet their bar for servicing as a security update, but it might be fixed in a later OS version, or something along those lines."

[...]

cross-posted from: https://slrpnk.net/post/19676598

The copyright status of digital content shared online is often unclear, hindering its reuse. To address this issue, the CommonsDB initiative, funded by the European Commission, is building a prototype registry of Public Domain and openly licensed works. To enhance legal certainty for digital content reuse, the registry will employ decentralized identifiers for consistent content and rights recognition.

[...]

cross-posted from: https://lemmy.sdf.org/post/31222338

Russia is conducting an escalating and violent campaign of sabotage and subversion against European and U.S. targets in Europe led by Russian military intelligence (the GRU), according to a new CSIS database of Russian activity. The number of Russian attacks nearly tripled between 2023 and 2024. Russia’s primary targets have included transportation, government, critical infrastructure, and industry, and its main weapons and tactics have included explosives, blunt or edged instruments (such as anchors), and electronic attack. Despite the increase in Russian attacks, Western countries have not developed an effective strategy to counter these attacks.

[...]

Today, Russian active measures support the following types of foreign policy objectives:

• Influencing public opinion through psychological operations in Europe, the United States, and other countries to support Russian interests.
• Coercing governments, companies, or individuals to stop taking specific actions, particularly curbing military and other assistance to Ukraine.
• Deterring countries, companies, or individuals from taking specific actions, such as escalating the type and amount of military aid to Ukraine.
• Deterring Russian soldiers, government officials, and citizens from defecting to the West.
• Creating fissures between governments, especially between NATO allies.
• Undermining the democratic norms and values that underpin the West.

[...]