Data on nearly 8 million T-Mobile customers was stolen by a hacker, the company said late Tuesday.
A preliminary analysis also signaled that information on just over 40 million additional people who applied for credit from T-Mobile was also stolen.
No phone numbers, account numbers, PINs, passwords, or financial information was compromised for most people, according to the company. However, the phone numbers, account PINS, and names of about 850,000 prepaid customers were exposed.
The discovery came after a hacker claimed in an online forum this month that they had stolen data from T-Mobile.
The company became aware of the claim and launched an investigation.
Cybersecurity experts tapped by T-Mobile identified an access point believed to be used by the hacker and closed it.
This week, experts verified that some data was accessed by hackers, and began coordinating with law enforcement.
“While our investigation is still underway and we continue to learn additional details, we have now been able to confirm that the data stolen from our systems did include some personal information,” the company said.
The stolen data includes customer names, dates of birth, social security numbers, and driver’s license information.
T-Mobile is now offering two years of free identity protection services and plans to publish a webpage soon that includes recommendations for what current, former, and prospective customers should do in the wake of the breach. . . .
Florida Republican Sen. Marco Rubio on Tuesday called for the banning of Chinese video sharing platform TikTok after China acquired a stake and board seat in a subsidiary of the platform’s parent company.
Rubio issued a statement demanding President Joe Biden block the app from U.S. mobile devices, citing the Chinese government’s recent acquisition of a 1% stake and one of three board seats in Beijing ByteDance Technology, a subsidiary of TikTok parent company ByteDance. The subsidiary owns licenses to operate video-sharing platform Douyin and news service Toutiao within China.
“The Biden Administration can no longer pretend that TikTok is not beholden to the Chinese Communist Party,” Rubio said. “President Biden must take immediate action to remove ByteDance and TikTok from the equation.”
The Trump administration attempted to ban TikTok in August 2020, claiming China was using the app to illegally harvest user data, but the ban was never enforced due to several court orders. Biden repealed the ban in June 2021, instead directing the Commerce Department to evaluate the platform and determine whether it posed a national security or economic risk. . . .
When Apple announced new technology that will check its US iCloud service for known child sexual abuse images, it was met with fierce criticism over worries that the feature could be abused for broad government surveillance. Faced with public resistance, Apple insisted that its technology can be held accountable.
“Security researchers are constantly able to introspect what’s happening in Apple’s [phone] software,” Apple vice president Craig Federighi said in an interview with the Wall Street Journal. “So if any changes were made that were to expand the scope of this in some way—in a way that we had committed to not doing—there’s verifiability, they can spot that that’s happening.”
Apple is suing a company that makes software to let security researchers do exactly that.
In 2019, Apple filed a lawsuit against Corellium, which lets security researchers cheaply and easily test mobile devices by emulating their software, rather than requiring them to access the physical devices. The software, which also emulates Android devices, is sometimes used to fix those problems—but it has also been used to sell or exploit the flaws.
In the lawsuit, Apple argued that Corellium violated its copyrights, enabled the sale of software exploits used for hacking, and shouldn’t exist. The startup countered by saying that its use of Apple’s code was a classic protected case of fair use. The two-year case was reportedly settled just last week—days after news of the company’s CSAM technology became public.
On Monday, Corellium announced a $15,000 grant for a program it is specifically promoting as a way to look at iPhones under a microscope and hold Apple accountable. On Tuesday, Apple filed an appeal to continue the lawsuit.
In an interview with MIT Technology Review, Corellium’s chief operating officer Matt Tait said that Federighi’s comments do not match reality.
“That’s a very cheap thing for Apple to say,” he says. “There is a lot of heavy lifting happening in that statement.”
“iOS is designed in a way that’s actually very difficult for people to do inspection of system services.”
He is not the only one disputing Apple’s position.
“Apple is exaggerating a researcher’s ability to examine the system as a whole,” says David Thiel, chief technology officer at Stanford’s Internet Observatory. Thiel, the author of a book called iOS Application Security, tweeted that the Californian company spends heavily to prevent the same thing it claims is possible.
“It requires a convoluted system of high-value exploits, dubiously sourced binaries, and outdated devices,” he wrote. “Apple has spent vast sums specifically to prevent this and make such research difficult.”
If you wanted to see exactly how Apple’s complex new tech works, you can’t simply look inside the operating system on the iPhone that you just bought at the store. The company’s “walled garden” approach to security has helped solve some fundamental problems, but it also means that the phone is designed to keep out visitors—whether they’re wanted or not.
(Android phones, meanwhile, are fundamentally different. While iPhones are famously locked down black boxes, all you need to do to unlock Android is plug in a USB device, install developer tools, and gain the top-level root access.)
Apple’s locked-down approach means researchers are left locked in a never-ending battle with the company to try and gain the level of insight they require.
There are a few ways that Apple and security researchers can potentially verify that no government is weaponizing the company’s new child safety features, however.
Apple could hand over the code for review—though this is not something it has said it will do. Researchers can also try to reverse engineer the feature in a “static” manner—that is, without executing the actual programs in a live environment.
Realistically, however, all of those options have at least one major problem in common: They don’t allow you to look at the code running live on an up-to-date iPhone to see how it actually works in the wild. Instead, these methods still rely on trust not merely that Apple is being open and honest, but also that it has written the code without any significant errors and oversights.
Another option would be to grant access to the system to members of Apple’s security research device program in order to verify the company’s statements. But that group, made up of researchers outside of Apple, is a highly exclusive, constrained program with so many rules on what researchers can say or do that it doesn’t necessarily solve the problem of trust.
That leaves really only two options for researchers who want to peer inside iPhones for this kind of thing. First, hackers can jailbreak old iPhones using a zero-day vulnerability. That’s difficult, expensive, and can be shut down with a security patch.
“Apple has spent a lot of money trying to prevent people from being able to jailbreak phones,” Thiel explains. “They’ve specifically hired people from the jailbreaking community to make jailbreaking more difficult.”
Or a researcher can use a virtual iPhone that can turn Apple’s security features off. In practice, that means Corellium.
There are also limits as to what any security researcher will be able to observe, but a researcher might be able to spot if the scanning goes outside of photos being shared to iCloud.
However, if non-child abuse material makes it into the databases, that would be invisible to researchers. To address that question, Apple says it will require two separate child protection organizations in distinct jurisdictions to both have the same CSAM image in their own databases. But it offered few details about how that would work, who would run the databases, which jurisdictions would be involved, and what the ultimate sources of the database would be.
Thiel points out that the child abuse material problem that Apple is trying to solve is real.
“It’s not a theoretical concern,” Thiel says. “It’s not something that people bring up just as an excuse to implement surveillance. It is an actual problem that is widespread and needs addressing. The solution is not like getting rid of these kinds of mechanisms. It’s making them as impermeable as possible to future abuse.”
But, says Corellium’s Tait, Apple is trying to be simultaneously locked down and transparent.
“Apple is trying to have their cake and eat it too,” says Tait, a former information security specialist for the British intelligence service GCHQ.
“With their left hand, they make jailbreaking difficult and sue companies like Corellium to prevent them from existing. Now with their right hand, they say, ‘Oh, we built this really complicated system and it turns out that some people don’t trust that Apple has done it honestly—but it’s okay because any security researcher can go ahead and prove it to themselves.’”
“I’m sitting here thinking, what do you mean that you can just do this? You’ve engineered your system so that they can’t. The only reason that people are able to do this kind of thing is despite you, not thanks to you.”
Apple did not respond to a request for comment. . . .
Carl Trueman is a distinguished scholar, bestselling author and ordained Presbyterian minister. On Aug. 7 he gave a series of talks to the Sacramento Gospel Conference, live-streamed on the YouTube channel of Immanuel Baptist Church. Twice during the event, the live broadcast was booted off the air. Viewers were informed that the first interruption was due to a copyright violation, possibly the result of Christian music that the conference organizers played during a break. But in the second, more mysterious instance, Mr. Trueman’s presentation went dark because of a “content violation.”
Was this an intervention by a human being or an algorithm on automatic pilot? Neither Mr. Trueman nor Immanuel Baptist has been told. Equally unclear is the specific nature of the alleged content violation. Nothing in Mr. Trueman’s talks encouraged hatred, vulgarity or violence. On the contrary, he offered a thoughtful analysis of American cultural attitudes toward sex through the lens of classic Christian thought, citing sources from Freud to the philosophers Rousseau and Charles Taylor.
Mr. Trueman is understandably worried that religious speech is being censored online. So are many other religious believers. And for good reason: We sense that the First Amendment guarantee of religious liberty is being dismantled, and with it the profound contributions that religion makes to American unity and self-government.
Today’s sexual politics function as a new kind of fundamentalism, one that presents a deep problem to a diverse and democratic society. Instead of encouraging the dialogue of democratic process, the fundamentalists seek to impose their own rigid certitude unilaterally. On matters ranging from foster care and education to gender ideology and the family, this new fundamentalism is displacing the moral convictions that once grounded U.S. culture. The result isn’t a more compassionate and liberal society; it’s a more punitive one.
Social Media enables the new fundamentalism, enforced by the mysterious rules of Big Tech’s quasimonopoly. On public sidewalks, the First Amendment still theoretically protects free speech. In the new public square of the internet, power displaces liberty and conscience.
Huawei senior executive Meng Wanzhou’s actions were part of a “coordinated plan” that exposed international bank HSBC to risks of economic prejudice, penalties, and losses, said a lawyer for Canada’s attorney general.
Robert Frater told the British Columbia Supreme Court that HSBC was entitled to make decisions about providing financial services based on “honest and forthright information,” but that opportunity was denied by Meng, whose “artful” presentation to the bank in 2013 omitted critical information about Huawei’s control over Skycom, a company that sold computer equipment in Iran.
Frater said the omission put the bank at risk of violating U.S. sanctions against Iran, and therefore amounted to fraud.
“The fact that other Huawei employees made similar representations to other banks shows in our submission a coordinated plan of reassurance of lenders, with Ms. Meng as an integral part of that plan of reassurance,” Frater said.
Meng and Huawei have denied all allegations of misleading HSBC. . . .
Facebook announced Thursday that it will invest $800 million to build a data center in Mesa, Ariz., the company’s first in the state.
The facility, which will operate largely by solar power, is set to be completed in about two years and will house routers, switches, servers, storage systems and other equipment, according to the Arizona Republic.
In addition, Facebook said the new building will use 60 percent less water than the average data center, according to The Associated Press.
A spokesperson for the tech giant, Melanie Roe said that construction is starting now and will last a couple of years, according to the Republic. The facility, when fully functioning, will employ culinary staff, engineers, security and technicians among other workers.
Rachel Petersen, Facebook’s vice president of infrastructure, said the social media platform selected Mesa to house the new data center based on available talent, infrastructure, renewable energy development and support from state and local authorities. In a study by Business Facilities, Phoenix ranked third among U.S. cities for data centers, behind Northern Virginia and Chicago.
Mesa is just outside of Phoenix. . . .
After nearly two years of wrangling, the country’s three major drug distributors and a pharmaceutical giant have reached a $26 billion deal with states that would release some of the biggest companies in the industry from all legal liability in the opioid epidemic, a decades-long public health crisis that has killed hundreds of thousands of Americans.
The agreement, announced Wednesday afternoon by a bipartisan group of state attorneys general, lays the framework for billions of dollars to begin flowing into communities across the country for addiction treatment, prevention services and other steep expenses from the epidemic.
If the agreement is finalized, thousands of local governments as well as states would drop lawsuits against the companies and also pledge not to bring any future action.
The deal comes as the addiction crisis is worsening. Overdose deaths from opioids hit a record high in 2020, the Centers for Disease Control and Prevention reported earlier this month, a rise driven partly by the isolation and shutdown of services during the coronavirus pandemic. In all, more than 500,000 have died from overdoses to prescription and illegal street opioids since 1999, according to federal data.
“The urgency of the problem continues,” said Attorney General Herbert H. Slatery III of Tennessee at the news conference announcing the deal. “It’s just relentless.” Tennessee, whose own spike in opioid deaths was particularly sharp in 2020, could receive more than $500 million if the agreement is finalized.
The four companies that would be bound by the settlement — Johnson & Johnson and the drug distributors Cardinal Health, AmerisourceBergen and McKesson — are widely seen as having some of the deepest pockets among the corporate opioid defendants and this agreement was eagerly anticipated as a major pillar in the national litigation.
‘It’s NOT a competition’: Jeff Bezos says he’s not racing Branson and Musk to space and they’re all working to create a space ‘industry’ with plans for internet satellites, tourist flights and moving pollution away from Earth
- Bezos told Gayle King on Tuesday he is not competing against SpaceX and Virgin Galactic
- He said there was room in space for all of them and that it would become an ‘industry’
- Bezos wants to create reusable, operable capsules and rockets that will allow industries to be moved to space
- He says it’ll save the planet by protecting its fragile environment from pollution
- Virgin boss Richard Branson wants to establish space tourism with flights to the edge of earth’s atmosphere
- Elon Musk wants to colonize Mars and set up broadband internet satellites
- Branson was the first of the three to go to space on his VSS Unity earlier this year
- Musk hasn’t yet made it but SpaceX has sent two teams of astronauts up
EXCLUSIVE: House Republicans Demand Answers From Biden Over Work With Facebook To Flag ‘Disinformation’
Republican Arizona Rep. Andy Biggs wrote a Wednesday letter to President Joe Biden demanding answers from the White House regarding their work with Facebook to flag posts deemed disinformation.
Biggs was joined by twelve other House Republicans, who signed the letter. In it, they mention the White House’s “tyrannical decision” to monitor and flag Facebook posts of U.S. citizens. White House Press Secretary Jen Psaki announced Thursday that the White House is working with Facebook to flag disinformation on vaccines and that it is also asking Facebook to share data on the reach and engagement of posts that have been deemed disinformation.
“We’re flagging problematic posts for Facebook that spread disinformation,” Psaki said in the briefing.
The lawmakers called the news “abhorrent to all freedom- loving Americans.” Adding, that it “is antithetical to America’s founding and is more in line with the authoritarian regimes in Russia, China, and Cuba. You must immediately stop these actions and fire all federal employees who worked with Facebook to implement this policy.”
In the letter, they ask Biden a list of questions and ask for a response by August 1. . . .
Below Is Foundational Information On Some Of The Issues With Big Tech
'Google’s China rapproachment has been spearheaded by Pichai, Google’s current CEO, a 46-year-old Indian-American who took the helm in October 2015. At a June 2016 conference in southern California, Pichai made his intentions clear. “I care about servicing users globally in every corner. Google is for everyone,” he said. “We want to be in China serving Chinese users.”' Google Employees have been warning us about China and Google under Pichai, for years. The censorship chickens have been coming home to roost ever since. Say hello to Dragonfly.
DRAGONFLY HAS COME TO AMERICA
Wondering Why Censorship Has Increased In America? Dragonfly, Censorship Through Algorithms and Human Surveillance, Has Landed Across All Platforms. “Many of us accepted employment at Google with the company’s values in mind, including its previous position on Chinese censorship and surveillance, and an understanding that Google was a company willing to place its values above its profits. After a year of disappointments including Project Maven, Dragonfly, and Google’s support for abusers, we no longer believe this is the case. This is why we’re taking a stand.”
FACEBOOK USERS ARE 'DUMB FUCKS'
~ Mark Zuckerberg
'In another exchange leaked to Silicon Alley Insider, Zuckerberg explained to a friend that his control of Facebook gave him access to any information he wanted on any Harvard student:
Zuck: yea so if you ever need info about anyone at harvard
Zuck: just ask
Zuck: i have over 4000 emails, pictures, addresses, sns
Friend: what!? how’d you manage that one?
Zuck: people just submitted it
Zuck: i don’t know why
Zuck: they “trust me”
Zuck: dumb fucks'