An anonymous reader shares a report: The Biden administration is designating two "forever chemicals," man-made compounds that are linked to serious health risks, as hazardous substances under the Superfund law, shifting responsibility for their cleanup to polluters from taxpayers. The new rule announced on Friday empowers the government to force the many companies that manufacture or use perfluorooctanoic acid, also known as PFOA, and perfluorooctanesulfonic acid, known as PFOS, to monitor any releases into the environment and be responsible for cleaning them up. Those companies could face billions of dollars in liabilities.

[...] The announcement follows an extraordinary move last week from the E.P.A. mandating that water utilities reduce the PFAS in drinking water to near-zero levels. The agency has also proposed to designate seven additional PFAS chemicals as hazardous waste. "President Biden understands the threat that forever chemicals pose to the health of families across the country," Michael S. Regan, the administrator of the E.P.A., said. "Designating these chemicals under our Superfund authority will allow E.P.A. to address more contaminated sites, take earlier action, and expedite cleanups, all while ensuring polluters pay for the costs to clean up pollution threatening the health of communities."

schwit1 shares a report from Reuters: Chinese government-linked hackers have burrowed into U.S. critical infrastructure and are waiting "for just the right moment to deal a devastating blow," FBI Director Christopher Wray said on Thursday. An ongoing Chinese hacking campaign known as Volt Typhoon has successfully gained access to numerous American companies in telecommunications, energy, water and other critical sectors, with 23 pipeline operators targeted, Wray said in a speech at Vanderbilt University.

China is developing the "ability to physically wreak havoc on our critical infrastructure at a time of its choosing," Wray said at the 2024 Vanderbilt Summit on Modern Conflict and Emerging Threats. "Its plan is to land low blows against civilian infrastructure to try to induce panic." Wray said it was difficult to determine the intent of this cyber pre-positioning which was aligned with China's broader intent to deter the U.S. from defending Taiwan. [...] Wray said China's hackers operated a series of botnets - constellations of compromised personal computers and servers around the globe - to conceal their malicious cyber activities. Private sector American technology and cybersecurity companies previously attributed Volt Typhoon to China, including reports by security researchers with Microsoft and Google. China's Embassy in Washington said in a statement: "Some in the US have been using origin-tracing of cyberattacks as a tool to hit and frame China, claiming the US to be the victim while it's the other way round, and politicizing cybersecurity issues."

Longtime Slashdot reader SonicSpike shares a report from Reuters: Aerospace and defense company Northrop Grumman is working with SpaceX [...] on a classified spy satellite project already capturing high-resolution imagery of the Earth, according to people familiar with the program. The program, details of which were first reported by Reuters last month, is meant to enhance the U.S. government's ability to track military and intelligence targets from low-Earth orbits, providing high-resolution imagery of a kind that had traditionally been captured mostly by drones and reconnaissance aircraft. The inclusion of Northrop Grumman, which has not been previously reported, reflects a desire among government officials to avoid putting too much control of a highly-sensitive intelligence program in the hands of one contractor, four people familiar with the project told Reuters. 'It is in the government's interest to not be totally invested in one company run by one person,' one of the people said.

It's unclear whether other contractors are involved at present or could join the project as it develops. Northrop Grumman is providing sensors for some of the SpaceX satellites, the people familiar with the project told Reuters. Northrop Grumman, two of the people added, will test those satellites at its own facilities before they are launched. At least 50 of the SpaceX satellites are expected at Northrop Grumman facilities for procedures including testing and the installation of sensors in coming years, one of the people said. In March, Reuters reported that the National Reconnaissance Office, or NRO, in 2021 awarded a $1.8 billion contract to SpaceX for the classified project, a planned network of hundreds of satellites. So far, the people familiar with the project said, SpaceX has launched roughly a dozen prototypes and is already providing test imagery to the NRO, an intelligence agency that oversees development of U.S. spy satellites.

An anonymous reader quotes a report from Ars Technica: The US Constitution's Fifth Amendment protection against self-incrimination does not prohibit police officers from forcing a suspect to unlock a phone with a thumbprint scan, a federal appeals court ruled yesterday. The ruling does not apply to all cases in which biometrics are used to unlock an electronic device but is a significant decision in an unsettled area of the law. The US Court of Appeals for the 9th Circuit had to grapple with the question of "whether the compelled use of Payne's thumb to unlock his phone was testimonial," the ruling (PDF) in United States v. Jeremy Travis Payne said. "To date, neither the Supreme Court nor any of our sister circuits have addressed whether the compelled use of a biometric to unlock an electronic device is testimonial."

A three-judge panel at the 9th Circuit ruled unanimously against Payne, affirming a US District Court's denial of Payne's motion to suppress evidence. Payne was a California parolee who was arrested by California Highway Patrol (CHP) after a 2021 traffic stop and charged with possession with intent to distribute fentanyl, fluorofentanyl, and cocaine. There was a dispute in District Court over whether a CHP officer "forcibly used Payne's thumb to unlock the phone." But for the purposes of Payne's appeal, the government "accepted the defendant's version of the facts, i.e., 'that defendant's thumbprint was compelled.'" Payne's Fifth Amendment claim "rests entirely on whether the use of his thumb implicitly related certain facts to officers such that he can avail himself of the privilege against self-incrimination," the ruling said. Judges rejected his claim, holding "that the compelled use of Payne's thumb to unlock his phone (which he had already identified for the officers) required no cognitive exertion, placing it firmly in the same category as a blood draw or fingerprint taken at booking." "When Officer Coddington used Payne's thumb to unlock his phone -- which he could have accomplished even if Payne had been unconscious -- he did not intrude on the contents of Payne's mind," the court also said.

The US Consumer Financial Protection Bureau (CFPB) has slapped coding boot camp BloomTech -- formerly known as Lambda School -- with several punishments for alleged deceptive business practices. From a report: The business, which claims on its site it will help students land their "dream job" in tech at companies like Amazon, Cisco, and Google, accepted the consent order without admitting or denying any wrongdoing. In an announcement yesterday, the CFPB said it had taken action against BloomTech and its CEO Austen Allred for allegedly not disclosing the true cost of its loans to students and allegedly claiming overoptimistic hiring rates for BloomTech graduates. BloomTech, formerly Lambda School, has operated since 2017 and offers six- to nine-month vocational programs in science and engineering, with a focus on computer technology.

"BloomTech and its CEO sought to drive students toward income share loans that were marketed as risk-free, but in fact carried significant finance charges and many of the same risks as other credit products," said Rohit Chopra, director of the CFPB. With income share loans or income share agreements, BloomTech allowed students to pay tuition later but in exchange had to pay a percentage of their future income, CFPB claimed. The agency alleged that BloomTech explicitly told students that its income share loans (which cost an average of $4k "finance charge" to use) weren't actually loans at all. The CFPB claimed in the settlement order a "significant majority" of students used these loans to finance their education, and alleged each student could end up paying up to $30k of their income to BloomTech to settle the loans. From the CFPB's press release: BloomTech advertised on its website that 71 to 86 percent of students were placed in jobs within six months of graduation, when its non-public reporting to investors consistently showed placement rates closer to 50 percent. Allred tweeted that the school achieved a 100 percent job-placement rate in one of its cohorts, and later acknowledged in a private message that the sample size was just one student.

A jury found Avraham "Avi" Eisenberg guilty on all three counts of fraud and manipulation in a $110 million crypto trade scheme using the Mango Markets platform. Axios: The case was the first known test for a jury to decide whether existing U.S. laws governing fraud and market manipulation apply to the world of decentralized finance (DeFi). The 28-year-old Eisenberg will be held to account for his actions on Oct. 11, 2022, when a series of trades he made intentionally boosted the price of Mango Markets' native token, MNGO, as well as the price of futures contracts.

He used the inflated futures holdings as collateral to borrow other cryptocurrencies on the platform, then quickly withdrew those assets and walked away from his collateral. Eisenberg never disputed the facts of the strategy but contended that what he did was legal and permitted by the DeFi protocol, a principle in the industry known as "code is law." U.S. laws apply to DeFi: "Avraham Eisenberg ran a con," prosecutors said Wednesday, during closing arguments, continuing its momentum from last week. The word "con" was used at least six more times in those remarks.

U.S. lawmakers have moved closer to enacting a countrywide ban on TikTok. From a report: Last month, the House of Representatives passed a bill by a wide margin that would ban distribution of TikTok in U.S. unless TikTok's Chinese parent, ByteDance, sells its ownership in the app within 165 days of the law's enactment. On Wednesday, House Speaker Mike Johnson issued a new proposal that would extend the sale requirement deadline to nine months, with a potential for a 90-day extension -- addressing a key concern of Sen. Maria Cantwell (D-Wash.), chair of the Senate's Commerce, Science and Transportation Committee, that the divestiture timeline was too short.

The revised TikTok ban proposal is tied to a broader bill providing emergency aid for Ukraine and Israel; the House is expected to vote on the measure Saturday, and if it passes would move to the Senate. President Biden has said he will sign the TikTok divest-or-ban legislation into law. On Wednesday evening, Cantwell said she supported the revised TikTok ban bill. "I'm very happy that Speaker Johnson and House leaders incorporated my recommendation to extend the ByteDance divestment period from six months to a year," she said in a statement. "As I've said, extending the divestment period is necessary to ensure there is enough time for a new buyer to get a deal done. I support this updated legislation."

The US Air Force is putting AI in the pilot's seat. In an update on Thursday, the Defense Advanced Research Projects Agency (DARPA) revealed that an AI-controlled jet successfully faced a human pilot during an in-air dogfight test carried out last year. From a report: DARPA began experimenting with AI applications in December 2022 as part of its Air Combat Evolution (ACE) program. It worked to develop an AI system capable of autonomously flying a fighter jet, while also adhering to the Air Force's safety protocols. After carrying out dogfighting simulations using the AI pilot, DARPA put its work to the test by installing the AI system inside its experimental X-62A aircraft. That allowed it to get the AI-controlled craft into the air at the Edwards Air Force Base in California, where it says it carried out its first successful dogfight test against a human in September 2023.

Sweden is the newest nation to sign onto NASA's Artemis Accords -- a series of non-binding bilateral arrangements for peaceful and responsible exploration. Space.com reports: During a signing event in Stockholm on Tuesday (April 16), Swedish Minister for Education Mats Persson penned the agreement alongside U.S. Ambassador Erik D. Ramanathan. "By joining the Artemis Accords, Sweden strengthens its strategic space partnership with the U.S. on space covering areas such as Swedish space research and the space industry, which in turn also strengthens Sweden's total defense capability," Persson said in a NASA statement. The event in Stockholm comes just on the heels of Switzerland's signing of the Artemis Accords the day before. Greece and Uruguay were also included in February. Sweden is now the 38th nation to join the accords, which were established in 2020, as the first Artemis moon launch inched closer to reality.

The Accords mirror principles set out in 1967, as part of the Outer Space Treaty to help govern international cooperation space. NASA is using the refreshed agreement as a guideline for the Artemis program, which aims to send astronauts back to the moon for the first time since Apollo 17, in 1972. In the agency's statement, NASA administrator Bill Nelson welcomed Sweden to the expanding space club. "Our nations have worked together to discover new secrets in our solar system, and now, we welcome you to a global coalition that is committed to exploring the heavens openly, transparently, responsibly, and in peace," Nelson said, adding, "the United States and Sweden share the same bedrock principles, and we're excited to expand these principles to the cosmos."

An anonymous reader quotes a report from The Hill: The House on Wednesday approved a bill that would limit how the government can purchase data from third parties — legislation that scored a vote after negotiations with a group of GOP colleagues who briefly tanked a vote on warrantless spy powers. Dubbed the Fourth Amendment is Not For Sale, the legislation passed 219-199. It requires law enforcement and other government entities to get a warrant before buying information from third-party data brokers who purchase information gleaned from apps. [...] Senior administration officials said the measure would blind U.S. intelligence outfits from getting information easily purchased by foreign intelligence operations.

"In practice, these standards make it impossible for the [intelligence community], law enforcement to acquire a whole host of readily available information that they currently rely on," an administration official said. "Covered customer records as defined in the bill is very broad and includes records pertaining to any U.S. person or indeed any foreigner inside the United States. And as a practical matter, there's often no way to establish whether a particular individual was in the U.S. at a particular time a piece of data was created. Unless you did one thing, which is paradoxically to intrude further into their privacy just to figure out whether you could obtain some data." "It can be impossible to know what's in a data set before one actually obtains a data set," the official continued. "So you'd be barred from getting that which you don't even know."

An anonymous reader quotes a report from Ars Technica: The US AI Safety Institute -- part of the National Institute of Standards and Technology (NIST)—has finally announced its leadership team after much speculation. Appointed as head of AI safety is Paul Christiano, a former OpenAI researcher who pioneered a foundational AI safety technique called reinforcement learning from human feedback (RLHF), but is also known for predicting that "there's a 50 percent chance AI development could end in 'doom.'" While Christiano's research background is impressive, some fear that by appointing a so-called "AI doomer," NIST may be risking encouraging non-scientific thinking that many critics view as sheer speculation.

There have been rumors that NIST staffers oppose the hiring. A controversial VentureBeat report last month cited two anonymous sources claiming that, seemingly because of Christiano's so-called "AI doomer" views, NIST staffers were "revolting." Some staff members and scientists allegedly threatened to resign, VentureBeat reported, fearing "that Christiano's association" with effective altruism and "longtermism could compromise the institute's objectivity and integrity." NIST's mission is rooted in advancing science by working to "promote US innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life." Effective altruists believe in "using evidence and reason to figure out how to benefit others as much as possible" and longtermists that "we should be doing much more to protect future generations," both of which are more subjective and opinion-based. On the Bankless podcast, Christiano shared his opinions last year that "there's something like a 10-20 percent chance of AI takeover" that results in humans dying, and "overall, maybe you're getting more up to a 50-50 chance of doom shortly after you have AI systems that are human level." "The most likely way we die involves -- not AI comes out of the blue and kills everyone -- but involves we have deployed a lot of AI everywhere... [And] if for some reason, God forbid, all these AI systems were trying to kill us, they would definitely kill us," Christiano said.

As head of AI safety, Christiano will seemingly have to monitor for current and potential risks. He will "design and conduct tests of frontier AI models, focusing on model evaluations for capabilities of national security concern," steer processes for evaluations, and implement "risk mitigations to enhance frontier model safety and security," the Department of Commerce's press release said. Christiano has experience mitigating AI risks. He left OpenAI to found the Alignment Research Center (ARC), which the Commerce Department described as "a nonprofit research organization that seeks to align future machine learning systems with human interests by furthering theoretical research." Part of ARC's mission is to test if AI systems are evolving to manipulate or deceive humans, ARC's website said. ARC also conducts research to help AI systems scale "gracefully." "In addition to Christiano, the safety institute's leadership team will include Mara Quintero Campbell, a Commerce Department official who led projects on COVID response and CHIPS Act implementation, as acting chief operating officer and chief of staff," reports Ars. "Adam Russell, an expert focused on human-AI teaming, forecasting, and collective intelligence, will serve as chief vision officer. Rob Reich, a human-centered AI expert on leave from Stanford University, will be a senior advisor. And Mark Latonero, a former White House global AI policy expert who helped draft Biden's AI executive order, will be head of international engagement."

Gina Raimondo, US Secretary of Commerce, said in the press release: "To safeguard our global leadership on responsible AI and ensure we're equipped to fulfill our mission to mitigate the risks of AI and harness its benefits, we need the top talent our nation has to offer. That is precisely why we've selected these individuals, who are the best in their fields, to join the US AI Safety Institute executive leadership team."

The United States Senate is poised to vote on legislation this week that, for the next two years at least, could dramatically expand the number of businesses that the US government can force to eavesdrop on Americans without a warrant. From a report: Some of the nation's top legal experts on a controversial US spy program argue that the legislation, known as the Reforming Intelligence and Securing America Act (RISAA), would enhance the US government's spy powers, forcing a variety of new businesses to secretly eavesdrop on Americans' overseas calls, texts, and email messages. Those experts include a handful of attorneys who've had the rare opportunity to appear before the US government's secret surveillance court.

The Section 702 program, authorized under the Foreign Intelligence Surveillance Act, or FISA, was established more than a decade ago to legalize the government's practice of forcing major telecommunications companies to eavesdrop on overseas calls in the wake of the September 11, 2001, terrorist attacks. On the one hand, the government claims that the program is designed to exclusively target foreign citizens who are physically located abroad; on the other, the government has fiercely defended its ability to access wiretaps of Americans' emails and phone conversations, often years after the fact and in cases unrelated to the reasons the wiretaps were ordered in the first place.

The 702 program works by compelling the cooperation of US businesses defined by the government as "electronic communications service providers" -- traditionally phone and email providers such as AT&T and Google. Members of the House Intelligence Committee, whose leaders today largely serve as lobbyists for the US intelligence community in Congress, have been working to expand the definition of that term, enabling the government to force new categories of businesses to eavesdrop on the government's behalf.

The Justice Department is preparing to sue Live Nation as soon as next month [non-paywalled link], an antitrust challenge that could spur major changes at the biggest name in concert promotion and ticketing. WSJ: The agency is preparing to file an antitrust lawsuit against the Ticketmaster parent in the coming weeks that would allege the nation's biggest concert promoter has leveraged its dominance in a way that undermined competition for ticketing live events, according to people familiar with the matter.

The specific claims the department would allege couldn't be learned. The federal government opted out of trying to block Live Nation and Ticketmaster's 2010 tie up. Since then, the company has faced accusations of exorbitant ticket fees, flawed customer service and anticompetitive practices from lawmakers, regulators and state attorneys general. Critics of the merger say it has stifled competition in ticketing and that the company should be broken up. Live Nation's size and power in concert promotion, ticketing and venues are at the heart of a Justice Department investigation that began in 2022. The investigation gained momentum in November 2022 after Ticketmaster crashed during a fan presale to Taylor Swift's "Eras Tour."

An anonymous reader quotes a report from Electrek: In a major clean energy benchmark, wind, solar, and hydro exceeded 100% of demand on California's main grid for 30 of the past 38 days. Stanford University professor of civil and environmental engineering Mark Z. Jacobson has been tracking California's renewables performance, and he shares his findings on Twitter (X) when the state breaks records. Jacobson notes that supply exceeds demand for "0.25-6 h per day," and that's an important fact. The continuity lies not in renewables running the grid for the entire day but in the fact that it's happening on a consistent daily basis, which has never been achieved before.

At the two-week record mark, Ian Magruder at Rewiring America made this great point on LinkedIn: "And what makes it even better is that California has the largest grid-connected battery storage facility in the world (came online in January ...), meaning those batteries were filling up with excess energy from the sun all afternoon today and are now deploying as we speak to offset a good chunk of the methane gas generation that California still uses overnight." On April 2, the California Independent System Operator (ISO) recommended 26 new transmission projects worth $6.1 billion, with a big number being devoted to offshore wind. In response, Jacobson predicted on April 4 that California will entirely be on renewables and battery storage 24/7 by 2035.

Senator Elizabeth Warren (D-MA) has written a letter to the Federal Trade Commission, saying that TurboTax "continues to relentlessly upsell" customers while also directing them away from services that would otherwise be free. From a report: As noted in the letter, Warren's staff analyzed TurboTax's services using a sample taxpayer and found that the company attempted to upsell the customer eight times during the tax filing process. Warren writes that in "several cases," these solicitations "appear to be efforts to mislead customers into thinking that they must pay the extra fees in order to file their taxes when that is not the case." Some show up as full-screen prompts, forcing users to scroll to the bottom to deny the upgrade.

In one instance, Warren's team found that TurboTax highlighted its $89 tax filing package as "the right option" for their sample taxpayer, leaving the free option at the bottom of the page. After choosing just one upgrade, Warren's staff found that their sample taxpayer with "simple" filing requirements had to pay an extra $69 to report her unemployment income and educator expenses, plus $64 to file Massachusetts state tax returns. That makes for a grand total of $133 -- a sum people wouldn't have to pay through the IRS's free Direct File service, Warren argues.

The Associated Press reports: As their rivalry intensifies, U.S. and Chinese military planners are gearing up for a new kind of warfare in which squadrons of air and sea drones equipped with artificial intelligence work together like swarms of bees to overwhelm an enemy. The planners envision a scenario in which hundreds, even thousands of the machines engage in coordinated battle. A single controller might oversee dozens of drones. Some would scout, others attack. Some would be able to pivot to new objectives in the middle of a mission based on prior programming rather than a direct order.

The world's only AI superpowers are engaged in an arms race for swarming drones that is reminiscent of the Cold War, except drone technology will be far more difficult to contain than nuclear weapons. Because software drives the drones' swarming abilities, it could be relatively easy and cheap for rogue nations and militants to acquire their own fleets of killer robots. The Pentagon is pushing urgent development of inexpensive, expendable drones as a deterrent against China acting on its territorial claim on Taiwan. Washington says it has no choice but to keep pace with Beijing. Chinese officials say AI-enabled weapons are inevitable so they, too, must have them.

The unchecked spread of swarm technology "could lead to more instability and conflict around the world," said Margarita Konaev, an analyst with Georgetown University's Center for Security and Emerging Technology.
"A 2023 Georgetown study of AI-related military spending found that more than a third of known contracts issued by both U.S. and Chinese military services over eight months in 2020 were for intelligent uncrewed systems..." according to the article.

"Military analysts, drone makers and AI researchers don't expect fully capable, combat-ready swarms to be fielded for five years or so, though big breakthroughs could happen sooner."

DOJ-Collected Information Exposed In Data Breach Affecting 340,000 Information Collected An anonymous reader shared this report from Security Week: Economic analysis and litigation support firm Greylock McKinnon Associates, Inc. (GMA) is notifying over 340,000 individuals that their personal and medical information was compromised in a year-old data breach. The incident was detected on May 30, 2023, but it took the firm roughly eight months to investigate and determine what type of information was compromised and to identify the impacted individuals.



According to GMA's notification letter to the affected individuals, a copy of which was submitted to the Maine Attorney General's Office, both personal and Medicare information was compromised in the data breach... "This information may have included your name, date of birth, address, Medicare Health Insurance Claim Number (which contains a Social Security number associated with a member) and some medical information and/or health insurance information," the notification letter reads.

The compromised data, GMA says, was obtained by the US Department of Justice "as part of a civil litigation matter". More than 340,000 individuals were affected by the data breach, the company told the Maine Attorney General's Office. The impacted individuals, however, are "not the subject of this investigation or the associated litigation matters", the company tells the affected individuals.

Foreign Policy magazine visits a U.S. military training exercise that pitted Lt. Isaac McCurdy and his platoon of infantry troops against machines with camera lenses for eyes and sheet metal for skin: Driving on eight screeching wheels and carrying enough firepower on their truck beds to fill a small arms depot, a handful of U.S. Army robots stormed through the battlefield of the fictional city of Ujen. The robots shot up houses where the opposition force hid. Drones that had been loitering over the battlefield for hours hovered above McCurdy and his team and dropped "bombs" — foam footballs, in this case — right on top of them, a perfectly placed artillery shot. Robot dogs, with sensors for heads, searched houses to make sure they were clear.

"If you see the whites of someone's eyes or their sunglasses, [and] you shoot back at that, they're going to have a human response," McCurdy said. "If it's a robot pulling up, shooting something that's bigger than you can carry yourself, and it's not going to just die when you shoot a center mass, it's a very different feeling."

In the United States' next major war, the Army's brass is hoping that robots will be the ones taking the first punch, doing the dirty, dull, and dangerous jobs that killed hundreds — likely thousands — of the more than 7,000 U.S. service members who died during two decades of wars in the Middle East. The goal is to put a robot in the most dangerous spot on the battlefield instead of a 19-year-old private fresh out of basic training... [Several] Army leaders believe that almost every U.S. Army unit, down to the smallest foot patrols, will soon have drones in the sky to sense, protect, and attack. And it won't be long before the United States is deploying ground robots into battle in human-machine teams.
The robots haven't been tested with live ammunition yet — or in colder temperatures, the magazine notes. (And at one point in the exercise, "Army officials jammed themselves, and a swarm of drones dropped out of the sky.) But the U.S. Army is "considering a proposal to add a platoon of robots, the equivalent of 20 to 50 human soldiers, to its armored brigade combat team."

Six generals and several colonels watched the exercise, according to the article, which notes that the ultimate goal isn't to replace all human soldiers. "The point is to get the advantage before China or Russia do."

From the Washington Post: The U.S. government said Thursday that Russian government hackers who recently stole Microsoft corporate emails had obtained passwords and other secret material that might allow them to breach multiple U.S. agencies.

The Cybersecurity and Infrastructure Security Agency, an arm of the Department of Homeland Security, on Tuesday issued a rare binding directive to an undisclosed number of agencies requiring them to change any log-ins that were taken and investigate what else might be at risk. The directive was made public Thursday, after recipients had begun shoring up their defenses. The "successful compromise of Microsoft corporate email accounts and the exfiltration of correspondence between agencies and Microsoft presents a grave and unacceptable risk to agencies," CISA wrote. "This Emergency Directive requires agencies to analyze the content of exfiltrated emails, reset compromised credentials, and take additional steps to ensure authentication tools for privileged Microsoft Azure accounts are secure."
"CISA officials told reporters it is so far unclear whether the hackers, associated with Russian military intelligence agency SVR, had obtained anything from the exposed agencies," according to the article. And the article adds that CISA "did not spell out the extent of any risks to national interests."

But the agency's executive assistant director for cybersecurity did tell the newspaper that "the potential for exposure of federal authentication credentials...does pose an exigent risk to the federal enterprise, hence the need for this directive and the actions therein." Microsoft's Windows operating system, Outlook email and other software are used throughout the U.S. government, giving the Redmond, Washington-based company enormous responsibility for the cybersecurity of federal employees and their work. But the longtime relationship is showing increasing signs of strain.... [T]he breach is one of a few severe intrusions at the company that have exposed many others elsewhere to potential hacking. Another of those incidents — in which Chinese government hackers cracked security in Microsoft's cloud software offerings to steal email from State Department and Commerce Department officials — triggered a major federal review that last week called on the company to overhaul its culture, which the Cyber Safety Review Board cited as allowing a "cascade of avoidable errors."

An anonymous reader quotes a report from Ars Technica: Influential US Senator Sherrod Brown (D-Ohio) has called on U.S. President Joe Biden to ban electric vehicles from Chinese brands. Brown calls Chinese EVs "an existential threat" to the U.S. automotive industry and says that allowing imports of cheap EVs from Chinese brands "is inconsistent with a pro-worker industrial policy." Brown's letter to the president (PDF) is the most recent to sound alarms about the threat of heavily subsidized Chinese EVs moving into established markets. Brands like BYD and MG have been on sale in the European Union for some years now, and last October, the EU launched an anti-subsidy investigation into whether the Chinese government is giving Chinese brands an unfair advantage.

The EU probe won't wrap until November, but another report published this week found that government subsidies for green technology companies are prevalent in China. BYD, which now sells more EVs than Tesla, has benefited from almost $4 billion (3.7 billion euro) in direct help from the Chinese government in 2022, according to a study by the Kiel Institute. Last month, the EU even started paying extra attention to imports of Chinese EVs, issuing a threat of retroactive tariffs that could start being imposed this summer. Chinese EV imports to the EU have increased by 14 percent since the start of its investigation, but they have yet to really begin in the U.S., where there are a few barriers in their way. Chinese batteries make an EV ineligible for the IRS's clean vehicle tax credit, for one thing. And Chinese-made vehicles (like the Lincoln Nautilus, Buick Envision, and Polestar 2) are already subject to a 27.5 percent import tax.

But Chinese EVs are on sale in Mexico already, and that has American automakers worried. Last year, Ford CEO Jim Farley said he saw Chinese automakers "as the main competitors, not GM or Toyota." And in January, Tesla CEO Elon Musk said he believed that "if there are no trade barriers established, they will pretty much demolish most other car companies in the world." [...] It's not just the potential damage to the U.S. auto industry that has prompted this letter. Brown wrote that he is concerned about the risk of China having access to data collected by connected cars, "whether it be information about traffic patterns, critical infrastructure, or the lives of Americans," pointing out that "China does not allow American-made electric vehicles near their official buildings." At the end of February, the Commerce Department also warned of the security risk from Chinese-connected cars and revealed it has launched an investigation into the matter. "When the goal is to dominate a sector, tariffs are insufficient to stop their attack on American manufacturing," Brown wrote. "Instead, the Administration should act now to ban Chinese EVs before they destroy the potential for the U.S. EV market. For this reason, no solution should be left off the table, including the use of Section 421 (China Safeguard) of the Trade Act of 1974, or some other authority."