"A raft of articles have been retracted from publications including Business Insider and Wired in recent month," reports the Washington Post, "with links between them suggesting a possible broader scheme to pass off fake stories that these outlets now suspect were written using artificial intelligence." A Washington Post probe into the retractions found a connection between Onyeka Nwelue, the purported author of one of 38 essays removed this week by Business Insider, and someone using the name Margaux Blanchard, two of whose stories were previously removed by the same outlet. In recent months SFGate, Index on Censorship and Wired also retracted articles under the Blanchard byline, after it was identified as bogus by the British publication Press Gazette...

Business Insider Editor in Chief Jamie Heller explained to staff Tuesday in an email, obtained by The Post, that the report of a phony writer spurred a fuller investigation that turned up dozens of suspicious articles under various bylines. "We recently learned that a freelance contributor misrepresented their identity in two first-person essays written for Business Insider. As soon as this came to light, we took down the essays and began an investigation," Heller said. "As part of this process, we've removed additional first-person essays from the site due to concerns about the authors' identity or veracity. No news articles or videos were found to have this issue." On Tuesday Business Insider removed 38 pieces that had been published under bylines other than Blanchard. Business Insider deleted the author pages of 19 individuals, including Blanchard and Nwelue, and replaced their essays with editor's notes.

The website's investigation involved reviewing "tens of thousands of records," Business Insider spokesperson Ari Isaacman D'Angelo said in a statement to The Post. But it hadn't determined whether artificial intelligence was used to produce the yanked essays, she said, noting that AI-detection tools are often unreliable... Essays under [Nate] Giovanni's byline feature contradictory information. One piece, published in December 2024, refers to the author having two teenage daughters and a two-and-a-half-year-old son. Another, published three months later mentions two sons, aged eight and nine. Pieces that ran in May and July — about house-sitting around the world and applying to PhD programs — make no mention of a family at all...

On Aug. 21, Wired wrote a longer mea culpa about the article it published under Blanchard's name, with the headline "How WIRED Got Rolled by an AI Freelancer." "If anyone should be able to catch an AI scammer, it's WIRED," the publication wrote. ["In fact we do, all the time. Our editors receive transparently AI-generated pitches on a regular basis, and we reject them accordingly..."] "Unfortunately, one got through," referring to a story that ran under Blanchard's byline in May about two people who were married in the video game Minecraft.
The site Index on Censorship also published an article under the Blanchard byline about threats to journalists in Guatemala. "In the age of very intelligent AI it's clear we will have to look at things differently," the site's editor told the Washington Post.

The Post's article notes that one sign the pitches were AI-generated "is that while they sounded interesting, they featured details that were erroneous — including fictitious locales." Reached for a comment, one of the authors told the Post "Don't mention my name in your stupid article," claiming their acocunt was recently "compromised" (though their X.com account had also recently tweeted one of their articles.) But another author emailed the Post from their actual academic email address, saying they had no connection to the Gmail account The Post had been corresponding with. And here's how the person at that Gmail account responded to a follow-up query from the Post.

"What is one to do? With a few savvy prompts, AI could probably generate a 'long-lost' novel by Proust."

Just days before Apple's expected launch of the satellite-enabled Apple Watch Ultra 3, Garmin unveiled its Fenix 8 Pro -- the company's first smartwatch with built-in inReach satellite and cellular connectivity, SOS features, and a blindingly bright 4,500-nit microLED display. MacRumors reports: With inReach, the Fenix 8 Pro can send location check-ins and text messages over satellite using the Garmin Messenger app. There is also included cellular connectivity, so the smartwatch can make phone calls, send 30-second voice messages, and provide LiveTrack links and weather forecasts when an LTE connection is available.

LiveTrack is a feature that allows the wearer's family and friends to keep track of their location during an activity or adventure. For emergencies, there is an SOS feature that will send a message to the Garmin Response center over a satellite or cellular connection. Garmin Response will then communicate with the user, their emergency contacts, and search and rescue organizations to provide help. Garmin says that its Response team has supported over 17,000 inReach incident responses across over 150 countries. The Fenix 8 Pro smartwatch launches September 8, with the AMOLED model starting at $1,200 and the 51mm microLED version priced at $2,000. Both require a paid inReach satellite plan beginning at $7.99 per month for full functionality.

They offer "a self-sustaining power solution for marine regions," according to a newly published 41-page review after "pioneering use in wave energy harvesting in 2014". Ten years later, researchers have developed several structures for these "triboelectric nanogenerators" (TENGs) to "facilitate their commercial deployment." But there's a lack of "comprehensive summaries and performance evaluations".

So the review "distills a decade of blue-energy research into six design pillars" for next-generation technology, writes EurekaAlert, which points the way "to self-powered ocean grids, distributed marine IoT, and even hydrogen harvested from the sea itself..." By "translating chaotic ocean motion into deterministic electron flow," the team "turns every swell, gust and glint of sunlight into dispatchable power — ushering in an era where the sea itself becomes a silent, self-replenishing power plant."

Some insights: - Multilayer stacks, origami folds and magnetic-levitation frames push volumetric power density...three orders of magnitude above first-generation prototypes.

- Frequency-complementary couplings of TENG, EMG and PENG create full-spectrum harvesters that deliver 117 % power-conversion efficiency in real waves.

- Pendulum, gear and magnetic-multiplier mechanisms translate chaotic 0.1-2 Hz swells into stable high-frequency oscillations, multiplying average power 14-fold.

- Resonance-tuned structures now span 0.01-5 Hz, locking onto shifting wave spectra across seasons and sea states.

- Spherical, dodecahedral and tensegrity architectures harvest six-degree-of-freedom motion, eliminating orientational blind spots.

- Single devices co-harvest wave, wind and solar inputs, powering self-charging buoys that cut battery replacement to zero...
Another new wave energy project is moving forward, according to the blog Renewable Energy World: Eco Wave Power, an onshore wave energy technology company, announced that its U.S. pilot project at the Port of Los Angeles has successfully completed operational testing and achieved a new milestone: the lowering of its floaters into the water for the first time. The moment, broadcast live by Good Morning America, follows the finalization of all installation works at the project site, including full installation of all wave energy floaters; connection of hydraulic pipes and supporting infrastructure; and placement of the onshore energy conversion unit.

With installation completed, Eco Wave Power has now officially entered the operational phase of its U.S. excursion... [Inna Braverman, founder and CEO of Eco Wave Power] said "This pilot station is a vital step in demonstrating how wave energy can be harnessed using existing marine infrastructure, while laying the groundwork for full-scale commercialization in the United States...." Eco Wave Power's patented onshore wave energy system attaches floaters to existing marine structures. The up-and-down motion of the waves drives hydraulic cylinders, which send pressurized fluid to a land-based energy conversion unit that generates electricity... The U.S. Department of Energy's National Renewable Energy Laboratory estimates that wave energy has the potential to generate over 1,400 terawatt-hours per year — enough to power approximately 130 million homes.

Eco Wave Power's 404.7 MW global project pipeline also includes upcoming operational sites in Taiwan, India, and Portugal, alongside its grid-connected station in Israel.
Long-time Slashdot reader PongoX11 also brings word of a company building a "simple" floating rig to turn wave motion into electricity, calling it "a steel can that moves water around" and wondering if "This one might work!"

The news site TechEBlog points out that "Unlike old-school wave energy systems with clunky mechanical parts, Ocean-2 rocks a modular, flexible setup that rolls with the ocean's flow." At about 10 meters wide [30 feet wide. and 260 feet long!], it is made from materials designed to (hopefully) withstand the ocean's abuse, over some maintenance cycle. It's designed for deep ocean, so solving this technically is the first big challenge. Figuring out how to use/monetize all that cheap energy out in the middle of nowhere will be the next.
"Ocean-2 works with the ocean, not against it, so we can generate power without messing up marine life," said Panthalassa's CEO, Dr. Elena Martinez, according to TechEBlog: Tests in Puget Sound, done with Everett Ship Repair, showed it pumping out up to 50 kilowatts in decent conditions — enough juice for a small coastal town. "We're thinking big," Martinez said in a press release. "Ocean-2 is just the start, but we're already planning bigger arrays that could crank out gigawatts..." Looking forward, Panthalassa sees Ocean-2 as part of a massive wave energy network. By 2030, they're aiming to roll out arrays that could power whole coastal cities, cutting down on fossil fuel use.

Microsoft has found no link between the August 2025 KB5063878 security update and customer reports of failure and data corruption issues affecting solid-state drives (SSDs) and hard disk drives (HDDs). From a report: Redmond first told BleepingComputer last week that it is aware of users reporting SSD failures after installing this month's Windows 11 24H2 security update. In a subsequent service alert seen by BleepingComputer, Redmond said that it was unable to reproduce the issue on up-to-date systems and began collecting user reports with additional details from those affected.

"After thorough investigation, Microsoft has found no connection between the August 2025 Windows security update and the types of hard drive failures reported on social media," Microsoft said in an update to the service alert this week. "As always, we continue to monitor feedback after the release of every Windows update, and will investigate any future reports."

An anonymous reader quotes a report from 404 Media: 4chan and Kiwi Farms sued the United Kingdom's Office of Communications (Ofcom) over its age verification law in U.S. federal court Wednesday, fulfilling a promise it announced on August 23. In the lawsuit, 4chan and Kiwi Farms claim that threats and fines they have received from Ofcom "constitute foreign judgments that would restrict speech under U.S. law." Both entities say in the lawsuit that they are wholly based in the U.S. and that they do not have any operations in the United Kingdom and are therefore not subject to local laws. Ofcom's attempts to fine and block 4chan and Kiwi Farms, and the lawsuit against Ofcom, highlight the messiness involved with trying to restrict access to specific websites or to force companies to comply with age verification laws.

The lawsuit calls Ofcom an "industry-funded global censorship bureau." "Ofcom's ambitions are to regulate Internet communications for the entire world, regardless of where these websites are based or whether they have any connection to the UK," the lawsuit states. "On its website, Ofcom states that 'over 100,000 online services are likely to be in scope of the Online Safety Act -- from the largest social media platforms to the smallest community forum.'" [...] Ofcom began investigating 4chan over alleged violations of the Online Safety Act in June. On August 13, it announced a provisional decision and stated that 4chan had "contravened its duties" and then began to charge the site a penalty of [roughly $26,000] a day. Kiwi Farms has also been threatened with fines, the lawsuit states. "American citizens do not surrender our constitutional rights just because Ofcom sends us an e-mail. In the face of these foreign demands, our clients have bravely chosen to assert their constitutional rights," said Preston Byrne, one of the lawyers representing 4chan and Kiwi Farms.

"We are aware of the lawsuit," an Ofcom spokesperson told 404 Media. "Under the Online Safety Act, any service that has links with the UK now has duties to protect UK users, no matter where in the world it is based. The Act does not, however, require them to protect users based anywhere else in the world."

"The truly universal properties of languages are not independent of our physiology and cognition," argues the co-author of a new study. Instead he says their research "strengthens the idea that intonation units are a universal feature of language."

Phys.org explains: Have you ever noticed that a natural conversation flows like a dance — pauses, emphases, and turns arriving just in time? A new study has discovered that this isn't just intuition; there is a biological rhythm embedded in our speech...

According to the study, led by Dr. Maya Inbar, alongside Professors Eitan Grossman and Ayelet N. Landau, human speech across the world pulses to the beat of what are called intonation units, short prosodic phrases that occur at a consistent rate of one every 1.6 seconds. The research analyzed over 650 recordings in 48 languages spanning every continent and 27 language families. Using a novel algorithm, the team was able to automatically identify intonation units in spontaneous speech, revealing that regardless of the language spoken, from English and Russian to endangered languages in remote regions, people naturally break their speech into these rhythmic chunks. "These findings suggest that the way we pace our speech isn't just a cultural artifact, it's deeply rooted in human cognition and biology," says Dr. Inbar.

"We also show that the rhythm of intonation units is unrelated to faster rhythms in speech, such as the rhythm of syllables, and thus likely serves a different cognitive role...." Most intriguingly, the low-frequency rhythm they follow mirrors patterns in brain activity linked to memory, attention, and volitional action, illuminating the profound connection between how we speak and how we think.
The work is published in the journal Proceedings of the National Academy of Sciences.

A 22-year-old Oregon man has been charged with operating one of the most powerful botnets ever recorded. The network, known as Rapper Bot, launched over 370,000 DDoS attacks worldwide, including against X, DeepSeek, U.S. tech firms, and even Defense Department systems. It was allegedly operated by Ethan Foltz of Eugene, Oregon. The Wall Street Journal reports: Foltz faces a maximum of 10 years in prison on a charge of abetting computer intrusions, the Justice Department said in a news release. Rapper Bot was made up of tens of thousands of hacked devices and was capable of flooding victims' websites with enough junk internet traffic to knock them offline, an attack known as a distributed denial of service, or DDoS.

In February, the networking company Nokia measured a Rapper Bot attack against a gaming platform at 6.5 trillion bits per second, well above the several hundred million bits a second of the average high-speed internet connection. "This would place Rapper Bot among the most powerful DDoS botnets to have ever existed," said a criminal complaint that the prosecutors filed Tuesday in a federal court in Alaska. Investigators said Rapper Bot's attacks were so powerful that they were able to overwhelm all but the most robust networks.

Foltz allegedly rented out Rapper Bot to paying customers, including gambling website operators who would use the network in extortion attempts, according to the complaint. The botnet was used to launch more than 370,000 attacks in 80 countries, including China, Japan and the U.S., prosecutors said. It launched its attacks from hacked routers, digital video recorders and cameras, not from computers. [...] "At its height, it mobilized tens of thousands of devices, many with no prior role in DDoS," said Jerome Meyer, a researcher with Nokia's Deepfield network-analysis division. "Taking it down removes a major source of the largest attacks we see."

NASA's Lunar Trailblazer mission ended prematurely after losing contact with the satellite just one day post-launch, the agency announced today. Engadget reports: The NASA satellite was part of the IM-2 mission by Intuitive Machines, which took off from a SpaceX Falcon 9 rocket from Kennedy Space Center on February 26 at 7:16PM ET. The Lunar Trailblazer successfully separated from the rocket as planned about 48 minutes after launch. Operators in Pasadena, CA established communication with the satellite at 8:13PM ET, but two-way communication was lost the next day and the team was unable to recover the connection. From the limited data ground teams received before the satellite went dark, the craft's solar arrays were not correctly positioned toward the sun, which caused its batteries to drain. "While it was not the outcome we had hoped for, mission experiences like Lunar Trailblazer help us to learn and reduce the risk for future, low-cost small satellites to do innovative science as we prepare for a sustained human presence on the Moon," said Nicky Fox, associate administrator at NASA Headquarters' Science Mission Directorate. "Thank you to the Lunar Trailblazer team for their dedication in working on and learning from this mission through to the end."

An anonymous reader quotes a report from NPR: Patrick Schlott often finds himself in a cellular dead zone during his drive to work. "You go down the road, you turn the corner and you're behind a mountain and you'll lose cell coverage pretty fast," he says. The 31-year-old electrical engineer says poor reception is a common frustration for residents of Vermont's Orange County. To address this issue, he's providing his community with a new way to stay connected.

Schlott has taken old pay phones, modified them to make free calls, and set them up in three different towns across the county. He buys the phones secondhand from sites like eBay and Craigslist and restores them in his home workshop. With just an internet connection, these phones can make calls anywhere in the U.S. or Canada -- no coins required. And Schlott covers all the operating costs himself. "It's cheap enough where I'm happy just footing the bill," he says. "You know, if I'm spending $20 a month on, say, Netflix, I could do that and provide phone service for the community. And to me, that's way more fun." Hundreds of calls have been made since the first phone was installed back in March last year. "I knew there would be some fringe cases where it would be really helpful," says Schlott. "But I never expected it to get daily use and for people to be this excited about it."

"One of the cornerstones that I want to stick to is, no matter what happens on the backend, the calls will always be free," he says. "And I will figure out a way to make that happen."

IBM's legendary Model M keyboard was sturdy and solid. But "What would happen if you took the classic layout and look of the Model M and rebuilt it with modern mechanical guts?" asks long-time Slashdot reader uninet. Writing for the long-running tech blog Open for Business , they review a new wireless keyboard from Vortex that was clearly inspired by the Model M: The result is a unique keyboard with one foot in two different decades... Let's call it the Vortex M for simplicity's sake.

I first became aware of it on a Facebook ad and was immediately fascinated. It looked so close to the original Model M, I wondered if someone else had gotten access to an original mold and was trying Unicomp's game. No, they've just managed to copy the aesthetic to a nearly uncanny level... The Vortex M eschews the normal eye candy we expect on modern keyboards and attempts the closest duplication of IBM's staid early PC design sensibility I can imagine. Off-white, rugged and absolutely no frills of lighting. If you're looking for cutesy, forget it.

The keyboard's casing has the same highly textured plastic that looks and feels instantly familiar to anyone who spent too many hours interacting with early PCs. Model M to a tee. The keycaps likewise look the part... The Vortex M looks like a Model M. Its build quality feels like a Model M. But one key press and it becomes clear this is a different beast. Underneath the Model M-styled skin, Vortex's keyboard is a very modern design — everything the Unicomp is not. For our test, Vortex provided a keyboard with Cherry MX Blues, the classic clicky option the company and I both thought would best match up against Model M's buckling springs...

Vortex's product configurator offers a variety of common and less common Cherry and Gateron options, if you want to get a different sort of feel in lieu of the clicky I tested. This is possible with an MX switch-style keyboard and impossible with buckling springs with their one option of bold clicky. Not only can this be done when ordering, but also later on, thanks to hot swap switches that allow changes without soldering. Following the modern premium board theme, Vortex paired high end switches with a gasket mount and foam padding. The combination provides a solid feeling, sound dampened typing experience. Ironically, though, for a keyboard that apes the design of perhaps the loudest keyboard on the market today, the Vortex M is (relatively) quiet even with the clicky Blues on tap...
The review's highlights:

• "The keyboard is exquisitely crafted to look like the IBM original... "

• "The Vortex M supports connecting to three different devices via Bluetooth, along with a 2.4 GHz receiver and a USB Type-C wired connection. "

• There's a full complement of media hot keys — "including an emoji key ala recent Macs. "

• "For repetitive tasks, the keyboard is programmable with macros... And unlike Unicomp's boards, Vortex's can switch between PC and Mac layouts with the press of a hotkey."

• The keyboard uses AA batteries rather than having a built-in rechargeable battery

The keyboard ultimately gave the reviewer some cognitive dissonance. "How am I typing on a Model M and not making a racket...?"

"Pricing varies based on options, but as tested, it clocked in at $154. That's the low end of the 'premium' market and this is an exceptional board for that price."

Hackers from the group UNC2891 attempted a high-tech bank heist by physically planting a 4G-enabled Raspberry Pi inside a bank's ATM network, using advanced malware hidden with a never-before-seen Linux bind mount technique to evade detection. "The trick allowed the malware to operate similarly to a rootkit, which uses advanced techniques to hide itself from the operating system it runs on," reports Ars Technica. Although the plot was uncovered before the hackers could hijack the ATM switching server, the tactic showcased a new level of sophistication in cyber-physical attacks on financial institutions. The security firm Group-IB, which detailed the attack in a report on Wednesday, didn't say where the compromised switching equipment was located or how attackers managed to plant the Raspberry Pi. Ars Technica reports: To maintain persistence, UNC2891 also compromised a mail server because it had constant Internet connectivity. The Raspberry Pi and the mail server backdoor would then communicate by using the bank's monitoring server as an intermediary. The monitoring server was chosen because it had access to almost every server within the data center. As Group-IB was initially investigating the bank's network, researchers noticed some unusual behaviors on the monitoring server, including an outbound beaconing signal every 10 minutes and repeated connection attempts to an unknown device. The researchers then used a forensic tool to analyze the communications. The tool identified the endpoints as a Raspberry Pi and the mail server but was unable to identify the process names responsible for the beaconing.

The researchers then captured the system memory as the beacons were sent. The review identified the process as lightdm, a process associated with an open source LightDM display manager. The process appeared to be legitimate, but the researchers found it suspicious because the LightDM binary was installed in an unusual location. After further investigation, the researchers discovered that the processes of the custom backdoor had been deliberately disguised in an attempt to throw researchers off the scent.

[Group-IB Senior Digital Forensics and Incident Response Specialist Nam Le Phuong] explained: "The backdoor process is deliberately obfuscated by the threat actor through the use of process masquerading. Specifically, the binary is named "lightdm", mimicking the legitimate LightDM display manager commonly found on Linux systems. To enhance the deception, the process is executed with command-line arguments resembling legitimate parameters -- for example, lightdm -- session child 11 19 -- in an effort to evade detection and mislead forensic analysts during post-compromise investigations. These backdoors were actively establishing connections to both the Raspberry Pi and the internal Mail Server."

Utilities across the U.S. are demanding tech companies pay larger shares of electricity infrastructure costs as AI drives unprecedented data center construction, creating tensions over who bears the financial burden of grid upgrades.

Virginia utility Dominion Energy received requests from data center developers requiring 40 gigawatts of electricity by the end of 2024, enough to power at least 10 million homes, and proposed measures requiring longer-term contracts and guaranteed payments. Ohio became one of the first states to mandate companies pay more connection costs after receiving power requests exceeding 50 times existing data center usage.

Tech giants Microsoft, Google, and Amazon plan to spend $80 billion, $85 billion, and $100 billion respectively this year on AI infrastructure, while utilities worry that grid upgrade costs will increase rates for residential customers.

Further reading: The AI explosion means millions are paying more for electricity

A recent Echelon firmware update has effectively bricked offline functionality for its smart gym equipment, cutting off compatibility with popular third-party apps like QZ and forcing users to connect to Echelon's servers -- even just to view workout stats. Ars Technica reports: As explained in a Tuesday blog post by Roberto Viola, who develops the "QZ (qdomyos-zwift)" app that connects Echelon machines to third-party fitness platforms, like Peloton, Strava, and Apple HealthKit, the firmware update forces Echelon machines to connect to Echelon's servers in order to work properly. A user online reported that as a result of updating his machine, it is no longer syncing with apps like QZ, and he is unable to view his machine's exercise metrics in the Echelon app without an Internet connection. Affected Echelon machines reportedly only have full functionality, including the ability to share real-time metrics, if a user has the Echelon app active and if the machine is able to reach Echelon's servers.

Viola wrote: "On startup, the device must log in to Echelon's servers. The server sends back a temporary, rotating unlock key. Without this handshake, the device is completely bricked -- no manual workout, no Bluetooth pairing, no nothing." Because updated Echelon machines now require a connection to Echelon servers for some basic functionality, users are unable to use their equipment and understand, for example, how fast they're going without an Internet connection. If Echelon were to ever go out of business, the gym equipment would, essentially, get bricked. Viola told Ars Technica that he first started hearing about problems with QZ, which launched in 2020, at the end of 2024 from treadmill owners. He said a firmware update appears to have rolled out this month on Echelon bikes that bricks QZ functionality. In his blog, Viola urged Echelon to let its machines send encrypted data to another device, like a phone or a tablet, without the Internet. He wrote: "Users bought the bike; they should be allowed to use it with or without Echelon's services."

"The U.S. is absolutely facing the most serious Chinese hacking ever." That's what the Washington Post was told by a China-focused consultant at security company SentinelOne: Undeterred by recent indictments alleging widespread cyberespionage against American agencies, journalists and infrastructure targets, Chinese hackers are hitting a wider range of targets and battling harder to stay inside once detected, seven current and former U.S. officials said in interviews. Hacks from suspected Chinese government actors detected by the security firm CrowdStrike more than doubled from 2023 to more than 330 last year and continued to climb as the new administration took over, the company said... Although the various Chinese hacking campaigns seem to be led by different government agencies and have different goals, all benefit from new techniques and from Beijing's introduction of a less constrained system for cyber offense, the officials and outside researchers told The Washington Post... Chinese intelligence, military and security agencies previously selected targets and tasked their own employees with breaking in, they said. But the Chinese government decided to take a more aggressive approach by allowing private industry to conduct cyberattacks and hacking campaigns on their own, U.S. officials said.

The companies are recruiting top hackers who discover previously unknown, or "zero-day," flaws in software widely used in the United States. Then the companies search for where the vulnerable programs are installed, hack a great many of them at once, and then sell access to multiple Chinese government customers and other security companies. That hacking-for-hire approach creates hundreds of U.S. victims instead of a few, making it hard to block attacks and to decide which were China's key targets and which were unintentionally caught in the hacks, an FBI official said, speaking on the condition of anonymity to follow agency practices... "The result of that incentive structure is that there is significantly more hacking...."

China has mastered the ability to move undetected through networks of compromised U.S. devices, so that the final connection to a target appears to be an ordinary domestic connection. That makes it easy to get around technology that blocks overseas links and puts it outside the purview of the National Security Agency, which by law must avoid scrutinizing most domestic transmissions. Beijing is increasingly focused on hacking software and security vendors that provide access to many customers at once, the FBI official said. Once access is obtained, the hackers typically add new email and collaboration accounts that look legitimate... Beyond the increased government collaboration with China's private security sector is occasional collaborating with criminal groups, said Ken Dunham, an analyst at the security firm Qualys.
The article notes that China's penetration of U.S. telecom carriers "is still not fully contained, according to the current and former officials." But in addition, the group behind that attack "has more recently shown up inside core communications infrastructure in Europe, according to John Carlin, a former top national security official in the Justice Department who represents some U.S. victims of the group." And documents leaked last year from a security contractor that works with the Chinese military and other government groups "described contracts and targets in 20 countries, with booty including Indian immigration data, logs of calls in South Korea, and detailed information on roads in Taiwan.

"It also detailed prices for some services, such as $25,000 for promised remote access to an iPhone, payment disputes with government customers and employee gripes about long hours..."

An anonymous reader quotes a report from Ars Technica: Samuel Herman and Alexander Baciu never liked using Comcast's cable broadband. Now, the residents of Saline, Michigan, operate a fiber Internet service provider that competes against Comcast in their neighborhoods and has ambitions to expand. "All throughout my life pretty much, I've had to deal with Xfinity's bullcrap, them not being able to handle the speeds that we need," Herman told Ars. "I lived in a house of 10. I have seven other brothers and sisters, and there's 10 of us in total with my parents." With all those kids using the Internet for school and other needs, "it just doesn't work out," he said. Herman was particularly frustrated with Comcast upload speeds, which are much slower than the cable service's download speeds. "Many times we would have to call Comcast and let them know our bandwidth was slowing down... then they would say, 'OK, we'll refresh the system.' So then it would work again for a week to two weeks, and then again we'd have the same issues," he said. Herman, now 25, got married in 2021 and started building his own house, and he tried to find another ISP to serve the property. He was familiar with local Internet service providers because he worked in construction for his father's company, which contracts with ISPs to build their networks. But no fiber ISP was looking to compete directly against Comcast where he lived, though Metronet and 123NET offer fiber elsewhere in the city, Herman said. He ended up paying Comcast $120 a month for gigabit download service with slower upload speeds. Baciu, who lives about a mile away from Herman, was also stuck with Comcast and was paying about the same amount for gigabit download speeds.

Herman said he was the chief operating officer of his father's construction company and that he shifted the business "from doing just directional drilling to be a turnkey contractor for ISPs." Baciu, Herman's brother-in-law (having married Herman's oldest sister), was the chief construction officer. Fueled by their knowledge of the business and their dislike of Comcast, they founded a fiber ISP called Prime-One. Now, Herman is paying $80 a month to his own company for symmetrical gigabit service. Prime-One also offers 500Mbps for $75, 2Gbps for $95, and 5Gbps for $110. The first 30 days are free, and all plans have unlimited data and no contracts. "We are 100 percent fiber optic," Baciu told Ars. "Everything that we're doing is all underground. We're not doing aerial because we really want to protect the infrastructure and make sure we're having a reliable connection." Each customer's Optical Network Terminal (ONT) and other equipment is included in the service plan. Prime-One provides a modem and the ONT, plus a Wi-Fi router if the customer prefers not to use their own router. They don't charge equipment or installation fees, Herman and Baciu said.

Prime-One began serving customers in January 2025, and Baciu said the network has been built to about 1,500 homes in Saline with about 75 miles of fiber installed. Prime-One intends to serve nearby towns as well, with the founders saying the plan is to serve 4,000 homes with the initial build and then expand further. [...] A bit more than 100 residents have bought service so far, they said. Herman said the company is looking to sign up about 30 percent of the homes in its network area to make a profit. "I feel fairly confident," Herman said, noting the number of customers who signed up with the initial construction not even halfway finished.