The U.S. wants to limit China's access to advanced AI chips, reports the Wall Street Journal, with new rules to restrict sales in parts of the world.

"The rules are aimed at China, but they threaten to create conflict between the U.S. and nations that may not want their purchases of chips micromanaged from Washington. The latest round of curbs could come this month... Among the restrictions, the administration aims to introduce caps on shipments of AI chips to certain countries for use in large computing facilities, people familiar with the plans said. One grouping of countries — close U.S. allies — would be unrestricted, the people said, while another tier of countries would face limits on the number of chips that can go into data centers used for AI... The purchasing caps primarily apply to regions such as Southeast Asia and the Middle East, the people said...

The administration recently sent letters to major chip-makers including Taiwan Semiconductor Manufacturing and Samsung Electronics informing them about some of the restrictions, these people said. The letters said the companies needed to apply for a license to transfer chips to China that are manufactured using advanced chip-making technology or meet other criteria. These criteria include a size and transistor-number limit as well as any indication that the chips are for use in training AI models, the people said. Previous regulations already limit the shipment of advanced GPUs and memory chips to China, but the new rules spell out more clearly to manufacturers what is banned.
U.S. officials "are also considering other options," the article points out. "The administration is considering placing controls on exports of the so-called weights that underlie advanced AI models, according to people familiar with the matter, and weighing further China-specific restrictions on chip manufacturing."

America's telecom-regulating Federal Communications Commission "has opened up the entire 6 GHz frequency band to very low-power devices," reports the Register, "alongside other unlicensed applications such as Wi-Fi kits." The FCC said it has adopted extra rules to allow very low-power device operation across the entire 1,200 MHz of the 6 GHz band, from 5.925 to 7.125 GHz, within the US. The agency had already opened up 850 MHz of the band to small mobile devices a year ago, and has now decided to open up the remaining 350 MHz.

It hopes that this will give a shot in the arm to an ecosystem of short-range devices such as wearables, healthcare monitors, short-range mobile hotspots, and in-car devices that will be able to make use of this spectrum without the need of a license. These applications often call for low power transmission across short distances, but at very high connection speeds, the FCC says — otherwise, existing technologies like Bluetooth could suffice. "This 1,200 MHz means unlicensed bandwidth with a mix of high capacity and low latency that is absolutely prime for immersive, real-time applications," said Jessica Rosenworcel, the FCC's outgoing chair. "These are the airwaves where we can develop wearable technologies and expand access to augmented and virtual reality in ways that will provide new opportunities in education, healthcare, and entertainment."

Because these are such low-power devices, no restrictions have been placed on where they can be used, and they will not be required to operate under the control of an automatic frequency coordination system, as some Wi-Fi equipment must to avoid interference with existing services that use the 6 GHz spectrum. However, to minimize the risk of any potential interference, the devices will be required to implement a transmit power control mechanism and employ a contention-based protocol, requiring a device to listen to the channel before transmission. They are, however, prohibited from operating as part of any fixed outdoor infrastructure.

An anonymous reader quotes a report from Ars Technica: A sophisticated and ongoing supply-chain attack operating for the past year has been stealing sensitive login credentials from both malicious and benevolent security personnel by infecting them with Trojanized versions of open source software from GitHub and NPM, researchers said. The campaign, first reported three weeks ago by security firm Checkmarx and again on Friday by Datadog Security Labs, uses multiple avenues to infect the devices of researchers in security and other technical fields. One is through packages that have been available on open source repositories for over a year. They install a professionally developed backdoor that takes pains to conceal its presence. The unknown threat actors behind the campaign have also employed spear phishing that targets thousands of researchers who publish papers on the arXiv platform.

The objectives of the threat actors are also multifaceted. One is the collection of SSH private keys, Amazon Web Services access keys, command histories, and other sensitive information from infected devices every 12 hours. When this post went live, dozens of machines remained infected, and an online account on Dropbox contained some 390,000 credentials for WordPress websites taken by the attackers, most likely by stealing them from fellow malicious threat actors. The malware used in the campaign also installs cryptomining software that was present on at least 68 machines as of last month. It's unclear who the threat actors are or what their motives may be. Datadog researchers have designated the group MUT-1244, with MUT short for "mysterious unattributed threat."

An anonymous reader quotes a report from Engadget: The United States Postal Service unveiled a plan to buy a fleet of all-electric mail trucks for its mail carriers back in 2022, of which 3,000 were supposed to be delivered by now. Unfortunately, those plans aren't even close to fruition. The Washington Post reported that defense contractor Oshkosh has only delivered 93 vehicles so far. [...]

The Washington Post obtained nearly 21,000 government and internal company records and spoke with 20 people familiar with the trucks' manufacturing and design process. Its reporting shows that Oshkosh ran into significant manufacturing delays of the electric NGDVs that caused lower than expected delivery numbers. Some of the anonymous sources said that engineers struggled to calibrate the mail trucks' airbags, and the vehicles' body and internal components are unable to contain water leaks to an alarming degree. The turnaround time for building these new mail trucks is also very slow. The Post reports that the South Carolina factory can only build one truck per day even though Oshkosh hoped it could build at least 80 vehicles a day by now.

Oshkosh also failed to inform the Postal Service about these delays. Four of the background sources say a senior company executive tried to update the Postal Service about these manufacturing issues only to have those efforts blocked by their corporate superiors. An Oshkosh spokesperson said in a statement that the defense contractor is still "fully committed to being a strong and reliable partner" with the Postal Services and insists "we remain on track to meet all delivery deadlines," according to The Post.

An anonymous reader quotes a report from The Hill: Shaun Golden, the sheriff of Monmouth County, N.J., wants feds to get to the bottom of recent mysterious drone activity in his state. Local officials, including Golden, are urging Gov. Phil Murphy (D) to declare a state of emergency. "We continue to urge our governor to press the federal government to put more resources out here," Golden said Thursday on NewsNation's "Dan Abrams Live." "The only way we're going to solve this is by the federal government coming in here and doing full investigations as to what these things are, how their movements are made," he added.

The White House insist that the drones do not represent a threat. The Pentagon also said it currently does not appear that a foreign enemy is behind the mysterious drones in the New Jersey sky. Rep. Jeff Van Drew (R-N.J.) claimed the drones are being launched by an Iranian "mothership," but Pentagon spokesperson Sabrina Singh said during a briefing there is "not any truth to that." With the investigation ongoing, Golden has called for the governor to declare a state of emergency and to issue an executive order banning nighttime use of recreational drones. Even more drone sightings are being reported in New York, Pennsylvania and Maryland, reports NBC News. "What is happening is outrageous. Thousands of drones and unmanned aerial systems flying above us, and our government is not telling us who's operating them and for what purpose," Rep. Nicole Malliotakis, R-N.Y., said a press conference in Staten Island on Friday. "I don't believe that the United States of America, with its military capabilities, does not know what these objects are. And what I'm asking, and what we're all asking, is for you to be straight with us and just tell us what is going on."

A senior official said there have been 79 sightings across New Jersey alone last night. "The sightings -- which occur up to 180 times per night, according to several New Jersey officials -- have remained consistent for nearly a month," adds NBC News.

Police in New Jersey are investigating a possible drone crash in Hillsborough, NJ. Police were called out at approximately 8:35 p.m. but are being extremely tightlipped, referring all questions to the FBI. A reporter asked a firefighter leaving the scene if they found anything and he said that he is not at liberty to say.

Additionally, at least four commercial airline pilots encountered mysterious, colorful circular lights "moving at extreme speeds" through the skies above Oregon this past weekend. You can listen to air traffic control audio archives from Dec. 7 via OregonLive.

German broadcaster Deutsche Welle is reporting that drones were spotted over sensitive military and industrial sites, including the U.S. air base at Ramstein in the western state of Rhineland-Palatinate.

Developing...

Healthcare giant Optum has restricted access to an internal AI chatbot used by employees after a security researcher found it was publicly accessible online, and anyone could access it using only a web browser. TechCrunch: The chatbot, which TechCrunch has seen, allowed employees to ask the company questions about how to handle patient health insurance claims and disputes for members in line with the company's standard operating procedures (SOPs).

While the chatbot did not appear to contain or produce sensitive personal or protected health information, its inadvertent exposure comes at a time when its parent company, health insurance conglomerate UnitedHealthcare, faces scrutiny for its use of artificial intelligence tools and algorithms to allegedly override doctors' medical decisions and deny patient claims.

Mossab Hussein, chief security officer and co-founder of cybersecurity firm spiderSilk, alerted TechCrunch to the publicly exposed internal Optum chatbot, dubbed "SOP Chatbot." Although the tool was hosted on an internal Optum domain and could not be accessed from its web address, its IP address was public and accessible from the internet and did not require users to enter a password.

An anonymous reader quotes a report from CNBC: Legislation was introduced in the Texas House of Representatives on Thursday to establish a strategic bitcoin reserve, which could serve as a proving ground for the U.S. Treasury. The proposed bill would enable the state to start building a strategic bitcoin reserve by accepting taxes, fees and donations in bitcoin that would be held for a minimum of five years, Republican state Rep. Giovanni Capriglione announced on an X Spaces event Thursday.

The Texas bill aims to provide a way to strengthen the state's fiscal stability and establish it as a leader in bitcoin innovation, according to the Satoshi Action Fund, a nonprofit bitcoin advocacy group that worked with Capriglione on the bill. "Probably the biggest enemy of our investments is inflation," Capriglione said. "A strategic bitcoin reserve, investing in bitcoin, would be a win-win for the state." "I just filed the bill ... entitled 'An act relating to the establishment of a bitcoin reserve within the state treasury of Texas and the management of cryptocurrencies by governmental entities,'" he said later. "My goal is to make this bill as big and as broad as possible," Capriglione said. "This initial step is to allow some optionality and flexibility on it, but if I am able to get support from other legislators, we will make it even stronger."

It's "unlikely" a U.S. strategic bitcoin reserve will be established, "but it helps get animal spirits back into the market," Needham's John Todaro told CNBC. He said it's also "unlikely to drive material price gains, as we do not expect the U.S. government will purchase bitcoin in any meaningful capacity, but it's an item that drives excitement and optimism."

An anonymous reader shares a report: BeReal, the in the moment social media platform, is far from its 2022 heyday, but that hasn't stopped one organization from going after it. Austrian advocacy group Noyb has filed a complaint surrounding the platform's data consent banner practices. The organization claims that the banner disappears if users accept that their personal data can inform advertising practices, but if they click reject then the banner appears daily.

Noyb filed its complaint with the French data protection authority (CNIL) as Voodoo, a French company, bought BeReal in June -- the practice in question started in July. "BeReal's daily attempt to pressure its users into accepting the tracking for personalised advertising has a significant impact on user behaviour. Consent given under these circumstances is not freely given, which means it doesn't meet the requirements established in Article 4(11) GDPR," Noyb argued in its complaint. It asked the CNIL to fine BeReal and force it to be compliant.

Photobucket was sued Wednesday after a recent privacy policy update revealed plans to sell users' photos -- including biometric identifiers like face and iris scans -- to companies training generative AI models. From a report: The proposed class action seeks to stop Photobucket from selling users' data without first obtaining written consent, alleging that Photobucket either intentionally or negligently failed to comply with strict privacy laws in states like Illinois, New York, and California by claiming it can't reliably determine users' geolocation.

Two separate classes could be protected by the litigation. The first includes anyone who ever uploaded a photo between 2003 -- when Photobucket was founded -- and May 1, 2024. Another potentially even larger class includes any non-users depicted in photographs uploaded to Photobucket, whose biometric data has also allegedly been sold without consent.

Photobucket risks huge fines if a jury agrees with Photobucket users that the photo-storing site unjustly enriched itself by breaching its user contracts and illegally seizing biometric data without consent. As many as 100 million users could be awarded untold punitive damages, as well as up to $5,000 per "willful or reckless violation" of various statutes.

WP Engine just won a preliminary injunction against WordPress.com parent company Automattic. On Tuesday, a California District Court judge ordered Automattic to stop blocking WP Engine's access to WordPress.org resources and interfering with its plugins. From a report: The preliminary injunction comes after WP Engine, a third-party WordPress hosting service, filed a lawsuit that accused Automattic and its CEO, Matt Mullenweg, of "multiple forms of immediate irreparable harm." It later asked the court to stop Mullenweg from restricting WP Engine's access to WordPress.org.

Mullenweg waged a public campaign against WP Engine in September, accusing the service of misusing the WordPress trademark and not contributing enough to the WordPress community. After blocking WP Engine from WordPress.org's servers, Automattic took control of WP Engine's ACF Plugin.

Over 300 musicians have signed an open letter defending the Internet Archive against a $621 million copyright infringement lawsuit over its preservation of 78 rpm records. The letter, organized by Fight for the Future, opposes the lawsuit filed by major record labels including Universal Music Group and Sony Music.

The labels claim the Archive's Great 78 Project, which digitizes shellac discs from the 1890s-1950s, amounts to widespread copyright infringement. Musicians argue the lawsuit prioritizes corporate profits over artists' interests.

The head of America's FCC "has drafted plans to regulate the cybersecurity of telecommunications companies," reports the Washington Post, and the plans could include financial penalties phone network operators with insufficient security — "the first time the agency has asserted such powers under federal wiretapping law." Rosenworcel said the FCC's authority in this matter comes from Section 105 of the Communications Assistance for Law Enforcement Act [passed in 1994] — a single sentence that stipulates, without elaboration, that telecommunications carriers should ensure systems security "in accordance with regulations prescribed by the Commission." As one of the measures, she is seeking to require network providers to submit an annual certification to the FCC that they are implementing a cybersecurity risk management plan. In addition to imposing fines, the FCC could coordinate with other agencies to pursue criminal penalties against carriers deemed too careless on cybersecurity...

Biden administration officials said voluntary efforts to protect against aggressive Chinese hacking activity have fallen short. "We've had for the last decade voluntary public-private partnership efforts," Neuberger told The Post in a recent interview. "But we continue to see successful breaches, and in many cases, as with ransomware attacks, we continue to see pretty basic cybersecurity practices not being followed." With China's hackers becoming more brazen, pre-positioning themselves in U.S. critical networks, "we need to lock our digital doors," Neuberger said...

Cyber requirements can make a difference, she said. After the Colonial Pipeline ransomware attack in 2021 shut down one of the nation's largest energy pipelines for several days, creating a national security scare, the Transportation Security Administration issued several security directives, and today, all of the country's several dozen critical pipeline companies are in compliance, she said. Similar directives were subsequently issued for rail and aviation sectors, and the compliance rates in those industries are now at 68 and 57 percent respectively, she said.

China-linked spies may still be lurking in U.S. telecommunications networks — but the breach could be much, much wider. In fact, a "couple dozen" countries were hit by the attack, the Wall Street Journal reported this week, citing a top U.S. national security adviser. "Chinese government hackers have compromised telecommunications infrastructure across the globe as part of a massive espionage campaign..." Speaking during a press briefing Wednesday, Anne Neuberger, President Biden's deputy national security adviser for cyber and emerging technology, said the so-called Salt Typhoon campaign is ongoing and that at least eight telecommunications firms in the U.S. had been breached... The Journal previously identified Verizon, AT&T, T-Mobile and Lumen Technologies among the victims... [M]etadata grabs appeared to be "regional" in focus, and were likely a means to identify phone lines of valuable senior government officials, which the hackers then targeted to steal encrypted text messages and listen in on some phone calls, the official said... President-elect Donald Trump, Vice President-elect JD Vance, senior congressional staffers and an array of U.S. security officials were among scores of individuals to have their calls and texts directly targeted, an intelligence-collection coup that likely ensnared their private communications with thousands of Americans, the Journal has reported.

The senior administration official said the global tally of countries victimized was currently believed to be in the "low, couple dozen" but didn't give a precise figure. The global campaign of hacking activity dates back at least a year or two, the official said.
"Neuberger, on the press briefing, said that it wasn't believed that classified communications were accessed in the breaches."

"The U.S. government on Friday ordered testing of the nation's milk supply for bird flu," reports the Associated Press, "to better monitor the spread of the virus in dairy cows." Raw or unpasteurized milk from dairy farms and processors nationwide must be tested on request starting Dec. 16, the Agriculture Department said. Testing will begin in six states — California, Colorado, Michigan, Mississippi, Oregon and Pennsylvania.

Officials said the move is aimed at "containing and ultimately eliminating the virus," known as Type A H5N1, which was detected for the first time in March in U.S. dairy cows. Since then, more than 700 herds have been confirmed to be infected in 15 states. "This will give farms and farmworkers better confidence in the safety of their animals and ability to protect themselves, and it will put us on a path to quickly controlling and stopping the virus' spread nationwide," Agriculture Secretary Tom Vilsack said in a statement.

The risk to people from bird flu remains low, health officials said. Pasteurization, or heat treatment, kills the virus in milk, leaving it safe to drink... At least 58 people in the U.S. have been infected with bird flu, mostly farm workers who became mildly ill after close contact with infected cows, including their milk, or infected poultry.

"TikTok has lost its bid to strike down a law that could result in the platform being banned in the United States," reports CNN.

A U.S. federal appeals court just unanimously ruled in favor of the new U.S. law requiring TikTok's China-based owners to either sell the app next month or face an effective ban in the United States. Denying TikTok's argument that the law was unconstitutional, the judges found that the law does not "contravene the First Amendment to the Constitution of the United States," nor does it "violate the Fifth Amendment guarantee of equal protection of the laws"... After the [January 25] deadline, U.S. app stores and internet services could face hefty fines for hosting TikTok if it is not sold. (Under the legislation, President Biden may issue a one-time extension of the deadline.)

In a statement, TikTok indicated it would appeal the decision. "The Supreme Court has an established historical record of protecting Americans' right to free speech, and we expect they will do just that on this important constitutional issue," said company spokesperson Michael Hughes. "Unfortunately, the TikTok ban was conceived and pushed through based upon inaccurate, flawed and hypothetical information, resulting in outright censorship of the American people. The TikTok ban, unless stopped, will silence the voices of over 170 million Americans here in the US and around the world on January 19th, 2025"....

"People in the United States would remain free to read and share as much PRC propaganda (or any other content) as they desire on TikTok or any other platform of their choosing," the judges said. "What the Act targets is the PRC's ability to manipulate the content covertly. Understood in that way, the Government's justification is wholly consonant with the First Amendment."
The judges also wrote that "in part precisely because of the platform's expansive reach, Congress and multiple Presidents determined that divesting it from the PRC's control is essential to protect our national security... Congress judged it necessary to assume that risk given the grave national-security threats it perceived."

CNN notes that ByteDance "has previously indicated it will not sell TikTok."

The Solana JavaScript SDK "was temporarily compromised yesterday in a supply chain attack," reports BleepingComputer, "with the library backdoored with malicious code to steal cryptocurrency private keys and drain wallets." Solana offers an SDK called "@solana/web3.js" used by decentralized applications (dApps) to connect and interact with the Solana blockchain. Supply chain security firm Socket reports that Solana's Web3.js library was hijacked to push out two malicious versions to steal private and secret cryptography keys to secure wallets and sign transactions... Solana confirmed the breach, stating that one of their publish-access accounts was compromised, allowing the attackers to publish two malicious versions of the library... Solana is warning developers who suspect they were compromised to immediately upgrade to the latest v1.95.8 release and to rotate any keys, including multisigs, program authorities, and server keypairs...

Once the threat actors gain access to these keys, they can load them into their own wallets and remotely drain all stored cryptocurrency and NFTs... Socket says the attack has been traced to the FnvLGtucz4E1ppJHRTev6Qv4X7g8Pw6WPStHCcbAKbfx Solana address, which currently contains 674.86 Solana and varying amounts of the Irish Pepe , Star Atlas, Jupiter, USD Coin, Santa Hat, Pepe on Fire, Bonk, catwifhat, and Genopets Ki tokens. Solscan shows that the estimated value of the stolen cryptocurrency is $184,000 at the time of this writing.

For anyone whose wallets were compromised in this supply chain attack, you should immediately transfer any remaining funds to a new wallet and discontinue the use of the old one as the private keys are now compromised.
Ars Technica adds that "In social media posts, one person claimed to have lost $20,000 in the hack."

The compromised library "receives more than ~350,000 weekly downloads on npm," Socket posted. (Although Solana's statement says the compromised versions "were caught within hours and have since been unpublished."

11 years ago his hard drive ended up in a U.K. landfill — with 8,000 bitcoin. It's now worth $800 million... and James Howell wants it back.

The Guardian reports that his "bid to become extremely rich reached a judge on Tuesday with a team of lawyers arguing that it was still possible to launch a hunt for his missing hard drive containing the bitcoin." They claimed that rather than searching for a "needle in a haystack", the position of the bitcoin hoard had been narrowed down to a small area and there was a "finely tuned" plan to retrieve it... [Howells] has been asking Newport city council for help in getting the hard drive back, and even said he would share the money with the authority, to no avail... James Goudie KC, representing the council, said Howells had no legal claim to the hard drive. He said: "Anything that goes into the landfill goes into the council's ownership."

Goudie said Howells' offer to share some of the bitcoin with Newport council amounted to a bribe. He said: "He is trying to buy something the council is not in a position to sell...." Before the hearing, a spokesperson for Newport council said: "The council has told Mr Howells multiple times that excavation is not possible under our environmental permit and that work of that nature would have a huge negative environmental impact on the surrounding area. "Responding to Mr Howells' baseless claims are costing the council and Newport taxpayers time and money which could be better spent on delivering services."
Howells was 28 when he lost the hard drive, and has said he may as well keep trying to recover it — because he'll always know that it's out there. Howells' legal teams are "working pro bono," the article notes, "on the basis that they get a share of the bitcoin profits if successful..." And TechSpot points out that "There's also the question of whether the data on the drive would still be accessible after more than a decade of sitting under a pile of rotting garbage.

"Howells has a team of data recovery engineers who are also working pro bono..."

Thanks to Slashdot reader jjslash for sharing the news.

The Carnegie Endowment for Peace, a nonpartisan international affairs think tank, points out that when subsea internet cables were cut in November, Europe was more prepared: Where in the past there were no contingency plans for sabotage, there are now more maritime patrols, an attempt to forge deeper intelligence connections, and the beginnings of a new relationship with the private sector...

Even before the October 2023 incident, NATO, the EU, and certain European governments began to increase their efforts to boost subsea cable resilience and security. In February 2023, NATO stood up a new Critical Undersea Infrastructure Coordination Cell in Brussels to convene stakeholders and enhance coordination between the public and private sectors. In July 2023, NATO allies at the Vilnius Summit established a Maritime Center for the Security of Critical Undersea Infrastructure as part of the alliance's Maritime Command in Northwood, UK. In October 2023, after the first incident, NATO defense ministers endorsed a new Digital Ocean Vision, an initiative aimed at improving undersea surveillance. And in February 2024, the European Commission released its first "Recommendation on Secure and Resilient Submarine Cable Infrastructures," encouraging member states to conduct regular stress tests, improve information sharing amongst themselves, and improve cable maintenance and repair capabilities.
The article points out that the Chinese ship suspected in the 2023 cable cutting "ignored requests from Finnish and Estonian authorities to halt" and returned to China. But the Chinese ship suspected in November's cable-cutting "remains in international waters in the Kattegat, with naval and coast guard vessels from Denmark, Germany, and Sweden circling close by." Yet "Under international maritime law, these countries' authorities are not allowed to board..." Current provisions of international law are neither formulated to adequately protect subsea data cables from sabotage nor hold perpetrators accountable. This reality should lead the EU, as a body inherently focused on the resilience of international legal regimes, to push for updates that are better suited for the current geopolitical reality... Lawmakers should also explore ways to increase penalties for subsea cable damage, in part to deter acts of sabotage in the first place....

A forthcoming Carnegie Endowment report will detail more in-depth recommendations on how Europe can both protect itself against future subsea cable damage and help expand trusted networks around the world.
The article also notes that "Of the hundreds of disruptions to cables that occur each year, the vast majority are caused by accidental human activity, like fishing, or natural events, like earthquakes."

In March, 2023 the Internet Archive lost in court, with a judge ruling they couldn't scan entire books and then lend them as ebooks. The Internet Archive appealed to a higher court, which also ruled against them in September of 2024.

Today, the Internet Archive made an announcement: that "While we are deeply disappointed with the Second Circuit's opinion in Hachette v. Internet Archive, the Internet Archive has decided not to pursue Supreme Court review." We will continue to honor the Association of American Publishers agreement to remove books from lending at their member publishers' requests.

We thank the many readers, authors and publishers who have stood with us throughout this fight. Together, we will continue to advocate for a future where libraries can purchase, own, lend and preserve digital books.

America's next president "announced Wednesday he has selected Jared Isaacman, a billionaire businessman and space enthusiast who twice flew to orbit with SpaceX, to become the next NASA administrator," reports Ars Technica: In a post on X, Isaacman said he was "honored" to receive Trump's nomination. "Having been fortunate to see our amazing planet from space, I am passionate about America leading the most incredible adventure in human history," Isaacman wrote. "On my last mission to space, my crew and I traveled farther from Earth than anyone in over half a century. I can confidently say this second space age has only just begun...."

"Jared Isaacman will be an outstanding NASA Administrator and leader of the NASA family," said Jim Bridenstine, who led NASA as administrator during Trump's first term in the White House. "Jared's vision for pushing boundaries, paired with his proven track record of success in private industry, positions him as an ideal candidate to lead NASA into a bold new era of exploration and discovery. I urge the Senate to swiftly confirm him." Lori Garver, NASA's deputy administrator during the Obama administration, wrote on X that Isaacman's nomination was "terrific news," adding that "he has the opportunity to build on NASA's amazing accomplishments to pave our way to an even brighter future."

Isaacman, 41, is the founder and CEO of Shift4, a mobile payment processing platform, and co-founded Draken International, which owns a fleet of retired fighter jets to pose as adversaries for military air combat training... Isaacman, an evangelist for the commercial space industry, has criticized some of NASA's decisions on the Artemis program. In several posts on X, he questioned the agency's decision to fund two redundant lunar landers, while not planning for any backup to the Space Launch System (SLS) rocket, which costs $2.2 billion per copy, not including expenses for ground infrastructure or the Orion spacecraft itself. One of those casualties might be the SLS rocket. The program is managed by NASA, with suppliers spread across the United States and prime contractors working under cost-plus arrangements with the space agency, meaning the government is on the hook to pay for any delays or cost overruns.
If confirmed he'll be the 4th NASA administrator who's actually flown in space, according to the article.

And according to Wikipedia, Isaacman was the commander of Inspiration4, a private spaceflight using SpaceX's Crew Dragon Resilience that launched in 2021. The crew returned to Earth on September 18, 2021, after orbiting at 585 km (364 mi) in altitude. The mission was part of a fundraiser for St. Jude Children's Research Hospital, to which Isaacman pledged to donate $100 million.
Thanks to Slashdot reader FallOutBoyTonto for sharing the news.