Kina

https://www.nrk.no/stor-oslo/ruters-egne-tester-viser_-oslos-elbusser-kan-fjernstyres-1.17629321

Ruter tok bussene fra hverandre og undersøkte dem i et rom der signaler ble isolert.

Der fant de ut at de kinesiske elbussene kan tas kontroll over av produsenten.

Ifølge Ruter har produsenten fjerntilgang til dette på hver enkelt buss:

• Pogramvareoppdatering
• Diagnostikk
• Styringssystem for batteri- og kraftforsyning

«I teorien kan bussen derfor stoppes eller gjøres ubrukelig av produsenten,» melder Ruter.

https://www.nbcnews.com/tech/security/us-officials-urge-americans-use-encrypted-apps-cyberattack-rcna182694

Amid an unprecedented cyberattack on telecommunications companies such as AT&T and Verizon, U.S. officials have recommended that Americans use encrypted messaging apps to ensure their communications stay hidden from foreign hackers.

The hacking campaign, nicknamed Salt Typhoon by Microsoft, is one of the largest intelligence compromises in U.S. history, and it has not yet been fully remediated. Officials on a news call Tuesday refused to set a timetable for declaring the country’s telecommunications systems free of interlopers. Officials had told NBC News that China hacked AT&T, Verizon and Lumen Technologies to spy on customers.

https://www.nrk.no/innlandet/ekspert-advarer-mot-kinesiske-elbiler-_-forsvaret-har-ingen-begrensninger-1.17138704

Mange tusen kinesiske biler ruller nå på norske veier. Sikkerhetsekspert advarer om potensialet for overvåkning som finnes i disse bilene.

[…]

I prosjektet de kaller «Lion Cage», som har fått omtale både internasjonalt og i Norge, har de gått grundig gjennom hvordan bilen fungerer, hva slags data den samler inn og hvor den sender dem.

– Vi finner forbausende mye datatrafikk mellom bilen og Kina. Det var en overraskelse. Vi hadde ikke forventa det, sier han.

Prosjektet har funnet ut at bilen kommuniserer med USA, Canada, Kina, men også Russland og Australia.

– Og så ser vi også hvor mye data som sendes. Det er ganske interessant. Selv om bilen er slått av, så vil bilen kommunisere.

[…]

Årsaken til at sikkerhetsekspertene har sett så grundig på de kinesiske bilene er den kinesiske etterretningsloven.

Den tolkes av mange som at ethvert kinesisk selskap må samarbeide med myndighetene når de blir bedt om det.

https://www.abc.net.au/news/2024-10-04/robot-vacuum-hacked-photos-camera-audio/104414020

The largest home robotics company in the world has failed to fix security issues with its robot vacuums despite being warned about them last year.

Without even entering the building, we were able to silently take photos of the (consenting) owner of a device made by Chinese giant Ecovacs.

…

Ecovacs initially said its users “do not need to worry excessively” about Giese’s findings.

After he first revealed the vulnerability in public, the company’s security committee downplayed the issue, saying it requires “specialised hacking tools and physical access to the device”.

It’s hard to square their statement with the reality. All it had taken was my $300 smartphone, and I hadn’t even laid eyes on Sean’s robot until after hacking into it.

Ecovacs eventually said it would fix this security issue. At the time of publication, only some models have been updated to prevent this attack.

Several models — including the latest flagship model released in July this year — remain vulnerable.

https://www.theguardian.com/world/2024/feb/05/hong-kong-company-deepfake-video-conference-call-scam

Police investigate after employee tricked into transferring money to fraudsters posing as senior officers of her firm

https://arstechnica.com/security/2024/01/hackers-can-id-unique-apple-airdrop-users-chinese-authorities-claim-to-do-just-that/

Chinese authorities recently said they’re using an advanced encryption attack to de-anonymize users of AirDrop in an effort to crack down on citizens who use the Apple file-sharing feature to mass-distribute content that’s outlawed in that country.

https://www.schneier.com/blog/archives/2024/01/tiktok-editorial-analysis.html

TikTok seems to be skewing things in the interests of the Chinese Communist Party.

https://www.theguardian.com/business/2023/dec/04/sellafield-nuclear-site-hacked-groups-russia-china

It is still not known if the malware has been eradicated. It may mean some of Sellafield’s most sensitive activities, such as moving radioactive waste, monitoring for leaks of dangerous material and checking for fires, have been compromised.

Sources suggest it is likely foreign hackers have accessed the highest echelons of confidential material at the site, which sprawls across 6 sq km (2 sq miles) on the Cumbrian coast and is one of the most hazardous in the world.

Sellafield covers 6 sq km on the Cumbrian coast and is one of the most hazardous nuclear sites in the world. Photograph: David Levene/The Guardian
The full extent of any data loss and any ongoing risks to systems was made harder to quantify by Sellafield’s failure to alert nuclear regulators for several years, sources said.

https://pxlnv.com/linklog/problem-with-jon-stewart-ending/

Apple is a big, sprawling conglomerate. If it cannot handle Stewart’s inquiries about China or our machine learning future, I think it should ask itself why that is, and whether those criticisms have merit.

https://www.theverge.com/2023/10/10/23911803/utah-tiktok-child-addiction-china-deception-lawsuit

Utah’s consumer protection division alleges that TikTok misrepresents itself as independent of China and is designed to ‘hook users’ into its endless feed.